Gregor Jasny [Mon, 31 May 2021 19:36:37 +0000 (21:36 +0200)]
cmake: try well-known send/recv signature for Apple
The CMake `try_compile` command is especially slow for
the Xcode generator. With this patch applied it first tests
for the currently used (and Open Group specified) send/recv
signature. In case this fails testing falls-back to the
permutations.
speed-up:
```
time cmake .. -GNinja -DCMAKE_USE_SECTRANSP=ON -DHTTP_ONLY=ON -DCMAKE_USE_LIBSSH2=OFF
before: 11.64s user 11.09s system 55% cpu 40.754 total
after: 7.84s user 6.57s system 51% cpu 28.074 total
```
```
time cmake .. -GXcode -DCMAKE_USE_SECTRANSP=ON -DHTTP_ONLY=ON -DCMAKE_USE_LIBSSH2=OFF
before: 217.07s user 104.15s system 60% cpu 8:51.79 total
after: 108.76s user 51.80s system 58% cpu 4:32.58 total
```
Daniel Stenberg [Mon, 31 May 2021 06:33:44 +0000 (08:33 +0200)]
hostip: make 'localhost' return fixed values
Resolving the case insensitive host name 'localhost' now returns the
addresses 127.0.0.1 and (if IPv6 is enabled) ::1 without using any
resolver.
This removes the risk that users accidentally resolves 'localhost' to
something else. By making sure 'localhost' is always local, we can
assume a "secure context" for such transfers (for cookies etc).
Daniel Stenberg [Fri, 28 May 2021 21:46:03 +0000 (23:46 +0200)]
test178: adjust for hyper
Hyper returns the same error for wrong HTTP version as for negative
content-length. Test 178 verifies that negative content-length is
rejected but the hyper backend will return a different error for it (and
without any helpful message telling why the message was bad). It will
also not return any headers at all for the response, not even the ones
that arrived before the error.
Douglas R. Reno [Thu, 27 May 2021 17:22:42 +0000 (12:22 -0500)]
INSTALL: use correct extension for CURL-DISABLE.md
In INSTALL.MD, it's currently set to CURL-DISABLE-md instead of
CURL-DISABLE.md. This generates a 404 on the cURL website as well as
when viewing the docs through Github.
Joel Depooter [Thu, 27 May 2021 01:33:34 +0000 (18:33 -0700)]
schannel: set ALPN length correctly for HTTP/2
In a3268eca792f1 this code was changed to use the ALPN_H2 constant
instead of the NGHTTP2_PROTO_ALPN constant. However, these constants are
not the same. The nghttp2 constant included the length of the string,
like this: "\x2h2". The ALPN_H2 constant is just "h2". Therefore we need
to re-add the length of the string to the ALPN buffer.
ejanchivdorj [Tue, 25 May 2021 06:38:17 +0000 (23:38 -0700)]
sectransp: fix EXC_BAD_ACCESS caused by uninitialized buffer
When the SecCertificateCopyCommonName function fails, it leaves
common_name in a invalid state so CFStringCompare uses the invalid
result, causing EXC_BAD_ACCESS.
The fix is to check the return value of the function before using the
name.
Paweł Wegner [Fri, 14 May 2021 10:36:12 +0000 (12:36 +0200)]
CMake: add CURL_ENABLE_EXPORT_TARGET option
install(EXPORT ...) causes trouble when embedding curl dependencies
which don't provide install(EXPORT ...) targets (e.g libressl and
nghttp2) with cmake's add_subdirectory.
CURLOPT_IPRESOLVE: preventing wrong IP version from being used
In some situations, it was possible that a transfer was setup to
use an specific IP version, but due do DNS caching or connection
reuse, it ended up using a different IP version from requested.
This commit changes the effect of CURLOPT_IPRESOLVE from simply
restricting address resolution to preventing the wrong connection
type being used, when choosing a connection from the pool, and
to restricting what addresses could be used when establishing
a new connection.
It is important that all addresses versions are resolved, even if
not used in that transfer in particular, because the result is
cached, and could be useful for a different transfer with a
different CURLOPT_IPRESOLVE setting.
Oliver Urbann [Thu, 20 May 2021 08:34:43 +0000 (10:34 +0200)]
AmigaOS: add functions definitions for SHA256
AmiSSL replaces many functions with macros. Curl requires pointer
to some of these functions. Thus, we have to encapsulate these macros:
SHA256_Init, SHA256_Update, SHA256_Final, X509_INFO_free.
Bug: https://github.com/jens-maus/amissl/issues/15 Co-authored-by: Daniel Stenberg <daniel@haxx.se>
Closes #7099
Daniel Stenberg [Tue, 18 May 2021 07:55:02 +0000 (09:55 +0200)]
curl-wolfssl.m4: without custom include path, assume /usr/include
... so that we can point out the root of the OpenSSL emulation headers.
Previously this used the '$includedir' variable which is wrong since
that defaults to the dir where the current configure invoke will install
the built libcurl headers: /usr/local by default.
Fixes #7085 Reported-by: Joel Jakobsson
Closes #7087
Joel Depooter [Fri, 14 May 2021 21:44:07 +0000 (14:44 -0700)]
data_pending: check only SECONDARY socket for FTP(S) transfers
Check the FIRST for all other protocols.
This fixes a timeout in an ftps download. The server sends a TLS
close_notify message in the same packet as the file data. The
close_notify seems to not be handled in the schannel_recv function, so
libcurl is not aware that the server has closed the connection. Thus
libcurl ends up waiting for action on the socket until a timeout is
reached. With the secondary socket check added to the data_pending
function, the close_notify is properly handled, and the ftps transfer
terminates as expected.
Daniel Stenberg [Mon, 17 May 2021 06:54:00 +0000 (08:54 +0200)]
conn: add 'attach' to protocol handler, make libssh2 use it
The libssh2 backend has SSH session associated with the connection but
the callback context is the easy handle, so when a connection gets
attached to a transfer, the protocol handler now allows for a custom
function to get used to set things up correctly.
Reported-by: Michael O'Farrell
Fixes #6898
Closes #7078
Marc Hoersken [Sat, 15 May 2021 18:54:57 +0000 (20:54 +0200)]
CI/cirrus: add shared and static Windows release builds
Azure Pipelines is currently being used for debug builds,
let's also run some non-debug (release) Windows builds and
make use of previously underutilized Cirrus CI for that.
Some of the time, we get a HYPER_TASK_EMPTY response before the status
line, headers, and body have been read. Previously, that would cause us
to poll again, leading to a 1 second timeout.
The HYPER_TASK_EMPTY docs say:
The value of this task is null (does not imply an error).
So, if we receive a HYPER_TASK_EMPTY, continue on with processing the
response.
Joel Depooter [Wed, 12 May 2021 02:45:59 +0000 (19:45 -0700)]
schannel: Ensure the security context request flags are always set
As of commit 54e7475, these flags would only be set when using a new
credential handle. When re-using an existing credential handle, the
flags would not be set.
Daniel Stenberg [Tue, 11 May 2021 07:49:31 +0000 (09:49 +0200)]
hostip: remove the debug code for LocalHost
The Curl_resolv() had special code (when built in debug mode) for when
resolving the host name "LocalHost" (using that exact casing). It would
then get the host name from the --interface option instead.
This development-only feature was not used by anything (anymore) and we
have the --resolve feature if we want to play similar tricks properly
going forward.
Writing the cookie file has multiple error conditions, and was using an
int with magic numbers to report the different error (which in turn were
disregarded anyways). This moves reporting to use a CURLcode value.
Lightly-touched-by: Daniel Stenberg
Closes #7037
Closes #6749
strstore() is defined as a strdup which ensures to free the target
pointer before duping the source char * into it. Make use of it in
two more cases where it can simplify the code.
Comments in the cookie code were a bit all over the place in terms of
style and wording. This takes a stab at cleaning them up by keeping to
a single style and overall shape. Some comments are moved a little and
some removed alltogether due to being redundant. No functional changes
have been made,
Peng-Yu Chen [Mon, 10 May 2021 22:05:36 +0000 (23:05 +0100)]
http2: skip immediate parsing of payload following protocol switch
This is considered not harmful as a following http2_recv shall be
called very soon.
This is considered helpful in the specific situation where some
servers (e.g. nghttpx v1.43.0) may fulfill stream 1 immediately
following the return of HTTP status 101, other than waiting for
the client-side connection preface to arrive.
Daniel Stenberg [Sat, 8 May 2021 09:10:22 +0000 (11:10 +0200)]
travis: disable the libssh build
It can't run on focal and causes warnings on bionic. Since the focal
failure started rather suddenly a while ago, we can suspect it might be
temporary.
Added "bring back the build" to the TODO document.
Peng-Yu Chen [Fri, 7 May 2021 23:35:45 +0000 (00:35 +0100)]
http: use calculated offsets inst of integer literals for header parsing
Assumed to be a minor coding style improvement with no behavior change.
A modern compiler is expected to have the calculation optimized during
compilation. It may be deemed okay even if that's not the case, since
the added overhead is considered very low.
projects / thirdparty / curl.git / log
