Граф коммитов

19568 Коммитов

Автор SHA1 Сообщение Дата
Daniel Stenberg 3587da9e7c curl.h: add CURL_HTTP_VERSION_2
The protocol is named "HTTP/2" after all. It is an alias for the
existing CURL_HTTP_VERSION_2_0 enum.
2015-06-05 08:26:47 +02:00
Daniel Stenberg 1ce14037c0 openssl: removed error string #ifdef
ERR_error_string_n() was introduced in 0.9.6, no need to #ifdef anymore
2015-06-05 00:12:56 +02:00
Daniel Stenberg 30bd59ba6e openssl: removed USERDATA_IN_PWD_CALLBACK kludge
Code for OpenSSL 0.9.4 serves no purpose anymore!
2015-06-05 00:11:32 +02:00
Daniel Stenberg ccfdd5986c openssl: remove SSL_get_session()-using code
It was present for OpenSSL 0.9.5 code but we only support 0.9.7 or
later.
2015-06-05 00:09:25 +02:00
Daniel Stenberg fc16d9cec8 openssl: remove dummy callback use from SSL_CTX_set_verify()
The existing callback served no purpose.
2015-06-05 00:02:17 +02:00
Daniel Stenberg 7c17b58eec LIBCURL-STRUCTS: clarify for multiplexing 2015-06-04 22:43:54 +02:00
Jay Satiro 3013bb6b1c cookie: Stop exporting any-domain cookies
Prior to this change any-domain cookies (cookies without a domain that
are sent to any domain) were exported with domain name "unknown".

Bug: https://github.com/bagder/curl/issues/292
2015-06-03 21:48:47 -04:00
Daniel Stenberg 001ab7d860 RELEASE-PROCEDURE: refreshed 'coming dates' 2015-06-03 14:44:04 +02:00
Jay Satiro 59432503c0 curl_setup: Change fopen text macros to use 't' for MSDOS
Bug: https://github.com/bagder/curl/pull/258#issuecomment-107915198
Reported-by: Gisle Vanem
2015-06-02 14:04:00 -04:00
Daniel Stenberg f6af9aef7e curl_multi_timeout.3: added example 2015-06-02 12:18:10 +02:00
Daniel Stenberg 46a050e9f5 curl_multi_perform.3: added example 2015-06-02 12:13:23 +02:00
Daniel Stenberg 3cac8c9049 curl_multi_info_read.3: added example 2015-06-02 12:01:39 +02:00
Daniel Stenberg 33ee411848 checksrc: detect fopen() for text without the FOPEN_* macros
Follow-up to e8423f9ce1 with discussionis in
https://github.com/bagder/curl/pull/258

This check scans for fopen() with a mode string without 'b' present, as
it may indicate that an FOPEN_* define should rather be used.
2015-06-02 08:28:10 +02:00
Daniel Stenberg 3bbcb4b036 curl_getdate.3: update RFC reference 2015-06-01 15:04:40 +02:00
Jay Satiro e8423f9ce1 curl_setup: Add macros for FOPEN_READTEXT, FOPEN_WRITETEXT
- Change fopen calls to use FOPEN_READTEXT instead of "r" or "rt"
- Change fopen calls to use FOPEN_WRITETEXT instead of "w" or "wt"

This change is to explicitly specify when we need to read/write text.
Unfortunately 't' is not part of POSIX fopen so we can't specify it
directly. Instead we now have FOPEN_READTEXT, FOPEN_WRITETEXT.

Prior to this change we had an issue on Windows if an application that
uses libcurl overrides the default file mode to binary. The default file
mode in Windows is normally text mode (translation mode) and that's what
libcurl expects.

Bug: https://github.com/bagder/curl/pull/258#issuecomment-107093055
Reported-by: Orgad Shaneh
2015-06-01 03:21:23 -04:00
Daniel Stenberg 9f5dcab83d http2-upload.c: use PIPEWAIT for playing HTTP/2 better 2015-06-01 08:46:18 +02:00
Daniel Stenberg 41db5aed7a http2-download: check for CURLPIPE_MULTIPLEX properly
Bug: http://curl.haxx.se/mail/lib-2015-06/0001.html
Reported-by: Rafayel Mkrtchyan
2015-06-01 08:45:30 +02:00
Isaac Boukris 4bb815a32e HTTP-NTLM: fail auth on connection close instead of looping
Bug: https://github.com/bagder/curl/issues/256
2015-05-31 23:21:15 +02:00
Daniel Stenberg 4e7c3c12d3 5.6 Refuse "downgrade" redirects 2015-05-31 00:39:19 +02:00
Daniel Stenberg 9a0a16a61c README.pingpong: removed 2015-05-31 00:20:22 +02:00
Daniel Stenberg 2f1eae0f27 ROADMAP: remove HTTP/2 multiplexing - its here now 2015-05-30 12:09:22 +02:00
Daniel Stenberg 3628a90852 HTTP2.md: formatted properly 2015-05-30 12:07:39 +02:00
Daniel Stenberg a8904b39f3 HTTP2: moved docs into docs/ and make it markdown 2015-05-30 11:55:33 +02:00
Daniel Stenberg 8a7c1c76b3 README.http2: refreshed and added multiplexing info 2015-05-30 11:53:24 +02:00
Daniel Stenberg f348a6b4ab dist: add the http2 examples 2015-05-28 16:04:13 +02:00
Daniel Stenberg d1b1d782f5 http2 examples: clean up some comments 2015-05-28 16:04:00 +02:00
Daniel Stenberg e57f08863a examples: added two programs doing multiplexed HTTP/2 2015-05-28 15:58:34 +02:00
Daniel Stenberg 44fe4b9029 scripts: moved contributors.sh and contrithanks.sh into subdir 2015-05-27 16:10:08 +02:00
Daniel Stenberg 9972666b47 RELEASE-NOTES: synced with c005790ff1 2015-05-27 14:48:59 +02:00
Daniel Melani c005790ff1 openssl: typo in comment 2015-05-27 11:31:48 +02:00
Jay Satiro 49a6642f01 openssl: Use TLS_client_method for OpenSSL 1.1.0+
SSLv23_client_method is deprecated starting in OpenSSL 1.1.0. The
equivalent is TLS_client_method.

https://github.com/openssl/openssl/commit/13c9bb3#diff-708d3ae0f2c2973b272b811315381557
2015-05-27 01:30:30 -04:00
Daniel Stenberg f81d356c21 FAQ: How do I port libcurl to my OS? 2015-05-26 19:13:40 +02:00
Jay Satiro b18a1654c1 CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domain
Document that if Set-Cookie is used without a domain then the cookie is
sent for any domain and will not be modified.

Bug: http://curl.haxx.se/mail/lib-2015-05/0137.html
Reported-by: Alexander Dyagilev
2015-05-25 17:27:53 -04:00
Tatsuhiro Tsujikawa 02dfc930b5 http2: Copy data passed in Curl_http2_switched into HTTP/2 connection buffer
Previously, after seeing upgrade to HTTP/2, we feed data followed by
upgrade response headers directly to nghttp2_session_mem_recv() in
Curl_http2_switched().  But it turns out that passed buffer, mem, is
part of stream->mem, and callbacks called by
nghttp2_session_mem_recv() will write stream specific data into
stream->mem, overwriting input data.  This will corrupt input, and
most likely frame length error is detected by nghttp2 library.  The
fix is first copy the passed data to HTTP/2 connection buffer,
httpc->inbuf, and call nghttp2_session_mem_recv().
2015-05-25 23:07:49 +02:00
Jay Satiro 96c0164b88 CURLOPT_COOKIE.3: Explain that the cookies won't be modified
The CURLOPT_COOKIE doc says it "sets the cookie header explicitly in the
outgoing request(s)." However there seems to be some user confusion
about cookie modification. Document that the cookies set by this option
are not modified by the cookie engine.

Bug: http://curl.haxx.se/mail/lib-2015-05/0115.html
Reported-by: Alexander Dyagilev
2015-05-24 19:01:13 -04:00
Jay Satiro 4bef1c7bf4 CURLOPT_COOKIELIST.3: Add example 2015-05-24 15:39:49 -04:00
Dan Fandrich 4a79475b13 testcurl.pl: use rel2abs to make the source directory absolute
This function makes a platform-specific absolute path which uses
backslashes on Windows. This form works when passing it on the
command-line, as well as if the source is on another drive.
2015-05-24 12:09:34 +02:00
Dan Fandrich b6e3da5f08 conncache: fixed memory leak on OOM (torture tests) 2015-05-24 11:19:07 +02:00
Daniel Stenberg 28cdc0d82c perl: remove subdir, not touched in 9 years 2015-05-24 00:54:55 +02:00
Daniel Stenberg 3a973517a9 log2changes.pl: moved to scripts/ 2015-05-24 00:09:23 +02:00
Alessandro Ghedini f9f22b0d63 scripts: add zsh.pl for generating zsh completion 2015-05-24 00:03:14 +02:00
Dan Fandrich ef02da3156 test1510: another flaky test 2015-05-23 16:28:09 +02:00
Daniel Stenberg e582cd16ff security: fix "Unchecked return value" from sscanf()
By (void) prefixing it and adding a comment. Did some minor related
cleanups.

Coverity CID 1299423.
2015-05-22 16:52:41 +02:00
Daniel Stenberg 1514977bcd security: simplify choose_mech
Coverity CID 1299424 identified dead code because of checks that could
never equal true (if the mechanism's name was NULL).

Simplified the function by removing a level of pointers and removing the
loop and array that weren't used.
2015-05-22 16:46:01 +02:00
Daniel Stenberg fda0e74c22 RTSP: catch attempted unsupported requests better
Replace use of assert with code that properly catches bad input at
run-time even in non-debug builds.

This flaw was sort of detected by Coverity CID 1299425 which claimed the
"case RTSPREQ_NONE" was dead code.
2015-05-22 16:32:42 +02:00
Daniel Stenberg 03e2a9b023 share_init: fix OOM crash
A failed calloc() would lead to NULL pointer use.

Coverity CID 1299427.
2015-05-22 16:26:14 +02:00
Daniel Stenberg 817323ed82 parse_proxy: switch off tunneling if non-HTTP proxy
non-HTTP proxy implies not using CURLOPT_HTTPPROXYTUNNEL

Bug: http://curl.haxx.se/mail/lib-2015-05/0056.html
Reported-by: Sean Boudreau
2015-05-22 16:19:53 +02:00
Daniel Stenberg 42ed88e70a curl: fix potential NULL dereference
Coverity CID 1299428: Dereference after null check (FORWARD_NULL)
2015-05-22 16:19:30 +02:00
Daniel Stenberg 84d811f6af http2: on_frame_recv: return early on stream 0
Coverity CID 1299426 warned about possible NULL dereference otherwise,
but that would only ever happen if we get invalid HTTP/2 data with
frames for stream 0. Avoid this risk by returning early when stream 0 is
used.
2015-05-22 15:17:16 +02:00
Daniel Stenberg d04bab8873 http: removed self assignment
Follow-up fix from b0143a2a33

Detected by coverity. CID 1299429
2015-05-22 09:57:16 +02:00