summaryrefslogtreecommitdiff
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* c-hyper: handle HTTP/1.1 => HTTP/1.0 downgrade on reused connectionDaniel Stenberg2021-08-233-6/+11
| | | | | | Enable test 1074 Closes #7617
* c-hyper: deal with Expect: 100-continue combined with POSTFIELDSDaniel Stenberg2021-08-231-3/+11
| | | | | | Enable test 1130 and 1131 Closes #7616
* scripts: invoke interpreters through /usr/bin/enva13460542021-08-231-1/+1
| | | | Closes #7602
* setopt: enable CURLOPT_IGNORE_CONTENT_LENGTH for hyperDaniel Stenberg2021-08-231-4/+0
| | | | | | | | | | | Since this option is also used for FTP, it needs to work to set for applications even if hyper doesn't support it for HTTP. Verified by test 1137. Updated docs to specify that the option doesn't work for HTTP when using the hyper backend. Closes #7614
* urlapi.c:seturl: assert URL instead of using if-checkDaniel Stenberg2021-08-231-2/+1
| | | | | | | There's no code flow possible where this can happen. The assert makes sure it also won't be introduced undetected in the future. Closes #7610
* asyn-ares: call ares_freeaddrinfo() to clean up addrinfo resultsDaniel Stenberg2021-08-211-0/+1
| | | | | | | | As this leaks memory otherwise Follow-up to ba904db0705c931 Closes #7599
* wolfssl: clean up wolfcrypt error queueEhren Bendler2021-08-211-2/+13
| | | | | | | | | If wolfSSL is built in certain ways (OPENSSL_EXTRA or Debug), the error queue gets added on to for each session and never freed. Fix it by calling ERR_clear_error() like in vtls/openssl when needed. This func is a no-op in wolfcrypt if the error queue is not enabled. Closes #7594
* curl_setup.h: sync values for HTTP_ONLYDon2021-08-211-17/+23
| | | | | | | | The values for HTTP_ONLY differed between CMakeLists.txt and curl_setup.h. Sync them and sort the values in curl_setup.h to make it easier to spot differences. Closes #7601
* schannel: Work around typo in classic mingw macroJay Satiro2021-08-211-7/+7
| | | | | | | | | | | | | | - Define ALG_CLASS_DHASH (the typo from the include) to ALG_CLASS_HASH. Prior to this change there was an incomplete fix to ignore the CALG_TLS1PRF macro on those versions of MinGW where it uses the ALG_CLASS_DHASH typoed macro. Ref: 48cf45c Ref: https://osdn.net/projects/mingw/ticket/38391 Ref: https://github.com/curl/curl/issues/2924 Closes https://github.com/curl/curl/pull/7580
* http_proxy: fix user-agent and custom headers for CONNECT with hyperDaniel Stenberg2021-08-201-3/+5
| | | | | | Enable test 287 Closes #7598
* c-hyper: initial support for "dumping" 1xx HTTP responsesDaniel Stenberg2021-08-201-0/+47
| | | | | | | | With the use hyper_request_on_informational() Enable test 155 and 158 Closes #7597
* openssl: when creating a new context, there cannot be an old oneDaniel Stenberg2021-08-181-2/+1
| | | | | | | | Remove the previous handling that would call SSL_CTX_free(), and instead add an assert that halts a debug build if there ever is a context already set at this point. Closes #7585
* sectransp: support CURLINFO_CERTINFOSergey Markelov2021-08-173-48/+85
| | | | | Fixes #4130 Closes #7372
* ngtcp2: remove the acked_crypto_offset struct field initDaniel Stenberg2021-08-161-1/+0
| | | | | | ... as it is gone from the API upstream. Closes #7578
* misc: update incorrect copyright year rangesDaniel Stenberg2021-08-163-3/+3
| | | | Closes #7577
* http2: revert call the handle-closed function correctly on closed streamArtur Sinila2021-08-161-4/+0
| | | | | | | | Reverts 252790c5335a221 Assisted-by: Gergely Nagy Fixes #7400 Closes #7525
* auth: do not append zero-terminator to authorisation id in kerberosPatrick Monnerat2021-08-162-14/+8
| | | | | | | | | RFC4752 Section 3.1 states "The authorization identity is not terminated with a zero-valued (%x00) octet". Although a comment in code said it may be needed anyway, nothing confirms it. In addition, servers may consider it as part of the identity, causing a failure. Closes #7008
* auth: use sasl authzid option in kerberosPatrick Monnerat2021-08-164-70/+38
| | | | | ... instead of deriving it from active ticket. Closes #7008
* auth: we do not support a security layer after kerberos authenticationPatrick Monnerat2021-08-162-0/+2
| | | | Closes #7008
* auth: properly handle byte order in kerberos security messagePatrick Monnerat2021-08-162-25/+30
| | | | Closes #7008
* x509asn1: fix heap over-read when parsing x509 certificatesz2_2021-08-161-9/+10
| | | | | Assisted-by: Patrick Monnerat Closes #7536
* build: fix compiler warningsMAntoniak2021-08-143-8/+10
| | | | | | | | | | | | | | | | For when CURL_DISABLE_VERBOSE_STRINGS and DEBUGBUILD flags are both active. - socks.c : warning C4100: 'lineno': unreferenced formal parameter (co-authored by Daniel Stenberg) - mbedtls.c: warning C4189: 'port': local variable is initialized but not referenced - schannel.c: warning C4189: 'hostname': local variable is initialized but not referenced Cloes #7528
* c-hyper: initial step for 100-continue supportDaniel Stenberg2021-08-132-3/+57
| | | | | | Enabled test 154 Closes #7568
* vtls: fix typo in schannel_verify.cIkko Ashimine2021-08-131-1/+1
| | | | | | occurence -> occurrence Closes #7566
* c-hyper: fix header value passed to debug callbackDaniel Stenberg2021-08-131-1/+1
| | | | Closes #7567
* cleanup: URL updatesViktor Szakats2021-08-122-2/+3
| | | | | | | | | | - replace broken URL with the one it was most probably pointing to when added (lib/tftp.c) - replace broken URL with archive.org link (lib/curl_ntlm_wb.c) - delete unnecessary protocol designator from archive.org URL (docs/BINDINGS.md) Closes #7562
* asyn-ares.c: move all version number checks to the topDaniel Stenberg2021-08-111-10/+29
| | | | ... and use #ifdef [feature] in the code as per our guidelines.
* ares: use ares_getaddrinfo()Daniel Stenberg2021-08-111-2/+115
| | | | | | | | | | | | | ares_getaddrinfo() is the getaddrinfo() cloned provided by c-ares, introduced in version 1.16.0. With older c-ares versions, curl invokes ares_gethostbyname() twice - once for IPv4 and once for IPv6 to resolve both addresses, and then combines the returned results. Reported-by: jjandesmet Fixes #7364 Closes #7552
* ngtcp2: utilize crypto API functions to simplifyTatsuhiro Tsujikawa2021-08-101-57/+11
| | | | Closes #7551
* ngtcp2: reset the oustanding send buffer again when drainedmegatronking2021-08-101-0/+6
| | | | Closes #7538
* progress: fix a compile warning on some systemsMichael Kaufmann2021-08-101-1/+1
| | | | | | | lib/progress.c:380:40: warning: conversion to 'long double' from 'curl_off_t {aka long long int}' may alter its value [-Wconversion] Closes #7549
* http: consider cookies over localhost to be secureDaniel Stenberg2021-08-101-17/+22
| | | | | | | | | Updated test31. Added test 392 to verify secure cookies used for http://localhost Reviewed-by: Daniel Gustafsson Fixes #6733 Closes #7263
* hostip: Make Curl_ipv6works function independent of getaddrinfoJay Satiro2021-08-103-32/+36
| | | | | | | | | | | | | | | | | | | | | - Do not assume IPv6 is not working when getaddrinfo is not present. The check to see if IPv6 actually works is now independent of whether there is any resolver that can potentially resolve a hostname to IPv6. Prior to this change if getaddrinfo() was not found at compile time then Curl_ipv6works() would be defined as a macro that returns FALSE. When getaddrinfo is not found then libcurl is built with CURLRES_IPV4 defined instead of CURLRES_IPV6, meaning that it cannot do IPv6 lookups in the traditional way. With this commit if libcurl is built with IPv6 support (ENABLE_IPV6) but without getaddrinfo (CURLRES_IPV6), and the IPv6 stack is actually working, then it is possible for libcurl to resolve IPv6 addresses by using DoH. Ref: https://github.com/curl/curl/issues/7483#issuecomment-890765378 Closes https://github.com/curl/curl/pull/7529
* ngtcp2: replace deprecated functions with nghttp3_conn_shutdown_stream_readTatsuhiro Tsujikawa2021-08-091-2/+2
| | | | Closes #7546
* ngtcp2: rework the return value handling of ngtcp2_conn_writev_streamTatsuhiro Tsujikawa2021-08-091-6/+14
| | | | | | | Rework the return value handling of ngtcp2_conn_writev_stream and treat NGTCP2_ERR_STREAM_SHUT_WR separately. Closes #7546
* easy: use a custom implementation of wcsdup on WindowsJeff Mears2021-08-093-1/+30
| | | | | | | ... so that malloc/free overrides from curl_global_init are used for wcsdup correctly. Closes #7540
* mbedTLS: initial 3.0.0 supportBenau2021-08-094-13/+77
| | | | Closes #7428
* mbedtls_threadlock: fix unused variable warningmodbw2021-08-081-18/+7
| | | | Closes #7393
* ngtcp2: compile with the latest ngtcp2 and nghttp3Tatsuhiro Tsujikawa2021-08-081-6/+22
| | | | Closes #7541
* connect: remove superfluous conditionalDaniel Gustafsson2021-07-301-6/+4
| | | | | | | | | | Commit dbd16c3e2 cleaned up the logic for traversing the addrinfos, but the move left a conditional on ai which no longer is needed as the while loop reevaluation will cover it. Closes #7511 Reviewed-by: Carlo Marcelo Arenas Belón Reviewed-by: Daniel Stenberg <daniel@haxx.se>
* bearssl: support CURLOPT_CAINFO_BLOBAleksandr Krotov2021-07-281-16/+66
| | | | Closes #7468
* c-hyper: remove the hyper_executor_poll() loop from Curl_httpDaniel Stenberg2021-07-271-25/+4
| | | | | | | | | 1. it's superfluous 2. it didn't work identically to the Curl_hyper_stream one which could cause problems like #7486 Pointed-out-by: David Cook Closes #7499
* http_proxy: clear 'sending' when the outgoing request is sentDaniel Stenberg2021-07-251-0/+1
| | | | | | | | | | | | | ... so that Curl_connect_getsock() will know how to wait for the socket to become readable and not writable after the entire CONNECT request has been issued. Regression added in 7.77.0 Reported-by: zloi-user on github Assisted-by: Jay Satiro Fixes #7155 Closes #7484
* openssl: fix grammarJosh Soref2021-07-251-36/+36
| | | | Closes https://github.com/curl/curl/pull/7480
* Get rid of the unused HAVE_SIG_ATOMIC_T et. al.Dan Fandrich2021-07-2312-60/+0
| | | | It was added in 2006 but I see no evidence it was ever used.
* vtls: fix connection reuse checks for issuer cert and case sensitivityDaniel Stenberg2021-07-206-27/+45
| | | | | | | CVE-2021-22924 Reported-by: Harry Sintonen Bug: https://curl.se/docs/CVE-2021-22924.html
* sectransp: check for client certs by name first, then fileDaniel Stenberg2021-07-201-14/+19
| | | | | | | | | CVE-2021-22926 Bug: https://curl.se/docs/CVE-2021-22926.html Assisted-by: Daniel Gustafsson Reported-by: Harry Sintonen
* telnet: fix option parser to not send uninitialized contentsDaniel Stenberg2021-07-201-6/+11
| | | | | | | CVS-2021-22925 Reported-by: Red Hat Product Security Bug: https://curl.se/docs/CVE-2021-22925.html
* connect: fix wrong format specifier in connect error stringJay Satiro2021-07-201-1/+2
| | | | | | | | | | | | | | | | | | | 0842175 (not in any release) used the wrong format specifier (long int) for timediff_t. On an OS such as Windows libcurl's timediff_t (usually 64-bit) is bigger than long int (32-bit). In 32-bit Windows builds the upper 32-bits of the timediff_t were erroneously then used by the next format specifier. Usually since the timeout isn't larger than 32-bits this would result in null as a pointer to the string with the reason for the connection failing. On other OSes or maybe other compilers it could probably result in garbage values (ie crash on deref). Before: Failed to connect to localhost port 12345 after 1201 ms: (nil) After: Failed to connect to localhost port 12345 after 1203 ms: Connection refused Closes https://github.com/curl/curl/pull/7449
* misc: copyright year range updatesDaniel Stenberg2021-07-191-1/+1
|
View Lorry Controller Status