summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* tests/server/util.h: add extern to silence compiler warningDaniel Stenberg2020-05-201-0/+2
| | | | Follow-up from a3b0699d5c1
* typecheck-gcc.h: fix the OFF_T checkDaniel Stenberg2020-05-201-2/+2
| | | | | | | | The option number also needs to be less than CURLOPTTYPE_BLOB. Follow-up to cac5374298 Reported-by: Jeroen Ooms Bug: https://github.com/curl/curl/pull/5365#issuecomment-631084114
* TODO: --dry-runDaniel Stenberg2020-05-191-0/+8
| | | | Closes #5426
* TODO: Ratelimit or wait between serial requestsDaniel Stenberg2020-05-191-0/+11
| | | | Closes #5406
* tool_paramhlp: fixup C89 mistakeDaniel Stenberg2020-05-191-2/+1
| | | | Follow-up to c5f0a9db22.
* tool_paramhlp: fixed potentially uninitialized strtol() variableSiva Sivaraman2020-05-191-0/+1
| | | | | | | Seems highly unlikely to actually be possible, but better safe than sorry. Closes #5417
* tool_operate: fixed potentially uninitialized variablesSiva Sivaraman2020-05-191-5/+5
| | | | | | | ... in curl_easy_getinfo() calls. They're harmless but clearing the variables makes the code safer and comforts the reader. Closes #5416
* sha256: move assign to the declaration lineDaniel Stenberg2020-05-191-2/+1
| | | | Follow-up to fae30656. Should've been squashed with that commit...
* sha256: fixed potentially uninitialized variableSiva Sivaraman2020-05-191-0/+1
| | | | Closes #5414
* sendf: make failf() use the mvsnprintf() return codeDaniel Stenberg2020-05-191-2/+1
| | | | | | | | ... and avoid a strlen() call. Fixes a MonocleAI warning. Reported-by: MonocleAI Fixes #5413 Closes #5420
* hostip: make Curl_printable_address not return anythingDaniel Stenberg2020-05-195-41/+31
| | | | | | | | | It was not used much anyway and instead we let it store a blank buffer in case of failure. Reported-by: MonocleAI Fixes #5411 Closes #5418
* ftp: mark return-ignoring calls to Curl_GetFTPResponse with (void)Daniel Stenberg2020-05-191-2/+2
| | | | | | | They're done on purpose, make that visible in the code. Reported-by: MonocleAI Fixes #5412 Closes #549
* TODO: forbid TLS post-handshake auth and do TLS record paddingDaniel Stenberg2020-05-181-7/+24
| | | | | Closes #5396 Closes #5398
* RELEASE-NOTES: syncedDaniel Stenberg2020-05-181-8/+44
|
* dynbuf: return NULL when there's no buffer lengthDaniel Stenberg2020-05-172-8/+8
| | | | | | | | | ... as returning a "" is not a good idea as the string is supposed to be allocated and returning a const string will cause issues. Reported-by: Brian Carpenter Follow-up to ed35d6590e72c Closes #5405
* travis: upgrade to bionic, clang-9, improve readabilityPeter Wu2020-05-161-221/+101
| | | | | | | | | | | | | | | | | | | | | Changes, partially to reduce build failures from external dependencies: - Upgrade Ubuntu and drop unnecessary third-party repos. - Properly clone apt config to ensure retries. - Upgrade to clang-9 from the standard repos. - Use Ubuntu 20.04 focal for the libssh build, use of ssh_get_publickey fails on -Werror=deprecated-declarations in Ubuntu 18.04. Do not use focal everywhere yet since Travis CI has not documented this option. In focal, python-impacket (Py2.7) has been removed, leaving only python3-impacket. Since it is only needed for SMB tests and not SSH, skip it for the libssh job since it might need more work. - apt: Remove gcc-8 and libstdc++-8-dev, already installed via g++-8. Non-functional cleanups: - Simplify test matrix, drop redundant os and compiler keys. - Deprecation fixes: remove sudo, rename matrix -> jobs. - Every job has an 'env' key, put this key first in a list item. Closes #5370
* travis: whitespace-only changes for consistencyPeter Wu2020-05-161-428/+428
| | | | | | | | | | Automatically apply a consistent indentation with: python3 -c 'from ruamel.yaml import YAML;y=YAML();d=y.load(open(".travis.yml"));y.width=500;y.dump(d,open(".travis.yml.new","w"))' followed by manually re-indenting three comments. Closes #5370
* CMake: add libssh build supportPeter Wu2020-05-153-4/+31
| | | | Closes #5372
* KNOWN_BUGS: wolfssh: publickey auth doesn't workDaniel Stenberg2020-05-151-0/+8
| | | | Closes #4820
* KNOWN_BUGS: OS400 port requires deprecated IBM libraryDaniel Stenberg2020-05-151-0/+9
| | | | Closes #5176
* http2: keep trying to send pending frames after req.upload_doneVyron Tsingaras2020-05-151-2/+20
| | | | | Fixes #1410 Closes #5401
* setopt: support certificate options in memory with struct curl_blobGilles Vollant2020-05-1521-130/+961
| | | | | | | | | | | | | This change introduces a generic way to provide binary data in setopt options, called BLOBs. This change introduces these new setopts: CURLOPT_ISSUERCERT_BLOB, CURLOPT_PROXY_SSLCERT_BLOB, CURLOPT_PROXY_SSLKEY_BLOB, CURLOPT_SSLCERT_BLOB and CURLOPT_SSLKEY_BLOB. Reviewed-by: Daniel Stenberg Closes #5357
* source cleanup: remove all custom typedef structsDaniel Stenberg2020-05-1571-673/+719
| | | | | | | | | | | - Stick to a single unified way to use structs - Make checksrc complain on 'typedef struct {' - Allow them in tests, public headers and examples - Let MD4_CTX, MD5_CTX, and SHA256_CTX typedefs remain as they actually typedef different types/structs depending on build conditions. Closes #5338
* travis: remove the .checksrc fiddlingDaniel Stenberg2020-05-151-2/+0
|
* ftp: make domore_getsock() return the secondary socket properlyDaniel Stenberg2020-05-151-1/+3
| | | | | | | | Previously, after PASV and immediately after the data connection has connected, the function would only return the control socket to wait for which then made the data connection simply timeout and not get polled correctly. This become obvious when running test 1631 and 1632 event- based.
* test1632: verify FTP through HTTPS-proxy with connection re-useDaniel Stenberg2020-05-152-1/+106
|
* test1631: verify FTP download through HTTPS-proxyDaniel Stenberg2020-05-152-1/+88
|
* sws: as last resort, get test number from server cmd fileDaniel Stenberg2020-05-151-18/+52
| | | | | | | | If it can't be found in the request. Also support --cmdfile to set it to a custom file name. runtests.pl always writes this file with the test number in it since a while back.
* ftp: shut down the secondary connection properly when SSL is usedDaniel Stenberg2020-05-151-3/+4
| | | | | | Reported-by: Neal Poole Fixes #5340 Closes #5385
* KNOWN_BUGS: adapt 5.5 to recent changesMarcel Raad2020-05-141-12/+6
| | | | | | | It only applies to non-Unicode builds now. Also merge 5.10 into it as it's effectively a duplicate. Closes https://github.com/curl/curl/pull/3784
* curl_setup: support Unicode functions to open files on WindowsMarcel Raad2020-05-142-2/+59
| | | | | | | Use them only if `_UNICODE` is defined, in which case command-line arguments have been converted to UTF-8. Closes https://github.com/curl/curl/pull/3784
* tool: support UTF-16 command line on WindowsMarcel Raad2020-05-144-11/+25
| | | | | | | | | | | | | | | | | | - use `wmain` instead of `main` when `_UNICODE` is defined [0] - define `argv_item_t` as `wchar_t *` in this case - use the curl_multibyte gear to convert the command-line arguments to UTF-8 This makes it possible to pass parameters with characters outside of the current locale on Windows, which is required for some tests, e.g. the IDN tests. Out of the box, this currently only works with the Visual Studio project files, which default to Unicode, and winbuild with the `ENABLE_UNICODE` option. [0] https://devblogs.microsoft.com/oldnewthing/?p=40643 Ref: https://github.com/curl/curl/issues/3747 Closes https://github.com/curl/curl/pull/3784
* curl_multibyte: add to curlxMarcel Raad2020-05-1416-119/+128
| | | | | | | This will also be needed in the tool and tests. Ref: https://github.com/curl/curl/pull/3758#issuecomment-482197512 Closes https://github.com/curl/curl/pull/3784
* url: make the updated credentials URL-encoded in the URLDaniel Stenberg2020-05-143-2/+83
| | | | | | | | Found-by: Gregory Jefferis Reported-by: Jeroen Ooms Added test 1168 to verify. Bug spotted when doing a redirect. Bug: https://github.com/jeroen/curl/issues/224 Closes #5400
* tests: add https-proxy support to the test suiteDaniel Stenberg2020-05-144-29/+138
| | | | | | | Initial test 1630 added with basic HTTPS-proxy use. HTTPS-proxy is like HTTP proxy but with a full TLS connection to the proxy. Closes #5399
* mailmap: James FullerDaniel Stenberg2020-05-141-0/+1
|
* vauth/cleartext: fix theoretical integer overflowMajor_Tom2020-05-141-1/+2
| | | | | | | | | | | Fix theoretical integer overflow in Curl_auth_create_plain_message. The security impact of the overflow was discussed on hackerone. We agreed this is more of a theoretical vulnerability, as the integer overflow would only be triggerable on systems using 32-bits size_t with over 4GB of available memory space for the process. Closes #5391
* curl.1: Quote globbed URLsJay Satiro2020-05-131-7/+7
| | | | | | | | | | - Quote the globbing example URLs that contain characters [] {} since otherwise they may be interpreted as shell metacharacters. Bug: https://github.com/curl/curl/issues/5388 Reported-by: John Simpson Closes https://github.com/curl/curl/pull/5394
* checksrc: enhance the ASTERISKSPACE and update code accordinglyDaniel Stenberg2020-05-1423-56/+56
| | | | | | | | Fine: "struct hello *world" Not fine: "struct hello* world" (and variations) Closes #5386
* docs/options-in-versions: which version added each cmdline optionDaniel Stenberg2020-05-136-2/+392
| | | | | | | | Added test 971 to verify that the list is in sync with the files in cmdline-opts. The check also verifies that .d-files that uses Added: specify the same version number as the options-in-versions file does. Closes #5381
* docs: unify protocol listsDaniel Stenberg2020-05-132-4/+6
| | | | | | | We boast support for 25 transfer protocols. Make sure the lists are consistent Closes #5384
* OpenSSL: have CURLOPT_CRLFILE imply CURLSSLOPT_NO_PARTIALCHAINDaniel Stenberg2020-05-132-7/+14
| | | | | | | | ... to avoid an OpenSSL bug that otherwise makes the CRL check to fail. Reported-by: Michael Kaufmann Fixes #5374 Closes #5376
* tls13-ciphers.d: shorten the ArgDaniel Stenberg2020-05-131-1/+1
|
* sasl-authzid.d: add Arg: and shorten the descDaniel Stenberg2020-05-131-1/+2
|
* cert-type.d: mention the available types in the descDaniel Stenberg2020-05-131-1/+1
|
* tool: shorten 3 --help descriptionsDaniel Stenberg2020-05-134-19/+20
| | | | | | | | --happy-eyeballs-timeout-ms, --resolve and --ssl-revoke-best-effort gen.pl already warned about these lines but we didn't listen Closes #5379
* configure: the wolfssh backend does not provide SCPDaniel Stenberg2020-05-131-1/+0
| | | | Closes #5387
* RELEASE-NOTES: syncedDaniel Stenberg2020-05-131-6/+30
|
* url: reject too long input when parsing credentialsDaniel Stenberg2020-05-131-0/+6
| | | | | | | | | | Since input passed to libcurl with CURLOPT_USERPWD and CURLOPT_PROXYUSERPWD circumvents the regular string length check we have in Curl_setstropt(), the input length limit is enforced in Curl_parse_login_details too, separately. Reported-by: Thomas Bouzerar Closes #5383
* list-only.d: this option existed already in 4.0Daniel Stenberg2020-05-121-1/+1
|