summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* gnutls: assume nettle crypto supportbagder/gnutls-only-nettleDaniel Stenberg2021-02-186-212/+24
| | | | | nettle has been the default crypto library with GnuTLS since 2010. By dropping support for the previous libcrypto, we simplify code.
* test1188: change error from connect to resolve errorDaniel Stenberg2021-02-181-2/+2
| | | | | | | | | | | | Using the %NOLISTENPORT to trigger a connection failure is somewhat "risky" (since it isn't guaranteed to not be listened to) and caused occasional CI problems. This fix changes the infused error to be a more reliable one but still verifies the --write-out functionality properly - which is the purpose of this test. Reported-by: Jay Satiro Fixes #6621 Closes #6623
* url.c: use consistent error message for failed resolveDaniel Stenberg2021-02-181-1/+1
|
* BUGS: language polishDaniel Stenberg2021-02-181-8/+8
|
* wolfssl: don't store a NULL sessionidDaniel Stenberg2021-02-171-21/+21
| | | | | | | | | | This caused a memory leak as the session id cache entry was still erroneously stored with a NULL sessionid and that would later be treated as not needed to get freed. Reported-by: Gisle Vanem Fixes #6616 Closes #6617
* parse_proxy: fix a memory leak in the OOM pathDaniel Stenberg2021-02-171-6/+13
| | | | | | | | | Reported-by: Jay Satiro Reviewed-by: Jay Satiro Reviewed-by: Emil Engler Closes #6614 Bug: https://github.com/curl/curl/pull/6591#issuecomment-780396541
* url: fix possible use-after-free in default protocolJay Satiro2021-02-171-5/+4
| | | | | | | | | | | Prior to this change if the user specified a default protocol and a separately allocated non-absolute URL was used then it was freed prematurely, before it was then used to make the replacement URL. Bug: https://github.com/curl/curl/issues/6604#issuecomment-780138219 Reported-by: arvids-kokins-bidstack@users.noreply.github.com Closes https://github.com/curl/curl/pull/6613
* multi: rename the multi transfer statesDaniel Stenberg2021-02-163-139/+134
| | | | | | | | | | While working on documenting the states it dawned on me that step one is to use more descriptive names on the states. This also changes prefix on the states to make them shorter in the source. State names NOT ending with *ing are transitional ones. Closes #6612
* http: do not add a referrer header with empty valueViktor Szakats2021-02-161-1/+2
| | | | | | | | | | Previously an empty 'Referer:' header was added to the HTTP request when passing `--referer ';auto'` or `--referer ''` on the command-line. This patch makes `--referer` work like `--header 'Referer:'` and will only add the header if it has a non-zero length value. Reviewed-by: Jay Satiro Closes #6610
* lib: remove 'conn->data' completelyDaniel Stenberg2021-02-167-79/+26
| | | | | | | | The Curl_easy pointer struct entry in connectdata is now gone. Just before commit 215db086e0 landed on January 8, 2021 there were 919 references to conn->data. Closes #6608
* openldap: pass 'data' to the callbacks instead of 'conn'Daniel Stenberg2021-02-161-7/+9
|
* doh: Fix sharing user's resolve list with DOH handlesJay Satiro2021-02-151-0/+1
| | | | | | | | | | | | | | | | | | | - Share the shared object from the user's easy handle with the DOH handles. Prior to this change if the user had set a shared object with shared cached DNS (CURL_LOCK_DATA_DNS) for their easy handle then that wasn't used by any associated DOH handles, since they used the multi's default hostcache. This change means all the handles now use the same hostcache, which is either the shared hostcache from the user created shared object if it exists or if not then the multi's default hostcache. Reported-by: Manuj Bhatia Fixes https://github.com/curl/curl/issues/6589 Closes https://github.com/curl/curl/pull/6607
* http2: remove conn->data useDaniel Stenberg2021-02-154-40/+67
| | | | | | | | | | | | ... but instead use a private alternative that points to the "driving transfer" from the connection. We set the "user data" associated with the connection to be the connectdata struct, but when we drive transfers the code still needs to know the pointer to the transfer. We can change the user data to become the Curl_easy handle, but with older nghttp2 version we cannot dynamically update that pointer properly when different transfers are used over the same connection. Closes #6520
* openssl: remove conn->data useDaniel Stenberg2021-02-151-13/+21
| | | | | | | | | | | | | | We still make the trace callback function get the connectdata struct passed to it, since the callback is anchored on the connection. Repeatedly updating the callback pointer to set 'data' with SSL_CTX_set_msg_callback_arg() doesn't seem to work, probably because there might already be messages in the queue with the old pointer. This code therefore makes sure to set the "logger" handle before using OpenSSL calls so that the right easy handle gets used for tracing. Closes #6522
* RELEASE-NOTES: syncedDaniel Stenberg2021-02-151-8/+14
|
* doh: add options to disable ssl verificationJay Satiro2021-02-1422-44/+404
| | | | | | | | | | | | | | | | | | | | | | - New libcurl options CURLOPT_DOH_SSL_VERIFYHOST, CURLOPT_DOH_SSL_VERIFYPEER and CURLOPT_DOH_SSL_VERIFYSTATUS do the same as their respective counterparts. - New curl tool options --doh-insecure and --doh-cert-status do the same as their respective counterparts. Prior to this change DOH SSL certificate verification settings for verifyhost and verifypeer were supposed to be inherited respectively from CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER, but due to a bug were not. As a result DOH verification remained at the default, ie enabled, and it was not possible to disable. This commit changes behavior so that the DOH verification settings are independent and not inherited. Ref: https://github.com/curl/curl/pull/4579#issuecomment-554723676 Fixes https://github.com/curl/curl/issues/4578 Closes https://github.com/curl/curl/pull/6597
* hostip: fix crash in sync resolver builds that use DOHJay Satiro2021-02-131-4/+4
| | | | | | | | | | | | | | | - Guard some Curl_async accesses with USE_CURL_ASYNC instead of !CURLRES_SYNCH. This is another follow-up to 8335c64 which moved the async struct from the connectdata struct into the Curl_easy struct. A previous follow-up 6cd167a fixed building for sync resolver by guarding some async struct accesses with !CURLRES_SYNCH. The problem is since DOH (DNS-over-HTTPS) is available as an asynchronous secondary resolver the async struct may be used even when libcurl is built for the sync resolver. That means that CURLRES_SYNCH and USE_CURL_ASYNC may be defined at the same time. Closes https://github.com/curl/curl/pull/6603
* KNOWN_BUGS: cannot enable LDAPS on Windows with cmakeDaniel Stenberg2021-02-131-0/+5
| | | | | Reported-by: Jack Boos Yu Closes #6284
* KNOWN_BUGS: Excessive HTTP/2 packets with TCP_NODELAYDaniel Stenberg2021-02-131-0/+11
| | | | | Reported-by: Alex Xu Closes #6363
* http: use credentials from transfer, not connectionDaniel Stenberg2021-02-1312-112/+211
| | | | | | | | | | | | | | | | | | | HTTP auth "accidentally" worked before this cleanup since the code would always overwrite the connection credentials with the credentials from the most recent transfer and since HTTP auth is typically done first thing, this has not been an issue. It was still wrong and subject to possible race conditions or future breakage if the sequence of functions would change. The data.set.str[] strings MUST remain unmodified exactly as set by the user, and the credentials to use internally are instead set/updated in state.aptr.* Added test 675 to verify different credentials used in two requests done over a reused HTTP connection, which previously behaved wrongly. Fixes #6542 Closes #6545
* test433: clear some home dir env variablesDaniel Stenberg2021-02-121-0/+2
| | | | | | | | | | Follow-up to bd6b54ba1f55b5 ... so that XDG_CONFIG_HOME is the only home dir variable set and thus used correctly in the test! Fixes #6599 Closes #6600
* RELEASE-NOTES: syncedDaniel Stenberg2021-02-122-11/+32
| | | | bumped the version to 7.76.0
* travis: install libgsasl-dev to add that to the buildsDaniel Stenberg2021-02-121-0/+1
| | | | Closes #6588
* urldata: don't touch data->set.httpversion at run-timeDaniel Stenberg2021-02-1217-34/+109
| | | | | | | | | Rename it to 'httpwant' and make a cloned field in the state struct as well for run-time updates. Also: refuse non-supported HTTP versions. Verified with test 129. Closes #6585
* tests: disable .curlrc in more environmentsViktor Szakats2021-02-111-0/+2
| | | | | | | | | by also setting CURL_HOME and XDG_CONFIG_HOME envvars to the local directory. Reviewed-by: Daniel Stenberg Fixes #6595 Closes #6596
* docs/Makefile.inc: format to be update-friendlyViktor Szakats2021-02-112-242/+358
| | | | | | | | | | - one source file per line - convert tabs to spaces - do not align line-continuation backslashes - sort source files alphabetically Reviewed-by: Daniel Stenberg Closes #6593
* curl: provide libgsasl version and feature info in -V outputDaniel Stenberg2021-02-112-2/+14
| | | | Closes #6592
* gsasl: provide CURL_VERSION_GSASL if built-inDaniel Stenberg2021-02-113-1/+6
| | | | | | To let applications know the feature is available. Closes #6592
* curl: add --fail-with-bodyDaniel Stenberg2021-02-1113-14/+179
| | | | | | | | Prevent both --fail and --fail-with-body on the same command line. Verify with test 349, 360 and 361. Closes #6449
* TODO: remove HSTSDaniel Stenberg2021-02-101-11/+0
| | | | Provided now since commit 7385610d0c74
* tests: Fix tests failing due to change in curl --helpJay Satiro2021-02-102-2/+2
| | | | | | | Follow-up to parent 3183217 which added add missing <mode> argument to --create-file-mode <mode>. Ref: https://github.com/curl/curl/issues/6590
* tool_help: add missing argument for --create-file-modeJay Satiro2021-02-101-2/+2
| | | | | | | | | | | | | | Prior to this change the required argument was not shown in curl --help. before: --create-file-mode File mode for created files after: --create-file-mode <mode> File mode (octal) for created files Reported-by: ZimCodes@users.noreply.github.com Fixes https://github.com/curl/curl/issues/6590
* create-file-mode.d: add missing Arg tagJay Satiro2021-02-101-1/+2
| | | | | | | | | | | Prior to this change the required argument was not shown. curl.1 before: --create-file-mode curl.1 after: --create-file-mode <mode> Reported-by: ZimCodes@users.noreply.github.com Fixes https://github.com/curl/curl/issues/6590
* gsasl: fix errors/warnings building against libgsaslViktor Szakats2021-02-101-14/+20
| | | | | | | | | | | | | - also fix an indentation - make Curl_auth_gsasl_token() use CURLcode (by Daniel Stenberg) Ref: https://github.com/curl/curl/pull/6372#issuecomment-776118711 Ref: https://github.com/curl/curl/pull/6588 Reviewed-by: Jay Satiro Assisted-by: Daniel Stenberg Reviewed-by: Simon Josefsson Closes #6587
* Makefile.m32: add support for libgsasl dependencyViktor Szakats2021-02-103-0/+34
| | | | | Reviewed-by: Marcel Raad Closes #6586
* ngtcp2: clarify calculation precedenceMarcel Raad2021-02-101-1/+1
| | | | | | As suggested by Codacy/cppcheck. Closes https://github.com/curl/curl/pull/6576
* server: remove redundant conditionMarcel Raad2021-02-102-2/+0
| | | | | | `end` is always non-null here. Closes https://github.com/curl/curl/pull/6576
* lib: remove redundant codeMarcel Raad2021-02-106-21/+8
| | | | Closes https://github.com/curl/curl/pull/6576
* mqttd: remove unused variableMarcel Raad2021-02-101-2/+0
| | | | Closes https://github.com/curl/curl/pull/6576
* tool_paramhlp: reduce variable scopeMarcel Raad2021-02-101-1/+2
| | | | Closes https://github.com/curl/curl/pull/6576
* tests: reduce variable scopesMarcel Raad2021-02-102-7/+4
| | | | Closes https://github.com/curl/curl/pull/6576
* lib: reduce variable scopesMarcel Raad2021-02-102-8/+4
| | | | Closes https://github.com/curl/curl/pull/6576
* ftp: fix Codacy/cppcheck warning about null pointer arithmeticMarcel Raad2021-02-101-1/+2
| | | | | | Increment `bytes` only if it is non-null. Closes https://github.com/curl/curl/pull/6576
* ngtcp2: adapt to the new recv_datagram callbackDaniel Stenberg2021-02-091-1/+2
|
* quiche: fix build error: use 'int' for port numberDaniel Stenberg2021-02-091-1/+1
| | | | Follow-up to cb2dc1ba8
* ftp: add 'list_only' to the transfer state structDaniel Stenberg2021-02-0910-12/+87
| | | | | | | | | and rename it from 'ftp_list_only' since it is also used for SSH and POP3. The state is updated internally for 'type=D' FTP URLs. Added test case 1570 to verify. Closes #6578
* ftp: add 'prefer_ascii' to the transfer state structDaniel Stenberg2021-02-099-21/+146
| | | | | | | | | | | ... and make sure the code never updates 'set.prefer_ascii' as it breaks handle reuse which should use the setting as the user specified it. Added test 1569 to verify: it first makes an FTP transfer with ';type=A' and then another without type on the same handle and the second should then use binary. Previously, curl failed this. Closes #6578
* RELEASE-NOTES: syncedDaniel Stenberg2021-02-091-6/+36
|
* vtls: initial implementation of rustls backendJacob Hoffman-Andrews2021-02-0912-8/+639
| | | | | | | | | | | | | | | | | This adds a new TLS backend, rustls. It uses the C-to-rustls bindings from https://github.com/abetterinternet/crustls. Rustls is at https://github.com/ctz/rustls/. There is still a fair bit to be done, like sending CloseNotify on connection shutdown, respecting CAPATH, and properly indicating features like "supports TLS 1.3 ciphersuites." But it works well enough to make requests and receive responses. Blog post for context: https://www.abetterinternet.org/post/memory-safe-curl/ Closes #6350
* sasl: support SCRAM-SHA-1 and SCRAM-SHA-256 via libgsaslSimon Josefsson2021-02-097-0/+261
| | | | Closes #6372
View Lorry Controller Status