Jay Satiro [Tue, 3 Mar 2020 05:25:44 +0000 (00:25 -0500)]
cmake: Show HTTPS-proxy in the features output
- Show HTTPS-proxy in the features output for those backends that
support it: OpenSSL, GnuTLS and NSS.
Prior to this change HTTPS-proxy was missing from the cmake features
output even if curl was built with it. Only cmake output was affected.
Both the library and tool correctly reported the feature.
Bug: https://curl.haxx.se/mail/lib-2020-03/0008.html Reported-by: David Lopes
Closes https://github.com/curl/curl/pull/5025
Steve Holme [Mon, 2 Mar 2020 01:51:49 +0000 (01:51 +0000)]
configure.ac: Disable metalink if mbedTLS is specified
Follow up to cdcc9df1 and #5006. Even though I mentioned mbedTLS as
being one of the backends that metalink needs to be disabled for, I
seem to have included it in the list of allowed SSL/TLS backends in
comnfigure.ac :(
Jay Satiro [Mon, 2 Mar 2020 07:59:40 +0000 (02:59 -0500)]
curl_getenv.3: Fix the memory handling description
- Tell the user to call curl_free() to free the pointer returned by
curl_getenv().
Prior to this change the user was directed to call free(), but that
would not work in cases where the library and application use separate C
runtimes and therefore have separate heap memory management.
Daniel Stenberg [Sat, 29 Feb 2020 11:00:18 +0000 (12:00 +0100)]
http: mark POSTs with no body as "upload done" from the start
As we have logic that checks if we get a >= 400 reponse code back before
the upload is done, which then got confused since it wasn't "done" but
yet there was no data to send!
Reported-by: IvanoG on github
Fixes #4996
Closes #5002
Patrick Monnerat [Wed, 29 Jan 2020 04:28:26 +0000 (05:28 +0100)]
mime: do not perform more than one read in a row
Input buffer filling may delay the data sending if data reads are slow.
To overcome this problem, file and callback data reads do not accumulate
in buffer anymore. All other data (memory data and mime framing) are
considered as fast and still concatenated in buffer.
As this may highly impact performance in terms of data overhead, an early
end of part data check is added to spare a read call.
When encoding a part's data, an encoder may require more bytes than made
available by a single read. In this case, the above rule does not apply
and reads are performed until the encoder is able to deliver some data.
Tests 643, 644, 645, 650 and 654 have been adapted to the output data
changes, with test data size reduced to avoid the boredom of long lists of
1-byte chunks in verification data.
New test 664 checks mimepost using single-byte read callback with encoder.
New test 665 checks the end of part data early detection.
Patrick Monnerat [Tue, 21 Jan 2020 00:33:04 +0000 (01:33 +0100)]
mime: latch last read callback status.
In case a read callback returns a status (pause, abort, eof,
error) instead of a byte count, drain the bytes read so far but
remember this status for further processing.
Takes care of not losing data when pausing, and properly resume a
paused mime structure when requested.
New tests 670-673 check unpausing cases, with easy or multi
interface and mime or form api.
Fixes #4813 Reported-by: MrdUkk on github
Closes #4833
Steve Holme [Sat, 29 Feb 2020 21:44:10 +0000 (21:44 +0000)]
configure.ac: Disable metalink support if an incompatible SSL/TLS specified
tool_metalink only supports cryptography from OpenSSL, GnuTLS, NSS,
The Win32 Crypto library and Apple's Common Crypto library.
If an TLS backend such as mbedTLS or WolfSSL is specified then the
following error is given during compilation along, with a load of
unresolved extern errors:
Can't compile METALINK support without a crypto library.
- FindLibSSH2:
- pass version to FPHSA to show it in the output
- use LIBSSH2_VERSION define to extract the version number in
one shot. This variable exists in the header for 10 years.
- remove unneeded code
- FindNGHTTP2.cmake:
- drop needless FPHSA argument
- mark found variables as advanced
- FindNSS.cmake:
- show version number
- FindCARES.cmake:
- drop default paths
- use FPHSA instead of checking things by hand
- remove needless explict variable dereference
- simplify count_true()
- allow all policies up to version 3.16 to be set to NEW
- do not rerun check for -Wstrict-aliasing=3 every time
In contrast to every other compiler flag this has a = in it, which CMake
can't have in a variable name.
- only read the interesting strings from curlver.h
Reviewed-by: Peter Wu
Closes https://github.com/curl/curl/pull/4975
Jay Satiro [Sat, 29 Feb 2020 08:11:06 +0000 (03:11 -0500)]
runtests: fix output to command log
- Record only the command of the most recently ran test in the command
log.
This is a follow-up to 02988b7 from several weeks ago which fixed
writing to the command log, however it saved all commands for all tests
instead of just the most recently ran test as we would now expect.
Daniel Stenberg [Thu, 27 Feb 2020 10:06:14 +0000 (11:06 +0100)]
Curl_is_ASCII_name: handle a NULL argument
Make the function tolerate a NULL pointer input to avoid dereferencing
that pointer.
Follow-up to efce3ea5a85126d
Detected by OSS-Fuzz Reviewed-By: Steve Holme
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20907
Fixes #4985
Closes #4986
Daniel Stenberg [Thu, 27 Feb 2020 08:42:11 +0000 (09:42 +0100)]
http2: make pausing/unpausing set/clear local stream window
This reduces the HTTP/2 window size to 32 MB since libcurl might have to
buffer up to this amount of data in memory and yet we don't want it set
lower to potentially impact tranfer performance on high speed networks.
Requires nghttp2 commit b3f85e2daa629
(https://github.com/nghttp2/nghttp2/pull/1444) to work properly, to end
up in the next release after 1.40.0.
Previously, it was not possible to get a known hosts file entry due to
the lack of an API. ssh_session_get_known_hosts_entry(), introduced in
libssh-0.9.0, allows libcurl to obtain such information and behave the
same as when compiled with libssh2.
This also tries to avoid the usage of deprecated functions when the
replacements are available. The behaviour will not change if versions
older than libssh-0.8.0 are used.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Fixes #4953
Closes #4962
Steve Holme [Sun, 23 Feb 2020 08:20:32 +0000 (08:20 +0000)]
tests: Automatically deduce the tool name from the test case for unit tests
It is still possible to override the executable to run during the test,
using the <tool> tag, but this patch removes the requirement that the
tag must be present for unit tests.
It also removes the possibility of human error when existing test cases
are used as the basis for new tests, as recently witnessed in 81c37124.
Daniel Stenberg [Wed, 26 Feb 2020 21:48:09 +0000 (22:48 +0100)]
http: added 417 response treatment
When doing a request with a body + Expect: 100-continue and the server
responds with a 417, the same request will be retried immediately
without the Expect: header.
Added test 357 to verify.
Also added a control instruction to tell the sws test server to not read
the request body if Expect: is present, which the new test 357 uses.
Reported-by: bramus on github
Fixes #4949
Closes #4964
Steve Holme [Thu, 13 Feb 2020 22:39:28 +0000 (22:39 +0000)]
smtp: Support the SMTPUTF8 extension in the RCPT TO command
Note: The RCPT TO command isn't required to advertise to the server that
it contains UTF-8 characters, instead the server is told that a mail may
contain UTF-8 in any envelope command via the MAIL command.
Steve Holme [Thu, 13 Feb 2020 20:59:36 +0000 (20:59 +0000)]
smtp: Support the SMTPUTF8 extension in the MAIL command
Support the SMTPUTF8 extension when sending mailbox information in the
MAIL command (FROM and AUTH parameters). Non-ASCII domain names will
be ACE encoded, if IDN is supported, whilst non-ASCII characters in
the local address part are passed to the server.
Steve Holme [Mon, 10 Feb 2020 20:50:50 +0000 (20:50 +0000)]
ftpserver: Corrected the e-mail address regex in MAIL_smtp() and RCTP_smtp()
The dot character between the host and the tld was not being escaped,
which meant it specified a match of 'any' character rather than an
explicit dot separator.
Additionally removed the dot character from the host name as it allowed
the following to be specified as a valid address in our test cases:
I can't remember whether my intention was to allow sub-domains to be
specified in the host or not with these additional dots, but by placing
it outside of the host means it can only be specified once per domain
and by placing a + after the new grouping support for sub-domains is
kept.
Steve Holme [Thu, 20 Feb 2020 18:55:55 +0000 (18:55 +0000)]
md4: Fixed compilation issues when using GNU TLS gcrypt
* Don't include 'struct' in the gcrypt MD4_CTX typedef
* The call to gcry_md_read() should use a dereferenced ctx
* The call to gcry_md_close() should use a dereferenced ctx
Additional minor whitespace issue in the USE_WIN32_CRYPTO code.
jethrogb [Thu, 20 Feb 2020 19:36:25 +0000 (20:36 +0100)]
GnuTLS: Always send client cert
TLS servers may request a certificate from the client. This request
includes a list of 0 or more acceptable issuer DNs. The client may use
this list to determine which certificate to send. GnuTLS's default
behavior is to not send a client certificate if there is no
match. However, OpenSSL's default behavior is to send the configured
certificate. The `GNUTLS_FORCE_CLIENT_CERT` flag mimics OpenSSL
behavior.
Authored-by: jethrogb on github
Fixes #1411
Closes #4958
Daniel Stenberg [Tue, 18 Feb 2020 13:23:04 +0000 (14:23 +0100)]
HTTP-COOKIES: mention that a trailing newline is required
... so that we know we got the whole and not a partial line.
Also, changed the formatting of the fields away from a table again since
the table format requires a github-markdown tool version that we don't
run on the web server atm.
projects / thirdparty / curl.git / log
