John Schroeder [Tue, 26 Nov 2019 08:16:19 +0000 (09:16 +0100)]
curl: fix --upload-file . hangs if delay in STDIN
Attempt to unpause a busy read in the CURLOPT_XFERINFOFUNCTION.
When uploading from stdin in non-blocking mode, a delay in reading
the stream (EAGAIN) causes curl to pause sending data
(CURL_READFUNC_PAUSE). Prior to this change, a busy read was
detected and unpaused only in the CURLOPT_WRITEFUNCTION handler.
This change performs the same busy read handling in a
CURLOPT_XFERINFOFUNCTION handler.
Fixes #2051
Closes #4599 Reported-by: bdry on github
Gergely Nagy [Sun, 17 Nov 2019 14:12:15 +0000 (15:12 +0100)]
multi: add curl_multi_wakeup()
This commit adds curl_multi_wakeup() which was previously in the TODO
list under the curl_multi_unblock name.
On some platforms and with some configurations this feature might not be
available or can fail, in these cases a new error code
(CURLM_WAKEUP_FAILURE) is returned from curl_multi_wakeup().
Xiaoyin Liu [Sat, 23 Nov 2019 17:29:46 +0000 (01:29 +0800)]
schannel: fix --tls-max for when min is --tlsv1 or default
Prior to this change schannel ignored --tls-max (CURL_SSLVERSION_MAX_
macros) when --tlsv1 (CURL_SSLVERSION_TLSv1) or default TLS
(CURL_SSLVERSION_DEFAULT), using a max of TLS 1.2 always.
Jay Satiro [Sun, 17 Nov 2019 08:08:40 +0000 (03:08 -0500)]
projects: Fix Visual Studio projects SSH builds
- Generate VQUIC and VSSH filenames in Visual Studio project files.
Prior to this change generated Visual Studio project configurations that
enabled SSH did not build properly. Broken since SSH files were moved to
lib/vssh 3 months ago in 5b2d703.
Jay Satiro [Wed, 20 Nov 2019 23:44:18 +0000 (18:44 -0500)]
openssl: Revert to less sensitivity for SYSCALL errors
- Disable the extra sensitivity except in debug builds (--enable-debug).
- Improve SYSCALL error message logic in ossl_send and ossl_recv so that
"No error" / "Success" socket error text isn't shown on SYSCALL error.
Prior to this change 0ab38f5 (precedes 7.67.0) increased the sensitivity
of OpenSSL's SSL_ERROR_SYSCALL error so that abrupt server closures were
also considered errors. For example, a server that does not send a known
protocol termination point (eg HTTP content length or chunked encoding)
_and_ does not send a TLS termination point (close_notify alert) would
cause an error if it closed the connection.
To be clear that behavior made it into release build 7.67.0
unintentionally. Several users have reported it as an issue.
Ultimately the idea is a good one, since it can help prevent against a
truncation attack. Other SSL backends may already behave similarly (such
as Windows native OS SSL Schannel). However much more of our user base
is using OpenSSL and there is a mass of legacy users in that space, so I
think that behavior should be partially reverted and then rolled out
slowly.
This commit changes the behavior so that the increased sensitivity is
disabled in all curl builds except curl debug builds (DEBUGBUILD). If
after a period of time there are no major issues then it can be enabled
in dev and release builds with the newest OpenSSL (1.1.1+), since users
using the newest OpenSSL are the least likely to have legacy problems.
Daniel Stenberg [Thu, 17 Oct 2019 08:05:53 +0000 (10:05 +0200)]
curl: add --parallel-immediate
Starting with this change when doing parallel transfers, without this
option set, curl will prefer to create new transfers multiplexed on an
existing connection rather than creating a brand new one.
--parallel-immediate can be set to tell curl to prefer to use new
connections rather than to wait and try to multiplex.
libcurl-wise, this means that curl will set CURLOPT_PIPEWAIT by default
on parallel transfers.
Jay Satiro [Mon, 18 Nov 2019 23:42:34 +0000 (18:42 -0500)]
projects: Fix Visual Studio wolfSSL configurations
- s/USE_CYASSL/USE_WOLFSSL/
- Remove old compatibility macros.
Follow-up to 1c6c59a from several months ago when CyaSSL named symbols
were renamed to wolfSSL. The wolfSSL library was formerly named CyaSSL
and we kept using their old name for compatibility reasons, until
earlier this year.
Niall [Thu, 14 Nov 2019 19:21:09 +0000 (19:21 +0000)]
doh: improced both encoding and decoding
Improved estimation of expected_len and updated related comments;
increased strictness of QNAME-encoding, adding error detection for empty
labels and names longer than the overall limit; avoided treating DNAME
as unexpected;
updated unit test 1655 with more thorough set of proofs and tests
Jay Satiro [Sat, 9 Nov 2019 23:07:59 +0000 (18:07 -0500)]
strerror: Fix an error looking up some Windows error strings
- Use FORMAT_MESSAGE_IGNORE_INSERTS to ignore format specifiers in
Windows error strings.
Since we are not in control of the error code we don't know what
information may be needed by the error string's format specifiers.
Prior to this change Windows API error strings which contain specifiers
(think specifiers like similar to printf specifiers) would not be shown.
The FormatMessage Windows API call which turns a Windows error code into
a string could fail and set error ERROR_INVALID_PARAMETER if that error
string contained a format specifier. FormatMessage expects a va_list for
the specifiers, unless inserts are ignored in which case no substitution
is attempted.
Daniel Stenberg [Fri, 1 Nov 2019 12:58:27 +0000 (13:58 +0100)]
checksrc: repair the copyrightyear check
- Consider a modified file to be committed this year.
- Make the travis CHECKSRC also do COPYRIGHTYEAR scan in examples and
includes
- Ignore 0 parents when getting latest commit date of file.
since in the CI we're dealing with a truncated repo of last 50 commits,
the file's most recent commit may not be available. when this happens
git log and rev-list show the initial commit (ie first commit not to be
truncated) but that's incorrect so ignore it.
Jay Satiro [Fri, 1 Nov 2019 22:02:59 +0000 (18:02 -0400)]
schannel_verify: Fix concurrent openings of CA file
- Open the CA file using FILE_SHARE_READ mode so that others can read
from it as well.
Prior to this change our schannel code opened the CA file without
sharing which meant concurrent openings (eg an attempt from another
thread or process) would fail during the time it was open without
sharing, which in curl's case would cause error:
"schannel: failed to open CA file".
Bug: https://curl.haxx.se/mail/lib-2019-10/0104.html Reported-by: Richard Alcock
Javier Blazquez [Mon, 28 Oct 2019 00:16:24 +0000 (17:16 -0700)]
HTTP3: fix invalid use of sendto for connected UDP socket
On macOS/BSD, trying to call sendto on a connected UDP socket fails
with a EISCONN error. Because the singleipconnect has already called
connect on the socket when we're trying to use it for QUIC transfers
we need to use plain send instead.
Javier Blazquez [Sun, 27 Oct 2019 22:48:43 +0000 (15:48 -0700)]
HTTP3: fix Windows build
The ngtcp2 QUIC backend was using the MSG_DONTWAIT flag for send/recv
in order to perform nonblocking operations. On Windows this flag does
not exist. Instead, the socket must be set to nonblocking mode via
ioctlsocket.
This change sets the nonblocking flag on UDP sockets used for QUIC on
all platforms so the use of MSG_DONTWAIT is not needed.
appveyor: Use two parallel compilation on appveyor with CMake
Appveyor provides 2 CPUs for each builder[1], make sure to use parallel
compilation, when running with CMake. CMake learned this new option in
version 3.12[2] and the version provided by appveyor is fresh enough.
Curl doesn't really take that long to build and it is using the slowest
builder available, msbuild, so expect only a moderate improvement in
build times.
Marcel Raad [Fri, 18 Oct 2019 21:22:04 +0000 (23:22 +0200)]
runtests: get textaware info from curl instead of perl
The MSYS system on Windows can run the test suite for curl built with
any toolset. When built with the MSYS GCC, curl uses Unix line endings,
while it uses Windows line endings when built with the MinGW GCC, and
`^O` reports 'msys' in both cases. Use the curl executable itself to
determine the line endings instead, which reports 'x86_64-pc-msys' when
built with the MSYS GCC.
With the `isdigit` implementation that comes with MSYS2, the argument
is used as an array subscript, resulting in a -Wchar-subscripts
warning. `isdigit`'s behavior is undefined if the argument is negative
and not EOF [0]. As done in lib/curl_ctype.h, cast the `char` variable
to `unsigned char` to avoid that.
Daniel Stenberg [Thu, 17 Oct 2019 21:47:10 +0000 (23:47 +0200)]
configure: remove all cyassl references
In particular, this removes the case where configure would find an old
cyall installation rather than a wolfssl one if present. The library is
named wolfssl in modern days so there's no real need to keep support for
the former.
Jay Satiro [Tue, 15 Oct 2019 19:12:31 +0000 (15:12 -0400)]
CURLOPT_TIMEOUT.3: Clarify transfer timeout time includes queue time
Prior to this change some users did not understand that the "request"
starts when the handle is added to the multi handle, or probably they
did not understand that some of those transfers may be queued and that
time is included in timeout.
Daniel Stenberg [Wed, 16 Oct 2019 07:57:33 +0000 (09:57 +0200)]
url: normalize CURLINFO_EFFECTIVE_URL
The URL extracted with CURLINFO_EFFECTIVE_URL was returned as given as
input in most cases, which made it not get a scheme prefixed like before
if the URL was given without one, and it didn't remove dotdot sequences
etc.
Added test case 1907 to verify that this now works as intended and as
before 7.62.0.
Marcel Raad [Sun, 13 Oct 2019 17:14:39 +0000 (19:14 +0200)]
security: silence conversion warning
With MinGW-w64, `curl_socket_t` is is a 32 or 64 bit unsigned integer,
while `read` expects a 32 bit signed integer.
Use `sread` instead of `read` to use the correct parameter type.
projects / thirdparty / curl.git / log
