| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
this should fix an issue where curl sometimes doesn't send out a request
with authorization info after a 401 is received over http2
Closes #6747
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Align conditions for NTLM features between CMake and configure
builds by differentiating between USE_NTLM and USE_CURL_NTLM_CORE,
just like curl_setup.h does internally to detect support of:
- USE_NTLM: required for NTLM crypto authentication feature
- USE_CURL_NTLM_CORE: required for SMB protocol
Implement USE_WIN32_CRYPTO detection by checking for Crypt functions
in wincrypt.h which are not available in the Windows App environment.
Link advapi32 and crypt32 for Crypto API and Schannel SSL backend.
Fix condition of Schannel SSL backend in CMake build accordingly.
Reviewed-by: Marcel Raad
Closes #6277
|
|
|
|
|
|
|
|
|
|
| |
Move the detection of the restricted Windows App environment
in curl_setup.h before the definition of USE_WIN32_CRYPTO
via included config-win32.h in case no build system is used.
Reviewed-by: Marcel Raad
Part of #6277
|
|
|
|
|
|
|
|
|
| |
MAX_HSTS_SUBLEN and MAX_HSTS_SUBLENSTR were unused from the initial commit,
and mostly likely leftovers from early development. Remove as they're not
used for anything.
Closes #6741
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
|
|
|
|
|
|
|
| |
If after a transfer is complete Curl_GetFTPResponse() returns an error,
curl would not free the ftp->pathalloc block.
Found by torture-testing test 576
Closes #6737
|
|
|
|
| |
Closes #6736
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This requires the latest main branch of crustls, which provides
rustls_client_config_builder_dangerous_set_certificate_verifier and
rustls_client_config_builder_set_enable_sni.
This refactors the session setup into its own function, and adds a new
function cr_hostname_is_ip. Because crustls doesn't support verification
of IP addresses, special handling is needed: We disable SNI and set a
placeholder hostname (which never actually gets sent on the wire).
Closes #6719
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Curl_cookie_init can be called with data being NULL, and this can in turn
be passed to Curl_cookie_add, meaning that both functions must be careful
to only use data where it's checked for being a NULL pointer. The libpsl
support code does however dereference data without checking, so if we are
indeed having an unset data pointer we cannot PSL check the cookiedomain.
This is currently not a reachable dereference, as the only caller with a
NULL data isn't passing a file to initialize cookies from, but since the
API has this contract let's ensure we hold it.
Closes #6731
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
|
|
| |
Closes #6727
|
|
|
|
| |
Closes #6727
|
|
|
|
|
|
| |
Not supported.
Closes #6727
|
|
|
|
|
|
|
|
|
| |
Added test 362 to verify.
Reported-by: Jordan Brown
Regression since 7ea2e1d0c5a7f (7.73.0)
Fixes #6715
Closes #6725
|
|
|
|
|
|
|
| |
Make the code consistently use a single name for the size of the
"curl_off_t" type.
Closes #6702
|
|
|
|
|
|
| |
ngtcp2/ngtcp2@b8d90a9 changed the function prototype.
Closes https://github.com/curl/curl/pull/6716
|
|
|
|
|
|
|
| |
when removing a handle, most of the lists are updated but pending list
is not updated. Updating now.
Closes #6713
|
|
|
|
| |
Closes #6703
|
|
|
|
|
|
| |
Reported-by: ウさん
Fixes #6664
Closes #6701
|
|
|
|
|
|
|
|
| |
Raised from 128KB to allow longer request headers.
Reported-by: Carl Zogheib
Fixes #6681
Closes #6685
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Change use of those options from CURLOPT_SSL_OPTIONS that are not
already evaluated via SSL_SET_OPTION in schannel and secure transport
to use that instead of data->set.ssl.optname.
Example:
Evaluate SSL_SET_OPTION(no_revoke) instead of data->set.ssl.no_revoke.
This change is because options set via CURLOPT_SSL_OPTIONS
(data->set.ssl.optname) are separate from those set for HTTPS proxy via
CURLOPT_PROXY_SSL_OPTIONS (data->set.proxy_ssl.optname). The
SSL_SET_OPTION macro determines whether the connection is for HTTPS
proxy and based on that which option to evaluate.
Since neither Schannel nor Secure Transport backends currently support
HTTPS proxy in libcurl, this change is for posterity and has no other
effect.
Closes https://github.com/curl/curl/pull/6690
|
|
|
|
|
|
|
|
| |
`n` pointer is never NULL once set. Found by static analysis.
Ref: https://github.com/curl/curl/issues/6696
Closes https://github.com/curl/curl/pull/6697
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prior to this change if the user set their easy handle's error stream
to something other than stderr it was not inherited by the doh handles,
which meant that they would still write to the default standard error
stream (stderr) for verbose output.
Bug: https://github.com/curl/curl/issues/6605
Reported-by: arvids-kokins-bidstack@users.noreply.github.com
Closes https://github.com/curl/curl/pull/6661
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
unescaped is coming from Curl_urldecode and not a unicode conversion
function, so reclaiming its memory should be performed with a normal
call to free rather than curlx_unicodefree. In reality, this is the
same thing as curlx_unicodefree is implemented as a call to free but
that's not guaranteed to always hold. Using the curlx macro present
issues with memory debugging as well.
Closes #6671
Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
|
|
| |
Correct a small typo which snuck in with a304051620.
|
|
|
|
|
|
|
|
|
|
|
|
| |
openssl: use SSL_get_version to get connection protocol
Replace our bespoke get_ssl_version_txt in favor of SSL_get_version.
We can get rid of few lines of code, since SSL_get_version achieve
the exact same thing
Closes #6665
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Signed-off-by: Jean-Philippe Menil <jpmenil@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit e06fa7462ac258c removed support for libgcrypt leaving only
support for nettle which has been the default crypto library in
GnuTLS for a long time. There were however a few conditionals on
USE_GNUTLS_NETTLE which cause compilation errors in the metalink
code (as it used the gcrypt fallback instead as a result). See the
below autobuild for an example of the error:
https://curl.se/dev/log.cgi?id=20210225123226-30704#prob1
This removes all uses of USE_GNUTLS_NETTLE and also removes the
gcrypt support from the metalink code while at it.
Closes #6656
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
|
|
|
|
| |
libcurl doesn't behave properly with the define set
Closes #6655
|
|
|
|
|
|
|
|
| |
Align header with project style of using named parameters in the
function prototypes to aid readability and self-documentation.
Closes #6653
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
|
|
|
|
|
| |
... as it only needs a few bits per index anyway.
Reviewed-by: Daniel Gustafsson
Closes #6648
|
|
|
|
|
| |
Reviewed-by: Sergei Nikulov
Closes #6440
|
|
|
|
|
|
|
|
| |
This makes the 'Features:' list sorted case-insensitively,
bringing output in-line with *nix builds.
Reviewed-by: Jay Satiro
Closes #6644
|
|
|
|
|
|
|
|
|
|
| |
- `HAVE_STRNCASECMP`
- `HAVE_TCGETATTR`
- `HAVE_TCSETATTR`
Reviewed-by: Jay Satiro
Reviewed-by: Daniel Stenberg
Closes #6645
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
... since the state machine might go to RATELIMITING and then back to
PERFORMING doing once-per-transfer inits in that function is wrong and
it caused problems with receiving chunked HTTP and it set the
PRETRANSFER time much too often...
Regression from b68dc34af341805aeb7b3715 (shipped in 7.75.0)
Reported-by: Amaury Denoyelle
Fixes #6640
Closes #6641
|
|
|
|
|
|
|
|
|
|
|
| |
(Unless 32-bit `time_t` is selected manually via the `_USE_32BIT_TIME_T`
mingw macro.)
Previously, 64-bit `time_t` was enabled on VS2005 and newer only, and
32-bit `time_t` was used on all other Windows builds.
Assisted-by: Jay Satiro
Closes #6636
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Use atexit to register a dbg cleanup function that closes the logfile.
LeakSantizier (LSAN) calls _exit() instead of exit() when a leak is
detected on exit so the logfile must be closed explicitly or data could
be lost. Though _exit() does not call atexit handlers such as this,
LSAN's call to _exit() comes after the atexit handlers are called.
Prior to this change the logfile was not explicitly closed so it was
possible that if LSAN detected a leak and called _exit (which does
not flush or close files like exit) then the logfile could be missing
data. That could then cause curl's memanalyze to report false leaks
(eg a malloc was recorded to the logfile but the corresponding free was
discarded from the buffer instead of written to the logfile, then
memanalyze reports that as a leak).
Ref: https://github.com/google/sanitizers/issues/1374
Bug: https://github.com/curl/curl/pull/6591#issuecomment-780396541
Closes https://github.com/curl/curl/pull/6620
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Change the Windows char <-> UTF-8 conversion functions to return an
allocated copy of the passed in string instead of the original.
Prior to this change the curlx_convert_ functions would, as what I
assume was an optimization, not make a copy of the passed in string if
no conversion was required. No conversion is required in non-UNICODE
Windows builds since our tchar strings are type char and remain in
whatever the passed in encoding is, which is assumed to be UTF-8 but may
be other encoding.
In contrast the UNICODE Windows builds require conversion
(wchar <-> char) and do return a copy. That inconsistency could lead to
programming errors where the developer expects a copy, and does not
realize that won't happen in all cases.
Closes https://github.com/curl/curl/pull/6602
|
|
|
|
|
|
|
|
|
| |
- add CURLINFO_REFERER libcurl option
- add --write-out '%{referer}' command-line option
- extend --xattr command-line option to fill user.xdg.referrer.url extended
attribute with the referrer (if there was any)
Closes #6591
|
|
|
|
|
|
| |
It doesn't provide any useful info but only makes the names longer.
Closes #6624
|
|
|
|
|
|
|
| |
Reported-by: Viktor Szakats
Bug: https://github.com/curl/curl/pull/6627#issuecomment-781626205
Closes #6628
|
|
|
|
|
|
|
| |
nettle has been the default crypto library with GnuTLS since 2010. By
dropping support for the previous libcrypto, we simplify code.
Closes #6625
|
|
|
|
|
|
|
|
|
|
|
| |
... with the help of Curl_resolver_error() which now is moved from
asyn-thead.c and is provided globally for this purpose.
Follow-up to 35ca04ce1b77636
Makes test 1188 work for c-ares builds
Closes #6626
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This caused a memory leak as the session id cache entry was still
erroneously stored with a NULL sessionid and that would later be treated
as not needed to get freed.
Reported-by: Gisle Vanem
Fixes #6616
Closes #6617
|
|
|
|
|
|
|
|
|
| |
Reported-by: Jay Satiro
Reviewed-by: Jay Satiro
Reviewed-by: Emil Engler
Closes #6614
Bug: https://github.com/curl/curl/pull/6591#issuecomment-780396541
|
|
|
|
|
|
|
|
|
|
|
| |
Prior to this change if the user specified a default protocol and a
separately allocated non-absolute URL was used then it was freed
prematurely, before it was then used to make the replacement URL.
Bug: https://github.com/curl/curl/issues/6604#issuecomment-780138219
Reported-by: arvids-kokins-bidstack@users.noreply.github.com
Closes https://github.com/curl/curl/pull/6613
|
|
|
|
|
|
|
|
|
|
| |
While working on documenting the states it dawned on me that step one is
to use more descriptive names on the states. This also changes prefix on
the states to make them shorter in the source.
State names NOT ending with *ing are transitional ones.
Closes #6612
|
|
|
|
|
|
|
|
| |
The Curl_easy pointer struct entry in connectdata is now gone. Just
before commit 215db086e0 landed on January 8, 2021 there were 919
references to conn->data.
Closes #6608
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Share the shared object from the user's easy handle with the DOH
handles.
Prior to this change if the user had set a shared object with shared
cached DNS (CURL_LOCK_DATA_DNS) for their easy handle then that wasn't
used by any associated DOH handles, since they used the multi's default
hostcache.
This change means all the handles now use the same hostcache, which is
either the shared hostcache from the user created shared object if it
exists or if not then the multi's default hostcache.
Reported-by: Manuj Bhatia
Fixes https://github.com/curl/curl/issues/6589
Closes https://github.com/curl/curl/pull/6607
|
|
|
|
|
|
|
|
|
|
|
|
| |
... but instead use a private alternative that points to the "driving
transfer" from the connection. We set the "user data" associated with
the connection to be the connectdata struct, but when we drive transfers
the code still needs to know the pointer to the transfer. We can change
the user data to become the Curl_easy handle, but with older nghttp2
version we cannot dynamically update that pointer properly when
different transfers are used over the same connection.
Closes #6520
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We still make the trace callback function get the connectdata struct
passed to it, since the callback is anchored on the connection.
Repeatedly updating the callback pointer to set 'data' with
SSL_CTX_set_msg_callback_arg() doesn't seem to work, probably because
there might already be messages in the queue with the old pointer.
This code therefore makes sure to set the "logger" handle before using
OpenSSL calls so that the right easy handle gets used for tracing.
Closes #6522
|