Age | Commit message (Collapse) | Author |
|
Closes #1402
|
|
... because they may include an intermediate certificate for a client
certificate and the intermediate certificate needs to be presented to
the server, no matter if we verify the peer or not.
Reported-by: thraidh
Closes #851
|
|
... by moving the variables into the correct #ifdef block.
|
|
When UNICODE is not defined, the Curl_convert_UTF8_to_tchar macro maps
directly to its argument. As it is declared as a pointer to const and
InitializeSecurityContext expects a pointer to non-const, both MSVC and MinGW
issue a warning about implicitly casting away the const. Fix this by declaring
the variables as pointers to non-const.
Closes https://github.com/curl/curl/pull/1394
|
|
Reported-by: Carsten (talksinmath)
Fixes #1384
Closes #1395
|
|
Curl_timeleft returns time_t instead of long since commit
21aa32d30dbf319f2d336e0cb68d3a3235869fbb.
|
|
Previously, periods of fast speed between periods of slow speed would
not count and could still erroneously trigger a timeout.
Reported-by: Paul Harris
Fixes #1345
Closes #1390
|
|
Curl_llist_alloc is now Curl_llist_init.
Closes https://github.com/curl/curl/pull/1391
|
|
Multi handles repeatedly invert the queue of pending easy handles when
used with CURLMOPT_MAX_TOTAL_CONNECTIONS. This is caused by a multistep
process involving Curl_splaygetbest and violates the FIFO property of
the multi handle.
This patch fixes this issue by redefining the "best" node in the
context of timeouts as the "smallest not larger than now", and
implementing the necessary data structure modifications to do this
effectively, namely:
- splay nodes with the same key are now stored in a doubly-linked
circular list instead of a non-circular one to enable O(1)
insertion to the tail of the list
- Curl_splayinsert inserts nodes with the same key to the tail of
the same list
- in case of multiple nodes with the same key, the one on the head of
the list gets selected
|
|
struct mechtable is only used locally here. It can be declared static.
|
|
- Don't free postponed data on a connection that will be reused since
doing so can cause data loss when pipelining.
Only Windows builds are affected by this.
Closes https://github.com/curl/curl/issues/1380
|
|
This removes one tiny malloc for each hash struct allocated. In a simple
case like "curl localhost", this save three mallocs.
Closes #1376
|
|
No longer allocate the curl_llist head struct for lists separately.
Removes 17 (15%) tiny allocations in a normal "curl localhost" invoke.
closes #1381
|
|
Safe to silence warning adding time delta of poll, which can trigger on
Windows since sizeof time_t > sizeof long.
warning C4244: '+=' : conversion from 'time_t' to 'long', possible loss
of data
|
|
system.h is aimed to replace curlbuild.h at a later point in time when
we feel confident system.h works sufficiently well.
curl/system.h is currently used in parallel with curl/curlbuild.h
curl/system.h determines a data sizes, data types and include file
status based on available preprocessor defines instead of getting
generated at build-time. This, in order to avoid relying on a build-time
generated file that makes it complicated to do 32 and 64 bit bields from
the same installed set of headers.
Test 1541 verifies that system.h comes to the same conclusion that
curlbuild.h offers.
Closes #1373
|
|
When only a few additional file descriptors are used, avoid the malloc.
Closes #1377
|
|
telnet.c(1427,21): warning: comparison of constant 268435456 with
expression of type 'CURLcode' is always false
telnet.c(1433,21): warning: comparison of constant 268435457 with
expression of type 'CURLcode' is always false
Reviewed-by: Jay Satiro
Reported-by: Gisle Vanem
Bug: https://github.com/curl/curl/issues/1225#issuecomment-290340890
Closes #1374
|
|
|
|
'left' is used as time_t but declared as long.
MinGW complains:
error: conversion to 'long int' from 'time_t {aka long long int}' may alter
its value [-Werror=conversion]
Changed the declaration to time_t.
|
|
In release mode, MinGW complains:
error: unused parameter 'lib_error_code' [-Werror=unused-parameter]
|
|
If CURL_DISABLE_VERBOSE_STRINGS is defined, hostname is not used in
schannel_connect_step3.
|
|
When CURL_DISABLE_VERBOSE_STRINGS is defined, the reason parameter in
Curl_conncontrol is not used as the infof macro expands to nothing.
|
|
At least under Windows, there is no SIZEOF_LONG, so it evaluates to 0 even
though sizeof(int) == sizeof(long). This should probably have been
CURL_SIZEOF_LONG, but the type of timeout_ms changed from long to time_t
anyway.
This triggered MSVC warning C4668 about implicitly replacing undefined
macros with '0'.
Closes https://github.com/curl/curl/pull/1362
|
|
Feature defines are normally checked with #ifdef instead of #if in the rest of
the codebase. Additionally, some compilers warn when a macro is implicitly
evaluated to 0 because it is not defined, which was the case here.
Ref: https://github.com/curl/curl/pull/1362#discussion_r108605101
Closes https://github.com/curl/curl/pull/1367
|
|
... to make it much faster. Idea developed with primepie on IRC.
Closes #1365
|
|
If we use FTPS over CONNECT, the TLS handshake for the FTPS control
connection needs to be initiated in the SENDPROTOCONNECT state, not
the WAITPROXYCONNECT state. Otherwise, if the TLS handshake completed
without blocking, the information about the completed TLS handshake
would be saved to a wrong flag. Consequently, the TLS handshake would
be initiated in the SENDPROTOCONNECT state once again on the same
connection, resulting in a failure of the TLS handshake. I was able to
observe the failure with the NSS backend if curl ran through valgrind.
Note that this commit partially reverts curl-7_21_6-52-ge34131d.
|
|
When receiving chunked encoded data with trailers, and the write
callback returns PAUSE, there might be both body and header to store to
resend on unpause. Previously libcurl returned error for that case.
Added test case 1540 to verify.
Reported-by: Stephen Toub
Fixes #1354
Closes #1357
|
|
When using basic-auth, connections and proxy connections
can be re-used with different Authorization headers since
it does not authenticate the connection (like NTLM does).
For instance, the below command should re-use the proxy
connection, but it currently doesn't:
curl -v -U alice:a -x http://localhost:8181 http://localhost/
--next -U bob:b -x http://localhost:8181 http://localhost/
This is a regression since refactoring of ConnectionExists()
as part of: cb4e2be7c6d42ca0780f8e0a747cecf9ba45f151
Fix the above by removing the username and password compare
when re-using proxy connection at proxy_info_matches().
However, this fix brings back another bug would make curl
to re-print the old proxy-authorization header of previous
proxy basic-auth connection because it wasn't cleared.
For instance, in the below command the second request should
fail if the proxy requires authentication, but would succeed
after the above fix (and before aforementioned commit):
curl -v -U alice:a -x http://localhost:8181 http://localhost/
--next -x http://localhost:8181 http://localhost/
Fix this by clearing conn->allocptr.proxyuserpwd after use
unconditionally, same as we do for conn->allocptr.userpwd.
Also fix test 540 to not expect digest auth header to be
resent when connection is reused.
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Closes https://github.com/curl/curl/pull/1350
|
|
- Fix compile errors that occur in openssl.c when OpenSSL lib was
built without DSA support.
Bug: https://github.com/curl/curl/issues/1361
Reported-by: neheb@users.noreply.github.com
|
|
No need to redeclare the variable.
|
|
error: conversion to 'long int' from 'time_t {aka long long int}' may alter
its value [-Werror=conversion]
|
|
Closes #1356
|
|
|
|
|
|
- If SSL_get_error is called but no extended error detail is available
then show that SSL_ERROR_* as a string.
Prior to this change there was some inconsistency in that case: the
SSL_ERROR_* code may or may not have been shown, or may have been shown
as unknown even if it was known.
Ref: https://github.com/curl/curl/issues/1300
Closes https://github.com/curl/curl/pull/1348
|
|
Ref: https://curl.haxx.se/mail/lib-2017-02/0097.html
Closes https://github.com/curl/curl/pull/1272
|
|
The code would refer to the wrong data pointer. Only debug builds do
this - for verbosity.
Reported-by: zelinchen@users.noreply.github.com
Fixes #1329
|
|
Broken a week ago in 6448f98.
Closes https://github.com/curl/curl/pull/1337
|
|
... by removing the else branch after a return, break or continue.
Closes #1310
|
|
- Add new option CURLOPT_SUPPRESS_CONNECT_HEADERS to allow suppressing
proxy CONNECT response headers from the user callback functions
CURLOPT_HEADERFUNCTION and CURLOPT_WRITEFUNCTION.
- Add new tool option --suppress-connect-headers to expose
CURLOPT_SUPPRESS_CONNECT_HEADERS and allow suppressing proxy CONNECT
response headers from --dump-header and --include.
Assisted-by: Jay Satiro
Assisted-by: CarloCannas@users.noreply.github.com
Closes https://github.com/curl/curl/pull/783
|
|
A client MUST ignore any Content-Length or Transfer-Encoding header
fields received in a successful response to CONNECT.
"Successful" described as: 2xx (Successful). RFC 7231 4.3.6
Prior to this change such a case would cause an error.
In some ways this bug appears to be a regression since c50b878. Prior to
that libcurl may have appeared to function correctly in such cases by
acting on those headers instead of causing an error. But that behavior
was also incorrect.
Bug: https://github.com/curl/curl/issues/1317
Reported-by: mkzero@users.noreply.github.com
|
|
Broken a few days ago in 6448f98.
Bug: https://curl.haxx.se/mail/lib-2017-03/0015.html
|
|
This prevents a "Descriptor is not a socket" error for WinSSL.
Reported-by: Antony74@users.noreply.github.com
Reviewed-by: Jay Satiro
Fixes https://github.com/curl/curl/issues/1239
|
|
Follow-up to 5278462
See https://github.com/curl/curl/issues/1095
|
|
This flag is meant for the current request based on authentication
state, once the request is done we can clear the flag.
Also change auth.multi to auth.multipass for better readability.
Fixes https://github.com/curl/curl/issues/1095
Closes https://github.com/curl/curl/pull/1326
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reported-by: Michael Kaufmann
|
|
|
|
CID 1402159 and 1402158
|
|
|
|
Verified with OpenSSL 1.1.0e and OpenSSL master (1.1.1)
|
|
This commit introduces the CURL_SSLVERSION_MAX_* constants as well as
the --tls-max option of the curl tool.
Closes https://github.com/curl/curl/pull/1166
|