| Age | Commit message (Collapse) | Author |
|---|
|
Closes #4547
|
|
Closes #4552
|
|
- Open the CA file using FILE_SHARE_READ mode so that others can read
from it as well.
Prior to this change our schannel code opened the CA file without
sharing which meant concurrent openings (eg an attempt from another
thread or process) would fail during the time it was open without
sharing, which in curl's case would cause error:
"schannel: failed to open CA file".
Bug: https://curl.haxx.se/mail/lib-2019-10/0104.html
Reported-by: Richard Alcock
|
|
... as it can make it wait there for a long time for no good purpose.
Patched-by: Jay Satiro
Reported-by: Bylon2 on github
Adviced-by: Nikos Mavrogiannopoulos
Fixes #4487
Closes #4541
|
|
This is the common pattern used in the code and by a unified approach we
avoid mistakes.
Closes #4534
|
|
... or risk DoH memory leaks.
Reported-by: Paul Dreik
Fixes #4463
Closes #4527
|
|
On macOS/BSD, trying to call sendto on a connected UDP socket fails
with a EISCONN error. Because the singleipconnect has already called
connect on the socket when we're trying to use it for QUIC transfers
we need to use plain send instead.
Fixes #4529
Closes https://github.com/curl/curl/pull/4533
|
|
The ngtcp2 QUIC backend was using the MSG_DONTWAIT flag for send/recv
in order to perform nonblocking operations. On Windows this flag does
not exist. Instead, the socket must be set to nonblocking mode via
ioctlsocket.
This change sets the nonblocking flag on UDP sockets used for QUIC on
all platforms so the use of MSG_DONTWAIT is not needed.
Fixes #4531
Closes #4532
|
|
Fixes #4518
Closes #4519
|
|
Added test case 338 to verify.
Reported-by: Daniel Silverstone
Fixes #4499
Closes #4514
|
|
... and thus should return 0, not EAGAIN.
Reported-by: Tom van der Woerdt
Fixes #4496
Closes #4505
|
|
To make sure that transfer is being dealt with. Streams without
Content-Length need a final read to notice the end-of-stream state.
Reported-by: Tom van der Woerdt
Fixes #4496
|
|
The URL extracted with CURLINFO_EFFECTIVE_URL was returned as given as
input in most cases, which made it not get a scheme prefixed like before
if the URL was given without one, and it didn't remove dotdot sequences
etc.
Added test case 1907 to verify that this now works as intended and as
before 7.62.0.
Regression introduced in 7.62.0
Reported-by: Christophe Dervieux
Fixes #4491
Closes #4493
|
|
With MinGW-w64, `curl_socket_t` is is a 32 or 64 bit unsigned integer,
while `read` expects a 32 bit signed integer.
Use `sread` instead of `read` to use the correct parameter type.
Closes https://github.com/curl/curl/pull/4483
|
|
With MinGW-w64 using WinSock, `curl_socklen_t` is signed, while the
result of `sizeof` is unsigned.
Closes https://github.com/curl/curl/pull/4483
|
|
fixed build for systems that need netinet/in.h for IPPROTO_TCP and are
missing INADDR_LOOPBACK
Closes #4480
|
|
Follow-up to bc2dbef0afc08
|
|
|
|
|
|
Curl_socketpair() is designed to be used and work everywhere if there's
no native version or the native version isn't good enough.
Closes #4466
|
|
Previosly all connect() failures would return CURLE_COULDNT_CONNECT, no
matter what errno said.
This makes for example --retry work on these transfer failures.
Reported-by: Nathaniel J. Smith
Fixes #4461
Clsoes #4462
|
|
- Allow missing queries, don't return NO_MEMORY error in such a case.
It is acceptable for there to be no specified query string, for example:
curl ldap://ldap.forumsys.com
A regression bug in 1b443a7 caused this issue.
This is a partial fix for #4261.
Bug: https://github.com/curl/curl/issues/4261#issuecomment-525543077
Reported-by: Jojojov@users.noreply.github.com
Analyzed-by: Samuel Surtees
Closes https://github.com/curl/curl/pull/4467
|
|
Closes https://github.com/curl/curl/pull/4460
|
|
Closes #4457
|
|
The second argument is really a 'bool' so use that and pass in TRUE/FALSE
to make it clear.
Closes #4455
|
|
To make sure that the HTTP/2 state is initialized correctly for
duplicated handles. It would otherwise easily generate "spurious"
PRIORITY frames to get sent over HTTP/2 connections when duplicated easy
handles were used.
Reported-by: Daniel Silverstone
Fixes #4303
Closes #4442
|
|
Follow-up from 2c20109a9b5d04
Added test 663 to verify.
Reported by OSS-Fuzz
Bug: https://crbug.com/oss-fuzz/17954
Closes #4453
|
|
This fix removes a use after free which can be triggered by
the internal cookie fuzzer, but otherwise is probably
impossible to trigger from an ordinary application.
The following program reproduces it:
curl_global_init(CURL_GLOBAL_DEFAULT);
CURL* handle=curl_easy_init();
CookieInfo* info=Curl_cookie_init(handle,NULL,NULL,false);
curl_easy_setopt(handle, CURLOPT_COOKIEJAR, "/dev/null");
Curl_flush_cookies(handle, true);
Curl_cookie_cleanup(info);
curl_easy_cleanup(handle);
curl_global_cleanup();
This was found through fuzzing.
Closes #4454
|
|
Closes #4011
|
|
... to make it handle for example (RFC violating) embeded spaces.
Reported-by: momala454 on github
Fixes #4445
Closes #4447
|
|
|
|
Closes #4410
|
|
Unknown content-encoding would get returned as CURLE_WRITE_ERROR if the
response is chunked-encoded.
Reported-by: Ilya Kosarev
Fixes #4310
Closes #4449
|
|
The loop doesn't need to be executed without a file argument.
Closes https://github.com/curl/curl/pull/4444
|
|
`dest` is only used with `ENABLE_IPV6`.
Closes https://github.com/curl/curl/pull/4444
|
|
Closes https://github.com/curl/curl/pull/4444
|
|
As mandated by the spec. Test 1654 is extended to verify.
Closes #4443
|
|
|
|
The 'share object' only sets the storage area for cookies. The "cookie
engine" still needs to be enabled or activated using the normal cookie
options.
This caused the curl command line tool to accidentally use cookies
without having been told to, since curl switched to using shared cookies
in 7.66.0.
Test 1166 verifies
Updated test 506
Fixes #4429
Closes #4434
|
|
|
|
Closes #4428
|
|
Closes https://github.com/curl/curl/pull/4425
|
|
|
|
|
|
This reverts commit 2f036a72d543e96128bd75cb0fedd88815fd42e2.
|
|
Closes #4423
|
|
Instead of showing the somewhat nonsensical errno number, use strerror()
to provide a more relatable error message.
Closes #4411
|
|
Prior to this change non-ssl/non-ssh connections that were reused set
TIMER_APPCONNECT [1]. Arguably that was incorrect since no SSL/SSH
handshake took place.
[1]: TIMER_APPCONNECT is publicly known as CURLINFO_APPCONNECT_TIME in
libcurl and %{time_appconnect} in the curl tool. It is documented as
"the time until the SSL/SSH handshake is completed".
Reported-by: Marcel Hernandez
Ref: https://github.com/curl/curl/issues/3760
Closes https://github.com/curl/curl/pull/3773
|
|
- convert some of them to H3BUF() calls to infof()
- remove some of them completely
- made DEBUG_HTTP3 defined only if CURLDEBUG is set for now
Closes #4421
|
|
Closes #4403
|
