Daniel Stenberg [Fri, 22 Oct 2021 10:34:34 +0000 (12:34 +0200)]
openssl: if verifypeer is not requested, skip the CA loading
It was previously done mostly to show a match/non-match in the verbose
output even when verification was not asked for. This change skips the
loading of the CA certs unless verifypeer is set to save memory and CPU.
Jay Satiro [Tue, 19 Oct 2021 19:37:19 +0000 (15:37 -0400)]
URL-SYNTAX: add IMAP UID SEARCH example
- Explain the difference between IMAP search via URL (which returns
message sequence numbers) and IMAP search via custom request (which
can return UID numbers if prefixed with UID, eg "UID SEARCH ...").
The code for sending DoH requests with GET was never enabled in a way
such that it could be used or tested. As there haven't been requests
for this feature, and since it at this is effectively dead, remove it
and favor reimplementing the feature in case anyone is interested.
Closes #7870 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Daniel Stenberg [Sat, 16 Oct 2021 11:50:25 +0000 (13:50 +0200)]
checksrc: ignore preprocessor lines
In order to check the actual code better, checksrc now ignores
everything that look like preprocessor instructions. It also means
that code in macros are now longer checked.
Note that some rules then still don't need to be followed when code is
exactly below a cpp instruction.
Removes two checksrc exceptions we needed previously because of
preprocessor lines being checked.
Daniel Stenberg [Fri, 15 Oct 2021 14:29:52 +0000 (16:29 +0200)]
urlapi: skip a strlen(), pass in zero
... to let curl_easy_escape() itself do the strlen. This avoids a (false
positive) Coverity warning and it avoids us having to store the strlen()
return value in an int variable.
Jay Satiro [Fri, 1 Oct 2021 17:57:23 +0000 (13:57 -0400)]
http: set content length earlier
- Make content length (ie download size) accessible to the user in the
header callback, but only after all headers have been processed (ie
only in the final call to the header callback).
Background:
For a long time the content length could be retrieved in the header
callback via CURLINFO_CONTENT_LENGTH_DOWNLOAD_T as soon as it was parsed
by curl.
Changes were made in 8a16e54 (precedes 7.79.0) to ignore content length
if any transfer encoding is used. A side effect of that was that
content length was not set by libcurl until after the header callback
was called the final time, because until all headers are processed it
cannot be determined if content length is valid.
This change keeps the same intention --all headers must be processed--
but now the content length is available before the final call to the
header function that indicates all headers have been processed (ie
a blank header).
Daniel Stenberg [Tue, 12 Oct 2021 14:05:13 +0000 (16:05 +0200)]
tests: disable test 2043
It uses revoked.badssl.com which now is expired and therefor this now
permafails. We should not use external sites for tests, this test should
be converted to use our own infra.
Daniel Stenberg [Fri, 8 Oct 2021 18:12:26 +0000 (20:12 +0200)]
urlapi: URL decode percent-encoded host names
The host name is stored decoded and can be encoded when used to extract
the full URL. By default when extracting the URL, the host name will not
be URL encoded to work as similar as possible as before. When not URL
encoding the host name, the '%' character will however still be encoded.
Getting the URL with the CURLU_URLENCODE flag set will percent encode
the host name part.
As a bonus, setting the host name part with curl_url_set() no longer
accepts a name that contains space, CR or LF.
Test 1560 has been extended to verify percent encodings.
curl-openssl.m4: modify library order for openssl linking
lcrypto may depend on lz, and configure corrently fails with when
statically linking as the order is "-lz -lcrypto". This commit switches
the order to "-lcrypto -lz".
Jay Satiro [Mon, 4 Oct 2021 19:52:01 +0000 (15:52 -0400)]
version_win32: use actual version instead of manifested version
- Use RtlVerifyVersionInfo instead of VerifyVersionInfo, when possible.
Later versions of Windows have normal version functions that compare and
return versions based on the way the application is manifested, instead
of the actual version of Windows the application is running on. We
prefer the actual version of Windows so we'll now call the Rtl variant
of version functions (RtlVerifyVersionInfo) which does a proper
comparison of the actual version.
Hayden Roche [Fri, 1 Oct 2021 23:06:55 +0000 (16:06 -0700)]
wolfssl: use for SHA256, MD4, MD5, and setting DES odd parity
Prior to this commit, OpenSSL could be used for all these functions, but
not wolfSSL. This commit makes it so wolfSSL will be used if USE_WOLFSSL
is defined.
Daniel Stenberg [Tue, 28 Sep 2021 15:36:09 +0000 (17:36 +0200)]
tool_listhelp: easier to generate with gen.pl
tool_listhelp.c is now a separate file with only the command line --help
output, exactly as generated by gen.pl. This makes it easier to generate
updates according to what's in the docs/cmdline-opts docs.
cd $srcroot/docs/cmdline-opts
./gen.pl listhelp *.d > $srcroot/src/tool_listhelp.c
hostip: Move allocation to clarify there is no memleak
By just glancing at the code, it looks like there is a memleak if the
call to Curl_inet_pton() fails. Looking closer, it is clear that the
call to Curl_inet_pton() can not fail, so the code will never leak
memory. However, we can make this obvious by moving the allocation
after the if-statement.
Commit b5a434f7f0ee4d64857f8592eced5b9007d83620 inhibits the warning
on implicit fallthrough cases, since the current coding of indicating
fallthrough with comments is falling out of fashion with new compilers.
This attempts to make the issue smaller by rewriting fallthroughs to no
longer fallthrough, via either breaking the cases or turning switch
statements into if statements.
lib/content_encoding.c: the fallthrough codepath is simply copied
into the case as it's a single line.
lib/http_ntlm.c: the fallthrough case skips a state in the state-
machine and fast-forwards to NTLMSTATE_LAST. Do this before the
switch statement instead to set up the states that we actually
want.
lib/http_proxy.c: the fallthrough is just falling into exiting the
switch statement which can be done easily enough in the case.
lib/mime.c: switch statement rewritten as if statement.
lib/pop3.c: the fallthrough case skips to the next state in the
statemachine, do this explicitly instead.
lib/urlapi.c: switch statement rewritten as if statement.
lib/vssh/wolfssh.c: the fallthrough cases fast-forwards the state
machine, do this by running another iteration of the switch
statement instead.
lib/vtls/gtls.c: switch statement rewritten as if statement.
lib/vtls/nss.c: the fallthrough codepath is simply copied into the
case as it's a single line. Also twiddle a comment to not be
inside a non-brace if statement.
Closes: #7322
See-also: #7295 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Daniel Stenberg [Tue, 28 Sep 2021 09:50:07 +0000 (11:50 +0200)]
cmdline-opts: made the 'Added:' field mandatory
Since "too old" versions are no longer included in the generated man
page, this field is now mandatory so that it won't be forgotten and then
not included in the documentation.
Daniel Stenberg [Tue, 28 Sep 2021 08:30:59 +0000 (10:30 +0200)]
curl.1: remove mentions of really old version changes
To make the man page more readable, this change removes all references
to changes in support/versions etc that happened before 7.30.0 from the
curl.1 output file. 7.30.0 was released on Apr 12 2013. This particular
limit is a bit arbitrary but was fairly easy to grep for.
It is handled like this: the 'Added' keyword is only used in output if
it refers to 7.30.0 or later. All occurances of "(Added in $VERSION)" in
description will be stripped out if the mentioned $VERSION is from
before 7.30.0. It is therefore important that the "Added in..."
references are always written exactly like that - and on a single line,
not split over two.
This change removes about 80 version number references from curl.1, down
to 138 from 218.
projects / thirdparty / curl.git / log
