Граф коммитов

8114 Коммитов

Автор SHA1 Сообщение Дата
Alexander Pepper 143acd6222 mk-ca-bundle bugfix: Don't report SHA1 numbers with "-q".
Also unified printing to STDERR by creating the helper method "report".
2015-03-11 14:47:41 +01:00
Daniel Stenberg 852d35b6ea proxy: re-use proxy connections (regression)
When checking for a connection to re-use, a proxy-using request must
check for and use a proxy connection and not one based on the host
name!

Added test 1421 to verify

Bug: http://curl.haxx.se/bug/view.cgi?id=1492
2015-03-11 11:54:22 +01:00
Alessandro Ghedini fa895f2aa2 gtls: correctly align certificate status verification messages 2015-03-10 15:48:34 +01:00
Alessandro Ghedini a6a264ef2c gtls: don't print double newline after certificate dates 2015-03-10 15:20:03 +01:00
Alessandro Ghedini 3a757fddbb gtls: print negotiated TLS version and full cipher suite name
Instead of priting cipher and MAC algorithms names separately, print the
whole cipher suite string which also includes the key exchange algorithm,
along with the negotiated TLS version.
2015-03-10 15:18:14 +01:00
Daniel Stenberg d9973eaeb8 gtls: fix compiler warnings 2015-03-10 15:16:59 +01:00
Alessandro Ghedini 5a1614cecd gtls: add support for CURLOPT_CAPATH 2015-03-10 15:03:54 +01:00
Daniel Stenberg c19349951d multi: fix *getsock() with CONNECT
The code used some happy eyeballs logic even _after_ CONNECT has been
sent to a proxy, while the happy eyeball phase is already (should be)
over by then.

This is solved by splitting the multi state into two separate states
introducing the new SENDPROTOCONNECT state.

Bug: http://curl.haxx.se/mail/lib-2015-01/0170.html
Reported-by: Peter Laser
2015-03-07 19:19:22 +01:00
Daniel Stenberg 9da14a96ab conncontrol: only log changes to the connection bit 2015-03-07 19:18:49 +01:00
Daniel Stenberg 00ea0e7db0 http2: use CURL_HTTP_VERSION_* symbols instead of NPN_*
Since they already exist and will make comparing easier
2015-03-07 11:10:30 +01:00
Daniel Stenberg df28af8f39 http2: make the info-message about receiving HTTP2 headers debug-only 2015-03-07 10:55:37 +01:00
Alessandro Ghedini 44ffe27056 urldata: remove unused asked_for_h2 field 2015-03-07 10:36:10 +01:00
Alessandro Ghedini adb4e41a1a polarssl: make it possible to enable ALPN/NPN without HTTP2 2015-03-07 10:36:10 +01:00
Alessandro Ghedini 42bc45be8e nss: make it possible to enable ALPN/NPN without HTTP2 2015-03-07 10:36:10 +01:00
Alessandro Ghedini 870a67e01f gtls: make it possible to enable ALPN/NPN without HTTP2 2015-03-07 10:36:10 +01:00
Alessandro Ghedini 2e9494b15d openssl: make it possible to enable ALPN/NPN without HTTP2 2015-03-07 10:36:10 +01:00
Daniel Stenberg 042526c19f urldata: fix gnutls build 2015-03-06 10:13:40 +01:00
Daniel Stenberg 492dfca65d multi: fix memory-leak on timeout (regression)
Since 1342a96ecf, a timeout detected in the multi state machine didn't
necesarily clear everything up, like formpost data.

Bug: https://github.com/bagder/curl/issues/147
Reported-by: Michel Promonet
Patched-by: Michel Promonet
2015-03-05 15:43:38 +01:00
Daniel Stenberg 709cf76f6b openssl: remove all uses of USE_SSLEAY
SSLeay was the name of the library that was subsequently turned into
OpenSSL many moons ago (1999). curl does not work with the old SSLeay
library since years. This is now reflected by only using USE_OPENSSL in
code that depends on OpenSSL.
2015-03-05 10:57:52 +01:00
Daniel Stenberg 8aabbf5f8c vtls: use curl_printf.h all over
No need to use _MPRINTF_REPLACE internally.
2015-03-03 23:17:43 +01:00
Daniel Stenberg df5578a7a3 mprintf.h: remove #ifdef CURLDEBUG
... and as a consequence, introduce curl_printf.h with that re-define
magic instead and make all libcurl code use that instead.
2015-03-03 12:36:18 +01:00
Tatsuhiro Tsujikawa 48b5374e65 http2: Return error if stream was closed with other than NO_ERROR
Previously, we just ignored error code passed to
on_stream_close_callback and just return 0 (success) after stream
closure even if stream was reset with error.  This patch records error
code in on_stream_close_callback, and return -1 and use CURLE_HTTP2
error code on abnormal stream closure.
2015-02-27 21:17:27 +00:00
Daniel Stenberg bc3a44aebc http2: return recv error on unexpected EOF
Pointed-out-by: Tatsuhiro Tsujikawa
Bug: http://curl.haxx.se/bug/view.cgi?id=1487
2015-02-25 13:51:21 +01:00
Daniel Stenberg b9c190ba77 http2: move lots of verbose output to be debug-only 2015-02-25 11:45:46 +01:00
Kamil Dudka 4909f7c795 nss: do not skip Curl_nss_seed() if data is NULL
In that case, we only skip writing the error message for failed NSS
initialization (while still returning the correct error code).
2015-02-25 10:23:07 +01:00
Kamil Dudka 7a1538d9cc nss: improve error handling in Curl_nss_random()
The vtls layer now checks the return value, so it is no longer necessary
to abort if a random number cannot be provided by NSS.  This also fixes
the following Coverity report:

Error: FORWARD_NULL (CWE-476):
lib/vtls/nss.c:1918: var_compare_op: Comparing "data" to null implies that "data" might be null.
lib/vtls/nss.c:1923: var_deref_model: Passing null pointer "data" to "Curl_failf", which dereferences it.
lib/sendf.c:154:3: deref_parm: Directly dereferencing parameter "data".
2015-02-25 10:23:06 +01:00
Marc Hoersken ffc2aeec6e Revert "telnet.c: fix handling of 0 being returned from custom read function"
This reverts commit 03fa576833.
2015-02-25 00:16:10 +01:00
Marc Hoersken b3bcdaf01a telnet.c: fix invalid use of custom read function if not being set
obj_count can be 1 if the custom read function is set or the stdin
handle is a reference to a pipe. Since the pipe should be handled
using the PeekNamedPipe-check below, the custom read function should
only be used if it is actually enabled.
2015-02-25 00:01:14 +01:00
Marc Hoersken 03fa576833 telnet.c: fix handling of 0 being returned from custom read function
According to [1]: "Returning 0 will signal end-of-file to the library
and cause it to stop the current transfer."
This change makes the Windows telnet code handle this case accordingly.

 [1] http://curl.haxx.se/libcurl/c/CURLOPT_READFUNCTION.html
2015-02-24 23:59:06 +01:00
Kamil Dudka e08a12dab1 connect: wait for IPv4 connection attempts
... even if the last IPv6 connection attempt has failed.

Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1187531#c4
2015-02-23 13:32:28 +01:00
Kamil Dudka 92835ca5d8 connect: avoid skipping an IPv4 address
... in case the protocol versions are mixed in a DNS response
(IPv6 -> IPv4 -> IPv6).

Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1187531#c3
2015-02-23 13:31:01 +01:00
Julian Ospald 90314100e0 configure: allow both --with-ca-bundle and --with-ca-path
SSL_CTX_load_verify_locations by default (and if given non-Null
parameters) searches the CAfile first and falls back to CApath.  This
allows for CAfile to be a basis (e.g. installed by the package manager)
and CApath to be a user configured directory.

This wasn't reflected by the previous configure constraint which this
patch fixes.

Bug: https://github.com/bagder/curl/pull/139
2015-02-20 16:30:04 +01:00
Ben Boeckel 20112ed846 cmake: install the dll file to the correct directory 2015-02-20 14:17:32 +01:00
Alessandro Ghedini 63b4b8c7bd nss: fix NPN/ALPN protocol negotiation
Correctly check for memcmp() return value (it returns 0 if the strings match).

This is not really important, since curl is going to use http/1.1 anyway, but
it's still a bug I guess.
2015-02-19 23:09:12 +01:00
Alessandro Ghedini 633b3895d7 polarssl: fix ALPN protocol negotiation
Correctly check for strncmp() return value (it returns 0 if the strings
match).
2015-02-19 23:07:40 +01:00
Alessandro Ghedini 676ac46ff5 gtls: fix build with HTTP2 2015-02-19 19:00:51 +01:00
Steve Holme 31c8f8ac11 Makefile.vc6: Corrected typos in rename of darwinssl.obj 2015-02-16 00:35:16 +00:00
Nick Zitzmann b1c7fc050b By request, change the name of "curl_darwinssl.[ch]" to "darwinssl.[ch]" 2015-02-15 17:11:01 -06:00
Kamil Dudka aba2c4dca2 openssl: fix a compile-time warning
lib/vtls/openssl.c:1450:7: warning: extra tokens at end of #endif directive
2015-02-12 08:39:19 +01:00
Steve Holme c1878e8f52 openssl: Use OPENSSL_IS_BORINGSSL for BoringSSL detection
For consistency with other conditionally compiled code in openssl.c,
use OPENSSL_IS_BORINGSSL rather than HAVE_BORINGSSL and try to use
HAVE_BORINGSSL outside of openssl.c when the OpenSSL header files are
not included.
2015-02-11 21:03:23 +00:00
Patrick Monnerat ab85ac5eda ftp: accept all 2xx responses to the PORT command 2015-02-11 19:51:57 +01:00
Steve Holme d771b44e53 openssl: Disable OCSP in old versions of OpenSSL
Versions of OpenSSL prior to v0.9.8h do not support the necessary
functions for OCSP stapling.
2015-02-09 21:01:39 +00:00
Tatsuhiro Tsujikawa 7eebf9a3fb http2: Fix bug that associated stream canceled on PUSH_PROMISE
Previously we don't ignore PUSH_PROMISE header fields in on_header
callback.  It makes header values mixed with following HEADERS,
resulting protocol error.
2015-02-09 15:52:56 +01:00
Jay Satiro 20c727ec4c polarssl: Fix exclusive SSL protocol version options
Prior to this change the options for exclusive SSL protocol versions did
not actually set the protocol exclusive.

http://curl.haxx.se/mail/lib-2015-01/0002.html
Reported-by: Dan Fandrich
2015-02-09 10:39:17 +01:00
Jay Satiro 9956ef2d33 gskit: Fix exclusive SSLv3 option 2015-02-09 10:38:46 +01:00
Steve Holme 761d5166af schannel: Removed curl_ prefix from source files
Removed the curl_ prefix from the schannel source files as discussed
with Marc and Daniel at FOSDEM.
2015-02-07 21:34:33 +00:00
Daniel Stenberg 05792d6936 md5: use axTLS's own MD5 functions when available 2015-02-06 14:36:25 +01:00
Daniel Stenberg 2a15e594ef MD(4|5): make the MD4_* and MD5_* functions static 2015-02-06 14:26:32 +01:00
Daniel Stenberg d557da5d79 axtls: fix conversion from size_t to int warning 2015-02-06 14:26:32 +01:00
Steve Holme 600ccb2237 ftp: Use 'CURLcode result' for curl result codes 2015-02-05 20:31:12 +00:00