aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2018-04-18schannel: add support for CURLOPT_CAINFODan McNulty
- Move verify_certificate functionality in schannel.c into a new file called schannel_verify.c. Additionally, some structure defintions from schannel.c have been moved to schannel.h to allow them to be used in schannel_verify.c. - Make verify_certificate functionality for Schannel available on all versions of Windows instead of just Windows CE. verify_certificate will be invoked on Windows CE or when the user specifies CURLOPT_CAINFO and CURLOPT_SSL_VERIFYPEER. - In verify_certificate, create a custom certificate chain engine that exclusively trusts the certificate store backed by the CURLOPT_CAINFO file. - doc updates of --cacert/CAINFO support for schannel - Use CERT_NAME_SEARCH_ALL_NAMES_FLAG when invoking CertGetNameString when available. This implements a TODO in schannel.c to improve handling of multiple SANs in a certificate. In particular, all SANs will now be searched instead of just the first name. - Update tool_operate.c to not search for the curl-ca-bundle.crt file when using Schannel to maintain backward compatibility. Previously, any curl-ca-bundle.crt file found in that search would have been ignored by Schannel. But, with CAINFO support, the file found by that search would have been used as the certificate store and could cause issues for any users that have curl-ca-bundle.crt in the search path. - Update url.c to not set the build time CURL_CA_BUNDLE if the selected SSL backend is Schannel. We allow setting CA location for schannel only when explicitly specified by the user via CURLOPT_CAINFO / --cacert. - Add new test cases 3000 and 3001. These test cases check that the first and last SAN, respectively, matches the connection hostname. New test certificates have been added for these cases. For 3000, the certificate prefix is Server-localhost-firstSAN and for 3001, the certificate prefix is Server-localhost-secondSAN. - Remove TODO 15.2 (Add support for custom server certificate validation), this commit addresses it. Closes https://github.com/curl/curl/pull/1325
2018-04-15all: Refactor malloc+memset to use callocDaniel Gustafsson
When a zeroed out allocation is required, use calloc() rather than malloc() followed by an explicit memset(). The result will be the same, but using calloc() everywhere increases consistency in the codebase and avoids the risk of subtle bugs when code is injected between malloc and memset by accident. Closes https://github.com/curl/curl/pull/2497
2018-04-07tool_operate: Fix retry on FTP 4xx to ignore other protocolsStefan Agner
Only treat response code as FTP response codes in case the protocol type is FTP. This fixes an issue where an HTTP download was treated as FTP in case libcurl returned with 33. This happens when the download has already finished and the server responses 416: HTTP/1.1 416 Requested Range Not Satisfiable This should not be treated as an FTP error. Fixes #2464 Closes #2465
2018-03-17CURLOPT_HAPROXYPROTOCOL: support the HAProxy PROXY protocolLawrence Matthews
Add --haproxy-protocol for the command line tool Closes #2162
2018-03-16cleanup: misc typos in strings and commentsluz.paz
Found via `codespell` Closes #2389
2018-03-08curl tool: accept --compressed also if Brotli is enabled and zlib is not.Patrick Monnerat
2018-02-23spelling fixesViktor Szakats
Detected using the `codespell` tool. Also contains one URL protocol upgrade. Closes https://github.com/curl/curl/pull/2334
2018-02-21lib: CURLOPT_HAPPY_EYEBALLS_TIMEOUT => CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MSJay Satiro
- In keeping with the naming of our other connect timeout options rename CURLOPT_HAPPY_EYEBALLS_TIMEOUT to CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS. This change adds the _MS suffix since the option expects milliseconds. This is more intuitive for our users since other connect timeout options that expect milliseconds use _MS such as CURLOPT_TIMEOUT_MS, CURLOPT_CONNECTTIMEOUT_MS, CURLOPT_ACCEPTTIMEOUT_MS. The tool option already uses an -ms suffix, --happy-eyeballs-timeout-ms. Follow-up to 2427d94 which added the lib and tool option yesterday. Ref: https://github.com/curl/curl/pull/2260
2018-02-20url: Add option CURLOPT_HAPPY_EYEBALLS_TIMEOUTAnders Bakken
- Add new option CURLOPT_HAPPY_EYEBALLS_TIMEOUT to set libcurl's happy eyeball timeout value. - Add new optval macro CURL_HET_DEFAULT to represent the default happy eyeballs timeout value (currently 200 ms). - Add new tool option --happy-eyeballs-timeout-ms to expose CURLOPT_HAPPY_EYEBALLS_TIMEOUT. The -ms suffix is used because the other -timeout options in the tool expect seconds not milliseconds. Closes https://github.com/curl/curl/pull/2260
2018-02-18curl --version: show PSL if the run-time lib has it enabledDaniel Stenberg
... not of the #define was set at build-time!
2018-02-05time-cond: fix reading the file modification time on WindowsMichael Kaufmann
On Windows, stat() may adjust the unix file time by a daylight saving time offset. Avoid this by calling GetFileTime() instead. Fixes #2164 Closes #2204
2018-02-01build: fix termios issue on android cross-compileBen Greear
Bug: https://curl.haxx.se/mail/lib-2018-01/0122.html Signed-off-by: Ben Greear <greearb@candelatech.com>
2018-01-30curl: add --proxy-pinnedpubkeyDaniel Stenberg
To verify a proxy's public key. For when using HTTPS proxies. Fixes #2192 Closes #2268
2018-01-29curl_ctype: private is*() type macros and functionsDaniel Stenberg
... since the libc provided one are locale dependent in a way we don't want. Also, the "native" isalnum() (for example) works differently on different platforms which caused test 1307 failures on macos only. Closes #2269
2018-01-24progress-bar: don't use stderr explicitly, use bar->outDaniel Stenberg
Reported-By: Gisle Vanem Bug: https://github.com/curl/curl/commit/993dd5651a6c853bfe3870f6a69c7b329fa4e8ce#commitcomment-27070080
2018-01-24Fixes for MSDOS etc.Gisle Vanem
djgpp do have 'mkdir(dir, mode)'. Other DOS-compilers does not But djgpp seems the only choice for MSDOS anyway. PellesC do have a 'F_OK' defined in it's <unistd.h>. Update year in Copyright.
2018-01-23progress-bar: get screen width on windowsGisle Vanem
2018-01-22curl: progress bar refresh, get width using ioctl()Daniel Stenberg
Get screen width from the environment variable COLUMNS first, if set. If not, use ioctl(). If nether works, assume 79. Closes #2242 The "refresh" is for the -# output when no total transfer size is known. It will now only use a single updated line even for this case: The "-=O=-" ship moves when data is transferred. The four flying "hashes" move (on a sine wave) on each refresh, independent of data.
2018-01-07mail-rcpt.d: fix short-text descriptionJay Satiro
2017-12-26tool_getparam: Support size modifiers for --max-filesizeGisle Vanem
- Move the size modifier detection code from limit-rate to its own function so that it can also be used with max-filesize. Size modifiers are the suffixes such as G (gigabyte), M (megabyte) etc. For example --max-filesize 1G Ref: https://curl.haxx.se/mail/archive-2017-12/0000.html Closes https://github.com/curl/curl/pull/2179
2017-12-12curl: support >256 bytes warning messsagesDaniel Stenberg
Bug: #2174
2017-12-11Revert "curl: don't set CURLOPT_INTERLEAVEDATA"Daniel Stenberg
This reverts commit 9ffad8eb1329bb35c8988115ac7ed85cf91ef955. It was actually added rather recently in 8e8afa82cbb629 due to a crash that would otherwise happen in the RTSP code. As I don't think we've fixed that behavior yet, we better keep this work-around until we have fixed it better.
2017-12-08curl: remove __EMX__ #ifdefsDaniel Stenberg
These are OS/2-specific things added to the code in the year 2000. They were always ugly. If there's any user left, they still don't need it done this way. Closes #2166
2017-12-08curl: don't set CURLOPT_INTERLEAVEDATADaniel Stenberg
That data is only ever used by the CURLOPT_INTERLEAVEFUNCTION callback and that option isn't set or used by the curl tool! Updates the 9 tests that verify --libcurl Closes #2167
2017-12-07curl: limit -# update frequency for unknown total sizeDaniel Stenberg
Make it use a max 10Hz update frequency for this case as well. Return early if the "point" hasn't moved since last invoke. Reported-by: Elliot Saba Fixes #2158 Closes #2163
2017-11-24metalink: fix memory-leak and NULL pointer dereferenceDaniel Stenberg
Reported by scan-build Closes #2109
2017-11-10cmake: Correctly include curl.rc in Windows builds (#2064)John Starks
Update CMakeLists.txt to add curl.rc to the correct list.
2017-11-06src/Makefile.m32: fix typo in brotli lib customizationViktor Szakats
Ref cc1f4436099decb9d1a7034b2bb773a9f8379d31
2017-11-05Makefile.m32: allow to customize brotli libsViktor Szakats
It adds the ability to link against static brotli libs. Also fix brotli include path.
2017-11-05Makefile.m32: add brotli supportViktor Szakats
2017-11-05HTTP: implement Brotli content encodingPatrick Monnerat
This uses the brotli external library (https://github.com/google/brotli). Brotli becomes a feature: additional curl_version_info() bit and structure fields are provided for it and CURLVERSION_NOW bumped. Tests 314 and 315 check Brotli content unencoding with correct and erroneous data. Some tests are updated to accomodate with the now configuration dependent parameters of the Accept-Encoding header.
2017-11-04curl: speed up handling of many URLsDaniel Stenberg
By properly keeping track of the last entry in the list of URLs/uploads to handle, curl now avoids many meaningless traverses of the list which speeds up many-URL handling *MASSIVELY* (several magnitudes on 100K URLs). Added test 1291, to verify that it doesn't take ages - but we don't have any detection of "too slow" command in the test suite. Reported-by: arainchik on github Fixes #1959 Closes #2052
2017-11-04curl: pass through [] in URLs instead of calling globbing errorDaniel Stenberg
Assisted-by: Per Lundberg Fixes #2044 Closes #2046 Closes #2048
2017-10-30mkhelp.pl: support reproducible buildJuro Bystricky
Do not generate line with the current date, such as: * Generation time: Tue Oct-24 18:01:41 2017 This will improve reproducibility. The generated string is only part of a comment, so there should be no adverse consequences. Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> closes #2026
2017-10-29cli tool: improve ";type=" handling in -F option argumentsPatrick Monnerat
2017-10-29cli tool: in -F option arg, comma is a delimiter for files onlyPatrick Monnerat
Also upgrade test 1133 to cover this case and clarify man page about form data quoting. Bug: https://github.com/curl/curl/issues/2022 Reported-By: omau on github
2017-10-28cmake: Export libcurl and curl targets to use by other cmake projectsJakub Zakrzewski
The config files define curl and libcurl targets as imported targets CURL::curl and CURL::libcurl. For backward compatibility with CMake- provided find-module the CURL_INCLUDE_DIRS and CURL_LIBRARIES are also set. Closes #1879
2017-10-15makefile.m32: allow to override gcc, ar and ranlibViktor Szakats
Allow to ovverride certain build tools, making it possible to use LLVM/Clang to build curl. The default behavior is unchanged. To build with clang (as offered by MSYS2), these settings can be used: CURL_CC=clang CURL_AR=llvm-ar CURL_RANLIB=llvm-ranlib Closes https://github.com/curl/curl/pull/1993
2017-10-12cli tool: use file2memory() to buffer stdin in -F option.Patrick Monnerat
Closes PR https://github.com/curl/curl/pull/1985
2017-10-12cli tool: reimplement stdin buffering in -F option.Patrick Monnerat
If stdin is not a regular file, its content is memory-buffered to enable a possible data "rewind". In all cases, stdin data size is determined before real use to avoid having an unknown part's size. --libcurl generated code is left as an unbuffered stdin fread/fseek callback part with unknown data size. Buffering is not supported in deprecated curl_formadd() API.
2017-10-09curl: don't pass semicolons when parsing Content-DispositionKristiyan Tsaklev
Test 1422 updated to verify. Closes #1964
2017-09-30Set and use more necessary options when some protocols are disabledDan Fandrich
When curl and libcurl are built with some protocols disabled, they stop setting and receiving some options that don't make sense with those protocols. In particular, when HTTP is disabled many options aren't set that are used only by HTTP. However, some options that appear to be HTTP-only are actually used by other protocols as well (some despite having HTTP in the name) and should be set, but weren't. This change now causes some of these options to be set and used for more (or for all) protocols. In particular, this fixes tests 646 through 649 in an HTTP-disabled build, which use the MIME API in the mail protocols.
2017-09-22metalink: fix NSS issue in MultiSSL buildsViktor Szakats
In MultiSSL mode (i.e. when more than one SSL backend is compiled in), we cannot use the compile time flag `USE_NSS` as indicator that the NSS backend is in use. As far as Metalink is concerned, the SSL backend is only used for MD5, SHA-1 and SHA-256 calculations, therefore one of the available SSL backends is selected at compile time, in a strict order of preference. Let's introduce a new `HAVE_NSS_CONTEXT` constant that can be used to determine whether the SSL backend used for Metalink is the NSS backend, and use that to guard the code that wants to de-initialize the NSS-specific data structure. Ref: https://github.com/curl/curl/pull/1848
2017-09-22form/mime: field names are not allowed to contain zero-valued bytes.Patrick Monnerat
Also suppress length argument of curl_mime_name() (names are always zero-terminated).
2017-09-20curl: check fseek() return code and bail on errorDaniel Stenberg
Detected by coverity. CID 1418137.
2017-09-18curl: make str2udouble not return values on errorDaniel Stenberg
... previously it would store a return value even when it returned error, which could make the value get used anyway! Reported-by: Brian Carpenter Closes #1893
2017-09-11code style: use spaces around plusesDaniel Stenberg
2017-09-11code style: use spaces around equals signsDaniel Stenberg
2017-09-06mime: drop internal FILE * support.Patrick Monnerat
- The part kind MIMEKIND_FILE and associated code are suppressed. - Seek data origin offset not used anymore: suppressed. - MIMEKIND_NAMEDFILE renamed MIMEKIND_FILE; associated fields/functions renamed accordingly. - Curl_getformdata() processes stdin via a callback.
2017-09-05mime: implement encoders.Patrick Monnerat
curl_mime_encoder() is operational and documented. curl tool -F option is extended with ";encoder=". curl tool --libcurl option generates calls to curl_mime_encoder(). New encoder tests 648 & 649. Test 1404 extended with an encoder specification.