Граф коммитов

25126 Коммитов

Автор SHA1 Сообщение Дата
Daniel Stenberg a7d4693a48
runtests: make random seed fixed for a month
When using randomized features of runtests (-R and --shallow) it is
useful to have a fixed random seed to make sure for example extra
commits in a branch or a rebase won't change the seed that would make
repeated runs work differently.

As it is also useful to change seed sometimes, the default seed is now
determined based on the current month (and first line curl -V
output). When the month changes, so will the random seed.

The specific seed is also shown in the standard test suite top header
and it can be set explictly with the new --seed=[num] option so that the
exact order of a previous run can be achieved.

Closes #4734
2020-01-09 09:12:05 +01:00
Daniel Stenberg 5059f5552f
RELEASE-PROCEDURE.md: fix next release date (Feb 26)
[skip ci]
2020-01-08 09:47:37 +01:00
Daniel Stenberg 2cfac302fb
RELEASE-NOTES: 7.68.0 2020-01-08 07:31:10 +01:00
Daniel Stenberg 72e304c779
THANKS: updated with names from the 7.68.0 release 2020-01-07 15:17:33 +01:00
Daniel Stenberg f147c69472
RELEASE-PROCEDURE: add four future release dates
and remove four past release dates

[skip ci]
2020-01-07 15:17:17 +01:00
Marcel Raad 8cf875ed3b
TrackMemory tests: always remove CR before LF
It was removed for output containing ' =' via `s/ =.*//`. With classic
MinGW, this made lines with `free()` end with CRLF, but lines with e.g.
`malloc()` end with only LF. The tests expect LF only.

Closes https://github.com/curl/curl/pull/4788
2020-01-06 20:56:27 +01:00
Daniel Stenberg 9275c2be8c
multi.h: move INITIAL_MAX_CONCURRENT_STREAMS from public header
... to the private multihhandle.h. It is not for public use and it
wasn't prefixed correctly anyway!

Closes #4790
2020-01-06 19:53:38 +01:00
Daniel Stenberg 50e35ccfbb
file: fix copyright year range
Follow-up to 1b71bc532b
2020-01-06 10:12:02 +01:00
Daniel Stenberg 4c34af4c99
curl -w: handle a blank input file correctly
Previously it would end up with an uninitialized memory buffer that
would lead to a crash or junk getting output.

Added test 1271 to verify.

Reported-by: Brian Carpenter
Closes #4786
2020-01-06 10:10:48 +01:00
Daniel Stenberg 1b71bc532b
file: on Windows, refuse paths that start with \\
... as that might cause an unexpected SMB connection to a given host
name.

Reported-by: Fernando Muñoz
CVE-2019-15601
Bug: https://curl.haxx.se/docs/CVE-2019-15601.html
2020-01-06 10:05:37 +01:00
Jay Satiro aeb32d059b CURLOPT_READFUNCTION.3: fix fopen params in example 2020-01-06 03:09:53 -05:00
Jay Satiro e9dd17b754 CURLOPT_READFUNCTION.3: fix variable name in example
Reported-by: Paul Joyce

Fixes https://github.com/curl/curl/issues/4787
2020-01-06 03:01:33 -05:00
Daniel Stenberg 459d0db45b
curl:getparameter return error for --http3 if libcurl doesn't support
Closes #4785
2020-01-05 21:24:17 +01:00
Daniel Stenberg 2150c4b5d3
docs: mention CURL_MAX_INPUT_LENGTH restrictions
... for curl_easy_setopt() and curl_url_set().

[skip ci]

Closes #4783
2020-01-05 17:06:47 +01:00
Daniel Stenberg 392bff4abf
curl: properly free mimepost data
... as it could otherwise leak memory when a transfer failed.

Added test 1293 to verify.

Reported-by: Brian Carpenter
Fixes #4781
Closes #4782
2020-01-04 23:06:44 +01:00
Daniel Stenberg 271ec6b9b6
curl: cleanup multi handle on failure
... to fix memory leak in error path.

Fixes #4772
Closes #4780
Reported-by: Brian Carpenter
2020-01-04 23:05:21 +01:00
Marcel Raad 291ed52122
lib: fix compiler warnings with `CURL_DISABLE_VERBOSE_STRINGS`
Closes https://github.com/curl/curl/pull/4775
2020-01-03 17:02:30 +01:00
Daniel Stenberg e24ea706fb
COPYING: it's 2020!
[skip ci]
2020-01-03 15:12:46 +01:00
Marc Aldorasi be83fe11bf tests: Fix bounce requests with truncated writes
Prior to this change the swsbounce check in service_connection could
fail because prevtestno and prevpartno were not set, which would cause
the wrong response data to be sent to some tests and cause them to fail.

Ref: https://github.com/curl/curl/pull/4717#issuecomment-570240785
2020-01-03 01:45:04 -05:00
Marcel Raad a8d13336b5
tool: make a few char pointers point to const char instead
These are read-only.

Closes https://github.com/curl/curl/pull/4771
2019-12-31 22:18:56 +01:00
Jay Satiro 9603c8299f tests: Change NTLM tests to require SSL
Prior to this change tests that required NTLM feature did not require
SSL feature.

There are pending changes to cmake builds that will allow enabling NTLM
in non-SSL builds in Windows. In that case the NTLM auth strings created
are different from what is expected by the NTLM tests and they fail:

"The issue with NTLM is that previous non-SSL builds would not enable
NTLM and so the NTLM tests would be skipped."

Assisted-by: marc-groundctl@users.noreply.github.com

Ref: https://github.com/curl/curl/pull/4717#issuecomment-566218729

Closes https://github.com/curl/curl/pull/4768
2019-12-31 02:47:53 -05:00
Michael Forney 9024b01387 bearssl: Improve I/O handling
Factor out common I/O loop as bearssl_run_until, which reads/writes TLS
records until the desired engine state is reached. This is now used for
the handshake, read, write, and close.

Match OpenSSL SSL_write behavior, and don't return the number of bytes
written until the corresponding records have been completely flushed
across the socket. This involves keeping track of the length of data
buffered into the TLS engine, and assumes that when CURLE_AGAIN is
returned, the write function will be called again with the same data
and length arguments. This is the same requirement of SSL_write.

Handle TLS close notify as EOF when reading by returning 0.

Closes https://github.com/curl/curl/pull/4748
2019-12-31 02:43:47 -05:00
Jay Satiro 9434864770 travis: Fix error detection
- Stop using inline shell scripts for before_script and script sections.

Prior to this change Travis could ignore errors from commands in inline
scripts. I don't understand how or why it happens. This is a workaround.

Assisted-by: Simon Warta

Ref: https://github.com/travis-ci/travis-ci/issues/1066

Fixes https://github.com/curl/curl/issues/3730
Closes https://github.com/curl/curl/pull/3755
2019-12-31 02:38:18 -05:00
Jay Satiro 249f7b37e6 tool_operate: fix mem leak when failed config parse
Found by fuzzing the config file.

Reported-by: Geeknik Labs

Fixes https://github.com/curl/curl/issues/4767
2019-12-29 14:18:48 -05:00
Xiang Xiao 060fb84a5a lib: remove erroneous +x file permission on some c files
Modified by commit eb9a604 accidentally.

Closes https://github.com/curl/curl/pull/4756
2019-12-27 22:55:52 -05:00
Xiang Xiao 4b463992e5 lib: fix warnings found when porting to NuttX
- Undefine DEBUGASSERT in curl_setup_once.h in case it was already
  defined as a system macro.

- Don't compile write32_le in curl_endian unless
  CURL_SIZEOF_CURL_OFF_T > 4, since it's only used by Curl_write64_le.

- Include <arpa/inet.h> in socketpair.c.

Closes https://github.com/curl/curl/pull/4756
2019-12-27 22:52:31 -05:00
Jay Satiro 779b415a2a os400: Add missing CURLE error constants
Bug: https://github.com/curl/curl/pull/4754#issuecomment-569126922
Reported-by: Emil Engler
2019-12-26 16:20:11 -05:00
Jay Satiro 97934a2f71 CURLOPT_HEADERFUNCTION.3: Document that size is always 1
For compatibility with `fwrite`, the `CURLOPT_HEADERFUNCTION` callback
is passed two `size_t` parameters which, when multiplied, designate the
number of bytes of data passed in. In practice, CURL always sets the
first parameter (`size`) to 1.

This practice is also enshrined in documentation and cannot be changed
in future. The documentation states that the default callback is
`fwrite`, which means `fwrite` must be a suitable function for this
purpose. However, the documentation also states that the callback must
return the number of *bytes* it successfully handled, whereas ISO C
`fwrite` returns the number of items (each of size `size`) which it
wrote. The only way these numbers can be equal is if `size` is 1.

Since `size` is 1 and can never be changed in future anyway, document
that fact explicitly and let users rely on it.

Reported-by: Frank Gevaerts
Commit-message-by: Christopher Head

Ref: https://github.com/curl/curl/pull/2787

Fixes https://github.com/curl/curl/issues/4758
2019-12-26 02:26:08 -05:00
Jay Satiro 68da0b8b86 examples/postinmemory.c: Call curl_global_cleanup always
Prior to this change curl_global_cleanup was not called if
curl_easy_init failed.

Reported-by: kouzhudong@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4751
2019-12-24 01:06:47 -05:00
Daniel Stenberg 4c2f5d52ba
url2file.c: fix copyright year
Follow-up to 5257872695
2019-12-21 18:18:12 +01:00
Rickard Hallerbäck 5257872695
examples/url2file.c: corrected a comment
The comment was confusing and suggested that setting CURLOPT_NOPROGRESS
to 0L would both enable and disable debug output at the same time, like
a Schrödinger's cat of CURLOPTs.

Closes #4745
2019-12-20 11:05:38 +01:00
Daniel Stenberg a90d763548
HISTORY: OSS-Fuzz started fuzzing libcurl in 2017 2019-12-20 11:04:34 +01:00
Daniel Stenberg 2eb7dc0566
RELEASE-NOTES: synced 2019-12-20 09:02:58 +01:00
Jay Satiro 10121a417d ngtcp2: Support the latest update key callback type
- Remove our cb_update_key in favor of ngtcp2's new
  ngtcp2_crypto_update_key_cb which does the same thing.

Several days ago the ngtcp2_update_key callback function prototype was
changed in ngtcp2/ngtcp2@42ce09c. Though it would be possible to
fix up our cb_update_key for that change they also added
ngtcp2_crypto_update_key_cb which does the same thing so we'll use that
instead.

Ref: https://github.com/ngtcp2/ngtcp2/commit/42ce09c

Closes https://github.com/curl/curl/pull/4735
2019-12-20 00:34:58 -05:00
Daniel Stenberg 25b69c482f
sws: search for "Testno:" header uncondtionally if no testno
Even if the initial request line wasn't found. With the fix to 1455, the
test number is now detected correctly.

(Problem found when running tests in random order.)

Closes #4744
2019-12-19 23:03:33 +01:00
Daniel Stenberg b4c9982382
tests: set LC_ALL in more tests
Follow-up to 23208e330a

Closes #4743
2019-12-19 23:01:14 +01:00
Daniel Stenberg 23208e330a
test165: set LC_ALL=en_US.UTF-8 too
On my current Debian Unstable with libidn2 2.2.0, I get an error if
LC_ALL is set to blank. Then curl errors out with:

curl: (3) Failed to convert www.åäö.se to ACE; could not convert string to UTF-8

Closes #4738
2019-12-19 14:26:26 +01:00
Daniel Stenberg e9685cd75d
curl.h: add two defines for the "pre ISO C" case
Without this fix, this caused a compilation failure on AIX with IBM xlc
13.1.3 compiler.

Reported-by: Ram Krushna Mishra
Fixes #4739
Closes #4740
2019-12-19 13:48:47 +01:00
Daniel Stenberg 8c0807aa16
create_conn: prefer multiplexing to using new connections
... as it would previously prefer new connections rather than
multiplexing in most conditions! The (now removed) code was a leftover
from the Pipelining code that was translated wrongly into a
multiplex-only world.

Reported-by: Kunal Ekawde
Bug: https://curl.haxx.se/mail/lib-2019-12/0060.html
Closes #4732
2019-12-19 09:00:56 +01:00
Daniel Stenberg fba8301338
test1456: remove the use of a fixed local port
Fixup the test to instead not compare the port number. It sometimes
caused problems like this:

"curl: (45) bind failed with errno 98: Address already in use"

Closes #4733
2019-12-19 08:59:10 +01:00
Jay Satiro c1592cc92b CURLOPT_QUOTE.3: fix typos
Prior to this change the EXAMPLE in the QUOTE/PREQUOTE/POSTQUOTE man
pages would not compile because a variable name was incorrect.

Reported-by: Bylon2@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4736
2019-12-18 15:21:58 -05:00
Gisle Vanem ac7b1fb10c strerror: Fix compiler warning "empty expression"
- Remove the final semi-colon in the SEC2TXT() macro definition.

Before:  #define SEC2TXT(sec) case sec: txt = #sec; break;

After:   #define SEC2TXT(sec) case sec: txt = #sec; break

Prior to this change SEC2TXT(foo); would generate break;; which caused
the empty expression warning.

Ref: https://github.com/curl/curl/commit/5b22e1a#r36458547
2019-12-18 14:10:23 -05:00
Daniel Stenberg 23e4d98e7e
curl/parseconfig: use curl_free() to free memory allocated by libcurl
Reported-by: bxac on github
Fixes #4730
Closes #4731
2019-12-18 14:48:41 +01:00
Daniel Stenberg f098c9e6f6
curl/parseconfig: fix mem-leak
When looping, first trying '.curlrc' and then '_curlrc', the function
would not free the first string.

Closes #4731
2019-12-18 14:48:32 +01:00
Daniel Stenberg 14f8b6e69e
CURLOPT_URL.3: "curl supports SMB version 1 (only)"
[skip ci]
2019-12-18 10:14:18 +01:00
Daniel Stenberg 9973dabeb6
test1270: a basic -w redirect_url test
Closes #4728
2019-12-18 08:26:03 +01:00
Daniel Stenberg 4ec4787a10
HISTORY: the SMB(S) support landed in 2014 2019-12-18 08:25:51 +01:00
Daniel Stenberg 0caf1423e5
define: remove HAVE_ENGINE_LOAD_BUILTIN_ENGINES, not used anymore
It is covered by USE_OPENSSL_ENGINE now.

Reported-by: Gisle Vanem
Bug: 87b9337c8f (commitcomment-36447951)

Closes #4725
2019-12-17 07:58:46 +01:00
Daniel Stenberg bdb5b6dd5b
lib: remove ASSIGNWITHINCONDITION exceptions, use our code style
... even for macros

Reviewed-by: Daniel Gustafsson
Reviewed-by: Jay Satiro
Reported-by: Jay Satiro
Fixes #4683
Closes #4722
2019-12-17 07:36:11 +01:00
Daniel Stenberg 7282093458
tests: make sure checksrc runs on header files too 2019-12-16 22:46:48 +01:00