aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2017-04-10openssl: fix this statement may fall through [-Wimplicit-fallthrough=]Alexis La Goutte
Closes #1402
2017-04-10nss: load CA certificates even with --insecureKamil Dudka
... because they may include an intermediate certificate for a client certificate and the intermediate certificate needs to be presented to the server, no matter if we verify the peer or not. Reported-by: thraidh Closes #851
2017-04-08vtls: fix unreferenced variable warningsMarcel Raad
... by moving the variables into the correct #ifdef block.
2017-04-07schannel: fix compiler warningsMarcel Raad
When UNICODE is not defined, the Curl_convert_UTF8_to_tchar macro maps directly to its argument. As it is declared as a pointer to const and InitializeSecurityContext expects a pointer to non-const, both MSVC and MinGW issue a warning about implicitly casting away the const. Fix this by declaring the variables as pointers to non-const. Closes https://github.com/curl/curl/pull/1394
2017-04-07sspi: print out InitializeSecurityContext() error messageIsaac Boukris
Reported-by: Carsten (talksinmath) Fixes #1384 Closes #1395
2017-04-06gtls: fix compiler warningMarcel Raad
Curl_timeleft returns time_t instead of long since commit 21aa32d30dbf319f2d336e0cb68d3a3235869fbb.
2017-04-06low_speed_limit: improved function for longer time periodsDaniel Stenberg
Previously, periods of fast speed between periods of slow speed would not count and could still erroneously trigger a timeout. Reported-by: Paul Harris Fixes #1345 Closes #1390
2017-04-06nss: fix build after e60fe20fdf94e829ba5fce33f7a9d6c281149f7dMarcel Raad
Curl_llist_alloc is now Curl_llist_init. Closes https://github.com/curl/curl/pull/1391
2017-04-04multi: fix queueing of pending easy handlesDániel Bakai
Multi handles repeatedly invert the queue of pending easy handles when used with CURLMOPT_MAX_TOTAL_CONNECTIONS. This is caused by a multistep process involving Curl_splaygetbest and violates the FIFO property of the multi handle. This patch fixes this issue by redefining the "best" node in the context of timeouts as the "smallest not larger than now", and implementing the necessary data structure modifications to do this effectively, namely: - splay nodes with the same key are now stored in a doubly-linked circular list instead of a non-circular one to enable O(1) insertion to the tail of the list - Curl_splayinsert inserts nodes with the same key to the tail of the same list - in case of multiple nodes with the same key, the one on the head of the list gets selected
2017-04-04curl_sasl: declare mechtable staticMartin Kepplinger
struct mechtable is only used locally here. It can be declared static.
2017-04-04url: don't free postponed data on connection reuseAntti Hätälä
- Don't free postponed data on a connection that will be reused since doing so can cause data loss when pipelining. Only Windows builds are affected by this. Closes https://github.com/curl/curl/issues/1380
2017-04-04hash: move key into hash struct to reduce mallocsDaniel Stenberg
This removes one tiny malloc for each hash struct allocated. In a simple case like "curl localhost", this save three mallocs. Closes #1376
2017-04-04llist: replace Curl_llist_alloc with Curl_llist_initDaniel Stenberg
No longer allocate the curl_llist head struct for lists separately. Removes 17 (15%) tiny allocations in a normal "curl localhost" invoke. closes #1381
2017-04-04easy: silence compiler warningJay Satiro
Safe to silence warning adding time delta of poll, which can trigger on Windows since sizeof time_t > sizeof long. warning C4244: '+=' : conversion from 'time_t' to 'long', possible loss of data
2017-04-03include: curl/system.h is a run-time version of curlbuild.hDaniel Stenberg
system.h is aimed to replace curlbuild.h at a later point in time when we feel confident system.h works sufficiently well. curl/system.h is currently used in parallel with curl/curlbuild.h curl/system.h determines a data sizes, data types and include file status based on available preprocessor defines instead of getting generated at build-time. This, in order to avoid relying on a build-time generated file that makes it complicated to do 32 and 64 bit bields from the same installed set of headers. Test 1541 verifies that system.h comes to the same conclusion that curlbuild.h offers. Closes #1373
2017-04-03multi: make curl_multi_wait avoid malloc in the typical caseDaniel Stenberg
When only a few additional file descriptors are used, avoid the malloc. Closes #1377
2017-04-01telnet: (win32) fix read callback return variableDaniel Stenberg
telnet.c(1427,21): warning: comparison of constant 268435456 with expression of type 'CURLcode' is always false telnet.c(1433,21): warning: comparison of constant 268435457 with expression of type 'CURLcode' is always false Reviewed-by: Jay Satiro Reported-by: Gisle Vanem Bug: https://github.com/curl/curl/issues/1225#issuecomment-290340890 Closes #1374
2017-03-31libcurl.def: removed, unusedDaniel Stenberg
2017-03-30ssh: fix narrowing conversion warningMarcel Raad
'left' is used as time_t but declared as long. MinGW complains: error: conversion to 'long int' from 'time_t {aka long long int}' may alter its value [-Werror=conversion] Changed the declaration to time_t.
2017-03-30http2: silence unused parameter warningsMarcel Raad
In release mode, MinGW complains: error: unused parameter 'lib_error_code' [-Werror=unused-parameter]
2017-03-30schannel: fix unused variable warningMarcel Raad
If CURL_DISABLE_VERBOSE_STRINGS is defined, hostname is not used in schannel_connect_step3.
2017-03-30connect: fix unreferenced parameter warningMarcel Raad
When CURL_DISABLE_VERBOSE_STRINGS is defined, the reason parameter in Curl_conncontrol is not used as the infof macro expands to nothing.
2017-03-30select: use correct SIZEOF_ constantMarcel Raad
At least under Windows, there is no SIZEOF_LONG, so it evaluates to 0 even though sizeof(int) == sizeof(long). This should probably have been CURL_SIZEOF_LONG, but the type of timeout_ms changed from long to time_t anyway. This triggered MSVC warning C4668 about implicitly replacing undefined macros with '0'. Closes https://github.com/curl/curl/pull/1362
2017-03-29NTLM: check for features with #ifdef instead of #ifMarcel Raad
Feature defines are normally checked with #ifdef instead of #if in the rest of the codebase. Additionally, some compilers warn when a macro is implicitly evaluated to 0 because it is not defined, which was the case here. Ref: https://github.com/curl/curl/pull/1362#discussion_r108605101 Closes https://github.com/curl/curl/pull/1367
2017-03-29conncache: make hashkey avoid mallocDaniel Stenberg
... to make it much faster. Idea developed with primepie on IRC. Closes #1365
2017-03-28http: do not treat FTPS over CONNECT as HTTPSKamil Dudka
If we use FTPS over CONNECT, the TLS handshake for the FTPS control connection needs to be initiated in the SENDPROTOCONNECT state, not the WAITPROXYCONNECT state. Otherwise, if the TLS handshake completed without blocking, the information about the completed TLS handshake would be saved to a wrong flag. Consequently, the TLS handshake would be initiated in the SENDPROTOCONNECT state once again on the same connection, resulting in a failure of the TLS handshake. I was able to observe the failure with the NSS backend if curl ran through valgrind. Note that this commit partially reverts curl-7_21_6-52-ge34131d.
2017-03-28pause: handle mixed types of data when pausedDaniel Stenberg
When receiving chunked encoded data with trailers, and the write callback returns PAUSE, there might be both body and header to store to resend on unpause. Previously libcurl returned error for that case. Added test case 1540 to verify. Reported-by: Stephen Toub Fixes #1354 Closes #1357
2017-03-28http: Fix proxy connection reuse with basic-authIsaac Boukris
When using basic-auth, connections and proxy connections can be re-used with different Authorization headers since it does not authenticate the connection (like NTLM does). For instance, the below command should re-use the proxy connection, but it currently doesn't: curl -v -U alice:a -x http://localhost:8181 http://localhost/ --next -U bob:b -x http://localhost:8181 http://localhost/ This is a regression since refactoring of ConnectionExists() as part of: cb4e2be7c6d42ca0780f8e0a747cecf9ba45f151 Fix the above by removing the username and password compare when re-using proxy connection at proxy_info_matches(). However, this fix brings back another bug would make curl to re-print the old proxy-authorization header of previous proxy basic-auth connection because it wasn't cleared. For instance, in the below command the second request should fail if the proxy requires authentication, but would succeed after the above fix (and before aforementioned commit): curl -v -U alice:a -x http://localhost:8181 http://localhost/ --next -x http://localhost:8181 http://localhost/ Fix this by clearing conn->allocptr.proxyuserpwd after use unconditionally, same as we do for conn->allocptr.userpwd. Also fix test 540 to not expect digest auth header to be resent when connection is reused. Signed-off-by: Isaac Boukris <iboukris@gmail.com> Closes https://github.com/curl/curl/pull/1350
2017-03-28openssl: exclude DSA code when OPENSSL_NO_DSA is definedJay Satiro
- Fix compile errors that occur in openssl.c when OpenSSL lib was built without DSA support. Bug: https://github.com/curl/curl/issues/1361 Reported-by: neheb@users.noreply.github.com
2017-03-28schannel: fix variable shadowing warningMarcel Raad
No need to redeclare the variable.
2017-03-27multi: fix MinGW-w64 compiler warningsMarcel Raad
error: conversion to 'long int' from 'time_t {aka long long int}' may alter its value [-Werror=conversion]
2017-03-26spelling fixesklemens
Closes #1356
2017-03-23openssl: fix comparison between signed and unsigned integer expressionsDaniel Stenberg
2017-03-23openssl: made the error table static constDan Fandrich
2017-03-23openssl: fall back on SSL_ERROR_* string when no error detailJay Satiro
- If SSL_get_error is called but no extended error detail is available then show that SSL_ERROR_* as a string. Prior to this change there was some inconsistency in that case: the SSL_ERROR_* code may or may not have been shown, or may have been shown as unknown even if it was known. Ref: https://github.com/curl/curl/issues/1300 Closes https://github.com/curl/curl/pull/1348
2017-03-21mbedtls: add support for CURLOPT_SSL_CTX_FUNCTIONAles Mlakar
Ref: https://curl.haxx.se/mail/lib-2017-02/0097.html Closes https://github.com/curl/curl/pull/1272
2017-03-21multi: fix streamclose() crash in debug modeDaniel Stenberg
The code would refer to the wrong data pointer. Only debug builds do this - for verbosity. Reported-by: zelinchen@users.noreply.github.com Fixes #1329
2017-03-18darwinssl: fix typo in variable namePalo Markovic
Broken a week ago in 6448f98. Closes https://github.com/curl/curl/pull/1337
2017-03-13Improve code readbilitySylvestre Ledru
... by removing the else branch after a return, break or continue. Closes #1310
2017-03-12url: add option CURLOPT_SUPPRESS_CONNECT_HEADERSDesmond O. Chang
- Add new option CURLOPT_SUPPRESS_CONNECT_HEADERS to allow suppressing proxy CONNECT response headers from the user callback functions CURLOPT_HEADERFUNCTION and CURLOPT_WRITEFUNCTION. - Add new tool option --suppress-connect-headers to expose CURLOPT_SUPPRESS_CONNECT_HEADERS and allow suppressing proxy CONNECT response headers from --dump-header and --include. Assisted-by: Jay Satiro Assisted-by: CarloCannas@users.noreply.github.com Closes https://github.com/curl/curl/pull/783
2017-03-11http_proxy: Ignore TE and CL in CONNECT 2xx responsesJay Satiro
A client MUST ignore any Content-Length or Transfer-Encoding header fields received in a successful response to CONNECT. "Successful" described as: 2xx (Successful). RFC 7231 4.3.6 Prior to this change such a case would cause an error. In some ways this bug appears to be a regression since c50b878. Prior to that libcurl may have appeared to function correctly in such cases by acting on those headers instead of causing an error. But that behavior was also incorrect. Bug: https://github.com/curl/curl/issues/1317 Reported-by: mkzero@users.noreply.github.com
2017-03-11mbedtls: fix typo in variable nameThomas Glanzmann
Broken a few days ago in 6448f98. Bug: https://curl.haxx.se/mail/lib-2017-03/0015.html
2017-03-11proxy: skip SSL initialization for closed connectionsMichael Kaufmann
This prevents a "Descriptor is not a socket" error for WinSSL. Reported-by: Antony74@users.noreply.github.com Reviewed-by: Jay Satiro Fixes https://github.com/curl/curl/issues/1239
2017-03-11curl_easy_reset: Also reset the authentication stateMichael Kaufmann
Follow-up to 5278462 See https://github.com/curl/curl/issues/1095
2017-03-11authneg: clear auth.multi flag at http_doneIsaac Boukris
This flag is meant for the current request based on authentication state, once the request is done we can clear the flag. Also change auth.multi to auth.multipass for better readability. Fixes https://github.com/curl/curl/issues/1095 Closes https://github.com/curl/curl/pull/1326 Signed-off-by: Isaac Boukris <iboukris@gmail.com> Reported-by: Michael Kaufmann
2017-03-11url: don't compile detect_proxy if HTTP support is disabledDan Fandrich
2017-03-10openssl: add two /* FALLTHROUGH */ to satisfy coverityDaniel Stenberg
CID 1402159 and 1402158
2017-03-09polarssl: fixed compile errors introduced in 6448f98cDan Fandrich
2017-03-08openssl: unbreak the build after 6448f98c1857deDaniel Stenberg
Verified with OpenSSL 1.1.0e and OpenSSL master (1.1.1)
2017-03-08vtls: add options to specify range of enabled TLS versionsJozef Kralik
This commit introduces the CURL_SSLVERSION_MAX_* constants as well as the --tls-max option of the curl tool. Closes https://github.com/curl/curl/pull/1166