| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
This caused a memory leak as the session id cache entry was still
erroneously stored with a NULL sessionid and that would later be treated
as not needed to get freed.
Reported-by: Gisle Vanem
Fixes #6616
|
| |
|
|
|
|
|
|
|
|
| |
While working on documenting the states it dawned on me that step one is
to use more descriptive names on the states. This also changes prefix on
the states to make them shorter in the source.
State names NOT ending with *ing are transitional ones.
Closes #6612
|
| |
|
|
|
|
|
|
|
|
| |
Previously an empty 'Referer:' header was added to the HTTP request when
passing `--referer ';auto'` or `--referer ''` on the command-line. This
patch makes `--referer` work like `--header 'Referer:'` and will only add
the header if it has a non-zero length value.
Reviewed-by: Jay Satiro
Closes #6610
|
| |
|
|
|
|
|
|
| |
The Curl_easy pointer struct entry in connectdata is now gone. Just
before commit 215db086e0 landed on January 8, 2021 there were 919
references to conn->data.
Closes #6608
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Share the shared object from the user's easy handle with the DOH
handles.
Prior to this change if the user had set a shared object with shared
cached DNS (CURL_LOCK_DATA_DNS) for their easy handle then that wasn't
used by any associated DOH handles, since they used the multi's default
hostcache.
This change means all the handles now use the same hostcache, which is
either the shared hostcache from the user created shared object if it
exists or if not then the multi's default hostcache.
Reported-by: Manuj Bhatia
Fixes https://github.com/curl/curl/issues/6589
Closes https://github.com/curl/curl/pull/6607
|
| |
|
|
|
|
|
|
|
|
|
|
| |
... but instead use a private alternative that points to the "driving
transfer" from the connection. We set the "user data" associated with
the connection to be the connectdata struct, but when we drive transfers
the code still needs to know the pointer to the transfer. We can change
the user data to become the Curl_easy handle, but with older nghttp2
version we cannot dynamically update that pointer properly when
different transfers are used over the same connection.
Closes #6520
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We still make the trace callback function get the connectdata struct
passed to it, since the callback is anchored on the connection.
Repeatedly updating the callback pointer to set 'data' with
SSL_CTX_set_msg_callback_arg() doesn't seem to work, probably because
there might already be messages in the queue with the old pointer.
This code therefore makes sure to set the "logger" handle before using
OpenSSL calls so that the right easy handle gets used for tracing.
Closes #6522
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- New libcurl options CURLOPT_DOH_SSL_VERIFYHOST,
CURLOPT_DOH_SSL_VERIFYPEER and CURLOPT_DOH_SSL_VERIFYSTATUS do the
same as their respective counterparts.
- New curl tool options --doh-insecure and --doh-cert-status do the same
as their respective counterparts.
Prior to this change DOH SSL certificate verification settings for
verifyhost and verifypeer were supposed to be inherited respectively
from CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER, but due to a bug
were not. As a result DOH verification remained at the default, ie
enabled, and it was not possible to disable. This commit changes
behavior so that the DOH verification settings are independent and not
inherited.
Ref: https://github.com/curl/curl/pull/4579#issuecomment-554723676
Fixes https://github.com/curl/curl/issues/4578
Closes https://github.com/curl/curl/pull/6597
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Guard some Curl_async accesses with USE_CURL_ASYNC instead of
!CURLRES_SYNCH.
This is another follow-up to 8335c64 which moved the async struct from
the connectdata struct into the Curl_easy struct. A previous follow-up
6cd167a fixed building for sync resolver by guarding some async struct
accesses with !CURLRES_SYNCH. The problem is since DOH (DNS-over-HTTPS)
is available as an asynchronous secondary resolver the async struct may
be used even when libcurl is built for the sync resolver. That means
that CURLRES_SYNCH and USE_CURL_ASYNC may be defined at the same time.
Closes https://github.com/curl/curl/pull/6603
|
| |
|
|
|
| |
Reported-by: Jack Boos Yu
Closes #6284
|
| |
|
|
|
| |
Reported-by: Alex Xu
Closes #6363
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
HTTP auth "accidentally" worked before this cleanup since the code would
always overwrite the connection credentials with the credentials from
the most recent transfer and since HTTP auth is typically done first
thing, this has not been an issue. It was still wrong and subject to
possible race conditions or future breakage if the sequence of functions
would change.
The data.set.str[] strings MUST remain unmodified exactly as set by the
user, and the credentials to use internally are instead set/updated in
state.aptr.*
Added test 675 to verify different credentials used in two requests done
over a reused HTTP connection, which previously behaved wrongly.
Fixes #6542
Closes #6545
|
| |
|
|
|
|
|
|
|
|
| |
Follow-up to bd6b54ba1f55b5
... so that XDG_CONFIG_HOME is the only home dir variable set and thus
used correctly in the test!
Fixes #6599
Closes #6600
|
| |
|
|
| |
bumped the version to 7.76.0
|
| |
|
|
| |
Closes #6588
|
| |
|
|
|
|
|
|
|
| |
Rename it to 'httpwant' and make a cloned field in the state struct as
well for run-time updates.
Also: refuse non-supported HTTP versions. Verified with test 129.
Closes #6585
|
| |
|
|
|
|
|
|
|
| |
by also setting CURL_HOME and XDG_CONFIG_HOME envvars to the local
directory.
Reviewed-by: Daniel Stenberg
Fixes #6595
Closes #6596
|
| |
|
|
|
|
|
|
|
|
| |
- one source file per line
- convert tabs to spaces
- do not align line-continuation backslashes
- sort source files alphabetically
Reviewed-by: Daniel Stenberg
Closes #6593
|
| |
|
|
| |
Closes #6592
|
| |
|
|
|
|
| |
To let applications know the feature is available.
Closes #6592
|
| |
|
|
|
|
|
|
| |
Prevent both --fail and --fail-with-body on the same command line.
Verify with test 349, 360 and 361.
Closes #6449
|
| |
|
|
| |
Provided now since commit 7385610d0c74
|
| |
|
|
|
|
|
| |
Follow-up to parent 3183217 which added add missing <mode> argument to
--create-file-mode <mode>.
Ref: https://github.com/curl/curl/issues/6590
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prior to this change the required argument was not shown in curl --help.
before:
--create-file-mode File mode for created files
after:
--create-file-mode <mode> File mode (octal) for created files
Reported-by: ZimCodes@users.noreply.github.com
Fixes https://github.com/curl/curl/issues/6590
|
| |
|
|
|
|
|
|
|
|
|
| |
Prior to this change the required argument was not shown.
curl.1 before: --create-file-mode
curl.1 after: --create-file-mode <mode>
Reported-by: ZimCodes@users.noreply.github.com
Fixes https://github.com/curl/curl/issues/6590
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- also fix an indentation
- make Curl_auth_gsasl_token() use CURLcode (by Daniel Stenberg)
Ref: https://github.com/curl/curl/pull/6372#issuecomment-776118711
Ref: https://github.com/curl/curl/pull/6588
Reviewed-by: Jay Satiro
Assisted-by: Daniel Stenberg
Reviewed-by: Simon Josefsson
Closes #6587
|
| |
|
|
|
| |
Reviewed-by: Marcel Raad
Closes #6586
|
| |
|
|
|
|
| |
As suggested by Codacy/cppcheck.
Closes https://github.com/curl/curl/pull/6576
|
| |
|
|
|
|
| |
`end` is always non-null here.
Closes https://github.com/curl/curl/pull/6576
|
| |
|
|
| |
Closes https://github.com/curl/curl/pull/6576
|
| |
|
|
| |
Closes https://github.com/curl/curl/pull/6576
|
| |
|
|
| |
Closes https://github.com/curl/curl/pull/6576
|
| |
|
|
| |
Closes https://github.com/curl/curl/pull/6576
|
| |
|
|
| |
Closes https://github.com/curl/curl/pull/6576
|
| |
|
|
|
|
| |
Increment `bytes` only if it is non-null.
Closes https://github.com/curl/curl/pull/6576
|
| | |
|
| |
|
|
| |
Follow-up to cb2dc1ba8
|
| |
|
|
|
|
|
|
|
| |
and rename it from 'ftp_list_only' since it is also used for SSH and
POP3. The state is updated internally for 'type=D' FTP URLs.
Added test case 1570 to verify.
Closes #6578
|
| |
|
|
|
|
|
|
|
|
|
| |
... and make sure the code never updates 'set.prefer_ascii' as it breaks
handle reuse which should use the setting as the user specified it.
Added test 1569 to verify: it first makes an FTP transfer with ';type=A'
and then another without type on the same handle and the second should
then use binary. Previously, curl failed this.
Closes #6578
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a new TLS backend, rustls. It uses the C-to-rustls bindings
from https://github.com/abetterinternet/crustls.
Rustls is at https://github.com/ctz/rustls/.
There is still a fair bit to be done, like sending CloseNotify on
connection shutdown, respecting CAPATH, and properly indicating features
like "supports TLS 1.3 ciphersuites." But it works well enough to make
requests and receive responses.
Blog post for context:
https://www.abetterinternet.org/post/memory-safe-curl/
Closes #6350
|
| |
|
|
| |
Closes #6372
|
| |
|
|
|
|
|
| |
This is a follow-up to 764c6bd. Prior to that change port variables
were usually type long.
Closes https://github.com/curl/curl/pull/6553
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Deduplicate the logic used by write-out and write-out json.
Rather than have separate writeLong, writeString, etc, logic for
each of write-out and write-out json instead have respective shared
functions that can output either format and a 'use_json' parameter to
indicate whether it is json that is output.
This will make it easier to maintain. Rather than have to go through
two sets of logic now we only have to go through one.
- Support write-out %{errormsg} and %{exitcode} in json.
- Clarify in the doc that %{exitcode} is the exit code of the transfer.
Prior to this change it just said "The numerical exitcode" which
implies it's the exit code of the tool, and it's not necessarily that.
Closes https://github.com/curl/curl/pull/6544
|
| |
|
|
|
|
| |
.. since the former is undocumented and they both do the same thing.
Closes https://github.com/curl/curl/pull/6517
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If libcurl is built with Unicode support for Windows then it is assumed
the filename string is Unicode in UTF-8 encoding and it is converted to
UTF-16 to be passed to the wide character version of the respective
function (eg wstat). However the filename string may actually be in the
local encoding so, even if it successfully converted to UTF-16, if it
could not be stat/accessed then try again using the local code page
version of the function (eg wstat fails try stat).
We already do this with fopen (ie wfopen fails try fopen), so I think it
makes sense to extend it to stat and access functions.
Closes https://github.com/curl/curl/pull/6514
|
| |
|
|
| |
Closes https://github.com/curl/curl/pull/6501
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Use _imp.lib suffix only for Microsoft's compiler (MSVC).
Prior to this change library suffix _imp.lib was used for the import
library on Windows regardless of compiler.
With this change the other compilers should now use their default
suffix which should be .dll.a.
This change is motivated by the usage of pkg-config on MSYS2.
Indeed, when 'pkg-config --libs libcurl' is used, -lcurl is
passed to ld. The documentation of ld on Windows :
https://sourceware.org/binutils/docs/ld/WIN32.html
lists, in the 'direct linking to a dll' section, the pattern
of the searched import library, and libcurl_imp.lib is not there.
Closes https://github.com/curl/curl/pull/6225
|
