Max Dymond [Wed, 31 May 2017 11:09:56 +0000 (12:09 +0100)]
handler: refactor connection checking
Add a new type of callback to Curl_handler which performs checks on
the connection. Alter RTSP so that it uses this callback to do its
own check on connection health.
Ryan Winograd [Mon, 26 Jun 2017 16:51:05 +0000 (11:51 -0500)]
progress: prevent resetting t_starttransfer
Prevent `Curl_pgrsTime` from modifying `t_starttransfer` when invoked
with `TIMER_STARTTRANSFER` more than once during a single request.
When a redirect occurs, this is considered a new request and
`t_starttransfer` can be updated to reflect the `t_starttransfer` time
of the redirect request.
CURLOPT_SOCKS5_AUTH: allowed methods for SOCKS5 proxy auth
If libcurl was built with GSS-API support, it unconditionally advertised
GSS-API authentication while connecting to a SOCKS5 proxy. This caused
problems in environments with improperly configured Kerberos: a stock
libcurl failed to connect, despite libcurl built without GSS-API
connected fine using username and password.
This commit introduces the CURLOPT_SOCKS5_AUTH option to control the
allowed methods for SOCKS5 authentication at run time.
Note that a new option was preferred over reusing CURLOPT_PROXYAUTH
for compatibility reasons because the set of authentication methods
allowed by default was different for HTTP and SOCKS5 proxies.
Marcel Raad [Sat, 24 Jun 2017 14:39:27 +0000 (16:39 +0200)]
test1521: fix compiler warnings
The integer literal 3123123123 doesn't fit into a 32-bit signed
integer, so GCC with 32-bit long warns in C90 mode:
this decimal constant is unsigned only in ISO C90 [enabled by default]
Fix this by using ULONG_MAX, which should fit in any curl_off_t and has
the correct suffix to not issue any warnings.
Also adds the missing CURLOPT_REQUEST_TARGET from commit 9b167fd090f596eac828817d48c247eeae53407f.
Compile with `WIN32_LEAN_AND_MEAN` which prevents `windows.h` from
including too much clutter including `wincrypt.h` which in turn contains
some preprocessor macros that clash with boringssl symbols.
Detect boringssl by checking the existance of `is_boringssl.h` and set
the corresponding `HAVE_BORINGSSL` for compilation which is used in
`ldap.c` to undefine the evil macros.
Marcel Raad [Thu, 22 Jun 2017 23:28:17 +0000 (01:28 +0200)]
curl-compilers.m4: fix unknown-warning-option on Apple clang
Since 5598b0bd63f690c151074494ce47ef872f004ab4, clang -v is used to
detect the clang version. The version number was expected to come after
the word "version". For Apple clang, this doesn't work as it has its
own versioning scheme.
The version number is now first searched after the string
"based on LLVM". This works for Apple clang before version 7, and also
for e.g. Ubuntu's clang up to version 3.7. If it's not found and the
version string contains "Apple LLVM version", clang version 3.7 is
assumed, which is the version that comes with Xcode 7. Otherwise, the
version number is still expected after the word "version", which works
for very old Apple clang versions.
Daniel Stenberg [Wed, 21 Jun 2017 20:40:55 +0000 (22:40 +0200)]
maketgz: switch to xz instead of lzma
The compressed output size seems to be a tad bit smaller, but generally
xz seems more preferred these days and is used directly by for example
gentoo instead of bz2.
"Users of LZMA Utils should move to XZ Utils" =>
https://tukaani.org/lzma/
Marcel Raad [Tue, 20 Jun 2017 20:44:15 +0000 (22:44 +0200)]
travis: enable typecheck-gcc warnings
- switch debug and release configurations so that we get an optimized
build with GCC 4.3+ as required by typecheck-gcc
- enable warnings-as-errors for release builds
(which have warnings disabled)
Daniel Stenberg [Thu, 15 Jun 2017 13:26:00 +0000 (15:26 +0200)]
getinfo: return sizes as curl_off_t
This change introduces new alternatives for the existing six
curl_easy_getinfo() options that return sizes or speeds as doubles. The
new versions are named like the old ones but with an appended '_T':
Daniel Stenberg [Sat, 17 Jun 2017 21:58:03 +0000 (23:58 +0200)]
tool_wrte_cb: remove check for config == NULL
... as it really cannot have reached this far with config being NULL,
thus this is unnecesary and misleading.
Bug: https://news.ycombinator.com/item?id=14577585 and
https://daniel.haxx.se/blog/2017/06/17/curl-doesnt-spew-binary-anymore/comment-page-1/#comment-18356
Daniel Stenberg [Thu, 15 Jun 2017 21:47:42 +0000 (23:47 +0200)]
tests: stabilize test 2032 and 2033
Both these tests run the same underlying test code: libntlmconnect.c -
this test code made some assumptions about socket ordering when it used
curl_easy_fdset() and when we changed timing or got accidental changes
in libcurl the tests would fail.
The tests verify that the different transfers keep using the same
connections, which I now instead made sure by adding the number of bytes
each transfer gets and then verifies that they always get the same
amount as when these tests worked.
Daniel Stenberg [Thu, 15 Jun 2017 11:45:57 +0000 (13:45 +0200)]
http-proxy: only attempt FTP over HTTP proxy
... all other non-HTTP protocol schemes are now defaulting to "tunnel
trough" mode if a HTTP proxy is specified. In reality there are no HTTP
proxies out there that allow those other schemes.
Assisted-by: Ray Satiro, Michael Kaufmann
Closes #1505
Daniel Stenberg [Thu, 15 Jun 2017 09:11:15 +0000 (11:11 +0200)]
lib/curl_setup.h: remove CURL_WANTS_CA_BUNDLE_ENV
When this define was set, libcurl would check the environment variable
named CURL_CA_BUNDLE at run-time and use that CA cert bundle. This
feature was only defined by the watcom and m32 makefiles and caused
inconsistent behaviours among libcurls built on different platforms.
The curl tool does already feature its own similar logic and the library
does not really need it, and it isn't documented libcurl behavior. So
this change removes it.
Daniel Stenberg [Wed, 7 Jun 2017 11:16:56 +0000 (13:16 +0200)]
timers: store internal time stamps as time_t instead of doubles
This gives us accurate precision and it allows us to avoid storing "no
time" for systems with too low timer resolution as we then bump the time
up to 1 microsecond. Should fix test 573 on windows.
Remove the now unused curlx_tvdiff_secs() function.
Maintains the external getinfo() API with using doubles.
Daniel Stenberg [Tue, 13 Jun 2017 20:03:37 +0000 (22:03 +0200)]
dist: make the hugehelp.c not get regenerated unnecessarily
The maketgz script now makes sure the generated hugehelp.c file in the
tarball is newer than the generated curl.1 man page, so that it doesn't
have to get unnecessarily rebuilt first thing in a typical build. It
thus also removes the need for perl to build off a plain release
tarball.
Stuart Henderson [Tue, 13 Jun 2017 10:06:03 +0000 (12:06 +0200)]
libressl: OCSP and intermediate certs workaround no longer needed
lib/vtls/openssl.c has a workaround for a bug with OCSP responses signed
by intermediate certs, this was fixed in LibreSSL in
https://github.com/libressl-portable/openbsd/commit/912c64f68f7ac4f225b7d1fdc8fbd43168912ba0
Daniel Stenberg [Sat, 10 Jun 2017 12:35:07 +0000 (14:35 +0200)]
urlglob: fix division by zero
The multiply() function that is used to avoid integer overflows, was
itself reason for a possible division by zero error when passed a
specially formatted glob.
FindWin32CACert: Use a temporary buffer on the stack
Don't malloc() the temporary buffer, and use the correct type:
SearchPath() works with TCHAR, but SearchPathA() works with char.
Set the buffer size to MAX_PATH, because the terminating null byte
is already included in MAX_PATH.
Reviewed-by: Daniel Stenberg Reviewed-by: Marcel Raad
Closes #1548
TheAssassin [Sun, 4 Jun 2017 23:02:56 +0000 (01:02 +0200)]
cmake: Fix inconsistency regarding mbed TLS include directory
Previously, one had to set MBEDTLS_INCLUDE_DIR to make CMake find the
headers, but the system complained that mbed TLS wasn't found due to
MBEDTLS_INCLUDE_DIRS (note the trailing s) was not set. This commit
attempts to fix that.
Daniel Stenberg [Thu, 8 Jun 2017 06:34:32 +0000 (08:34 +0200)]
expire: remove Curl_expire_latest()
With the introduction of expire IDs and the fact that existing timers
can be removed now and thus never expire, the concept with adding a
"latest" timer is not working anymore as it risks to not expire at all.
So, to be certain the timers actually are in line and will expire, the
plain Curl_expire() needs to be used. The _latest() function was added
as a sort of shortcut in the past that's quite simply not necessary
anymore.