]> granicus.if.org Git - curl/log
curl
5 years agocmake: avoid linking executable for some tests with cmake 3.6+
Jakub Zakrzewski [Sun, 7 Apr 2019 10:43:38 +0000 (12:43 +0200)]
cmake: avoid linking executable for some tests with cmake 3.6+

With CMAKE_TRY_COMPILE_TARGET_TYPE set to STATIC_LIBRARY, the try_compile()
(which is used by check_c_source_compiles()) will build static library
instead of executable. This avoids linking additional libraries in and thus
speeds up those checks a little.

This commit also avoids #3743 (GSSAPI build errors) on itself with cmake
3.6 or above. That issue was fixed separately for all versions.

Ref: #3744

5 years agocmake: minor cleanup
Jakub Zakrzewski [Sun, 7 Apr 2019 10:05:23 +0000 (12:05 +0200)]
cmake: minor cleanup

- Remove nneeded include_regular_expression.
  It was setting what is already a default.

- Remove duplicated include.

- Don't check for pre-3.0.0 CMake version.
  We already require at least 3.0.0, so it's just clutter.

Ref: #3744

5 years agobuild-openssl.bat: Fixed support for OpenSSL v1.1.0+
Steve Holme [Sat, 10 Feb 2018 15:28:10 +0000 (15:28 +0000)]
build-openssl.bat: Fixed support for OpenSSL v1.1.0+

5 years agobuild-openssl.bat: Perfer the use of if statements rather than goto (where possible)
Steve Holme [Sat, 6 Apr 2019 21:07:58 +0000 (22:07 +0100)]
build-openssl.bat: Perfer the use of if statements rather than goto (where possible)

5 years agobuild-openssl.bat: Perform the install for each build type directly after the build
Steve Holme [Sat, 6 Apr 2019 21:46:30 +0000 (22:46 +0100)]
build-openssl.bat: Perform the install for each build type directly after the build

5 years agobuild-openssl.bat: Split the install of static and shared build types
Steve Holme [Sat, 6 Apr 2019 19:00:21 +0000 (20:00 +0100)]
build-openssl.bat: Split the install of static and shared build types

5 years agobuild-openssl.bat: Split the building of static and shared build types
Steve Holme [Sun, 31 Mar 2019 15:45:03 +0000 (17:45 +0200)]
build-openssl.bat: Split the building of static and shared build types

5 years agobuild-openssl.bat: Move the installation into a separate function
Steve Holme [Sun, 31 Mar 2019 09:55:55 +0000 (11:55 +0200)]
build-openssl.bat: Move the installation into a separate function

5 years agobuild-openssl.bat: Move the build step into a separate function
Steve Holme [Thu, 8 Feb 2018 22:05:31 +0000 (22:05 +0000)]
build-openssl.bat: Move the build step into a separate function

5 years agobuild-openssl.bat: Move the OpenSSL configuration into a separate function
Steve Holme [Sun, 31 Mar 2019 08:00:12 +0000 (10:00 +0200)]
build-openssl.bat: Move the OpenSSL configuration into a separate function

5 years agobuild-openssl.bat: Fixed the BUILD_CONFIG variable not being initialised
Steve Holme [Thu, 8 Feb 2018 21:55:26 +0000 (21:55 +0000)]
build-openssl.bat: Fixed the BUILD_CONFIG variable not being initialised

Should the parent environment set this variable then the build might
not be performed as the user intended.

5 years agosocks: fix error message
Daniel Stenberg [Mon, 8 Apr 2019 16:41:43 +0000 (18:41 +0200)]
socks: fix error message

5 years agoconfig.d: clarify that initial : and = might need quoting [skip ci]
Daniel Stenberg [Sun, 7 Apr 2019 22:16:21 +0000 (00:16 +0200)]
config.d: clarify that initial : and = might need quoting [skip ci]

Fixes #3738
Closes #3749

5 years agoRELEASE-NOTES: synced
Daniel Stenberg [Mon, 8 Apr 2019 19:42:05 +0000 (21:42 +0200)]
RELEASE-NOTES: synced

bumped to 7.65.0 for next release

5 years agosocks5: user name and passwords must be shorter than 256
Daniel Stenberg [Fri, 5 Apr 2019 20:50:22 +0000 (22:50 +0200)]
socks5: user name and passwords must be shorter than 256

bytes... since the protocol needs to store the length in a single byte field.

Reported-by: XmiliaH on github
Fixes #3737
Closes #3740

5 years agotest: urlapi: urlencode characters above 0x7f correctly
Jakub Zakrzewski [Sat, 6 Apr 2019 11:47:43 +0000 (13:47 +0200)]
test: urlapi: urlencode characters above 0x7f correctly

5 years agourlapi: urlencode characters above 0x7f correctly
Jakub Zakrzewski [Sat, 6 Apr 2019 11:48:18 +0000 (13:48 +0200)]
urlapi: urlencode characters above 0x7f correctly

fixes #3741
Closes #3742

5 years agomulti_runsingle(): fix use-after-free
Even Rouault [Sun, 7 Apr 2019 12:07:35 +0000 (14:07 +0200)]
multi_runsingle(): fix use-after-free

Fixes #3745
Closes #3746

The following snippet
```

int main()
{
    CURL* hCurlHandle = curl_easy_init();
    curl_easy_setopt(hCurlHandle, CURLOPT_URL, "http://example.com");
    curl_easy_setopt(hCurlHandle, CURLOPT_PROXY, "1");
    curl_easy_perform(hCurlHandle);
    curl_easy_cleanup(hCurlHandle);
    return 0;
}
```
triggers the following Valgrind warning

```
==4125== Invalid read of size 8
==4125==    at 0x4E7D1EE: Curl_llist_remove (llist.c:97)
==4125==    by 0x4E7EF5C: detach_connnection (multi.c:798)
==4125==    by 0x4E80545: multi_runsingle (multi.c:1451)
==4125==    by 0x4E8197C: curl_multi_perform (multi.c:2072)
==4125==    by 0x4E766A0: easy_transfer (easy.c:625)
==4125==    by 0x4E76915: easy_perform (easy.c:719)
==4125==    by 0x4E7697C: curl_easy_perform (easy.c:738)
==4125==    by 0x4008BE: main (in /home/even/curl/test)
==4125==  Address 0x9b3d1d0 is 1,120 bytes inside a block of size 1,600 free'd
==4125==    at 0x4C2ECF0: free (vg_replace_malloc.c:530)
==4125==    by 0x4E62C36: conn_free (url.c:756)
==4125==    by 0x4E62D34: Curl_disconnect (url.c:818)
==4125==    by 0x4E48DF9: Curl_once_resolved (hostip.c:1097)
==4125==    by 0x4E8052D: multi_runsingle (multi.c:1446)
==4125==    by 0x4E8197C: curl_multi_perform (multi.c:2072)
==4125==    by 0x4E766A0: easy_transfer (easy.c:625)
==4125==    by 0x4E76915: easy_perform (easy.c:719)
==4125==    by 0x4E7697C: curl_easy_perform (easy.c:738)
==4125==    by 0x4008BE: main (in /home/even/curl/test)
==4125==  Block was alloc'd at
==4125==    at 0x4C2F988: calloc (vg_replace_malloc.c:711)
==4125==    by 0x4E6438E: allocate_conn (url.c:1654)
==4125==    by 0x4E685B4: create_conn (url.c:3496)
==4125==    by 0x4E6968F: Curl_connect (url.c:4023)
==4125==    by 0x4E802E7: multi_runsingle (multi.c:1368)
==4125==    by 0x4E8197C: curl_multi_perform (multi.c:2072)
==4125==    by 0x4E766A0: easy_transfer (easy.c:625)
==4125==    by 0x4E76915: easy_perform (easy.c:719)
==4125==    by 0x4E7697C: curl_easy_perform (easy.c:738)
==4125==    by 0x4008BE: main (in /home/even/curl/test)
```

This has been bisected to commit 2f44e94

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14109
Credit to OSS Fuzz

5 years agopipelining: removed
Daniel Stenberg [Fri, 5 Apr 2019 14:38:36 +0000 (16:38 +0200)]
pipelining: removed

As previously planned and documented in DEPRECATE.md, all pipelining
code is removed.

Closes #3651

5 years agotests: make Impacket (SMB server) Python 3 compatible
cclauss [Thu, 4 Apr 2019 23:32:39 +0000 (01:32 +0200)]
tests: make Impacket (SMB server) Python 3 compatible

Closes #3731
Fixes #3289

5 years agocmake: set SSL_BACKENDS
Simon Warta [Fri, 5 Apr 2019 14:57:03 +0000 (16:57 +0200)]
cmake: set SSL_BACKENDS

This groups all SSL backends into the feature "SSL" and sets the
SSL_BACKENDS analogue to configure.ac

Closes https://github.com/curl/curl/pull/3736

5 years agocmake: don't run SORT on empty list
Simon Warta [Sat, 6 Apr 2019 13:05:50 +0000 (15:05 +0200)]
cmake: don't run SORT on empty list

In case of an empty list, SORTing leads to the cmake error "list
sub-command SORT requires list to be present."

Closes https://github.com/curl/curl/pull/3736

5 years agoconfigure: fix default location for fish completions
Eli Schwartz [Wed, 3 Apr 2019 00:43:29 +0000 (20:43 -0400)]
configure: fix default location for fish completions

Fish defines a vendor completions directory for completions that are not
installed as part of the fish project itself, and the vendor completions
are preferred if they exist. This prevents trying to overwrite the
builtin curl.fish completion (or creating file conflicts in distro
packaging).

Prefer the pkg-config defined location exported by fish, if it can be
found, and fall back to the correct directory defined by most systems.

Closes #3723
Reviewed-by: Daniel Gustafsson
5 years agoftplistparser: fix LGTM alert "Empty block without comment"
Marcel Raad [Fri, 5 Apr 2019 07:20:13 +0000 (09:20 +0200)]
ftplistparser: fix LGTM alert "Empty block without comment"

Removing the block is consistent with line 954/957.

Closes https://github.com/curl/curl/pull/3732

5 years agotransfer: fix LGTM alert "Comparison is always true"
Marcel Raad [Fri, 5 Apr 2019 07:14:28 +0000 (09:14 +0200)]
transfer: fix LGTM alert "Comparison is always true"

Just remove the redundant condition, which also makes it clear that
k->buf is always 0-terminated if this break is not hit.

Closes https://github.com/curl/curl/pull/3732

5 years agosmtp: fix compiler warning
Rikard Falkeborn [Thu, 4 Apr 2019 21:13:56 +0000 (23:13 +0200)]
smtp: fix compiler warning

- Fix clang string-plus-int warning.

Clang 8 warns about adding a string to an int does not append to the
string. Indeed it doesn't, but that was not the intention either. Use
array indexing as suggested to silence the warning. There should be no
functional changes.

(In other words clang warns about "foo"+2 but not &"foo"[2] so use the
latter.)

smtp.c:1221:29: warning: adding 'int' to a string does not append to the
string [-Wstring-plus-int]
      eob = strdup(SMTP_EOB + 2);
            ~~~~~~~~~~~~~~~~^~~~

Closes https://github.com/curl/curl/pull/3729

5 years agoVS projects: use Unicode for VC10+
Marcel Raad [Tue, 2 Apr 2019 11:11:34 +0000 (13:11 +0200)]
VS projects: use Unicode for VC10+

All Windows APIs have been natively UTF-16 since Windows 2000 and the
non-Unicode variants are just wrappers around them. Only Windows 9x
doesn't understand Unicode without the UnicoWS DLL. As later Visual
Studio versions cannot target Windows 9x anyway, using the ANSI API
doesn't really have any benefit there.

This avoids issues like KNOWN_BUGS 6.5.

Ref: https://github.com/curl/curl/issues/2120
Closes https://github.com/curl/curl/pull/3720

5 years agoRELEASE-NOTES: synced
Daniel Gustafsson [Wed, 3 Apr 2019 20:29:02 +0000 (22:29 +0200)]
RELEASE-NOTES: synced

Bump the version in progress to 7.64.2, if we merge any "change"
before the cut-off date we can update the version.

5 years agodocumentation: Fix several typos
Tim Rühsen [Wed, 3 Apr 2019 15:16:18 +0000 (17:16 +0200)]
documentation: Fix several typos

Closes #3724
Reviewed-by: Jakub Zakrzewski
Reviewed-by: Daniel Gustafsson
5 years agovauth/oauth2: Fix OAUTHBEARER token generation
Mert Yazıcıoğlu [Sun, 16 Dec 2018 12:45:40 +0000 (15:45 +0300)]
vauth/oauth2: Fix OAUTHBEARER token generation

OAUTHBEARER tokens were incorrectly generated in a format similar to
XOAUTH2 tokens. These changes make OAUTHBEARER tokens conform to the
RFC7628.

Fixes: #2487
Reported-by: Paolo Mossino
Closes https://github.com/curl/curl/pull/3377

5 years agotool_cb_wrt: fix bad-function-cast warning
Marcel Raad [Mon, 1 Apr 2019 16:40:01 +0000 (18:40 +0200)]
tool_cb_wrt: fix bad-function-cast warning

Commit f5bc578f4cdfdc6c708211dfc2962a0e9d79352d reintroduced the
warning fixed in commit 2f5f31bb57d68b54e03bffcd9648aece1fe564f8.
Extend fhnd's scope and reuse that variable instead of calling
_get_osfhandle a second time to fix the warning again.

Closes https://github.com/curl/curl/pull/3718

5 years agoVC15 project: remove MinimalRebuild
Marcel Raad [Mon, 1 Apr 2019 17:18:08 +0000 (19:18 +0200)]
VC15 project: remove MinimalRebuild

Already done in commit d5cfefd0ea8e331b884186bff484210fad36e345 for the
library project, but I forgot the tool project template. Now also
removed for that.

5 years agocirrus: Customize the disabled tests per FreeBSD version
Dan Fandrich [Sun, 31 Mar 2019 16:45:38 +0000 (18:45 +0200)]
cirrus: Customize the disabled tests per FreeBSD version

Try to run as many test cases as possible on each OS version.
12.0 passes 13 more tests than the older versions, so we might as well
run them.

5 years agotool_help: include <strings.h> for strcasecmp
Daniel Stenberg [Sat, 30 Mar 2019 05:46:30 +0000 (06:46 +0100)]
tool_help: include <strings.h> for strcasecmp

Reported-by: Wyatt O'Day
Fixes #3715
Closes #3716

5 years agoscripts: fix typos
Daniel Gustafsson [Sun, 31 Mar 2019 20:39:29 +0000 (22:39 +0200)]
scripts: fix typos

5 years agotravis: allow builds on branches named "ci"
Dan Fandrich [Fri, 15 Mar 2019 13:38:48 +0000 (14:38 +0100)]
travis: allow builds on branches named "ci"

This allows a way to test changes other than through PRs.

5 years agoresolve: apply Happy Eyeballs philosophy to parallel c-ares queries
Brad Spencer [Tue, 15 Jan 2019 18:39:41 +0000 (14:39 -0400)]
resolve: apply Happy Eyeballs philosophy to parallel c-ares queries

Closes #3699

5 years agomulti: improved HTTP_1_1_REQUIRED handling
Daniel Stenberg [Wed, 27 Mar 2019 22:28:13 +0000 (23:28 +0100)]
multi: improved HTTP_1_1_REQUIRED handling

Make sure to downgrade to 1.1 even when we get this HTTP/2 stream error
on first flight.

Reported-by: niner on github
Fixes #3696
Closes #3707

5 years agoconfigure: avoid unportable `==' test(1) operator
Leonardo Taccari [Wed, 27 Mar 2019 12:56:59 +0000 (13:56 +0100)]
configure: avoid unportable `==' test(1) operator

Closes #3709

5 years agoRELEASE: 7.64.1 curl-7_64_1
Daniel Stenberg [Wed, 27 Mar 2019 06:53:33 +0000 (07:53 +0100)]
RELEASE: 7.64.1

5 years agoRevert "ntlm: remove USE_WIN32_CRYPTO check to get USE_NTLM2SESSION set"
Daniel Stenberg [Tue, 26 Mar 2019 23:19:15 +0000 (00:19 +0100)]
Revert "ntlm: remove USE_WIN32_CRYPTO check to get USE_NTLM2SESSION set"

This reverts commit 9130ead9fcabdb6b8fbdb37c0b38be2d326adb00.

Fixes #3708

5 years agontlm: remove USE_WIN32_CRYPTO check to get USE_NTLM2SESSION set
Christian Schmitz [Tue, 26 Mar 2019 08:53:03 +0000 (09:53 +0100)]
ntlm: remove USE_WIN32_CRYPTO check to get USE_NTLM2SESSION set

Closes #3704

5 years agotool_cb_wrt: fix writing to Windows null device NUL
Jay Satiro [Tue, 26 Mar 2019 07:31:30 +0000 (03:31 -0400)]
tool_cb_wrt: fix writing to Windows null device NUL

- Improve console detection.

Prior to this change WriteConsole could be called to write to a handle
that may not be a console, which would cause an error. This issue is
limited to character devices that are not also consoles such as the null
device NUL.

Bug: https://github.com/curl/curl/issues/3175#issuecomment-439068724
Reported-by: Gisle Vanem
5 years agoCURLMOPT_PIPELINING.3: fix typo
Jay Satiro [Mon, 25 Mar 2019 21:12:19 +0000 (17:12 -0400)]
CURLMOPT_PIPELINING.3: fix typo

5 years agoTODO: config file parsing
Daniel Stenberg [Mon, 25 Mar 2019 21:03:00 +0000 (22:03 +0100)]
TODO: config file parsing

Closes #3698

5 years agoos400: Disable Alt-Svc by default since it's experimental
Jay Satiro [Mon, 18 Mar 2019 20:33:58 +0000 (16:33 -0400)]
os400: Disable Alt-Svc by default since it's experimental

Follow-up to 520f0b4 which added Alt-Svc support and enabled it by
default for OS400. Since the feature is experimental, it should be
disabled by default.

Ref: https://github.com/curl/curl/commit/520f0b4#commitcomment-32792332
Ref: https://curl.haxx.se/mail/lib-2019-02/0008.html

Closes https://github.com/curl/curl/pull/3688

5 years agotests: Fixed XML validation errors in some test files.
Dan Fandrich [Sun, 24 Mar 2019 14:19:50 +0000 (15:19 +0100)]
tests: Fixed XML validation errors in some test files.

5 years agotests: Fix some incorrect precheck error messages.
Dan Fandrich [Sun, 24 Mar 2019 12:02:05 +0000 (13:02 +0100)]
tests: Fix some incorrect precheck error messages.

[ci skip]

5 years agocurl_url.3: this is not experimental anymore
Daniel Stenberg [Fri, 22 Mar 2019 17:33:06 +0000 (18:33 +0100)]
curl_url.3: this is not experimental anymore

5 years agotravis: bump the used wolfSSL version to 4.0.0
Daniel Stenberg [Fri, 22 Mar 2019 09:59:51 +0000 (10:59 +0100)]
travis: bump the used wolfSSL version to 4.0.0

Test 311 is now fine, leaving only 313 (CRL) disabled.

Test 313 details can be found here:
https://github.com/wolfSSL/wolfssl/issues/1546

Closes #3697

5 years agolib: Fix typos in comments
Daniel Gustafsson [Fri, 22 Mar 2019 10:38:11 +0000 (11:38 +0100)]
lib: Fix typos in comments

5 years agoopenssl: if cert type is ENG and no key specified, key is ENG too
David Woodhouse [Wed, 20 Mar 2019 20:10:44 +0000 (13:10 -0700)]
openssl: if cert type is ENG and no key specified, key is ENG too

Fixes #3692
Closes #3692

5 years agosectransp: tvOS 11 is required for ALPN support
Daniel Stenberg [Tue, 19 Mar 2019 09:19:40 +0000 (10:19 +0100)]
sectransp: tvOS 11 is required for ALPN support

Reported-by: nianxuejie on github
Assisted-by: Nick Zitzmann
Assisted-by: Jay Satiro
Fixes #3689
Closes #3690

5 years agotest1541: threaded connection sharing
Daniel Stenberg [Sun, 17 Mar 2019 22:37:35 +0000 (23:37 +0100)]
test1541: threaded connection sharing

The threaded-shared-conn.c example turned into test case. Only works if
pthread was detected.

An attempt to detect future regressions such as e3a53e3efb942a5

Closes #3687

5 years agoos400: alt-svc support.
Patrick Monnerat [Sun, 17 Mar 2019 17:54:36 +0000 (18:54 +0100)]
os400: alt-svc support.

Although experimental, enable it in the platform config file.
Upgrade ILE/RPG binding.

5 years agoconncache: use conn->data to know if a transfer owns it
Daniel Stenberg [Sat, 16 Mar 2019 23:49:21 +0000 (00:49 +0100)]
conncache: use conn->data to know if a transfer owns it

- make sure an already "owned" connection isn't returned unless
  multiplexed.

- clear ->data when returning the connection to the cache again

Regression since 7.62.0 (probably in commit 1b76c38904f0)

Bug: https://curl.haxx.se/mail/lib-2019-03/0064.html

Closes #3686

5 years agoRELEASE-NOTES: synced
Daniel Stenberg [Fri, 15 Mar 2019 10:00:24 +0000 (11:00 +0100)]
RELEASE-NOTES: synced

5 years agoconfigure: add --with-amissl
Chris Young [Fri, 8 Mar 2019 00:06:59 +0000 (00:06 +0000)]
configure: add --with-amissl

AmiSSL is an Amiga native library which provides a wrapper over OpenSSL.
It also requires all programs using it to use bsdsocket.library
directly, rather than accessing socket functions through clib, which
libcurl was not necessarily doing previously. Configure will now check
for the headers and ensure they are included if found.

Closes #3677

5 years agovtls: rename some of the SSL functions
Chris Young [Tue, 12 Mar 2019 22:50:28 +0000 (22:50 +0000)]
vtls: rename some of the SSL functions

... in the SSL structure as AmiSSL is using macros for the socket API
functions.

5 years agotool_getpass: termios.h is present on AmigaOS 3, but no tcgetattr/tcsetattr
Chris Young [Sun, 10 Mar 2019 22:49:31 +0000 (22:49 +0000)]
tool_getpass: termios.h is present on AmigaOS 3, but no tcgetattr/tcsetattr

5 years agotool_operate: build on AmigaOS
Chris Young [Sun, 10 Mar 2019 16:13:40 +0000 (16:13 +0000)]
tool_operate: build on AmigaOS

5 years agomakefile: make checksrc and hugefile commands "silent"
Daniel Stenberg [Thu, 14 Mar 2019 09:40:38 +0000 (10:40 +0100)]
makefile: make checksrc and hugefile commands "silent"

... to match the style already used for compiling, linking
etc. Acknowledges 'make V=1' to enable verbose.

Closes #3681

5 years agocurl.1: --user and --proxy-user are hidden from ps output
Daniel Stenberg [Thu, 14 Mar 2019 10:49:35 +0000 (11:49 +0100)]
curl.1: --user and --proxy-user are hidden from ps output

Suggested-by: Eric Curtin
Improved-by: Dan Fandrich
Ref: #3680

Closes #3683

5 years agocurl.1: mark the argument to --cookie as <data|filename>
Daniel Stenberg [Thu, 14 Mar 2019 09:54:10 +0000 (10:54 +0100)]
curl.1: mark the argument to --cookie as <data|filename>

From a discussion in #3676

Suggested-by: Tim Rühsen
Closes #3682

5 years agofuzzer: Only clone the latest fuzzer code, for speed.
Dan Fandrich [Thu, 14 Mar 2019 13:03:16 +0000 (14:03 +0100)]
fuzzer: Only clone the latest fuzzer code, for speed.

5 years agoNegotiate: fix for HTTP POST with Negotiate
Dominik Hölzl [Mon, 10 Sep 2018 07:18:01 +0000 (09:18 +0200)]
Negotiate: fix for HTTP POST with Negotiate

* Adjusted unit tests 2056, 2057
* do not generally close connections with CURLAUTH_NEGOTIATE after every request
* moved negotiatedata from UrlState to connectdata
* Added stream rewind logic for CURLAUTH_NEGOTIATE
* introduced negotiatedata::GSS_AUTHDONE and negotiatedata::GSS_AUTHSUCC
* Consider authproblem state for CURLAUTH_NEGOTIATE
* Consider reuse_forbid for CURLAUTH_NEGOTIATE
* moved and adjusted negotiate authentication state handling from
  output_auth_headers into Curl_output_negotiate
* Curl_output_negotiate: ensure auth done is always set
* Curl_output_negotiate: Set auth done also if result code is
  GSS_S_CONTINUE_NEEDED/SEC_I_CONTINUE_NEEDED as this result code may
  also indicate the last challenge request (only works with disabled
  Expect: 100-continue and CURLOPT_KEEP_SENDING_ON_ERROR -> 1)
* Consider "Persistent-Auth" header, detect if not present;
  Reset/Cleanup negotiate after authentication if no persistent
  authentication
* apply changes introduced with #2546 for negotiate rewind logic

Fixes #1261
Closes #1975

5 years agohttp: send payload when (proxy) authentication is done
Marc Schlatter [Mon, 11 Mar 2019 16:15:34 +0000 (17:15 +0100)]
http: send payload when (proxy) authentication is done

The check that prevents payload from sending in case of authentication
doesn't check properly if the authentication is done or not.

They're cases where the proxy respond "200 OK" before sending
authentication challenge. This change takes care of that.

Fixes #2431
Closes #3669

5 years agofile: fix "Checking if unsigned variable 'readcount' is less than zero."
Daniel Stenberg [Tue, 12 Mar 2019 09:03:21 +0000 (10:03 +0100)]
file: fix "Checking if unsigned variable 'readcount' is less than zero."

Pointed out by codacy

Closes #3672

5 years agomemdebug: log pointer before freeing its data
Daniel Stenberg [Tue, 12 Mar 2019 07:37:18 +0000 (08:37 +0100)]
memdebug: log pointer before freeing its data

Coverity warned for two potentional "Use after free" cases. Both are false
positives because the memory wasn't used, it was only the actual pointer
value that was logged.

The fix still changes the order of execution to avoid the warnings.

Coverity CID 1443033 and 1443034

Closes #3671

5 years agoRELEASE-NOTES: synced
Daniel Stenberg [Tue, 12 Mar 2019 08:05:11 +0000 (09:05 +0100)]
RELEASE-NOTES: synced

5 years agotravis: actually use updated compiler versions
Marcel Raad [Sat, 9 Mar 2019 20:15:18 +0000 (21:15 +0100)]
travis: actually use updated compiler versions

For the Linux builds, GCC 8 and 7 and clang 7 were installed, but the
new GCC versions were only used for the coverage build and for building
nghttp2, while the new clang version was not used at all.

BoringSSL needs to use the default GCC as it respects CC, but not CXX,
so it would otherwise pass gcc 8 options to g++ 4.8 and fail.

Also remove GCC 7, it's not needed anymore.

Ref: https://docs.travis-ci.com/user/languages/c/#c11c11-and-beyond-and-toolchain-versioning

Closes https://github.com/curl/curl/pull/3670

5 years agotravis: update clang to version 7
Marcel Raad [Fri, 8 Mar 2019 20:32:07 +0000 (21:32 +0100)]
travis: update clang to version 7

Closes https://github.com/curl/curl/pull/3670

5 years agoexamples/externalsocket: add missing close socket calls
Andre Guibert de Bruet [Mon, 11 Mar 2019 03:15:15 +0000 (23:15 -0400)]
examples/externalsocket: add missing close socket calls

.. and for Windows also call WSACleanup since we call WSAStartup.

The example is to demonstrate handling the socket independently of
libcurl. In this case libcurl is not responsible for creating, opening
or closing the socket, it is handled by the application (our example).

Fixes https://github.com/curl/curl/pull/3663

5 years agomulti: removed unused code for request retries
Daniel Stenberg [Mon, 11 Mar 2019 10:49:09 +0000 (11:49 +0100)]
multi: removed unused code for request retries

This code was once used for the non multi-interface using code path, but
ever since easy_perform was turned into a wrapper around the multi
interface, this code path never runs.

Closes #3666

5 years agodoh: inherit some SSL options from user's easy handle
Jay Satiro [Sat, 9 Mar 2019 08:16:33 +0000 (03:16 -0500)]
doh: inherit some SSL options from user's easy handle

- Inherit SSL options for the doh handle but not SSL client certs,
  SSL ALPN/NPN, SSL engine, SSL version, SSL issuer cert,
  SSL pinned public key, SSL ciphers, SSL id cache setting,
  SSL kerberos or SSL gss-api settings.

- Fix inheritance of verbose setting.

- Inherit NOSIGNAL.

There is no way for the user to set options for the doh (DNS-over-HTTPS)
handles and instead we inherit some options from the user's easy handle.

My thinking for the SSL options not inherited is they are most likely
not intended by the user for the DOH transfer. I did inherit insecure
because I think that should still be in control of the user.

Prior to this change doh did not work for me because CAINFO was not
inherited. Also verbose was set always which AFAICT was a bug (#3660).

Fixes https://github.com/curl/curl/issues/3660
Closes https://github.com/curl/curl/pull/3661

5 years agotest331: verify set-cookie for dotless host name
Daniel Stenberg [Fri, 8 Mar 2019 15:58:01 +0000 (16:58 +0100)]
test331: verify set-cookie for dotless host name

Reproduced bug #3649
Closes #3659

5 years agoRevert "cookies: extend domain checks to non psl builds"
Daniel Stenberg [Fri, 8 Mar 2019 15:55:27 +0000 (16:55 +0100)]
Revert "cookies: extend domain checks to non psl builds"

This reverts commit 3773de378d48b06c09931e44dca4d274d0bfdce0.

Regression shipped in 7.64.0
Fixes #3649

5 years agomemdebug: make debug-specific functions use curl_dbg_ prefix
Daniel Stenberg [Fri, 8 Mar 2019 09:47:29 +0000 (10:47 +0100)]
memdebug: make debug-specific functions use curl_dbg_ prefix

To not "collide" or use up the regular curl_ name space. Also makes them
easier to detect in helper scripts.

Closes #3656

5 years agocmdline-opts/proxytunnel.d: the option tunnnels all protocols
Daniel Stenberg [Fri, 8 Mar 2019 15:45:34 +0000 (16:45 +0100)]
cmdline-opts/proxytunnel.d: the option tunnnels all protocols

Clarify the language and simplify.

Reported-by: Daniel Lublin
Closes #3658

5 years agoKNOWN_BUGS: Client cert (MTLS) issues with Schannel
Daniel Stenberg [Thu, 7 Mar 2019 12:14:51 +0000 (13:14 +0100)]
KNOWN_BUGS: Client cert (MTLS) issues with Schannel

Closes #3145

5 years agoROADMAP: updated to some more current things to work on
Daniel Stenberg [Wed, 6 Mar 2019 23:00:30 +0000 (00:00 +0100)]
ROADMAP: updated to some more current things to work on

5 years agotests: fix multiple may be used uninitialized warnings
Daniel Stenberg [Tue, 5 Mar 2019 12:51:30 +0000 (13:51 +0100)]
tests: fix multiple may be used uninitialized warnings

5 years agoRELEASE-NOTES: synced
Daniel Stenberg [Tue, 5 Mar 2019 12:24:54 +0000 (13:24 +0100)]
RELEASE-NOTES: synced

5 years agosource: fix two 'nread' may be used uninitialized warnings
Daniel Stenberg [Tue, 5 Mar 2019 08:37:53 +0000 (09:37 +0100)]
source: fix two 'nread' may be used uninitialized warnings

Both seem to be false positives but we don't like warnings.

Closes #3646

5 years agogopher: remove check for path == NULL
Daniel Stenberg [Mon, 4 Mar 2019 11:22:51 +0000 (12:22 +0100)]
gopher: remove check for path == NULL

Since it can't be NULL and it makes Coverity believe we lack proper NULL
checks. Verified by test 659, landed in commit 15401fa886b.

Pointed out by Coverity CID 1442746.

Assisted-by: Dan Fandrich
Fixes #3617
Closes #3642

5 years agoexamples: only include <curl/curl.h>
Daniel Stenberg [Mon, 4 Mar 2019 15:27:22 +0000 (16:27 +0100)]
examples: only include <curl/curl.h>

That's the only public curl header we should encourage use of.

Reviewed-by: Marcel Raad
Closes #3645

5 years agossh: loop the state machine if not done and not blocking
Daniel Stenberg [Mon, 4 Mar 2019 15:17:10 +0000 (16:17 +0100)]
ssh: loop the state machine if not done and not blocking

If the state machine isn't complete, didn't fail and it didn't return
due to blocking it can just as well loop again.

This addresses the problem with SFTP directory listings where we would
otherwise return back to the parent and as the multi state machine
doesn't have any code for using CURLM_CALL_MULTI_PERFORM for as long the
doing phase isn't complete, it would return out when in reality there
was more data to deal with.

Fixes #3506
Closes #3644

5 years agomulti: support verbose conncache closure handle
Jay Satiro [Tue, 26 Feb 2019 07:17:03 +0000 (02:17 -0500)]
multi: support verbose conncache closure handle

- Change closure handle to receive verbose setting from the easy handle
  most recently added via curl_multi_add_handle.

The closure handle is a special easy handle used for closing cached
connections. It receives limited settings from the easy handle most
recently added to the multi handle. Prior to this change that did not
include verbose which was a problem because on connection shutdown
verbose mode was not acknowledged.

Ref: https://github.com/curl/curl/pull/3598

Co-authored-by: Daniel Stenberg
Closes https://github.com/curl/curl/pull/3618

5 years agoCURLU: fix NULL dereference when used over proxy
Daniel Stenberg [Mon, 4 Mar 2019 11:03:39 +0000 (12:03 +0100)]
CURLU: fix NULL dereference when used over proxy

Test 659 verifies

Also fixed the test 658 name

Closes #3641

5 years agoaltsvc_out: check the return code from Curl_gmtime
Daniel Stenberg [Sun, 3 Mar 2019 16:37:29 +0000 (17:37 +0100)]
altsvc_out: check the return code from Curl_gmtime

Pointed out by Coverity, CID 1442956.

Closes #3640

5 years agodocs/ALTSVC.md: docs describing the approach
Daniel Stenberg [Sun, 3 Mar 2019 10:17:52 +0000 (11:17 +0100)]
docs/ALTSVC.md: docs describing the approach

Closes #3498

5 years agoalt-svc: add a travis build
Daniel Stenberg [Sun, 3 Mar 2019 10:17:52 +0000 (11:17 +0100)]
alt-svc: add a travis build

5 years agoalt-svc: add test 355 and 356 to verify with command line curl
Daniel Stenberg [Sun, 3 Mar 2019 10:17:52 +0000 (11:17 +0100)]
alt-svc: add test 355 and 356 to verify with command line curl

5 years agoalt-svc: the curl command line bits
Daniel Stenberg [Sun, 3 Mar 2019 10:17:52 +0000 (11:17 +0100)]
alt-svc: the curl command line bits

5 years agoalt-svc: the libcurl bits
Daniel Stenberg [Sun, 3 Mar 2019 10:17:52 +0000 (11:17 +0100)]
alt-svc: the libcurl bits

5 years agotravis: add build using gnutls
Daniel Stenberg [Fri, 1 Mar 2019 21:00:27 +0000 (22:00 +0100)]
travis: add build using gnutls

Closes #3637

5 years agoRELEASE-NOTES: synced
Daniel Stenberg [Sat, 2 Mar 2019 11:04:43 +0000 (12:04 +0100)]
RELEASE-NOTES: synced

5 years agoscripts/completion.pl: also generate fish completion file
Simon Legner [Sun, 10 Feb 2019 21:06:42 +0000 (22:06 +0100)]
scripts/completion.pl: also generate fish completion file

This is the renamed script formerly known as zsh.pl

Closes #3545

5 years agognutls: remove call to deprecated gnutls_compression_get_name
Daniel Stenberg [Fri, 1 Mar 2019 15:02:04 +0000 (16:02 +0100)]
gnutls: remove call to deprecated gnutls_compression_get_name

It has been deprecated by GnuTLS since a year ago and now causes build
warnings.

Ref: https://gitlab.com/gnutls/gnutls/commit/b0041897d2846737f5fb0f
Docs: https://www.gnutls.org/manual/html_node/Compatibility-API.html

Closes #3636

5 years agosystem_win32: move win32_init here from easy.c
Jay Satiro [Thu, 28 Feb 2019 08:03:00 +0000 (03:03 -0500)]
system_win32: move win32_init here from easy.c

.. since system_win32 is a more appropriate location for the functions
and to extern the globals.

Ref: https://github.com/curl/curl/commit/ca597ad#r32446578
Reported-by: Gisle Vanem
Closes https://github.com/curl/curl/pull/3625