aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2019-07-06nss: only cache valid CRL entriesDaniel Gustafsson
Change the logic around such that we only keep CRLs that NSS actually ended up caching around for later deletion. If CERT_CacheCRL() fails then there is little point in delaying the freeing of the CRL as it is not used. Closes https://github.com/curl/curl/pull/4053
2019-07-06lib: Use UTF-8 encoding in commentsGergely Nagy
Some editors and IDEs assume that source files use UTF-8 file encodings. It also fixes the build with MSVC when /utf-8 command line option is used (this option is mandatory for some other open-source projects, this is useful when using the same options is desired for building all libraries of a project). Closes https://github.com/curl/curl/pull/4087
2019-06-30docs: Fix links to OpenSSL docsJay Satiro
OpenSSL changed their manual locations and does not redirect to the new locations. Bug: https://curl.haxx.se/mail/lib-2019-06/0056.html Reported-by: Daniel Stenberg
2019-06-26openssl: disable engine if OPENSSL_NO_UI_CONSOLE is definedDaniel Stenberg
... since that needs UI_OpenSSL() which isn't provided when OpenSSL is built with OPENSSL_NO_UI_CONSOLE which happens when OpenSSL is built for UWP (with "VC-WIN32-UWP"). Reported-by: Vasily Lobaskin Fixes #4073 Closes #4077
2019-06-25win32: make DLL loading a no-op for UWPDaniel Stenberg
Reported-by: Michael Brehm Fixes #4060 Closes #4072
2019-06-24http: clarify header buffer size calculationDaniel Gustafsson
The header buffer size calculation can from static analysis seem to overlow as it performs an addition between two size_t variables and stores the result in a size_t variable. Overflow is however guarded against elsewhere since the input to the addition is regulated by the maximum read buffer size. Clarify this with a comment since the question was asked. Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-06-24http2: call done_sending on end of uploadDaniel Stenberg
To make sure a HTTP/2 stream registers the end of stream. Bug #4043 made me find this problem but this fix doesn't correct the reported issue. Closes #4068
2019-06-24c-ares: honor port numbers in CURLOPT_DNS_SERVERSJames Brown
By using ares_set_servers_ports_csv on new enough c-ares. Fixes #4066 Closes #4067
2019-06-23multi: enable multiplexing by default (again)Daniel Stenberg
It was originally made default in d7c4213bd0c (7.62.0) but mistakenly reverted in commit 2f44e94efb3d (7.65.0). Now enabled again. Closes #4051
2019-06-21http2: don't call stream-close on already closed streamsDaniel Stenberg
Closes #4055
2019-06-20system_win32: fix typoGisle Vanem
2019-06-18configure: --disable-progress-meterDaniel Stenberg
Builds libcurl without support for the built-in progress meter. Closes #4023
2019-06-18netrc: Return the correct error code when out of memorySteve Holme
Introduced in 763c5178. Closes #4036
2019-06-18config-os400: add getpeername and getsockname definesDaniel Stenberg
Reported-by: jonrumsey on github Fixes #4037 Closes #4039
2019-06-18openssl: fix pubkey/signature algorithm detection in certinfoGergely Nagy
Certinfo gives the same result for all OpenSSL versions. Also made printing RSA pubkeys consistent with older versions. Reported-by: Michael Wallner Fixes #3706 Closes #4030
2019-06-17conn_maxage: move the check to prune_dead_connections()Daniel Stenberg
... and avoid the locking issue. Reported-by: Kunal Ekawde Fixes #4029 Closes #4032
2019-06-17openssl: remove outdated commentDaniel Gustafsson
OpenSSL used to call exit(1) on syntax errors in OPENSSL_config(), which is why we switched to CONF_modules_load_file() and introduced a comment stating why. This behavior was however changed in OpenSSL commit abdd677125f3a9e3082f8c5692203590fdb9b860, so remove the now outdated and incorrect comment. The mentioned commit also declares OPENSSL_config() deprecated so keep the current coding. Closes #4033 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-06-16os400: make vsetopt() non-static as Curl_vsetopt() for os400 support.Patrick Monnerat
Use it in curl_easy_setopt_ccsid(). Reported-by: jonrumsey on github Fixes #3833 Closes #4028
2019-06-14multi: fix the transfer hash functionDaniel Stenberg
Follow-up from 8b987cc7eb Reported-by: Tom van der Woerdt Fixes #4018 Closes #4024
2019-06-13krb5: fix compiler warningMarcel Raad
Even though the variable was used in a DEBUGASSERT, GCC 8 warned in debug mode: krb5.c:324:17: error: unused variable 'maj' [-Werror=unused-variable] Just suppress the warning and declare the variable unconditionally instead of only for DEBUGBUILD (which also missed the check for HAVE_ASSERT_H). Closes https://github.com/curl/curl/pull/4020
2019-06-12multi: fix the transfer hashes in the socket hash entriesDaniel Stenberg
- The transfer hashes weren't using the correct keys so removing entries failed. - Simplified the iteration logic over transfers sharing the same socket and they now simply are set to expire and thus get handled in the "regular" timer loop instead. Reported-by: Tom van der Woerdt Fixes #4012 Closes #4014
2019-06-12url: Fix CURLOPT_MAXAGE_CONN time comparisonCliff Crosland
Old connections are meant to expire from the connection cache after CURLOPT_MAXAGE_CONN seconds. However, they actually expire after 1000x that value. This occurs because a time value measured in milliseconds is accidentally divided by 1M instead of by 1,000. Closes https://github.com/curl/curl/pull/4013
2019-06-11http2: remove CURL_DISABLE_TYPECHECK defineDaniel Stenberg
... in http2-less builds as it served no use.
2019-06-11wolfssl: fix key pinning build errorDaniel Stenberg
follow-up from deb9462ff2de8
2019-06-10wolfssl: fixup for SNI useDaniel Stenberg
follow-up from deb9462ff2de8 Closes #4007
2019-06-10wolfssl: refer to it as wolfSSL onlyDaniel Stenberg
Remove support for, references to and use of "cyaSSL" from the source and docs. wolfSSL is the current name and there's no point in keeping references to ancient history. Assisted-by: Daniel Gustafsson Closes #3903
2019-06-10bindlocal: detect and avoid IP version mismatches in bind()Daniel Stenberg
Reported-by: Alex Grebenschikov Fixes #3993 Closes #4002
2019-06-10multi: make sure 'data' can present in several sockhash entriesDaniel Stenberg
Since more than one socket can be used by each transfer at a given time, each sockhash entry how has its own hash table with transfers using that socket. In addition, the sockhash entry can now be marked 'blocked = TRUE'" which then makes the delete function just set 'removed = TRUE' instead of removing it "for real", as a way to not rip out the carpet under the feet of a parent function that iterates over the transfers of that same sockhash entry. Reported-by: Tom van der Woerdt Fixes #3961 Fixes #3986 Fixes #3995 Fixes #4004 Closes #3997
2019-06-09unpause: trigger a timeout for event-based transfersDaniel Stenberg
... so that timeouts or other state machine actions get going again after a changing pause state. For example, if the last delivery was paused there's no pending socket activity. Reported-by: sstruchtrup on github Fixes #3994 Closes #4001
2019-06-05build: fix Codacy warningsMarcel Raad
Reduce variable scopes and remove redundant variable stores. Closes https://github.com/curl/curl/pull/3975
2019-06-04ssl: Update outdated "openssl-only" comments for supported backendsFrank Gevaerts
These are for features that used to be openssl-only but were expanded over time to support other SSL backends. Closes #3985
2019-06-02NTLM: reset proxy "multipass" state when CONNECT request is doneSergey Ogryzkov
Closes #3972
2019-06-02http: don't parse body-related headers bodyless responsesMichael Kaufmann
Responses with status codes 1xx, 204 or 304 don't have a response body. For these, don't parse these headers: - Content-Encoding - Content-Length - Content-Range - Last-Modified - Transfer-Encoding This change ensures that HTTP/2 upgrades work even if a "Content-Length: 0" or a "Transfer-Encoding: chunked" header is present. Co-authored-by: Daniel Stenberg Closes #3702 Fixes #3968 Closes #3977
2019-06-01singlesocket: use separate variable for inner loopDaniel Stenberg
An inner loop within the singlesocket() function wrongly re-used the variable for the outer loop which then could cause an infinite loop. Change to using a separate variable! Reported-by: Eric Wu Fixes #3970 Closes #3973
2019-05-30http2: Stop drain from being permanently set onJosie Huddleston
Various functions called within Curl_http2_done() can have the side-effect of setting the Easy connection into drain mode (by calling drain_this()). However, the last time we unset this for a transfer (by calling drained_transfer()) is at the beginning of Curl_http2_done(). If the Curl_easy is reused for another transfer, it is then stuck in drain mode permanently, which in practice makes it unable to write any data in the new transfer. This fix moves the last call to drained_transfer() to later in Curl_http2_done(), after the functions that could potentially call for a drain. Fixes #3966 Closes #3967 Reported-by: Josie-H
2019-05-29conncache: Remove the DEBUGASSERT on length checkSteve Holme
We trust the calling code as this is an internal function. Closes #3962
2019-05-29system_win32: fix function prototypeGisle Vanem
- Change if_nametoindex parameter type from char * to const char *. Follow-up to 09eef8af from this morning. Bug: https://github.com/curl/curl/commit/09eef8af#r33716067
2019-05-29url: Load if_nametoindex() dynamically from iphlpapi.dll on WindowsSteve Holme
This fixes the static dependency on iphlpapi.lib and allows curl to build for targets prior to Windows Vista. This partially reverts 170bd047. Fixes #3960 Closes #3958
2019-05-29http: fix "error: equality comparison with extraneous parentheses"Daniel Stenberg
2019-05-28parse_proxy: make sure portptr is initializedDaniel Stenberg
Reported-by: Benbuck Nason fixes #3959
2019-05-28url: default conn->port to the same as conn->remote_portDaniel Stenberg
... so that it has a sensible value when ConnectionExists() is called which needs it set to differentiate host "bundles" correctly on port number! Also, make conncache:hashkey() use correct port for bundles that are proxy vs host connections. Probably a regression from 7.62.0 Reported-by: Tom van der Woerdt Fixes #3956 Closes #3957
2019-05-28conncache: make "bundles" per host name when doing proxy tunnelsDaniel Stenberg
Only HTTP proxy use where multiple host names can be used over the same connection should use the proxy host name for bundles. Reported-by: Tom van der Woerdt Fixes #3951 Closes #3955
2019-05-28multi: track users of a socket betterDaniel Stenberg
They need to be removed from the socket hash linked list with more care. When sh_delentry() is called to remove a sockethash entry, remove all individual transfers from the list first. To enable this, each Curl_easy struct now stores a pointer to the sockethash entry to know how to remove itself. Reported-by: Tom van der Woerdt and Kunal Ekawde Fixes #3952 Fixes #3904 Closes #3953
2019-05-28curl-win32.h: Enable Unix Domain Sockets based on the Windows SDK versionSteve Holme
Microsoft added support for Unix Domain Sockets in Windows 10 1803 (RS4). Rather than expect the user to enable Unix Domain Sockets by uncommenting the #define that was added in 0fd6221f we use the RS4 pre-processor variable that is present in newer versions of the Windows SDK. Closes #3939
2019-05-28cmake: support CMAKE_OSX_ARCHITECTURES when detecting SIZEOF variablesJonas Vautherin
Closes #3945
2019-05-27nss: allow to specify TLS 1.3 ciphers if supported by NSSHubert Kario
Closes #3916
2019-05-25Revert all SASL authzid (new feature) commitsJay Satiro
- Revert all commits related to the SASL authzid feature since the next release will be a patch release, 7.65.1. Prior to this change CURLOPT_SASL_AUTHZID / --sasl-authzid was destined for the next release, assuming it would be a feature release 7.66.0. However instead the next release will be a patch release, 7.65.1 and will not contain any new features. After the patch release after the reverted commits can be restored by using cherry-pick: git cherry-pick a14d72c a9499ff 8c1cc36 c2a8d52 0edf690 Details for all reverted commits: Revert "os400: take care of CURLOPT_SASL_AUTHZID in curl_easy_setopt_ccsid()." This reverts commit 0edf6907ae37e2020722e6f61229d8ec64095b0a. Revert "tests: Fix the line endings for the SASL alt-auth tests" This reverts commit c2a8d52a1356a722ff9f4aeb983cd4eaf80ef221. Revert "examples: Added SASL PLAIN authorisation identity (authzid) examples" This reverts commit 8c1cc369d0c7163c6dcc91fd38edfea1f509ae75. Revert "curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool" This reverts commit a9499ff136d89987af885e2d7dff0a066a3e5817. Revert "sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID" This reverts commit a14d72ca2fec5d4eb5a043936e4f7ce08015c177.
2019-05-24sectransp: handle errSSLPeerAuthCompleted from SSLRead()Daniel Stenberg
Reported-by: smuellerDD on github Fixes #3932 Closes #3933
2019-05-24Fix typo.Gisle Vanem
2019-05-23md4: include the mbedtls config.h to get the MD4 infoDaniel Stenberg