]> granicus.if.org Git - curl/log
curl
5 years agoAppVeyor: add classic MinGW build
Marcel Raad [Tue, 26 Feb 2019 16:38:14 +0000 (17:38 +0100)]
AppVeyor: add classic MinGW build

But use the MSYS2 shell rather than the default MSYS shell because of
POSIX path conversion issues. Classic MinGW is only available on the
Visual Studio 2015 image.

Closes https://github.com/curl/curl/pull/3623

5 years agoAppVeyor: add MinGW-w64 build
Marcel Raad [Wed, 10 Oct 2018 20:22:06 +0000 (22:22 +0200)]
AppVeyor: add MinGW-w64 build

Add a MinGW-w64 build using CMake's MSYS Makefiles generator.
Use the Visual Studio 2015 image as it has GCC 8, while the
Visual Studio 2017 image only has GCC 7.2.

Closes https://github.com/curl/curl/pull/3623

5 years agocookies: only save the cookie file if the engine is enabled
Daniel Stenberg [Tue, 26 Feb 2019 15:35:07 +0000 (16:35 +0100)]
cookies: only save the cookie file if the engine is enabled

Follow-up to 8eddb8f4259.

If the cookieinfo pointer is NULL there really is nothing to save.

Without this fix, we got a problem when a handle was using shared object
with cookies and is told to "FLUSH" it to file (which worked) and then
the share object was removed and when the easy handle was closed just
afterwards it has no cookieinfo and no cookies so it decided to save an
empty jar (overwriting the file just flushed).

Test 1905 now verifies that this works.

Assisted-by: Michael Wallner
Assisted-by: Marcel Raad
Closes #3621

5 years agocacertinmem.c: use multiple certificates for loading CA-chain
DaVieS [Mon, 31 Dec 2018 00:36:05 +0000 (01:36 +0100)]
cacertinmem.c: use multiple certificates for loading CA-chain

Closes #3421

5 years agourldata: convert bools to bitfields and move to end
Daniel Stenberg [Mon, 25 Feb 2019 10:17:53 +0000 (11:17 +0100)]
urldata: convert bools to bitfields and move to end

This allows the compiler to pack and align the structs better in
memory. For a rather feature-complete build on x86_64 Linux, gcc 8.1.2
makes the Curl_easy struct 4.9% smaller. From 6312 bytes to 6000.

Removed an unused struct field.

No functionality changes.

Closes #3610

5 years agocurl.h: use __has_declspec_attribute for shared builds
Don J Olmstead [Mon, 25 Feb 2019 22:17:51 +0000 (14:17 -0800)]
curl.h: use __has_declspec_attribute for shared builds

Closes #3616

5 years agocurl: display --version features sorted alphabetically
Daniel Stenberg [Mon, 25 Feb 2019 11:25:15 +0000 (12:25 +0100)]
curl: display --version features sorted alphabetically

Closes #3611

5 years agoruntests: detect "schannel" as an alias for "winssl"
Daniel Stenberg [Tue, 26 Feb 2019 13:01:30 +0000 (14:01 +0100)]
runtests: detect "schannel" as an alias for "winssl"

Follow-up to 180501cb02

Reported-by: Marcel Raad
Fixes #3609
Closes #3620

5 years agoAppVeyor: update to Visual Studio 2017
Marcel Raad [Sun, 24 Feb 2019 12:55:40 +0000 (13:55 +0100)]
AppVeyor: update to Visual Studio 2017

Switch all Visual Studio 2015 builds to Visual Studio 2017. It's not a
moving target anymore as the last update, Update 9, has been released.

Closes https://github.com/curl/curl/pull/3606

5 years agoAppVeyor: switch VS 2015 builds to VS 2017 image
Marcel Raad [Sun, 24 Feb 2019 12:50:05 +0000 (13:50 +0100)]
AppVeyor: switch VS 2015 builds to VS 2017 image

The Visual Studio 2017 image has Visual Studio 2015 and 2017 installed.

Closes https://github.com/curl/curl/pull/3606

5 years agoAppVeyor: explicitly select worker image
Marcel Raad [Sat, 23 Feb 2019 21:33:32 +0000 (22:33 +0100)]
AppVeyor: explicitly select worker image

Currently, we're using the default Visual Studio 2015 image for
everything.

Closes https://github.com/curl/curl/pull/3606

5 years agostrerror: make the strerror function use local buffers
Daniel Stenberg [Mon, 25 Feb 2019 17:12:51 +0000 (18:12 +0100)]
strerror: make the strerror function use local buffers

Instead of using a fixed 256 byte buffer in the connectdata struct.

In my build, this reduces the size of the connectdata struct by 11.8%,
from 2160 to 1904 bytes with no functionality or performance loss.

This also fixes a bug in schannel's Curl_verify_certificate where it
called Curl_sspi_strerror when it should have called Curl_strerror for
string from GetLastError. the only effect would have been no text or the
wrong text being shown for the error.

Co-authored-by: Jay Satiro
Closes #3612

5 years agocookies: fix NULL dereference if flushing cookies with no CookieInfo set
Michael Wallner [Mon, 25 Feb 2019 18:05:02 +0000 (19:05 +0100)]
cookies: fix NULL dereference if flushing cookies with no CookieInfo set

Regression brought by a52e46f3900fb0 (shipped in 7.63.0)

Closes #3613

5 years agoAppVeyor: re-enable test 500
Marcel Raad [Mon, 25 Feb 2019 20:20:19 +0000 (21:20 +0100)]
AppVeyor: re-enable test 500

It's passing now.

Closes https://github.com/curl/curl/pull/3615

5 years agoAppVeyor: remove redundant builds
Marcel Raad [Mon, 25 Feb 2019 20:03:13 +0000 (21:03 +0100)]
AppVeyor: remove redundant builds

Remove the Visual Studio 2012 and 2013 builds as they add little value.

Ref: https://github.com/curl/curl/pull/3606
Closes https://github.com/curl/curl/pull/3614

5 years agoRELEASE-NOTES: synced
Daniel Stenberg [Mon, 25 Feb 2019 22:19:32 +0000 (23:19 +0100)]
RELEASE-NOTES: synced

5 years agoOpenSSL: add support for TLS ASYNC state
Bernd Mueller [Wed, 20 Feb 2019 13:21:10 +0000 (14:21 +0100)]
OpenSSL: add support for TLS ASYNC state

Closes #3591

5 years agoacinclude: add additional libraries to check for LDAP support
Michael Felt [Thu, 21 Feb 2019 13:34:49 +0000 (13:34 +0000)]
acinclude: add additional libraries to check for LDAP support

- Add an additional check for LDAP that also checks for OpenSSL since
  on AIX those libraries may be required to link LDAP properly.

Fixes https://github.com/curl/curl/issues/3595
Closes https://github.com/curl/curl/pull/3596

5 years agoschannel: support CALG_ECDH_EPHEM algorithm
georgeok [Sun, 24 Feb 2019 18:20:57 +0000 (18:20 +0000)]
schannel: support CALG_ECDH_EPHEM algorithm

Add support for Ephemeral elliptic curve Diffie-Hellman key exchange
algorithm option when selecting ciphers. This became available on the
Win10 SDK.

Closes https://github.com/curl/curl/pull/3608

5 years agomulti: call multi_done on connect timeouts
Daniel Stenberg [Sun, 24 Feb 2019 15:32:04 +0000 (16:32 +0100)]
multi: call multi_done on connect timeouts

Failing to do so would make the CURLINFO_TOTAL_TIME timeout to not get
updated correctly and could end up getting reported to the application
completely wrong (way too small).

Reported-by: accountantM on github
Fixes #3602
Closes #3605

5 years agoexamples: remove recursive calls to curl_multi_socket_action
Daniel Stenberg [Fri, 22 Feb 2019 12:44:41 +0000 (13:44 +0100)]
examples: remove recursive calls to curl_multi_socket_action

From within the timer callbacks. Recursive is problematic for several
reasons. They should still work, but this way the examples and the
documentation becomes simpler. I don't think we need to encourage
recursive calls.

Discussed in #3537
Closes #3601

5 years agoconfigure: remove CURL_CHECK_FUNC_FDOPEN call
Marcel Raad [Sat, 23 Feb 2019 10:00:53 +0000 (11:00 +0100)]
configure: remove CURL_CHECK_FUNC_FDOPEN call

The macro itself has been removed in commit
11974ac859c5d82def59e837e0db56fef7f6794e.

Closes https://github.com/curl/curl/pull/3604

5 years agowolfssl: stop custom-adding curves
Daniel Stenberg [Fri, 22 Feb 2019 07:04:09 +0000 (08:04 +0100)]
wolfssl: stop custom-adding curves

since wolfSSL PR https://github.com/wolfSSL/wolfssl/pull/717 (shipped in
wolfSSL 3.10.2 and later) it sends these curves by default already.

Pointed-out-by: David Garske
Closes #3599

5 years agoconfigure: remove the unused fdopen macro
Daniel Stenberg [Fri, 22 Feb 2019 11:56:15 +0000 (12:56 +0100)]
configure: remove the unused fdopen macro

and the two remaining #ifdefs for it

Closes #3600

5 years agourl: change conn shutdown order to unlink data as last step
Jay Satiro [Thu, 21 Feb 2019 20:30:10 +0000 (15:30 -0500)]
url: change conn shutdown order to unlink data as last step

- Split off connection shutdown procedure from Curl_disconnect into new
  function conn_shutdown.

- Change the shutdown procedure to close the sockets before
  disassociating the transfer.

Prior to this change the sockets were closed after disassociating the
transfer so SOCKETFUNCTION wasn't called since the transfer was already
disassociated. That likely came about from recent work started in
Jan 2019 (#3442) to separate transfers from connections.

Bug: https://curl.haxx.se/mail/lib-2019-02/0101.html
Reported-by: Pavel Löbl
Closes https://github.com/curl/curl/issues/3597
Closes https://github.com/curl/curl/pull/3598

5 years agoFix strict-prototypes GCC warning
Marcel Raad [Fri, 22 Feb 2019 18:12:30 +0000 (19:12 +0100)]
Fix strict-prototypes GCC warning

As seen in the MinGW autobuilds. Caused by commit
f26bc29cfec0be84c67cf74065cf8e5e78fd68b7.

5 years agotests: Fixed XML validation errors in some test files.
Dan Fandrich [Thu, 21 Feb 2019 21:06:16 +0000 (22:06 +0100)]
tests: Fixed XML validation errors in some test files.

5 years agoTODO: Allow SAN names in HTTP/2 server push
Daniel Stenberg [Wed, 20 Feb 2019 07:44:21 +0000 (08:44 +0100)]
TODO: Allow SAN names in HTTP/2 server push

Suggested-by: Nicolas Grekas
5 years agoRELEASE-NOTES: synced
Daniel Stenberg [Wed, 20 Feb 2019 07:29:48 +0000 (08:29 +0100)]
RELEASE-NOTES: synced

5 years agocurl: remove MANUAL from -M output
Daniel Stenberg [Tue, 19 Feb 2019 09:02:27 +0000 (10:02 +0100)]
curl: remove MANUAL from -M output

... and remove it from the dist tarball. It has served its time, it
barely gets updated anymore and "everything curl" is now convering all
this document once tried to include, and does it more and better.

In the compressed scenario, this removes ~15K data from the binary,
which is 25% of the -M output.

It remains in the git repo for now for as long as the web site builds a
page using that as source. It renders poorly on the site (especially for
mobile users) so its not even good there.

Closes #3587

5 years agohttp2: verify :athority in push promise requests
Daniel Stenberg [Mon, 18 Feb 2019 08:10:01 +0000 (09:10 +0100)]
http2: verify :athority in push promise requests

RFC 7540 says we should verify that the push is for an "authoritative"
server. We make sure of this by only allowing push with an :athority
header that matches the host that was asked for in the URL.

Fixes #3577
Reported-by: Nicolas Grekas
Bug: https://curl.haxx.se/mail/lib-2019-02/0057.html
Closes #3581

5 years agosinglesocket: fix the 'sincebefore' placement
Daniel Stenberg [Tue, 19 Feb 2019 14:56:54 +0000 (15:56 +0100)]
singlesocket: fix the 'sincebefore' placement

The variable wasn't properly reset within the loop and thus could remain
set for sockets that hadn't been set before and miss notifying the app.

This is a follow-up to 4c35574 (shipped in curl 7.64.0)

Reported-by: buzo-ffm on github
Detected-by: Jan Alexander Steffens
Fixes #3585
Closes #3589

5 years agoconnection: never reuse CONNECT_ONLY conections
Daniel Stenberg [Mon, 18 Feb 2019 15:33:36 +0000 (16:33 +0100)]
connection: never reuse CONNECT_ONLY conections

and make CONNECT_ONLY conections never reuse any existing ones either.

Reported-by: Pavel Löbl
Bug: https://curl.haxx.se/mail/lib-2019-02/0064.html
Closes #3586

5 years agocli tool: fix mime post with --disable-libcurl-option configure option
Patrick Monnerat [Tue, 19 Feb 2019 16:08:58 +0000 (17:08 +0100)]
cli tool: fix mime post with --disable-libcurl-option configure option

Reported-by: Marcel Raad
Fixes #3576
Closes #3583

5 years agox509asn1: cleanup and unify code layout
Daniel Stenberg [Mon, 18 Feb 2019 11:28:35 +0000 (12:28 +0100)]
x509asn1: cleanup and unify code layout

- rename 'n' to buflen in functions, and use size_t for them. Don't pass
  in negative buffer lengths.

- move most function comments to above the function starts like we use
  to

- remove several unnecessary typecasts (especially of NULL)

Reviewed-by: Patrick Monnerat
Closes #3582

5 years agocurl_multi_remove_handle.3: use at any time, just not from within callbacks
Daniel Stenberg [Tue, 19 Feb 2019 10:22:29 +0000 (11:22 +0100)]
curl_multi_remove_handle.3: use at any time, just not from within callbacks

[ci skip]

5 years agohttp: make adding a blank header thread-safe
Daniel Stenberg [Mon, 18 Feb 2019 07:14:52 +0000 (08:14 +0100)]
http: make adding a blank header thread-safe

Previously the function would edit the provided header in-place when a
semicolon is used to signify an empty header. This made it impossible to
use the same set of custom headers in multiple threads simultaneously.

This approach now makes a local copy when it needs to edit the string.

Reported-by: d912e3 on github
Fixes #3578
Closes #3579

5 years agounit1651: survive curl_easy_init() fails
Daniel Stenberg [Mon, 18 Feb 2019 11:29:23 +0000 (12:29 +0100)]
unit1651: survive curl_easy_init() fails

5 years agorand: Fix a mismatch between comments in source and header.
Frank Gevaerts [Mon, 18 Feb 2019 19:01:23 +0000 (20:01 +0100)]
rand: Fix a mismatch between comments in source and header.

Reported-by: Björn Stenberg <bjorn@haxx.se>
Closes #3584

5 years agox509asn1: replace single char with an array
Patrick Monnerat [Mon, 18 Feb 2019 14:40:34 +0000 (15:40 +0100)]
x509asn1: replace single char with an array

Although safe in this context, using a single char as an array may
cause invalid accesses to adjacent memory locations.

Detected by Coverity.

5 years agoexamples/http2-serverpush: add some sensible error checks
Daniel Stenberg [Mon, 18 Feb 2019 08:07:34 +0000 (09:07 +0100)]
examples/http2-serverpush: add some sensible error checks

To avoid NULL pointer dereferences etc in the case of problems.

Closes #3580

5 years agoeasy: fix win32 init to work without CURL_GLOBAL_WIN32
Jay Satiro [Sat, 16 Feb 2019 23:55:40 +0000 (18:55 -0500)]
easy: fix win32 init to work without CURL_GLOBAL_WIN32

- Change the behavior of win32_init so that the required initialization
  procedures are not affected by CURL_GLOBAL_WIN32 flag.

libcurl via curl_global_init supports initializing for win32 with an
optional flag CURL_GLOBAL_WIN32, which if omitted was meant to stop
Winsock initialization. It did so internally by skipping win32_init()
when that flag was set. Since then win32_init() has been expanded to
include required initialization routines that are separate from
Winsock and therefore must be called in all cases. This commit fixes
it so that CURL_GLOBAL_WIN32 only controls the optional win32
initialization (which is Winsock initialization, according to our doc).

The only users affected by this change are those that don't pass
CURL_GLOBAL_WIN32 to curl_global_init. For them this commit removes the
risk of a potential crash.

Ref: https://github.com/curl/curl/pull/3573

Fixes https://github.com/curl/curl/issues/3313
Closes https://github.com/curl/curl/pull/3575

5 years agocookie: Add support for cookie prefixes
Daniel Gustafsson [Sat, 16 Feb 2019 23:09:30 +0000 (00:09 +0100)]
cookie: Add support for cookie prefixes

The draft-ietf-httpbis-rfc6265bis-02 draft, specify a set of prefixes
and how they should affect cookie initialization, which has been
adopted by the major browsers. This adds support for the two prefixes
defined, __Host- and __Secure, and updates the testcase with the
supplied examples from the draft.

Closes #3554
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
5 years agombedtls: release sessionid resources on error
Daniel Gustafsson [Sat, 16 Feb 2019 21:30:31 +0000 (22:30 +0100)]
mbedtls: release sessionid resources on error

If mbedtls_ssl_get_session() fails, it may still have allocated
memory that needs to be freed to avoid leaking. Call the library
API function to release session resources on this errorpath as
well as on Curl_ssl_addsessionid() errors.

Closes: #3574
Reported-by: Michał Antoniak <M.Antoniak@posnet.com>
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
5 years agocli tool: refactor encoding conversion sequence for switch case fallthrough.
Patrick Monnerat [Sat, 16 Feb 2019 01:04:24 +0000 (02:04 +0100)]
cli tool: refactor encoding conversion sequence for switch case fallthrough.

5 years agoversion.c: silent scan-build even when librtmp is not enabled
Patrick Monnerat [Fri, 15 Feb 2019 19:19:00 +0000 (20:19 +0100)]
version.c: silent scan-build even when librtmp is not enabled

5 years agoRELEASE-NOTES: synced
Daniel Stenberg [Fri, 15 Feb 2019 22:33:47 +0000 (23:33 +0100)]
RELEASE-NOTES: synced

5 years agoCurl_now: figure out windows version in win32_init
Daniel Stenberg [Thu, 14 Feb 2019 16:08:29 +0000 (17:08 +0100)]
Curl_now: figure out windows version in win32_init

... and avoid use of static variables that aren't thread safe.

Fixes regression from e9ababd4f5a (present in the 7.64.0 release)

Reported-by: Paul Groke
Fixes #3572
Closes #3573

5 years agounit1307: just fail without FTP support
Marcel Raad [Thu, 14 Feb 2019 08:35:54 +0000 (09:35 +0100)]
unit1307: just fail without FTP support

I missed to check this in with commit
71786c0505926aaf7e9b2477b2fb7ee16a915ec6, which only disabled the test.
This fixes the actual linker error.

Closes https://github.com/curl/curl/pull/3568

5 years agotravis: enable valgrind for the iconv tests too
Daniel Stenberg [Thu, 14 Feb 2019 15:13:27 +0000 (16:13 +0100)]
travis: enable valgrind for the iconv tests too

Closes #3571

5 years agotravis: add scan-build
Daniel Stenberg [Mon, 20 Nov 2017 22:31:05 +0000 (23:31 +0100)]
travis: add scan-build

Closes #3564

5 years agoexamples/sftpuploadresume: Value stored to 'result' is never read
Daniel Stenberg [Thu, 14 Feb 2019 11:30:25 +0000 (12:30 +0100)]
examples/sftpuploadresume: Value stored to 'result' is never read

Detected by scan-build

5 years agoexamples/http2-upload: cleaned up
Daniel Stenberg [Thu, 14 Feb 2019 11:28:23 +0000 (12:28 +0100)]
examples/http2-upload: cleaned up

Fix scan-build warnings, no globals, no silly handle scan. Also remove
handles from the multi before cleaning up.

5 years agoexamples/http2-download: cleaned up
Daniel Stenberg [Thu, 14 Feb 2019 11:19:40 +0000 (12:19 +0100)]
examples/http2-download: cleaned up

To avoid scan-build warnings and global variables.

5 years agoexamples/postinmemory: Potential leak of memory pointed to by 'chunk.memory'
Daniel Stenberg [Thu, 14 Feb 2019 10:53:02 +0000 (11:53 +0100)]
examples/postinmemory: Potential leak of memory pointed to by 'chunk.memory'

Detected by scan-build

5 years agoexamples/httpcustomheader: Value stored to 'res' is never read
Daniel Stenberg [Thu, 14 Feb 2019 10:50:12 +0000 (11:50 +0100)]
examples/httpcustomheader: Value stored to 'res' is never read

Detected by scan-build

5 years agoexamples: remove superfluous null-pointer checks
Daniel Stenberg [Thu, 14 Feb 2019 10:48:43 +0000 (11:48 +0100)]
examples: remove superfluous null-pointer checks

in ftpget, ftpsget and sftpget, so that scan-build stops warning for
potential NULL pointer dereference below!

Detected by scan-build

5 years agostrip_trailing_dot: make sure NULL is never used for strlen
Daniel Stenberg [Wed, 13 Feb 2019 12:20:41 +0000 (13:20 +0100)]
strip_trailing_dot: make sure NULL is never used for strlen

scan-build warning: Null pointer passed as an argument to a 'nonnull'
parameter

5 years agoconnection_check: restore original conn->data after the check
Jay Satiro [Tue, 12 Feb 2019 04:00:00 +0000 (23:00 -0500)]
connection_check: restore original conn->data after the check

- Save the original conn->data before it's changed to the specified
  data transfer for the connection check and then restore it afterwards.

This is a follow-up to 38d8e1b 2019-02-11.

History:

It was discovered a month ago that before checking whether to extract a
dead connection that that connection should be associated with a "live"
transfer for the check (ie original conn->data ignored and set to the
passed in data). A fix was landed in 54b201b which did that and also
cleared conn->data after the check. The original conn->data was not
restored, so presumably it was thought that a valid conn->data was no
longer needed.

Several days later it was discovered that a valid conn->data was needed
after the check and follow-up fix was landed in bbae24c which partially
reverted the original fix and attempted to limit the scope of when
conn->data was changed to only when pruning dead connections. In that
case conn->data was not cleared and the original conn->data not
restored.

A month later it was discovered that the original fix was somewhat
correct; a "live" transfer is needed for the check in all cases
because original conn->data could be null which could cause a bad deref
at arbitrary points in the check. A fix was landed in 38d8e1b which
expanded the scope to all cases. conn->data was not cleared and the
original conn->data not restored.

A day later it was discovered that not restoring the original conn->data
may lead to busy loops in applications that use the event interface, and
given this observation it's a pretty safe assumption that there is some
code path that still needs the original conn->data. This commit is the
follow-up fix for that, it restores the original conn->data after the
connection check.

Assisted-by: tholin@users.noreply.github.com
Reported-by: tholin@users.noreply.github.com
Fixes https://github.com/curl/curl/issues/3542
Closes #3559

5 years agomemdebug: bring back curl_mark_sclose
Daniel Stenberg [Thu, 14 Feb 2019 16:34:55 +0000 (17:34 +0100)]
memdebug: bring back curl_mark_sclose

Used by debug builds with NSS.

Reverted from 05b100aee247bb

5 years agotransfer.c: do not compute length of undefined hex buffer.
Patrick Monnerat [Thu, 14 Feb 2019 15:03:24 +0000 (16:03 +0100)]
transfer.c: do not compute length of undefined hex buffer.

On non-ascii platforms, the chunked hex header was measured for char code
conversion length, even for chunked trailers that do not have an hex header.
In addition, the efective length is already known: use it.
Since the hex length can be zero, only convert if needed.

Reported by valgrind.

5 years agoKNOWN_BUGS: Cannot compile against a static build of OpenLDAP
Daniel Stenberg [Thu, 14 Feb 2019 14:36:43 +0000 (15:36 +0100)]
KNOWN_BUGS: Cannot compile against a static build of OpenLDAP

Closes #2367

5 years agox509asn1: "Dereference of null pointer"
Patrick Monnerat [Thu, 14 Feb 2019 13:54:01 +0000 (14:54 +0100)]
x509asn1: "Dereference of null pointer"

Detected by scan-build (false positive).

5 years agoconfigure: show features as well in the final summary
Daniel Stenberg [Thu, 14 Feb 2019 10:45:49 +0000 (11:45 +0100)]
configure: show features as well in the final summary

Closes #3569

5 years agoKNOWN_BUGS: curl compiled on OSX 10.13 failed to run on OSX 10.10
Daniel Stenberg [Thu, 14 Feb 2019 09:49:22 +0000 (10:49 +0100)]
KNOWN_BUGS: curl compiled on OSX 10.13 failed to run on OSX 10.10

Closes #2905

5 years agoKNOWN_BUGS: Deflate error after all content was received
Daniel Stenberg [Thu, 14 Feb 2019 09:46:18 +0000 (10:46 +0100)]
KNOWN_BUGS: Deflate error after all content was received

Closes #2719

5 years agogssapi: fix deprecated header warnings
Daniel Stenberg [Wed, 13 Feb 2019 12:48:18 +0000 (13:48 +0100)]
gssapi: fix deprecated header warnings

Heimdal includes on FreeBSD spewed out lots of them. Less so now.

Closes #3566

5 years agoTODO: Upgrade to websockets
Daniel Stenberg [Thu, 14 Feb 2019 07:30:49 +0000 (08:30 +0100)]
TODO: Upgrade to websockets

Closes #3523

5 years agoTODO: cmake test suite improvements
Daniel Stenberg [Thu, 14 Feb 2019 07:09:31 +0000 (08:09 +0100)]
TODO: cmake test suite improvements

Closes #3109

5 years agocurl: "Dereference of null pointer"
Patrick Monnerat [Wed, 13 Feb 2019 17:44:17 +0000 (18:44 +0100)]
curl: "Dereference of null pointer"

Rephrase to satisfy scan-build.

5 years agounit1307: require FTP support
Marcel Raad [Wed, 13 Feb 2019 07:35:15 +0000 (08:35 +0100)]
unit1307: require FTP support

This test doesn't link without FTP support after
fc7ab4835b5fd09d0a6f57000633bb6bb6edfda1, which made Curl_fnmatch
unavailable without FTP support.

Closes https://github.com/curl/curl/pull/3565

5 years agoTODO: TFO support on Windows
Daniel Stenberg [Wed, 13 Feb 2019 07:28:28 +0000 (08:28 +0100)]
TODO: TFO support on Windows

Nobody works on this now.

Closes #3378

5 years agomulti: Dereference of null pointer
Daniel Stenberg [Tue, 12 Feb 2019 15:38:57 +0000 (16:38 +0100)]
multi: Dereference of null pointer

Mostly a false positive, but this makes the code easier to read anyway.

Detected by scan-build.

Closes #3563

5 years agourlglob: Argument with 'nonnull' attribute passed null
Daniel Stenberg [Tue, 12 Feb 2019 15:15:12 +0000 (16:15 +0100)]
urlglob: Argument with 'nonnull' attribute passed null

Detected by scan-build.

5 years agoschannel: restore some debug output but only for debug builds
Jay Satiro [Wed, 13 Feb 2019 00:54:08 +0000 (19:54 -0500)]
schannel: restore some debug output but only for debug builds

Follow-up to 84c10dc from earlier today which wrapped a lot of the noisy
debug output in DEBUGF but omitted a few lines.

Ref: https://github.com/curl/curl/commit/84c10dc#r32292900

5 years agoexamples/crawler: Fix the Accept-Encoding setting
Jay Satiro [Tue, 12 Feb 2019 23:07:29 +0000 (18:07 -0500)]
examples/crawler: Fix the Accept-Encoding setting

- Pass an empty string to CURLOPT_ACCEPT_ENCODING to use the default
  supported encodings.

Prior to this change the specific encodings of gzip and deflate were set
but there's no guarantee they'd be supported by the user's libcurl.

5 years agomime: put the boundary buffer into the curl_mime struct
Daniel Stenberg [Tue, 12 Feb 2019 13:30:25 +0000 (14:30 +0100)]
mime: put the boundary buffer into the curl_mime struct

... instead of allocating it separately and point to it. It is
fixed-size and always used for each part.

Closes #3561

5 years agoschannel: be quiet
Daniel Stenberg [Mon, 11 Feb 2019 11:09:45 +0000 (12:09 +0100)]
schannel: be quiet

Convert numerous infof() calls into debug-build only messages since they
are annoyingly verbose for regular applications. Removed a few.

Bug: https://curl.haxx.se/mail/lib-2019-02/0027.html
Reported-by: Volker Schmid
Closes #3552

5 years agoCurl_resolv: fix a gcc -Werror=maybe-uninitialized warning
Romain Geissler [Tue, 12 Feb 2019 17:43:55 +0000 (17:43 +0000)]
Curl_resolv: fix a gcc -Werror=maybe-uninitialized warning

Closes #3562

5 years agohttp2: multi_connchanged() moved from multi.c, only used for h2
Daniel Stenberg [Mon, 11 Feb 2019 16:25:48 +0000 (17:25 +0100)]
http2: multi_connchanged() moved from multi.c, only used for h2

Closes #3557

5 years agocurl: "Function call argument is an uninitialized value"
Daniel Stenberg [Tue, 12 Feb 2019 09:09:09 +0000 (10:09 +0100)]
curl: "Function call argument is an uninitialized value"

Follow-up to cac0e4a6ad14b42471eb

Detected by scan-build
Closes #3560

5 years agopretransfer: don't strlen() POSTFIELDS set for GET requests
Daniel Stenberg [Mon, 11 Feb 2019 08:17:07 +0000 (09:17 +0100)]
pretransfer: don't strlen() POSTFIELDS set for GET requests

... since that data won't be used in the request anyway.

Fixes #3548
Reported-by: Renaud Allard
Close #3549

5 years agomulti: remove verbose "Expire in" ... messages
Daniel Stenberg [Mon, 11 Feb 2019 21:57:33 +0000 (22:57 +0100)]
multi: remove verbose "Expire in" ... messages

Reported-by: James Brown
Bug: https://curl.haxx.se/mail/archive-2019-02/0013.html
Closes #3558

5 years agombedtls: make it build even if MBEDTLS_VERSION_C isn't set
Daniel Stenberg [Mon, 11 Feb 2019 13:30:23 +0000 (14:30 +0100)]
mbedtls: make it build even if MBEDTLS_VERSION_C isn't set

Reported-by: MAntoniak on github
Fixes #3553
Closes #3556

5 years agonon-ascii.c: fix typos in comments
Daniel Gustafsson [Tue, 12 Feb 2019 09:23:31 +0000 (10:23 +0100)]
non-ascii.c: fix typos in comments

Fix two occurrences of s/convers/converts/ spotted while reading code.

5 years agofnmatch: disable if FTP is disabled
Daniel Stenberg [Thu, 7 Feb 2019 10:35:26 +0000 (11:35 +0100)]
fnmatch: disable if FTP is disabled

Closes #3551

5 years agocurl_path: only enabled for SSH builds
Daniel Stenberg [Thu, 7 Feb 2019 14:28:23 +0000 (15:28 +0100)]
curl_path: only enabled for SSH builds

5 years agotests: add stderr comparison to the test suite
Frank Gevaerts [Fri, 8 Feb 2019 09:55:45 +0000 (10:55 +0100)]
tests: add stderr comparison to the test suite

The code is more or less copied from the stdout comparison code, maybe
some better reuse is possible.

test 1457 is adjusted to make the output actually match (by using --silent)
test 506 used <stderr> without actually needing it, so that <stderr> block is removed

Closes #3536

5 years agocli tool: do not use mime.h private structures.
Patrick Monnerat [Mon, 11 Feb 2019 18:10:41 +0000 (19:10 +0100)]
cli tool: do not use mime.h private structures.

Option -F generates an intermediate representation of the mime structure
that is used later to create the libcurl mime structure and generate
the --libcurl statements.

Reported-by: Daniel Stenberg
Fixes #3532
Closes #3546

5 years agocurlver: bump to 7.64.1-dev
Daniel Stenberg [Mon, 11 Feb 2019 17:15:13 +0000 (18:15 +0100)]
curlver: bump to 7.64.1-dev

5 years agoRELEASE-NOTES: synced
Daniel Stenberg [Mon, 11 Feb 2019 17:09:33 +0000 (18:09 +0100)]
RELEASE-NOTES: synced

and bump the version in progress to 7.64.1. If we merge any "change"
before the cut-off date, we update again.

5 years agocurl: follow-up to 3f16990ec84
Daniel Gustafsson [Mon, 11 Feb 2019 13:22:36 +0000 (14:22 +0100)]
curl: follow-up to 3f16990ec84

Commit 3f16990ec84cc4b followed-up a bug in b49652ac66cc0 but was
inadvertently introducing a new bug in the ternary expression.

Close #3555
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
5 years agodns: release sharelock as soon as possible
Daniel Gustafsson [Mon, 11 Feb 2019 12:34:11 +0000 (13:34 +0100)]
dns: release sharelock as soon as possible

There is no benefit to holding the data sharelock when freeing the
addrinfo in case it fails, so ensure releaseing it as soon as we can
rather than holding on to it. This also aligns the code with other
consumers of sharelocks.

Closes #3516
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
5 years agocurl: follow-up to b49652ac66cc0
Daniel Stenberg [Mon, 11 Feb 2019 11:17:31 +0000 (12:17 +0100)]
curl: follow-up to b49652ac66cc0

On FreeBSD, return non-zero on error otherwise zero.

Reported-by: Marcel Raad
5 years agomulti: (void)-prefix when ignoring return values
Daniel Stenberg [Thu, 7 Feb 2019 09:40:27 +0000 (10:40 +0100)]
multi: (void)-prefix when ignoring return values

... and added braces to two function calls which fixes warnings if they
are replace by empty macros at build-time.

5 years agocurl: fix FreeBSD compiler warning in the --xattr code
Daniel Stenberg [Mon, 11 Feb 2019 09:09:18 +0000 (10:09 +0100)]
curl: fix FreeBSD compiler warning in the --xattr code

Closes #3550

5 years agoconnection_check: set ->data to the transfer doing the check
Daniel Stenberg [Mon, 11 Feb 2019 06:56:00 +0000 (07:56 +0100)]
connection_check: set ->data to the transfer doing the check

The http2 code for connection checking needs a transfer to use. Make
sure a working one is set before handler->connection_check() is called.

Reported-by: jnbr on github
Fixes #3541
Closes #3547

5 years agohostip: make create_hostcache_id avoid alloc + free
Daniel Stenberg [Sat, 9 Feb 2019 23:10:18 +0000 (00:10 +0100)]
hostip: make create_hostcache_id avoid alloc + free

Closes #3544

5 years agoscripts/singleuse: script to use to track single-use functions
Daniel Stenberg [Fri, 8 Feb 2019 11:08:42 +0000 (12:08 +0100)]
scripts/singleuse: script to use to track single-use functions

That is functions that are declared global but are not used from outside
of the file in which it is declared. Such functions should be made
static or even at times be removed.

It also verifies that all used curl_ prefixed functions are "blessed"

Closes #3538

5 years agocleanup: make local functions static
Daniel Stenberg [Fri, 8 Feb 2019 08:33:42 +0000 (09:33 +0100)]
cleanup: make local functions static

urlapi: turn three local-only functions into statics

conncache: make conncache_find_first_connection static

multi: make detach_connnection static

connect: make getaddressinfo static

curl_ntlm_core: make hmac_md5 static

http2: make two functions static

http: make http_setup_conn static

connect: make tcpnodelay static

tests: make UNITTEST a thing to mark functions with, so they can be static for
normal builds and non-static for unit test builds

... and mark Curl_shuffle_addr accordingly.

url: make up_free static

setopt: make vsetopt static

curl_endian: make write32_le static

rtsp: make rtsp_connisdead static

warnless: remove unused functions

memdebug: remove one unused function, made another static