]> granicus.if.org Git - curl/log
curl
5 years agotests: Fixed XML validation errors in some test files.
Dan Fandrich [Sun, 24 Mar 2019 14:19:50 +0000 (15:19 +0100)]
tests: Fixed XML validation errors in some test files.

5 years agotests: Fix some incorrect precheck error messages.
Dan Fandrich [Sun, 24 Mar 2019 12:02:05 +0000 (13:02 +0100)]
tests: Fix some incorrect precheck error messages.

[ci skip]

5 years agocurl_url.3: this is not experimental anymore
Daniel Stenberg [Fri, 22 Mar 2019 17:33:06 +0000 (18:33 +0100)]
curl_url.3: this is not experimental anymore

5 years agotravis: bump the used wolfSSL version to 4.0.0
Daniel Stenberg [Fri, 22 Mar 2019 09:59:51 +0000 (10:59 +0100)]
travis: bump the used wolfSSL version to 4.0.0

Test 311 is now fine, leaving only 313 (CRL) disabled.

Test 313 details can be found here:
https://github.com/wolfSSL/wolfssl/issues/1546

Closes #3697

5 years agolib: Fix typos in comments
Daniel Gustafsson [Fri, 22 Mar 2019 10:38:11 +0000 (11:38 +0100)]
lib: Fix typos in comments

5 years agoopenssl: if cert type is ENG and no key specified, key is ENG too
David Woodhouse [Wed, 20 Mar 2019 20:10:44 +0000 (13:10 -0700)]
openssl: if cert type is ENG and no key specified, key is ENG too

Fixes #3692
Closes #3692

5 years agosectransp: tvOS 11 is required for ALPN support
Daniel Stenberg [Tue, 19 Mar 2019 09:19:40 +0000 (10:19 +0100)]
sectransp: tvOS 11 is required for ALPN support

Reported-by: nianxuejie on github
Assisted-by: Nick Zitzmann
Assisted-by: Jay Satiro
Fixes #3689
Closes #3690

5 years agotest1541: threaded connection sharing
Daniel Stenberg [Sun, 17 Mar 2019 22:37:35 +0000 (23:37 +0100)]
test1541: threaded connection sharing

The threaded-shared-conn.c example turned into test case. Only works if
pthread was detected.

An attempt to detect future regressions such as e3a53e3efb942a5

Closes #3687

5 years agoos400: alt-svc support.
Patrick Monnerat [Sun, 17 Mar 2019 17:54:36 +0000 (18:54 +0100)]
os400: alt-svc support.

Although experimental, enable it in the platform config file.
Upgrade ILE/RPG binding.

5 years agoconncache: use conn->data to know if a transfer owns it
Daniel Stenberg [Sat, 16 Mar 2019 23:49:21 +0000 (00:49 +0100)]
conncache: use conn->data to know if a transfer owns it

- make sure an already "owned" connection isn't returned unless
  multiplexed.

- clear ->data when returning the connection to the cache again

Regression since 7.62.0 (probably in commit 1b76c38904f0)

Bug: https://curl.haxx.se/mail/lib-2019-03/0064.html

Closes #3686

5 years agoRELEASE-NOTES: synced
Daniel Stenberg [Fri, 15 Mar 2019 10:00:24 +0000 (11:00 +0100)]
RELEASE-NOTES: synced

5 years agoconfigure: add --with-amissl
Chris Young [Fri, 8 Mar 2019 00:06:59 +0000 (00:06 +0000)]
configure: add --with-amissl

AmiSSL is an Amiga native library which provides a wrapper over OpenSSL.
It also requires all programs using it to use bsdsocket.library
directly, rather than accessing socket functions through clib, which
libcurl was not necessarily doing previously. Configure will now check
for the headers and ensure they are included if found.

Closes #3677

5 years agovtls: rename some of the SSL functions
Chris Young [Tue, 12 Mar 2019 22:50:28 +0000 (22:50 +0000)]
vtls: rename some of the SSL functions

... in the SSL structure as AmiSSL is using macros for the socket API
functions.

5 years agotool_getpass: termios.h is present on AmigaOS 3, but no tcgetattr/tcsetattr
Chris Young [Sun, 10 Mar 2019 22:49:31 +0000 (22:49 +0000)]
tool_getpass: termios.h is present on AmigaOS 3, but no tcgetattr/tcsetattr

5 years agotool_operate: build on AmigaOS
Chris Young [Sun, 10 Mar 2019 16:13:40 +0000 (16:13 +0000)]
tool_operate: build on AmigaOS

5 years agomakefile: make checksrc and hugefile commands "silent"
Daniel Stenberg [Thu, 14 Mar 2019 09:40:38 +0000 (10:40 +0100)]
makefile: make checksrc and hugefile commands "silent"

... to match the style already used for compiling, linking
etc. Acknowledges 'make V=1' to enable verbose.

Closes #3681

5 years agocurl.1: --user and --proxy-user are hidden from ps output
Daniel Stenberg [Thu, 14 Mar 2019 10:49:35 +0000 (11:49 +0100)]
curl.1: --user and --proxy-user are hidden from ps output

Suggested-by: Eric Curtin
Improved-by: Dan Fandrich
Ref: #3680

Closes #3683

5 years agocurl.1: mark the argument to --cookie as <data|filename>
Daniel Stenberg [Thu, 14 Mar 2019 09:54:10 +0000 (10:54 +0100)]
curl.1: mark the argument to --cookie as <data|filename>

From a discussion in #3676

Suggested-by: Tim Rühsen
Closes #3682

5 years agofuzzer: Only clone the latest fuzzer code, for speed.
Dan Fandrich [Thu, 14 Mar 2019 13:03:16 +0000 (14:03 +0100)]
fuzzer: Only clone the latest fuzzer code, for speed.

5 years agoNegotiate: fix for HTTP POST with Negotiate
Dominik Hölzl [Mon, 10 Sep 2018 07:18:01 +0000 (09:18 +0200)]
Negotiate: fix for HTTP POST with Negotiate

* Adjusted unit tests 2056, 2057
* do not generally close connections with CURLAUTH_NEGOTIATE after every request
* moved negotiatedata from UrlState to connectdata
* Added stream rewind logic for CURLAUTH_NEGOTIATE
* introduced negotiatedata::GSS_AUTHDONE and negotiatedata::GSS_AUTHSUCC
* Consider authproblem state for CURLAUTH_NEGOTIATE
* Consider reuse_forbid for CURLAUTH_NEGOTIATE
* moved and adjusted negotiate authentication state handling from
  output_auth_headers into Curl_output_negotiate
* Curl_output_negotiate: ensure auth done is always set
* Curl_output_negotiate: Set auth done also if result code is
  GSS_S_CONTINUE_NEEDED/SEC_I_CONTINUE_NEEDED as this result code may
  also indicate the last challenge request (only works with disabled
  Expect: 100-continue and CURLOPT_KEEP_SENDING_ON_ERROR -> 1)
* Consider "Persistent-Auth" header, detect if not present;
  Reset/Cleanup negotiate after authentication if no persistent
  authentication
* apply changes introduced with #2546 for negotiate rewind logic

Fixes #1261
Closes #1975

5 years agohttp: send payload when (proxy) authentication is done
Marc Schlatter [Mon, 11 Mar 2019 16:15:34 +0000 (17:15 +0100)]
http: send payload when (proxy) authentication is done

The check that prevents payload from sending in case of authentication
doesn't check properly if the authentication is done or not.

They're cases where the proxy respond "200 OK" before sending
authentication challenge. This change takes care of that.

Fixes #2431
Closes #3669

5 years agofile: fix "Checking if unsigned variable 'readcount' is less than zero."
Daniel Stenberg [Tue, 12 Mar 2019 09:03:21 +0000 (10:03 +0100)]
file: fix "Checking if unsigned variable 'readcount' is less than zero."

Pointed out by codacy

Closes #3672

5 years agomemdebug: log pointer before freeing its data
Daniel Stenberg [Tue, 12 Mar 2019 07:37:18 +0000 (08:37 +0100)]
memdebug: log pointer before freeing its data

Coverity warned for two potentional "Use after free" cases. Both are false
positives because the memory wasn't used, it was only the actual pointer
value that was logged.

The fix still changes the order of execution to avoid the warnings.

Coverity CID 1443033 and 1443034

Closes #3671

5 years agoRELEASE-NOTES: synced
Daniel Stenberg [Tue, 12 Mar 2019 08:05:11 +0000 (09:05 +0100)]
RELEASE-NOTES: synced

5 years agotravis: actually use updated compiler versions
Marcel Raad [Sat, 9 Mar 2019 20:15:18 +0000 (21:15 +0100)]
travis: actually use updated compiler versions

For the Linux builds, GCC 8 and 7 and clang 7 were installed, but the
new GCC versions were only used for the coverage build and for building
nghttp2, while the new clang version was not used at all.

BoringSSL needs to use the default GCC as it respects CC, but not CXX,
so it would otherwise pass gcc 8 options to g++ 4.8 and fail.

Also remove GCC 7, it's not needed anymore.

Ref: https://docs.travis-ci.com/user/languages/c/#c11c11-and-beyond-and-toolchain-versioning

Closes https://github.com/curl/curl/pull/3670

5 years agotravis: update clang to version 7
Marcel Raad [Fri, 8 Mar 2019 20:32:07 +0000 (21:32 +0100)]
travis: update clang to version 7

Closes https://github.com/curl/curl/pull/3670

5 years agoexamples/externalsocket: add missing close socket calls
Andre Guibert de Bruet [Mon, 11 Mar 2019 03:15:15 +0000 (23:15 -0400)]
examples/externalsocket: add missing close socket calls

.. and for Windows also call WSACleanup since we call WSAStartup.

The example is to demonstrate handling the socket independently of
libcurl. In this case libcurl is not responsible for creating, opening
or closing the socket, it is handled by the application (our example).

Fixes https://github.com/curl/curl/pull/3663

5 years agomulti: removed unused code for request retries
Daniel Stenberg [Mon, 11 Mar 2019 10:49:09 +0000 (11:49 +0100)]
multi: removed unused code for request retries

This code was once used for the non multi-interface using code path, but
ever since easy_perform was turned into a wrapper around the multi
interface, this code path never runs.

Closes #3666

5 years agodoh: inherit some SSL options from user's easy handle
Jay Satiro [Sat, 9 Mar 2019 08:16:33 +0000 (03:16 -0500)]
doh: inherit some SSL options from user's easy handle

- Inherit SSL options for the doh handle but not SSL client certs,
  SSL ALPN/NPN, SSL engine, SSL version, SSL issuer cert,
  SSL pinned public key, SSL ciphers, SSL id cache setting,
  SSL kerberos or SSL gss-api settings.

- Fix inheritance of verbose setting.

- Inherit NOSIGNAL.

There is no way for the user to set options for the doh (DNS-over-HTTPS)
handles and instead we inherit some options from the user's easy handle.

My thinking for the SSL options not inherited is they are most likely
not intended by the user for the DOH transfer. I did inherit insecure
because I think that should still be in control of the user.

Prior to this change doh did not work for me because CAINFO was not
inherited. Also verbose was set always which AFAICT was a bug (#3660).

Fixes https://github.com/curl/curl/issues/3660
Closes https://github.com/curl/curl/pull/3661

5 years agotest331: verify set-cookie for dotless host name
Daniel Stenberg [Fri, 8 Mar 2019 15:58:01 +0000 (16:58 +0100)]
test331: verify set-cookie for dotless host name

Reproduced bug #3649
Closes #3659

5 years agoRevert "cookies: extend domain checks to non psl builds"
Daniel Stenberg [Fri, 8 Mar 2019 15:55:27 +0000 (16:55 +0100)]
Revert "cookies: extend domain checks to non psl builds"

This reverts commit 3773de378d48b06c09931e44dca4d274d0bfdce0.

Regression shipped in 7.64.0
Fixes #3649

5 years agomemdebug: make debug-specific functions use curl_dbg_ prefix
Daniel Stenberg [Fri, 8 Mar 2019 09:47:29 +0000 (10:47 +0100)]
memdebug: make debug-specific functions use curl_dbg_ prefix

To not "collide" or use up the regular curl_ name space. Also makes them
easier to detect in helper scripts.

Closes #3656

5 years agocmdline-opts/proxytunnel.d: the option tunnnels all protocols
Daniel Stenberg [Fri, 8 Mar 2019 15:45:34 +0000 (16:45 +0100)]
cmdline-opts/proxytunnel.d: the option tunnnels all protocols

Clarify the language and simplify.

Reported-by: Daniel Lublin
Closes #3658

5 years agoKNOWN_BUGS: Client cert (MTLS) issues with Schannel
Daniel Stenberg [Thu, 7 Mar 2019 12:14:51 +0000 (13:14 +0100)]
KNOWN_BUGS: Client cert (MTLS) issues with Schannel

Closes #3145

5 years agoROADMAP: updated to some more current things to work on
Daniel Stenberg [Wed, 6 Mar 2019 23:00:30 +0000 (00:00 +0100)]
ROADMAP: updated to some more current things to work on

5 years agotests: fix multiple may be used uninitialized warnings
Daniel Stenberg [Tue, 5 Mar 2019 12:51:30 +0000 (13:51 +0100)]
tests: fix multiple may be used uninitialized warnings

5 years agoRELEASE-NOTES: synced
Daniel Stenberg [Tue, 5 Mar 2019 12:24:54 +0000 (13:24 +0100)]
RELEASE-NOTES: synced

5 years agosource: fix two 'nread' may be used uninitialized warnings
Daniel Stenberg [Tue, 5 Mar 2019 08:37:53 +0000 (09:37 +0100)]
source: fix two 'nread' may be used uninitialized warnings

Both seem to be false positives but we don't like warnings.

Closes #3646

5 years agogopher: remove check for path == NULL
Daniel Stenberg [Mon, 4 Mar 2019 11:22:51 +0000 (12:22 +0100)]
gopher: remove check for path == NULL

Since it can't be NULL and it makes Coverity believe we lack proper NULL
checks. Verified by test 659, landed in commit 15401fa886b.

Pointed out by Coverity CID 1442746.

Assisted-by: Dan Fandrich
Fixes #3617
Closes #3642

5 years agoexamples: only include <curl/curl.h>
Daniel Stenberg [Mon, 4 Mar 2019 15:27:22 +0000 (16:27 +0100)]
examples: only include <curl/curl.h>

That's the only public curl header we should encourage use of.

Reviewed-by: Marcel Raad
Closes #3645

5 years agossh: loop the state machine if not done and not blocking
Daniel Stenberg [Mon, 4 Mar 2019 15:17:10 +0000 (16:17 +0100)]
ssh: loop the state machine if not done and not blocking

If the state machine isn't complete, didn't fail and it didn't return
due to blocking it can just as well loop again.

This addresses the problem with SFTP directory listings where we would
otherwise return back to the parent and as the multi state machine
doesn't have any code for using CURLM_CALL_MULTI_PERFORM for as long the
doing phase isn't complete, it would return out when in reality there
was more data to deal with.

Fixes #3506
Closes #3644

5 years agomulti: support verbose conncache closure handle
Jay Satiro [Tue, 26 Feb 2019 07:17:03 +0000 (02:17 -0500)]
multi: support verbose conncache closure handle

- Change closure handle to receive verbose setting from the easy handle
  most recently added via curl_multi_add_handle.

The closure handle is a special easy handle used for closing cached
connections. It receives limited settings from the easy handle most
recently added to the multi handle. Prior to this change that did not
include verbose which was a problem because on connection shutdown
verbose mode was not acknowledged.

Ref: https://github.com/curl/curl/pull/3598

Co-authored-by: Daniel Stenberg
Closes https://github.com/curl/curl/pull/3618

5 years agoCURLU: fix NULL dereference when used over proxy
Daniel Stenberg [Mon, 4 Mar 2019 11:03:39 +0000 (12:03 +0100)]
CURLU: fix NULL dereference when used over proxy

Test 659 verifies

Also fixed the test 658 name

Closes #3641

5 years agoaltsvc_out: check the return code from Curl_gmtime
Daniel Stenberg [Sun, 3 Mar 2019 16:37:29 +0000 (17:37 +0100)]
altsvc_out: check the return code from Curl_gmtime

Pointed out by Coverity, CID 1442956.

Closes #3640

5 years agodocs/ALTSVC.md: docs describing the approach
Daniel Stenberg [Sun, 3 Mar 2019 10:17:52 +0000 (11:17 +0100)]
docs/ALTSVC.md: docs describing the approach

Closes #3498

5 years agoalt-svc: add a travis build
Daniel Stenberg [Sun, 3 Mar 2019 10:17:52 +0000 (11:17 +0100)]
alt-svc: add a travis build

5 years agoalt-svc: add test 355 and 356 to verify with command line curl
Daniel Stenberg [Sun, 3 Mar 2019 10:17:52 +0000 (11:17 +0100)]
alt-svc: add test 355 and 356 to verify with command line curl

5 years agoalt-svc: the curl command line bits
Daniel Stenberg [Sun, 3 Mar 2019 10:17:52 +0000 (11:17 +0100)]
alt-svc: the curl command line bits

5 years agoalt-svc: the libcurl bits
Daniel Stenberg [Sun, 3 Mar 2019 10:17:52 +0000 (11:17 +0100)]
alt-svc: the libcurl bits

5 years agotravis: add build using gnutls
Daniel Stenberg [Fri, 1 Mar 2019 21:00:27 +0000 (22:00 +0100)]
travis: add build using gnutls

Closes #3637

5 years agoRELEASE-NOTES: synced
Daniel Stenberg [Sat, 2 Mar 2019 11:04:43 +0000 (12:04 +0100)]
RELEASE-NOTES: synced

5 years agoscripts/completion.pl: also generate fish completion file
Simon Legner [Sun, 10 Feb 2019 21:06:42 +0000 (22:06 +0100)]
scripts/completion.pl: also generate fish completion file

This is the renamed script formerly known as zsh.pl

Closes #3545

5 years agognutls: remove call to deprecated gnutls_compression_get_name
Daniel Stenberg [Fri, 1 Mar 2019 15:02:04 +0000 (16:02 +0100)]
gnutls: remove call to deprecated gnutls_compression_get_name

It has been deprecated by GnuTLS since a year ago and now causes build
warnings.

Ref: https://gitlab.com/gnutls/gnutls/commit/b0041897d2846737f5fb0f
Docs: https://www.gnutls.org/manual/html_node/Compatibility-API.html

Closes #3636

5 years agosystem_win32: move win32_init here from easy.c
Jay Satiro [Thu, 28 Feb 2019 08:03:00 +0000 (03:03 -0500)]
system_win32: move win32_init here from easy.c

.. since system_win32 is a more appropriate location for the functions
and to extern the globals.

Ref: https://github.com/curl/curl/commit/ca597ad#r32446578
Reported-by: Gisle Vanem
Closes https://github.com/curl/curl/pull/3625

5 years agocurl_easy_duphandle.3: clarify that a duped handle has no shares
Daniel Stenberg [Fri, 1 Mar 2019 11:03:42 +0000 (12:03 +0100)]
curl_easy_duphandle.3: clarify that a duped handle has no shares

Reported-by: Sara Golemon
Fixes #3592
Closes #3634

5 years ago10-at-a-time.c: fix too long line
Daniel Stenberg [Fri, 1 Mar 2019 20:46:59 +0000 (21:46 +0100)]
10-at-a-time.c: fix too long line

5 years agoexamples: various fixes in ephiperfifo.c
Arnaud Rebillout [Fri, 1 Mar 2019 09:58:25 +0000 (16:58 +0700)]
examples: various fixes in ephiperfifo.c

The main change here is the timer value that was wrong, it was given in
usecs (ms * 1000), while the itimerspec struct wants nsecs (ms * 1000 *
1000). This resulted in the callback being invoked WAY TOO OFTEN.

As a quick check you can run this command before and after applying this
commit:

    # shell 1
    ./ephiperfifo 2>&1 | tee ephiperfifo.log
    # shell 2
    echo http://hacking.elboulangero.com > hiper.fifo

Then just compare the size of the logs files.

Closes #3633
Fixes #3632
Signed-off-by: Arnaud Rebillout <arnaud.rebillout@collabora.com>
5 years agourldata: simplify bytecounters
Daniel Stenberg [Thu, 28 Feb 2019 10:36:26 +0000 (11:36 +0100)]
urldata: simplify bytecounters

- no need to have them protocol specific

- no need to set pointers to them with the Curl_setup_transfer() call

- make Curl_setup_transfer() operate on a transfer pointer, not
  connection

- switch some counters from long to the more proper curl_off_t type

Closes #3627

5 years agoexamples/10-at-a-time.c: improve readability and simplify
Daniel Stenberg [Fri, 1 Mar 2019 16:11:57 +0000 (17:11 +0100)]
examples/10-at-a-time.c: improve readability and simplify

 - use better variable names to explain their purposes
 - convert logic to curl_multi_wait()

5 years agothreaded-resolver: shutdown the resolver thread without error message
Daniel Stenberg [Thu, 28 Feb 2019 19:34:36 +0000 (20:34 +0100)]
threaded-resolver: shutdown the resolver thread without error message

When a transfer is done, the resolver thread will be brought down. That
could accidentally generate an error message in the error buffer even
though this is not an error situationand the transfer would still return
OK.  An application that still reads the error buffer could find a
"Could not resolve host: [host name]" message there and get confused.

Reported-by: Michael Schmid
Fixes #3629
Closes #3630

5 years agodocs: update max-redirs.d phrasing
Ԝеѕ [Thu, 28 Feb 2019 20:59:13 +0000 (15:59 -0500)]
docs: update max-redirs.d phrasing

clarify redir - "in absurdum" doesn't seem to make sense in this context

Closes #3631

5 years agossh: fix Condition '!status' is always true
Daniel Stenberg [Thu, 28 Feb 2019 14:35:58 +0000 (15:35 +0100)]
ssh: fix Condition '!status' is always true

in the same sftp_done function in both SSH backends. Simplify them
somewhat.

Pointed out by Codacy.

Closes #3628

5 years agotest578: make it read data from the correct test
Daniel Stenberg [Thu, 28 Feb 2019 19:46:03 +0000 (20:46 +0100)]
test578: make it read data from the correct test

5 years agoCurl_easy: remove req.maxfd - never used!
Daniel Stenberg [Thu, 28 Feb 2019 09:47:55 +0000 (10:47 +0100)]
Curl_easy: remove req.maxfd - never used!

Introduced in 8b6314ccfb, but not used anymore in current code. Unclear
since when.

Closes #3626

5 years agohttp: set state.infilesize when sending formposts
Daniel Stenberg [Wed, 27 Feb 2019 21:30:32 +0000 (22:30 +0100)]
http: set state.infilesize when sending formposts

Without it set, we would unwillingly triger the "HTTP error before end
of send, stop sending" condition even if the entire POST body had been
sent (since it wouldn't know the expected size) which would
unnecessarily log that message and close the connection when it didn't
have to.

Reported-by: Matt McClure
Bug: https://curl.haxx.se/mail/archive-2019-02/0023.html
Closes #3624

5 years agoINSTALL: refer to the current TLS library names and configure options
Daniel Stenberg [Thu, 28 Feb 2019 08:12:31 +0000 (09:12 +0100)]
INSTALL: refer to the current TLS library names and configure options

5 years agoFAQ: minor updates and spelling fixes
Daniel Stenberg [Thu, 28 Feb 2019 08:09:51 +0000 (09:09 +0100)]
FAQ: minor updates and spelling fixes

5 years agoGOVERNANCE.md: minor spelling fixes
Daniel Stenberg [Thu, 28 Feb 2019 08:09:31 +0000 (09:09 +0100)]
GOVERNANCE.md: minor spelling fixes

5 years agoSecure Transport: no more "darwinssl"
Daniel Stenberg [Tue, 26 Feb 2019 08:21:12 +0000 (09:21 +0100)]
Secure Transport: no more "darwinssl"

Everyone calls it Secure Transport, now we do too.

Reviewed-by: Nick Zitzmann
Closes #3619

5 years agoAppVeyor: add classic MinGW build
Marcel Raad [Tue, 26 Feb 2019 16:38:14 +0000 (17:38 +0100)]
AppVeyor: add classic MinGW build

But use the MSYS2 shell rather than the default MSYS shell because of
POSIX path conversion issues. Classic MinGW is only available on the
Visual Studio 2015 image.

Closes https://github.com/curl/curl/pull/3623

5 years agoAppVeyor: add MinGW-w64 build
Marcel Raad [Wed, 10 Oct 2018 20:22:06 +0000 (22:22 +0200)]
AppVeyor: add MinGW-w64 build

Add a MinGW-w64 build using CMake's MSYS Makefiles generator.
Use the Visual Studio 2015 image as it has GCC 8, while the
Visual Studio 2017 image only has GCC 7.2.

Closes https://github.com/curl/curl/pull/3623

5 years agocookies: only save the cookie file if the engine is enabled
Daniel Stenberg [Tue, 26 Feb 2019 15:35:07 +0000 (16:35 +0100)]
cookies: only save the cookie file if the engine is enabled

Follow-up to 8eddb8f4259.

If the cookieinfo pointer is NULL there really is nothing to save.

Without this fix, we got a problem when a handle was using shared object
with cookies and is told to "FLUSH" it to file (which worked) and then
the share object was removed and when the easy handle was closed just
afterwards it has no cookieinfo and no cookies so it decided to save an
empty jar (overwriting the file just flushed).

Test 1905 now verifies that this works.

Assisted-by: Michael Wallner
Assisted-by: Marcel Raad
Closes #3621

5 years agocacertinmem.c: use multiple certificates for loading CA-chain
DaVieS [Mon, 31 Dec 2018 00:36:05 +0000 (01:36 +0100)]
cacertinmem.c: use multiple certificates for loading CA-chain

Closes #3421

5 years agourldata: convert bools to bitfields and move to end
Daniel Stenberg [Mon, 25 Feb 2019 10:17:53 +0000 (11:17 +0100)]
urldata: convert bools to bitfields and move to end

This allows the compiler to pack and align the structs better in
memory. For a rather feature-complete build on x86_64 Linux, gcc 8.1.2
makes the Curl_easy struct 4.9% smaller. From 6312 bytes to 6000.

Removed an unused struct field.

No functionality changes.

Closes #3610

5 years agocurl.h: use __has_declspec_attribute for shared builds
Don J Olmstead [Mon, 25 Feb 2019 22:17:51 +0000 (14:17 -0800)]
curl.h: use __has_declspec_attribute for shared builds

Closes #3616

5 years agocurl: display --version features sorted alphabetically
Daniel Stenberg [Mon, 25 Feb 2019 11:25:15 +0000 (12:25 +0100)]
curl: display --version features sorted alphabetically

Closes #3611

5 years agoruntests: detect "schannel" as an alias for "winssl"
Daniel Stenberg [Tue, 26 Feb 2019 13:01:30 +0000 (14:01 +0100)]
runtests: detect "schannel" as an alias for "winssl"

Follow-up to 180501cb02

Reported-by: Marcel Raad
Fixes #3609
Closes #3620

5 years agoAppVeyor: update to Visual Studio 2017
Marcel Raad [Sun, 24 Feb 2019 12:55:40 +0000 (13:55 +0100)]
AppVeyor: update to Visual Studio 2017

Switch all Visual Studio 2015 builds to Visual Studio 2017. It's not a
moving target anymore as the last update, Update 9, has been released.

Closes https://github.com/curl/curl/pull/3606

5 years agoAppVeyor: switch VS 2015 builds to VS 2017 image
Marcel Raad [Sun, 24 Feb 2019 12:50:05 +0000 (13:50 +0100)]
AppVeyor: switch VS 2015 builds to VS 2017 image

The Visual Studio 2017 image has Visual Studio 2015 and 2017 installed.

Closes https://github.com/curl/curl/pull/3606

5 years agoAppVeyor: explicitly select worker image
Marcel Raad [Sat, 23 Feb 2019 21:33:32 +0000 (22:33 +0100)]
AppVeyor: explicitly select worker image

Currently, we're using the default Visual Studio 2015 image for
everything.

Closes https://github.com/curl/curl/pull/3606

5 years agostrerror: make the strerror function use local buffers
Daniel Stenberg [Mon, 25 Feb 2019 17:12:51 +0000 (18:12 +0100)]
strerror: make the strerror function use local buffers

Instead of using a fixed 256 byte buffer in the connectdata struct.

In my build, this reduces the size of the connectdata struct by 11.8%,
from 2160 to 1904 bytes with no functionality or performance loss.

This also fixes a bug in schannel's Curl_verify_certificate where it
called Curl_sspi_strerror when it should have called Curl_strerror for
string from GetLastError. the only effect would have been no text or the
wrong text being shown for the error.

Co-authored-by: Jay Satiro
Closes #3612

5 years agocookies: fix NULL dereference if flushing cookies with no CookieInfo set
Michael Wallner [Mon, 25 Feb 2019 18:05:02 +0000 (19:05 +0100)]
cookies: fix NULL dereference if flushing cookies with no CookieInfo set

Regression brought by a52e46f3900fb0 (shipped in 7.63.0)

Closes #3613

5 years agoAppVeyor: re-enable test 500
Marcel Raad [Mon, 25 Feb 2019 20:20:19 +0000 (21:20 +0100)]
AppVeyor: re-enable test 500

It's passing now.

Closes https://github.com/curl/curl/pull/3615

5 years agoAppVeyor: remove redundant builds
Marcel Raad [Mon, 25 Feb 2019 20:03:13 +0000 (21:03 +0100)]
AppVeyor: remove redundant builds

Remove the Visual Studio 2012 and 2013 builds as they add little value.

Ref: https://github.com/curl/curl/pull/3606
Closes https://github.com/curl/curl/pull/3614

5 years agoRELEASE-NOTES: synced
Daniel Stenberg [Mon, 25 Feb 2019 22:19:32 +0000 (23:19 +0100)]
RELEASE-NOTES: synced

5 years agoOpenSSL: add support for TLS ASYNC state
Bernd Mueller [Wed, 20 Feb 2019 13:21:10 +0000 (14:21 +0100)]
OpenSSL: add support for TLS ASYNC state

Closes #3591

5 years agoacinclude: add additional libraries to check for LDAP support
Michael Felt [Thu, 21 Feb 2019 13:34:49 +0000 (13:34 +0000)]
acinclude: add additional libraries to check for LDAP support

- Add an additional check for LDAP that also checks for OpenSSL since
  on AIX those libraries may be required to link LDAP properly.

Fixes https://github.com/curl/curl/issues/3595
Closes https://github.com/curl/curl/pull/3596

5 years agoschannel: support CALG_ECDH_EPHEM algorithm
georgeok [Sun, 24 Feb 2019 18:20:57 +0000 (18:20 +0000)]
schannel: support CALG_ECDH_EPHEM algorithm

Add support for Ephemeral elliptic curve Diffie-Hellman key exchange
algorithm option when selecting ciphers. This became available on the
Win10 SDK.

Closes https://github.com/curl/curl/pull/3608

5 years agomulti: call multi_done on connect timeouts
Daniel Stenberg [Sun, 24 Feb 2019 15:32:04 +0000 (16:32 +0100)]
multi: call multi_done on connect timeouts

Failing to do so would make the CURLINFO_TOTAL_TIME timeout to not get
updated correctly and could end up getting reported to the application
completely wrong (way too small).

Reported-by: accountantM on github
Fixes #3602
Closes #3605

5 years agoexamples: remove recursive calls to curl_multi_socket_action
Daniel Stenberg [Fri, 22 Feb 2019 12:44:41 +0000 (13:44 +0100)]
examples: remove recursive calls to curl_multi_socket_action

From within the timer callbacks. Recursive is problematic for several
reasons. They should still work, but this way the examples and the
documentation becomes simpler. I don't think we need to encourage
recursive calls.

Discussed in #3537
Closes #3601

5 years agoconfigure: remove CURL_CHECK_FUNC_FDOPEN call
Marcel Raad [Sat, 23 Feb 2019 10:00:53 +0000 (11:00 +0100)]
configure: remove CURL_CHECK_FUNC_FDOPEN call

The macro itself has been removed in commit
11974ac859c5d82def59e837e0db56fef7f6794e.

Closes https://github.com/curl/curl/pull/3604

5 years agowolfssl: stop custom-adding curves
Daniel Stenberg [Fri, 22 Feb 2019 07:04:09 +0000 (08:04 +0100)]
wolfssl: stop custom-adding curves

since wolfSSL PR https://github.com/wolfSSL/wolfssl/pull/717 (shipped in
wolfSSL 3.10.2 and later) it sends these curves by default already.

Pointed-out-by: David Garske
Closes #3599

5 years agoconfigure: remove the unused fdopen macro
Daniel Stenberg [Fri, 22 Feb 2019 11:56:15 +0000 (12:56 +0100)]
configure: remove the unused fdopen macro

and the two remaining #ifdefs for it

Closes #3600

5 years agourl: change conn shutdown order to unlink data as last step
Jay Satiro [Thu, 21 Feb 2019 20:30:10 +0000 (15:30 -0500)]
url: change conn shutdown order to unlink data as last step

- Split off connection shutdown procedure from Curl_disconnect into new
  function conn_shutdown.

- Change the shutdown procedure to close the sockets before
  disassociating the transfer.

Prior to this change the sockets were closed after disassociating the
transfer so SOCKETFUNCTION wasn't called since the transfer was already
disassociated. That likely came about from recent work started in
Jan 2019 (#3442) to separate transfers from connections.

Bug: https://curl.haxx.se/mail/lib-2019-02/0101.html
Reported-by: Pavel Löbl
Closes https://github.com/curl/curl/issues/3597
Closes https://github.com/curl/curl/pull/3598

5 years agoFix strict-prototypes GCC warning
Marcel Raad [Fri, 22 Feb 2019 18:12:30 +0000 (19:12 +0100)]
Fix strict-prototypes GCC warning

As seen in the MinGW autobuilds. Caused by commit
f26bc29cfec0be84c67cf74065cf8e5e78fd68b7.

5 years agotests: Fixed XML validation errors in some test files.
Dan Fandrich [Thu, 21 Feb 2019 21:06:16 +0000 (22:06 +0100)]
tests: Fixed XML validation errors in some test files.

5 years agoTODO: Allow SAN names in HTTP/2 server push
Daniel Stenberg [Wed, 20 Feb 2019 07:44:21 +0000 (08:44 +0100)]
TODO: Allow SAN names in HTTP/2 server push

Suggested-by: Nicolas Grekas
5 years agoRELEASE-NOTES: synced
Daniel Stenberg [Wed, 20 Feb 2019 07:29:48 +0000 (08:29 +0100)]
RELEASE-NOTES: synced

5 years agocurl: remove MANUAL from -M output
Daniel Stenberg [Tue, 19 Feb 2019 09:02:27 +0000 (10:02 +0100)]
curl: remove MANUAL from -M output

... and remove it from the dist tarball. It has served its time, it
barely gets updated anymore and "everything curl" is now convering all
this document once tried to include, and does it more and better.

In the compressed scenario, this removes ~15K data from the binary,
which is 25% of the -M output.

It remains in the git repo for now for as long as the web site builds a
page using that as source. It renders poorly on the site (especially for
mobile users) so its not even good there.

Closes #3587

5 years agohttp2: verify :athority in push promise requests
Daniel Stenberg [Mon, 18 Feb 2019 08:10:01 +0000 (09:10 +0100)]
http2: verify :athority in push promise requests

RFC 7540 says we should verify that the push is for an "authoritative"
server. We make sure of this by only allowing push with an :athority
header that matches the host that was asked for in the URL.

Fixes #3577
Reported-by: Nicolas Grekas
Bug: https://curl.haxx.se/mail/lib-2019-02/0057.html
Closes #3581