| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
USE_TLS_SRP will be true if *any* selected TLS backend can use SRP
HAVE_OPENSSL_SRP is defined when OpenSSL can use it
HAVE_GNUTLS_SRP is defined when GnuTLS can use it
Clarify in the curl_verison_info docs that CURL_VERSION_TLSAUTH_SRP is
set if at least one of the supported backends offers SRP.
Reported-by: Stefan Strogin
Fixes #5865
Closes #5870
|
|
|
|
|
|
|
| |
The address of that variable never gets changed, only the data in it so
why not make it a "char * const"?
Closes #5866
|
|
|
|
|
|
| |
To allow disabling of the curl_easy_option APIs in a build.
Closes #5365
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
const struct curl_easyoption *curl_easy_option_by_name(const char *name);
const struct curl_easyoption *curl_easy_option_by_id (CURLoption id);
const struct curl_easyoption *
curl_easy_option_next(const struct curl_easyoption *prev);
The purpose is to provide detailed enough information to allow for
example libcurl bindings to get option information at run-time about
what easy options that exist and what arguments they expect.
Assisted-by: Jeroen Ooms
Closes #5365
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL undefines the conflicting symbols but BoringSSL does not so we
must do it ourselves.
Reported-by: Samuel Tranchet
Assisted-by: Javier Blazquez
Ref: https://bugs.chromium.org/p/boringssl/issues/detail?id=371
Ref: https://github.com/openssl/openssl/blob/OpenSSL_1_1_1g/include/openssl/ossl_typ.h#L66-L73
Fixes https://github.com/curl/curl/issues/5669
Closes https://github.com/curl/curl/pull/5857
|
|
|
|
|
|
| |
... to completely disable the use of socketpair
Closes #5850
|
|
|
|
| |
Closes #5851
|
|
|
|
|
|
|
|
|
|
| |
The get_cert_location function allocates memory only on success.
Previously get_cert_location was able to allocate memory and return
error. It wasn't obvious and in this case the memory wasn't
released.
Fixes #5855
Closes #5860
|
|
|
|
|
|
|
| |
When this error code was introduced in b6a53fff6c1d07e8a9, it was
forgotten to be added in the errors array and doh_strerror function.
Closes #5863
|
|
|
|
|
|
| |
Guidance-by: Tatsuhiro Tsujikawa
Closes #5864
|
|
|
|
|
|
|
|
|
|
|
|
| |
Check readiness of all sockets before waiting on them
to avoid locking in case the one-time event FD_WRITE
was already consumed by a previous wait operation.
More information about WinSock network events:
https://docs.microsoft.com/en-us/windows/win32/api/
winsock2/nf-winsock2-wsaeventselect#return-value
Closes #5634
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This avoids using a pair of TCP ports to provide wakeup functionality
for every multi instance on Windows, where socketpair() is emulated
using a TCP socket on loopback which could in turn lead to socket
resource exhaustion.
A previous version of this patch failed to account for how in WinSock,
FD_WRITE is set only once when writing becomes possible and not again
until after a send has failed due to the buffer filling. This contrasts
to how FD_READ and FD_OOB continue to be set until the conditions they
refer to no longer apply. This meant that if a user wrote some data to
a socket, but not enough data to completely fill its send buffer, then
waited on that socket to become writable, we'd erroneously stall until
their configured timeout rather than returning immediately.
This version of the patch addresses that issue by checking each socket
we're waiting on to become writable with select() before the wait, and
zeroing the timeout if it's already writable.
Assisted-by: Marc Hörsken
Reviewed-by: Marcel Raad
Reviewed-by: Daniel Stenberg
Tested-by: Gergely Nagy
Tested-by: Rasmus Melchior Jacobsen
Tested-by: Tomas Berger
Replaces #5397
Reverts #5632
Closes #5634
|
|
|
|
|
|
|
|
|
|
|
| |
Change Curl_socket_check to use select-fallback in Curl_poll
instead of implementing it in Curl_socket_check and Curl_poll.
Reviewed-by: Daniel Stenberg
Reviewed-by: Jay Satiro
Replaces #5262 and #5492
Closes #5707
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit changes Curl_socket_check to use POLLPRI to
check for connect failure on the write socket, because
POLLPRI maps to fds_err. This is in line with select(2).
The select-based socket check correctly checks for connect
failures by adding the write socket also to fds_err.
The poll-based implementation (which internally can itself
fallback to select again) did not previously check for
connect failure by using POLLPRI with the write socket.
See the follow up commit to this for more information.
This commit makes sure connect failures can be detected
and handled if HAVE_POLL_FINE is defined, eg. on msys2-devel.
Reviewed-by: Daniel Stenberg
Reviewed-by: Jay Satiro
Replaces #5509
Prepares #5707
|
|
|
|
|
|
|
|
|
|
|
| |
With Winsock the valid range is [0..INVALID_SOCKET-1] according to
https://docs.microsoft.com/en-us/windows/win32/winsock/socket-data-type-2
Reviewed-by: Jay Satiro
Reviewed-by: Marcel Raad
Reviewed-by: Daniel Stenberg
Closes #5760
|
|
|
|
|
|
| |
Replace the old fingerprint of the host with a new.
Closes #5685
|
|
|
|
|
|
| |
Updated mprintf.c to comply
Closes #5845
|
|
|
|
|
|
|
|
| |
The buffer only exists during transfer and then we shouldn't change the
size (the setopt is not documented to work then).
Reported-by: Harry Sintonen
Closes #5842
|
|
|
|
| |
Closes #5810
|
|
|
|
|
|
|
|
|
|
|
|
| |
Failures clearly returned from a (SOCKS) proxy now causes this return
code. Previously the situation was not very clear as what would be
returned and when.
In addition: when this error code is returned, an application can use
CURLINFO_PROXY_ERROR to query libcurl for the detailed error, which then
returns a value from the new 'CURLproxycode' enum.
Closes #5770
|
|
|
|
|
|
|
|
|
|
| |
Similarly to brotli, where this was already possible.
E.g. it allows to link zstd statically to libcurl.dll.
Ref: https://github.com/curl/curl-for-win/issues/12
Ref: https://github.com/curl/curl-for-win/commit/d9b266afd2e5d3f5604483010ef62340b5918c89
Closes https://github.com/curl/curl/pull/5840
|
|
|
|
|
|
|
|
|
| |
... not newline separated from the previous line. This makes it output
asterisk prefixed properly like other verbose putput!
Reported-by: jmdavitt on github
Fixes #5826
Closes #5827
|
|
|
|
|
|
|
|
|
| |
CVE-2020-8231
Bug: https://curl.haxx.se/docs/CVE-2020-8231.html
Reported-by: Marc Aldorasi
Closes #5824
|
|
|
|
| |
Closes #5812
|
| |
|
|
|
|
|
|
| |
The code hasn't been touched since 2010-08-18
Closes #5805
|
|
|
|
|
|
|
|
|
|
| |
This flag was applied to the connection struct that is released on
retry. These changes move the retry counter into Curl_easy struct that
lives across retries and retains the new connection.
Reported-by: Cherish98 on github
Fixes #5794
Closes #5800
|
|
|
|
|
|
|
|
|
|
|
| |
The debug output used ssherr instead of sftperr which not only outputs
the wrong error code but also casues a warning on Windows.
Follow-up to 7370b4e39f1
Reported-by: Gisle Vanem
Bug: https://github.com/curl/curl/commit/7370b4e39f1390e701f5b68d910c619151daf72b#r41334700
Closes #5799
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The shutdown function is for downgrading a connection from TLS to plain,
and this is not requested here.
Have ssl_close reset the TLS connection state.
This partially reverts commit f002c850d98d
Reported-by: Rasmus Melchior Jacobsen
Reported-by: Denis Goleshchikhin
Fixes #5797
|
|
|
|
| |
Closes #5792
|
|
|
|
| |
Closes #5786
|
|
|
|
| |
Closes #5778
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous h2 trailer fix in 54a2b63 was wrong and caused a
regression: it cannot deal with trailers immediately when read since
they may be read off the connection by the wrong 'data' owner.
This change reverts the logic back to gathering all trailers into a
single buffer, like before 54a2b63.
Reported-by: Tadej Vengust
Fixes #5663
Closes #5769
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Classic mingw and 10y+ old versions of mingw-w64 don't ship with
Windows headers having the typedef necessary for Unix Sockets
support, so try detecting these environments to disable this
feature.
Ref: https://sourceforge.net/p/mingw-w64/mingw-w64/ci/cf6afc57179a5910621215f8f4037d406892072c/
Reviewed-by: Daniel Stenberg
Fixes #5674
Closes #5758
|
|
|
|
| |
Closes https://github.com/curl/curl/pull/5754
|
|
|
|
|
|
|
| |
Reported by Codacy.
Reviewed-by: Marcel Raad
Closes #5759
|
|
|
|
|
|
|
|
|
| |
`SSL_CTX_add0_chain_cert` and `SSL_CTX_clear_chain_certs` were
introduced in LibreSSL 2.9.1 [0].
[0] https://github.com/libressl-portable/openbsd/commit/0db809ee178457c8170abfae3931d7bd13abf3ef
Closes https://github.com/curl/curl/pull/5757
|
|
|
|
|
|
|
|
|
| |
Previously any connect-only connections in a multi handle would be kept
alive until the multi handle was closed. Since these connections cannot
be re-used, they can be marked for closure when the associated easy
handle is removed from the multi handle.
Closes #5749
|
|
|
|
|
|
| |
Reviewed-by: Daniel Stenberg
Closes #5708
|
|
|
|
|
|
|
|
|
|
|
| |
Prior to this change if the user set a URL handle (CURLOPT_CURLU) it was
incorrectly used for the location follow, resulting in infinite requests
to the original location.
Reported-by: sspiri@users.noreply.github.com
Fixes https://github.com/curl/curl/issues/5709
Closes https://github.com/curl/curl/pull/5713
|
|
|
|
|
|
|
|
|
| |
They're not thread-safe so they should not be used in libcurl code.
Explictly enabled when deemed necessary and in examples and tests
Reviewed-by: Nicolas Sterchele
Closes #5732
|
|
|
|
| |
Closes #5734
|
|
|
|
|
|
|
|
|
| |
On systems with 32 bit long the expression is always false. Avoid
the warning.
Reported-by: Gisle Vanem
Bug: https://github.com/curl/curl/commit/61a08508f6a458fe21bbb18cd2a9bac2f039452b#commitcomment-40941232
Closes #5736
|
|
|
|
|
|
|
|
|
|
| |
Previously a file that isn't user-readable but is user-writable would
not be properly avoided and would get overwritten.
Reported-by: BrumBrum on hackerone
Assisted-by: Jay Satiro
Bug: https://hackerone.com/reports/926638
Closes #5731
|
|
|
|
|
|
|
|
|
| |
Since 09b9fc900 (multi: remove 'Curl_one_easy' struct, phase 1,
2013-08-02), the easy handle list is not circular but ends with
->next pointing to NULL.
Reported-by: Masaya Suzuki <masayasuzuki@google.com>
Closes #5737
|
|
|
|
|
| |
Reported-by: Tatsuhiro Tsujikawa
Closes #5733
|
|
|
|
|
|
|
|
|
|
|
| |
Unsetting CURLOPT_NOBODY with 0L when doing HTTP has no documented
action but before 7.71.0 that used to switch back to GET and with this
change (assuming the method is still set to HEAD) this behavior is
brought back.
Reported-by: causal-agent on github
Fixes #5725
Closes #5728
|
|
|
|
|
|
|
| |
Also choose a different wolfSSL function to test for NTLM support.
Fixes #5605
Closes #5682
|
|
|
|
|
|
| |
Reported-by: lilongyan-huawei on github
Fixes #5726
Closes #5727
|
|
|
|
|
|
|
|
|
| |
- Avoid re-using retry_after value from preceding request
- Add libtest 3010 to verify
Reported-by: joey-l-us on github
Fixes #5661
Closes #5672
|