]> granicus.if.org Git - curl/log
curl
6 years agoconn_free: updated comment to clarify
Daniel Stenberg [Sat, 28 Jul 2018 21:17:01 +0000 (00:17 +0300)]
conn_free: updated comment to clarify

Let's call it disassociate instead of disconnect since the latter term
is used so much for (TCP) connections already.

6 years agotest1157: test -H from empty file
Daniel Stenberg [Sat, 28 Jul 2018 20:47:16 +0000 (22:47 +0200)]
test1157: test -H from empty file

Verifies bugfix #2797

6 years agocurl: Fix segfault when -H @headerfile is empty
Tobias Blomberg [Thu, 26 Jul 2018 21:22:49 +0000 (23:22 +0200)]
curl: Fix segfault when -H @headerfile is empty

The curl binary would crash if the -H command line option was given a
filename to read using the @filename syntax but that file was empty.

Closes #2797

6 years agomime: check Curl_rand_hex's return code
Daniel Stenberg [Thu, 26 Jul 2018 13:55:59 +0000 (16:55 +0300)]
mime: check Curl_rand_hex's return code

Bug: https://curl.haxx.se/mail/archive-2018-07/0015.html
Reported-by: Jeffrey Walton
Closes #2795

6 years agodocs/examples: add hiperfifo example using linux epoll/timerfd
Josh Bialkowski [Fri, 27 Jul 2018 22:46:19 +0000 (15:46 -0700)]
docs/examples: add hiperfifo example using linux epoll/timerfd

Closes #2804

6 years agodocs/INSTALL.md: minor formatting fixes
Darío Hereñú [Thu, 26 Jul 2018 01:57:55 +0000 (22:57 -0300)]
docs/INSTALL.md: minor formatting fixes

Closes #2794

6 years agodocs/CURLOPT_URL: fix indentation
Christopher Head [Wed, 25 Jul 2018 06:40:11 +0000 (23:40 -0700)]
docs/CURLOPT_URL: fix indentation

The statement, “The application does not have to keep the string around
after setting this option,” appears to be indented under the RTMP
paragraph. It actually applies to all protocols, not just RTMP.
Eliminate the extra indentation.

Closes #2788

6 years agodocs/CURLOPT_WRITEFUNCTION: size is always 1
Christopher Head [Wed, 25 Jul 2018 05:47:23 +0000 (22:47 -0700)]
docs/CURLOPT_WRITEFUNCTION: size is always 1

For compatibility with `fwrite`, the `CURLOPT_WRITEFUNCTION` callback is
passed two `size_t` parameters which, when multiplied, designate the
number of bytes of data passed in. In practice, CURL always sets the
first parameter (`size`) to 1.

This practice is also enshrined in documentation and cannot be changed
in future. The documentation states that the default callback is
`fwrite`, which means `fwrite` must be a suitable function for this
purpose. However, the documentation also states that the callback must
return the number of *bytes* it successfully handled, whereas ISO C
`fwrite` returns the number of items (each of size `size`) which it
wrote. The only way these numbers can be equal is if `size` is 1.

Since `size` is 1 and can never be changed in future anyway, document
that fact explicitly and let users rely on it.

Closes #2787

6 years agowolfSSL/CyaSSL: Fix memory leak in Curl_cyassl_random
Carie Pointer [Fri, 20 Jul 2018 20:00:09 +0000 (13:00 -0700)]
wolfSSL/CyaSSL: Fix memory leak in Curl_cyassl_random

RNG structure must be freed by call to FreeRng after its use in
Curl_cyassl_random. This call fixes Valgrind failures when running the
test suite with wolfSSL.

Closes #2784

6 years agoreuse_conn(): free old_conn->options
Even Rouault [Wed, 25 Jul 2018 09:22:51 +0000 (11:22 +0200)]
reuse_conn(): free old_conn->options

This fixes a memory leak when CURLOPT_LOGIN_OPTIONS is used, together with
connection reuse.

I found this with oss-fuzz on GDAL and curl master:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9582
I couldn't reproduce with the oss-fuzz original test case, but looking
at curl source code pointed to this well reproducable leak.

Closes #2790

6 years agosystem_win32: fix version checking
djelinski [Wed, 25 Jul 2018 12:01:55 +0000 (14:01 +0200)]
system_win32: fix version checking

In the current version, VERSION_GREATER_THAN_EQUAL 6.3 will return false
when run on windows 10.0. This patch addresses that error.

Closes https://github.com/curl/curl/pull/2792

6 years agoauth: pick Bearer authentication whenever a token is available
Johannes Schindelin [Fri, 20 Jul 2018 16:17:43 +0000 (18:17 +0200)]
auth: pick Bearer authentication whenever a token is available

So far, the code tries to pick an authentication method only if
user/password credentials are available, which is not the case for
Bearer authentictation...

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Closes #2754

6 years agoauth: only ever pick CURLAUTH_BEARER if we *have* a Bearer token
Johannes Schindelin [Tue, 17 Jul 2018 12:52:53 +0000 (14:52 +0200)]
auth: only ever pick CURLAUTH_BEARER if we *have* a Bearer token

The Bearer authentication was added to cURL 7.61.0, but there is a
problem: if CURLAUTH_ANY is selected, and the server supports multiple
authentication methods including the Bearer method, we strongly prefer
that latter method (only CURLAUTH_NEGOTIATE beats it), and if the Bearer
authentication fails, we will never even try to attempt any other
method.

This is particularly unfortunate when we already know that we do not
have any Bearer token to work with.

Such a scenario happens e.g. when using Git to push to Visual Studio
Team Services (which supports Basic and Bearer authentication among
other methods) and specifying the Personal Access Token directly in the
URL (this aproach is frequently taken by automated builds).

Let's make sure that we have a Bearer token to work with before we
select the Bearer authentication among the available authentication
methods.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Closes #2754

6 years agotest320: treat curl320.out file as binary
Marcel Raad [Sun, 22 Jul 2018 08:09:42 +0000 (10:09 +0200)]
test320: treat curl320.out file as binary

Otherwise, LF line endings are converted to CRLF on Windows,
but no conversion is done for the reply, so the test case fails.

Closes https://github.com/curl/curl/pull/2776

6 years agovtls: set conn->data when closing TLS
Daniel Stenberg [Fri, 20 Jul 2018 21:24:47 +0000 (23:24 +0200)]
vtls: set conn->data when closing TLS

Follow-up to 1b76c38904f0. The VTLS backends that close down the TLS
layer for a connection still needs a Curl_easy handle for the session_id
cache etc.

Fixes #2764
Closes #2771

6 years agotests: fixes for Windows line endlings
Marcel Raad [Sat, 21 Jul 2018 10:24:08 +0000 (12:24 +0200)]
tests: fixes for Windows line endlings

Set mode="text" when line endings depend on the system representation.

Closes https://github.com/curl/curl/pull/2772

6 years agotest214: disable MSYS2's POSIX path conversion for URL
Marcel Raad [Sat, 21 Jul 2018 09:27:31 +0000 (11:27 +0200)]
test214: disable MSYS2's POSIX path conversion for URL

By default, the MSYS2 bash converts all backslashes to forward slashes
in URLs. Disable this with MSYS2_ARG_CONV_EXCL for the test to pass.

Ref https://github.com/msys2/msys2/wiki/Porting#filesystem-namespaces

6 years agohttp2: several cleanups
Daniel Stenberg [Mon, 16 Jul 2018 22:29:11 +0000 (00:29 +0200)]
http2: several cleanups

- separate easy handle from connections better
- added asserts on a number of places
- added sanity check of pipelines for debug builds

Closes #2751

6 years agosmb_getsock: always wait for write socket too
Daniel Stenberg [Thu, 19 Jul 2018 22:57:28 +0000 (00:57 +0200)]
smb_getsock: always wait for write socket too

... the protocol is doing read/write a lot, so it needs to write often
even when downloading. A more proper fix could check for eactly when it
wants to write and only ask for it then.

Without this fix, an SMB download could easily get stuck when the event-driven
API was used.

Closes #2768

6 years agotest1143: disable MSYS2's POSIX path conversion
Marcel Raad [Fri, 20 Jul 2018 09:00:57 +0000 (11:00 +0200)]
test1143: disable MSYS2's POSIX path conversion

By default, the MSYS2 bash interprets http:/%HOSTIP:%HTTPPORT/want/1143
as a POSIX file list and converts it to a Windows file list.
Disable this with MSYS2_ARG_CONV_EXCL for the test to pass.

Ref https://github.com/msys2/msys2/wiki/Porting#filesystem-namespaces
Closes https://github.com/curl/curl/pull/2765

6 years agoRELEASE-NOTES: sync
Daniel Stenberg [Tue, 17 Jul 2018 23:21:07 +0000 (01:21 +0200)]
RELEASE-NOTES: sync

... and work toward 7.61.1

6 years agoCMake: Update scripts to use consistent style
Ruslan Baratov [Tue, 17 Jul 2018 06:36:59 +0000 (09:36 +0300)]
CMake: Update scripts to use consistent style

Closes #2727
Reviewed-by: Sergei Nikulov
6 years agoheader output: switch off all styles, not just unbold
Daniel Stenberg [Thu, 12 Jul 2018 09:04:00 +0000 (11:04 +0200)]
header output: switch off all styles, not just unbold

... the "unbold" sequence doesn't work on the mac Terminal.

Reported-by: Zero King
Fixes #2736
Closes #2738

6 years agodarwinssl: add support for ALPN negotiation
Rodger Combs [Wed, 11 Jul 2018 07:45:14 +0000 (02:45 -0500)]
darwinssl: add support for ALPN negotiation

6 years agotest1422: add required file feature
Marcel Raad [Fri, 13 Jul 2018 08:06:13 +0000 (10:06 +0200)]
test1422: add required file feature

curl configured with --enable-debug --disable-file currently complains
on test1422:
Info: Protocol "file" not supported or disabled in libcurl

Make test1422 dependend on enabled FILE protocol to fix this.

Fixes https://github.com/curl/curl/issues/2741
Closes https://github.com/curl/curl/pull/2742

6 years agocontent_encoding: accept up to 4 unknown trailer bytes after raw deflate data
Patrick Monnerat [Thu, 12 Jul 2018 20:46:15 +0000 (22:46 +0200)]
content_encoding: accept up to 4 unknown trailer bytes after raw deflate data

Some servers issue raw deflate data that may be followed by an undocumented
trailer. This commit makes curl tolerate such a trailer of up to 4 bytes
before considering the data is in error.

Reported-by: clbr on github
Fixes #2719

6 years agosmb: fix memory-leak in URL parse error path
Daniel Stenberg [Thu, 12 Jul 2018 09:44:57 +0000 (11:44 +0200)]
smb: fix memory-leak in URL parse error path

Detected by OSS-Fuzz
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9369
Closes #2740

6 years agoschannel: enable CALG_TLS1PRF for w32api >= 5.1
Marcel Raad [Thu, 12 Jul 2018 12:38:00 +0000 (14:38 +0200)]
schannel: enable CALG_TLS1PRF for w32api >= 5.1

The definition of CALG_TLS1PRF has been fixed in the 5.1 branch:
https://osdn.net/projects/mingw/scm/git/mingw-org-wsl/commits/73aedcc0f2e6ba370de0d86ab878ad76a0dda7b5

6 years agodocs/SECURITY-PROCESS: mention bounty, drop pre-notify
Daniel Stenberg [Thu, 12 Jul 2018 10:32:54 +0000 (12:32 +0200)]
docs/SECURITY-PROCESS: mention bounty, drop pre-notify

+ The hackerone bounty and its process

- We don't and can't handle pre-notification

6 years agomulti: always do the COMPLETED procedure/state
Daniel Stenberg [Wed, 4 Jul 2018 12:47:10 +0000 (14:47 +0200)]
multi: always do the COMPLETED procedure/state

It was previously erroneously skipped in some situations.

libtest/libntlmconnect.c wrongly depended on wrong behavior (that it
would get a zero timeout) when no handles are "running" in a multi
handle. That behavior is no longer present with this fix. Now libcurl
will always return a -1 timeout when all handles are completed.

Closes #2733

6 years agoCurl_getoff_all_pipelines: improved for multiplexed
Daniel Stenberg [Tue, 3 Jul 2018 23:20:31 +0000 (01:20 +0200)]
Curl_getoff_all_pipelines: improved for multiplexed

On multiplexed connections, transfers can be removed from anywhere not
just at the head as for pipelines.

6 years agoares: check for NULL in completed-callback
Daniel Stenberg [Tue, 3 Jul 2018 22:58:39 +0000 (00:58 +0200)]
ares: check for NULL in completed-callback

6 years agoconn: remove the boolean 'inuse' field
Daniel Stenberg [Tue, 3 Jul 2018 22:55:48 +0000 (00:55 +0200)]
conn: remove the boolean 'inuse' field

... as the usage needs to be counted.

6 years agoopenssl: assume engine support in 1.0.0 or later
Paul Howarth [Wed, 11 Jul 2018 11:01:38 +0000 (12:01 +0100)]
openssl: assume engine support in 1.0.0 or later

Commit 38203f1585da changed engine detection to be version-based,
with a baseline of openssl 1.0.1. This does in fact break builds
with openssl 1.0.0, which has engine support - the configure script
detects that ENGINE_cleanup() is available - but <openssl/engine.h>
doesn't get included to declare it.

According to upstream documentation, engine support was added to
mainstream openssl builds as of version 0.9.7:
https://github.com/openssl/openssl/blob/master/README.ENGINE

This commit drops the version test down to 1.0.0 as version 1.0.0d
is the oldest version I have to test with.

Closes #2732

6 years agoschannel: fix MinGW compile break
Marcel Raad [Tue, 10 Jul 2018 19:02:17 +0000 (21:02 +0200)]
schannel: fix MinGW compile break

Original MinGW's w32api has a sytax error in its definition of
CALG_TLS1PRF [0]. Don't use original MinGW w32api's CALG_TLS1PRF
until this bug [1] is fixed.

[0] https://osdn.net/projects/mingw/scm/git/mingw-org-wsl/blobs/d1d4a17e51a2b78e252ef0147d483267d56c90cc/w32api/include/wincrypt.h
[1] https://osdn.net/projects/mingw/ticket/38391

Fixes https://github.com/curl/curl/pull/2721#issuecomment-403636043
Closes https://github.com/curl/curl/pull/2728

6 years agoexamples/crawler.c: move #ifdef to column 0
Daniel Stenberg [Wed, 11 Jul 2018 09:47:21 +0000 (11:47 +0200)]
examples/crawler.c: move #ifdef to column 0

Apparently the C => HTML converter on the web site doesn't quite like it
otherwise.

Reported-by: Jeroen Ooms
6 years agorelease: 7.61.0 curl-7_61_0
Daniel Stenberg [Wed, 11 Jul 2018 05:57:42 +0000 (07:57 +0200)]
release: 7.61.0

6 years agoTODO: Configurable loading of OpenSSL configuration file
Daniel Stenberg [Tue, 10 Jul 2018 08:57:20 +0000 (10:57 +0200)]
TODO: Configurable loading of OpenSSL configuration file

Closes #2724

6 years agopost303.d: clarify that this is an RFC violation
Daniel Stenberg [Mon, 9 Jul 2018 21:57:44 +0000 (23:57 +0200)]
post303.d: clarify that this is an RFC violation

... and not the other way around, which this previously said.

Reported-by: Vasiliy Faronov
Fixes #2723
Closes #2726

6 years agoCMake: remove redundant and old end-of-block syntax
Ruslan Baratov [Thu, 5 Jul 2018 10:55:47 +0000 (13:55 +0300)]
CMake: remove redundant and old end-of-block syntax

Reviewed-by: Jakub Zakrzewski
Closes #2715

6 years agolib/curl_setup.h: remove unicode character
Jay Satiro [Mon, 9 Jul 2018 20:04:50 +0000 (16:04 -0400)]
lib/curl_setup.h: remove unicode character

Follow-up to 82ce416.

Ref: https://github.com/curl/curl/commit/8272ec5#commitcomment-29646818

6 years agolib/curl_setup.h: remove unicode bom from 8272ec50f02
Daniel Stenberg [Mon, 9 Jul 2018 19:24:28 +0000 (21:24 +0200)]
lib/curl_setup.h: remove unicode bom from 8272ec50f02

6 years agoschannel: fix -Wsign-compare warning
Marcel Raad [Sun, 8 Jul 2018 15:16:34 +0000 (17:16 +0200)]
schannel: fix -Wsign-compare warning

MinGW warns:
/lib/vtls/schannel.c:219:64: warning: signed and unsigned type in
conditional expression [-Wsign-compare]

Fix this by casting the ptrdiff_t to size_t as we know it's positive.

Closes https://github.com/curl/curl/pull/2721

6 years agoschannel: workaround for wrong function signature in w32api
Marcel Raad [Sun, 8 Jul 2018 15:00:01 +0000 (17:00 +0200)]
schannel: workaround for wrong function signature in w32api

Original MinGW's w32api has CryptHashData's second parameter as BYTE *
instead of const BYTE *.

Closes https://github.com/curl/curl/pull/2721

6 years agoschannel: make more cipher options conditional
Marcel Raad [Sun, 8 Jul 2018 14:55:11 +0000 (16:55 +0200)]
schannel: make more cipher options conditional

They are not defined in the original MinGW's <wincrypt.h>.

Closes https://github.com/curl/curl/pull/2721

6 years agocurl_setup: include <winerror.h> before <windows.h>
Marcel Raad [Sun, 8 Jul 2018 14:49:21 +0000 (16:49 +0200)]
curl_setup: include <winerror.h> before <windows.h>

Otherwise, only part of it gets pulled in through <windows.h> on
original MinGW.

Fixes https://github.com/curl/curl/issues/2361
Closes https://github.com/curl/curl/pull/2721

6 years agoexamples: fix -Wformat warnings
Marcel Raad [Sun, 8 Jul 2018 14:44:32 +0000 (16:44 +0200)]
examples: fix -Wformat warnings

When size_t is not a typedef for unsigned long (as usually the case on
Windows), GCC emits -Wformat warnings when using lu and lx format
specifiers with size_t. Silence them with explicit casts to
unsigned long.

Closes https://github.com/curl/curl/pull/2721

6 years agosmtp: use the upload buffer size for scratch buffer malloc
Daniel Stenberg [Wed, 13 Jun 2018 10:24:40 +0000 (12:24 +0200)]
smtp: use the upload buffer size for scratch buffer malloc

... not the read buffer size, as that can be set smaller and thus cause
a buffer overflow! CVE-2018-0500

Reported-by: Peter Wu
Bug: https://curl.haxx.se/docs/adv_2018-70a2.html

6 years agoscripts: include _curl as part of CLEANFILES
Dave Reisner [Sat, 7 Jul 2018 12:08:57 +0000 (08:08 -0400)]
scripts: include _curl as part of CLEANFILES

Closes #2718

6 years agodarwinssl: allow High Sierra users to build the code using GCC
Nick Zitzmann [Sun, 1 Jul 2018 19:05:50 +0000 (14:05 -0500)]
darwinssl: allow High Sierra users to build the code using GCC

...but GCC users lose out on TLS 1.3 support, since we can't weak-link
enumeration constants.

Fixes #2656
Closes #2703

6 years agoCMake: Remove unused 'output_var' from 'collect_true'
Ruslan Baratov [Thu, 5 Jul 2018 10:21:57 +0000 (13:21 +0300)]
CMake: Remove unused 'output_var' from 'collect_true'

Variable 'output_var' is not used and can be removed.
Function 'collect_true' renamed to 'count_true'.

6 years agoCMake: Remove unused functions
Ruslan Baratov [Thu, 5 Jul 2018 10:11:04 +0000 (13:11 +0300)]
CMake: Remove unused functions

Closes #2711

6 years agoKNOWN_BUGS: Stick to same family over SOCKS proxy
Daniel Stenberg [Fri, 6 Jul 2018 07:31:52 +0000 (09:31 +0200)]
KNOWN_BUGS: Stick to same family over SOCKS proxy

6 years agolibssh: goto DISCONNECT state on error, not SSH_SESSION_FREE
Daniel Stenberg [Thu, 5 Jul 2018 20:45:01 +0000 (22:45 +0200)]
libssh: goto DISCONNECT state on error, not SSH_SESSION_FREE

... because otherwise not everything get closed down correctly.

Fixes #2708
Closes #2712

6 years agolibssh: include line number in state change debug messages
Daniel Stenberg [Thu, 5 Jul 2018 20:43:29 +0000 (22:43 +0200)]
libssh: include line number in state change debug messages

Closes #2713

6 years agoKNOWN_BUGS: Borland support is dropped, AIX problem is too old
Daniel Stenberg [Thu, 5 Jul 2018 21:11:22 +0000 (23:11 +0200)]
KNOWN_BUGS: Borland support is dropped, AIX problem is too old

6 years agoexample/crawler.c: simple crawler based on libxml2
Jeroen Ooms [Tue, 3 Jul 2018 12:32:17 +0000 (14:32 +0200)]
example/crawler.c: simple crawler based on libxml2

Closes #2706

6 years agoRELEASE-NOTES: synced
Daniel Stenberg [Thu, 5 Jul 2018 07:43:35 +0000 (09:43 +0200)]
RELEASE-NOTES: synced

6 years agoDEPRECATE: include year when specifying date
Daniel Stenberg [Mon, 2 Jul 2018 21:41:06 +0000 (23:41 +0200)]
DEPRECATE: include year when specifying date

6 years agoDEPRECATE: linkified
Daniel Stenberg [Mon, 2 Jul 2018 11:16:09 +0000 (13:16 +0200)]
DEPRECATE: linkified

6 years agoDEPRECATE: mention the PR that disabled axTLS
Daniel Stenberg [Mon, 2 Jul 2018 07:40:53 +0000 (09:40 +0200)]
DEPRECATE: mention the PR that disabled axTLS

6 years agodocs/DEPRECATE.md: spelling and minor formatting
Daniel Stenberg [Mon, 2 Jul 2018 06:14:53 +0000 (08:14 +0200)]
docs/DEPRECATE.md: spelling and minor formatting

6 years agoDEPRECATE: new doc describing planned item removals
Daniel Stenberg [Sun, 1 Jul 2018 11:22:53 +0000 (13:22 +0200)]
DEPRECATE: new doc describing planned item removals

Closes #2704

6 years agotelnet: fix clang warnings
Gisle Vanem [Fri, 29 Jun 2018 21:22:19 +0000 (23:22 +0200)]
telnet: fix clang warnings

telnet.c(1401,28): warning: cast from function call of type 'int' to
non-matching type 'HANDLE' (aka 'void *') [-Wbad-function-cast]

Fixes #2696
Closes #2700

6 years agodocs: fix missed option name markups
Daniel Stenberg [Sat, 30 Jun 2018 16:33:07 +0000 (18:33 +0200)]
docs: fix missed option name markups

6 years agoopenssl: Remove some dead code
Gaurav Malhotra [Fri, 29 Jun 2018 12:17:51 +0000 (17:47 +0530)]
openssl: Remove some dead code

Closes #2698

6 years agoopenssl: make the requested TLS version the *minimum* wanted
Daniel Stenberg [Thu, 28 Jun 2018 21:24:21 +0000 (23:24 +0200)]
openssl: make the requested TLS version the *minimum* wanted

The code treated the set version as the *exact* version to require in
the TLS handshake, which is not what other TLS backends do and probably
not what most people expect either.

Reported-by: Andreas Olsson
Assisted-by: Gaurav Malhotra
Fixes #2691
Closes #2694

6 years agoRELEASE-NOTES: synced
Daniel Stenberg [Fri, 29 Jun 2018 08:31:27 +0000 (10:31 +0200)]
RELEASE-NOTES: synced

6 years agoopenssl: allow TLS 1.3 by default
Daniel Stenberg [Thu, 28 Jun 2018 21:05:05 +0000 (23:05 +0200)]
openssl: allow TLS 1.3 by default

Reported-by: Andreas Olsson
Fixes #2692
Closes #2693

6 years agoCURLINFO_TLS_SSL_PTR.3: improve the example
Adrian Peniak [Thu, 28 Jun 2018 05:56:16 +0000 (06:56 +0100)]
CURLINFO_TLS_SSL_PTR.3: improve the example

The previous example was a little bit confusing, because SSL* structure
(or other "in use" SSL connection pointer) is not accessible after the
transfer is completed, therefore working with the raw TLS library
specific pointer needs to be done during transfer.

Closes #2690

6 years agotravis: add a build using the synchronous name resolver
Daniel Stenberg [Wed, 27 Jun 2018 09:33:45 +0000 (11:33 +0200)]
travis: add a build using the synchronous name resolver

... since default uses the threaded one and we test the c-ares build
already.

Closes #2689

6 years agoconfigure: remove CURL_CHECK_NI_WITHSCOPEID too
Daniel Stenberg [Wed, 27 Jun 2018 11:52:57 +0000 (13:52 +0200)]
configure: remove CURL_CHECK_NI_WITHSCOPEID too

Since it isn't used either and requires the getnameinfo check

Follow-up to 0aeca41702d2

6 years agogetnameinfo: not used
Daniel Stenberg [Wed, 27 Jun 2018 06:20:28 +0000 (08:20 +0200)]
getnameinfo: not used

Closes #2687

6 years agoeasy_perform: use *multi_timeout() to get wait times
Daniel Stenberg [Tue, 26 Jun 2018 16:11:32 +0000 (18:11 +0200)]
easy_perform: use *multi_timeout() to get wait times

... and trim the threaded Curl_resolver_getsock() to return zero
millisecond wait times during the first three milliseconds so that
localhost or names in the OS resolver cache gets detected and used
faster.

Closes #2685

6 years agoconfigure: Add dependent libraries after crypto
Max Dymond [Tue, 26 Jun 2018 08:29:48 +0000 (09:29 +0100)]
configure: Add dependent libraries after crypto

The linker is pretty dumb and processes things left to right, keeping a
tally of symbols it hasn't resolved yet. So, we need -ldl to appear
after -lcrypto otherwise the linker won't find the dl functions.

Closes #2684

6 years agoGOVERNANCE: linkify, changed some titles
Daniel Stenberg [Wed, 27 Jun 2018 07:41:36 +0000 (09:41 +0200)]
GOVERNANCE: linkify, changed some titles

6 years agoGOVERNANCE: add maintainer details/duties
Daniel Stenberg [Wed, 27 Jun 2018 06:21:05 +0000 (08:21 +0200)]
GOVERNANCE: add maintainer details/duties

6 years agourl: check Curl_conncache_add_conn return code
Daniel Stenberg [Sun, 24 Jun 2018 21:22:35 +0000 (23:22 +0200)]
url: check Curl_conncache_add_conn return code

... it was previously unchecked in two places and thus errors could
remain undetected and cause trouble.

Closes #2681

6 years agoinclude/README: remove "hacking" advice, not the right place
Daniel Stenberg [Mon, 25 Jun 2018 13:01:12 +0000 (15:01 +0200)]
include/README: remove "hacking" advice, not the right place

6 years agoRELEASE-NOTES: synced
Daniel Stenberg [Sun, 24 Jun 2018 21:32:45 +0000 (23:32 +0200)]
RELEASE-NOTES: synced

6 years agoCURLOPT_SSL_VERIFYPEER.3: fix syntax mistake
Daniel Stenberg [Sun, 24 Jun 2018 21:18:52 +0000 (23:18 +0200)]
CURLOPT_SSL_VERIFYPEER.3: fix syntax mistake

Follow-up to b6a16afa0aa5

6 years agonetrc: use a larger buffer
Daniel Stenberg [Sat, 23 Jun 2018 19:32:22 +0000 (21:32 +0200)]
netrc: use a larger buffer

... to work with longer passwords etc. Grow it from a 256 to a 4096
bytes buffer.

Reported-by: Dario Nieuwenhuis
Fixes #2676
Closes #2680

6 years agoCURLOPT_SSL_VERIFYPEER.3: Add performance note
Patrick Schlangen [Thu, 21 Jun 2018 19:14:40 +0000 (21:14 +0200)]
CURLOPT_SSL_VERIFYPEER.3: Add performance note

Closes #2673

6 years agomulti: fix crash due to dangling entry in connect-pending list
Javier Blazquez [Sat, 23 Jun 2018 03:11:26 +0000 (20:11 -0700)]
multi: fix crash due to dangling entry in connect-pending list

Fixes #2677
Closes #2679

6 years agoConnectionExists: make sure conn->data is set when "taking" a connection
Daniel Stenberg [Thu, 21 Jun 2018 22:13:29 +0000 (00:13 +0200)]
ConnectionExists: make sure conn->data is set when "taking" a connection

Follow-up to 2c15693.

Bug #2674
Closes #2675

6 years agosystem.h: fix for gcc on 32 bit OpenServer
Kevin R. Bulgrien [Thu, 21 Jun 2018 23:00:37 +0000 (01:00 +0200)]
system.h: fix for gcc on 32 bit OpenServer

Bug: https://curl.haxx.se/mail/lib-2018-06/0100.html

6 years agocmake: allow multiple SSL backends
Raphael Gozzo [Sun, 17 Jun 2018 16:26:44 +0000 (13:26 -0300)]
cmake: allow multiple SSL backends

This will make possible to select the SSL backend (using
curl_global_sslset()) even when the libcurl is built using CMake

Closes #2665

6 years agourl: fix dangling conn->data pointer
Daniel Stenberg [Wed, 20 Jun 2018 21:00:36 +0000 (23:00 +0200)]
url: fix dangling conn->data pointer

By masking sure to use the *current* easy handle with extracted
connections from the cache, and make sure to NULLify the ->data pointer
when the connection is put into the cache to make this mistake easier to
detect in the future.

Reported-by: Will Dietz
Fixes #2669
Closes #2672

6 years agoCURLOPT_INTERFACE.3: interface names not supported on Windows
Daniel Stenberg [Mon, 18 Jun 2018 21:14:28 +0000 (23:14 +0200)]
CURLOPT_INTERFACE.3: interface names not supported on Windows

6 years agotravis: run more tests for coverage check
Daniel Stenberg [Sat, 16 Jun 2018 09:55:04 +0000 (11:55 +0200)]
travis: run more tests for coverage check

... run a few more tortured based and run all tests event-based.

Closes #2664

6 years agomulti: fix memory leak when stopped during name resolve
Daniel Stenberg [Thu, 14 Jun 2018 14:28:59 +0000 (16:28 +0200)]
multi: fix memory leak when stopped during name resolve

When the application just started the transfer and then stops it while
the name resolve in the background thread hasn't completed, we need to
wait for the resolve to complete and then cleanup data accordingly.

Enabled test 1553 again and added test 1590 to also check when the host
name resolves successfully.

Detected by OSS-fuzz.
Closes #1968

6 years agomaketgz: delete .bak files, fix indentation
Viktor Szakats [Fri, 15 Jun 2018 23:28:34 +0000 (23:28 +0000)]
maketgz: delete .bak files, fix indentation

Ref: https://github.com/curl/curl/pull/2660

Closes https://github.com/curl/curl/pull/2662

6 years agoruntests.pl: remove debug leftover from bb9a340c73f3
Daniel Stenberg [Fri, 15 Jun 2018 15:26:57 +0000 (17:26 +0200)]
runtests.pl: remove debug leftover from bb9a340c73f3

6 years agocurl-confopts.m4: fix typo from ed224f23d5beb
Daniel Stenberg [Fri, 15 Jun 2018 15:14:05 +0000 (17:14 +0200)]
curl-confopts.m4: fix typo from ed224f23d5beb

Fixes my local configure to detect a custom installed c-ares without
pkgconfig.

6 years agodocs/RELEASE-PROCEDURE.md: renamed to use .md extension
Daniel Stenberg [Fri, 15 Jun 2018 11:37:48 +0000 (13:37 +0200)]
docs/RELEASE-PROCEDURE.md: renamed to use .md extension

Closes #2663

6 years agoRELEASE-PROCEDURE: gpg sign the tags
Daniel Stenberg [Fri, 15 Jun 2018 11:32:41 +0000 (13:32 +0200)]
RELEASE-PROCEDURE: gpg sign the tags

6 years agoRELEASE-NOTES: synced
Daniel Stenberg [Fri, 15 Jun 2018 14:46:37 +0000 (16:46 +0200)]
RELEASE-NOTES: synced

6 years agoCURLOPT_HTTPAUTH.3: CURLAUTH_BEARER was added in 7.61.0
Daniel Stenberg [Fri, 15 Jun 2018 09:17:02 +0000 (11:17 +0200)]
CURLOPT_HTTPAUTH.3: CURLAUTH_BEARER was added in 7.61.0

6 years agomaketgz: fix sed issues on OSX
Mamta Upadhyay [Thu, 14 Jun 2018 16:29:43 +0000 (09:29 -0700)]
maketgz: fix sed issues on OSX

maketgz creates release tarballs and removes the -DEV string in curl
version (e.g. 7.58.0-DEV), else -DEV shows up on command line when curl
is run. maketgz works fine on linux but fails on OSX. Problem is with
the sed commands that use option -i without an extension. Maketgz
expects GNU sed instead of BSD and this simply won't work on OSX. Adding
a backup extension .bak after -i fixes this issue

Running the script as if on OSX gives this error:

sed: -e: No such file or directory

Adding a .bak extension resolves it

Closes #2660

6 years agoconfigure: enhance ability to detect/build with static openssl
Daniel Stenberg [Thu, 14 Jun 2018 14:52:43 +0000 (16:52 +0200)]
configure: enhance ability to detect/build with static openssl

Fix the -ldl and -ldl + -lpthread checks for OpenSSL, necessary for
building with static libs without pkg-config.

Reported-by: Marcel Raad
Fixes #2199
Closes #2659