summaryrefslogtreecommitdiff
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* fixup a typecast for Curl_select()bagder/gopher-timecheckDaniel Stenberg2020-04-231-1/+1
|
* select: make Curl_socket_check take timediff_t timeoutDaniel Stenberg2020-04-234-8/+8
| | | | | | | | Coverity found CID 1461718: Integer handling issues (CONSTANT_EXPRESSION_RESULT) "timeout_ms > 9223372036854775807L" is always false regardless of the values of its operands. This occurs as the logical second operand of "||".
* transfer: Switch PUT to GET/HEAD on 303 redirectJay Satiro2020-04-221-6/+13
| | | | | | | | | | | | | | Prior to this change if there was a 303 reply to a PUT request then the subsequent request to respond to that redirect would also be a PUT. It was determined that was most likely incorrect based on the language of the RFCs. Basically 303 means "see other" resource, which implies it is most likely not the same resource, therefore we should not try to PUT to that different resource. Refer to the discussions in #5237 and #5248 for more information. Fixes https://github.com/curl/curl/issues/5237 Closes https://github.com/curl/curl/pull/5248
* lib/mk-ca-bundle: skip empty certsDaniel Stenberg2020-04-221-1/+6
| | | | | | | Reviewed-by: Emil Engler Reported-by: Ashwin Metpalli Fixes #5278 Closes #5280
* version: skip idn2_check_version() check and add precautionDaniel Stenberg2020-04-221-9/+11
| | | | | | A gcc-10's -fanalyze complaint made me spot and do these improvements. Closes #5281
* GnuTLS: Don't skip really long certificate fieldsEmil Engler2020-04-211-12/+15
| | | | Closes #5271
* gnutls: bump lowest supported version to 3.1.10Daniel Stenberg2020-04-211-287/+50
| | | | | | | | | GnuTLS 3.1.10 added new functions we want to use. That version was released on Mar 22, 2013. Removing support for older versions also greatly simplifies the code. Ref: #5271 Closes #5276
* mqtt: make NOSTATE get within the debug name arrayDaniel Stenberg2020-04-202-2/+4
|
* mqtt: remove code with no purposeDaniel Stenberg2020-04-201-2/+0
| | | | | | | | | | Detected by Coverity. CID 1462319. "The same code is executed when the condition result is true or false, because the code in the if-then branch and after the if statement is identical." Closes #5275
* mqtt: fix Curl_read() error handling while reading remaining lengthDaniel Stenberg2020-04-201-0/+2
| | | | | | Detected by Coverity. CID 1462320. Closes #5274
* http: free memory when Alt-Used header creation fails due to OOMDaniel Stenberg2020-04-201-8/+5
| | | | | | Reported-by: James Fuller Fixes #5268 Closes #5269
* lib: fix typos in comments and errormessagesDaniel Gustafsson2020-04-203-5/+5
| | | | | This fixes a few randomly spotted typos in recently merged code, most notably one in a userfacing errormessage the schannel code.
* multi-ssl: reset the SSL backend on `Curl_global_cleanup()`Johannes Schindelin2020-04-201-0/+6
| | | | | | | | | | | | | | | | | | When cURL is compiled with support for multiple SSL backends, it is possible to configure an SSL backend via `curl_global_sslset()`, but only *before* `curl_global_init()` was called. If another SSL backend should be used after that, a user might be tempted to call `curl_global_cleanup()` to start over. However, we did not foresee that use case and forgot to reset the SSL backend in that cleanup. Let's allow that use case. Fixes #5255 Closes #5257 Reported-by: davidedec on github Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
* mqtt: improve the state machineDaniel Stenberg2020-04-202-65/+139
| | | | | | | | | | To handle PUBLISH before SUBACK and more. Updated the existing tests and added three new ones. Reported-by: Christoph Krey Bug: https://curl.haxx.se/mail/lib-2020-04/0021.html Closes #5246
* mime: properly check Content-Type even if it has parametersPatrick Monnerat2020-04-191-2/+19
| | | | | | | | New test 669 checks this fix is effective. Fixes #5256 Closes #5258 Reported-by: thanhchungbtc on github
* libssh: Use new ECDSA key types to check known hostsAnderson Toshiyuki Sasaki2020-04-171-0/+8
| | | | | | | | | From libssh 0.9.0, ssh_key_type() returns different key types for ECDSA keys depending on the curve. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Fixes #5252 Closes #5253
* copyright: bump the copyright year rangeDaniel Stenberg2020-04-151-1/+1
|
* mqtt: add new experimental protocolBjorn Stenberg2020-04-147-53/+672
| | | | Closes #5173
* cmake: add aliases so exported target names are available in treeNathaniel R. Lewis2020-04-131-1/+6
| | | | | Reviewed-by: Brad King Closes #5206
* version: increase buffer space for ssl version outputDaniel Stenberg2020-04-131-2/+2
| | | | | | | | | To avoid it getting truncated, especially when several SSL backends are built-in. Reported-by: Gisle Vanem Fixes #5222 Closes #5226
* schannel: Fix blocking timeout logicAndrew Kurushin2020-04-121-6/+6
| | | | | | | | | | | | | | | - Fix schannel_send for the case when no timeout was set. Prior to this change schannel would error if the socket was not ready to send data and no timeout was set. This commit is similar to parent commit 89dc6e0 which recently made the same change for SOCKS, for the same reason. Basically it was not well understood that when Curl_timeleft returns 0 it is not a timeout of 0 ms but actually means no timeout. Fixes https://github.com/curl/curl/issues/5177 Closes https://github.com/curl/curl/pull/5221
* socks: Fix blocking timeout logicJay Satiro2020-04-122-6/+7
| | | | | | | | | | | | | | | | - Document in Curl_timeleft's comment block that returning 0 signals no timeout (ie there's infinite time left). - Fix SOCKS' Curl_blockread_all for the case when no timeout was set. Prior to this change if the timeout had a value of 0 and that was passed to SOCKET_READABLE it would return right away instead of blocking. That was likely because it was not well understood that when Curl_timeleft returns 0 it is not a timeout of 0 ms but actually means no timeout. Ref: https://github.com/curl/curl/pull/5214#issuecomment-612512360 Closes https://github.com/curl/curl/pull/5220
* gopher: check remaining time left during write busy loopMarc Hoersken2020-04-121-4/+17
| | | | | | | | | | | Prior to this change gopher's blocking code would block forever, ignoring any set timeout value. Assisted-by: Jay Satiro Reviewed-by: Daniel Stenberg Similar to #5220 and #5221 Closes #5214
* gnutls: ensure TLS 1.3 when SRP isn't requestedDirkjan Bussink2020-04-131-36/+45
| | | | | | | | | | | | | When SRP is requested in the priority string, GnuTLS will disable support for TLS 1.3. Before this change, curl would always add +SRP to the priority list, effectively always disabling TLS 1.3 support. With this change, +SRP is only added to the priority list when SRP authentication is also requested. This also allows updating the error handling here to not have to retry without SRP. This is because SRP is only added when requested and in that case a retry is not needed. Closes #5223
* Revert "file: on Windows, refuse paths that start with \\"Daniel Stenberg2020-04-111-4/+2
| | | | | | | | | This reverts commit 1b71bc532bde8621fd3260843f8197182a467ff2. Reminded-by: Chris Roberts Bug: https://curl.haxx.se/mail/archive-2020-04/0013.html Closes #5215
* lib: fix conversion warnings for SOCKET_WRITABLE/READABLEJay Satiro2020-04-112-3/+6
| | | | | | | | | | - If loss of data may occur converting a timediff_t to time_t and the time value is > TIME_T_MAX then treat it as TIME_T_MAX. This is a follow-up to 8843678 which removed the (time_t) typecast from the macros so that conversion warnings could be identified. Closes https://github.com/curl/curl/pull/5199
* url: allow non-HTTPS altsvc-matching for debug buildsDaniel Stenberg2020-04-091-1/+8
| | | | | | | This is already partly supported but this part was missing. Reported-by: James Fuller Closes #5205
* schannel: support .P12 or .PFX client certificatesGilles Vollant2020-04-081-34/+124
| | | | | | | Used with curl command line option like this: --cert <filename>:<password> --cert-type p12 Closes #5193
* http: don't consider upload done if the request isn't completely sent offDaniel Stenberg2020-04-082-3/+8
| | | | | Fixes #4919 Closes #5197
* http: allow Curl_add_buffer_send() to do a short first send by forceDaniel Stenberg2020-04-081-1/+14
| | | | | | | In a debug build, settting the environment variable "CURL_SMALLREQSEND" will make the first HTTP request send not send more bytes than the set amount, thus ending up verifying that the logic for handling a split HTTP request send works correctly.
* connect: store connection info for QUIC connectionsDaniel Stenberg2020-04-081-41/+40
| | | | | | | | | Restores the --head functionality to the curl utility which extracts 'protocol' that is stored that way. Reported-by: James Fuller Fixes #5196 Closes #5198
* select: remove typecast from SOCKET_WRITABLE/READABLE macrosDaniel Stenberg2020-04-071-2/+2
| | | | | | | So that they don't hide conversions-by-mistake Reviewed-by: Jay Satiro Closes #5190
* cleanup: correct copyright year range on a few filesDaniel Stenberg2020-04-062-2/+2
|
* warnless: remove code block for icc that didn't workDaniel Stenberg2020-04-061-13/+0
| | | | | Reported-by: Alain Miniussi Fixes #5096
* dist: add missing setup-win32.hMarc Hoersken2020-04-061-1/+2
| | | | Follow up to d820224b8b
* lib: never define CURL_CA_BUNDLE with a getenvDaniel Stenberg2020-04-052-4/+0
| | | | | | | | | | | - it breaks the build (since 6de756c9b1de34b7a1) - it's not documented and not consistent across platforms - the curl tool does that getenv magic Bug: https://github.com/curl/curl/commit/6de756c#r38127030 Reported-by: Gisle Vanem Closes #5187
* CURLINFO_CONDITION_UNMET: return true for 304 http status codeKwon-Young Choi2020-04-051-2/+5
| | | | | | | | | | | In libcurl, CURLINFO_CONDITION_UNMET is used to avoid writing to the output file if the server did not transfered a file based on time condition. In the same manner, getting a 304 HTTP response back from the server, for example after passing a custom If-Match-* header, also fulfill this condition. Fixes #5181 Closes #5183
* windows: enable UnixSockets with all build toolchainsViktor Szakats2020-04-042-10/+9
| | | | | | | | | | | Extend existing unix socket support in Windows builds to be enabled for all toolchain vendors or versions. (Previously it was only supported with certain MSVC versions + more recent Windows 10 SDKs) Ref: https://devblogs.microsoft.com/commandline/af_unix-comes-to-windows/ Ref: https://github.com/curl/curl/issues/5162 Closes: https://github.com/curl/curl/pull/5170
* vquic/ngtcp2.h: update copyright year rangeDaniel Stenberg2020-03-311-1/+1
| | | | Follow-up to 0736ee73d346a52
* vquic: add support for GnuTLS backend of ngtcp2Daiki Ueno2020-03-312-26/+315
| | | | | | | | Currently, the TLS backend used by vquic/ngtcp2.c is selected at compile time. Therefore OpenSSL support needs to be explicitly disabled. Signed-off-by: Daiki Ueno <dueno@redhat.com> Closes #5148
* misc: copyright year updatesDaniel Stenberg2020-03-311-1/+1
| | | | Follow-up to 7a71965e9
* build: fixed build for systems with select() in unistd.hHarry Sintonen2020-03-313-0/+6
| | | | Closes #5169
* memdebug: don't log free(NULL)Daniel Stenberg2020-03-311-2/+2
| | | | ... it serves no purpose and fills up the log.
* cleanup: insert newline after if() conditionsDaniel Stenberg2020-03-303-8/+10
| | | | | Our code style mandates we put the conditional block on a separate line. These mistakes are now detected by the updated checksrc.
* checksrc: warn on obvious conditional blocks on the same line as if()Daniel Stenberg2020-03-301-2/+24
| | | | Closes #5164
* ngtcp2: update to git master for the key installation API changeDaiki Ueno2020-03-301-5/+9
| | | | | | | | | | | | | | This updates the ngtcp2 OpenSSL backend to follow the API change in commit 32e703164 of ngtcp2. Notable changes are: - ngtcp2_crypto_derive_and_install_{rx,tx}_key have been added to replace ngtcp2_crypto_derive_and_install_key - the 'side' argument of ngtcp2_crypto_derive_and_install_initial_key has been removed Fixes #5166 Closes #5168
* curl.h: remnove CURL_VERSION_ESNI. Never supported nor documentedDaniel Stenberg2020-03-291-3/+0
| | | | | | Considered experimental and therefore we can do this. Closes #5157
* version: add 'cainfo' and 'capath' to version info structDaniel Stenberg2020-03-271-1/+11
| | | | | | | | Suggested-by: Timothe Litt URL: https://curl.haxx.se/mail/lib-2020-03/0090.html Reviewed-by: Jay Satiro Closes #5150
* openssl: adapt to functions marked as deprecated since version 3Daniel Stenberg2020-03-262-0/+33
| | | | | | | | | | | | | | OpenSSL 3 deprecates SSL_CTX_load_verify_locations and the MD4, DES functions we use. Fix the MD4 and SSL_CTX_load_verify_locations warnings. In configure, detect OpenSSL v3 and if so, inhibit the deprecation warnings. OpenSSL v3 deprecates the DES functions we use for NTLM and until we rewrite the code to use non-deprecated functions we better ignore these warnings as they don't help us. Closes #5139
* config: remove all defines of HAVE_DES_HDaniel Stenberg2020-03-246-21/+2
| | | | | | As there's no code using it. Closes #5144
View Lorry Controller Status