]> granicus.if.org Git - curl/log
curl
6 years agoCurl_range: add check to ensure "from <= to"
Max Dymond [Mon, 29 Jan 2018 10:12:40 +0000 (10:12 +0000)]
Curl_range: add check to ensure "from <= to"

6 years agoCurl_range: commonize FTP and FILE range handling
Max Dymond [Mon, 29 Jan 2018 09:50:43 +0000 (09:50 +0000)]
Curl_range: commonize FTP and FILE range handling

Closes #2205

6 years agoRELEASE-NOTES: synced with 811beab9f
Daniel Stenberg [Tue, 30 Jan 2018 09:18:12 +0000 (10:18 +0100)]
RELEASE-NOTES: synced with 811beab9f

6 years agocurlver: next release will be 7.59.0
Daniel Stenberg [Tue, 30 Jan 2018 09:18:21 +0000 (10:18 +0100)]
curlver: next release will be 7.59.0

6 years agocurl/curl.h: fix comment typo for CURLOPT_DNS_LOCAL_IP6
Michał Janiszewski [Mon, 29 Jan 2018 20:23:41 +0000 (21:23 +0100)]
curl/curl.h: fix comment typo for CURLOPT_DNS_LOCAL_IP6

Closes #2275

6 years agotime: support > year 2038 time stamps for system with 32bit long
Daniel Stenberg [Thu, 25 Jan 2018 22:05:24 +0000 (23:05 +0100)]
time: support > year 2038 time stamps for system with 32bit long

... with the introduction of CURLOPT_TIMEVALUE_LARGE and
CURLINFO_FILETIME_T.

Fixes #2238
Closes #2264

6 years agocurl_easy_reset: clear digest auth state
Daniel Stenberg [Thu, 25 Jan 2018 16:51:26 +0000 (17:51 +0100)]
curl_easy_reset: clear digest auth state

Bug: https://curl.haxx.se/mail/lib-2018-01/0074.html
Reported-by: Ruurd Beerstra
Fixes #2255
Closes #2272

6 years agowinbuild: make linker generate proper PDB
Adam Marcionek [Mon, 29 Jan 2018 16:41:11 +0000 (11:41 -0500)]
winbuild: make linker generate proper PDB

Link.exe requires /DEBUG to properly generate a full pdb file on release
builds.

Closes #2274

6 years agocurl: add --proxy-pinnedpubkey
Daniel Stenberg [Sun, 28 Jan 2018 13:15:56 +0000 (14:15 +0100)]
curl: add --proxy-pinnedpubkey

To verify a proxy's public key. For when using HTTPS proxies.

Fixes #2192
Closes #2268

6 years agoconfigure: set PATH_SEPARATOR to colon for PATH w/o separator
Daniel Stenberg [Thu, 25 Jan 2018 22:30:49 +0000 (23:30 +0100)]
configure: set PATH_SEPARATOR to colon for PATH w/o separator

The logic tries to figure out what the path separator in the $PATH
variable is, but if there's only one directory in the $PATH it
fails. This change make configure *guess* on colon instead of erroring
out, simply because that is probably the more common character.

PATH_SEPARATOR can always be set by the user to override the guessing.

(tricky bug to reproduce, as in my case for example the configure script
requires binaries in more than one directory so passing in a PATH with a
single dir fails.)

Reported-by: Earnestly on github
Fixes #2202
Closes #2265

6 years agocurl_ctype: private is*() type macros and functions
Daniel Stenberg [Sun, 28 Jan 2018 23:58:59 +0000 (00:58 +0100)]
curl_ctype: private is*() type macros and functions

... since the libc provided one are locale dependent in a way we don't
want. Also, the "native" isalnum() (for example) works differently on
different platforms which caused test 1307 failures on macos only.

Closes #2269

6 years agobuild: open VC15 projects with VS 2017
Marcel Raad [Mon, 29 Jan 2018 14:35:58 +0000 (15:35 +0100)]
build: open VC15 projects with VS 2017

Previously, they were opened with Visual Studio 2015 by default, which
cannot build them.

6 years agoRELEASE-NOTES: synced with 094647fca
Daniel Stenberg [Mon, 29 Jan 2018 11:30:37 +0000 (12:30 +0100)]
RELEASE-NOTES: synced with 094647fca

6 years agoTODO: UTF-8 filenames in Content-Disposition
Daniel Stenberg [Sun, 28 Jan 2018 13:52:08 +0000 (14:52 +0100)]
TODO: UTF-8 filenames in Content-Disposition

Closes #1888

6 years agoKNOWN_BUGS: DICT responses show the underlying protocol
Daniel Stenberg [Sun, 28 Jan 2018 13:38:38 +0000 (14:38 +0100)]
KNOWN_BUGS: DICT responses show the underlying protocol

Closes #1809

6 years agodocs: fix typos in man pages
Alessandro Ghedini [Wed, 24 Jan 2018 11:13:51 +0000 (11:13 +0000)]
docs: fix typos in man pages

Closes https://github.com/curl/curl/pull/2266

6 years agolib555: drop text conversion and encode data as ascii codes
Patrick Monnerat [Fri, 26 Jan 2018 16:45:20 +0000 (17:45 +0100)]
lib555: drop text conversion and encode data as ascii codes

If CURL_DOES_CONVERSION is enabled, uploaded LFs are mapped to CRLFs,
giving a result that is different from what is expected.
This commit avoids using CURLOPT_TRANSFERTEXT and directly encodes data
to upload in ascii.

Bug: https://github.com/curl/curl/pull/1872

6 years agolib517: make variable static to avoid compiler warning
Daniel Stenberg [Fri, 26 Jan 2018 15:50:32 +0000 (16:50 +0100)]
lib517: make variable static to avoid compiler warning

... with clang on macos

6 years agolib544: sync ascii code data with textual data
Patrick Monnerat [Fri, 26 Jan 2018 14:53:22 +0000 (15:53 +0100)]
lib544: sync ascii code data with textual data

Data mismatch caused test 545 to fail when character encoding
conversion is enabled.

Bug: https://github.com/curl/curl/pull/1872

6 years agoGSKit: restore pinnedpubkey functionality
moparisthebest [Thu, 25 Jan 2018 21:47:49 +0000 (16:47 -0500)]
GSKit: restore pinnedpubkey functionality

inadvertently removed in 283babfaf8d8f3bab9d3c63cea94eb0b84e79c37

Closes #2263

6 years agodarwinssl: Don't import client certificates into Keychain on macOS
Dair Grant [Wed, 15 Nov 2017 21:30:58 +0000 (21:30 +0000)]
darwinssl: Don't import client certificates into Keychain on macOS

Closes #2085

6 years agoconfigure: fix the check for unsigned time_t
Daniel Stenberg [Thu, 25 Jan 2018 21:32:57 +0000 (22:32 +0100)]
configure: fix the check for unsigned time_t

Assign the time_t variable negative value and then check if it is
greater than zero, which will evaluate true for unsigned time_t but
false for signed time_t.

6 years agoparsedate: fix date parsing for systems with 32 bit long
Daniel Stenberg [Thu, 18 Jan 2018 19:24:05 +0000 (20:24 +0100)]
parsedate: fix date parsing for systems with 32 bit long

Make curl_getdate() handle dates before 1970 as well (returning negative
values).

Make test 517 test dates for 64 bit time_t.

This fixes bug (3) mentioned in #2238

Closes #2250

6 years agoopenssl: fix pinned public key build error in FIPS mode
McDonough, Tim [Tue, 23 Jan 2018 01:24:59 +0000 (02:24 +0100)]
openssl: fix pinned public key build error in FIPS mode

Here is a version that should work with all versions of openssl 0.9.7
through 1.1.0.

Links to the docs:
https://www.openssl.org/docs/man1.0.2/crypto/EVP_DigestInit.html
https://www.openssl.org/docs/man1.1.0/crypto/EVP_DigestInit.html

At the very bottom of the 1.1.0 documentation there is a history section
that states, " stack allocated EVP_MD_CTXs are no longer supported."

If EVP_MD_CTX_create and EVP_MD_CTX_destroy are not defined, then a
simple mapping can be used as described here:
https://wiki.openssl.org/index.php/Talk:OpenSSL_1.1.0_Changes

Closes #2258

6 years agoSChannel/WinSSL: Replace Curl_none_md5sum with Curl_schannel_md5sum
moparisthebest [Tue, 16 Jan 2018 05:51:46 +0000 (00:51 -0500)]
SChannel/WinSSL: Replace Curl_none_md5sum with Curl_schannel_md5sum

6 years agoSChannel/WinSSL: Implement public key pinning
moparisthebest [Wed, 19 Apr 2017 04:31:23 +0000 (00:31 -0400)]
SChannel/WinSSL: Implement public key pinning

Closes #1429

6 years agobump: towards 7.58.1
Daniel Stenberg [Thu, 25 Jan 2018 21:10:07 +0000 (22:10 +0100)]
bump: towards 7.58.1

6 years agocookies: remove verbose "cookie size:" output
Daniel Stenberg [Thu, 25 Jan 2018 16:33:35 +0000 (17:33 +0100)]
cookies: remove verbose "cookie size:" output

It was once used for some debugging/verifying logic but should never have
ended up in git!

6 years agoTODO: hardcode the "localhost" addresses
Daniel Stenberg [Thu, 25 Jan 2018 16:23:06 +0000 (17:23 +0100)]
TODO: hardcode the "localhost" addresses

6 years agoTODO: CURL_REFUSE_CLEARTEXT
Daniel Stenberg [Thu, 25 Jan 2018 07:16:55 +0000 (08:16 +0100)]
TODO: CURL_REFUSE_CLEARTEXT

An idea that popped up in discussions on twitter.

6 years agoprogress-bar: don't use stderr explicitly, use bar->out
Daniel Stenberg [Wed, 24 Jan 2018 14:27:58 +0000 (15:27 +0100)]
progress-bar: don't use stderr explicitly, use bar->out

Reported-By: Gisle Vanem
Bug: https://github.com/curl/curl/commit/993dd5651a6c853bfe3870f6a69c7b329fa4e8ce#commitcomment-27070080

6 years agoFixes for MSDOS etc.
Gisle Vanem [Wed, 24 Jan 2018 14:02:53 +0000 (15:02 +0100)]
Fixes for MSDOS etc.

djgpp do have 'mkdir(dir, mode)'. Other DOS-compilers does not
But djgpp seems the only choice for MSDOS anyway.

PellesC do have a 'F_OK' defined in it's <unistd.h>.

Update year in Copyright.

6 years agoFix small typo.
Gisle Vanem [Wed, 24 Jan 2018 12:27:19 +0000 (13:27 +0100)]
Fix small typo.

6 years agoRELEASE: 7.58.0 curl-7_58_0
Daniel Stenberg [Mon, 22 Jan 2018 09:06:07 +0000 (10:06 +0100)]
RELEASE: 7.58.0

6 years agoprogress-bar: get screen width on windows
Gisle Vanem [Tue, 23 Jan 2018 21:41:50 +0000 (22:41 +0100)]
progress-bar: get screen width on windows

6 years agotest1454: --connect-to with IPv6 address w/o IPv6 support!
Daniel Stenberg [Mon, 22 Jan 2018 23:02:35 +0000 (00:02 +0100)]
test1454: --connect-to with IPv6 address w/o IPv6 support!

6 years agoCONNECT_TO: fail attempt to set an IPv6 numerical without IPv6 support
Daniel Stenberg [Mon, 22 Jan 2018 14:28:13 +0000 (15:28 +0100)]
CONNECT_TO: fail attempt to set an IPv6 numerical without IPv6 support

Bug: https://curl.haxx.se/mail/lib-2018-01/0087.html
Reported-by: John Hascall
Closes #2257

6 years agodocs: fix man page syntax to make test 1140 OK again
Daniel Stenberg [Tue, 23 Jan 2018 00:28:18 +0000 (01:28 +0100)]
docs: fix man page syntax to make test 1140 OK again

6 years agohttp: prevent custom Authorization headers in redirects
Daniel Stenberg [Fri, 19 Jan 2018 12:19:25 +0000 (13:19 +0100)]
http: prevent custom Authorization headers in redirects

... unless CURLOPT_UNRESTRICTED_AUTH is set to allow them. This matches how
curl already handles Authorization headers created internally.

Note: this changes behavior slightly, for the sake of reducing mistakes.

Added test 317 and 318 to verify.

Reported-by: Craig de Stigter
Bug: https://curl.haxx.se/docs/adv_2018-b3bf.html

6 years agocurl: progress bar refresh, get width using ioctl()
Daniel Stenberg [Tue, 16 Jan 2018 10:46:03 +0000 (11:46 +0100)]
curl: progress bar refresh, get width using ioctl()

Get screen width from the environment variable COLUMNS first, if set. If
not, use ioctl(). If nether works, assume 79.

Closes #2242

The "refresh" is for the -# output when no total transfer size is
known. It will now only use a single updated line even for this case:

The "-=O=-" ship moves when data is transferred. The four flying
"hashes" move (on a sine wave) on each refresh, independent of data.

6 years agoRELEASE-NOTES: synced with bb0ffcc36
Daniel Stenberg [Sat, 20 Jan 2018 21:41:20 +0000 (22:41 +0100)]
RELEASE-NOTES: synced with bb0ffcc36

6 years agolibcurl-env.3: first take
Daniel Stenberg [Sat, 20 Jan 2018 13:32:46 +0000 (14:32 +0100)]
libcurl-env.3: first take

6 years agoTODO: two possible name resolver improvements
Daniel Stenberg [Sat, 20 Jan 2018 12:57:12 +0000 (13:57 +0100)]
TODO: two possible name resolver improvements

6 years agohttp2: don't close connection when single transfer is stopped
Kartik Mahajan [Thu, 18 Jan 2018 16:58:59 +0000 (22:28 +0530)]
http2: don't close connection when single transfer is stopped

Fixes #2237
Closes #2249

6 years agotest558: fix for multissl builds
Daniel Stenberg [Thu, 18 Jan 2018 21:17:05 +0000 (22:17 +0100)]
test558: fix for multissl builds

vtls.c:multissl_init() might do a curl_free() call so strip that out to
make this work with more builds. We just want to verify that
memorytracking works so skipping one line is no harm.

6 years agoexamples/url2file.c: add missing curl_global_cleanup() call
Daniel Stenberg [Thu, 18 Jan 2018 16:10:34 +0000 (17:10 +0100)]
examples/url2file.c: add missing curl_global_cleanup() call

Reported-by: XhstormR on github
Fixes #2245

6 years agoSSH: Fix state machine for ssh-agent authentication
Michael Gmelin [Thu, 18 Jan 2018 00:28:19 +0000 (01:28 +0100)]
SSH: Fix state machine for ssh-agent authentication

In case an identity didn't match[0], the state machine would fail in
state SSH_AUTH_AGENT instead of progressing to the next identity in
ssh-agent. As a result, ssh-agent authentication only worked if the
identity required happened to be the first added to ssh-agent.

This was introduced as part of commit c4eb10e2f06fbd6cc904f1d78e4, which
stated that the "else" statement was required to prevent getting stuck
in state SSH_AUTH_AGENT. Given the state machine's logic and libssh2's
interface I couldn't see how this could happen or reproduce it and I
also couldn't find a more detailed description of the problem which
would explain a test case to reproduce the problem this was supposed to
fix.

[0] libssh2_agent_userauth returning LIBSSH2_ERROR_AUTHENTICATION_FAILED

Closes #2248

6 years agoopenssl: fix potential memory leak in SSLKEYLOGFILE logic
Daniel Stenberg [Thu, 18 Jan 2018 11:10:58 +0000 (12:10 +0100)]
openssl: fix potential memory leak in SSLKEYLOGFILE logic

Coverity CID 1427646.

6 years agoopenssl: fix the libressl build again
Daniel Stenberg [Wed, 17 Jan 2018 22:20:00 +0000 (23:20 +0100)]
openssl: fix the libressl build again

Follow-up to 84fcaa2e7. libressl does not have the API even if it says it is
late OpenSSL version...

Fixes #2246
Closes #2247

Reported-by: jungle-boogie on github
6 years agounit1307: test many wildcards too
Daniel Stenberg [Tue, 16 Jan 2018 14:57:30 +0000 (15:57 +0100)]
unit1307: test many wildcards too

6 years agocurl_fnmatch: only allow 5 '*' sections in a single pattern
Daniel Stenberg [Tue, 16 Jan 2018 14:55:44 +0000 (15:55 +0100)]
curl_fnmatch: only allow 5 '*' sections in a single pattern

... to avoid excessive recursive calls. The number 5 is totally
arbitrary and could be modified if someone has a good motivation.

6 years agoftp-wildcard: fix matching an empty string with "*[^a]"
Daniel Stenberg [Sat, 13 Jan 2018 20:52:15 +0000 (21:52 +0100)]
ftp-wildcard: fix matching an empty string with "*[^a]"

.... and avoid advancing the pointer to trigger an out of buffer read.

Detected by OSS-fuzz
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5251
Assisted-by: Max Dymond
6 years agoSMB: fix numeric constant suffix and variable types
Daniel Stenberg [Mon, 15 Jan 2018 19:43:34 +0000 (20:43 +0100)]
SMB: fix numeric constant suffix and variable types

1. don't use "ULL" suffix since unsupported in older MSVC
2. use curl_off_t instead of custom long long ifdefs
3. make get_posix_time() not do unaligned data access

Fixes #2211
Closes #2240
Reported-by: Chester Liu
6 years agoCURLOPT_TCP_NODELAY.3: fix typo
rouzier [Mon, 15 Jan 2018 16:06:38 +0000 (11:06 -0500)]
CURLOPT_TCP_NODELAY.3: fix typo

Closes #2239

6 years agosmtp/pop3/imap_get_message: decrease the data length too...
Daniel Stenberg [Sat, 13 Jan 2018 05:35:12 +0000 (06:35 +0100)]
smtp/pop3/imap_get_message: decrease the data length too...

Follow-up commit to 615edc1f73 which was incomplete.

Assisted-by: Max Dymond
Detected by OSS-fuzz
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5206

6 years agoopenssl: enable SSLKEYLOGFILE support by default
Daniel Stenberg [Sun, 14 Jan 2018 06:45:47 +0000 (07:45 +0100)]
openssl: enable SSLKEYLOGFILE support by default

Fixes #2210
Closes #2236

6 years agomime: clone mime tree upon easy handle duplication.
Patrick Monnerat [Sun, 14 Jan 2018 18:43:12 +0000 (19:43 +0100)]
mime: clone mime tree upon easy handle duplication.

A mime tree attached to an easy handle using CURLOPT_MIMEPOST is
strongly bound to the handle: there is a pointer to the easy handle in
each item of the mime tree and following the parent pointer list
of mime items ends in a dummy part stored within the handle.

Because of this binding, a mime tree cannot be shared between different
easy handles, thus it needs to be cloned upon easy handle duplication.

There is no way for the caller to get the duplicated mime tree
handle: it is then set to be automatically destroyed upon freeing the
new easy handle.

New test 654 checks proper mime structure duplication/release.

Add a warning note in curl_mime_data_cb() documentation about sharing
user data between duplicated handles.

Closes #2235

6 years agodocs: comment about CURLE_READ_ERROR returned by curl_mime_filedata
Patrick Monnerat [Sun, 14 Jan 2018 15:08:43 +0000 (16:08 +0100)]
docs: comment about CURLE_READ_ERROR returned by curl_mime_filedata

6 years agotest395: HTTP with overflow Content-Length value
Daniel Stenberg [Tue, 9 Jan 2018 05:01:38 +0000 (18:01 +1300)]
test395: HTTP with overflow Content-Length value

6 years agotest394: verify abort of rubbish in Content-Length: value
Daniel Stenberg [Tue, 9 Jan 2018 04:59:51 +0000 (17:59 +1300)]
test394: verify abort of rubbish in Content-Length: value

6 years agotest393: verify --max-filesize with excessive Content-Length
Daniel Stenberg [Tue, 9 Jan 2018 04:57:35 +0000 (17:57 +1300)]
test393: verify --max-filesize with excessive Content-Length

6 years agoHTTP: bail out on negative Content-Length: values
Daniel Stenberg [Tue, 9 Jan 2018 04:24:48 +0000 (17:24 +1300)]
HTTP: bail out on negative Content-Length: values

... and make the max filesize check trigger if the value is too big.

Updates test 178.

Reported-by: Brad Spencer
Fixes #2212
Closes #2223

6 years agoconfigure.ac: append extra linker flags instead of prepending them.
Dan Johnson [Thu, 28 Dec 2017 18:16:26 +0000 (18:16 +0000)]
configure.ac: append extra linker flags instead of prepending them.

Link order should list libraries after the libraries that use them,
so when we're guessing that we might also need to add -ldl in order
to use -lssl, we should add -ldl after -lssl.

Closes https://github.com/curl/curl/pull/2234

6 years agoRELEASE-NOTES: synced with 6fa10c8fa
Daniel Stenberg [Sat, 13 Jan 2018 09:30:25 +0000 (10:30 +0100)]
RELEASE-NOTES: synced with 6fa10c8fa

6 years agosetopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values
Jay Satiro [Wed, 10 Jan 2018 08:14:15 +0000 (03:14 -0500)]
setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values

Broken since f121575 (precedes 7.56.1).

Bug: https://github.com/curl/curl/issues/2225
Reported-by: cmfrolick@users.noreply.github.com
Closes https://github.com/curl/curl/pull/2227

6 years agosetopt: reintroduce non-static Curl_vsetopt() for OS400 support
Patrick Monnerat [Sat, 13 Jan 2018 00:20:40 +0000 (01:20 +0100)]
setopt: reintroduce non-static Curl_vsetopt() for OS400 support

This also upgrades ILE/RPG bindings with latest setopt options.

Reported-By: jonrumsey on github
Fixes #2230
Closes #2233

6 years agohttp2: fix incorrect trailer buffer size
Zhouyihai Ding [Wed, 10 Jan 2018 18:12:18 +0000 (10:12 -0800)]
http2: fix incorrect trailer buffer size

Prior to this change the stored byte count of each trailer was
miscalculated and 1 less than required. It appears any trailer
after the first that was passed to Curl_client_write would be truncated
or corrupted as well as the size. Potentially the size of some
subsequent trailer could be erroneously extracted from the contents of
that trailer, and since that size is used by client write an
out-of-bounds read could occur and cause a crash or be otherwise
processed by client write.

The bug appears to have been born in 0761a51 (precedes 7.49.0).

Closes https://github.com/curl/curl/pull/2231

6 years agoeasy: fix connection ownership in curl_easy_pause
Basuke Suzuki [Fri, 5 Jan 2018 23:39:07 +0000 (15:39 -0800)]
easy: fix connection ownership in curl_easy_pause

Before calling Curl_client_chop_write(), change the owner of connection
to the current Curl_easy handle. This will fix the issue #2217.

Fixes https://github.com/curl/curl/issues/2217
Closes https://github.com/curl/curl/pull/2221

6 years agosystem.h: Additionally check __LONG_MAX__ for defining curl_off_t
Dimitrios Apostolou [Thu, 4 Jan 2018 13:02:59 +0000 (14:02 +0100)]
system.h: Additionally check __LONG_MAX__ for defining curl_off_t

__SIZEOF_LONG__ was introduced in GCC 4.4, __LONG_MAX__ was introduced
in GCC 3.3.

Closes #2216

6 years agoCOPYING: it's 2018!
Daniel Stenberg [Tue, 9 Jan 2018 04:08:14 +0000 (17:08 +1300)]
COPYING: it's 2018!

6 years agoprogress: calculate transfer speed on milliseconds if possible
Daniel Stenberg [Mon, 1 Jan 2018 09:11:13 +0000 (22:11 +1300)]
progress: calculate transfer speed on milliseconds if possible

to increase accuracy for quick transfers

Fixes #2200
Closes #2206

6 years agoscripts: allow all perl scripts to be run directly
Jay Satiro [Sun, 7 Jan 2018 06:34:46 +0000 (01:34 -0500)]
scripts: allow all perl scripts to be run directly

- Enable execute permission (chmod +x)

- Change interpreter to /usr/bin/env perl

Closes https://github.com/curl/curl/pull/2222

6 years agomail-rcpt.d: fix short-text description
Jay Satiro [Sun, 7 Jan 2018 06:04:36 +0000 (01:04 -0500)]
mail-rcpt.d: fix short-text description

6 years agobuild: remove HAVE_LIMITS_H check
Jay Satiro [Wed, 3 Jan 2018 19:40:52 +0000 (14:40 -0500)]
build: remove HAVE_LIMITS_H check

.. because limits.h presence isn't optional, it's required by C89.

Ref: http://port70.net/~nsz/c/c89/c89-draft.html#2.2.4.2

Closes https://github.com/curl/curl/pull/2215

6 years agoopenssl: fix memory leak of SSLKEYLOGFILE filename
Jay Satiro [Wed, 3 Jan 2018 20:22:41 +0000 (15:22 -0500)]
openssl: fix memory leak of SSLKEYLOGFILE filename

- Free the copy of SSLKEYLOGFILE env returned by curl_getenv during ossl
  initialization.

Caught by ASAN.

6 years agoRevert "curl/system.h: fix compilation with gcc on AIX PPC and IA64 HP-UX"
Jay Satiro [Tue, 2 Jan 2018 20:44:08 +0000 (15:44 -0500)]
Revert "curl/system.h: fix compilation with gcc on AIX PPC and IA64 HP-UX"

This reverts commit c97648b55080343bb371522bf4233e94a2a13a99.

SIZEOF_LONG should not be checked in system.h since that macro is only
defined when building libcurl.

Ref: https://github.com/curl/curl/pull/2186#issuecomment-354767080
Ref: https://gcc.gnu.org/onlinedocs/cpp/Common-Predefined-Macros.html

7 years agotest1554: improve the error handling
Michael Kaufmann [Sat, 30 Dec 2017 15:51:38 +0000 (16:51 +0100)]
test1554: improve the error handling

7 years agotest1554: add global initialization and cleanup
Michael Kaufmann [Sat, 30 Dec 2017 15:42:57 +0000 (16:42 +0100)]
test1554: add global initialization and cleanup

7 years agocurl_version_info.3: call the argument 'age'
Daniel Stenberg [Fri, 29 Dec 2017 09:13:32 +0000 (22:13 +1300)]
curl_version_info.3: call the argument 'age'

Reported-by: Pete Lomax
Bug: https://curl.haxx.se/mail/lib-2017-12/0074.html

7 years agobrotli: data at the end of content can be lost
Mikalai Ananenka [Mon, 25 Dec 2017 21:17:08 +0000 (00:17 +0300)]
brotli: data at the end of content can be lost

Decoding loop implementation did not concern the case when all
received data is consumed by Brotli decoder and the size of decoded
data internally hold by Brotli decoder is greater than CURL_MAX_WRITE_SIZE.
For content with unencoded length greater than CURL_MAX_WRITE_SIZE this
can result in the loss of data at the end of content.

Closes #2194

7 years agoexamples/cacertinmem: ignore cert-already-exists error
Jay Satiro [Tue, 19 Dec 2017 07:17:39 +0000 (02:17 -0500)]
examples/cacertinmem: ignore cert-already-exists error

- Ignore X509_R_CERT_ALREADY_IN_HASH_TABLE errors in the CTX callback
  since it's possible the cert may have already been loaded by libcurl.

- Remove the EXAMPLE code in the CURLOPT_SSL_CTX_FUNCTION.3 doc.
  Instead have it direct the reader to this cacertinmem.c example.

- Fix the CA certificate to use the right CA for example.com, Digicert.

Bug: https://curl.haxx.se/mail/lib-2017-12/0057.html
Reported-by: Thomas van Hesteren
Closes https://github.com/curl/curl/pull/2182

7 years agotool_getparam: Support size modifiers for --max-filesize
Gisle Vanem [Sun, 17 Dec 2017 22:26:10 +0000 (17:26 -0500)]
tool_getparam: Support size modifiers for --max-filesize

- Move the size modifier detection code from limit-rate to its own
  function so that it can also be used with max-filesize.

Size modifiers are the suffixes such as G (gigabyte), M (megabyte) etc.

For example --max-filesize 1G

Ref: https://curl.haxx.se/mail/archive-2017-12/0000.html

Closes https://github.com/curl/curl/pull/2179

7 years agobuild: Fixed incorrect script termination from commit ad1dc10e61
Steve Holme [Fri, 22 Dec 2017 20:21:40 +0000 (20:21 +0000)]
build: Fixed incorrect script termination from commit ad1dc10e61

7 years agoMakefile.vc: Added our standard copyright header
Steve Holme [Fri, 22 Dec 2017 18:49:37 +0000 (18:49 +0000)]
Makefile.vc: Added our standard copyright header

7 years agowinbuild: Added support for VC15
Steve Holme [Fri, 22 Dec 2017 18:44:35 +0000 (18:44 +0000)]
winbuild: Added support for VC15

7 years agobuild: Added Visual Studio 2017 project files
Steve Holme [Fri, 22 Dec 2017 17:58:41 +0000 (17:58 +0000)]
build: Added Visual Studio 2017 project files

7 years agobuild-wolfssl.bat: Added support for VC15
Steve Holme [Fri, 22 Dec 2017 16:08:54 +0000 (16:08 +0000)]
build-wolfssl.bat: Added support for VC15

7 years agobuild-openssl.bat: Added support for VC15
Steve Holme [Fri, 22 Dec 2017 15:44:19 +0000 (15:44 +0000)]
build-openssl.bat: Added support for VC15

7 years agocurl/system.h: fix compilation with gcc on AIX PPC and IA64 HP-UX
Dimitrios Apostolou [Thu, 21 Dec 2017 17:09:45 +0000 (18:09 +0100)]
curl/system.h: fix compilation with gcc on AIX PPC and IA64 HP-UX

Closes https://github.com/curl/curl/pull/2186

7 years agoexamples/rtsp: fix error handling macros
Mattias Fornander [Wed, 20 Dec 2017 18:48:26 +0000 (11:48 -0700)]
examples/rtsp: fix error handling macros

Closes https://github.com/curl/curl/pull/2185

7 years agocurl_easy_reset: release mime-related data.
Patrick Monnerat [Wed, 20 Dec 2017 18:33:50 +0000 (19:33 +0100)]
curl_easy_reset: release mime-related data.

Move curl_mime_initpart() and curl_mime_cleanpart() calls to lower-level
functions dealing with UserDefined structure contents.
This avoids memory leakages on curl-generated part mime headers.
New test 2073 checks this using the cli tool --next option: it
triggers a valgrind error if bug is present.

Bug: https://curl.haxx.se/mail/lib-2017-12/0060.html
Reported-by: Martin Galvan
7 years agocontent_encoding: rework zlib_inflate
Patrick Monnerat [Wed, 20 Dec 2017 15:02:42 +0000 (16:02 +0100)]
content_encoding: rework zlib_inflate

- When zlib version is < 1.2.0.4, process gzip trailer before considering
extra data as an error.
- Inflate with Z_BLOCK instead of Z_SYNC_FLUSH to maximize correct data
and minimize corrupt data output.
- Do not try to restart deflate decompression in raw mode if output has
started or if the leading data is not available anymore.
- New test 232 checks inflating raw-deflated content.

Closes #2068

7 years agobrotli: allow compiling with version 0.6.0.
Patrick Monnerat [Wed, 20 Dec 2017 14:30:35 +0000 (15:30 +0100)]
brotli: allow compiling with version 0.6.0.

Some error codes were not yet defined in brotli 0.6.0: do not issue code
for them in this case.

7 years agoCURLOPT_READFUNCTION.3: refer to argument with correct name
Daniel Stenberg [Wed, 13 Dec 2017 07:15:15 +0000 (08:15 +0100)]
CURLOPT_READFUNCTION.3: refer to argument with correct name

Bug: #2175

[ci skip]

7 years agorand: add a clang-analyzer work-around
Daniel Stenberg [Tue, 12 Dec 2017 23:45:42 +0000 (00:45 +0100)]
rand: add a clang-analyzer work-around

scan-build would warn on a potential access of an uninitialized
buffer. I deem it a false positive and had to add this somewhat ugly
work-around to silence it.

7 years agokrb5: fix a potential access of uninitialized memory
Daniel Stenberg [Tue, 12 Dec 2017 23:36:39 +0000 (00:36 +0100)]
krb5: fix a potential access of uninitialized memory

A scan-build warning.

7 years agoconncache: fix a return code [regression]
Daniel Stenberg [Tue, 12 Dec 2017 22:53:56 +0000 (23:53 +0100)]
conncache: fix a return code [regression]

This broke in 07cb27c98e. Make sure to return 'result' properly. Pointed
out by scan-build!

7 years agocurl: support >256 bytes warning messsages
Daniel Stenberg [Tue, 12 Dec 2017 18:58:47 +0000 (19:58 +0100)]
curl: support >256 bytes warning messsages

Bug: #2174

7 years agolibssh: fix a syntax error in configure.ac
Michael Kaufmann [Sun, 10 Dec 2017 21:30:06 +0000 (22:30 +0100)]
libssh: fix a syntax error in configure.ac

Follow-up to c92d2e1

Closes #2172

7 years agoexamples/smtp-mail.c: use separate defines for options and mail
Daniel Stenberg [Tue, 12 Dec 2017 14:28:05 +0000 (15:28 +0100)]
examples/smtp-mail.c: use separate defines for options and mail

... to make it clearer that the options want address-only, while the
headers in an email can also have the real name.

Assisted-by: Sean MacLennan