Граф коммитов

21600 Коммитов

Автор SHA1 Сообщение Дата
Dan Fandrich 3863de57f2 tests: clear the SSL_CERT_FILE variable on --libcurl tests
Otherwise, the contents will end up in the output and fail the
verification.
2017-03-12 22:33:56 +01:00
Dan Fandrich 75398731e4 test1287: added verbose logs keyword 2017-03-12 20:32:46 +01:00
Dan Fandrich 1890d59905 tool_writeout: fixed a buffer read overrun on --write-out
If a % ended the statement, the string's trailing NUL would be skipped
and memory past the end of the buffer would be accessed and potentially
displayed as part of the --write-out output. Added tests 1440 and 1441
to check for this kind of condition.

Reported-by: Brian Carpenter
2017-03-12 08:28:31 +01:00
Desmond O. Chang d2bcf1e3e2 url: add option CURLOPT_SUPPRESS_CONNECT_HEADERS
- Add new option CURLOPT_SUPPRESS_CONNECT_HEADERS to allow suppressing
  proxy CONNECT response headers from the user callback functions
  CURLOPT_HEADERFUNCTION and CURLOPT_WRITEFUNCTION.

- Add new tool option --suppress-connect-headers to expose
  CURLOPT_SUPPRESS_CONNECT_HEADERS and allow suppressing proxy CONNECT
  response headers from --dump-header and --include.

Assisted-by: Jay Satiro
Assisted-by: CarloCannas@users.noreply.github.com
Closes https://github.com/curl/curl/pull/783
2017-03-12 01:32:33 -05:00
Jay Satiro ec1d0ed1c1 http_proxy: Ignore TE and CL in CONNECT 2xx responses
A client MUST ignore any Content-Length or Transfer-Encoding header
fields received in a successful response to CONNECT.
"Successful" described as: 2xx (Successful). RFC 7231 4.3.6

Prior to this change such a case would cause an error.

In some ways this bug appears to be a regression since c50b878. Prior to
that libcurl may have appeared to function correctly in such cases by
acting on those headers instead of causing an error. But that behavior
was also incorrect.

Bug: https://github.com/curl/curl/issues/1317
Reported-by: mkzero@users.noreply.github.com
2017-03-11 18:22:42 -05:00
Thomas Glanzmann e08c0cd327 mbedtls: fix typo in variable name
Broken a few days ago in 6448f98.

Bug: https://curl.haxx.se/mail/lib-2017-03/0015.html
2017-03-11 17:19:59 -05:00
Michael Kaufmann 8d10520993 tests: fix the authretry tests
Do not call curl_easy_reset() between the requests, because the
auth state must be preserved for these tests.

Follow-up to 0afbcfd
2017-03-11 20:21:56 +01:00
Michael Kaufmann e84a863dc3 proxy: skip SSL initialization for closed connections
This prevents a "Descriptor is not a socket" error for WinSSL.

Reported-by: Antony74@users.noreply.github.com
Reviewed-by: Jay Satiro

Fixes https://github.com/curl/curl/issues/1239
2017-03-11 18:59:01 +01:00
Michael Kaufmann 0afbcfd800 curl_easy_reset: Also reset the authentication state
Follow-up to 5278462
See https://github.com/curl/curl/issues/1095
2017-03-11 18:26:04 +01:00
Isaac Boukris 5278462c32 authneg: clear auth.multi flag at http_done
This flag is meant for the current request based on authentication
state, once the request is done we can clear the flag.

Also change auth.multi to auth.multipass for better readability.

Fixes https://github.com/curl/curl/issues/1095
Closes https://github.com/curl/curl/pull/1326

Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reported-by: Michael Kaufmann
2017-03-11 18:12:08 +01:00
Dan Fandrich 381aff0385 url: don't compile detect_proxy if HTTP support is disabled 2017-03-11 18:02:34 +01:00
Dan Fandrich 03c5223ee7 cmdline-opts: fixed a few typos 2017-03-11 11:44:18 +01:00
Daniel Stenberg 1e54c5fb09 README.md: add coverity and travis badges 2017-03-10 14:50:29 +01:00
Daniel Stenberg 7c847ab9d5 ISSUE_TEMPLATE: for bugs, ask questions on the mailing list
and try to add the top comment within an HTML comment in the hope
that it might get hidden if the text is kept
2017-03-10 10:32:01 +01:00
Daniel Stenberg 12f04142c1 openssl: add two /* FALLTHROUGH */ to satisfy coverity
CID 1402159 and 1402158
2017-03-10 08:46:54 +01:00
Daniel Stenberg 26e9fc27ad tests: disabled 1903 now
Test 1903 is doing HTTP pipelining, and that is a timing and ordering
sensitive operation and this fails far too often on the Travis CI
leading to people more or less ignoring test failures there. Not good.

The end of pipelning is probably coming sooner rather than later
anyway...
2017-03-09 23:57:09 +01:00
Dan Fandrich e1960fef12 tls-max.d: added to the makefile 2017-03-09 23:08:06 +01:00
Dan Fandrich b1dc45a822 build: fixed making man page in out-of-tree tarball builds
The man page taken from the release package is found in a different
location than if it's built from source. It must be referenced as $< in
the rule to get its correct location in the VPATH.
2017-03-09 22:55:28 +01:00
Dan Fandrich 9f3bc40f7f mkhelp: simplified the gzip code
This eliminates the need for an external gzip program, which wasn't
working with Busybox's gzip, anyway. It now compresses using perl's
IO::Compress::Gzip
2017-03-09 22:52:51 +01:00
Dan Fandrich 7d62502d6c polarssl: fixed compile errors introduced in 6448f98c 2017-03-09 09:07:53 +01:00
Daniel Stenberg 28a3453ac7 bump: next release will be known as 7.54.0
...due to the newly added CURL_SSLVERSION_MAX_* functionality
2017-03-08 23:43:24 +01:00
Daniel Stenberg 6733acc903 openssl: unbreak the build after 6448f98c18
Verified with OpenSSL 1.1.0e and OpenSSL master (1.1.1)
2017-03-08 23:38:26 +01:00
Jozef Kralik 6448f98c18 vtls: add options to specify range of enabled TLS versions
This commit introduces the CURL_SSLVERSION_MAX_* constants as well as
the --tls-max option of the curl tool.

Closes https://github.com/curl/curl/pull/1166
2017-03-08 15:54:07 +01:00
Daniel Stenberg b666907336 RELEASE-NOTES: synced with 6888a670aa 2017-03-08 10:55:06 +01:00
Daniel Stenberg 6888a670aa MANPAGE: clarify the dash situation in meta data 2017-03-08 09:20:36 +01:00
Daniel Stenberg 324bf2fd36 insecure.d: clarify that this is for server connections
Assisted-by: Ray Satiro
Bug: https://curl.haxx.se/mail/lib-2017-03/0002.html
2017-03-08 09:17:32 +01:00
Dan Fandrich 348f8a3da9 test1260: added http as a required feature 2017-03-08 09:06:56 +01:00
Steve Brokenshire beff139d3d maketgz: Run updatemanpages.pl to update man pages
maketgz now runs scripts/updatemanpages.pl to update the man pages .TH
section to use the current date and curl/libcurl version.

(TODO Section 3.1)

Closes #1058
2017-03-07 23:36:17 +01:00
Steve Brokenshire d960e57029 gitignore: Ignore man page dist files
Ignore man page dist files generated by scripts/updatemanpages.pl
2017-03-07 23:27:31 +01:00
Steve Brokenshire f5712ca277 Makefile.am: Remove distribution man pages when running 'make clean' 2017-03-07 23:27:31 +01:00
Steve Brokenshire e159fff13d Makefile.am: Added scripts/updatemanpages.pl to EXTRA_DIST 2017-03-07 23:27:31 +01:00
Steve Brokenshire 698aae270b updatemanpages.pl: Update man pages to use current date and versions
Added script to update man pages to use the current date and
curl/libcurl versions.

updatemanpages.pl has three arrays: list of directories to look in,
list of extensions to process, list of files to exclude from
processing.

Check man page in git repoistory using the date from the existing man
page before updating to avoid updating the man page if no change is
made.

If data is received from the git command then update the man page with
the current date and version otherwise leave alone.

Applied patch from badger to make the date argument optional, change the
git command used, added date argument to processfile subroutine and
print to STDERR if no date is found in a man page.

Added code to process the changed man page into a new man page with
.dist added to the filename to keep the original source files unchanged.
Updated POD documentation to reflect that the date argument optional.

Code style is in line with CODE_STYLE.md.

Directories: docs/ docs/libcurl/ docs/libcurl/opts/ tests/
Extensions: .1 .3
Excluded files: mk-ca-bundle.1 template.3

(TODO Section 3.1)
2017-03-07 23:27:31 +01:00
Tatsuhiro Tsujikawa 475c2583d5 http2: Fix assertion error on redirect with CL=0
This fixes assertion error which occurs when redirect is done with 0
length body via HTTP/2, and the easy handle is reused, but new
connection is established due to hostname change:

    curl: http2.c:1572: ssize_t http2_recv(struct connectdata *,
      int, char *, size_t, CURLcode *):
    Assertion `httpc->drain_total >= data->state.drain' failed.

To fix this bug, ensure that http2_handle_stream is called.

Fixes #1286
Closes #1302
2017-03-07 23:12:41 +01:00
Daniel Stenberg 958e176688 ares: Curl_resolver_wait_resolv: clear *entry first in function 2017-03-07 08:08:55 +01:00
Daniel Stenberg bfaab3180c ares: better error return on timeouts
Assisted-by: Ray Satiro

Bug: https://curl.haxx.se/mail/lib-2017-03/0009.html
2017-03-07 07:38:29 +01:00
Jay Satiro f023f258fa KNOWN_BUGS: Add DarwinSSL won't import PKCS#12 without a password
Bug: https://github.com/curl/curl/issues/1308
Reported-by: Justin Clift
2017-03-06 19:13:03 -05:00
Dan Fandrich 3914c07ed6 test1260: removed errant XML tag 2017-03-06 23:05:51 +01:00
Daniel Stenberg aadb7c7b62 URL: return error on malformed URLs with junk after port number
... because it causes confusion with users. Example URLs:

"http://[127.0.0.1]:11211:80" which a lot of languages' URL parsers will
parse and claim uses port number 80, while libcurl would use port number
11211.

"http://user@example.com:80@localhost" which by the WHATWG URL spec will
be treated to contain user name 'user@example.com' but according to
RFC3986 is user name 'user' for the host 'example.com' and then port 80
is followed by "@localhost"

Both these formats are now rejected, and verified so in test 1260.

Reported-by: Orange Tsai
2017-03-06 16:08:21 +01:00
Daniel Stenberg 7ad72e0fc2 BINDINGS: update the Lua-cURL URL 2017-03-06 12:57:33 +01:00
Sylvestre Ledru df77f1772d BINDINGS: add Scilab binding
Closes #1312
2017-03-06 12:51:27 +01:00
Daniel Stenberg 5e99ede6d3 BINDINGS: add go-curl and perl6-net-curl
Reported-by: Peter Pentchev
2017-03-06 10:11:55 +01:00
Daniel Stenberg bfcb3150a7 BINDINGS: add misssing C++ bindings
Reported-by: Giuseppe Persico
2017-03-06 09:44:08 +01:00
Daniel Stenberg 29be83ee74 ares: return error at once if timed out before name resolve starts
Pointed-out-by: Ray Satiro
Bug: https://curl.haxx.se/mail/lib-2017-03/0004.html
2017-03-06 09:21:01 +01:00
Michael Maltese 813263dc3a CMake: Set at most one SSL library
Ref: https://github.com/curl/curl/pull/1228
2017-03-05 14:42:53 +01:00
Michael Maltese c6a97466b9 CMake: Add mbedTLS support
Ref: https://github.com/curl/curl/pull/1228
2017-03-05 14:42:53 +01:00
Michael Maltese eb19e89f2e CMake: Add DarwinSSL support
Assisted-by: Simon Warta <simon@kullo.net>
Ref: https://github.com/curl/curl/pull/1228
2017-03-05 14:42:53 +01:00
Michael Maltese f85ff14d52 CMake: Reorganize SSL support, separate WinSSL and SSPI
This is closer to how configure.ac does it

Ref: https://github.com/curl/curl/pull/1228
2017-03-05 14:42:53 +01:00
Jay Satiro 21512a015f CURLOPT_SSL_CTX_FUNCTION.3: Fix EXAMPLE formatting errors
.. also document that CURLE_NOT_BUILT_IN is a RETURN VALUE.

Ref: https://github.com/curl/curl/pull/1290
2017-03-04 16:07:28 -05:00
Andrew Krieger 7b1430c0b4 fix potential use of uninitialized variables
MSVC with LTCG detects this at warning level 4.

Closes #1304
2017-03-04 21:37:03 +01:00
Sylvestre Ledru 658b9a200a fix some typos in the doc (#1306) 2017-03-04 15:50:33 +01:00