Daniel Stenberg [Fri, 13 Jun 2014 22:11:01 +0000 (00:11 +0200)]
http2: better return code error checking
Lindley French [Thu, 12 Jun 2014 18:36:41 +0000 (11:36 -0700)]
conncache: move the connection counter to the cache struct
The static connection counter caused a race condition. Moving the
connection id counter into conncache solves it, as well as simplifying
the related logic.
Daniel Stenberg [Thu, 12 Jun 2014 21:38:09 +0000 (23:38 +0200)]
http2: avoid segfault when usint the plain-text http2
This regression was introduced when *init was split into *init and
*setup...
Steve Holme [Wed, 11 Jun 2014 21:59:14 +0000 (22:59 +0100)]
RELEASE-NOTES: Synced with
3aa1329e0a
Daniel Stenberg [Wed, 11 Jun 2014 21:32:10 +0000 (23:32 +0200)]
curl_sasl: revert the goto for error bailout
They were added because of an older code path that used allocations and
should not have been left in the code. With this change the logic goes
back to how it was.
Daniel Stenberg [Thu, 20 Mar 2014 10:17:40 +0000 (11:17 +0100)]
NTLM: set a fake entropy for debug builds with CURL_ENTROPY set
Curl_rand() will return a dummy and repatable random value for this
case. Makes it possible to write test cases that verify output.
Also, fake timestamp with CURL_FORCETIME set.
Only when built debug enabled of course.
Curl_ssl_random() was not used anymore so it has been
removed. Curl_rand() is enough.
create_digest_md5_message: generate base64 instead of hex string
curl_sasl: also fix memory leaks in some OOM situations
Steve Holme [Wed, 11 Jun 2014 17:12:48 +0000 (18:12 +0100)]
tests: Disabled NTLM tests for non-debug builds
Added required "debug" feature, missed in commit
1c9aaa0bac, as NTLMv2
calls Curl_rand() which can only be fixed to a specific entropy in
debug builds.
Steve Holme [Sun, 8 Jun 2014 19:33:29 +0000 (20:33 +0100)]
Curl_rand: Use a fake entropy for debug builds when CURL_ENTROPY set
Marcel Raad [Tue, 10 Jun 2014 20:44:51 +0000 (22:44 +0200)]
getinfo: HTTP CONNECT code not reset between transfers
httpproxycode is not reset in Curl_initinfo, so a 407 is not reset even
if curl_easy_reset is called between transfers.
Bug: http://curl.haxx.se/bug/view.cgi?id=1380
Alessandro Ghedini [Sun, 8 Jun 2014 16:59:48 +0000 (18:59 +0200)]
transfer: fix info messages when switching method on 301 and 302
The method change is forbidden by the obsolete RFC2616, but libcurl did
it anyway for compatibility reasons. The new RFC7231 allows this
behaviour so there's no need for the scary "Violate RFC 2616/10.3.x"
notice. Also update the comments accordingly.
Steve Holme [Fri, 6 Jun 2014 13:09:59 +0000 (14:09 +0100)]
winbuild: Don't USE_WINSSL when WITH_SSL is being used
Regression of commit
d39bbcfa8d when compiling against OpenSSL.
Steve Holme [Thu, 5 Jun 2014 23:01:11 +0000 (00:01 +0100)]
RELEASE-NOTES: Synced with
99303bcde5
Steve Holme [Thu, 5 Jun 2014 22:44:37 +0000 (23:44 +0100)]
build: Fixed Visual Studio static OpenSSL builds following commit
c50ce85918
Steve Holme [Thu, 5 Jun 2014 22:19:00 +0000 (23:19 +0100)]
winbuild: Fixed static OpenSSL builds following commit
c50ce85918
Steve Holme [Thu, 5 Jun 2014 07:10:54 +0000 (09:10 +0200)]
config-win32.h: Updated for VC12
Bug: http://curl.haxx.se/bug/view.cgi?id=1378
Reported and Patched-by: Marcel Raad
Daniel Stenberg [Wed, 4 Jun 2014 18:21:02 +0000 (18:21 +0000)]
KNOWN_BUGS: #83 was addressed with commit
c50ce859187ca
Daniel Stenberg [Tue, 3 Jun 2014 16:08:20 +0000 (18:08 +0200)]
Curl_ossl_init: call OPENSSL_config for initing engines
Bug: http://curl.haxx.se/mail/lib-2014-06/0003.html
Reported-by: Дмитрий Фалько
Daniel Stenberg [Tue, 3 Jun 2014 16:25:48 +0000 (18:25 +0200)]
random: use Curl_rand() for proper random data
The SASL/Digest previously used the current time's seconds +
microseconds to add randomness but it is much better to instead get more
data from Curl_rand().
It will also allow us to easier "fake" that for debug builds on demand
in a future.
Steve Holme [Mon, 2 Jun 2014 22:09:42 +0000 (23:09 +0100)]
curl_sasl: Fixed copy/paste error of now.tv_sec in commit
eefeb73af4
Daniel Stenberg [Mon, 2 Jun 2014 09:41:41 +0000 (11:41 +0200)]
RELEASE-NOTES: synced with
d603ed67535
Daniel Stenberg [Sun, 1 Jun 2014 17:59:17 +0000 (19:59 +0200)]
KNOWN_BUGS: #30 was fixed in
0bc4938eeccce, 7.37.0
Steve Holme [Sun, 1 Jun 2014 11:26:09 +0000 (12:26 +0100)]
curl_sasl: Fixed compilation warning under DEBUGBUILD
Steve Holme [Sun, 1 Jun 2014 11:16:58 +0000 (12:16 +0100)]
tests: Fixed up DIGEST-MD5 tests following commit
eefeb73af4
Steve Holme [Sun, 1 Jun 2014 10:11:08 +0000 (11:11 +0100)]
curl_sasl: Extended native DIGEST-MD5 cnonce to be a 32-byte hex string
Rather than use a short 8-byte hex string, extended the cnonce to be
32-bytes long, like Windows SSPI does.
Used a combination of random data as well as the current date and
time for the generation.
Steve Holme [Sun, 1 Jun 2014 09:35:48 +0000 (10:35 +0100)]
curl_sasl_sspi: Fixed corrupt hostname in DIGEST-MD5 SPN generation
Dan Fandrich [Thu, 29 May 2014 07:24:12 +0000 (09:24 +0200)]
tests: Fix portability issue with the tftpd server and timeouts
gcc spit out warning: variable 'x' might be clobbered by 'longjmp' or
'vfork' messages for a few variables. These automatic variables were
expected to be changed between a setjmp/longjmp and hold their values,
so are now marked volatile.
Steve Holme [Wed, 28 May 2014 21:58:17 +0000 (22:58 +0100)]
RELEASE-NOTES: Synced with
2a615a2b64
Steve Holme [Wed, 28 May 2014 21:12:44 +0000 (22:12 +0100)]
build: Use $(TargetDir) and $(TargetName) macros for VC .lib output files
As with commit
11397eb6dd, use $(TargetDir) and $(TargetName) for the
Import Library output rather than $(OutDir)\$(ProjectName)d.lib and
$(OutDir)\$(ProjectName).lib.
Steve Holme [Wed, 28 May 2014 20:46:57 +0000 (21:46 +0100)]
build: Use $(TargetDir) and $(TargetName) macros for VC .pdb output files
Like with the curl tool project files use $(TargetDir)$(TargetName).pdb
rather than $(OutDir)$(ProjectName)d.pdb for the Program Database File
output.
Daniel Stenberg [Tue, 27 May 2014 22:30:23 +0000 (00:30 +0200)]
gnutls: allow building with nghttp2 but without ALPN support
It might not be the most useful combo, but...
Alessandro Ghedini [Tue, 29 Apr 2014 12:13:52 +0000 (14:13 +0200)]
gnutls: don't use deprecated type names anymore
Brad Spencer [Tue, 27 May 2014 21:58:28 +0000 (23:58 +0200)]
select: with winsock, avoid passing unsupported arguments to select()
"Any two of the parameters, readfds, writefds, or exceptfds, can be
given as null. At least one must be non-null, and any non-null
descriptor set must contain at least one handle to a socket."
http://msdn.microsoft.com/en-ca/library/windows/desktop/ms740141(v=vs.85).aspx
When using select(), cURL doesn't adhere to this (WinSock-specific)
rule, and can ask to monitor empty fd_sets, which leads to select()
returning WSAEINVAL (i.e. EINVAL) and connections failing in mysterious
ways as a result (at least when using the curl_multi_socket_action()
interface).
Bug: http://curl.haxx.se/mail/lib-2014-05/0278.html
Daniel Stenberg [Mon, 26 May 2014 20:10:15 +0000 (22:10 +0200)]
url-parser: only use if_nametoindex if detected by configure
The previous #ifdef detection wasn't good enough.
Bug: http://curl.haxx.se/mail/lib-2014-05/0260.html
Reported-by: Chris Young
Daniel Stenberg [Mon, 26 May 2014 09:53:49 +0000 (11:53 +0200)]
curl_version_info.3: returns a pointer to a static struct
And clarify that age 3 means 7.16.1 or later.
Fabian Frank [Mon, 19 May 2014 09:12:11 +0000 (02:12 -0700)]
polarssl: add ALPN support
PolarSSL added ALPN support in their 1.3.6 release.
See:
https://polarssl.org/tech-updates/releases/polarssl-1.3.6-released
Daniel Stenberg [Sat, 24 May 2014 17:05:12 +0000 (19:05 +0200)]
curl_easy_reset: reset the URL
Make sure that the URL is reset and cleared.
Bug: http://curl.haxx.se/mail/lib-2014-05/0235.html
Reported-by: Jonathan Cardoso Machado
Daniel Stenberg [Sat, 24 May 2014 11:54:28 +0000 (13:54 +0200)]
configure: fix the nghttp2 detection when not found
Daniel Stenberg [Thu, 22 May 2014 06:56:02 +0000 (08:56 +0200)]
configure: detect nghttp2 by default
Tatsuhiro Tsujikawa [Wed, 21 May 2014 14:34:55 +0000 (23:34 +0900)]
openssl: Fix uninitialized variable use in NPN callback
OpenSSL passes out and outlen variable uninitialized to
select_next_proto_cb callback function. If the callback function
returns SSL_TLSEXT_ERR_OK, the caller assumes the callback filled
values in out and outlen and processes as such. Previously, if there
is no overlap in protocol lists, curl code does not fill any values in
these variables and returns SSL_TLSEXT_ERR_OK, which means we are
triggering undefined behavior. valgrind warns this.
This patch fixes this issue by fallback to HTTP/1.1 if there is no
overlap.
Daniel Stenberg [Fri, 23 May 2014 12:33:43 +0000 (14:33 +0200)]
curl.1: clarify that -u can't specify a user with colon
Steve Holme [Thu, 22 May 2014 22:08:36 +0000 (23:08 +0100)]
README: Added Test Suite to the TODO list
Steve Holme [Thu, 22 May 2014 22:05:22 +0000 (23:05 +0100)]
build: Use CURLX_* file lists for Visual Studio curl tool project generation
Steve Holme [Sun, 23 Mar 2014 12:46:54 +0000 (12:46 +0000)]
tool_getparam.c: Fixed compilation warnings
There is an implicit conversion from "unsigned long" to "long"
Steve Holme [Thu, 22 May 2014 19:31:31 +0000 (20:31 +0100)]
RELEASE-NOTES: Synced with
f634355868
Dan Fandrich [Thu, 22 May 2014 06:38:26 +0000 (08:38 +0200)]
http: Fix a compiler warning when http2 support is disabled
Steve Holme [Thu, 22 May 2014 06:02:17 +0000 (07:02 +0100)]
build: Fixed incorrect reference to curl_setup.h in Visual Studio files
Fixed a copy / paste error from my 2011 project files.
Nick Zitzmann [Thu, 22 May 2014 00:21:15 +0000 (19:21 -0500)]
darwinssl: fix lint & build warnings in the previous commit
Vilmos Nebehaj [Thu, 17 Apr 2014 14:03:05 +0000 (07:03 -0700)]
Add support for --cacert in DarwinSSL.
Security Framework on OS X makes it possible to supply extra anchor (CA)
certificates via the Certificate, Key, and Trust Services API. This
commit makes the '--cacert' option work using this API.
More information:
https://developer.apple.com/library/mac/documentation/security/Reference/certifkeytrustservices/Reference/reference.html
The HTTPS tests now pass on OS X except 314, which requires the '--crl'
option to work.
Steve Holme [Wed, 21 May 2014 23:15:45 +0000 (00:15 +0100)]
http.c: Fixed compilation warning
warning: suggest braces around empty body in an 'else' statement
Steve Holme [Wed, 21 May 2014 23:09:11 +0000 (00:09 +0100)]
bits.close: Fixed compilation warning
warning: implicit declaration of function 'connclose'
Daniel Stenberg [Tue, 20 May 2014 08:32:23 +0000 (10:32 +0200)]
bits.close: introduce connection close tracking
Make all code use connclose() and connkeep() when changing the "close
state" for a connection. These two macros take a string argument with an
explanation, and debug builds of curl will include that in the debug
output. Helps tracking connection re-use/close issues.
Steve Holme [Wed, 21 May 2014 21:57:02 +0000 (22:57 +0100)]
Makefile.inc: Added curlx headers to assist Visual Studio project generation
Steve Holme [Wed, 21 May 2014 21:51:03 +0000 (22:51 +0100)]
build: Renamed CURLX_ONES file list definition to CURLX_CFILES
Renamed the CURLX_ONES file list definition in order to a) try and be
consistent with other file lists and b) to allow for the addition of
the curlx header files, which will assist with Visual Studio project
files generation rather than hard coding those files.
Steve Holme [Wed, 21 May 2014 21:42:24 +0000 (22:42 +0100)]
bump: Start working on the next release
Daniel Stenberg [Tue, 20 May 2014 21:42:47 +0000 (23:42 +0200)]
THANKS: 18 new contributors for 7.37.0
Daniel Stenberg [Tue, 20 May 2014 21:10:58 +0000 (23:10 +0200)]
RELEASE-NOTES: synced with
85f4075bdbf3
Possibly the final update before release...
Steve Holme [Tue, 20 May 2014 19:01:26 +0000 (20:01 +0100)]
README: Added some outstanding tasks to the TODO list
Added a couple of outstanding tasks to the TODO section that we didn't
get time to do before the release.
Daniel Stenberg [Tue, 20 May 2014 14:50:24 +0000 (16:50 +0200)]
http2: make connection re-use work
Http2 connections would wrongly get closed after each individual
request.
Co-authored-by: Tatsuhiro Tsujikawa
Bug: http://curl.haxx.se/bug/view.cgi?id=1374
Fabian Frank [Tue, 20 May 2014 05:36:31 +0000 (22:36 -0700)]
ALPN: fix typo in http/1.1 identifier
According to https://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-05
it is "http/1.1" and not "http/1.0".
Steve Holme [Tue, 20 May 2014 06:09:57 +0000 (07:09 +0100)]
build-openssl.bat: Added check for OpenSSL source directory
Steve Holme [Tue, 20 May 2014 06:01:22 +0000 (07:01 +0100)]
build-openssl.bat: Added default source directory when not specified
Added a default source directory so the user doesn't have to specify
one - the same as that, which the Visual Studio project files expect
the OpenSSL dependencies to be in.
Steve Holme [Mon, 19 May 2014 22:45:54 +0000 (23:45 +0100)]
Makefile.am: Fixed missing / in VC10+ project file generation
Steve Holme [Sun, 18 May 2014 21:57:51 +0000 (22:57 +0100)]
INSTALL: Updated MSVC 6 caveats
To use an up to date download link as well as remove duplicate
information.
Steve Holme [Sun, 18 May 2014 21:50:41 +0000 (22:50 +0100)]
INSTALL: Updated for new Visual Studio project files
Steve Holme [Sun, 18 May 2014 20:43:40 +0000 (21:43 +0100)]
build: Slight rename of new LIB_* makefile file variables
In order to try and be consistent between curl and libcurl renamed the
recently introduced LIB_* makefile file variables.
Steve Holme [Sun, 18 May 2014 20:25:53 +0000 (21:25 +0100)]
build: Removed old Visual Studio project files
Daniel Stenberg [Sun, 18 May 2014 17:04:32 +0000 (19:04 +0200)]
maketgz: two more CRLF
grrr, missed them in my previous fix
Daniel Stenberg [Sun, 18 May 2014 15:07:29 +0000 (17:07 +0200)]
test1014: GSS-API is only in curl-config. not in curl
Follow-up to commit
121bcfee5d1. curl-config --features now lists
GSS-API but it is not a listed feature in curl -V. This should probably
be synchronized.
Daniel Stenberg [Sun, 18 May 2014 14:55:03 +0000 (16:55 +0200)]
test1134: verify CREDSPERREQUEST for HTTP
Verifies that the change in
68f0166a92 works as intended and that
different HTTP auth credentials to the same host still re-uses the
connection properly.
Daniel Stenberg [Sun, 18 May 2014 10:51:24 +0000 (12:51 +0200)]
maketgz: remove CRLF newlines
Steve Holme [Sat, 17 May 2014 23:09:06 +0000 (00:09 +0100)]
Makefile.am: Corrected a couple of grammar errors
Steve Holme [Sat, 17 May 2014 23:05:55 +0000 (00:05 +0100)]
Makefile.am: Added new Visual Studio project file generation for curl tool
Steve Holme [Sat, 17 May 2014 22:33:32 +0000 (23:33 +0100)]
Makefile.inc: Added resource file to assist Visual Studio project generation
Daniel Stenberg [Sat, 17 May 2014 15:03:29 +0000 (17:03 +0200)]
maketgz: run make vc-ide before make dist
To get the VC project files generated before packaging!
Steve Holme [Sat, 17 May 2014 14:43:12 +0000 (15:43 +0100)]
Makefile.am: Added new Visual Studio project file generation for libcurl
Steve Holme [Sat, 17 May 2014 13:10:45 +0000 (14:10 +0100)]
Makefile.am: Removed old Visual Studio project file generation
Daniel Stenberg [Sat, 17 May 2014 20:59:43 +0000 (22:59 +0200)]
RELEASE-NOTES: synced with
831f6dd1d986c9
Steve Holme [Sat, 17 May 2014 12:32:22 +0000 (13:32 +0100)]
build: Fixed another tabulation issue in the Visual Studio file generator
Dan Fandrich [Sat, 17 May 2014 07:31:30 +0000 (09:31 +0200)]
axtls: Fixed too long source line
Daniel Stenberg [Sat, 17 May 2014 08:19:46 +0000 (10:19 +0200)]
configure: add GSS-API to supported features
Bug: http://curl.haxx.se/bug/view.cgi?id=1344
Reported-by: Michael Osipov
Daniel Stenberg [Sat, 17 May 2014 08:17:35 +0000 (10:17 +0200)]
configure: add SPNEGO to supported features
Bug: http://curl.haxx.se/bug/view.cgi?id=1343
Reported-by: Michael Osipov
Dan Fandrich [Fri, 16 May 2014 21:27:07 +0000 (23:27 +0200)]
axtls: Add a TODO to a potential blocking call with no timeout
Daniel Stenberg [Fri, 16 May 2014 07:28:28 +0000 (09:28 +0200)]
curl_easy_getinfo.3: clarify CURLINFO_SIZE_DOWNLOAD
It counts "body" data only, no meta data, no headers.
Daniel Stenberg [Fri, 16 May 2014 06:51:38 +0000 (08:51 +0200)]
curl_easy_setopt.3: prefer XFERINFOFUNCTION to PROGRESSFUNCTION
Daniel Stenberg [Thu, 15 May 2014 21:28:31 +0000 (23:28 +0200)]
HTTP: CREDSPERREQUEST is for HTTP too
Commit
517b06d657ace (in 7.36.0) that brought the CREDSPERREQUEST flag
only set it for HTTPS, making HTTP less good at doing connection re-use
than it should be. Now set it for HTTP as well.
Simple test case
"curl -v -u foo:bar localhost --next -u bar:foo localhos"
Bug: http://curl.haxx.se/mail/lib-2014-05/0127.html
Reported-by: Kamil Dudka
Daniel Stenberg [Thu, 15 May 2014 20:15:39 +0000 (22:15 +0200)]
RELEASE-NOTES: synced with
53a5b95c21586
Daniel Stenberg [Sun, 4 May 2014 21:53:38 +0000 (23:53 +0200)]
CURLINFO_SSL_VERIFYRESULT: assign at first connect call
The variable wasn't assigned at all until step3 which would lead to a
failed connect never assigning the variable and thus returning a bad
value.
Reported-by: Larry Lin
Bug: http://curl.haxx.se/mail/lib-2014-04/0203.html
Daniel Stenberg [Thu, 15 May 2014 18:43:32 +0000 (20:43 +0200)]
timers: fix timer regression involving redirects / reconnects
In commit
0b3750b5c23c25f (released in 7.36.0) we fixed a timeout issue
but instead broke the timings.
To fix this, I introduce a new timestamp to use for the timeouts and
restored the previous timestamp and timestamp position so that the old
timer functionality is restored.
In addition to that, that change also broke connection timeouts for when
more than one connect was used (as it would then count the total time
from the first connect and not for the most recent one). Now
Curl_timeleft() has been modified so that it checks against different
start times depending on which timeout it checks.
Test 1303 is updated accordingly.
Bug: http://curl.haxx.se/mail/lib-2014-05/0147.html
Reported-by: Ryan Braud
Steve Holme [Thu, 15 May 2014 17:38:38 +0000 (18:38 +0100)]
darwinssl: Updated copyright following recent changes
Nick Zitzmann [Wed, 14 May 2014 22:48:14 +0000 (17:48 -0500)]
darwinssl: fix potential crash when attempting to copy an identity
from a P12 file
This could've happened if SecPKCS12Import() returned noErr _and_ no
identity.
Steve Holme [Mon, 12 May 2014 22:09:19 +0000 (23:09 +0100)]
RELEASE-NOTES: Synced with
52d16c84d2
Daniel Stenberg [Mon, 12 May 2014 11:04:27 +0000 (13:04 +0200)]
openssl: unbreak PKCS12 support
Regression introduced in
ce362e8eb9c (7.31.0)
Bug: http://curl.haxx.se/bug/view.cgi?id=1371
Reported-by: Dmitry
Steve Holme [Sun, 11 May 2014 19:52:52 +0000 (20:52 +0100)]
Makefile.inc: Added resource file to assist Visual Studio project generation
Steve Holme [Sun, 11 May 2014 17:20:52 +0000 (18:20 +0100)]
build: Fixed some tabulation issues in the Visual Studio file generator
Steve Holme [Sun, 11 May 2014 15:20:52 +0000 (16:20 +0100)]
tests: Fixed up DIGEST-MD5 tests following commit
8342b6e1dc
Steve Holme [Sun, 11 May 2014 14:03:16 +0000 (15:03 +0100)]
sasl: Fixed missing qop in the client's challenge-response message
Whilst the qop directive isn't required to be present in a client's
response, as servers should assume a qop of "auth" if it isn't
specified, some may return authentication failure if it is missing.
Steve Holme [Sat, 10 May 2014 08:20:49 +0000 (09:20 +0100)]
tool_operate.c: Fixed compilation warning
An enumerated type is mixed with another type.
Steve Holme [Fri, 9 May 2014 21:27:40 +0000 (22:27 +0100)]
Makefile.inc: Separated the lib and lib/vtls source file variables
To cater for the automatic generation of the new Visual Studio project
files, moved the lib file list into a separated variable so that lib
and lib/vtls can be referenced independently.
Steve Holme [Fri, 9 May 2014 20:24:47 +0000 (21:24 +0100)]
RELEASE-NOTES: Synced with
0ab2c444b5
Steve Holme [Fri, 9 May 2014 20:09:51 +0000 (21:09 +0100)]
Makefile.b32: Fixed for vtls changes
Follow up fix to commits
a47c142a88,
11e8066ef9 and
92b9ae5c5d.
Bug: http://curl.haxx.se/mail/lib-2014-05/0025.html
Reported and assisted by: Jon Torrey