]> granicus.if.org Git - curl/log
curl
8 years agosimplessl.c: fix my breakage
Daniel Stenberg [Thu, 11 Feb 2016 09:20:48 +0000 (10:20 +0100)]
simplessl.c: fix my breakage

8 years agoexamples: adhere to curl code style
Daniel Stenberg [Thu, 11 Feb 2016 08:42:38 +0000 (09:42 +0100)]
examples: adhere to curl code style

All plain C examples now (mostly) adhere to the curl code style. While
they are only examples, they had diverted so much and contained all
sorts of different mixed code styles by now. Having them use a unified
style helps users and readability. Also, as they get copy-and-pasted
widely by users, making sure they're clean and nice is a good idea.

573 checksrc warnings were addressed.

8 years agoexamples/cookie_interface.c: add cleanup call
Daniel Stenberg [Thu, 11 Feb 2016 07:44:59 +0000 (08:44 +0100)]
examples/cookie_interface.c: add cleanup call

cleaning up handles is a good idea as we leak memory otherwise

Also, line wrapped before 80 columns.

8 years agonss: search slash in forward direction in dup_nickname()
Kamil Dudka [Thu, 4 Feb 2016 09:44:52 +0000 (10:44 +0100)]
nss: search slash in forward direction in dup_nickname()

It is wasteful to search it backwards if we look for _any_ slash.

8 years agonss: do not count enabled cipher-suites
Kamil Dudka [Thu, 4 Feb 2016 09:41:15 +0000 (10:41 +0100)]
nss: do not count enabled cipher-suites

We only care if at least one cipher-suite is enabled, so it does
not make any sense to iterate till the end and count all enabled
cipher-suites.

8 years agocontributors.sh: make 79 the max column width (from 80)
Daniel Stenberg [Wed, 10 Feb 2016 12:49:42 +0000 (13:49 +0100)]
contributors.sh: make 79 the max column width (from 80)

8 years agoRELEASE-NOTES: synced with c276aefee3995
Daniel Stenberg [Wed, 10 Feb 2016 12:49:34 +0000 (13:49 +0100)]
RELEASE-NOTES: synced with c276aefee3995

8 years agombedtls.c: re-indent to better match curl standards
Daniel Stenberg [Wed, 10 Feb 2016 09:46:57 +0000 (10:46 +0100)]
mbedtls.c: re-indent to better match curl standards

8 years agombedtls: fix memory leak when destroying SSL connection data
Rafael Antonio [Mon, 1 Feb 2016 22:13:10 +0000 (23:13 +0100)]
mbedtls: fix memory leak when destroying SSL connection data

Closes #626

8 years agombedtls: fix ALPN usage segfault
Daniel Stenberg [Tue, 9 Feb 2016 22:37:14 +0000 (23:37 +0100)]
mbedtls: fix ALPN usage segfault

Since we didn't keep the input argument around after having called
mbedtls, it could end up accessing the wrong memory when figuring out
the ALPN protocols.

Closes #642

8 years agoopts: update references to renamed options
Timotej Lazar [Tue, 9 Feb 2016 18:40:24 +0000 (19:40 +0100)]
opts: update references to renamed options

8 years agoKNOWN_BUGS: Update #92 - Windows device prefix
Jay Satiro [Tue, 9 Feb 2016 08:29:19 +0000 (03:29 -0500)]
KNOWN_BUGS: Update #92 - Windows device prefix

8 years agotool_doswin: Support for literal path prefix \\?\
Jay Satiro [Tue, 9 Feb 2016 08:28:58 +0000 (03:28 -0500)]
tool_doswin: Support for literal path prefix \\?\

For example something like --output \\?\C:\foo

8 years agoconfigure: state "BoringSSL" in summary when that was detected
Daniel Stenberg [Tue, 9 Feb 2016 07:44:26 +0000 (08:44 +0100)]
configure: state "BoringSSL" in summary when that was detected

8 years agoopenssl: remove most BoringSSL #ifdefs.
David Benjamin [Tue, 9 Feb 2016 04:19:31 +0000 (23:19 -0500)]
openssl: remove most BoringSSL #ifdefs.

As of https://boringssl-review.googlesource.com/#/c/6980/, almost all of
BoringSSL #ifdefs in cURL should be unnecessary:

- BoringSSL provides no-op stubs for compatibility which replaces most
  #ifdefs.

- DES_set_odd_parity has been in BoringSSL for nearly a year now. Remove
  the compatibility codepath.

- With a small tweak to an extend_key_56_to_64 call, the NTLM code
  builds fine.

- Switch OCSP-related #ifdefs to the more generally useful
  OPENSSL_NO_OCSP.

The only #ifdefs which remain are Curl_ossl_version and the #undefs to
work around OpenSSL and wincrypt.h name conflicts. (BoringSSL leaves
that to the consumer. The in-header workaround makes things sensitive to
include order.)

This change errs on the side of removing conditionals despite many of
the restored codepaths being no-ops. (BoringSSL generally adds no-op
compatibility stubs when possible. OPENSSL_VERSION_NUMBER #ifdefs are
bad enough!)

Closes #640

8 years agoKNOWN_BUGS: Windows device prefix is required for devices
Jay Satiro [Mon, 8 Feb 2016 22:40:53 +0000 (17:40 -0500)]
KNOWN_BUGS: Windows device prefix is required for devices

8 years agotool_urlglob: Allow reserved dos device names (Windows)
Jay Satiro [Mon, 8 Feb 2016 20:09:42 +0000 (15:09 -0500)]
tool_urlglob: Allow reserved dos device names (Windows)

Allow --output to reserved dos device names without the device prefix
for backwards compatibility.

Example: --output NUL can be used instead of --output \\.\NUL

Bug: https://github.com/curl/curl/commit/4520534#commitcomment-15954863
Reported-by: Gisle Vanem
8 years agocookies: allow spaces in cookie names, cut of trailing spaces
Daniel Stenberg [Mon, 8 Feb 2016 14:48:18 +0000 (15:48 +0100)]
cookies: allow spaces in cookie names, cut of trailing spaces

It turns out Firefox and Chrome both allow spaces in cookie names and
there are sites out there using that.

Turned out the code meant to strip off trailing space from cookie names
didn't work. Fixed now.

Test case 8 modified to verify both these changes.

Closes #639

8 years agoMerge branch 'master' of github.com:curl/curl
Patrick Monnerat [Mon, 8 Feb 2016 13:52:18 +0000 (14:52 +0100)]
Merge branch 'master' of github.com:curl/curl

8 years agoos400: sync ILE/RPG definitions with latest public header files.
Patrick Monnerat [Mon, 8 Feb 2016 13:50:53 +0000 (14:50 +0100)]
os400: sync ILE/RPG definitions with latest public header files.

8 years agoSSLCERTS: update wrt SSL CA certificate store
Ludwig Nussel [Fri, 27 Mar 2015 07:22:39 +0000 (08:22 +0100)]
SSLCERTS: update wrt SSL CA certificate store

8 years agoconfigure: --with-ca-fallback: use built-in TLS CA fallback
Ludwig Nussel [Tue, 24 Mar 2015 12:25:17 +0000 (13:25 +0100)]
configure: --with-ca-fallback: use built-in TLS CA fallback

When trying to verify a peer without having any root CA certificates
set, this makes libcurl use the TLS library's built in default as
fallback.

Closes #569

8 years agoProxy-Connection: stop sending this header by default
Daniel Stenberg [Thu, 4 Feb 2016 14:07:02 +0000 (15:07 +0100)]
Proxy-Connection: stop sending this header by default

RFC 7230 says we should stop. Firefox already stopped.

Bug: https://github.com/curl/curl/issues/633
Reported-By: Brad Fitzpatrick
Closes #633

8 years agobump: work toward the next release
Daniel Stenberg [Mon, 8 Feb 2016 09:47:44 +0000 (10:47 +0100)]
bump: work toward the next release

8 years agoTHANKS: 2 contributors from the 7.47.1 release
Daniel Stenberg [Mon, 8 Feb 2016 09:46:01 +0000 (10:46 +0100)]
THANKS: 2 contributors from the 7.47.1 release

8 years agoRELEASE-PROCEDURE: remove the github upload part
Daniel Stenberg [Mon, 8 Feb 2016 09:35:35 +0000 (10:35 +0100)]
RELEASE-PROCEDURE: remove the github upload part

... as we're HTTPS on the main site now, there's no point in that
extra step

8 years agoRELEASE-NOTES: curl 7.47.1 time! curl-7_47_1
Daniel Stenberg [Mon, 8 Feb 2016 09:26:24 +0000 (10:26 +0100)]
RELEASE-NOTES: curl 7.47.1 time!

8 years agotool_operhlp: Check for backslashes in get_url_file_name
Jay Satiro [Sun, 7 Feb 2016 09:49:07 +0000 (04:49 -0500)]
tool_operhlp: Check for backslashes in get_url_file_name

Extract the filename from the last slash or backslash. Prior to this
change backslashes could be part of the filename.

This change needed for the curl tool built for Cygwin. Refer to the
CYGWIN addendum in advisory 20160127B.

Bug: https://curl.haxx.se/docs/adv_20160127B.html

8 years agoRELEASE-NOTES: synced with d6a8869ea34
Daniel Stenberg [Sun, 7 Feb 2016 15:20:23 +0000 (16:20 +0100)]
RELEASE-NOTES: synced with d6a8869ea34

8 years agoopenssl: Fix signed/unsigned mismatch warning in X509V3_ext
Jay Satiro [Sun, 7 Feb 2016 00:10:49 +0000 (19:10 -0500)]
openssl: Fix signed/unsigned mismatch warning in X509V3_ext

sk_X509_EXTENSION_num may return an unsigned integer, however the value
will fit in an int.

Bug: https://github.com/curl/curl/commit/dd1b44c#commitcomment-15913896
Reported-by: Gisle Vanem
8 years agoTODO: 17.11 -w output to stderr
Daniel Stenberg [Sat, 6 Feb 2016 23:27:28 +0000 (00:27 +0100)]
TODO: 17.11 -w output to stderr

8 years agoidn_win32: Better error checking
Michael Kaufmann [Fri, 5 Feb 2016 20:15:43 +0000 (21:15 +0100)]
idn_win32: Better error checking

.. also fix a conversion bug in the unused function
curl_win32_ascii_to_idn().

And remove wprintfs on error (Jay).

Bug: https://github.com/curl/curl/pull/637

8 years agoexamples/asiohiper: Avoid function name collision on Windows
Gisle Vanem [Sat, 6 Feb 2016 22:04:37 +0000 (17:04 -0500)]
examples/asiohiper: Avoid function name collision on Windows

closesocket => close_socket
Winsock already has the former.

Bug: https://curl.haxx.se/mail/lib-2016-02/0016.html

8 years agoexamples/htmltitle: Use _stricmp on Windows
Gisle Vanem [Sat, 6 Feb 2016 22:02:53 +0000 (17:02 -0500)]
examples/htmltitle: Use _stricmp on Windows

Bug: https://curl.haxx.se/mail/lib-2016-02/0017.html

8 years agoCOPYING: clarify that Daniel is not the sole author
Daniel Stenberg [Sat, 6 Feb 2016 17:39:41 +0000 (18:39 +0100)]
COPYING: clarify that Daniel is not the sole author

... done on request and as it is a fair point.

8 years agounit1604: Fix unit setup return code
Jay Satiro [Fri, 5 Feb 2016 18:37:39 +0000 (13:37 -0500)]
unit1604: Fix unit setup return code

8 years agotool_doswin: Use type SANITIZEcode in sanitize_file_name
Jay Satiro [Fri, 5 Feb 2016 07:22:24 +0000 (02:22 -0500)]
tool_doswin: Use type SANITIZEcode in sanitize_file_name

8 years agotool_doswin: Improve sanitization processing
Jay Satiro [Fri, 5 Feb 2016 06:44:27 +0000 (01:44 -0500)]
tool_doswin: Improve sanitization processing

- Add unit test 1604 to test the sanitize_file_name function.

- Use -DCURL_STATICLIB when building libcurltool for unit testing.

- Better detection of reserved DOS device names.

- New flags to modify sanitize behavior:

SANITIZE_ALLOW_COLONS: Allow colons
SANITIZE_ALLOW_PATH: Allow path separators and colons
SANITIZE_ALLOW_RESERVED: Allow reserved device names
SANITIZE_ALLOW_TRUNCATE: Allow truncating a long filename

- Restore sanitization of banned characters from user-specified outfile.

Prior to this commit sanitization of a user-specified outfile was
temporarily disabled in 2b6dadc because there was no way to allow path
separators and colons through while replacing other banned characters.
Now in such a case we call the sanitize function with
SANITIZE_ALLOW_PATH which allows path separators and colons to pass
through.

Closes https://github.com/curl/curl/issues/624
Reported-by: Octavio Schroeder
8 years agoURLs: change more http to https
Viktor Szakats [Wed, 3 Feb 2016 04:09:25 +0000 (05:09 +0100)]
URLs: change more http to https

8 years agosasl_sspi: Fix memory leak in domain populate
Jay Satiro [Thu, 4 Feb 2016 23:11:07 +0000 (18:11 -0500)]
sasl_sspi: Fix memory leak in domain populate

Free an existing domain before replacing it.

Bug: https://github.com/curl/curl/issues/635
Reported-by: silveja1@users.noreply.github.com
8 years agoURLs: follow GitHub project rename (also Travis CI)
Viktor Szakats [Wed, 3 Feb 2016 17:34:16 +0000 (18:34 +0100)]
URLs: follow GitHub project rename (also Travis CI)

Closes #632

8 years agoCHANGES.o: fix references to curl.haxx.nu
Daniel Stenberg [Wed, 3 Feb 2016 14:33:47 +0000 (15:33 +0100)]
CHANGES.o: fix references to curl.haxx.nu

I removed the scheme prefix from the URLs references this host name, as
we don't own/run that anymore but the name is kept for historic reasons.

8 years agoHISTORY: add some info about when we used which host names
Daniel Stenberg [Wed, 3 Feb 2016 14:33:30 +0000 (15:33 +0100)]
HISTORY: add some info about when we used which host names

8 years agoURLs: change more http to https
Viktor Szakats [Wed, 3 Feb 2016 03:16:52 +0000 (04:16 +0100)]
URLs: change more http to https

8 years agoURLs: Change more haxx.se URLs from http: to https:
Dan Fandrich [Wed, 3 Feb 2016 00:45:21 +0000 (01:45 +0100)]
URLs: Change more haxx.se URLs from http: to https:

8 years agoRELEASE-NOTES: synced with 4af40b364
Daniel Stenberg [Tue, 2 Feb 2016 23:32:07 +0000 (00:32 +0100)]
RELEASE-NOTES: synced with 4af40b364

8 years agoURLs: change all http:// URLs to https://
Daniel Stenberg [Tue, 2 Feb 2016 23:19:02 +0000 (00:19 +0100)]
URLs: change all http:// URLs to https://

8 years agoconfigure: update the copyright year range in output
Daniel Stenberg [Tue, 2 Feb 2016 21:49:05 +0000 (22:49 +0100)]
configure: update the copyright year range in output

8 years agodotdot: allow an empty input string too
Daniel Stenberg [Tue, 2 Feb 2016 21:43:54 +0000 (22:43 +0100)]
dotdot: allow an empty input string too

It isn't used by the code in current conditions but for safety it seems
sensible to at least not crash on such input.

Extended unit test 1395 to verify this too as well as a plain "/" input.

8 years agoHTTPS: update a bunch of URLs from HTTP to HTTPS
Daniel Stenberg [Mon, 1 Feb 2016 23:24:30 +0000 (00:24 +0100)]
HTTPS: update a bunch of URLs from HTTP to HTTPS

8 years agoAppVeyor: updated to handle OpenSSL/WinSSL builds
Sergei Nikulov [Thu, 28 Jan 2016 12:57:28 +0000 (15:57 +0300)]
AppVeyor: updated to handle OpenSSL/WinSSL builds

Closes #621

8 years agotool_operate: Don't sanitize --output path (Windows)
Jay Satiro [Mon, 1 Feb 2016 09:11:46 +0000 (04:11 -0500)]
tool_operate: Don't sanitize --output path (Windows)

Due to path separators being incorrectly sanitized in --output
pathnames, eg -o c:\foo => c__foo

This is a partial revert of 3017d8a until I write a proper fix. The
remote-name will continue to be sanitized, but if the user specified an
--output with string replacement (#1, #2, etc) that data is unsanitized
until I finish a fix.

Bug: https://github.com/bagder/curl/issues/624
Reported-by: Octavio Schroeder
8 years agocurl.1: Explain remote-name behavior if file already exists
Jay Satiro [Fri, 29 Jan 2016 08:28:48 +0000 (03:28 -0500)]
curl.1: Explain remote-name behavior if file already exists

.. also warn about letting the server pick the filename.

8 years agourldata: Error on missing SSL backend-specific connect info
Gisle Vanem [Fri, 29 Jan 2016 05:11:41 +0000 (00:11 -0500)]
urldata: Error on missing SSL backend-specific connect info

8 years agobump: towards the next (7.47.1 ?)
Daniel Stenberg [Thu, 28 Jan 2016 15:36:29 +0000 (16:36 +0100)]
bump: towards the next (7.47.1 ?)

8 years agocmake: fixed when OpenSSL enabled on Windows and schannel detected
Sergei Nikulov [Wed, 27 Jan 2016 12:22:39 +0000 (15:22 +0300)]
cmake: fixed when OpenSSL enabled on Windows and schannel detected

Closes #617

8 years agourldata: moved common variable out of ifdef
Sergei Nikulov [Wed, 27 Jan 2016 13:01:05 +0000 (16:01 +0300)]
urldata: moved common variable out of ifdef

Closes https://github.com/bagder/curl/pull/618

8 years agotool_doswin: silence unused function warning
Viktor Szakats [Wed, 27 Jan 2016 10:04:18 +0000 (11:04 +0100)]
tool_doswin: silence unused function warning

tool_doswin.c:185:14: warning: 'msdosify' defined but not used
[-Wunused-function]

Closes https://github.com/bagder/curl/pull/616

8 years agogetredirect.c: fix variable name
Daniel Stenberg [Wed, 27 Jan 2016 08:35:55 +0000 (09:35 +0100)]
getredirect.c: fix variable name

Reported-by: Bernard Spil
8 years agoexamples/Makefile.inc: specify programs without .c! curl-7_47_0
Daniel Stenberg [Wed, 27 Jan 2016 07:30:04 +0000 (08:30 +0100)]
examples/Makefile.inc: specify programs without .c!

8 years agoTHANKS: 6 new contributors from 7.47.0 release notes
Daniel Stenberg [Tue, 26 Jan 2016 22:45:02 +0000 (23:45 +0100)]
THANKS: 6 new contributors from 7.47.0 release notes

8 years agoNTLM: Fix ConnectionExists to compare Proxy credentials
Isaac Boukris [Wed, 13 Jan 2016 09:05:51 +0000 (11:05 +0200)]
NTLM: Fix ConnectionExists to compare Proxy credentials

Proxy NTLM authentication should compare credentials when
re-using a connection similar to host authentication, as it
authenticate the connection.

Example:
curl -v -x http://proxy:port http://host/ -U good_user:good_pwd
  --proxy-ntlm --next -x http://proxy:port http://host/
    [-U fake_user:fake_pwd --proxy-ntlm]

CVE-2016-0755

Bug: http://curl.haxx.se/docs/adv_20160127A.html

8 years agocurl: avoid local drive traversal when saving file (Windows)
Ray Satiro [Tue, 26 Jan 2016 22:23:15 +0000 (23:23 +0100)]
curl: avoid local drive traversal when saving file (Windows)

curl does not sanitize colons in a remote file name that is used as the
local file name. This may lead to a vulnerability on systems where the
colon is a special path character. Currently Windows/DOS is the only OS
where this vulnerability applies.

CVE-2016-0754

Bug: http://curl.haxx.se/docs/adv_20160127B.html

8 years agoRELEASE-NOTES: 7.47.0
Daniel Stenberg [Tue, 26 Jan 2016 22:34:10 +0000 (23:34 +0100)]
RELEASE-NOTES: 7.47.0

8 years agoFAQ: language fix in 4.19
Daniel Stenberg [Mon, 25 Jan 2016 10:11:29 +0000 (11:11 +0100)]
FAQ: language fix in 4.19

9 years agoFAQ: Update to point to GitHub
paulehoffman [Sun, 24 Jan 2016 22:27:08 +0000 (14:27 -0800)]
FAQ: Update to point to GitHub

Current FAQ didn't make it clear where the main repo is.

Closes #612

9 years agomaketgz: generate date stamp with LC_TIME=C
Daniel Stenberg [Sun, 24 Jan 2016 19:30:07 +0000 (20:30 +0100)]
maketgz: generate date stamp with LC_TIME=C

bug: http://curl.haxx.se/mail/lib-2016-01/0123.html

9 years agocurl_multi_socket_action.3: line wrap
Daniel Stenberg [Sun, 24 Jan 2016 19:29:51 +0000 (20:29 +0100)]
curl_multi_socket_action.3: line wrap

9 years agoRELEASE-NOTES: synced with d58ba66eeceb
Daniel Stenberg [Thu, 21 Jan 2016 22:57:52 +0000 (23:57 +0100)]
RELEASE-NOTES: synced with d58ba66eeceb

9 years agoTODO: "Create remote directories" for SMB
Steve Holme [Thu, 21 Jan 2016 21:05:55 +0000 (21:05 +0000)]
TODO: "Create remote directories" for SMB

9 years agombedtls: Fix pinned key return value on fail
Jay Satiro [Mon, 18 Jan 2016 08:48:10 +0000 (03:48 -0500)]
mbedtls: Fix pinned key return value on fail

- Switch from verifying a pinned public key in a callback during the
certificate verification to inline after the certificate verification.

The callback method had three problems:

1. If a pinned public key didn't match, CURLE_SSL_PINNEDPUBKEYNOTMATCH
was not returned.

2. If peer certificate verification was disabled the pinned key
verification did not take place as it should.

3. (related to #2) If there was no certificate of depth 0 the callback
would not have checked the pinned public key.

Though all those problems could have been fixed it would have made the
code more complex. Instead we now verify inline after the certificate
verification in mbedtls_connect_step2.

Ref: http://curl.haxx.se/mail/lib-2016-01/0047.html
Ref: https://github.com/bagder/curl/pull/601

9 years agotests: Add a test for pinnedpubkey fail even when insecure
Jay Satiro [Mon, 18 Jan 2016 08:10:10 +0000 (03:10 -0500)]
tests: Add a test for pinnedpubkey fail even when insecure

Because disabling the peer verification (--insecure) must not disable
the public key pinning check (--pinnedpubkey).

9 years agoCURLINFO_RESPONSE_CODE.3: add example
Daniel Schauenberg [Sun, 17 Jan 2016 04:04:46 +0000 (23:04 -0500)]
CURLINFO_RESPONSE_CODE.3: add example

9 years agossh: make CURLOPT_SSH_PUBLIC_KEYFILE treat "" as NULL
Kamil Dudka [Fri, 15 Jan 2016 09:27:33 +0000 (10:27 +0100)]
ssh: make CURLOPT_SSH_PUBLIC_KEYFILE treat "" as NULL

The CURLOPT_SSH_PUBLIC_KEYFILE option has been documented to handle
empty strings specially since curl-7_25_0-31-g05a443a but the behavior
was unintentionally removed in curl-7_38_0-47-gfa7d04f.

This commit restores the original behavior and clarifies it in the
documentation that NULL and "" have both the same meaning when passed
to CURLOPT_SSH_PUBLIC_KEYFILE.

Bug: http://curl.haxx.se/mail/lib-2016-01/0072.html

9 years agoRELEASE-NOTES: synced with 35083ca60ed035a
Daniel Stenberg [Thu, 14 Jan 2016 21:09:09 +0000 (22:09 +0100)]
RELEASE-NOTES: synced with 35083ca60ed035a

9 years agoopenssl: improved error detection/reporting
Daniel Stenberg [Thu, 14 Jan 2016 20:25:30 +0000 (21:25 +0100)]
openssl: improved error detection/reporting

... by extracting the LIB + REASON from the OpenSSL error code. OpenSSL
1.1.0+ returned a new func number of another cerfificate fail so this
required a fix and this is the better way to catch this error anyway.

9 years agoopenssl: for 1.1.0+ they now provide a SSLeay() macro of their own
Daniel Stenberg [Thu, 14 Jan 2016 15:38:14 +0000 (16:38 +0100)]
openssl: for 1.1.0+ they now provide a SSLeay() macro of their own

9 years agoCURLOPT_RESOLVE.3: minor language polish
Daniel Stenberg [Wed, 13 Jan 2016 08:11:12 +0000 (09:11 +0100)]
CURLOPT_RESOLVE.3: minor language polish

9 years agoconfigure: assume IPv6 works when cross-compiled
Daniel Stenberg [Tue, 12 Jan 2016 09:30:54 +0000 (10:30 +0100)]
configure: assume IPv6 works when cross-compiled

The configure test uses AC_TRY_RUN to figure out if an ipv6 socket
works, and testing like that doesn't work for cross-compiles. These days
IPv6 support is widespread so a blind guess is probably more likely to
be 'yes' than 'no' now.

Further: anyone who cross-compiles can use configure's --disable-ipv6 to
explicitly disable IPv6 and that also works for cross-compiles.

Made happen after discussions in issue #594

9 years agoTODO: "Try to URL encode given URL"
Daniel Stenberg [Mon, 11 Jan 2016 23:03:05 +0000 (00:03 +0100)]
TODO: "Try to URL encode given URL"

Closes #514

9 years agoConnectionExists: only do pipelining/multiplexing when asked
Daniel Stenberg [Sun, 10 Jan 2016 00:00:06 +0000 (01:00 +0100)]
ConnectionExists: only do pipelining/multiplexing when asked

When an HTTP/2 upgrade request fails (no protocol switch), it would
previously detect that as still possible to pipeline on (which is
acorrect) and do that when PIPEWAIT was enabled even if pipelining was
not explictily enabled.

It should only pipelined if explicitly asked to.

Closes #584

9 years agolib: Prefix URLs with lower-case protocol names/schemes
Mohammad AlSaleh [Fri, 8 Jan 2016 22:50:38 +0000 (00:50 +0200)]
lib: Prefix URLs with lower-case protocol names/schemes

Before this patch, if a URL does not start with the protocol
name/scheme, effective URLs would be prefixed with upper-case protocol
names/schemes. This behavior might not be expected by library users or
end users.

For example, if `CURLOPT_DEFAULT_PROTOCOL` is set to "https". And the
URL is "hostname/path". The effective URL would be
"HTTPS://hostname/path" instead of "https://hostname/path".

After this patch, effective URLs would be prefixed with a lower-case
protocol name/scheme.

Closes #597

Signed-off-by: Mohammad AlSaleh <CE.Mohammad.AlSaleh@gmail.com>
9 years agoscripts: don't generate and install zsh completion when cross-compiling
Alessandro Ghedini [Mon, 11 Jan 2016 22:22:25 +0000 (22:22 +0000)]
scripts: don't generate and install zsh completion when cross-compiling

9 years agoscripts: fix zsh completion generation
Alessandro Ghedini [Sun, 27 Dec 2015 17:08:53 +0000 (18:08 +0100)]
scripts: fix zsh completion generation

The script should use the just-built curl, not the system one. This fixes
zsh completion generation when no system curl is installed.

9 years agozsh.pl: fail if no curl is found
Alessandro Ghedini [Sun, 27 Dec 2015 17:12:46 +0000 (18:12 +0100)]
zsh.pl: fail if no curl is found

Instead of generation a broken completion file.

9 years agoIDN host names: Remove the port number before converting to ACE
Michael Kaufmann [Fri, 8 Jan 2016 13:54:56 +0000 (14:54 +0100)]
IDN host names: Remove the port number before converting to ACE

Closes #596

9 years agoruntests: Add mbedTLS to the SSL backends
Jay Satiro [Sun, 10 Jan 2016 07:56:26 +0000 (02:56 -0500)]
runtests: Add mbedTLS to the SSL backends

.. and enable SSLpinning tests for mbedTLS, BoringSSL and LibreSSL.

9 years agombedtls: implement CURLOPT_PINNEDPUBLICKEY
Thomas Glanzmann [Wed, 6 Jan 2016 06:00:11 +0000 (07:00 +0100)]
mbedtls: implement CURLOPT_PINNEDPUBLICKEY

9 years agourl: Fix compile error with --enable-werror
Tatsuhiro Tsujikawa [Sat, 9 Jan 2016 00:51:05 +0000 (09:51 +0900)]
url: Fix compile error with --enable-werror

9 years agohttp2: Ensure that http2_handle_stream_close is called
Tatsuhiro Tsujikawa [Thu, 7 Jan 2016 13:10:09 +0000 (22:10 +0900)]
http2: Ensure that http2_handle_stream_close is called

Previously, when HTTP/2 is enabled and used, and stream has content
length known, Curl_read was not called when there was no bytes left to
read. Because of this, we could not make sure that
http2_handle_stream_close was called for every stream. Since we use
http2_handle_stream_close to emit trailer fields, they were
effectively ignored. This commit changes the code so that Curl_read is
called even if no bytes left to read, to ensure that
http2_handle_stream_close is called for every stream.

Discussed in https://github.com/bagder/curl/pull/564

9 years agohttp2: handle the received SETTINGS frame
Daniel Stenberg [Fri, 8 Jan 2016 22:06:59 +0000 (23:06 +0100)]
http2: handle the received SETTINGS frame

This regression landed in 5778e6f5 and made libcurl not act on received
settings and instead stayed with its internal defaults.

Bug: http://curl.haxx.se/mail/lib-2016-01/0031.html
Reported-by: Bankde
9 years agoRevert "multiplex: allow only once HTTP/2 is actually used"
Daniel Stenberg [Fri, 8 Jan 2016 13:39:54 +0000 (14:39 +0100)]
Revert "multiplex: allow only once HTTP/2 is actually used"

This reverts commit 46cb70e9fa81c9a56de484cdd7c5d9d0d9fbec36.

Bug: http://curl.haxx.se/mail/lib-2016-01/0031.html

9 years agohttp2: Fix PUSH_PROMISE headers being treated as trailers
Tatsuhiro Tsujikawa [Fri, 8 Jan 2016 08:04:19 +0000 (03:04 -0500)]
http2: Fix PUSH_PROMISE headers being treated as trailers

Discussed in https://github.com/bagder/curl/pull/564

9 years agoconnection reuse: IDN host names fixed
Michael Kaufmann [Thu, 7 Jan 2016 17:00:00 +0000 (18:00 +0100)]
connection reuse: IDN host names fixed

Use the ACE form of IDN hostnames as key in the connection cache.  Add
new tests.

Closes #592

9 years agotests: mark IPv6 FTP and FTPS tests with the FTP keyword
Daniel Stenberg [Thu, 7 Jan 2016 12:48:05 +0000 (13:48 +0100)]
tests: mark IPv6 FTP and FTPS tests with the FTP keyword

9 years agombedtls: Fix ALPN support
Jay Satiro [Thu, 7 Jan 2016 06:49:31 +0000 (01:49 -0500)]
mbedtls: Fix ALPN support

- Fix ALPN reply detection.

- Wrap nghttp2 code in ifdef USE_NGHTTP2.

Prior to this change ALPN and HTTP/2 did not work properly in mbedTLS.

9 years agohttp2: Fix client write for trailers on stream close
Jay Satiro [Thu, 7 Jan 2016 03:10:49 +0000 (22:10 -0500)]
http2: Fix client write for trailers on stream close

Check that the trailer buffer exists before attempting a client write
for trailers on stream close.

Refer to comments in https://github.com/bagder/curl/pull/564

9 years agoCOPYING: update general copyright year range
Daniel Stenberg [Wed, 6 Jan 2016 23:11:16 +0000 (00:11 +0100)]
COPYING: update general copyright year range

9 years agoConnectionExists: add missing newline in infof() call
Daniel Stenberg [Tue, 5 Jan 2016 11:09:33 +0000 (12:09 +0100)]
ConnectionExists: add missing newline in infof() call

Mistake from commit a464f33843ee1

9 years agomultiplex: allow only once HTTP/2 is actually used
Daniel Stenberg [Tue, 5 Jan 2016 10:32:30 +0000 (11:32 +0100)]
multiplex: allow only once HTTP/2 is actually used

To make sure curl doesn't allow multiplexing before a connection is
upgraded to HTTP/2 (like when Upgrade: h2c fails), we must make sure the
connection uses HTTP/2 as well and not only check what's wanted.

Closes #584

Patch-by: c0ff