aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2020-02-07digest: Do not quote algorithm in HTTP authorisationPierre-Yves Bigourdan
RFC 7616 section 3.4 (The Authorization Header Field) states that "For historical reasons, a sender MUST NOT generate the quoted string syntax for the following parameters: algorithm, qop, and nc". This removes the quoting for the algorithm parameter. Reviewed-by: Steve Holme Closes #4890
2020-02-07ftp: remove the duplicated user/password struct fieldsDaniel Stenberg
Closes #4887
2020-02-07ftp: remove superfluous checking for crlf in user or pwdDaniel Stenberg
... as this is already done much earlier in the URL parser. Also add test case 894 that verifies that pop3 with an encodedd CR in the user name is rejected. Closes #4887
2020-02-06ntlm_wb: Use Curl_socketpair() for greater portabilitySteve Holme
Reported-by: Daniel Stenberg Closes #4886
2020-02-05ftp: shrink temp buffers used for PORTDaniel Stenberg
These two stack based buffers only need to be 46 + 66 bytes instead of 256 + 1024. Closes #4880
2020-02-04altsvc: set h3 version at a common single spotDaniel Stenberg
... and move the #ifdefs out of the functions. Addresses the fact they were different before this change. Reported-by: Harry Sintonen Closes #4876
2020-02-04altsvc: improved header parserHarry Sintonen
- Fixed the flag parsing to apply to specific alternative entry only, as per RFC. The earlier code would also get totally confused by multiprotocol header, parsing flags from the wrong part of the header. - Fixed the parser terminating on unknown protocols, instead of skipping them. - Fixed a busyloop when protocol-id was present without an equal sign. Closes #4875
2020-02-04ngtcp2: fixed to only use AF_INET6 when ENABLE_IPV6Harry Sintonen
2020-02-04ntlm: Pass the Curl_easy structure to the private winbind functionsSteve Holme
...rather than the full conndata structure.
2020-02-03ntlm: Ensure the HTTP header data is not stored in the challenge/responseSteve Holme
2020-02-03openssl: remove redundant assignmentMarcel Raad
Fixes a scan-build failure on Bionic. Closes https://github.com/curl/curl/pull/4872
2020-02-02cleanup: fix typos and wording in docs and commentsPedro Monreal
Closes #4869 Reviewed-by: Emil Engler and Daniel Gustafsson
2020-02-02ntlm: Move the winbind data into the NTLM data structureSteve Holme
To assist with adding winbind support to the SASL NTLM authentication, move the winbind specific data out of conndata into ntlmdata.
2020-01-30quiche: Copyright year out of dateDaniel Stenberg
Follow-up to 7fc63d72333a
2020-01-30altsvc: use h3-25Daniel Stenberg
Closes #4868
2020-01-30quiche: update to draft-25Alessandro Ghedini
Closes #4867
2020-01-29ngtcp2: update to git master and its draft-25 supportDaniel Stenberg
Closes #4865
2020-01-29cookie: check __Secure- and __Host- case sensitivelyDaniel Stenberg
While most keywords in cookies are case insensitive, these prefixes are specified explicitly to get checked "with a case-sensitive match". (From the 6265bis document in progress) Ref: https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-04 Closes #4864
2020-01-28multi_done: if multiplexed, make conn->data point to another transferDaniel Stenberg
... since the current transfer is being killed. Setting to NULL is wrong, leaving it pointing to 'data' is wrong since that handle might be about to get freed. Fixes #4845 Closes #4858 Reported-by: dmitrmax on github
2020-01-28urlapi: guess scheme correct even with credentials givenDaniel Stenberg
In the "scheme-less" parsing case, we need to strip off credentials first before we guess scheme based on the host name! Assisted-by: Jay Satiro Fixes #4856 Closes #4857
2020-01-28global_init: move the IPv6 works status bool to multi handleDaniel Stenberg
Previously it was stored in a global state which contributed to curl_global_init's thread unsafety. This boolean is now instead figured out in curl_multi_init() and stored in the multi handle. Less effective, but thread safe. Closes #4851
2020-01-27urldata: do string enums without #ifdefs for build scriptsJon Rumsey
... and check for inconsistencies for OS400 at build time with the new chkstrings tool. Closes #4822
2020-01-26global_init: assume the EINTR bit by defaultDaniel Stenberg
- Removed from global_init since it isn't thread-safe. The symbol will still remain to not break compiles, it just won't have any effect going forward. - make the internals NOT loop on EINTR (the opposite from previously). It only risks returning from the select/poll/wait functions early, and that should be risk-free. Closes #4840
2020-01-24conn: do not reuse connection if SOCKS proxy credentials differPeter Piekarski
Closes #4835
2020-01-24llist: removed unused Curl_llist_move()Daniel Stenberg
(and the corresponding unit test) Closes #4842
2020-01-24conncache: removed unused Curl_conncache_bundle_size()Daniel Stenberg
2020-01-24strcase: turn Curl_raw_tolower into staticDaniel Stenberg
Only ever used from within this file.
2020-01-24wolfssh: make it init properly via Curl_ssh_init()Daniel Stenberg
Closes #4846
2020-01-23openssl: make CURLINFO_CERTINFO not truncate x509v3 fieldsDaniel Stenberg
Avoid "reparsing" the content and instead deliver more exactly what is provided in the certificate and avoid truncating the data after 512 bytes as done previously. This no longer removes embedded newlines. Fixes #4837 Reported-by: bnfp on github Closes #4841
2020-01-22mk-ca-bundle: add support for CKA_NSS_SERVER_DISTRUST_AFTERDaniel Stenberg
For now, no cert in the bundle actually sets a date there... Co-Authored-by: Jay Satiro Reported-by: Christian Heimes Fixes #4834 Closes #4836
2020-01-21smtp: Allow RCPT TO command to fail for some recipientsPavel Volgarev
Introduces CURLOPT_MAIL_RCPT_ALLLOWFAILS. Verified with the new tests 3002-3007 Closes #4816
2020-01-21copyright: fix year rangesDaniel Stenberg
follow-up from dea17b519d (one of these days I'll learn to check before I push)
2020-01-21http: move "oauth_bearer" from connectdata to Curl_easynao
Fixes the bug where oauth_bearer gets deallocated when we re-use a connection. Closes #4824
2020-01-20http.h: Copyright year out of date, should be 2020Daniel Stenberg
Follow-up to 7ff9222ced8c
2020-01-20HTTP: increase EXPECT_100_THRESHOLD to 1Mb加藤郁之
Mentioned: https://curl.haxx.se/mail/lib-2020-01/0050.html Closes #4814
2020-01-16wolfssl: use the wc-prefixed symbol alternativesDaniel Stenberg
The symbols without wc_ prefix are not always provided. Ref: https://github.com/wolfSSL/wolfssl/issues/2744 Closes #4827
2020-01-16polarssl: removedDaniel Stenberg
As detailed in DEPRECATE.md, the polarssl support is now removed after having been disabled for 6 months and nobody has missed it. The threadlock files used by mbedtls are renamed to an 'mbedtls' prefix instead of the former 'polarssl' and the common functions that previously were shared between mbedtls and polarssl and contained the name 'polarssl' have now all been renamed to instead say 'mbedtls'. Closes #4825
2020-01-16libssh2: fix variable typeMarcel Raad
This led to a conversion warning on 64-bit MinGW, which has 32-bit `long` but 64-bit `size_t`. Closes https://github.com/curl/curl/pull/4823
2020-01-15wolfssh: set the password correctly for PASSWORD authDaniel Stenberg
2020-01-15wolfssh: remove fprintf() calls (and uses of __func__)Daniel Stenberg
2020-01-13schannel_verify: Fix alt names manual verify for UNICODE buildsJay Satiro
Follow-up to 29e40a6 from two days ago, which added that feature for Windows 7 and earlier. The bug only occurred in same. Ref: https://github.com/curl/curl/pull/4761
2020-01-13CMake: Add support for CMAKE_LTO option.Tobias Hieta
This enables Link Time Optimization. LTO is a proven technique for optimizing across compilation units. Closes #4799
2020-01-13ConnectionExists: respect the max_concurrent_streams limitsDaniel Stenberg
A regression made the code use 'multiplexed' as a boolean instead of the counter it is intended to be. This made curl try to "over-populate" connections with new streams. This regression came with 41fcdf71a1, shipped in curl 7.65.0. Also, respect the CURLMOPT_MAX_CONCURRENT_STREAMS value in the same check. Reported-by: Kunal Ekawde Fixes #4779 Closes #4784
2020-01-12wolfSSH: new SSH backendDaniel Stenberg
Adds support for SFTP (not SCP) using WolfSSH. Closes #4231
2020-01-12misc: Copyright year out of date, should be 2020Daniel Stenberg
Follow-up to recent commits [skip ci]
2020-01-11libssh2: add support for forcing a hostkey typeSantino Keupp
- Allow forcing the host's key type found in the known_hosts file. Currently, curl (with libssh2) does not take keys from your known_hosts file into account when talking to a server. With this patch the known_hosts file will be searched for an entry matching the hostname and, if found, libssh2 will be told to claim this key type from the server. Closes https://github.com/curl/curl/pull/4747
2020-01-11schannel: Make CURLOPT_CAINFO work better on Windows 7Faizur Rahman
- Support hostname verification via alternative names (SAN) in the peer certificate when CURLOPT_CAINFO is used in Windows 7 and earlier. CERT_NAME_SEARCH_ALL_NAMES_FLAG doesn't exist before Windows 8. As a result CertGetNameString doesn't quite work on those versions of Windows. This change provides an alternative solution for CertGetNameString by iterating through CERT_ALT_NAME_INFO for earlier versions of Windows. Prior to this change many certificates failed the hostname validation when CURLOPT_CAINFO was used in Windows 7 and earlier. Most certificates now represent multiple hostnames and rely on the alternative names field exclusively to represent their hostnames. Reported-by: Jeroen Ooms Fixes https://github.com/curl/curl/issues/3711 Closes https://github.com/curl/curl/pull/4761
2020-01-11ngtcp2: Add an error code for QUIC connection errorsEmil Engler
- Add new error code CURLE_QUIC_CONNECT_ERROR for QUIC connection errors. Prior to this change CURLE_FAILED_INIT was used, but that was not correct. Closes https://github.com/curl/curl/pull/4754
2020-01-11multi: Change curl_multi_wait/poll to error on negative timeoutJay Satiro
- Add new error CURLM_BAD_FUNCTION_ARGUMENT and return that error when curl_multi_wait/poll is passed timeout param < 0. Prior to this change passing a negative value to curl_multi_wait/poll such as -1 could cause the function to wait forever. Reported-by: hamstergene@users.noreply.github.com Fixes https://github.com/curl/curl/issues/4763 Closes https://github.com/curl/curl/pull/4765
2020-01-11cmake: Enable SMB for Windows buildsMarc Aldorasi
- Define USE_WIN32_CRYPTO by default. This enables SMB. - Show whether SMB is enabled in the "Enabled features" output. - Fix mingw compiler warning for call to CryptHashData by casting away const param. mingw CryptHashData prototype is wrong. Closes https://github.com/curl/curl/pull/4717