aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2015-03-16Bug #149: Deletion of unnecessary checks before calls of the function "free"Markus Elfring
The function "free" is documented in the way that no action shall occur for a passed null pointer. It is therefore not needed that a function caller repeats a corresponding check. http://stackoverflow.com/questions/18775608/free-a-null-pointer-anyway-or-check-first This issue was fixed by using the software Coccinelle 1.0.0-rc24. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
2015-03-16connect: Fix happy eyeballs logic for IPv4-only buildsJay Satiro
Bug: https://github.com/bagder/curl/pull/168 (trynextip) - Don't try the "other" protocol family unless IPv6 is available. In an IPv4-only build the other family can only be IPv6 which is unavailable. This change essentially stops IPv4-only builds from attempting the "happy eyeballs" secondary parallel connection that is supposed to be used by the "other" address family. Prior to this change in IPv4-only builds that secondary parallel connection attempt could be erroneously used by the same family (IPv4) which caused a bug where every address after the first for a host could be tried twice, often in parallel. This change fixes that bug. An example of the bug is shown below. Assume MTEST resolves to 3 addresses 127.0.0.2, 127.0.0.3 and 127.0.0.4: * STATE: INIT => CONNECT handle 0x64f4b0; line 1046 (connection #-5000) * Rebuilt URL to: http://MTEST/ * Added connection 0. The cache now contains 1 members * STATE: CONNECT => WAITRESOLVE handle 0x64f4b0; line 1083 (connection #0) * Trying 127.0.0.2... * STATE: WAITRESOLVE => WAITCONNECT handle 0x64f4b0; line 1163 (connection #0) * Trying 127.0.0.3... * connect to 127.0.0.2 port 80 failed: Connection refused * Trying 127.0.0.3... * connect to 127.0.0.3 port 80 failed: Connection refused * Trying 127.0.0.4... * connect to 127.0.0.3 port 80 failed: Connection refused * Trying 127.0.0.4... * connect to 127.0.0.4 port 80 failed: Connection refused * connect to 127.0.0.4 port 80 failed: Connection refused * Failed to connect to MTEST port 80: Connection refused * Closing connection 0 * The cache now contains 0 members * Expire cleared curl: (7) Failed to connect to MTEST port 80: Connection refused The bug was born in commit bagder/curl@2d435c7.
2015-03-15closesocket: call multi socket cb on close even with custom closeFrank Meier
In function Curl_closesocket() in connect.c the call to Curl_multi_closed() was wrongly omitted if a socket close function (CURLOPT_CLOSESOCKETFUNCTION) is registered. That would lead to not removing the socket from the internal hash table and not calling the multi socket callback appropriately. Bug: http://curl.haxx.se/bug/view.cgi?id=1493
2015-03-14hostip: Fix signal race in Curl_resolv_timeout.Tobias Stoeckmann
A signal handler for SIGALRM is installed in Curl_resolv_timeout. It is configured to interrupt system calls and uses siglongjmp to return into the function if alarm() goes off. The signal handler is installed before curl_jmpenv is initialized. This means that an already installed alarm timer could trigger the newly installed signal handler, leading to undefined behavior when it accesses the uninitialized curl_jmpenv. Even if there is no previously installed alarm available, the code in Curl_resolv_timeout itself installs an alarm before the environment is fully set up. If the process is sent into suspend right after that, the signal handler could be called too early as in previous scenario. To fix this, the signal handler should only be installed and the alarm timer only be set after sigsetjmp has been called.
2015-03-14http2: detect prematures close without data transferedDaniel Stenberg
... by using the regular Curl_http_done() method which checks for that. This makes test 1801 fail consistently with error 56 (which seems fine) to that test is also updated here. Reported-by: Ben Darnell Bug: https://github.com/bagder/curl/issues/166
2015-03-12openssl: use colons properly in the ciphers listDaniel Stenberg
While the previous string worked, this is the documented format. Reported-by: Richard Moore
2015-03-12openssl: sort the ciphers on strengthDaniel Stenberg
This makes curl pick better (stronger) ciphers by default. The strongest available ciphers are fine according to the HTTP/2 spec so an OpenSSL built curl is no longer rejected by string HTTP/2 servers. Bug: http://curl.haxx.se/bug/view.cgi?id=1487
2015-03-12openssl: show the cipher selection to useDaniel Stenberg
2015-03-12http: always send Host: header as first headerDaniel Stenberg
...after the method line: "Since the Host field-value is critical information for handling a request, a user agent SHOULD generate Host as the first header field following the request-line." / RFC 7230 section 5.4 Additionally, this will also make libcurl ignore multiple specified custom Host: headers and only use the first one. Test 1121 has been updated accordingly Bug: http://curl.haxx.se/bug/view.cgi?id=1491 Reported-by: Rainer Canavan
2015-03-11mk-ca-bundle bugfix: Don't report SHA1 numbers with "-q".Alexander Pepper
Also unified printing to STDERR by creating the helper method "report".
2015-03-11proxy: re-use proxy connections (regression)Daniel Stenberg
When checking for a connection to re-use, a proxy-using request must check for and use a proxy connection and not one based on the host name! Added test 1421 to verify Bug: http://curl.haxx.se/bug/view.cgi?id=1492
2015-03-10gtls: correctly align certificate status verification messagesAlessandro Ghedini
2015-03-10gtls: don't print double newline after certificate datesAlessandro Ghedini
2015-03-10gtls: print negotiated TLS version and full cipher suite nameAlessandro Ghedini
Instead of priting cipher and MAC algorithms names separately, print the whole cipher suite string which also includes the key exchange algorithm, along with the negotiated TLS version.
2015-03-10gtls: fix compiler warningsDaniel Stenberg
2015-03-10gtls: add support for CURLOPT_CAPATHAlessandro Ghedini
2015-03-07multi: fix *getsock() with CONNECTDaniel Stenberg
The code used some happy eyeballs logic even _after_ CONNECT has been sent to a proxy, while the happy eyeball phase is already (should be) over by then. This is solved by splitting the multi state into two separate states introducing the new SENDPROTOCONNECT state. Bug: http://curl.haxx.se/mail/lib-2015-01/0170.html Reported-by: Peter Laser
2015-03-07conncontrol: only log changes to the connection bitDaniel Stenberg
2015-03-07http2: use CURL_HTTP_VERSION_* symbols instead of NPN_*Daniel Stenberg
Since they already exist and will make comparing easier
2015-03-07http2: make the info-message about receiving HTTP2 headers debug-onlyDaniel Stenberg
2015-03-07urldata: remove unused asked_for_h2 fieldAlessandro Ghedini
2015-03-07polarssl: make it possible to enable ALPN/NPN without HTTP2Alessandro Ghedini
2015-03-07nss: make it possible to enable ALPN/NPN without HTTP2Alessandro Ghedini
2015-03-07gtls: make it possible to enable ALPN/NPN without HTTP2Alessandro Ghedini
2015-03-07openssl: make it possible to enable ALPN/NPN without HTTP2Alessandro Ghedini
2015-03-06urldata: fix gnutls buildDaniel Stenberg
2015-03-05multi: fix memory-leak on timeout (regression)Daniel Stenberg
Since 1342a96ecfe0d44, a timeout detected in the multi state machine didn't necesarily clear everything up, like formpost data. Bug: https://github.com/bagder/curl/issues/147 Reported-by: Michel Promonet Patched-by: Michel Promonet
2015-03-05openssl: remove all uses of USE_SSLEAYDaniel Stenberg
SSLeay was the name of the library that was subsequently turned into OpenSSL many moons ago (1999). curl does not work with the old SSLeay library since years. This is now reflected by only using USE_OPENSSL in code that depends on OpenSSL.
2015-03-03vtls: use curl_printf.h all overDaniel Stenberg
No need to use _MPRINTF_REPLACE internally.
2015-03-03mprintf.h: remove #ifdef CURLDEBUGDaniel Stenberg
... and as a consequence, introduce curl_printf.h with that re-define magic instead and make all libcurl code use that instead.
2015-02-27http2: Return error if stream was closed with other than NO_ERRORTatsuhiro Tsujikawa
Previously, we just ignored error code passed to on_stream_close_callback and just return 0 (success) after stream closure even if stream was reset with error. This patch records error code in on_stream_close_callback, and return -1 and use CURLE_HTTP2 error code on abnormal stream closure.
2015-02-25http2: return recv error on unexpected EOFDaniel Stenberg
Pointed-out-by: Tatsuhiro Tsujikawa Bug: http://curl.haxx.se/bug/view.cgi?id=1487
2015-02-25http2: move lots of verbose output to be debug-onlyDaniel Stenberg
2015-02-25nss: do not skip Curl_nss_seed() if data is NULLKamil Dudka
In that case, we only skip writing the error message for failed NSS initialization (while still returning the correct error code).
2015-02-25nss: improve error handling in Curl_nss_random()Kamil Dudka
The vtls layer now checks the return value, so it is no longer necessary to abort if a random number cannot be provided by NSS. This also fixes the following Coverity report: Error: FORWARD_NULL (CWE-476): lib/vtls/nss.c:1918: var_compare_op: Comparing "data" to null implies that "data" might be null. lib/vtls/nss.c:1923: var_deref_model: Passing null pointer "data" to "Curl_failf", which dereferences it. lib/sendf.c:154:3: deref_parm: Directly dereferencing parameter "data".
2015-02-25Revert "telnet.c: fix handling of 0 being returned from custom read function"Marc Hoersken
This reverts commit 03fa576833643c67579ae216c4e7350fa9b5f2fe.
2015-02-25telnet.c: fix invalid use of custom read function if not being setMarc Hoersken
obj_count can be 1 if the custom read function is set or the stdin handle is a reference to a pipe. Since the pipe should be handled using the PeekNamedPipe-check below, the custom read function should only be used if it is actually enabled.
2015-02-24telnet.c: fix handling of 0 being returned from custom read functionMarc Hoersken
According to [1]: "Returning 0 will signal end-of-file to the library and cause it to stop the current transfer." This change makes the Windows telnet code handle this case accordingly. [1] http://curl.haxx.se/libcurl/c/CURLOPT_READFUNCTION.html
2015-02-23connect: wait for IPv4 connection attemptsKamil Dudka
... even if the last IPv6 connection attempt has failed. Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1187531#c4
2015-02-23connect: avoid skipping an IPv4 addressKamil Dudka
... in case the protocol versions are mixed in a DNS response (IPv6 -> IPv4 -> IPv6). Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1187531#c3
2015-02-20configure: allow both --with-ca-bundle and --with-ca-pathJulian Ospald
SSL_CTX_load_verify_locations by default (and if given non-Null parameters) searches the CAfile first and falls back to CApath. This allows for CAfile to be a basis (e.g. installed by the package manager) and CApath to be a user configured directory. This wasn't reflected by the previous configure constraint which this patch fixes. Bug: https://github.com/bagder/curl/pull/139
2015-02-20cmake: install the dll file to the correct directoryBen Boeckel
2015-02-19nss: fix NPN/ALPN protocol negotiationAlessandro Ghedini
Correctly check for memcmp() return value (it returns 0 if the strings match). This is not really important, since curl is going to use http/1.1 anyway, but it's still a bug I guess.
2015-02-19polarssl: fix ALPN protocol negotiationAlessandro Ghedini
Correctly check for strncmp() return value (it returns 0 if the strings match).
2015-02-19gtls: fix build with HTTP2Alessandro Ghedini
2015-02-16Makefile.vc6: Corrected typos in rename of darwinssl.objSteve Holme
2015-02-15By request, change the name of "curl_darwinssl.[ch]" to "darwinssl.[ch]"Nick Zitzmann
2015-02-12openssl: fix a compile-time warningKamil Dudka
lib/vtls/openssl.c:1450:7: warning: extra tokens at end of #endif directive
2015-02-11openssl: Use OPENSSL_IS_BORINGSSL for BoringSSL detectionSteve Holme
For consistency with other conditionally compiled code in openssl.c, use OPENSSL_IS_BORINGSSL rather than HAVE_BORINGSSL and try to use HAVE_BORINGSSL outside of openssl.c when the OpenSSL header files are not included.
2015-02-11ftp: accept all 2xx responses to the PORT commandPatrick Monnerat