Daniel Stenberg [Thu, 25 Jan 2018 22:30:49 +0000 (23:30 +0100)]
configure: set PATH_SEPARATOR to colon for PATH w/o separator
The logic tries to figure out what the path separator in the $PATH
variable is, but if there's only one directory in the $PATH it
fails. This change make configure *guess* on colon instead of erroring
out, simply because that is probably the more common character.
PATH_SEPARATOR can always be set by the user to override the guessing.
(tricky bug to reproduce, as in my case for example the configure script
requires binaries in more than one directory so passing in a PATH with a
single dir fails.)
Reported-by: Earnestly on github
Fixes #2202
Closes #2265
Daniel Stenberg [Sun, 28 Jan 2018 23:58:59 +0000 (00:58 +0100)]
curl_ctype: private is*() type macros and functions
... since the libc provided one are locale dependent in a way we don't
want. Also, the "native" isalnum() (for example) works differently on
different platforms which caused test 1307 failures on macos only.
Patrick Monnerat [Fri, 26 Jan 2018 16:45:20 +0000 (17:45 +0100)]
lib555: drop text conversion and encode data as ascii codes
If CURL_DOES_CONVERSION is enabled, uploaded LFs are mapped to CRLFs,
giving a result that is different from what is expected.
This commit avoids using CURLOPT_TRANSFERTEXT and directly encodes data
to upload in ascii.
Daniel Stenberg [Thu, 25 Jan 2018 21:32:57 +0000 (22:32 +0100)]
configure: fix the check for unsigned time_t
Assign the time_t variable negative value and then check if it is
greater than zero, which will evaluate true for unsigned time_t but
false for signed time_t.
McDonough, Tim [Tue, 23 Jan 2018 01:24:59 +0000 (02:24 +0100)]
openssl: fix pinned public key build error in FIPS mode
Here is a version that should work with all versions of openssl 0.9.7
through 1.1.0.
Links to the docs:
https://www.openssl.org/docs/man1.0.2/crypto/EVP_DigestInit.html
https://www.openssl.org/docs/man1.1.0/crypto/EVP_DigestInit.html
At the very bottom of the 1.1.0 documentation there is a history section
that states, " stack allocated EVP_MD_CTXs are no longer supported."
If EVP_MD_CTX_create and EVP_MD_CTX_destroy are not defined, then a
simple mapping can be used as described here:
https://wiki.openssl.org/index.php/Talk:OpenSSL_1.1.0_Changes
Daniel Stenberg [Thu, 18 Jan 2018 21:17:05 +0000 (22:17 +0100)]
test558: fix for multissl builds
vtls.c:multissl_init() might do a curl_free() call so strip that out to
make this work with more builds. We just want to verify that
memorytracking works so skipping one line is no harm.
Michael Gmelin [Thu, 18 Jan 2018 00:28:19 +0000 (01:28 +0100)]
SSH: Fix state machine for ssh-agent authentication
In case an identity didn't match[0], the state machine would fail in
state SSH_AUTH_AGENT instead of progressing to the next identity in
ssh-agent. As a result, ssh-agent authentication only worked if the
identity required happened to be the first added to ssh-agent.
This was introduced as part of commit c4eb10e2f06fbd6cc904f1d78e4, which
stated that the "else" statement was required to prevent getting stuck
in state SSH_AUTH_AGENT. Given the state machine's logic and libssh2's
interface I couldn't see how this could happen or reproduce it and I
also couldn't find a more detailed description of the problem which
would explain a test case to reproduce the problem this was supposed to
fix.
Daniel Stenberg [Mon, 15 Jan 2018 19:43:34 +0000 (20:43 +0100)]
SMB: fix numeric constant suffix and variable types
1. don't use "ULL" suffix since unsupported in older MSVC
2. use curl_off_t instead of custom long long ifdefs
3. make get_posix_time() not do unaligned data access
Patrick Monnerat [Sun, 14 Jan 2018 18:43:12 +0000 (19:43 +0100)]
mime: clone mime tree upon easy handle duplication.
A mime tree attached to an easy handle using CURLOPT_MIMEPOST is
strongly bound to the handle: there is a pointer to the easy handle in
each item of the mime tree and following the parent pointer list
of mime items ends in a dummy part stored within the handle.
Because of this binding, a mime tree cannot be shared between different
easy handles, thus it needs to be cloned upon easy handle duplication.
There is no way for the caller to get the duplicated mime tree
handle: it is then set to be automatically destroyed upon freeing the
new easy handle.
New test 654 checks proper mime structure duplication/release.
Add a warning note in curl_mime_data_cb() documentation about sharing
user data between duplicated handles.
Dan Johnson [Thu, 28 Dec 2017 18:16:26 +0000 (18:16 +0000)]
configure.ac: append extra linker flags instead of prepending them.
Link order should list libraries after the libraries that use them,
so when we're guessing that we might also need to add -ldl in order
to use -lssl, we should add -ldl after -lssl.
Zhouyihai Ding [Wed, 10 Jan 2018 18:12:18 +0000 (10:12 -0800)]
http2: fix incorrect trailer buffer size
Prior to this change the stored byte count of each trailer was
miscalculated and 1 less than required. It appears any trailer
after the first that was passed to Curl_client_write would be truncated
or corrupted as well as the size. Potentially the size of some
subsequent trailer could be erroneously extracted from the contents of
that trailer, and since that size is used by client write an
out-of-bounds read could occur and cause a crash or be otherwise
processed by client write.
The bug appears to have been born in 0761a51 (precedes 7.49.0).
Mikalai Ananenka [Mon, 25 Dec 2017 21:17:08 +0000 (00:17 +0300)]
brotli: data at the end of content can be lost
Decoding loop implementation did not concern the case when all
received data is consumed by Brotli decoder and the size of decoded
data internally hold by Brotli decoder is greater than CURL_MAX_WRITE_SIZE.
For content with unencoded length greater than CURL_MAX_WRITE_SIZE this
can result in the loss of data at the end of content.
Patrick Monnerat [Wed, 20 Dec 2017 18:33:50 +0000 (19:33 +0100)]
curl_easy_reset: release mime-related data.
Move curl_mime_initpart() and curl_mime_cleanpart() calls to lower-level
functions dealing with UserDefined structure contents.
This avoids memory leakages on curl-generated part mime headers.
New test 2073 checks this using the cli tool --next option: it
triggers a valgrind error if bug is present.
Bug: https://curl.haxx.se/mail/lib-2017-12/0060.html Reported-by: Martin Galvan
Patrick Monnerat [Wed, 20 Dec 2017 15:02:42 +0000 (16:02 +0100)]
content_encoding: rework zlib_inflate
- When zlib version is < 1.2.0.4, process gzip trailer before considering
extra data as an error.
- Inflate with Z_BLOCK instead of Z_SYNC_FLUSH to maximize correct data
and minimize corrupt data output.
- Do not try to restart deflate decompression in raw mode if output has
started or if the leading data is not available anymore.
- New test 232 checks inflating raw-deflated content.
Daniel Stenberg [Tue, 12 Dec 2017 23:45:42 +0000 (00:45 +0100)]
rand: add a clang-analyzer work-around
scan-build would warn on a potential access of an uninitialized
buffer. I deem it a false positive and had to add this somewhat ugly
work-around to silence it.