summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* wolfSSH: new SSH backendDaniel Stenberg2020-01-128-17/+1247
| | | | | | Adds support for SFTP (not SCP) using WolfSSH. Closes #4231
* curl: remove 'config' field from OutStructDaniel Stenberg2020-01-129-52/+48
| | | | | | | | | | | | As it was just unnecessary duplicated information already stored in the 'per_transfer' struct and that's around mostly anyway. The duplicated pointer caused problems when the code flow was aborted before the dupe was filled in and could cause a NULL pointer access. Reported-by: Brian Carpenter Fixes #4807 Closes #4810
* misc: Copyright year out of date, should be 2020Daniel Stenberg2020-01-126-6/+6
| | | | | | Follow-up to recent commits [skip ci]
* libssh2: add support for forcing a hostkey typeSantino Keupp2020-01-111-0/+130
| | | | | | | | | | | | - Allow forcing the host's key type found in the known_hosts file. Currently, curl (with libssh2) does not take keys from your known_hosts file into account when talking to a server. With this patch the known_hosts file will be searched for an entry matching the hostname and, if found, libssh2 will be told to claim this key type from the server. Closes https://github.com/curl/curl/pull/4747
* cmake: Improve libssh2 check on Windowsnicoguillier2020-01-111-1/+1
| | | | | | | | | | | | | - Add "libssh2" name to FindLibSSH2 library search. On Windows systems, libSSH2 CMake installation may name the library "LibSSH2". Prior to this change cmake only checked for name "ssh2". On Linux that works fine because it will prepend the "lib", but it doesn't do that on Windows. Closes https://github.com/curl/curl/pull/4804
* schannel: Make CURLOPT_CAINFO work better on Windows 7Faizur Rahman2020-01-111-20/+130
| | | | | | | | | | | | | | | | | | | | | - Support hostname verification via alternative names (SAN) in the peer certificate when CURLOPT_CAINFO is used in Windows 7 and earlier. CERT_NAME_SEARCH_ALL_NAMES_FLAG doesn't exist before Windows 8. As a result CertGetNameString doesn't quite work on those versions of Windows. This change provides an alternative solution for CertGetNameString by iterating through CERT_ALT_NAME_INFO for earlier versions of Windows. Prior to this change many certificates failed the hostname validation when CURLOPT_CAINFO was used in Windows 7 and earlier. Most certificates now represent multiple hostnames and rely on the alternative names field exclusively to represent their hostnames. Reported-by: Jeroen Ooms Fixes https://github.com/curl/curl/issues/3711 Closes https://github.com/curl/curl/pull/4761
* ngtcp2: Add an error code for QUIC connection errorsEmil Engler2020-01-117-14/+25
| | | | | | | | | | - Add new error code CURLE_QUIC_CONNECT_ERROR for QUIC connection errors. Prior to this change CURLE_FAILED_INIT was used, but that was not correct. Closes https://github.com/curl/curl/pull/4754
* multi: Change curl_multi_wait/poll to error on negative timeoutJay Satiro2020-01-117-4/+17
| | | | | | | | | | | | | | - Add new error CURLM_BAD_FUNCTION_ARGUMENT and return that error when curl_multi_wait/poll is passed timeout param < 0. Prior to this change passing a negative value to curl_multi_wait/poll such as -1 could cause the function to wait forever. Reported-by: hamstergene@users.noreply.github.com Fixes https://github.com/curl/curl/issues/4763 Closes https://github.com/curl/curl/pull/4765
* cmake: Enable SMB for Windows buildsMarc Aldorasi2020-01-113-6/+22
| | | | | | | | | | | - Define USE_WIN32_CRYPTO by default. This enables SMB. - Show whether SMB is enabled in the "Enabled features" output. - Fix mingw compiler warning for call to CryptHashData by casting away const param. mingw CryptHashData prototype is wrong. Closes https://github.com/curl/curl/pull/4717
* vtls: Refactor Curl_multissl_version to make the code clearerJay Satiro2020-01-111-16/+21
| | | | | | | | Reported-by: Johannes Schindelin Ref: https://github.com/curl/curl/pull/3863#pullrequestreview-241395121 Closes https://github.com/curl/curl/pull/4803
* fix: Copyright year out of date, should be 2020Daniel Stenberg2020-01-104-4/+4
| | | | Follow-up to 875314ed0bf3b
* hostip: move code to resolve IP address literals to `Curl_resolv`Marcel Raad2020-01-104-223/+175
| | | | | | | | | | | | | | | | The code was duplicated in the various resolver backends. Also, it was called after the call to `Curl_ipvalid`, which matters in case of `CURLRES_IPV4` when called from `connect.c:bindlocal`. This caused test 1048 to fail on classic MinGW. The code ignores `conn->ip_version` as done previously in the individual resolver backends. Move the call to the `resolver_start` callback up to appease test 655, which wants it to be called also for literal addresses. Closes https://github.com/curl/curl/pull/4798
* scripts/delta: adapt to new public header layoutDaniel Stenberg2020-01-091-3/+3
|
* test1167: verify global symbols in public headers are curl prefixedDaniel Stenberg2020-01-094-3/+160
| | | | | | | ... using the new badsymbols.pl perl script Fixes #4793 Closes #4794
* libtest/mk-lib1521: adapt to new public header layoutDaniel Stenberg2020-01-091-23/+24
|
* include: remove non-curl prefixed definesDaniel Stenberg2020-01-093-369/+345
| | | | | ...requires some rearranging of the setup of CURLOPT_ and CURLMOPT_ enums.
* curl.h: remove WIN32 defineDaniel Stenberg2020-01-091-10/+1
| | | | | It isn't our job to define this in a public header - and it defines a name outside of our naming scope.
* tool_dirhie.c: fix the copyright year rangeDaniel Stenberg2020-01-091-1/+1
| | | | Follow-up to: 4027bd72d9
* bump: work towards 7.69.0 is startedDaniel Stenberg2020-01-092-266/+14
|
* tool_dirhie: Allow directory traversal during creationJay Satiro2020-01-091-2/+17
| | | | | | | | | | | | | | | | | | | - When creating a directory hierarchy do not error when mkdir fails due to error EACCESS (13) "access denied". Some file systems allow for directory traversal; in this case that it should be possible to create child directories when permission to the parent directory is restricted. This is a regression caused by me in f16bed0 (precedes curl-7_61_1). Basically I had assumed that if a directory already existed it would fail only with error EEXIST, and not error EACCES. The latter may happen if the directory exists but has certain restricted permissions. Reported-by: mbeifuss@users.noreply.github.com Fixes https://github.com/curl/curl/issues/4796 Closes https://github.com/curl/curl/pull/4797
* KNOWN_BUGS: AUTH PLAIN for SMTP is not working on all serversDaniel Stenberg2020-01-091-0/+7
| | | | Closes #4080
* docs/RELEASE-PROCEDURE.md: pushed some release datesDaniel Stenberg2020-01-091-8/+8
| | | | Ref: https://curl.haxx.se/mail/lib-2020-01/0031.html
* runtests: make random seed fixed for a monthDaniel Stenberg2020-01-092-10/+39
| | | | | | | | | | | | | | | | | When using randomized features of runtests (-R and --shallow) it is useful to have a fixed random seed to make sure for example extra commits in a branch or a rebase won't change the seed that would make repeated runs work differently. As it is also useful to change seed sometimes, the default seed is now determined based on the current month (and first line curl -V output). When the month changes, so will the random seed. The specific seed is also shown in the standard test suite top header and it can be set explictly with the new --seed=[num] option so that the exact order of a previous run can be achieved. Closes #4734
* RELEASE-PROCEDURE.md: fix next release date (Feb 26)Daniel Stenberg2020-01-081-1/+1
| | | | [skip ci]
* RELEASE-NOTES: 7.68.0curl-7_68_0Daniel Stenberg2020-01-081-16/+58
|
* THANKS: updated with names from the 7.68.0 releaseDaniel Stenberg2020-01-071-0/+32
|
* RELEASE-PROCEDURE: add four future release datesDaniel Stenberg2020-01-071-4/+4
| | | | | | and remove four past release dates [skip ci]
* TrackMemory tests: always remove CR before LFMarcel Raad2020-01-062-0/+2
| | | | | | | | It was removed for output containing ' =' via `s/ =.*//`. With classic MinGW, this made lines with `free()` end with CRLF, but lines with e.g. `malloc()` end with only LF. The tests expect LF only. Closes https://github.com/curl/curl/pull/4788
* multi.h: move INITIAL_MAX_CONCURRENT_STREAMS from public headerDaniel Stenberg2020-01-062-5/+6
| | | | | | | ... to the private multihhandle.h. It is not for public use and it wasn't prefixed correctly anyway! Closes #4790
* file: fix copyright year rangeDaniel Stenberg2020-01-061-1/+1
| | | | Follow-up to 1b71bc532bd
* curl -w: handle a blank input file correctlyDaniel Stenberg2020-01-063-3/+51
| | | | | | | | | | Previously it would end up with an uninitialized memory buffer that would lead to a crash or junk getting output. Added test 1271 to verify. Reported-by: Brian Carpenter Closes #4786
* file: on Windows, refuse paths that start with \\Daniel Stenberg2020-01-061-2/+4
| | | | | | | | | ... as that might cause an unexpected SMB connection to a given host name. Reported-by: Fernando Muñoz CVE-2019-15601 Bug: https://curl.haxx.se/docs/CVE-2019-15601.html
* CURLOPT_READFUNCTION.3: fix fopen params in exampleJay Satiro2020-01-061-1/+1
|
* CURLOPT_READFUNCTION.3: fix variable name in exampleJay Satiro2020-01-061-1/+1
| | | | | | Reported-by: Paul Joyce Fixes https://github.com/curl/curl/issues/4787
* curl:getparameter return error for --http3 if libcurl doesn't supportDaniel Stenberg2020-01-051-2/+5
| | | | Closes #4785
* docs: mention CURL_MAX_INPUT_LENGTH restrictionsDaniel Stenberg2020-01-052-2/+10
| | | | | | | | ... for curl_easy_setopt() and curl_url_set(). [skip ci] Closes #4783
* curl: properly free mimepost dataDaniel Stenberg2020-01-043-2/+72
| | | | | | | | | | ... as it could otherwise leak memory when a transfer failed. Added test 1293 to verify. Reported-by: Brian Carpenter Fixes #4781 Closes #4782
* curl: cleanup multi handle on failureDaniel Stenberg2020-01-041-2/+4
| | | | | | | | ... to fix memory leak in error path. Fixes #4772 Closes #4780 Reported-by: Brian Carpenter
* lib: fix compiler warnings with `CURL_DISABLE_VERBOSE_STRINGS`Marcel Raad2020-01-034-10/+15
| | | | Closes https://github.com/curl/curl/pull/4775
* COPYING: it's 2020!Daniel Stenberg2020-01-031-1/+1
| | | | [skip ci]
* tests: Fix bounce requests with truncated writesMarc Aldorasi2020-01-031-0/+2
| | | | | | | | Prior to this change the swsbounce check in service_connection could fail because prevtestno and prevpartno were not set, which would cause the wrong response data to be sent to some tests and cause them to fail. Ref: https://github.com/curl/curl/pull/4717#issuecomment-570240785
* tool: make a few char pointers point to const char insteadMarcel Raad2019-12-313-4/+3
| | | | | | These are read-only. Closes https://github.com/curl/curl/pull/4771
* tests: Change NTLM tests to require SSLJay Satiro2019-12-3148-0/+48
| | | | | | | | | | | | | | | | | | Prior to this change tests that required NTLM feature did not require SSL feature. There are pending changes to cmake builds that will allow enabling NTLM in non-SSL builds in Windows. In that case the NTLM auth strings created are different from what is expected by the NTLM tests and they fail: "The issue with NTLM is that previous non-SSL builds would not enable NTLM and so the NTLM tests would be skipped." Assisted-by: marc-groundctl@users.noreply.github.com Ref: https://github.com/curl/curl/pull/4717#issuecomment-566218729 Closes https://github.com/curl/curl/pull/4768
* bearssl: Improve I/O handlingMichael Forney2019-12-311-85/+77
| | | | | | | | | | | | | | | | | Factor out common I/O loop as bearssl_run_until, which reads/writes TLS records until the desired engine state is reached. This is now used for the handshake, read, write, and close. Match OpenSSL SSL_write behavior, and don't return the number of bytes written until the corresponding records have been completely flushed across the socket. This involves keeping track of the length of data buffered into the TLS engine, and assumes that when CURLE_AGAIN is returned, the write function will be called again with the same data and length arguments. This is the same requirement of SSL_write. Handle TLS close notify as EOF when reading by returning 0. Closes https://github.com/curl/curl/pull/4748
* travis: Fix error detectionJay Satiro2019-12-314-250/+267
| | | | | | | | | | | | | | - Stop using inline shell scripts for before_script and script sections. Prior to this change Travis could ignore errors from commands in inline scripts. I don't understand how or why it happens. This is a workaround. Assisted-by: Simon Warta Ref: https://github.com/travis-ci/travis-ci/issues/1066 Fixes https://github.com/curl/curl/issues/3730 Closes https://github.com/curl/curl/pull/3755
* tool_operate: fix mem leak when failed config parseJay Satiro2019-12-291-1/+3
| | | | | | | | Found by fuzzing the config file. Reported-by: Geeknik Labs Fixes https://github.com/curl/curl/issues/4767
* lib: remove erroneous +x file permission on some c filesXiang Xiao2019-12-272-0/+0
| | | | | | Modified by commit eb9a604 accidentally. Closes https://github.com/curl/curl/pull/4756
* lib: fix warnings found when porting to NuttXXiang Xiao2019-12-273-1/+5
| | | | | | | | | | | | - Undefine DEBUGASSERT in curl_setup_once.h in case it was already defined as a system macro. - Don't compile write32_le in curl_endian unless CURL_SIZEOF_CURL_OFF_T > 4, since it's only used by Curl_write64_le. - Include <arpa/inet.h> in socketpair.c. Closes https://github.com/curl/curl/pull/4756
* os400: Add missing CURLE error constantsJay Satiro2019-12-261-0/+6
| | | | | Bug: https://github.com/curl/curl/pull/4754#issuecomment-569126922 Reported-by: Emil Engler
* CURLOPT_HEADERFUNCTION.3: Document that size is always 1Jay Satiro2019-12-261-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | For compatibility with `fwrite`, the `CURLOPT_HEADERFUNCTION` callback is passed two `size_t` parameters which, when multiplied, designate the number of bytes of data passed in. In practice, CURL always sets the first parameter (`size`) to 1. This practice is also enshrined in documentation and cannot be changed in future. The documentation states that the default callback is `fwrite`, which means `fwrite` must be a suitable function for this purpose. However, the documentation also states that the callback must return the number of *bytes* it successfully handled, whereas ISO C `fwrite` returns the number of items (each of size `size`) which it wrote. The only way these numbers can be equal is if `size` is 1. Since `size` is 1 and can never be changed in future anyway, document that fact explicitly and let users rely on it. Reported-by: Frank Gevaerts Commit-message-by: Christopher Head Ref: https://github.com/curl/curl/pull/2787 Fixes https://github.com/curl/curl/issues/4758