| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Well-behaving HTTP2 servers send two GOAWAY messages. The first
message is a warning that indicates that the server is going to
stop accepting streams. The second one actually closes the stream.
nghttp2 reports this state (and the other state of no more stream
identifiers) via the call nghttp2_session_check_request_allowed().
In this state the client should not create more streams on the
session (tcp connection), and in curl this means that the server
has requested that the connection is closed.
It would be also be possible to put the connclose() call into the
on_http2_frame_recv() function that triggers on the GOAWAY message.
This fixes a bug seen when the client sees the following sequence of
frames:
// advisory GOAWAY
HTTP2 GOAWAY [stream-id = 0, promised-stream-id = -1]
... some additional frames
// final GOAWAY
HTTP2 GOAWAY [stream-id = 0, promised-stream-id = N ]
Before this change, curl will attempt to reuse the connection even
after the last stream, will encounter this error:
* Found bundle for host localhost: 0x5595f0a694e0 [can multiplex]
* Re-using existing connection! (#0) with host localhost
* Connected to localhost (::1) port 10443 (#0)
* Using Stream ID: 9 (easy handle 0x5595f0a72e30)
> GET /index.html?5 HTTP/2
> Host: localhost:10443
> user-agent: curl/7.68.0
> accept: */*
>
* stopped the pause stream!
* Connection #0 to host localhost left intact
curl: (16) Error in the HTTP2 framing layer
This error may posion the connection cache, causing future requests
which resolve to the same curl connection to go through the same error
path.
Closes #5643
|
|
|
|
|
|
|
| |
Rely on tests asking the names to get refused instead - test servers
should be as dumb as possible. Edited test 914, 955 and 959 accordingly.
Closes #5639
|
|
|
|
|
|
|
| |
This came up in #5640. It make sense to clarify this in the docs!
Reminded-by: Kamil Dudka
Closes #5642
|
|
|
|
|
|
|
| |
It was disabled by mistake in commit curl-7_37_1-23-ge38ba4301.
Bug: https://bugzilla.redhat.com/1833193
Closes #5640
|
|
|
|
|
|
|
|
|
| |
Confusingly, nghttp2 has two different error code enums:
- nghttp2_error, to be used with nghttp2_strerror
- nghttp2_error_code, to be used with nghttp2_http2_strerror
Closes #5641
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since commit f3d501dc678, if proxy support is disabled, MSVC warns:
url.c : warning C4701: potentially uninitialized local variable
'hostaddr' used
url.c : error C4703: potentially uninitialized local pointer variable
'hostaddr' used
That could actually only happen if both `conn->bits.proxy` and
`CURL_DISABLE_PROXY` were enabled.
Initialize it to NULL to silence the warning.
Closes https://github.com/curl/curl/pull/5638
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 8bc25c590e530de87595d1bb3577f699eb1309b9.
That commit (from #5397) introduced a regression in 7.71.0.
Reported-by: tmkk on github
Fixes #5631
Closes #5632
|
| |
|
| |
|
|
|
|
|
|
|
| |
It has been failing for a good while again. This time we better leave it
disabled until we have more reason to believe it behaves.
Closes #5628
|
|
|
|
|
|
|
|
| |
ngtcp2 added two new callbacks
Reported-by: Lucien Zürcher
Fixes #5624
Closes #5627
|
|
|
|
|
|
| |
Reported-by: qiandu2006 on github
Fixes #5622
Closes #5623
|
|
|
|
|
|
| |
Reported-by: Gergely Nagy
Fixes #5617
Closes #5619
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Updated terminology in docs, comments and phrases to refer to C strings
as "null-terminated". Done to unify with how most other C oriented docs
refer of them and what users in general seem to prefer (based on a
single highly unscientific poll on twitter).
Reported-by: coinhubs on github
Fixes #5598
Closes #5608
|
|
|
|
|
|
|
|
|
|
| |
Regression in 7.71.0
Added test case 346 to verify.
Reported-by: Kristoffer Gleditsch
Fixes #5613
Closes #5616
|
|
|
|
| |
This is a config file for deepcode.ai, a static code analyzer.
|
|
|
|
|
|
|
|
|
|
| |
- Return 'failure' on failure, to follow the existing style.
- Put Warning: and the warning message on the same line.
Ref: https://github.com/curl/curl/issues/5610
Closes https://github.com/curl/curl/pull/5612
|
|
|
|
|
| |
Assisted-by: Jay Satiro
Closes #5607
|
|
|
|
|
|
|
| |
Attempt to reproduce #5593. Test case 1514 is very similar but uses
HTTP/1.1 and thus switches to chunked.
Closes #5595
|
|
|
|
|
|
|
|
|
| |
Don't reference fields that do not exist. Fixes build failure:
vtls/mbedtls.c: In function 'mbed_connect_step1':
vtls/mbedtls.c:249:54: error: 'struct connectdata' has no member named 'http_proxy'
Closes #5615
|
|
|
|
| |
It needs a 'with:' in front of it.
|
|
|
| |
enables code security scanning with github actions
|
|
|
|
|
|
| |
test 1296 is a simply command line test
test 1910 is a libcurl test including a redirect
|
|
|
|
|
|
| |
Reported-by: Jon Johnson Jr
Fixes #5582
Closes #5592
|
|
|
|
|
|
| |
... or all "control codes" or nothing.
Assisted-by: Nicolas Sterchele
|
|
|
|
|
|
|
|
|
| |
...previously CURLINFO_EFFECTIVE_URL would report the URL of the
original "mother transfer", not the actually pushed resource.
Reported-by: Jonathan Cardoso Machado
Fixes #5589
Closes #5591
|
|
|
|
|
|
|
| |
- Include wincrypt before OpenSSL includes so that the latter can
properly handle any conflicts between the two.
Closes https://github.com/curl/curl/pull/5606
|
|
|
|
| |
As was reported in #5601
|
|
|
|
|
|
|
|
| |
Regression added in 7.71.0.
Fixes #5601
Reported-by: Kristoffer Gleditsch
Closes #5602
|
|
|
|
|
|
| |
Reported-by: Siva Sivaraman
Fixes #5412
Closes #5597
|
|
|
|
|
|
|
|
|
| |
Replace "Failed writing body (X != Y)" with
"Failure writing output to destination". Possibly slightly less cryptic.
Reported-by: coinhubs on github
Fixes #5594
Closes #5596
|
| |
|
| |
|
|
|
|
| |
Closes #5599
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
Follow-up to c4e6968127e876b0
When a new transfer is created, as a resuly of an acknowledged push,
that transfer needs a download buffer allocated.
Closes #5590
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit changes the behavior of CURLSSLOPT_NATIVE_CA so that it does
not override CURLOPT_CAINFO / CURLOPT_CAPATH, or the hardcoded default
locations. Instead the CA store can now be used at the same time.
The change is due to the impending release. The issue is still being
discussed. The behavior of CURLSSLOPT_NATIVE_CA is subject to change and
is now documented as experimental.
Ref: bc052cc (parent commit)
Ref: https://github.com/curl/curl/issues/5585
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Background:
148534d added CURLSSLOPT_NATIVE_CA to use the Windows OS certificate
store in libcurl w/ OpenSSL on Windows. CURLSSLOPT_NATIVE_CA overrides
CURLOPT_CAINFO if both are set. The curl tool will fall back to
CURLSSLOPT_NATIVE_CA if it could not find a certificate bundle to set
via CURLOPT_CAINFO.
Problem:
libcurl may be built with hardcoded paths to a certificate bundle or
directory, and if CURLSSLOPT_NATIVE_CA is used then those paths are
ignored.
Solution:
A solution is still being discussed but since there's an impending
release this commit removes using CURLSSLOPT_NATIVE_CA in the curl tool.
Ref: https://github.com/curl/curl/issues/5585
|
|
|
|
|
|
|
| |
Prior to this change I assume a build error would occur when
CURL_CA_FALLBACK was used.
Closes https://github.com/curl/curl/pull/5587
|
| |
|
| |
|
|
|
|
|
| |
Reported-by: sn on hackerone
Bug: https://curl.haxx.se/docs/CVE-2020-8177.html
|
|
|
|
|
|
| |
Reviewed-by: Marcel Raad
Fixes #5512
Closes #5517
|