Daniel Stenberg [Fri, 21 Aug 2015 22:05:03 +0000 (00:05 +0200)]
configure: detect latest boringssl
Since boringssl brought back DES_set_odd_parity again, it cannot be used
to differentiate from boringssl. Using the OPENSSL_IS_BORINGSSL define
seems better anyway.
openssl: handle lack of server cert when strict checking disabled
If strict certificate checking is disabled (CURLOPT_SSL_VERIFYPEER
and CURLOPT_SSL_VERIFYHOST are disabled) do not fail if the server
doesn't present a certificate at all.
Daniel Stenberg [Fri, 21 Aug 2015 11:30:08 +0000 (13:30 +0200)]
ftp: clear the do_more bit when the server has connected
The multi state machine would otherwise go into the DO_MORE state after
DO, even for the case when the FTP state machine had already performed
those duties, which caused libcurl to get stuck in that state and fail
miserably. This occured for for active ftp uploads.
Marcel Raad [Tue, 18 Aug 2015 07:39:38 +0000 (09:39 +0200)]
inet_pton.c: Fix MSVC run-time check failure
Visual Studio complains with a message box:
"Run-Time Check Failure #1 - A cast to a smaller data type has caused a
loss of data. If this was intentional, you should mask the source of
the cast with the appropriate bitmask.
For example:
char c = (i & 0xFF);
Changing the code in this way will not affect the quality of the
resulting optimized code."
This is because only 'val' is cast to unsigned char, so the "& 0xff" has
no effect.
Jay Satiro [Tue, 18 Aug 2015 05:18:27 +0000 (01:18 -0400)]
docs: Update the redirect protocols disabled by default
- Clarify that FILE and SCP are disabled by default since 7.19.4
- Add that SMB and SMBS are disabled by default since 7.40.0
- Add CURLPROTO_SMBS to the list of protocols
Brad King [Fri, 14 Aug 2015 13:35:05 +0000 (15:35 +0200)]
cmake: Fix CurlTests check for gethostbyname_r with 5 arguments
Fix the check code to pass 5 arguments instead of 6. This typo was
introduced by commit aebfd4cfbf (cmake: fix gethostby{addr,name}_r in
CurlTests, 2014-10-31).
Anders Bakken [Tue, 11 Aug 2015 00:26:36 +0000 (17:26 -0700)]
http2: discard frames with no SessionHandle
Return 0 instead of NGHTTP2_ERR_CALLBACK_FAILURE if we can't locate the
SessionHandle. Apparently mod_h2 will sometimes send a frame for a
stream_id we're finished with.
Use nghttp2_session_get_stream_user_data and
nghttp2_session_set_stream_user_data to identify SessionHandles instead
of a hash.
Steve Holme [Sat, 8 Aug 2015 10:09:08 +0000 (11:09 +0100)]
scripts: Always perform setlocal and endlocal calls in pairs
Ensure that there isn't a mismatch between setlocal and endlocal calls,
which could have happened due to setlocal being called after certain
error conditions were checked for.
Jay Satiro [Thu, 6 Aug 2015 06:08:58 +0000 (02:08 -0400)]
build: Added wolfSSL build script for Visual Studio projects
Added the wolfSSL build script, based on build-openssl.bat, as well as
the property sheet and header file required for the upcoming additions
to the Visual Studio project files.
Isaac Boukris [Mon, 3 Aug 2015 23:20:23 +0000 (02:20 +0300)]
NTLM: handle auth for only a single request
Currently when the server responds with 401 on NTLM authenticated
connection (re-used) we consider it to have failed. However this is
legitimate and may happen when for example IIS is set configured to
'authPersistSingleRequest' or when the request goes thru a proxy (with
'via' header).
Implemented by imploying an additional state once a connection is
re-used to indicate that if we receive 401 we need to restart
authentication.
Daniel Stenberg [Sun, 2 Aug 2015 20:50:31 +0000 (22:50 +0200)]
SSH: three state machine fixups
The SSH state machine didn't clear the 'rc' variable appropriately in a
two places which prevented it from looping the way it should. And it
lacked an 'else' statement that made it possible to erroneously get
stuck in the SSH_AUTH_AGENT state.
Steve Holme [Sat, 1 Aug 2015 21:50:42 +0000 (22:50 +0100)]
win32: Fix compilation warnings from commit 40c921f8b8
connect.c:953:5: warning: initializer element is not computable at load
time
connect.c:953:5: warning: missing initializer for field 'dwMinorVersion'
of 'OSVERSIONINFOEX'
curl_sspi.c:97:5: warning: initializer element is not computable at load
time
curl_sspi.c:97:5: warning: missing initializer for field 'szCSDVersion'
of 'OSVERSIONINFOEX'
http: move HTTP/2 cleanup code off http_disconnect()
Otherwise it would never be called for an HTTP/2 connection, which has
its own disconnect handler.
I spotted this while debugging <https://bugzilla.redhat.com/1248389>
where the http_disconnect() handler was called on an FTP session handle
causing 'dnf' to crash. conn->data->req.protop of type (struct FTP *)
was reinterpreted as type (struct HTTP *) which resulted in SIGSEGV in
Curl_add_buffer_free() after printing the "Connection cache is full,
closing the oldest one." message.
A previously working version of libcurl started to crash after it was
recompiled with the HTTP/2 support despite the HTTP/2 protocol was not
actually used. This commit makes it work again although I suspect the
root cause (reinterpreting session handle data of incompatible protocol)
still has to be fixed. Otherwise the same will happen when mixing FTP
and HTTP/2 connections and exceeding the connection cache limit.
Reported-by: Tomas Tomecek
Bug: https://bugzilla.redhat.com/1248389