| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
| |
Reported-by: Jay Satiro
Reviewed-by: Jay Satiro
Reviewed-by: Emil Engler
Closes #6614
Bug: https://github.com/curl/curl/pull/6591#issuecomment-780396541
|
| |
|
|
|
|
|
|
|
|
|
| |
Prior to this change if the user specified a default protocol and a
separately allocated non-absolute URL was used then it was freed
prematurely, before it was then used to make the replacement URL.
Bug: https://github.com/curl/curl/issues/6604#issuecomment-780138219
Reported-by: arvids-kokins-bidstack@users.noreply.github.com
Closes https://github.com/curl/curl/pull/6613
|
| |
|
|
|
|
|
|
| |
The Curl_easy pointer struct entry in connectdata is now gone. Just
before commit 215db086e0 landed on January 8, 2021 there were 919
references to conn->data.
Closes #6608
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- New libcurl options CURLOPT_DOH_SSL_VERIFYHOST,
CURLOPT_DOH_SSL_VERIFYPEER and CURLOPT_DOH_SSL_VERIFYSTATUS do the
same as their respective counterparts.
- New curl tool options --doh-insecure and --doh-cert-status do the same
as their respective counterparts.
Prior to this change DOH SSL certificate verification settings for
verifyhost and verifypeer were supposed to be inherited respectively
from CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER, but due to a bug
were not. As a result DOH verification remained at the default, ie
enabled, and it was not possible to disable. This commit changes
behavior so that the DOH verification settings are independent and not
inherited.
Ref: https://github.com/curl/curl/pull/4579#issuecomment-554723676
Fixes https://github.com/curl/curl/issues/4578
Closes https://github.com/curl/curl/pull/6597
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
HTTP auth "accidentally" worked before this cleanup since the code would
always overwrite the connection credentials with the credentials from
the most recent transfer and since HTTP auth is typically done first
thing, this has not been an issue. It was still wrong and subject to
possible race conditions or future breakage if the sequence of functions
would change.
The data.set.str[] strings MUST remain unmodified exactly as set by the
user, and the credentials to use internally are instead set/updated in
state.aptr.*
Added test 675 to verify different credentials used in two requests done
over a reused HTTP connection, which previously behaved wrongly.
Fixes #6542
Closes #6545
|
| |
|
|
|
|
|
|
|
| |
Rename it to 'httpwant' and make a cloned field in the state struct as
well for run-time updates.
Also: refuse non-supported HTTP versions. Verified with test 129.
Closes #6585
|
| |
|
|
|
|
|
| |
This is a follow-up to 764c6bd. Prior to that change port variables
were usually type long.
Closes https://github.com/curl/curl/pull/6553
|
| |
|
|
|
|
| |
... and rely only on the value already set in Curl_easy.
Closes #6534
|
| |
|
|
|
|
|
| |
As the info is already stored in the transfer handle anyway, there's no
need to carry around a duplicate buffer for the life-time of the handle.
Closes #6534
|
| |
|
|
|
|
|
|
| |
... and use 'int' for ports. We don't use 'unsigned short' since -1 is
still often used internally to signify "unknown value" and 0 - 65535 are
all valid port numbers.
Closes #6534
|
| |
|
|
|
|
| |
... as the numerical IP address is already stored and kept in 'primary_ip'.
Closes #6534
|
| |
|
|
|
|
| |
... there are a few left but let's keep them to last
Closes #6512
|
| |
|
|
|
|
|
| |
This also moves the 'async' struct from the connectdata struct into the
Curl_easy struct, which seems like a better home for it.
Closes #6497
|
| |
|
|
|
|
|
|
| |
... instead of having it static within the Curl_easy struct. This takes
away 1176 bytes (18%) from the Curl_easy struct that aren't used very
often and instead makes the code allocate it when needed.
Closes #6492
|
| |
|
|
| |
Closes #6479
|
| |
|
|
| |
Closes #6474
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
... in most cases instead of 'struct connectdata *' but in some cases in
addition to.
- We mostly operate on transfers and not connections.
- We need the transfer handle to log, store data and more. Everything in
libcurl is driven by a transfer (the CURL * in the public API).
- This work clarifies and separates the transfers from the connections
better.
- We should avoid "conn->data". Since individual connections can be used
by many transfers when multiplexing, making sure that conn->data
points to the current and correct transfer at all times is difficult
and has been notoriously error-prone over the years. The goal is to
ultimately remove the conn->data pointer for this reason.
Closes #6425
|
| |
|
|
|
|
|
|
| |
This improves IDNA2003 compatiblity.
Reported-by: Bubu on github
Fixes #6423
Closes #6428
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
... and not in the connection setup, as for multiplexed transfers the
connection setup might be skipped and then the transfer would end up
without the set user-agent!
Reported-by: Flameborn on github
Assisted-by: Andrey Gursky
Assisted-by: Jay Satiro
Assisted-by: Mike Gelfand
Fixes #6312
Closes #6417
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When doing HTTP authentication and a port number set with CURLOPT_PORT,
the code would previously have the URL's port number override as if it
had been a redirect to an absolute URL.
Added test 1568 to verify.
Reported-by: UrsusArctos on github
Fixes #6397
Closes #6400
|
| |
|
|
|
|
|
|
| |
We currently use both spellings the british "behaviour" and the american
"behavior". However "behavior" is more used in the project so I think
it's worth dropping the british name.
Closes #6395
|
| |
|
|
|
|
|
|
|
|
| |
Turned several macros into do-while(0) style to allow their use to work
find with semicolon.
Bug: https://github.com/curl/curl/commit/08e8455dddc5e48e58a12ade3815c01ae3da3b64#commitcomment-45433279
Follow-up to 08e8455dddc5e4
Reported-by: Gisle Vanem
Closes #6376
|
| |
|
|
|
|
|
|
|
| |
... as failf adds one itself.
Also: add an assert() to failf() that triggers on a newline in the
format string!
Closes #6365
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit introduces a "gophers" handler inside the gopher protocol if
USE_SSL is defined. This protocol is no different than the usual gopher
prococol, with the added TLS encapsulation upon connecting. The protocol
has been adopted in the gopher community, and many people have enabled
TLS in their gopher daemons like geomyidae(8), and clients, like clic(1)
and hurl(1).
I have not implemented test units for this protocol because my knowledge
of Perl is sub-par. However, for someone more knowledgeable it might be
fairly trivial, because the same test that tests the plain gopher
protocol can be used for "gophers" just by adding a TLS listener.
Signed-off-by: parazyd <parazyd@dyne.org>
Closes #6208
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The command line tool also independently sets --ftp-skip-pasv-ip by
default.
Ten test cases updated to adapt the modified --libcurl output.
Bug: https://curl.se/docs/CVE-2020-8284.html
CVE-2020-8284
Reported-by: Varnavas Papaioannou
|
| |
|
|
|
|
|
| |
... to avoid the use of 'void *' for the protocol specific structs done
per transfer.
Closes #6238
|
| |
|
|
| |
Closes #6175
|
| |
|
|
| |
Closes #6172
|
| |
|
|
|
|
|
|
| |
- read/write callback options
- man pages for the 4 new setopts
- test 1915 verifies the callbacks
Closes #5896
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- enable in the build (configure)
- header parsing
- host name lookup
- unit tests for the above
- CI build
- CURL_VERSION_HSTS bit
- curl_version_info support
- curl -V output
- curl-config --features
- CURLOPT_HSTS_CTRL
- man page for CURLOPT_HSTS_CTRL
- curl --hsts (sets CURLOPT_HSTS_CTRL and works with --libcurl)
- man page for --hsts
- save cache to disk
- load cache from disk
- CURLOPT_HSTS
- man page for CURLOPT_HSTS
- added docs/HSTS.md
- fixed --version docs
- adjusted curl_easy_duphandle
Closes #5896
|
| |
|
|
|
|
|
|
| |
Remove CURLALTSVC_IMMEDIATELY, which was never implemented/supported.
alt-svc support in curl is no longer considered experimental
Closes #5868
|
| |
|
|
|
|
|
| |
Makes get_protocol_family() faster and it moves the knowledge about the
"families" to each protocol handler, where it belongs.
Closes #5986
|
| |
|
|
| |
Closes #5629
|
| |
|
|
|
|
|
| |
Fixes proxy regression brought in commit ad829b21ae (7.71.0)
Fixed #5911
Closes #5914
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The cache content is not duplicated, like other caches, but the setting
and specified file name are.
Test 1908 is extended to verify this somewhat. Since the duplicated
handle gets the same file name, the test unfortunately overwrites the
same file twice (with different contents) which makes it hard to check
automatically.
Closes #5923
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
... in case NO_PROXY takes an effect
Without this patch, the following command crashes:
$ GIT_CURL_VERBOSE=1 NO_PROXY=github.com HTTPS_PROXY=https://example.com \
git clone https://github.com/curl/curl.git
Minimal libcurl-based reproducer:
#include <curl/curl.h>
int main() {
CURL *curl = curl_easy_init();
if(curl) {
CURLcode ret;
curl_easy_setopt(curl, CURLOPT_URL, "https://github.com/");
curl_easy_setopt(curl, CURLOPT_PROXY, "example.com");
/* set the proxy type */
curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_HTTPS);
curl_easy_setopt(curl, CURLOPT_NOPROXY, "github.com");
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
ret = curl_easy_perform(curl);
curl_easy_cleanup(curl);
return ret;
}
return -1;
}
Assisted-by: Kamil Dudka
Bug: https://bugzilla.redhat.com/1873327
Closes #5902
|
| |
|
|
|
|
| |
As internal global names should use captical C.
Closes #5906
|
| |
|
|
|
|
| |
No longer considered experimental.
Closes #5858
|
| |
|
|
| |
Closes #5892
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Prevents incorrect reuse of an HTTP connection that has been prematurely
shutdown() by the server.
Partial revert of 755083d00deb16
Fixes #5884
Closes #5893
|
| |
|
|
|
|
|
|
|
|
|
|
| |
`USE_WINDOWS_SSPI` without `USE_WIN32_CRYPTO` but with any other DES
backend is fine, but was excluded before.
This also fixes test 1013 as the condition for SMB support in
configure.ac didn't match the condition in the source code. Now it
does.
Fixes https://github.com/curl/curl/issues/1262
Closes https://github.com/curl/curl/pull/5771
|
| |
|
|
|
|
|
|
|
| |
CVE-2020-8231
Bug: https://curl.haxx.se/docs/CVE-2020-8231.html
Reported-by: Marc Aldorasi
Closes #5824
|
| |
|
|
|
|
|
|
|
|
|
| |
Prior to this change if the user set a URL handle (CURLOPT_CURLU) it was
incorrectly used for the location follow, resulting in infinite requests
to the original location.
Reported-by: sspiri@users.noreply.github.com
Fixes https://github.com/curl/curl/issues/5709
Closes https://github.com/curl/curl/pull/5713
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since commit f3d501dc678, if proxy support is disabled, MSVC warns:
url.c : warning C4701: potentially uninitialized local variable
'hostaddr' used
url.c : error C4703: potentially uninitialized local pointer variable
'hostaddr' used
That could actually only happen if both `conn->bits.proxy` and
`CURL_DISABLE_PROXY` were enabled.
Initialize it to NULL to silence the warning.
Closes https://github.com/curl/curl/pull/5638
|
| |
|
|
|
|
| |
Reported-by: Gergely Nagy
Fixes #5617
Closes #5619
|
| |
|
|
|
|
| |
Reported-by: Jon Johnson Jr
Fixes #5582
Closes #5592
|
| |
|
|
|
|
| |
... or all "control codes" or nothing.
Assisted-by: Nicolas Sterchele
|
| |
|
|
|
|
|
|
|
| |
Follow-up to c4e6968127e876b0
When a new transfer is created, as a resuly of an acknowledged push,
that transfer needs a download buffer allocated.
Closes #5590
|
