diff options
| author | dartraiden <wowemuh@gmail.com> | 2020-08-20 16:00:06 +0300 |
|---|---|---|
| committer | dartraiden <wowemuh@gmail.com> | 2020-08-20 16:00:06 +0300 |
| commit | e5193f7cfc63bed18795b195a1b86a959638a5bf (patch) | |
| tree | 556aaab722ebcdbd63c89d2ccabca5144c1537e2 /libs/libcurl | |
| parent | fb9c38570dbdb83d3c53b01f12326a97f7ba16e3 (diff) | |
libcurl: update to 7.72.0
Diffstat (limited to 'libs/libcurl')
63 files changed, 2038 insertions, 1498 deletions
diff --git a/libs/libcurl/docs/CHANGES b/libs/libcurl/docs/CHANGES index 5ee0cc6964..51a99f4d52 100644 --- a/libs/libcurl/docs/CHANGES +++ b/libs/libcurl/docs/CHANGES @@ -6,6 +6,1116 @@ Changelog +Version 7.72.0 (19 Aug 2020) + +Daniel Stenberg (19 Aug 2020) +- RELEASE-NOTES: synced + + The curl 7.72.0 release + +- THANKS: add names from curl 7.72.0 release + +Jay Satiro (18 Aug 2020) +- KNOWN_BUGS: Schannel TLS 1.2 handshake bug in old Windows versions + + Reported-by: plujon@users.noreply.github.com + + Closes https://github.com/curl/curl/issues/5488 + +Daniel Stenberg (17 Aug 2020) +- Curl_easy: remember last connection by id, not by pointer + + CVE-2020-8231 + + Bug: https://curl.haxx.se/docs/CVE-2020-8231.html + + Reported-by: Marc Aldorasi + Closes #5824 + +- examples/rtsp.c: correct the copyright year + +- RELEASE-PROCEDURE.md: add more future release dates + +- [H3RSKO brought this change] + + docs: change "web site" to "website" + + According to wikipedia: + + While "web site" was the original spelling, this variant has become + rarely used, and "website" has become the standard spelling + + Closes #5822 + +- [Bevan Weiss brought this change] + + CMake: don't complain about missing nroff + + The curl_nroff_check() was always being called, and complaining if + *NROFF wasn't found, even when not making the manual. + + Only check for nroff (and complain) if actually making the manual + + Closes #5817 + +- [Brian Inglis brought this change] + + libtest/Makefile.am: add -no-undefined for libstubgss for Cygwin + + copy the LDFLAGS approach for adding same option with `libhostname` in + `libtest/Makefile.am`: + + - init `libstubgss_la_LDFLAGS_EXTRA` variable, + - add option to variable inside conditional, + - use variable in `libstubgss_la_LDFLAGS` + + Fixes #5819 + Closes #5820 + +- docs: clarify MAX_SEND/RECV_SPEED functionality + + ... in particular what happens if the maximum speed limit is set to a + value that's smaller than the transfer buffer size in use. + + Reported-by: Tomas Berger + Fixes #5788 + Closes #5813 + +- test1140: compare stdout + + To make problems more immediately obvious when tests fail. + + Closes #5814 + +- asyn-ares: correct some bad comments + + Closes #5812 + +- [Emil Engler brought this change] + + docs: Add video link to docs/CONTRIBUTE.md + + Closes #5811 + +- curl-config: ignore REQUIRE_LIB_DEPS in --libs output + + Fixes a curl-config issue on cygwin by making sure REQUIRE_LIB_DEPS is + not considered for the --libs output. + + Reported-by: ramsay-jones on github + Assisted-by: Brian Inglis and Ken Brown + Fixes #5793 + Closes #5808 + +- copyright: update/correct the year range on a few files + +- scripts/copyright.pl: ignore .muse files + +- [Emil Engler brought this change] + + multi: Remove 10-year old out-commented code + + The code hasn't been touched since 2010-08-18 + + Closes #5805 + +- KNOWN_BUGS: A shared connection cache is not thread-safe + + Closes #4915 + Closes #5802 + +- CONTRIBUTE: extend git commit message description + + In particular how the first line works. + + Closes #5803 + +- RELEASE-NOTES: synced + +- [Stefan Yohansson brought this change] + + transfer: move retrycount from connect struct to easy handle + + This flag was applied to the connection struct that is released on + retry. These changes move the retry counter into Curl_easy struct that + lives across retries and retains the new connection. + + Reported-by: Cherish98 on github + Fixes #5794 + Closes #5800 + +- libssh2: s/ssherr/sftperr/ + + The debug output used ssherr instead of sftperr which not only outputs + the wrong error code but also casues a warning on Windows. + + Follow-up to 7370b4e39f1 + + Reported-by: Gisle Vanem + Bug: https://github.com/curl/curl/commit/7370b4e39f1390e701f5b68d910c619151daf72b#r41334700 + Closes #5799 + +- ftp: don't do ssl_shutdown instead of ssl_close + + The shutdown function is for downgrading a connection from TLS to plain, + and this is not requested here. + + Have ssl_close reset the TLS connection state. + + This partially reverts commit f002c850d98d + + Reported-by: Rasmus Melchior Jacobsen + Reported-by: Denis Goleshchikhin + Fixes #5797 + +Marc Hoersken (9 Aug 2020) +- CI/azure: fix test outcome values and use latest API version + + This makes sure that tests ignored or skipped are not shown + just in the category "Other", but with their correct state. + + Closes #5796 + +- CI/azure: show runtime stats to investigate slowness + + Also avoid naming conflict of TFLAGS env and tflags variables. + + Closes #5776 + +Daniel Stenberg (8 Aug 2020) +- TLS naming: fix more Winssl and Darwinssl leftovers + + The CMake option is now called CMAKE_USE_SCHANNEL + + The winbuild flag is USE_SCHANNEL + + The CI jobs and build scripts only use the new names and the new name + options + + Tests now require 'Schannel' (when necessary) + + Closes #5795 + +- smtp_parse_address: handle blank input string properly + + Closes #5792 + +- runtests: run the DICT server on a random port number + + Removed support for -b (base port number) + + Closes #5783 + +- RELEASE-NOTES: synced + +- runtests: move the TELNET server to a dynamic port + + Rename the port variable to TELNETPORT to better match the existing + pattern. + + Closes #5785 + +- ngtcp2: adapt to error code rename + + Closes #5786 + +- runtests: move the smbserver to use a dynamic port number + + Closes #5782 + +- runtests: run the http2 tests on a random port number + + Closes #5779 + +- gtls: survive not being able to get name/issuer + + Closes #5778 + +- runtests: move the gnutls-serv tests to a dynamic port + + Affects test 320, 321, 322 and 324. + + Closes #5778 + +- runtests: support dynamicly base64 encoded sections in tests + + This allows us to make test cases to use base64 at run-time and still + use and verify information determined at run-time, such as the IMAP test + server's port number in test 842. + + This change makes 12 tests run again that basically never ran since we + moved to dynamic port numbers. + + ftpserver.pl is adjusted to load test instructions and test number from + the preprocessed test file. + + FILEFORMAT.md now documents the new base64 encoding syntax. + + Reported-by: Marcel Raad + Fixes #5761 + Closes #5775 + +- curl.1: add a few missing valid exit codes + + 93 - 96 can be returned as well. + + Closes #5777 + +- TODO: Use multiple parallel transfers for a single download + + Closes #5774 + +- TODO: Set the modification date on an uploaded file + + Closes #5768 + +- [Thomas M. DuBuisson brought this change] + + CI: Add muse CI config + + Closes #5772 + +- [Thomas M. DuBuisson brought this change] + + travis/script.sh: fix use of `-n' with unquoted envvar + + Shellcheck tells us "-n doesn't work with unquoted arguments. quote or + use [[ ]]." + + And testing shows: + + ``` + docker run --rm -it ubuntu bash + root@fe85ce156856:/# [ -n $DOES_NOT_EXIST ] && echo "I ran" + I ran + root@fe85ce156856:/# [ -n "$DOES_NOT_EXIST" ] && echo "I ran" + root@fe85ce156856:/# + ``` + + Closes #5773 + +- h2: repair trailer handling + + The previous h2 trailer fix in 54a2b63 was wrong and caused a + regression: it cannot deal with trailers immediately when read since + they may be read off the connection by the wrong 'data' owner. + + This change reverts the logic back to gathering all trailers into a + single buffer, like before 54a2b63. + + Reported-by: Tadej Vengust + Fixes #5663 + Closes #5769 + +Viktor Szakats (3 Aug 2020) +- windows: disable Unix Sockets for old mingw + + Classic mingw and 10y+ old versions of mingw-w64 don't ship with + Windows headers having the typedef necessary for Unix Sockets + support, so try detecting these environments to disable this + feature. + + Ref: https://sourceforge.net/p/mingw-w64/mingw-w64/ci/cf6afc57179a5910621215f8f4037d406892072c/ + + Reviewed-by: Daniel Stenberg + + Fixes #5674 + Closes #5758 + +Marcel Raad (3 Aug 2020) +- test1908: treat file as text + + Fixes the line endings on Windows. + + Closes https://github.com/curl/curl/pull/5767 + +- TrackMemory tests: ignore realloc and free in getenv.c + + These are only called for WIN32. + + Closes https://github.com/curl/curl/pull/5767 + +Daniel Stenberg (3 Aug 2020) +- tests/FILEFORMAT.md: mention %HTTP2PORT + +- RELEASE-NOTES: synced + +- tlsv1.3.d. only for TLS-using connections + + ... and rephrase that "not all" TLS backends support it. + + Closes #5764 + +- tls-max.d: this option is only for TLS-using connections + + Ref: #5763 + Closes #5764 + +Marcel Raad (2 Aug 2020) +- [Cameron Cawley brought this change] + + tool_doswin: Simplify Windows version detection + + Closes https://github.com/curl/curl/pull/5754 + +- [Cameron Cawley brought this change] + + win32: Add Curl_verify_windows_version() to curlx + + Closes https://github.com/curl/curl/pull/5754 + +- runtests.pl: treat LibreSSL and BoringSSL as OpenSSL + + This makes the tests that require the OpenSSL feature also run for + those two compatible libraries. + + Closes https://github.com/curl/curl/pull/5762 + +Daniel Stenberg (1 Aug 2020) +- multi: Condition 'extrawait' is always true + + Reported by Codacy. + + Reviewed-by: Marcel Raad + Closes #5759 + +Marcel Raad (1 Aug 2020) +- openssl: fix build with LibreSSL < 2.9.1 + + `SSL_CTX_add0_chain_cert` and `SSL_CTX_clear_chain_certs` were + introduced in LibreSSL 2.9.1 [0]. + + [0] https://github.com/libressl-portable/openbsd/commit/0db809ee178457c8170abfae3931d7bd13abf3ef + + Closes https://github.com/curl/curl/pull/5757 + +Daniel Stenberg (1 Aug 2020) +- [Marc Aldorasi brought this change] + + multi_remove_handle: close unused connect-only connections + + Previously any connect-only connections in a multi handle would be kept + alive until the multi handle was closed. Since these connections cannot + be re-used, they can be marked for closure when the associated easy + handle is removed from the multi handle. + + Closes #5749 + +- checksrc: invoke script with -D to find .checksrc proper + + Without the -D command line option, checksrc.pl won't know which + directory to load the ".checksrc" file from when building out of the + source tree. + + Reported-by: Marcel Raad + Fixes #5715 + Closes #5755 + +- [Carlo Marcelo Arenas Belón brought this change] + + buildconf: retire ares buildconf invocation + + no longer needed after 4259d2df7dd95637a4b1e3fb174fe5e5aef81069 + +- [Carlo Marcelo Arenas Belón brought this change] + + buildconf: excempt defunct reference to ACLOCAL_FLAGS + + retired with 09f278121e815028adb24d228d8092fc6cb022aa but kept around as + the name is generic enough that it might be in use and relied upon from + the environment. + +- [Carlo Marcelo Arenas Belón brought this change] + + buildconf: avoid array concatenation in die() + + reported as error SC2145[1] by shellcheck, but not expected to cause + any behavioural differences otherwise. + + [1] https://github.com/koalaman/shellcheck/wiki/SC2145 + + Closes #5701 + +- travis: add ppc64le and s390x builds + + Closes #5752 + +Marc Hoersken (31 Jul 2020) +- connect: remove redundant message about connect failure + + Reviewed-by: Daniel Stenberg + + Closes #5708 + +- tests/sshserver.pl: fix compatibility with OpenSSH for Windows + + Follow up to #5721 + +- CI/azure: install libssh2 for use with msys2-based builds + + This enables building and running the SFTP tests. + Unfortunately OpenSSH for Windows does not support SCP (yet). + + Reviewed-by: Daniel Stenberg + + Closes #5721 + +- CI/azure: increase Windows job timeout once again + + Avoid aborted jobs due to performance issues on Azure DevOps. + + Reviewed-by: Daniel Stenberg + Reviewed-by: Jay Satiro + + Closes #5738 + +Jay Satiro (30 Jul 2020) +- TODO: Schannel: 'Add option to allow abrupt server closure' + + We should offer an option to allow abrupt server closures (server closes + SSL transfer without sending a known termination point such as length of + transfer or close_notify alert). Abrupt server closures are usually + because of misconfigured or very old servers. + + Closes https://github.com/curl/curl/issues/4427 + +- url: fix CURLU and location following + + Prior to this change if the user set a URL handle (CURLOPT_CURLU) it was + incorrectly used for the location follow, resulting in infinite requests + to the original location. + + Reported-by: sspiri@users.noreply.github.com + + Fixes https://github.com/curl/curl/issues/5709 + Closes https://github.com/curl/curl/pull/5713 + +Daniel Stenberg (30 Jul 2020) +- RELEASE-NOTES: synced + +- [divinity76 brought this change] + + docs: add date of 7.20 to CURLM_CALL_MULTI_PERFORM mentions + + it helps make it obvious that most developers don't have to care about + the CURLM_CALL_MULTI_PERFORM value (last release using it is nearly 11 + years old, November 4 2009) + + Closes #5744 + +Jay Satiro (29 Jul 2020) +- tool_cb_wrt: fix outfile mode flags for Windows + + - Use S_IREAD and S_IWRITE mode permission flags to create the file + on Windows instead of S_IRUSR, S_IWUSR, etc. + + Windows only accepts a combination of S_IREAD and S_IWRITE. It does not + acknowledge other combinations, for which it may generate an assertion. + + This is a follow-up to 81b4e99 from yesterday, which improved the + existing file check with -J. + + Ref: https://docs.microsoft.com/en-us/cpp/c-runtime-library/reference/open-wopen#remarks + Ref: https://github.com/curl/curl/pull/5731 + + Closes https://github.com/curl/curl/pull/5742 + +Daniel Stenberg (28 Jul 2020) +- checksrc: ban gmtime/localtime + + They're not thread-safe so they should not be used in libcurl code. + + Explictly enabled when deemed necessary and in examples and tests + + Reviewed-by: Nicolas Sterchele + Closes #5732 + +- transfer: fix data_pending for builds with both h2 and h3 enabled + + Closes #5734 + +- curl_multi_setopt: fix compiler warning "result is always false" + + On systems with 32 bit long the expression is always false. Avoid + the warning. + + Reported-by: Gisle Vanem + Bug: https://github.com/curl/curl/commit/61a08508f6a458fe21bbb18cd2a9bac2f039452b#commitcomment-40941232 + Closes #5736 + +- curl: improve the existing file check with -J + + Previously a file that isn't user-readable but is user-writable would + not be properly avoided and would get overwritten. + + Reported-by: BrumBrum on hackerone + Assisted-by: Jay Satiro + Bug: https://hackerone.com/reports/926638 + Closes #5731 + +- [Jonathan Nieder brought this change] + + multi: update comment to say easyp list is linear + + Since 09b9fc900 (multi: remove 'Curl_one_easy' struct, phase 1, + 2013-08-02), the easy handle list is not circular but ends with + ->next pointing to NULL. + + Reported-by: Masaya Suzuki <masayasuzuki@google.com> + Closes #5737 + +- CURLOPT_NOBODY.3: fix the syntax for referring to options + + As test 1140 fails otherwise! + + Follow-up to e1bac81cc815 + +- ngtcp2: store address in sockaddr_storage + + Reported-by: Tatsuhiro Tsujikawa + Closes #5733 + +- CURLOPT_NOBODY.3: clarify what setting to 0 means + + ... and mention that HTTP with other methods than HEAD might get a body and + there's no option available to stop that. + + Closes #5729 + +- setopt: unset NOBODY switches to GET if still HEAD + + Unsetting CURLOPT_NOBODY with 0L when doing HTTP has no documented + action but before 7.71.0 that used to switch back to GET and with this + change (assuming the method is still set to HEAD) this behavior is + brought back. + + Reported-by: causal-agent on github + Fixes #5725 + Closes #5728 + +- [Ehren Bendler brought this change] + + configure: cleanup wolfssl + pkg-config conflicts when cross compiling. + + Also choose a different wolfSSL function to test for NTLM support. + + Fixes #5605 + Closes #5682 + +- configure: show zstd "no" in summary when built without it + + Reported-by: Marc Hörsken + Fixes #5720 + Closes #5730 + +- quiche: handle calling disconnect twice + + Reported-by: lilongyan-huawei on github + Fixes #5726 + Closes #5727 + +- [Nicolas Sterchele brought this change] + + getinfo: reset retry-after value in initinfo + + - Avoid re-using retry_after value from preceding request + - Add libtest 3010 to verify + + Reported-by: joey-l-us on github + Fixes #5661 + Closes #5672 + +Marcel Raad (27 Jul 2020) +- WIN32: stop forcing narrow-character API + + Except where the results are only used for character output. + getenv is not touched because it's part of the public API, and having + it return UTF-8 instead of ANSI would be a breaking change. + + Fixes https://github.com/curl/curl/issues/5658 + Fixes https://github.com/curl/curl/issues/5712 + Closes https://github.com/curl/curl/pull/5718 + +Jay Satiro (27 Jul 2020) +- [Tobias Stoeckmann brought this change] + + mprintf: Fix stack overflows + + Stack overflows can occur with precisions for integers and floats. + + Proof of concepts: + - curl_mprintf("%d, %.*1$d", 500, 1); + - curl_mprintf("%d, %+0500.*1$f", 500, 1); + + Ideally, compile with -fsanitize=address which makes this undefined + behavior a bit more defined for debug purposes. + + The format strings are valid. The overflows occur due to invalid + arguments. If these arguments are variables with contents controlled + by an attacker, the function's stack can be corrupted. + + Also see CVE-2016-9586 which partially fixed the float aspect. + + Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> + + Closes https://github.com/curl/curl/pull/5722 + +- [Tobias Stoeckmann brought this change] + + mprintf: Fix dollar string handling + + Verify that specified parameters are in range. If parameters are too + large, fail early on and avoid out of boundary accesses. + + Also do not read behind boundaries of illegal format strings. + + These are defensive measures since it is expected that format strings + are well-formed. Format strings should not be modifiable by user + input due to possible generic format string attacks. + + Closes https://github.com/curl/curl/pull/5722 + +Daniel Stenberg (26 Jul 2020) +- ntlm: free target_info before (re-)malloc + + OSS-Fuzz found a way this could get called again with the pointer still + pointing to a malloc'ed memory, leading to a leak. + + Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24379 + + Closes #5724 + +Marcel Raad (26 Jul 2020) +- CI/macos: set minimum macOS version + + This enables some deprecation warnings. + Previously, autotools defaulted to 10.8. + + Closes https://github.com/curl/curl/pull/5723 + +Daniel Stenberg (26 Jul 2020) +- RELEASE-NOTES: synced + +Marcel Raad (25 Jul 2020) +- CI/macos: enable warnings as errors for CMake builds + + Closes https://github.com/curl/curl/pull/5716 + +- CMake: fix test for warning suppressions + + GCC doesn't warn for unknown `-Wno-` options, except if there are other + warnings or errors [0]. This was problematic with `CURL_WERROR` as that + warning-as-error cannot be suppressed. Notably, this always happened + with `-Wno-pedantic-ms-format` when not targeting Windows. So test for + the positive form of the warning instead, which should always result in + a diagnostic if unknown. + + [0] https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html + + Closes https://github.com/curl/curl/pull/5714 + +Jay Satiro (23 Jul 2020) +- curl.h: update CURLINFO_LASTONE + + CURLINFO_LASTONE should have been updated when + CURLINFO_EFFECTIVE_METHOD was added. + + Reported-by: xwxbug@users.noreply.github.com + + Fixes https://github.com/curl/curl/issues/5711 + +Marc Hoersken (22 Jul 2020) +- CI/azure: unconditionally enable warnings-as-errors with autotools + + Reviewed-by: Marcel Raad + + Follow up to #5694 + Closes #5706 + +Marcel Raad (21 Jul 2020) +- doh: remove redundant cast + + Closes https://github.com/curl/curl/pull/5704 + +- CI/macos: unconditionally enable warnings-as-errors with autotools + + Previously, warnings were only visible in the output for most jobs. + + Closes https://github.com/curl/curl/pull/5694 + +- util: silence conversion warnings + + timeval::tv_usec might be a 32-bit integer and timespec::tv_nsec might + be a 64-bit integer. This is the case when building for recent macOS + versions, for example. Just treat tv_usec as an int, which should + hopefully always be sufficient on systems with + `HAVE_CLOCK_GETTIME_MONOTONIC`. + + Closes https://github.com/curl/curl/pull/5695 + +- md(4|5): don't use deprecated macOS functions + + They are marked as deprecated for -mmacosx-version-min >= 10.15, + which might result in warnings-as-errors. + + Closes https://github.com/curl/curl/pull/5695 + +Daniel Stenberg (18 Jul 2020) +- strdup: remove the odd strlen check + + It confuses code analyzers with its use of -1 for unsigned value. Also, + a check that's not normally used in strdup() code - and not necessary. + + Closes #5697 + +- [Alessandro Ghedini brought this change] + + travis: update quiche builds for new boringssl layout + + This is required after https://github.com/cloudflare/quiche/pull/593 + moved BoringSSL around slightly. + + This also means that Go is not needed to build BoringSSL anymore (the + one provided by quiche anyway). + + Closes #5691 + +Marcel Raad (17 Jul 2020) +- configure: allow disabling warnings + + When using `--enable-warnings`, it was not possible to disable warnings + via CFLAGS that got explicitly enabled. Now warnings are not enabled + anymore if they are explicitly disabled (or enabled) in CFLAGS. This + works for at least GCC, clang, and TCC as they have corresponding + `-Wno-` options for every warning. + + Closes https://github.com/curl/curl/pull/5689 + +Daniel Stenberg (16 Jul 2020) +- ngtcp2: adjust to recent sockaddr updates + + Closes #5690 + +- page-header: provide protocol details in the curl.1 man page + + Add protocol and version specific information about all protocols curl + supports. + + Fixes #5679 + Reported-by: tbugfinder on github + Closes #5686 + +Daniel Gustafsson (16 Jul 2020) +- docs: Update a few leftover mentions of DarwinSSL + + Commit 76a9c3c4be10b3d4d379d5b23ca76806bbae536a renamed DarwinSSL to the + more correct/common name Secure Transport, but a few mentions in the docs + remained. + + Closes #5688 + Reviewed-by: Daniel Stenberg <daniel@haxx.se> + +Daniel Stenberg (16 Jul 2020) +- file2memory: use a define instead of -1 unsigned value + + ... to use the maximum value for 'size_t' when detecting integer overflow. + Changed the limit to max/4 as already that seems unreasonably large. + + Codacy didn't like the previous approach. + + Closes #5683 + +- CURL_PUSH_ERROROUT: allow the push callback to fail the parent stream + + ... by adding support for a new dedicated return code. + + Suggested-by: Jonathan Cardoso + Assisted-by: Erik Johansson + URL: https://curl.haxx.se/mail/lib-2020-06/0099.html + Closes #5636 + +- [Baruch Siach brought this change] + + nss: fix build with disabled proxy support + + Avoid reference to fields that do not exist when CURL_DISABLE_PROXY is + defined. + + Closes #5667 + +- test1139: make it display the difference on test failures + +- test1119: verify stdout in the test + + So that failures will be displayed in the terminal, as it makes test failures + visually displayed easier and faster. + + Closes #5644 + +- curl: add %{method} to the -w variables + + Gets the CURLINFO_EFFECTIVE_METHOD from libcurl. + + Added test 1197 to verify. + +- CURLINFO_EFFECTIVE_METHOD: added + + Provide the HTTP method that was used on the latest request, which might + be relevant for users when there was one or more redirects involved. + + Closes #5511 + +Viktor Szakats (14 Jul 2020) +- windows: add unicode to feature list + + Reviewed-by: Marcel Raad + Reviewed-by: Marc Hörsken + + Closes #5491 + +Daniel Stenberg (14 Jul 2020) +- multi: remove two checks always true + + Detected by Codacy + Closes #5676 + +Marc Hoersken (13 Jul 2020) +- workflows: limit what branches to run CodeQL on + + Align CodeQL action with existing CI actions: + - Update branch filter to avoid duplicate CI runs. + - Shorten workflow name due to informative job name. + + Reviewed-by: Daniel Stenberg + + Closes #5660 + +- appveyor: collect libcurl.dll variants with prefix or suffix + + On some platforms libcurl is build with a platform-specific + prefix and/or a version number suffix. + + Assisted-by: Jay Satiro + + Closes #5659 + +Daniel Stenberg (12 Jul 2020) +- [ihsinme brought this change] + + socks: use size_t for size variable + + Use the unsigned type (size_t) in the arithmetic of pointers. In this + context, the signed type (ssize_t) is used unnecessarily. + + Authored-by: ihsinme on github + Closes #5654 + +- RELEASE-NOTES: synced + + ... and bumped to 7.72.0 as the next release version number + +- [Gilles Vollant brought this change] + + content_encoding: add zstd decoding support + + include zstd curl patch for Makefile.m32 from vszakats + and include Add CMake support for zstd from Peter Wu + + Helped-by: Viktor Szakats + Helped-by: Peter Wu + Closes #5453 + +- asyn.h: remove the Curl_resolver_getsock define + + - not used + - used the wrong number of arguments + - confused the Codeacy code analyzer + + Closes #5647 + +- [Nicolas Sterchele brought this change] + + configure.ac: Sort features name in summary + + - Same as protocols + + Closes #5656 + +- [Matthias Naegler brought this change] + + cmake: fix windows xp build + + Reviewed-by: Marcel Raad + Closes #5662 + +- ngtcp2: update to modified qlog callback prototype + + Closes #5675 + +- transfer: fix memory-leak with CURLOPT_CURLU in a duped handle + + Added test case 674 to reproduce and verify the bug report. + + Fixes #5665 + Reported-by: NobodyXu on github + Closes #5673 + +- [Baruch Siach brought this change] + + bearssl: fix build with disabled proxy support + + Avoid reference to fields that do not exist when CURL_DISABLE_PROXY is + defined. + + Reviewed-by: Nicolas Sterchele + Closes #5666 + +- RELEASE-NOTES: synced + +Jay Satiro (11 Jul 2020) +- [Carlo Marcelo Arenas Belón brought this change] + + cirrus-ci: upgrade 11-STABLE to 11.4 + + Meant to be the last of the 11 series and so make sure that all + other references reflect all 11 versions so they can be retired + together later. + + Closes https://github.com/curl/curl/pull/5668 + +- [Filip Salomonsson brought this change] + + CURLINFO_CERTINFO.3: fix typo + + Closes https://github.com/curl/curl/pull/5655 + +Daniel Stenberg (4 Jul 2020) +- http2: only do the *done() cleanups for HTTP + + Follow-up to ef86daf4d3 + + Closes #5650 + Fixes #5646 + +- [Alex Kiernan brought this change] + + gnutls: repair the build with `CURL_DISABLE_PROXY` + + `http_proxy`/`proxy_ssl`/`tunnel_proxy` will not be available in `conn` + if `CURL_DISABLE_PROXY` is enabled. Repair the build with that + configuration. + + Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> + Closes #5645 + +Alex Kiernan (3 Jul 2020) +- gnutls: Fetch backend when using proxy + + Fixes: 89865c149 ("gnutls: remove the BACKEND define kludge") + Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> + +Daniel Stenberg (3 Jul 2020) +- [Laramie Leavitt brought this change] + + http2: close the http2 connection when no more requests may be sent + + Well-behaving HTTP2 servers send two GOAWAY messages. The first + message is a warning that indicates that the server is going to + stop accepting streams. The second one actually closes the stream. + + nghttp2 reports this state (and the other state of no more stream + identifiers) via the call nghttp2_session_check_request_allowed(). + In this state the client should not create more streams on the + session (tcp connection), and in curl this means that the server + has requested that the connection is closed. + + It would be also be possible to put the connclose() call into the + on_http2_frame_recv() function that triggers on the GOAWAY message. + + This fixes a bug seen when the client sees the following sequence of + frames: + + // advisory GOAWAY + HTTP2 GOAWAY [stream-id = 0, promised-stream-id = -1] + ... some additional frames + + // final GOAWAY + HTTP2 GOAWAY [stream-id = 0, promised-stream-id = N ] + + Before this change, curl will attempt to reuse the connection even + after the last stream, will encounter this error: + + * Found bundle for host localhost: 0x5595f0a694e0 [can multiplex] + * Re-using existing connection! (#0) with host localhost + * Connected to localhost (::1) port 10443 (#0) + * Using Stream ID: 9 (easy handle 0x5595f0a72e30) + > GET /index.html?5 HTTP/2 + > Host: localhost:10443 + > user-agent: curl/7.68.0 + > accept: */* + > + * stopped the pause stream! + * Connection #0 to host localhost left intact + curl: (16) Error in the HTTP2 framing layer + + This error may posion the connection cache, causing future requests + which resolve to the same curl connection to go through the same error + path. + + Closes #5643 + +- ftpserver: don't verify SMTP MAIL FROM names + + Rely on tests asking the names to get refused instead - test servers + should be as dumb as possible. Edited test 914, 955 and 959 accordingly. + + Closes #5639 + +- curl_version_info.3: CURL_VERSION_KERBEROS4 is deprecated + + This came up in #5640. It make sense to clarify this in the docs! + + Reminded-by: Kamil Dudka + Closes #5642 + +Kamil Dudka (3 Jul 2020) +- tool_getparam: make --krb option work again + + It was disabled by mistake in commit curl-7_37_1-23-ge38ba4301. + + Bug: https://bugzilla.redhat.com/1833193 + Closes #5640 + +Daniel Stenberg (2 Jul 2020) +- [Jeremy Maitin-Shepard brought this change] + + http2: fix nghttp2_strerror -> nghttp2_http2_strerror in debug messages + + Confusingly, nghttp2 has two different error code enums: + + - nghttp2_error, to be used with nghttp2_strerror + - nghttp2_error_code, to be used with nghttp2_http2_strerror + + Closes #5641 + +Marcel Raad (2 Jul 2020) +- url: silence MSVC warning + + Since commit f3d501dc678, if proxy support is disabled, MSVC warns: + url.c : warning C4701: potentially uninitialized local variable + 'hostaddr' used + url.c : error C4703: potentially uninitialized local pointer variable + 'hostaddr' used + + That could actually only happen if both `conn->bits.proxy` and + `CURL_DISABLE_PROXY` were enabled. + Initialize it to NULL to silence the warning. + + Closes https://github.com/curl/curl/pull/5638 + +Daniel Stenberg (1 Jul 2020) +- RELEASE-NOTES: synced + Version 7.71.1 (30 Jun 2020) Daniel Stenberg (30 Jun 2020) @@ -6388,1075 +7498,3 @@ Daniel Stenberg (18 Dec 2019) Bug: https://github.com/curl/curl/commit/87b9337c8f76c21c57b204e88b68c6ecf3bd1ac0#commitcomment-36447951 Closes #4725 - -- lib: remove ASSIGNWITHINCONDITION exceptions, use our code style - - ... even for macros - - Reviewed-by: Daniel Gustafsson - Reviewed-by: Jay Satiro - Reported-by: Jay Satiro - Fixes #4683 - Closes #4722 - -- tests: make sure checksrc runs on header files too - -- Revert "checksrc: fix regexp for ASSIGNWITHINCONDITION" - - This reverts commit ba82673dac3e8d00a76aa5e3779a0cb80e7442af. - - Bug: #4683 - -- KNOWN_BUGS: TLS session cache doesn't work with TFO - - [skip ci] - Closes #4301 - -- KNOWN_BUGS: Connection information when using TCP Fast Open - - Also point to #4296 for more details - Closes #4296 - -- KNOWN_BUGS: LDAP on Windows doesn't work - - Closes #4261 - -- docs: TLS SRP doesn't work with TLS 1.3 - - Reported-by: sayrer on github - Closes #4262 - [skip ci] - -Dan Fandrich (16 Dec 2019) -- cirrus: Switch to the FreeBSD 12.1 point release & enable more tests. - - A few tests are now passing on FreeBSD, so no longer skip them. - [skip ci] - -Daniel Stenberg (16 Dec 2019) -- azure: the macos cmake doesn't need to install cmake - - Error: cmake 3.15.5 is already installed - To upgrade to 3.16.1, run `brew upgrade cmake`. - - Closes #4723 - -Jay Satiro (15 Dec 2019) -- winbuild: Document CURL_STATICLIB requirement for static libcurl - - A static libcurl (ie winbuild mode=static) requires that the user define - CURL_STATICLIB when using it in their application. This is already - covered in the FAQ and INSTALL.md, but is a pretty important point so - now it's noted in the BUILD.WINDOWS.txt as well. - - Assisted-by: Michael Vittiglio - - Closes https://github.com/curl/curl/pull/4721 - -Daniel Stenberg (15 Dec 2019) -- [Santino Keupp brought this change] - - libssh2: add support for ECDSA and ed25519 knownhost keys - - ... if a new enough libssh2 version is present. - - Source: https://curl.haxx.se/mail/archive-2019-12/0023.html - Co-Authored-by: Daniel Stenberg - Closes #4714 - -- lib1591: free memory properly on OOM, in the trailers callback - - Detected by torture tests. - - Closes #4720 - -- runtests: --repeat=[num] to repeat tests - - Closes #4715 - -- RELEASE-NOTES: synced - -- azure: add a torture test on mac - - Uses --shallow=25 to keep it small enough to get through in time. - - Closes #4712 - -- multi: free sockhash on OOM - - This would otherwise leak memory in the error path. - - Detected by torture test 1540. - - Closes #4713 - -Marcel Raad (13 Dec 2019) -- tests: use DoH feature for DoH tests - - Previously, http/2 was used instead. - - Assisted-by: Jay Satiro - Closes https://github.com/curl/curl/pull/4692 - -- hostip: suppress compiler warning - - With `--disable-doh --disable-threaded-resolver`, the `dns` parameter - is not used. - - Closes https://github.com/curl/curl/pull/4692 - -- tests: fix build with `CURL_DISABLE_DOH` - - Closes https://github.com/curl/curl/pull/4692 - -Daniel Stenberg (13 Dec 2019) -- azure: add a torture test - - Skipping all FTP tests for speed reasons. - - Closes #4697 - -- azure: make the default build use --enable-debug --enable-werror - -- ntlm_wb: fix double-free in OOM - - Detected by torture testing test 1310 - - Closes #4710 - -Dan Fandrich (13 Dec 2019) -- cirrus: Drop the FreeBSD 10.4 build - - Upstream support for 10.4 ended a year ago, and it looks like the image - is now gone, too. - [skip ci] - -Daniel Stenberg (13 Dec 2019) -- unit1620: fix bad free in OOM - - Closes #4709 - -- unit1609: fix mem-leak in OOM - - Closes #4709 - -- unit1607: fix mem-leak in OOM - - Closes #4709 - -- lib1559: fix mem-leak in OOM - - Closes #4709 - -- lib1557: fix mem-leak in OOM - - Closes #4709 - -- altsvc: make the save function ignore NULL filenames - - It might happen in OOM situations. Detected bv torture tests. - - Closes #4707 - -- curl: fix memory leak in OOM in etags logic - - Detected by torture tests - - Closes #4706 - -- doh: make it behave when built without proxy support - - Reported-by: Marcel Raad - Bug: https://github.com/curl/curl/pull/4692#issuecomment-564115734 - - Closes #4704 - -- curl: improved cleanup in upload error path - - Memory leak found by torture test 58 - - Closes #4705 - -- mailmap: fix Andrew Ishchuk - -- travis: make torture use --shallow=40 - - As a first step to enable it to run over a more diverse set of tests in - a reasonable time. - -- runtests: introduce --shallow to reduce huge torture tests - - When set, shallow mode limits runtests -t to make no more than NUM fails - per test case. If more are found, it will randomly discard entries until - the number is right. The random seed can also be set. - - This is particularly useful when running MANY tests as then most torture - failures will already fail the same functions over and over and make the - total operation painfully tedious. - - Closes #4699 - -- conncache: CONNECT_ONLY connections assumed always in-use - - This makes them never to be considered "the oldest" to be discarded when - reaching the connection cache limit. The reasoning here is that - CONNECT_ONLY is primarily used in combination with using the - connection's socket post connect and since that is used outside of - curl's knowledge we must assume that it is in use until explicitly - closed. - - Reported-by: Pavel Pavlov - Reported-by: Pavel Löbl - Fixes #4426 - Fixes #4369 - Closes #4696 - -- [Gisle Vanem brought this change] - - vtls: make BearSSL possible to set with CURL_SSL_BACKEND - - Ref: https://github.com/curl/curl/commit/9b879160df01e7ddbb4770904391d3b74114302b#commitcomment-36355622 - - Closes #4698 - -- RELEASE-NOTES: synced - -- travis: remove "coverage", make it "torture" - - The coveralls service and test coverage numbers are just too unreliable. - Removed badge from README.md as well. - - Fixes #4694 - Closes #4695 - -- azure: add libssh2 and cmake macos builds - - Removed the macos libssh2 build from travis - - Closes #4686 - -- curl: use errorf() better - - Change series of error outputs to use errorf(). - - Only errors that are due to mistakes in command line option usage should - use helpf(), other types of errors in the tool should rather use - errorf(). - - Closes #4691 - -Jay Satiro (9 Dec 2019) -- [Marc Hoersken brought this change] - - tests: make it possible to set executable extensions - - This enables the use of Windows Subsystem for Linux (WSL) to run the - testsuite against Windows binaries while using Linux servers. - - This commit introduces the following environment variables: - - CURL_TEST_EXE_EXT: set the executable extension for all components - - CURL_TEST_EXE_EXT_TOOL: set it for the curl tool only - - CURL_TEST_EXE_EXT_SSH: set it for the SSH tools only - - Later testcurl.pl could be adjusted to make use of those variables. - - CURL_TEST_EXE_EXT_SRV: set it for the test servers only - - (This is one of several commits to support use of WSL for the tests.) - - Closes https://github.com/curl/curl/pull/3899 - -- [Marc Hoersken brought this change] - - tests: fix permissions of ssh keys in WSL - - Keys created on Windows Subsystem for Linux (WSL) require it for some - reason. - - (This is one of several commits to support use of WSL for the tests.) - - Ref: https://github.com/curl/curl/pull/3899 - -- [Marc Hoersken brought this change] - - tests: use \r\n for log messages in WSL - - Bash in Windows Subsystem for Linux (WSL) requires it for some reason. - - (This is one of several commits to support use of WSL for the tests.) - - Ref: https://github.com/curl/curl/pull/3899 - -- [Andrew Ishchuk brought this change] - - winbuild: Define CARES_STATICLIB when WITH_CARES=static - - When libcurl is built with MODE=static, c-ares is forced into static - linkage too. That doesn't happen when MODE=dll so linker would break - over undefined symbols. - - closes https://github.com/curl/curl/pull/4688 - -Daniel Stenberg (9 Dec 2019) -- conn: always set bits.close with connclose() - - Closes #4690 - -- cirrus: enable clang sanitizers on freebsd 13 - -- conncache: fix multi-thread use of shared connection cache - - It could accidentally let the connection get used by more than one - thread, leading to double-free and more. - - Reported-by: Christopher Reid - Fixes #4544 - Closes #4557 - -- azure: add a vanilla macos build - - Closes #4685 - -- curl: make the etag load logic work without fseek - - The fseek()s were unnecessary and caused Coverity warning CID 1456554 - - Closes #4681 - -- mailmap: Mohammad Hasbini - -- [Mohammad Hasbini brought this change] - - docs: fix some typos - - Closes #4680 - -- RELEASE-NOTES: synced - -Jay Satiro (5 Dec 2019) -- lib: fix some loose ends for recently added CURLSSLOPT_NO_PARTIALCHAIN - - Add support for CURLSSLOPT_NO_PARTIALCHAIN in CURLOPT_PROXY_SSL_OPTIONS - and OS400 package spec. - - Also I added the option to the NameValue list in the tool even though it - isn't exposed as a command-line option (...yet?). (NameValue stringizes - the option name for the curl cmd -> libcurl source generator) - - Follow-up to 564d88a which added CURLSSLOPT_NO_PARTIALCHAIN. - - Ref: https://github.com/curl/curl/pull/4655 - -- setopt: Fix ALPN / NPN user option when built without HTTP2 - - - Stop treating lack of HTTP2 as an unknown option error result for - CURLOPT_SSL_ENABLE_ALPN and CURLOPT_SSL_ENABLE_NPN. - - Prior to this change it was impossible to disable ALPN / NPN if libcurl - was built without HTTP2. Setting either option would result in - CURLE_UNKNOWN_OPTION and the respective internal option would not be - set. That was incorrect since ALPN and NPN are used independent of - HTTP2. - - Reported-by: Shailesh Kapse - - Fixes https://github.com/curl/curl/issues/4668 - Closes https://github.com/curl/curl/pull/4672 - -Daniel Stenberg (5 Dec 2019) -- etag: allow both --etag-compare and --etag-save in same cmdline - - Fixes #4669 - Closes #4678 - -Marcel Raad (5 Dec 2019) -- curl_setup: fix `CURLRES_IPV6` condition - - Move the definition of `CURLRES_IPV6` to before undefining - `HAVE_GETADDRINFO`. Regression from commit 67a08dca27a which caused - some tests to fail and others to be skipped with c-ares. - - Fixes https://github.com/curl/curl/issues/4673 - Closes https://github.com/curl/curl/pull/4677 - -Daniel Stenberg (5 Dec 2019) -- test342: make it return a 304 as the tag matches - -Peter Wu (4 Dec 2019) -- CMake: add support for building with the NSS vtls backend - - Options are cross-checked with configure.ac and acinclude.m4. - Tested on Arch Linux, untested on other platforms like Windows or macOS. - - Closes #4663 - Reviewed-by: Kamil Dudka - -Daniel Stenberg (4 Dec 2019) -- azure: add more builds - - ... removed two from travis (that now runs on azure instead) - - Closes #4671 - -- CURLOPT_VERBOSE.3: see also ERRORBUFFER - -- hostip4.c: bump copyright year range - -Marcel Raad (3 Dec 2019) -- configure: enable IPv6 support without `getaddrinfo` - - This makes it possible to recognize and connect to literal IPv6 - addresses when `getaddrinfo` is not available, which is already the - case for the CMake build. This affects e.g. classic MinGW because it - still targets Windows 2000 by default, where `getaddrinfo` is not - available, but general IPv6 support is. - - Instead of checking for `getaddrinfo`, check for `sockaddr_in6` as the - CMake build does. - - Closes https://github.com/curl/curl/pull/4662 - -- curl_setup: disable IPv6 resolver without `getaddrinfo` - - Also, use `CURLRES_IPV6` only for actual DNS resolution, not for IPv6 - address support. This makes it possible to connect to IPv6 literals by - setting `ENABLE_IPV6` even without `getaddrinfo` support. It also fixes - the CMake build when using the synchronous resolver without - `getaddrinfo` support. - - Closes https://github.com/curl/curl/pull/4662 - -Daniel Stenberg (3 Dec 2019) -- github action/azure pipeline: run 'make test-nonflaky' for tests - - To match travis and give more info on failures. - -- openssl: CURLSSLOPT_NO_PARTIALCHAIN can disable partial cert chains - - Closes #4655 - -- openssl: set X509_V_FLAG_PARTIAL_CHAIN - - Have intermediate certificates in the trust store be treated as - trust-anchors, in the same way as self-signed root CA certificates - are. This allows users to verify servers using the intermediate cert - only, instead of needing the whole chain. - - Other TLS backends already accept partial chains. - - Reported-by: Jeffrey Walton - Bug: https://curl.haxx.se/mail/lib-2019-11/0094.html - -- curl: show better error message when no homedir is found - - Reported-by: Vlastimil Ovčáčík - Fixes #4644 - Closes #4665 - -- OPENSOCKETFUNCTION.3: correct the purpose description - - Reported-by: Jeff Mears - Bug: https://curl.haxx.se/mail/lib-2019-12/0007.html - - Closes #4667 - -- [Peter Wu brought this change] - - travis: do not use OVERRIDE_CC or OVERRIDE_CXX if empty - - Fixes the macOS builds where OVERRIDE_CC and OVERRIDE_CXX are not set. - - Reported-by: Jay Satiro - Fixes #4659 - Closes #4661 - Closes #4664 - -- azure-pipelines: fix the test script - -- Azure Pipelines: initial CI setup - - [skip ci] - -- docs: add "added: 7.68.0" to the --etag-* docs - -- copyright: fix the year ranges for two files - - Follow-up to 9c1806ae - -Jay Satiro (1 Dec 2019) -- build: Disable Visual Studio warning "conditional expression is constant" - - - Disable warning C4127 "conditional expression is constant" globally - in curl_setup.h for when building with Microsoft's compiler. - - This mainly affects building with the Visual Studio project files found - in the projects dir. - - Prior to this change the cmake and winbuild build systems already - disabled 4127 globally for when building with Microsoft's compiler. - Also, 4127 was already disabled for all build systems in the limited - circumstance of the WHILE_FALSE macro which disabled the warning - specifically for while(0). This commit removes the WHILE_FALSE macro and - all other cruft in favor of disabling globally in curl_setup. - - Background: - - We have various macros that cause 0 or 1 to be evaluated, which would - cause warning C4127 in Visual Studio. For example this causes it: - - #define Curl_resolver_asynch() 1 - - Full behavior is not clearly defined and inconsistent across versions. - However it is documented that since VS 2015 Update 3 Microsoft has - addressed this somewhat but not entirely, not warning on while(true) for - example. - - Prior to this change some C4127 warnings occurred when I built with - Visual Studio using the generated projects in the projects dir. - - Closes https://github.com/curl/curl/pull/4658 - -- openssl: retrieve reported LibreSSL version at runtime - - - Retrieve LibreSSL runtime version when supported (>= 2.7.1). - - For earlier versions we continue to use the compile-time version. - - Ref: https://man.openbsd.org/OPENSSL_VERSION_NUMBER.3 - - Closes https://github.com/curl/curl/pull/2425 - -- strerror: Add Curl_winapi_strerror for Win API specific errors - - - In all code call Curl_winapi_strerror instead of Curl_strerror when - the error code is known to be from Windows GetLastError. - - Curl_strerror prefers CRT error codes (errno) over Windows API error - codes (GetLastError) when the two overlap. When we know the error code - is from GetLastError it is more accurate to prefer the Windows API error - messages. - - Reported-by: Richard Alcock - - Fixes https://github.com/curl/curl/issues/4550 - Closes https://github.com/curl/curl/pull/4581 - -Daniel Stenberg (2 Dec 2019) -- global_init: undo the "intialized" bump in case of failure - - ... so that failures in the global init function don't count as a - working init and it can then be called again. - - Reported-by: Paul Groke - Fixes #4636 - Closes #4653 - -- parsedate: offer a getdate_capped() alternative - - ... and use internally. This function will return TIME_T_MAX instead of - failure if the parsed data is found to be larger than what can be - represented. TIME_T_MAX being the largest value curl can represent. - - Reviewed-by: Daniel Gustafsson - Reported-by: JanB on github - Fixes #4152 - Closes #4651 - -- docs: add more references to curl_multi_poll - - Fixes #4643 - Closes #4652 - -- sha256: bump the copyright year range - - Follow-up from 66e21520f - -Daniel Gustafsson (28 Nov 2019) -- curl_setup_once: consistently use WHILE_FALSE in macros - - The WHILE_FALSE construction is used to avoid compiler warnings in - macro constructions. This fixes a few instances where it was not - used in order to keep the code consistent. - - Closes #4649 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -Daniel Stenberg (28 Nov 2019) -- [Steve Holme brought this change] - - http_ntlm: Remove duplicate NSS initialisation - - Given that this is performed by the NTLM code there is no need to - perform the initialisation in the HTTP layer. This also keeps the - initialisation the same as the SASL based protocols and also fixes a - possible compilation issue if both NSS and SSPI were to be used as - multiple SSL backends. - - Reviewed-by: Kamil Dudka - Closes #3935 - -Daniel Gustafsson (28 Nov 2019) -- checksrc: fix regexp for ASSIGNWITHINCONDITION - - The regexp looking for assignments within conditions was too greedy - and matched a too long string in the case of multiple conditionals - on the same line. This is basically only a problem in single line - macros, and the code which exemplified this was essentially: - - do { if((x) != NULL) { x = NULL; } } while(0) - - ..where the final parenthesis of while(0) matched the regexp, and - the legal assignment in the block triggered the warning. Fix by - making the regexp less greedy by matching for the tell-tale signs - of the if statement ending. - - Also remove the one occurrence where the warning was disabled due - to a construction like the above, where the warning didn't apply - when fixed. - - Closes #4647 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -Daniel Stenberg (28 Nov 2019) -- RELEASE-NOTES: synced - -- [Maros Priputen brought this change] - - curl: two new command line options for etags - - --etag-compare and --etag-save - - Suggested-by: Paul Hoffman - Fixes #4277 - Closes #4543 - -Daniel Gustafsson (28 Nov 2019) -- docs: fix typos - -Daniel Stenberg (28 Nov 2019) -- mailmap: Niall O'Reilly's name - -- [Niall O'Reilly brought this change] - - doh: use dedicated probe slots - - ... to easier allow additional DNS transactions. - - Closes #4629 - -- travis: build ngtcp2 with --enable-lib-only - - ... makes it skip the examples and other stuff we don't neeed. - - Closes #4646 - -- [David Benjamin brought this change] - - ngtcp2: fix thread-safety bug in error-handling - - ERR_error_string(NULL) should never be called. It places the error in a - global buffer, which is not thread-safe. Use ERR_error_string_n with a - local buffer instead. - - Closes #4645 - -- travis: export the CC/CXX variables when set - - Suggested-by: Peter Wu - Fixes #4637 - Closes #4640 - -Marcel Raad (26 Nov 2019) -- dist: add error-codes.pl - - Follow-up to commit 74f441c6d31. - This should fix test 1175 when run via the daily source tarballs. - - Closes https://github.com/curl/curl/pull/4638 - -Daniel Stenberg (26 Nov 2019) -- [John Schroeder brought this change] - - curl: fix --upload-file . hangs if delay in STDIN - - Attempt to unpause a busy read in the CURLOPT_XFERINFOFUNCTION. - - When uploading from stdin in non-blocking mode, a delay in reading - the stream (EAGAIN) causes curl to pause sending data - (CURL_READFUNC_PAUSE). Prior to this change, a busy read was - detected and unpaused only in the CURLOPT_WRITEFUNCTION handler. - This change performs the same busy read handling in a - CURLOPT_XFERINFOFUNCTION handler. - - Fixes #2051 - Closes #4599 - Reported-by: bdry on github - -- [John Schroeder brought this change] - - XFERINFOFUNCTION: support CURL_PROGRESSFUNC_CONTINUE - - (also for PROGRESSFUNCTION) - - By returning this value from the callback, the internal progress - function call is still called afterward. - - Closes #4599 - -- [Michael Forney brought this change] - - TLS: add BearSSL vtls implementation - - Closes #4597 - -- curl_multi_wakeup.3: add example and AVAILABILITY - - Reviewed-by: Gergely Nagy - Closes #4635 - -- [Gergely Nagy brought this change] - - multi: add curl_multi_wakeup() - - This commit adds curl_multi_wakeup() which was previously in the TODO - list under the curl_multi_unblock name. - - On some platforms and with some configurations this feature might not be - available or can fail, in these cases a new error code - (CURLM_WAKEUP_FAILURE) is returned from curl_multi_wakeup(). - - Fixes #4418 - Closes #4608 - -Jay Satiro (24 Nov 2019) -- [Xiaoyin Liu brought this change] - - schannel: fix --tls-max for when min is --tlsv1 or default - - Prior to this change schannel ignored --tls-max (CURL_SSLVERSION_MAX_ - macros) when --tlsv1 (CURL_SSLVERSION_TLSv1) or default TLS - (CURL_SSLVERSION_DEFAULT), using a max of TLS 1.2 always. - - Closes https://github.com/curl/curl/pull/4633 - -- checksrc.bat: Add a check for vquic and vssh directories - - Ref: https://github.com/curl/curl/pull/4607 - -- projects: Fix Visual Studio projects SSH builds - - - Generate VQUIC and VSSH filenames in Visual Studio project files. - - Prior to this change generated Visual Studio project configurations that - enabled SSH did not build properly. Broken since SSH files were moved to - lib/vssh 3 months ago in 5b2d703. - - Fixes https://github.com/curl/curl/issues/4492 - Fixes https://github.com/curl/curl/issues/4630 - Closes https://github.com/curl/curl/pull/4607 - -Daniel Stenberg (23 Nov 2019) -- RELEASE-NOTES: synced - -Jay Satiro (22 Nov 2019) -- openssl: Revert to less sensitivity for SYSCALL errors - - - Disable the extra sensitivity except in debug builds (--enable-debug). - - - Improve SYSCALL error message logic in ossl_send and ossl_recv so that - "No error" / "Success" socket error text isn't shown on SYSCALL error. - - Prior to this change 0ab38f5 (precedes 7.67.0) increased the sensitivity - of OpenSSL's SSL_ERROR_SYSCALL error so that abrupt server closures were - also considered errors. For example, a server that does not send a known - protocol termination point (eg HTTP content length or chunked encoding) - _and_ does not send a TLS termination point (close_notify alert) would - cause an error if it closed the connection. - - To be clear that behavior made it into release build 7.67.0 - unintentionally. Several users have reported it as an issue. - - Ultimately the idea is a good one, since it can help prevent against a - truncation attack. Other SSL backends may already behave similarly (such - as Windows native OS SSL Schannel). However much more of our user base - is using OpenSSL and there is a mass of legacy users in that space, so I - think that behavior should be partially reverted and then rolled out - slowly. - - This commit changes the behavior so that the increased sensitivity is - disabled in all curl builds except curl debug builds (DEBUGBUILD). If - after a period of time there are no major issues then it can be enabled - in dev and release builds with the newest OpenSSL (1.1.1+), since users - using the newest OpenSSL are the least likely to have legacy problems. - - Bug: https://github.com/curl/curl/issues/4409#issuecomment-555955794 - Reported-by: Bjoern Franke - - Fixes https://github.com/curl/curl/issues/4624 - Closes https://github.com/curl/curl/pull/4623 - -- [Daniel Stenberg brought this change] - - openssl: improve error message for SYSCALL during connect - - Reported-by: Paulo Roberto Tomasi - Bug: https://curl.haxx.se/mail/archive-2019-11/0005.html - - Closes https://github.com/curl/curl/pull/4593 - -Daniel Stenberg (22 Nov 2019) -- test1175: verify symbols-in-versions and libcurl-errors.3 in sync - - Closes #4628 - -- include: make CURLE_HTTP3 use a new error code - - To avoid potential issues with error code reuse. - - Reported-by: Christoph M. Becker - Assisted-by: Dan Fandrich - Fixes #4601 - Closes #4627 - -- bump: next release will be 7.68.0 - -- curl: add --parallel-immediate - - Starting with this change when doing parallel transfers, without this - option set, curl will prefer to create new transfers multiplexed on an - existing connection rather than creating a brand new one. - - --parallel-immediate can be set to tell curl to prefer to use new - connections rather than to wait and try to multiplex. - - libcurl-wise, this means that curl will set CURLOPT_PIPEWAIT by default - on parallel transfers. - - Suggested-by: Tom van der Woerdt - Closes #4500 - -Daniel Gustafsson (20 Nov 2019) -- [Victor Magierski brought this change] - - docs: fix typos - - Change 'experiemental' to 'experimental'. - - Closes #4618 - Reviewed-by: Daniel Gustafsson <daniel@yesql.se> - -Jay Satiro (18 Nov 2019) -- projects: Fix Visual Studio wolfSSL configurations - - - s/USE_CYASSL/USE_WOLFSSL/ - - - Remove old compatibility macros. - - Follow-up to 1c6c59a from several months ago when CyaSSL named symbols - were renamed to wolfSSL. The wolfSSL library was formerly named CyaSSL - and we kept using their old name for compatibility reasons, until - earlier this year. - -Daniel Stenberg (18 Nov 2019) -- RELEASE-NOTES: synced - -- [Javier Blazquez brought this change] - - ngtcp2: use overflow buffer for extra HTTP/3 data - - Fixes #4525 - Closes #4603 - -- altsvc: bump to h3-24 - - ... as both ngtcp2 and quiche now support that in their master branches - - Closes #4604 - -- ngtcp2: free used resources on disconnect - - Fixes #4614 - Closes #4615 - -- ngtcp2: handle key updates as ngtcp2 master branch tells us - - Reviewed-by: Tatsuhiro Tsujikawa - - Fixes #4612 - Closes #4613 - -Jay Satiro (17 Nov 2019) -- [Gergely Nagy brought this change] - - multi: Fix curl_multi_poll wait when extra_fds && !extra_nfds - - Prior to this change: - - The check if an extra wait is necessary was based not on the - number of extra fds but on the pointer. - - If a non-null pointer was given in extra_fds, but extra_nfds - was zero, then the wait was skipped even though poll was not - called. - - Closes https://github.com/curl/curl/pull/4610 - -- lib: Move lib/ssh.h -> lib/vssh/ssh.h - - Follow-up to 5b2d703 which moved ssh source files to vssh. - - Closes https://github.com/curl/curl/pull/4609 - -Daniel Stenberg (16 Nov 2019) -- [Andreas Falkenhahn brought this change] - - INSTALL.md: provide Android build instructions - - Closes #4606 - -- [Niall O'Reilly brought this change] - - doh: improced both encoding and decoding - - Improved estimation of expected_len and updated related comments; - increased strictness of QNAME-encoding, adding error detection for empty - labels and names longer than the overall limit; avoided treating DNAME - as unexpected; - - updated unit test 1655 with more thorough set of proofs and tests - - Closes #4598 - -- ngtcp2: increase QUIC window size when data is consumed - - Assisted-by: Javier Blazquez - Ref #4525 (partial fix) - Closes #4600 - -- [Melissa Mears brought this change] - - config-win32: cpu-machine-OS for Windows on ARM - - Define the OS macro properly for Windows on ARM builds. Also, we might - as well add the GCC-style IA-64 macro. - - Closes #4590 - -- examples: add multi-poll.c - - Show how curl_multi_poll() makes it even easier to use the multi - interface. - - Closes #4596 - -- multi_poll: avoid busy-loop when called without easy handles attached - - Fixes #4594 - Closes #4595 - Reported-by: 3dyd on github - -- curl: fix -T globbing - - Regression from e59371a4936f8 (7.67.0) - - Added test 490, 491 and 492 to verify the functionality. - - Reported-by: Kamil Dudka - Reported-by: Anderson Sasaki - - Fixes #4588 - Closes #4591 - -- HISTORY: added cmake, HTTP/3 and parallel downloads with curl - -- quiche: reject headers in the wrong order - - Pseudo header MUST come before regular headers or cause an error. - - Reported-by: Cynthia Coan - Fixes #4571 - Closes #4584 - -- openssl: prevent recursive function calls from ctx callbacks - - Follow the pattern of many other callbacks. - - Ref: #4546 - Closes #4585 - -- CURL-DISABLE: initial docs for the CURL_DISABLE_* defines - - The disable-scan script used in test 1165 is extended to also verify - that the docs cover all used defines and all defines offered by - configure. - - Reported-by: SLDiggie on github - Fixes #4545 - Closes #4587 - -- remove_handle: clear expire timers after multi_done() - - Since 59041f0, a new timer might be set in multi_done() so the clearing - of the timers need to happen afterwards! - - Reported-by: Max Kellermann - Fixes #4575 - Closes #4583 - -Marcel Raad (10 Nov 2019) -- test1558: use double slash after file: - - Classic MinGW / MSYS 1 doesn't support `MSYS2_ARG_CONV_EXCL`, so this - test unnecessarily failed when using `file:/` instead of `file:///`. - - Closes https://github.com/curl/curl/pull/4554 - -Daniel Stenberg (10 Nov 2019) -- pause: avoid updating socket if done was already called - - ... avoids unnecesary recursive risk when the transfer is already done. - - Reported-by: Richard Bowker - Fixes #4563 - Closes #4574 - -Jay Satiro (9 Nov 2019) -- strerror: Fix an error looking up some Windows error strings - - - Use FORMAT_MESSAGE_IGNORE_INSERTS to ignore format specifiers in - Windows error strings. - - Since we are not in control of the error code we don't know what - information may be needed by the error string's format specifiers. - - Prior to this change Windows API error strings which contain specifiers - (think specifiers like similar to printf specifiers) would not be shown. - The FormatMessage Windows API call which turns a Windows error code into - a string could fail and set error ERROR_INVALID_PARAMETER if that error - string contained a format specifier. FormatMessage expects a va_list for - the specifiers, unless inserts are ignored in which case no substitution - is attempted. - - Ref: https://devblogs.microsoft.com/oldnewthing/20071128-00/?p=24353 - -- [r-a-sattarov brought this change] - - system.h: fix for MCST lcc compiler - - Fixed build by MCST lcc compiler on MCST Elbrus 2000 architecture and do - some code cleanup. - - e2k (Elbrus 2000) - this is VLIW/EPIC architecture, like Intel Itanium - architecture. - - Ref: https://en.wikipedia.org/wiki/Elbrus_2000 - - Closes https://github.com/curl/curl/pull/4576 - -Daniel Stenberg (8 Nov 2019) -- TODO: curl_multi_unblock - - Closes #4418 - -- TODO: Run web-platform-tests url tests - - Closes #4477 diff --git a/libs/libcurl/docs/THANKS b/libs/libcurl/docs/THANKS index 76587bddfb..ccec12146e 100644 --- a/libs/libcurl/docs/THANKS +++ b/libs/libcurl/docs/THANKS @@ -59,6 +59,7 @@ Alex Fishman Alex Gaynor Alex Grebenschikov Alex Gruz +Alex Kiernan Alex Konev Alex Malinovich Alex Mayorga @@ -240,6 +241,7 @@ Bernhard Walle Bert Huijben Bertrand Demiddelaer Bertrand Simonnet +Bevan Weiss Bill Doyle Bill Egert Bill Hoffman @@ -281,6 +283,7 @@ Brian Childs Brian Chrisman Brian Dessent Brian E. Gallew +Brian Inglis Brian J. Murrell Brian Prodoehl Brian R Duffy @@ -289,6 +292,7 @@ Brock Noland Bru Rom Bruce Mitchener Bruce Stephens +BrumBrum on hackerone Bruno de Carvalho Bruno Grasselli Bruno Thomsen @@ -301,6 +305,7 @@ Bylon2 on github Byrial Jensen Caleb Raitto Calvin Buckley +Cameron Cawley Cameron Kaiser Cameron MacMinn Camille Moncelier @@ -315,6 +320,7 @@ Carlos ORyan Carsten Lange Casey O'Donnell Catalin Patulea +causal-agent on github cbartl on github cclauss on github Chad Monroe @@ -507,6 +513,7 @@ Dengminwen Denis Baručić Denis Chaplygin Denis Feklushkin +Denis Goleshchikhin Denis Ollier Dennis Clarke Dennis Felsing @@ -532,6 +539,7 @@ Dirk Eddelbuettel Dirk Feytons Dirk Manske Dirkjan Bussink +divinity76 on github dkjjr89 on github dkwolfe4 on github Dmitri Shubin @@ -593,6 +601,7 @@ Edward Thomson Eelco Dolstra Eetu Ojanen Egon Eckert +Ehren Bendler Eldar Zaitov elelel on github elephoenix on github @@ -672,6 +681,7 @@ Felix von Leitner Felix Yan Feng Tu Fernando Muñoz +Filip Salomonsson Flavio Medeiros Florian Pritz Florian Schoppmann @@ -770,6 +780,7 @@ GwanYeong Kim Gwenole Beauchesne Gökhan Şengün Götz Babin-Ebell +H3RSKO on github Hagai Auro Haibo Huang Hamish Mackenzie @@ -831,6 +842,7 @@ Igor Makarov Igor Novoseltsev Igor Polyakov Ihor Karpenko +ihsinme on github Iida Yosiaki Ilguiz Latypov Ilja van Sprundel @@ -940,6 +952,7 @@ Jeremy Friesner Jeremy Huddleston Jeremy Lainé Jeremy Lin +Jeremy Maitin-Shepard Jeremy Pearson Jeremy Tan Jeroen Koekkoek @@ -973,6 +986,7 @@ Joe Malicki Joe Mason Joel Chen Joel Depooter +joey-l-us on github Jofell Gallardo Johan Anderson Johan Lantz @@ -1109,6 +1123,7 @@ Kees Dekker Keith MacDonald Keith McGuigan Keith Mok +Ken Brown Ken Hirsch Ken Rastatter Kenny To @@ -1160,6 +1175,7 @@ l00p3r on Hackerone Lachlan O'Dea Ladar Levison Lance Ware +Laramie Leavitt Larry Campbell Larry Fahnoe Larry Lin @@ -1194,6 +1210,7 @@ Leonardo Taccari Liam Healy lijian996 on github Lijo Antony +lilongyan-huawei on github Linas Vepstas Lindley French Ling Thio @@ -1318,6 +1335,7 @@ Martin V Martin Vejnár Marty Kuhrt Maruko +Masaya Suzuki masbug on github Massimiliano Fantuzzi Massimiliano Ziccardi @@ -1343,6 +1361,7 @@ Matthew Hall Matthew Kerwin Matthew Whitehead Matthias Bolte +Matthias Naegler Mattias Fornander Matus Uzak Maurice Barnum @@ -1507,6 +1526,7 @@ Ning Dong Nir Soffer Nis Jorgensen nk +NobodyXu on github Nobuhiro Ban Nodak Sodak nopjmp on github @@ -1689,11 +1709,13 @@ Ralf S. Engelschall Ralph Beckmann Ralph Mitchell Ram Krushna Mishra +ramsay-jones on github Ran Mozes Randall S. Becker Randy Armstrong Randy McMurchy Raphael Gozzo +Rasmus Melchior Jacobsen Ravi Pratap Ray Dassen Ray Pekowski @@ -1910,6 +1932,7 @@ Spezifant on github Spiridonoff A.V Spoon Man Spork Schivago +sspiri on github sstruchtrup on github Stadler Stephan Stan van de Burgt @@ -1927,6 +1950,7 @@ Stefan Neis Stefan Teleman Stefan Tomanek Stefan Ulrich +Stefan Yohansson Stefano Simonelli Steinar H. Gunderson steini2000 on github @@ -1977,6 +2001,7 @@ Symeon Paraschoudis Sébastien Willemijns T. Bharath T. Yamada +Tadej Vengust Tae Hyoung Ahn Tae Wong Taiyu Len @@ -1984,6 +2009,7 @@ Taneli Vähäkangas Tanguy Fautre tarek112 on github Tatsuhiro Tsujikawa +tbugfinder on github Teemu Yli-Elsila Temprimus Terri Oda @@ -2002,6 +2028,7 @@ Thomas J. Moore Thomas Klausner Thomas L. Shinnick Thomas Lopatic +Thomas M. DuBuisson Thomas Petazzoni Thomas Ruecker Thomas Schwinge @@ -2061,6 +2088,7 @@ Tom Sparrow Tom van der Woerdt Tom Wright Tom Zerucha +Tomas Berger Tomas Hoger Tomas Jakobsson Tomas Mlcoch @@ -2172,6 +2200,7 @@ Xiang Xiao Xiangbin Li Xiaoyin Liu XmiliaH on github +xwxbug on github Yaakov Selkowitz Yang Tse Yarram Sunil diff --git a/libs/libcurl/include/curl/curl.h b/libs/libcurl/include/curl/curl.h index e3531f5df8..5aeaca91d0 100644 --- a/libs/libcurl/include/curl/curl.h +++ b/libs/libcurl/include/curl/curl.h @@ -2634,10 +2634,6 @@ typedef enum { CURLINFO_PROXY_SSL_VERIFYRESULT = CURLINFO_LONG + 47, CURLINFO_PROTOCOL = CURLINFO_LONG + 48, CURLINFO_SCHEME = CURLINFO_STRING + 49, - /* Fill in new entries below here! */ - - /* Preferably these would be defined conditionally based on the - sizeof curl_off_t being 64-bits */ CURLINFO_TOTAL_TIME_T = CURLINFO_OFF_T + 50, CURLINFO_NAMELOOKUP_TIME_T = CURLINFO_OFF_T + 51, CURLINFO_CONNECT_TIME_T = CURLINFO_OFF_T + 52, @@ -2646,8 +2642,9 @@ typedef enum { CURLINFO_REDIRECT_TIME_T = CURLINFO_OFF_T + 55, CURLINFO_APPCONNECT_TIME_T = CURLINFO_OFF_T + 56, CURLINFO_RETRY_AFTER = CURLINFO_OFF_T + 57, + CURLINFO_EFFECTIVE_METHOD = CURLINFO_STRING + 58, - CURLINFO_LASTONE = 57 + CURLINFO_LASTONE = 58 } CURLINFO; /* CURLINFO_RESPONSE_CODE is the new name for the option previously known as @@ -2748,6 +2745,7 @@ typedef enum { CURLVERSION_FIFTH, CURLVERSION_SIXTH, CURLVERSION_SEVENTH, + CURLVERSION_EIGHTH, CURLVERSION_LAST /* never actually use this */ } CURLversion; @@ -2756,7 +2754,7 @@ typedef enum { meant to be a built-in version number for what kind of struct the caller expects. If the struct ever changes, we redefine the NOW to another enum from above. */ -#define CURLVERSION_NOW CURLVERSION_SEVENTH +#define CURLVERSION_NOW CURLVERSION_EIGHTH struct curl_version_info_data { CURLversion age; /* age of the returned struct */ @@ -2802,6 +2800,11 @@ struct curl_version_info_data { const char *capath; /* the built-in default CURLOPT_CAPATH, might be NULL */ + /* These fields were added in CURLVERSION_EIGHTH */ + unsigned int zstd_ver_num; /* Numeric Zstd version + (MAJOR << 24) | (MINOR << 12) | PATCH */ + const char *zstd_version; /* human readable string. */ + }; typedef struct curl_version_info_data curl_version_info_data; @@ -2836,6 +2839,8 @@ typedef struct curl_version_info_data curl_version_info_data; #define CURL_VERSION_BROTLI (1<<23) /* Brotli features are present. */ #define CURL_VERSION_ALTSVC (1<<24) /* Alt-Svc handling built-in */ #define CURL_VERSION_HTTP3 (1<<25) /* HTTP3 support built-in */ +#define CURL_VERSION_ZSTD (1<<26) /* zstd features are present */ +#define CURL_VERSION_UNICODE (1<<27) /* Unicode support on Windows */ /* * NAME curl_version_info() diff --git a/libs/libcurl/include/curl/curlver.h b/libs/libcurl/include/curl/curlver.h index 48d1e46ac4..ce0f7ac907 100644 --- a/libs/libcurl/include/curl/curlver.h +++ b/libs/libcurl/include/curl/curlver.h @@ -30,13 +30,13 @@ /* This is the version number of the libcurl package from which this header file origins: */ -#define LIBCURL_VERSION "7.71.1" +#define LIBCURL_VERSION "7.72.0" /* The numeric version number is also available "in parts" by using these defines: */ #define LIBCURL_VERSION_MAJOR 7 -#define LIBCURL_VERSION_MINOR 71 -#define LIBCURL_VERSION_PATCH 1 +#define LIBCURL_VERSION_MINOR 72 +#define LIBCURL_VERSION_PATCH 0 /* This is the numeric version of the libcurl version number, meant for easier parsing and comparisons by programs. The LIBCURL_VERSION_NUM define will @@ -57,7 +57,7 @@ CURL_VERSION_BITS() macro since curl's own configure script greps for it and needs it to contain the full number. */ -#define LIBCURL_VERSION_NUM 0x074701 +#define LIBCURL_VERSION_NUM 0x074800 /* * This is the date and time when the full source package was created. The @@ -68,7 +68,7 @@ * * "2007-11-23" */ -#define LIBCURL_TIMESTAMP "2020-07-01" +#define LIBCURL_TIMESTAMP "2020-08-19" #define CURL_VERSION_BITS(x,y,z) ((x)<<16|(y)<<8|(z)) #define CURL_AT_LEAST_VERSION(x,y,z) \ diff --git a/libs/libcurl/include/curl/multi.h b/libs/libcurl/include/curl/multi.h index 2e6bb72d64..b911ba92dd 100644 --- a/libs/libcurl/include/curl/multi.h +++ b/libs/libcurl/include/curl/multi.h @@ -427,12 +427,14 @@ CURL_EXTERN CURLMcode curl_multi_assign(CURLM *multi_handle, * Name: curl_push_callback * * Desc: This callback gets called when a new stream is being pushed by the - * server. It approves or denies the new stream. + * server. It approves or denies the new stream. It can also decide + * to completely fail the connection. * - * Returns: CURL_PUSH_OK or CURL_PUSH_DENY. + * Returns: CURL_PUSH_OK, CURL_PUSH_DENY or CURL_PUSH_ERROROUT */ -#define CURL_PUSH_OK 0 -#define CURL_PUSH_DENY 1 +#define CURL_PUSH_OK 0 +#define CURL_PUSH_DENY 1 +#define CURL_PUSH_ERROROUT 2 /* added in 7.72.0 */ struct curl_pushheaders; /* forward declaration only */ diff --git a/libs/libcurl/libcurl.vcxproj b/libs/libcurl/libcurl.vcxproj index 7b008c49c9..b0c47352ab 100644 --- a/libs/libcurl/libcurl.vcxproj +++ b/libs/libcurl/libcurl.vcxproj @@ -326,6 +326,9 @@ <ClCompile Include="src\splay.c">
<PrecompiledHeader>NotUsing</PrecompiledHeader>
</ClCompile>
+ <ClCompile Include="src\version_win32.c">
+ <PrecompiledHeader>NotUsing</PrecompiledHeader>
+ </ClCompile>
<ClCompile Include="src\vauth\cleartext.c">
<PrecompiledHeader>NotUsing</PrecompiledHeader>
</ClCompile>
@@ -545,6 +548,7 @@ <ClInclude Include="src\url.h" />
<ClInclude Include="src\urlapi-int.h" />
<ClInclude Include="src\urldata.h" />
+ <ClInclude Include="src\version_win32.h" />
<ClInclude Include="src\warnless.h" />
<ClInclude Include="src\wildcard.h" />
<ClInclude Include="src\x509asn1.h" />
diff --git a/libs/libcurl/libcurl.vcxproj.filters b/libs/libcurl/libcurl.vcxproj.filters index 9edb72a990..522c003d21 100644 --- a/libs/libcurl/libcurl.vcxproj.filters +++ b/libs/libcurl/libcurl.vcxproj.filters @@ -299,6 +299,9 @@ <ClCompile Include="src\splay.c">
<Filter>Source Files</Filter>
</ClCompile>
+ <ClCompile Include="src\version_win32.c">
+ <Filter>Source Files</Filter>
+ </ClCompile>
<ClCompile Include="src\vauth\cleartext.c">
<Filter>Source Files</Filter>
</ClCompile>
@@ -802,6 +805,9 @@ <ClInclude Include="src\urldata.h">
<Filter>Header Files</Filter>
</ClInclude>
+ <ClInclude Include="src\version_win32.h">
+ <Filter>Header Files</Filter>
+ </ClInclude>
<ClInclude Include="src\warnless.h">
<Filter>Header Files</Filter>
</ClInclude>
diff --git a/libs/libcurl/src/Makefile.in b/libs/libcurl/src/Makefile.in index 5c99a1d816..3cdf666b3c 100644 --- a/libs/libcurl/src/Makefile.in +++ b/libs/libcurl/src/Makefile.in @@ -228,7 +228,7 @@ am__objects_1 = libcurl_la-altsvc.lo libcurl_la-amigaos.lo \ libcurl_la-transfer.lo libcurl_la-urlapi.lo \ libcurl_la-version.lo libcurl_la-warnless.lo \ libcurl_la-wildcard.lo libcurl_la-x509asn1.lo \ - libcurl_la-dynbuf.lo + libcurl_la-dynbuf.lo libcurl_la-version_win32.lo am__dirstamp = $(am__leading_dot)dirstamp am__objects_2 = vauth/libcurl_la-cleartext.lo vauth/libcurl_la-cram.lo \ vauth/libcurl_la-digest.lo vauth/libcurl_la-digest_sspi.lo \ @@ -317,7 +317,8 @@ am__objects_9 = libcurlu_la-altsvc.lo libcurlu_la-amigaos.lo \ libcurlu_la-timeval.lo libcurlu_la-transfer.lo \ libcurlu_la-urlapi.lo libcurlu_la-version.lo \ libcurlu_la-warnless.lo libcurlu_la-wildcard.lo \ - libcurlu_la-x509asn1.lo libcurlu_la-dynbuf.lo + libcurlu_la-x509asn1.lo libcurlu_la-dynbuf.lo \ + libcurlu_la-version_win32.lo am__objects_10 = vauth/libcurlu_la-cleartext.lo \ vauth/libcurlu_la-cram.lo vauth/libcurlu_la-digest.lo \ vauth/libcurlu_la-digest_sspi.lo \ @@ -469,6 +470,7 @@ am__depfiles_remade = ./$(DEPDIR)/libcurl_la-altsvc.Plo \ ./$(DEPDIR)/libcurl_la-url.Plo \ ./$(DEPDIR)/libcurl_la-urlapi.Plo \ ./$(DEPDIR)/libcurl_la-version.Plo \ + ./$(DEPDIR)/libcurl_la-version_win32.Plo \ ./$(DEPDIR)/libcurl_la-warnless.Plo \ ./$(DEPDIR)/libcurl_la-wildcard.Plo \ ./$(DEPDIR)/libcurl_la-x509asn1.Plo \ @@ -583,6 +585,7 @@ am__depfiles_remade = ./$(DEPDIR)/libcurl_la-altsvc.Plo \ ./$(DEPDIR)/libcurlu_la-url.Plo \ ./$(DEPDIR)/libcurlu_la-urlapi.Plo \ ./$(DEPDIR)/libcurlu_la-version.Plo \ + ./$(DEPDIR)/libcurlu_la-version_win32.Plo \ ./$(DEPDIR)/libcurlu_la-warnless.Plo \ ./$(DEPDIR)/libcurlu_la-wildcard.Plo \ ./$(DEPDIR)/libcurlu_la-x509asn1.Plo \ @@ -768,6 +771,7 @@ HAVE_LDAP_SSL = @HAVE_LDAP_SSL@ HAVE_LIBZ = @HAVE_LIBZ@ HAVE_OPENSSL_SRP = @HAVE_OPENSSL_SRP@ HAVE_PROTO_BSDSOCKET_H = @HAVE_PROTO_BSDSOCKET_H@ +HAVE_ZSTD = @HAVE_ZSTD@ IDN_ENABLED = @IDN_ENABLED@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ @@ -1021,7 +1025,8 @@ LIB_CFILES = altsvc.c amigaos.c asyn-ares.c asyn-thread.c base64.c \ sendf.c setopt.c sha256.c share.c slist.c smb.c smtp.c socketpair.c socks.c \ socks_gssapi.c socks_sspi.c speedcheck.c splay.c strcase.c strdup.c \ strerror.c strtok.c strtoofft.c system_win32.c telnet.c tftp.c timeval.c \ - transfer.c urlapi.c version.c warnless.c wildcard.c x509asn1.c dynbuf.c + transfer.c urlapi.c version.c warnless.c wildcard.c x509asn1.c dynbuf.c \ + version_win32.c LIB_HFILES = altsvc.h amigaos.h arpa_telnet.h asyn.h conncache.h connect.h \ content_encoding.h cookie.h curl_addrinfo.h curl_base64.h curl_ctype.h \ @@ -1040,7 +1045,7 @@ LIB_HFILES = altsvc.h amigaos.h arpa_telnet.h asyn.h conncache.h connect.h \ smb.h smtp.h sockaddr.h socketpair.h socks.h speedcheck.h splay.h strcase.h \ strdup.h strerror.h strtok.h strtoofft.h system_win32.h telnet.h tftp.h \ timeval.h transfer.h urlapi-int.h urldata.h warnless.h wildcard.h \ - x509asn1.h dynbuf.h + x509asn1.h dynbuf.h version_win32.h LIB_RCFILES = libcurl.rc CSOURCES = $(LIB_CFILES) $(LIB_VAUTH_CFILES) $(LIB_VTLS_CFILES) \ @@ -1443,6 +1448,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-url.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-urlapi.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-version.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-version_win32.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-warnless.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-wildcard.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-x509asn1.Plo@am__quote@ # am--include-marker @@ -1557,6 +1563,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-url.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-urlapi.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-version.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-version_win32.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-warnless.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-wildcard.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-x509asn1.Plo@am__quote@ # am--include-marker @@ -2453,6 +2460,13 @@ libcurl_la-dynbuf.lo: dynbuf.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-dynbuf.lo `test -f 'dynbuf.c' || echo '$(srcdir)/'`dynbuf.c +libcurl_la-version_win32.lo: version_win32.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-version_win32.lo -MD -MP -MF $(DEPDIR)/libcurl_la-version_win32.Tpo -c -o libcurl_la-version_win32.lo `test -f 'version_win32.c' || echo '$(srcdir)/'`version_win32.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-version_win32.Tpo $(DEPDIR)/libcurl_la-version_win32.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='version_win32.c' object='libcurl_la-version_win32.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-version_win32.lo `test -f 'version_win32.c' || echo '$(srcdir)/'`version_win32.c + vauth/libcurl_la-cleartext.lo: vauth/cleartext.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vauth/libcurl_la-cleartext.lo -MD -MP -MF vauth/$(DEPDIR)/libcurl_la-cleartext.Tpo -c -o vauth/libcurl_la-cleartext.lo `test -f 'vauth/cleartext.c' || echo '$(srcdir)/'`vauth/cleartext.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurl_la-cleartext.Tpo vauth/$(DEPDIR)/libcurl_la-cleartext.Plo @@ -3475,6 +3489,13 @@ libcurlu_la-dynbuf.lo: dynbuf.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-dynbuf.lo `test -f 'dynbuf.c' || echo '$(srcdir)/'`dynbuf.c +libcurlu_la-version_win32.lo: version_win32.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-version_win32.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-version_win32.Tpo -c -o libcurlu_la-version_win32.lo `test -f 'version_win32.c' || echo '$(srcdir)/'`version_win32.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-version_win32.Tpo $(DEPDIR)/libcurlu_la-version_win32.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='version_win32.c' object='libcurlu_la-version_win32.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-version_win32.lo `test -f 'version_win32.c' || echo '$(srcdir)/'`version_win32.c + vauth/libcurlu_la-cleartext.lo: vauth/cleartext.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vauth/libcurlu_la-cleartext.lo -MD -MP -MF vauth/$(DEPDIR)/libcurlu_la-cleartext.Tpo -c -o vauth/libcurlu_la-cleartext.lo `test -f 'vauth/cleartext.c' || echo '$(srcdir)/'`vauth/cleartext.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurlu_la-cleartext.Tpo vauth/$(DEPDIR)/libcurlu_la-cleartext.Plo @@ -3957,6 +3978,7 @@ distclean: distclean-am -rm -f ./$(DEPDIR)/libcurl_la-url.Plo -rm -f ./$(DEPDIR)/libcurl_la-urlapi.Plo -rm -f ./$(DEPDIR)/libcurl_la-version.Plo + -rm -f ./$(DEPDIR)/libcurl_la-version_win32.Plo -rm -f ./$(DEPDIR)/libcurl_la-warnless.Plo -rm -f ./$(DEPDIR)/libcurl_la-wildcard.Plo -rm -f ./$(DEPDIR)/libcurl_la-x509asn1.Plo @@ -4071,6 +4093,7 @@ distclean: distclean-am -rm -f ./$(DEPDIR)/libcurlu_la-url.Plo -rm -f ./$(DEPDIR)/libcurlu_la-urlapi.Plo -rm -f ./$(DEPDIR)/libcurlu_la-version.Plo + -rm -f ./$(DEPDIR)/libcurlu_la-version_win32.Plo -rm -f ./$(DEPDIR)/libcurlu_la-warnless.Plo -rm -f ./$(DEPDIR)/libcurlu_la-wildcard.Plo -rm -f ./$(DEPDIR)/libcurlu_la-x509asn1.Plo @@ -4294,6 +4317,7 @@ maintainer-clean: maintainer-clean-am -rm -f ./$(DEPDIR)/libcurl_la-url.Plo -rm -f ./$(DEPDIR)/libcurl_la-urlapi.Plo -rm -f ./$(DEPDIR)/libcurl_la-version.Plo + -rm -f ./$(DEPDIR)/libcurl_la-version_win32.Plo -rm -f ./$(DEPDIR)/libcurl_la-warnless.Plo -rm -f ./$(DEPDIR)/libcurl_la-wildcard.Plo -rm -f ./$(DEPDIR)/libcurl_la-x509asn1.Plo @@ -4408,6 +4432,7 @@ maintainer-clean: maintainer-clean-am -rm -f ./$(DEPDIR)/libcurlu_la-url.Plo -rm -f ./$(DEPDIR)/libcurlu_la-urlapi.Plo -rm -f ./$(DEPDIR)/libcurlu_la-version.Plo + -rm -f ./$(DEPDIR)/libcurlu_la-version_win32.Plo -rm -f ./$(DEPDIR)/libcurlu_la-warnless.Plo -rm -f ./$(DEPDIR)/libcurlu_la-wildcard.Plo -rm -f ./$(DEPDIR)/libcurlu_la-x509asn1.Plo diff --git a/libs/libcurl/src/Makefile.inc b/libs/libcurl/src/Makefile.inc index 723b826e90..ae3f961cf9 100644 --- a/libs/libcurl/src/Makefile.inc +++ b/libs/libcurl/src/Makefile.inc @@ -60,7 +60,8 @@ LIB_CFILES = altsvc.c amigaos.c asyn-ares.c asyn-thread.c base64.c \ sendf.c setopt.c sha256.c share.c slist.c smb.c smtp.c socketpair.c socks.c \ socks_gssapi.c socks_sspi.c speedcheck.c splay.c strcase.c strdup.c \ strerror.c strtok.c strtoofft.c system_win32.c telnet.c tftp.c timeval.c \ - transfer.c urlapi.c version.c warnless.c wildcard.c x509asn1.c dynbuf.c + transfer.c urlapi.c version.c warnless.c wildcard.c x509asn1.c dynbuf.c \ + version_win32.c LIB_HFILES = altsvc.h amigaos.h arpa_telnet.h asyn.h conncache.h connect.h \ content_encoding.h cookie.h curl_addrinfo.h curl_base64.h curl_ctype.h \ @@ -79,7 +80,7 @@ LIB_HFILES = altsvc.h amigaos.h arpa_telnet.h asyn.h conncache.h connect.h \ smb.h smtp.h sockaddr.h socketpair.h socks.h speedcheck.h splay.h strcase.h \ strdup.h strerror.h strtok.h strtoofft.h system_win32.h telnet.h tftp.h \ timeval.h transfer.h urlapi-int.h urldata.h warnless.h wildcard.h \ - x509asn1.h dynbuf.h + x509asn1.h dynbuf.h version_win32.h LIB_RCFILES = libcurl.rc diff --git a/libs/libcurl/src/Makefile.m32 b/libs/libcurl/src/Makefile.m32 index fe8701bdb6..02b31106c6 100644 --- a/libs/libcurl/src/Makefile.m32 +++ b/libs/libcurl/src/Makefile.m32 @@ -24,7 +24,7 @@ # ## Makefile for building libcurl.a with MingW (GCC-3.2 or later or LLVM/Clang) ## and optionally OpenSSL (1.0.2a), libssh2 (1.5), zlib (1.2.8), librtmp (2.4), -## brotli (1.0.1) +## brotli (1.0.1), zstd (1.4.5) ## ## Usage: mingw32-make -f Makefile.m32 CFG=-feature1[-feature2][-feature3][...] ## Example: mingw32-make -f Makefile.m32 CFG=-zlib-ssl-sspi-winidn @@ -39,6 +39,10 @@ ifndef ZLIB_PATH ZLIB_PATH = ../../zlib-1.2.8 endif +# Edit the path below to point to the base of your Zstandard sources. +ifndef ZSTD_PATH +ZSTD_PATH = ../../zstd-1.4.5 +endif # Edit the path below to point to the base of your Brotli sources. ifndef BROTLI_PATH BROTLI_PATH = ../../brotli-1.0.1 @@ -180,6 +184,9 @@ endif ifeq ($(findstring -zlib,$(CFG)),-zlib) ZLIB = 1 endif +ifeq ($(findstring -zstd,$(CFG)),-zstd) +ZSTD = 1 +endif ifeq ($(findstring -brotli,$(CFG)),-brotli) BROTLI = 1 endif @@ -288,6 +295,11 @@ ifdef ZLIB CFLAGS += -DHAVE_LIBZ -DHAVE_ZLIB_H DLL_LIBS += -L"$(ZLIB_PATH)" -lz endif +ifdef ZSTD + INCLUDES += -I"$(ZSTD_PATH)/include" + CFLAGS += -DHAVE_ZSTD + DLL_LIBS += -L"$(ZSTD_PATH)/lib" -lzstd +endif ifdef BROTLI INCLUDES += -I"$(BROTLI_PATH)/include" CFLAGS += -DHAVE_BROTLI diff --git a/libs/libcurl/src/asyn-ares.c b/libs/libcurl/src/asyn-ares.c index ba5160b253..e65150744c 100644 --- a/libs/libcurl/src/asyn-ares.c +++ b/libs/libcurl/src/asyn-ares.c @@ -633,7 +633,7 @@ struct Curl_addrinfo *Curl_resolver_getaddrinfo(struct connectdata *conn, *waitp = 0; /* default to synchronous response */ -#ifdef ENABLE_IPV6 /* CURLRES_IPV6 */ +#ifdef ENABLE_IPV6 switch(conn->ip_version) { default: #if ARES_VERSION >= 0x010601 @@ -649,7 +649,7 @@ struct Curl_addrinfo *Curl_resolver_getaddrinfo(struct connectdata *conn, family = PF_INET6; break; } -#endif /* CURLRES_IPV6 */ +#endif /* ENABLE_IPV6 */ bufp = strdup(hostname); if(bufp) { @@ -670,7 +670,7 @@ struct Curl_addrinfo *Curl_resolver_getaddrinfo(struct connectdata *conn, /* initial status - failed */ res->last_status = ARES_ENOTFOUND; -#ifdef ENABLE_IPV6 /* CURLRES_IPV6 */ +#ifdef ENABLE_IPV6 if(family == PF_UNSPEC) { if(Curl_ipv6works(conn)) { res->num_pending = 2; @@ -690,7 +690,7 @@ struct Curl_addrinfo *Curl_resolver_getaddrinfo(struct connectdata *conn, } } else -#endif /* CURLRES_IPV6 */ +#endif /* ENABLE_IPV6 */ { res->num_pending = 1; diff --git a/libs/libcurl/src/asyn.h b/libs/libcurl/src/asyn.h index be2796cf0f..bd3c3c1230 100644 --- a/libs/libcurl/src/asyn.h +++ b/libs/libcurl/src/asyn.h @@ -164,7 +164,6 @@ struct Curl_addrinfo *Curl_resolver_getaddrinfo(struct connectdata *conn, #define Curl_resolver_kill(x) Curl_nop_stmt #define Curl_resolver_is_resolved(x,y) CURLE_COULDNT_RESOLVE_HOST #define Curl_resolver_wait_resolv(x,y) CURLE_COULDNT_RESOLVE_HOST -#define Curl_resolver_getsock(x,y,z) 0 #define Curl_resolver_duphandle(x,y,z) CURLE_OK #define Curl_resolver_init(x,y) CURLE_OK #define Curl_resolver_global_init() CURLE_OK diff --git a/libs/libcurl/src/checksrc.pl b/libs/libcurl/src/checksrc.pl index 97b8f9e1d2..498da94bbc 100644 --- a/libs/libcurl/src/checksrc.pl +++ b/libs/libcurl/src/checksrc.pl @@ -592,7 +592,8 @@ sub scanfile { # scan for use of banned functions if($l =~ /^(.*\W) - (gets| + (gmtime|localtime| + gets| strtok| v?sprintf| (str|_mbs|_tcs|_wcs)n?cat| diff --git a/libs/libcurl/src/config-win32.h b/libs/libcurl/src/config-win32.h index 0463d14521..316043d817 100644 --- a/libs/libcurl/src/config-win32.h +++ b/libs/libcurl/src/config-win32.h @@ -246,10 +246,6 @@ /* Define if you have the socket function. */ #define HAVE_SOCKET 1 -/* Define if libSSH2 is in use */ -#define USE_LIBSSH2 1 -#define HAVE_LIBSSH2_H 1 - /* Define if you have the strcasecmp function. */ /* #define HAVE_STRCASECMP 1 */ @@ -717,26 +713,27 @@ Vista # define CURL_DISABLE_LDAP 1 #endif -/* if SSL is enabled */ -#define USE_OPENSSL 1 - /* Define to use the Windows crypto library. */ #if !defined(CURL_WINDOWS_APP) #define USE_WIN32_CRYPTO #endif +/* On MinGW the ADDRESS_FAMILY typedef was committed alongside LUP_SECURE, + so we use it to check for the presence of the typedef. */ +#include <ws2tcpip.h> +#if !defined(__MINGW32__) || defined(LUP_SECURE) /* Define to use Unix sockets. */ #define USE_UNIX_SOCKETS #if !defined(UNIX_PATH_MAX) /* Replicating logic present in afunix.h of newer Windows 10 SDK versions */ # define UNIX_PATH_MAX 108 -# include <ws2tcpip.h> /* !checksrc! disable TYPEDEFSTRUCT 1 */ typedef struct sockaddr_un { ADDRESS_FAMILY sun_family; char sun_path[UNIX_PATH_MAX]; } SOCKADDR_UN, *PSOCKADDR_UN; #endif +#endif /* ---------------------------------------------------------------- */ /* ADDITIONAL DEFINITIONS */ diff --git a/libs/libcurl/src/connect.c b/libs/libcurl/src/connect.c index 29293f0874..b000b1b2c2 100644 --- a/libs/libcurl/src/connect.c +++ b/libs/libcurl/src/connect.c @@ -74,7 +74,7 @@ #include "warnless.h" #include "conncache.h" #include "multihandle.h" -#include "system_win32.h" +#include "version_win32.h" #include "quic.h" #include "socks.h" @@ -934,10 +934,10 @@ CURLcode Curl_is_connected(struct connectdata *conn, return CURLE_OK; } - infof(data, "Connection failed\n"); } - else if(rc & CURL_CSELECT_ERR) + else if(rc & CURL_CSELECT_ERR) { (void)verifyconnect(conn->tempsock[i], &error); + } /* * The connection failed here, we should attempt to connect to the "next @@ -1085,8 +1085,8 @@ void Curl_sndbufset(curl_socket_t sockfd) static int detectOsState = DETECT_OS_NONE; if(detectOsState == DETECT_OS_NONE) { - if(Curl_verify_windows_version(6, 0, PLATFORM_WINNT, - VERSION_GREATER_THAN_EQUAL)) + if(curlx_verify_windows_version(6, 0, PLATFORM_WINNT, + VERSION_GREATER_THAN_EQUAL)) detectOsState = DETECT_OS_VISTA_OR_LATER; else detectOsState = DETECT_OS_PREVISTA; @@ -1363,15 +1363,15 @@ CURLcode Curl_connecthost(struct connectdata *conn, /* context */ } struct connfind { - struct connectdata *tofind; - bool found; + long id_tofind; + struct connectdata *found; }; static int conn_is_conn(struct connectdata *conn, void *param) { struct connfind *f = (struct connfind *)param; - if(conn == f->tofind) { - f->found = TRUE; + if(conn->connection_id == f->id_tofind) { + f->found = conn; return 1; } return 0; @@ -1393,21 +1393,22 @@ curl_socket_t Curl_getconnectinfo(struct Curl_easy *data, * - that is associated with a multi handle, and whose connection * was detached with CURLOPT_CONNECT_ONLY */ - if(data->state.lastconnect && (data->multi_easy || data->multi)) { - struct connectdata *c = data->state.lastconnect; + if((data->state.lastconnect_id != -1) && (data->multi_easy || data->multi)) { + struct connectdata *c; struct connfind find; - find.tofind = data->state.lastconnect; - find.found = FALSE; + find.id_tofind = data->state.lastconnect_id; + find.found = NULL; Curl_conncache_foreach(data, data->multi_easy? &data->multi_easy->conn_cache: &data->multi->conn_cache, &find, conn_is_conn); if(!find.found) { - data->state.lastconnect = NULL; + data->state.lastconnect_id = -1; return CURL_SOCKET_BAD; } + c = find.found; if(connp) { /* only store this if the caller cares for it */ *connp = c; diff --git a/libs/libcurl/src/content_encoding.c b/libs/libcurl/src/content_encoding.c index e2e68a1166..2fc3d43c44 100644 --- a/libs/libcurl/src/content_encoding.c +++ b/libs/libcurl/src/content_encoding.c @@ -38,6 +38,10 @@ #include <brotli/decode.h> #endif +#ifdef HAVE_ZSTD +#include <zstd.h> +#endif + #include "sendf.h" #include "http.h" #include "content_encoding.h" @@ -710,6 +714,95 @@ static const struct content_encoding brotli_encoding = { #endif +#ifdef HAVE_ZSTD +/* Writer parameters. */ +struct zstd_params { + ZSTD_DStream *zds; /* State structure for zstd. */ + void *decomp; +}; + +static CURLcode zstd_init_writer(struct connectdata *conn, + struct contenc_writer *writer) +{ + struct zstd_params *zp = (struct zstd_params *)&writer->params; + (void)conn; + + if(!writer->downstream) + return CURLE_WRITE_ERROR; + + zp->zds = ZSTD_createDStream(); + zp->decomp = NULL; + return zp->zds ? CURLE_OK : CURLE_OUT_OF_MEMORY; +} + +static CURLcode zstd_unencode_write(struct connectdata *conn, + struct contenc_writer *writer, + const char *buf, size_t nbytes) +{ + CURLcode result = CURLE_OK; + struct zstd_params *zp = (struct zstd_params *)&writer->params; + ZSTD_inBuffer in; + ZSTD_outBuffer out; + size_t errorCode; + + if(!zp->decomp) { + zp->decomp = malloc(DSIZ); + if(!zp->decomp) + return CURLE_OUT_OF_MEMORY; + } + in.pos = 0; + in.src = buf; + in.size = nbytes; + + for(;;) { + out.pos = 0; + out.dst = zp->decomp; + out.size = DSIZ; + + errorCode = ZSTD_decompressStream(zp->zds, &out, &in); + if(ZSTD_isError(errorCode)) { + return CURLE_BAD_CONTENT_ENCODING; + } + if(out.pos > 0) { + result = Curl_unencode_write(conn, writer->downstream, + zp->decomp, out.pos); + if(result) + break; + } + if((in.pos == nbytes) && (out.pos < out.size)) + break; + } + + return result; +} + +static void zstd_close_writer(struct connectdata *conn, + struct contenc_writer *writer) +{ + struct zstd_params *zp = (struct zstd_params *)&writer->params; + (void)conn; + + if(zp->decomp) { + free(zp->decomp); + zp->decomp = NULL; + } + if(zp->zds) { + ZSTD_freeDStream(zp->zds); + zp->zds = NULL; + } +} + +static const struct content_encoding zstd_encoding = { + "zstd", + NULL, + zstd_init_writer, + zstd_unencode_write, + zstd_close_writer, + sizeof(struct zstd_params) +}; +#endif + + /* Identity handler. */ static CURLcode identity_init_writer(struct connectdata *conn, struct contenc_writer *writer) @@ -752,6 +845,9 @@ static const struct content_encoding * const encodings[] = { #ifdef HAVE_BROTLI &brotli_encoding, #endif +#ifdef HAVE_ZSTD + &zstd_encoding, +#endif NULL }; diff --git a/libs/libcurl/src/curl_config.h.cmake b/libs/libcurl/src/curl_config.h.cmake index 05a5acb038..dd870789ec 100644 --- a/libs/libcurl/src/curl_config.h.cmake +++ b/libs/libcurl/src/curl_config.h.cmake @@ -437,6 +437,9 @@ /* if brotli is available */ #cmakedefine HAVE_BROTLI 1 +/* if zstd is available */ +#cmakedefine HAVE_ZSTD 1 + /* if your compiler supports LL */ #cmakedefine HAVE_LL 1 diff --git a/libs/libcurl/src/curl_config.h.in b/libs/libcurl/src/curl_config.h.in index dc792f4ca7..2f5511a747 100644 --- a/libs/libcurl/src/curl_config.h.in +++ b/libs/libcurl/src/curl_config.h.in @@ -434,6 +434,9 @@ /* if zlib is available */ #undef HAVE_LIBZ +/* Define to 1 if you have the `zstd' library (-lzstd). */ +#undef HAVE_LIBZSTD + /* Define to 1 if you have the <linux/tcp.h> header file. */ #undef HAVE_LINUX_TCP_H @@ -798,8 +801,8 @@ /* Define to 1 if you have the `wolfSSLv3_client_method' function. */ #undef HAVE_WOLFSSLV3_CLIENT_METHOD -/* if you have wolfSSL_DES_set_odd_parity */ -#undef HAVE_WOLFSSL_DES_SET_ODD_PARITY +/* if you have wolfSSL_DES_ecb_encrypt */ +#undef HAVE_WOLFSSL_DES_ECB_ENCRYPT /* Define to 1 if you have the `wolfSSL_get_peer_certificate' function. */ #undef HAVE_WOLFSSL_GET_PEER_CERTIFICATE @@ -822,6 +825,12 @@ /* if you have the zlib.h header file */ #undef HAVE_ZLIB_H +/* if libzstd is in use */ +#undef HAVE_ZSTD + +/* Define to 1 if you have the <zstd.h> header file. */ +#undef HAVE_ZSTD_H + /* Define to the sub-directory where libtool stores uninstalled libraries. */ #undef LT_OBJDIR diff --git a/libs/libcurl/src/curl_setup.h b/libs/libcurl/src/curl_setup.h index d76c630d05..21c3f3487f 100644 --- a/libs/libcurl/src/curl_setup.h +++ b/libs/libcurl/src/curl_setup.h @@ -641,7 +641,7 @@ int netware_init(void); defined(USE_GNUTLS) || defined(USE_NSS) || defined(USE_SECTRANSP) || \ defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO) || \ defined(USE_MBEDTLS) || \ - (defined(USE_WOLFSSL) && defined(HAVE_WOLFSSL_DES_SET_ODD_PARITY)) + (defined(USE_WOLFSSL) && defined(HAVE_WOLFSSL_DES_ECB_ENCRYPT)) #define USE_NTLM diff --git a/libs/libcurl/src/curl_sspi.c b/libs/libcurl/src/curl_sspi.c index 83ece9afdc..512ce24113 100644 --- a/libs/libcurl/src/curl_sspi.c +++ b/libs/libcurl/src/curl_sspi.c @@ -28,6 +28,7 @@ #include "curl_sspi.h" #include "curl_multibyte.h" #include "system_win32.h" +#include "version_win32.h" #include "warnless.h" /* The last #include files should be: */ @@ -82,7 +83,7 @@ CURLcode Curl_sspi_global_init(void) * have both these DLLs (security.dll forwards calls to secur32.dll) */ /* Load SSPI dll into the address space of the calling process */ - if(Curl_verify_windows_version(4, 0, PLATFORM_WINNT, VERSION_EQUAL)) + if(curlx_verify_windows_version(4, 0, PLATFORM_WINNT, VERSION_EQUAL)) s_hSecDll = Curl_load_library(TEXT("security.dll")); else s_hSecDll = Curl_load_library(TEXT("secur32.dll")); diff --git a/libs/libcurl/src/curlx.h b/libs/libcurl/src/curlx.h index a8bae14b90..98e51bf566 100644 --- a/libs/libcurl/src/curlx.h +++ b/libs/libcurl/src/curlx.h @@ -63,6 +63,9 @@ curlx_unicodefree() */ +#include "version_win32.h" +/* "version_win32.h" provides curlx_verify_windows_version() */ + /* Now setup curlx_ * names for the functions that are to become curlx_ and be removed from a future libcurl official API: curlx_getenv diff --git a/libs/libcurl/src/doh.c b/libs/libcurl/src/doh.c index ebb2c243bc..8bc3428ff5 100644 --- a/libs/libcurl/src/doh.c +++ b/libs/libcurl/src/doh.c @@ -858,7 +858,7 @@ doh2ai(const struct dohentry *de, const char *hostname, int port) addr = (void *)ai->ai_addr; /* storage area for this info */ DEBUGASSERT(sizeof(struct in_addr) == sizeof(de->addr[i].ip.v4)); memcpy(&addr->sin_addr, &de->addr[i].ip.v4, sizeof(struct in_addr)); - addr->sin_family = (CURL_SA_FAMILY_T)addrtype; + addr->sin_family = addrtype; addr->sin_port = htons((unsigned short)port); break; @@ -867,7 +867,7 @@ doh2ai(const struct dohentry *de, const char *hostname, int port) addr6 = (void *)ai->ai_addr; /* storage area for this info */ DEBUGASSERT(sizeof(struct in6_addr) == sizeof(de->addr[i].ip.v6)); memcpy(&addr6->sin6_addr, &de->addr[i].ip.v6, sizeof(struct in6_addr)); - addr6->sin6_family = (CURL_SA_FAMILY_T)addrtype; + addr6->sin6_family = addrtype; addr6->sin6_port = htons((unsigned short)port); break; #endif diff --git a/libs/libcurl/src/dynbuf.h b/libs/libcurl/src/dynbuf.h index c80239e29c..ecc9957553 100644 --- a/libs/libcurl/src/dynbuf.h +++ b/libs/libcurl/src/dynbuf.h @@ -53,11 +53,11 @@ size_t Curl_dyn_len(const struct dynbuf *s); #define DYN_HAXPROXY 2048 #define DYN_HTTP_REQUEST (128*1024) #define DYN_H2_HEADERS (128*1024) -#define DYN_H2_TRAILER 4096 +#define DYN_H2_TRAILERS (128*1024) #define DYN_APRINTF 8000000 #define DYN_RTSP_REQ_HEADER (64*1024) #define DYN_TRAILERS (64*1024) #define DYN_PROXY_CONNECT_HEADERS 16384 #define DYN_QLOG_NAME 1024 -#define DYN_H1_TRAILER DYN_H2_TRAILER +#define DYN_H1_TRAILER 4096 #endif diff --git a/libs/libcurl/src/easy.c b/libs/libcurl/src/easy.c index 292cca7f6f..a69eb9e567 100644 --- a/libs/libcurl/src/easy.c +++ b/libs/libcurl/src/easy.c @@ -838,8 +838,7 @@ struct Curl_easy *curl_easy_duphandle(struct Curl_easy *data) /* the connection cache is setup on demand */ outcurl->state.conn_cache = NULL; - - outcurl->state.lastconnect = NULL; + outcurl->state.lastconnect_id = -1; outcurl->progress.flags = data->progress.flags; outcurl->progress.callback = data->progress.callback; diff --git a/libs/libcurl/src/ftp.c b/libs/libcurl/src/ftp.c index 20351ff865..9fadac5138 100644 --- a/libs/libcurl/src/ftp.c +++ b/libs/libcurl/src/ftp.c @@ -3251,9 +3251,9 @@ static CURLcode ftp_done(struct connectdata *conn, CURLcode status, } if(conn->ssl[SECONDARYSOCKET].use) { - /* The secondary socket used SSL so we must close down that part first - before we close the socket for real */ - result = Curl_ssl_shutdown(conn, SECONDARYSOCKET); + /* The secondary socket is using SSL so we must close down that part + first before we close the socket for real */ + Curl_ssl_close(conn, SECONDARYSOCKET); /* Note that we keep "use" set to TRUE since that (next) connection is still requested to use SSL */ diff --git a/libs/libcurl/src/getinfo.c b/libs/libcurl/src/getinfo.c index 6d5bd5fc5b..82691dcc71 100644 --- a/libs/libcurl/src/getinfo.c +++ b/libs/libcurl/src/getinfo.c @@ -78,6 +78,7 @@ CURLcode Curl_initinfo(struct Curl_easy *data) info->conn_local_ip[0] = '\0'; info->conn_primary_port = 0; info->conn_local_port = 0; + info->retry_after = 0; info->conn_scheme = 0; info->conn_protocol = 0; @@ -95,6 +96,34 @@ static CURLcode getinfo_char(struct Curl_easy *data, CURLINFO info, case CURLINFO_EFFECTIVE_URL: *param_charp = data->change.url?data->change.url:(char *)""; break; + case CURLINFO_EFFECTIVE_METHOD: { + const char *m = data->set.str[STRING_CUSTOMREQUEST]; + if(!m) { + if(data->set.opt_no_body) + m = "HEAD"; + else { + switch(data->state.httpreq) { + case HTTPREQ_POST: + case HTTPREQ_POST_FORM: + case HTTPREQ_POST_MIME: + m = "POST"; + break; + case HTTPREQ_PUT: + m = "PUT"; + break; + default: /* this should never happen */ + case HTTPREQ_GET: + m = "GET"; + break; + case HTTPREQ_HEAD: + m = "HEAD"; + break; + } + } + } + *param_charp = m; + } + break; case CURLINFO_CONTENT_TYPE: *param_charp = data->info.contenttype; break; diff --git a/libs/libcurl/src/http.c b/libs/libcurl/src/http.c index 28d66c287f..8fcdd436d7 100644 --- a/libs/libcurl/src/http.c +++ b/libs/libcurl/src/http.c @@ -2014,9 +2014,6 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) case HTTPREQ_PUT: request = "PUT"; break; - case HTTPREQ_OPTIONS: - request = "OPTIONS"; - break; default: /* this should never happen */ case HTTPREQ_GET: request = "GET"; diff --git a/libs/libcurl/src/http.h b/libs/libcurl/src/http.h index 641bc0b93a..9ea3eb2830 100644 --- a/libs/libcurl/src/http.h +++ b/libs/libcurl/src/http.h @@ -148,6 +148,7 @@ struct HTTP { struct dynbuf header_recvbuf; size_t nread_header_recvbuf; /* number of bytes in header_recvbuf fed into upper layer */ + struct dynbuf trailer_recvbuf; int status_code; /* HTTP status code */ const uint8_t *pausedata; /* pointer to data received in on_data_chunk */ size_t pauselen; /* the number of bytes left in data */ diff --git a/libs/libcurl/src/http2.c b/libs/libcurl/src/http2.c index 6cf651f0c0..d316da8b6a 100644 --- a/libs/libcurl/src/http2.c +++ b/libs/libcurl/src/http2.c @@ -514,7 +514,7 @@ static int push_promise(struct Curl_easy *data, struct connectdata *conn, const nghttp2_push_promise *frame) { - int rv; + int rv; /* one of the CURL_PUSH_* defines */ H2BUGF(infof(data, "PUSH_PROMISE received, stream %u!\n", frame->promised_stream_id)); if(data->multi->push_cb) { @@ -528,7 +528,7 @@ static int push_promise(struct Curl_easy *data, struct Curl_easy *newhandle = duphandle(data); if(!newhandle) { infof(data, "failed to duplicate handle\n"); - rv = 1; /* FAIL HARD */ + rv = CURL_PUSH_DENY; /* FAIL HARD */ goto fail; } @@ -541,13 +541,15 @@ static int push_promise(struct Curl_easy *data, if(!stream) { failf(data, "Internal NULL stream!\n"); (void)Curl_close(&newhandle); - rv = 1; + rv = CURL_PUSH_DENY; goto fail; } rv = set_transfer_url(newhandle, &heads); - if(rv) + if(rv) { + rv = CURL_PUSH_DENY; goto fail; + } Curl_set_in_callback(data, true); rv = data->multi->push_cb(data, newhandle, @@ -563,6 +565,7 @@ static int push_promise(struct Curl_easy *data, stream->push_headers_used = 0; if(rv) { + DEBUGASSERT((rv > CURL_PUSH_OK) && (rv <= CURL_PUSH_ERROROUT)); /* denied, kill off the new handle again */ http2_stream_free(newhandle->req.protop); newhandle->req.protop = NULL; @@ -583,7 +586,7 @@ static int push_promise(struct Curl_easy *data, http2_stream_free(newhandle->req.protop); newhandle->req.protop = NULL; Curl_close(&newhandle); - rv = 1; + rv = CURL_PUSH_DENY; goto fail; } @@ -595,12 +598,13 @@ static int push_promise(struct Curl_easy *data, infof(data, "failed to set user_data for stream %d\n", frame->promised_stream_id); DEBUGASSERT(0); + rv = CURL_PUSH_DENY; goto fail; } } else { H2BUGF(infof(data, "Got PUSH_PROMISE, ignore it!\n")); - rv = 1; + rv = CURL_PUSH_DENY; } fail: return rv; @@ -737,11 +741,16 @@ static int on_frame_recv(nghttp2_session *session, const nghttp2_frame *frame, case NGHTTP2_PUSH_PROMISE: rv = push_promise(data_s, conn, &frame->push_promise); if(rv) { /* deny! */ - rv = nghttp2_submit_rst_stream(session, NGHTTP2_FLAG_NONE, + int h2; + DEBUGASSERT((rv > CURL_PUSH_OK) && (rv <= CURL_PUSH_ERROROUT)); + h2 = nghttp2_submit_rst_stream(session, NGHTTP2_FLAG_NONE, frame->push_promise.promised_stream_id, NGHTTP2_CANCEL); - if(nghttp2_is_fatal(rv)) { - return rv; + if(nghttp2_is_fatal(h2)) + return NGHTTP2_ERR_CALLBACK_FAILURE; + else if(rv == CURL_PUSH_ERROROUT) { + DEBUGF(infof(data_s, "Fail the parent stream (too)\n")); + return NGHTTP2_ERR_CALLBACK_FAILURE; } } break; @@ -839,7 +848,7 @@ static int on_stream_close(nghttp2_session *session, int32_t stream_id, return 0; } H2BUGF(infof(data_s, "on_stream_close(), %s (err %d), stream %u\n", - nghttp2_strerror(error_code), error_code, stream_id)); + nghttp2_http2_strerror(error_code), error_code, stream_id)); stream = data_s->req.protop; if(!stream) return NGHTTP2_ERR_CALLBACK_FAILURE; @@ -1006,18 +1015,11 @@ static int on_header(nghttp2_session *session, const nghttp2_frame *frame, if(stream->bodystarted) { /* This is a trailer */ - struct dynbuf trail; H2BUGF(infof(data_s, "h2 trailer: %.*s: %.*s\n", namelen, name, valuelen, value)); - Curl_dyn_init(&trail, DYN_H2_TRAILER); - result = Curl_dyn_addf(&trail, + result = Curl_dyn_addf(&stream->trailer_recvbuf, "%.*s: %.*s\r\n", namelen, name, valuelen, value); - if(!result) - result = Curl_client_write(conn, CLIENTWRITE_HEADER, - Curl_dyn_ptr(&trail), - Curl_dyn_len(&trail)); - Curl_dyn_free(&trail); if(result) return NGHTTP2_ERR_CALLBACK_FAILURE; @@ -1165,6 +1167,7 @@ void Curl_http2_done(struct Curl_easy *data, bool premature) /* there might be allocated resources done before this got the 'h2' pointer setup */ Curl_dyn_free(&http->header_recvbuf); + Curl_dyn_free(&http->trailer_recvbuf); if(http->push_headers) { /* if they weren't used and then freed before */ for(; http->push_headers_used > 0; --http->push_headers_used) { @@ -1174,7 +1177,8 @@ void Curl_http2_done(struct Curl_easy *data, bool premature) http->push_headers = NULL; } - if(!httpc->h2) /* not HTTP/2 ? */ + if(!(data->conn->handler->protocol&PROTO_FAMILY_HTTP) || + !httpc->h2) /* not HTTP/2 ? */ return; if(premature) { @@ -1203,6 +1207,13 @@ void Curl_http2_done(struct Curl_easy *data, bool premature) } http->stream_id = 0; } + + if(0 == nghttp2_session_check_request_allowed(httpc->h2)) { + /* No more requests are allowed in the current session, so the connection + may not be reused. This is set when a GOAWAY frame has been received or + when the limit of stream identifiers has been reached. */ + connclose(data->conn, "http/2: No new requests allowed"); + } } /* @@ -1456,7 +1467,7 @@ static ssize_t http2_handle_stream_close(struct connectdata *conn, } else if(httpc->error_code != NGHTTP2_NO_ERROR) { failf(data, "HTTP/2 stream %d was not closed cleanly: %s (err %u)", - stream->stream_id, nghttp2_strerror(httpc->error_code), + stream->stream_id, nghttp2_http2_strerror(httpc->error_code), httpc->error_code); *err = CURLE_HTTP2_STREAM; return -1; @@ -1470,6 +1481,31 @@ static ssize_t http2_handle_stream_close(struct connectdata *conn, return -1; } + if(Curl_dyn_len(&stream->trailer_recvbuf)) { + char *trailp = Curl_dyn_ptr(&stream->trailer_recvbuf); + char *lf; + + do { + size_t len = 0; + CURLcode result; + /* each trailer line ends with a newline */ + lf = strchr(trailp, '\n'); + if(!lf) + break; + len = lf + 1 - trailp; + + if(data->set.verbose) + Curl_debug(data, CURLINFO_HEADER_IN, trailp, len); + /* pass the trailers one by one to the callback */ + result = Curl_client_write(conn, CLIENTWRITE_HEADER, trailp, len); + if(result) { + *err = result; + return -1; + } + trailp = ++lf; + } while(lf); + } + stream->close_handled = TRUE; H2BUGF(infof(data, "http2_recv returns 0, http2_handle_stream_close\n")); @@ -2075,6 +2111,9 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex, h2_pri_spec(conn->data, &pri_spec); + H2BUGF(infof(conn->data, "http2_send request allowed %d (easy handle %p)\n", + nghttp2_session_check_request_allowed(h2), (void *)conn->data)); + switch(conn->data->state.httpreq) { case HTTPREQ_POST: case HTTPREQ_POST_FORM: @@ -2151,6 +2190,7 @@ CURLcode Curl_http2_setup(struct connectdata *conn) stream->stream_id = -1; Curl_dyn_init(&stream->header_recvbuf, DYN_H2_HEADERS); + Curl_dyn_init(&stream->trailer_recvbuf, DYN_H2_TRAILERS); if((conn->handler == &Curl_handler_http2_ssl) || (conn->handler == &Curl_handler_http2)) diff --git a/libs/libcurl/src/libcurl.plist b/libs/libcurl/src/libcurl.plist index f206ea8f6f..1b3d178c38 100644 --- a/libs/libcurl/src/libcurl.plist +++ b/libs/libcurl/src/libcurl.plist @@ -15,7 +15,7 @@ <string>se.haxx.curl.libcurl</string> <key>CFBundleVersion</key> - <string>7.71.1</string> + <string>7.72.0</string> <key>CFBundleName</key> <string>libcurl</string> @@ -27,9 +27,9 @@ <string>????</string> <key>CFBundleShortVersionString</key> - <string>libcurl 7.71.1</string> + <string>libcurl 7.72.0</string> <key>CFBundleGetInfoString</key> - <string>libcurl.plist 7.71.1</string> + <string>libcurl.plist 7.72.0</string> </dict> </plist> diff --git a/libs/libcurl/src/md4.c b/libs/libcurl/src/md4.c index 0fab52def7..67119cda5d 100644 --- a/libs/libcurl/src/md4.c +++ b/libs/libcurl/src/md4.c @@ -102,7 +102,9 @@ static void MD4_Final(unsigned char *result, MD4_CTX *ctx) #include <openssl/md4.h> #elif (defined(__MAC_OS_X_VERSION_MAX_ALLOWED) && \ - (__MAC_OS_X_VERSION_MAX_ALLOWED >= 1040)) || \ + (__MAC_OS_X_VERSION_MAX_ALLOWED >= 1040) && \ + defined(__MAC_OS_X_VERSION_MIN_ALLOWED) && \ + (__MAC_OS_X_VERSION_MIN_ALLOWED < 101500)) || \ (defined(__IPHONE_OS_VERSION_MAX_ALLOWED) && \ (__IPHONE_OS_VERSION_MAX_ALLOWED >= 20000)) diff --git a/libs/libcurl/src/md5.c b/libs/libcurl/src/md5.c index 557a51e6c0..d21625f6ba 100644 --- a/libs/libcurl/src/md5.c +++ b/libs/libcurl/src/md5.c @@ -139,7 +139,9 @@ static void MD5_Final(unsigned char *digest, MD5_CTX *ctx) } #elif (defined(__MAC_OS_X_VERSION_MAX_ALLOWED) && \ - (__MAC_OS_X_VERSION_MAX_ALLOWED >= 1040)) || \ + (__MAC_OS_X_VERSION_MAX_ALLOWED >= 1040) && \ + defined(__MAC_OS_X_VERSION_MIN_ALLOWED) && \ + (__MAC_OS_X_VERSION_MIN_ALLOWED < 101500)) || \ (defined(__IPHONE_OS_VERSION_MAX_ALLOWED) && \ (__IPHONE_OS_VERSION_MAX_ALLOWED >= 20000)) diff --git a/libs/libcurl/src/memdebug.c b/libs/libcurl/src/memdebug.c index 1c6b151493..da75c9f5db 100644 --- a/libs/libcurl/src/memdebug.c +++ b/libs/libcurl/src/memdebug.c @@ -456,6 +456,16 @@ FILE *curl_dbg_fopen(const char *file, const char *mode, return res; } +FILE *curl_dbg_fdopen(int filedes, const char *mode, + int line, const char *source) +{ + FILE *res = fdopen(filedes, mode); + if(source) + curl_dbg_log("FILE %s:%d fdopen(\"%d\",\"%s\") = %p\n", + source, line, filedes, mode, (void *)res); + return res; +} + int curl_dbg_fclose(FILE *file, int line, const char *source) { int res; diff --git a/libs/libcurl/src/memdebug.h b/libs/libcurl/src/memdebug.h index 7ca4426269..4edafdfb5c 100644 --- a/libs/libcurl/src/memdebug.h +++ b/libs/libcurl/src/memdebug.h @@ -8,7 +8,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -79,6 +79,9 @@ CURL_EXTERN RECV_TYPE_RETV curl_dbg_recv(RECV_TYPE_ARG1 sockfd, /* FILE functions */ CURL_EXTERN FILE *curl_dbg_fopen(const char *file, const char *mode, int line, const char *source); +CURL_EXTERN FILE *curl_dbg_fdopen(int filedes, const char *mode, + int line, const char *source); + CURL_EXTERN int curl_dbg_fclose(FILE *file, int line, const char *source); #ifndef MEMDEBUG_NODEFINES diff --git a/libs/libcurl/src/mprintf.c b/libs/libcurl/src/mprintf.c index 63c9d11a5a..80735be51b 100644 --- a/libs/libcurl/src/mprintf.c +++ b/libs/libcurl/src/mprintf.c @@ -178,12 +178,14 @@ static long dprintf_DollarString(char *input, char **end) { int number = 0; while(ISDIGIT(*input)) { - number *= 10; - number += *input-'0'; + if(number < MAX_PARAMETERS) { + number *= 10; + number += *input - '0'; + } input++; } - if(number && ('$'==*input++)) { - *end = input; + if(number <= MAX_PARAMETERS && ('$' == *input)) { + *end = ++input; return number; } return 0; @@ -377,6 +379,8 @@ static int dprintf_Pass1(const char *format, struct va_stack *vto, if(width > max_param) max_param = width; break; + case '\0': + fmt--; default: break; } @@ -458,6 +462,9 @@ static int dprintf_Pass1(const char *format, struct va_stack *vto, /* we have the width specified from a parameter, so we make that parameter's info setup properly */ long k = width - 1; + if((k < 0) || (k >= MAX_PARAMETERS)) + /* out of allowed range */ + return 1; vto[i].width = k; vto[k].type = FORMAT_WIDTH; vto[k].flags = FLAGS_NEW; @@ -469,6 +476,9 @@ static int dprintf_Pass1(const char *format, struct va_stack *vto, /* we have the precision specified from a parameter, so we make that parameter's info setup properly */ long k = precision - 1; + if((k < 0) || (k >= MAX_PARAMETERS)) + /* out of allowed range */ + return 1; vto[i].precision = k; vto[k].type = FORMAT_WIDTH; vto[k].flags = FLAGS_NEW; @@ -476,7 +486,7 @@ static int dprintf_Pass1(const char *format, struct va_stack *vto, vto[k].width = 0; vto[k].precision = 0; } - *endpos++ = fmt + 1; /* end of this sequence */ + *endpos++ = fmt + ((*fmt == '\0') ? 0 : 1); /* end of this sequence */ } } @@ -754,7 +764,7 @@ static int dprintf_formatf( if(prec > 0) { width -= prec; - while(prec-- > 0) + while(prec-- > 0 && w >= work) *w-- = '0'; } @@ -918,6 +928,8 @@ static int dprintf_formatf( precision */ size_t maxprec = sizeof(work) - 2; double val = p->data.dnum; + if(width > 0 && prec <= width) + maxprec -= width; while(val >= 10.0) { val /= 10; maxprec--; @@ -925,6 +937,8 @@ static int dprintf_formatf( if(prec > (long)maxprec) prec = (long)maxprec-1; + if(prec < 0) + prec = 0; /* RECURSIVE USAGE */ len = curl_msnprintf(fptr, left, ".%ld", prec); fptr += len; diff --git a/libs/libcurl/src/multi.c b/libs/libcurl/src/multi.c index 249e3607b7..3c7fb85ed8 100644 --- a/libs/libcurl/src/multi.c +++ b/libs/libcurl/src/multi.c @@ -455,6 +455,7 @@ CURLMcode curl_multi_add_handle(struct Curl_multi *multi, data->state.conn_cache = &data->share->conn_cache; else data->state.conn_cache = &multi->conn_cache; + data->state.lastconnect_id = -1; #ifdef USE_LIBPSL /* Do the same for PSL. */ @@ -677,11 +678,11 @@ static CURLcode multi_done(struct Curl_easy *data, CONNCACHE_UNLOCK(data); if(Curl_conncache_return_conn(data, conn)) { /* remember the most recently used connection */ - data->state.lastconnect = conn; + data->state.lastconnect_id = conn->connection_id; infof(data, "%s\n", buffer); } else - data->state.lastconnect = NULL; + data->state.lastconnect_id = -1; } Curl_safefree(data->state.buffer); @@ -689,6 +690,26 @@ static CURLcode multi_done(struct Curl_easy *data, return result; } +static int close_connect_only(struct connectdata *conn, void *param) +{ + struct Curl_easy *data = param; + + if(data->state.lastconnect_id != conn->connection_id) + return 0; + + if(conn->data != data) + return 1; + conn->data = NULL; + + if(!conn->bits.connect_only) + return 1; + + connclose(conn, "Removing connect-only easy handle"); + conn->bits.connect_only = FALSE; + + return 1; +} + CURLMcode curl_multi_remove_handle(struct Curl_multi *multi, struct Curl_easy *data) { @@ -776,10 +797,6 @@ CURLMcode curl_multi_remove_handle(struct Curl_multi *multi, multi_done() as that may actually call Curl_expire that uses this */ Curl_llist_destroy(&data->state.timeoutlist, NULL); - /* as this was using a shared connection cache we clear the pointer to that - since we're not part of that multi handle anymore */ - data->state.conn_cache = NULL; - /* change state without using multistate(), only to make singlesocket() do what we want */ data->mstate = CURLM_STATE_COMPLETED; @@ -789,12 +806,22 @@ CURLMcode curl_multi_remove_handle(struct Curl_multi *multi, /* Remove the association between the connection and the handle */ Curl_detach_connnection(data); + if(data->state.lastconnect_id != -1) { + /* Mark any connect-only connection for closure */ + Curl_conncache_foreach(data, data->state.conn_cache, + data, &close_connect_only); + } + #ifdef USE_LIBPSL /* Remove the PSL association. */ if(data->psl == &multi->psl) data->psl = NULL; #endif + /* as this was using a shared connection cache we clear the pointer to that + since we're not part of that multi handle anymore */ + data->state.conn_cache = NULL; + data->multi = NULL; /* clear the association to this multi handle */ /* make sure there's no pending message in the queue sent from this easy @@ -958,19 +985,6 @@ static int multi_getsock(struct Curl_easy *data, switch(data->mstate) { default: -#if 0 /* switch back on these cases to get the compiler to check for all enums - to be present */ - case CURLM_STATE_TOOFAST: /* returns 0, so will not select. */ - case CURLM_STATE_COMPLETED: - case CURLM_STATE_MSGSENT: - case CURLM_STATE_INIT: - case CURLM_STATE_CONNECT: - case CURLM_STATE_WAITDO: - case CURLM_STATE_DONE: - case CURLM_STATE_LAST: - /* this will get called with CURLM_STATE_COMPLETED when a handle is - removed */ -#endif return 0; case CURLM_STATE_WAITRESOLVE: @@ -1255,7 +1269,7 @@ static CURLMcode Curl_multi_wait(struct Curl_multi *multi, sleep_ms = timeout_ms; /* when there are no easy handles in the multi, this holds a -1 timeout */ - else if((sleep_ms < 0) && extrawait) + else if(sleep_ms < 0) sleep_ms = timeout_ms; Curl_wait_ms(sleep_ms); } @@ -1808,7 +1822,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, multistate(data, CURLM_STATE_SENDPROTOCONNECT); } } - else if(result) + else stream_error = TRUE; break; #endif @@ -1858,7 +1872,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, multistate(data, CURLM_STATE_DO); rc = CURLM_CALL_MULTI_PERFORM; } - else if(result) { + else { /* failure detected */ Curl_posttransfer(data); multi_done(data, result, TRUE); @@ -2962,9 +2976,7 @@ CURLMcode curl_multi_setopt(struct Curl_multi *multi, long streams = va_arg(param, long); if(streams < 1) streams = 100; - multi->max_concurrent_streams = - (streams > (long)INITIAL_MAX_CONCURRENT_STREAMS)? - INITIAL_MAX_CONCURRENT_STREAMS : (unsigned int)streams; + multi->max_concurrent_streams = curlx_sltoui(streams); } break; default: diff --git a/libs/libcurl/src/multihandle.h b/libs/libcurl/src/multihandle.h index 91eca16c4a..9d73df0812 100644 --- a/libs/libcurl/src/multihandle.h +++ b/libs/libcurl/src/multihandle.h @@ -81,7 +81,7 @@ struct Curl_multi { this multi handle with an easy handle. Set this to CURL_MULTI_HANDLE. */ long type; - /* We have a doubly-linked circular list with easy handles */ + /* We have a doubly-linked list with easy handles */ struct Curl_easy *easyp; struct Curl_easy *easylp; /* last node */ diff --git a/libs/libcurl/src/parsedate.c b/libs/libcurl/src/parsedate.c index 585d7ea404..4c7a40c4c5 100644 --- a/libs/libcurl/src/parsedate.c +++ b/libs/libcurl/src/parsedate.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -624,6 +624,7 @@ CURLcode Curl_gmtime(time_t intime, struct tm *store) /* thread-safe version */ tm = (struct tm *)gmtime_r(&intime, store); #else + /* !checksrc! disable BANNEDFUNC 1 */ tm = gmtime(&intime); if(tm) *store = *tm; /* copy the pointed struct to the local copy */ diff --git a/libs/libcurl/src/rename.c b/libs/libcurl/src/rename.c index bb170d3cc7..fe5f95d0df 100644 --- a/libs/libcurl/src/rename.c +++ b/libs/libcurl/src/rename.c @@ -27,6 +27,7 @@ #if (!defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_COOKIES)) || \ defined(USE_ALTSVC) +#include "curl_multibyte.h" #include "timeval.h" /* The last 3 #include files should be in this order */ @@ -39,17 +40,25 @@ int Curl_rename(const char *oldpath, const char *newpath) { #ifdef WIN32 /* rename() on Windows doesn't overwrite, so we can't use it here. - MoveFileExA() will overwrite and is usually atomic, however it fails + MoveFileEx() will overwrite and is usually atomic, however it fails when there are open handles to the file. */ const int max_wait_ms = 1000; struct curltime start = Curl_now(); + TCHAR *tchar_oldpath = curlx_convert_UTF8_to_tchar((char *)oldpath); + TCHAR *tchar_newpath = curlx_convert_UTF8_to_tchar((char *)newpath); for(;;) { timediff_t diff; - if(MoveFileExA(oldpath, newpath, MOVEFILE_REPLACE_EXISTING)) + if(MoveFileEx(tchar_oldpath, tchar_newpath, MOVEFILE_REPLACE_EXISTING)) { + curlx_unicodefree(tchar_oldpath); + curlx_unicodefree(tchar_newpath); break; + } diff = Curl_timediff(Curl_now(), start); - if(diff < 0 || diff > max_wait_ms) + if(diff < 0 || diff > max_wait_ms) { + curlx_unicodefree(tchar_oldpath); + curlx_unicodefree(tchar_newpath); return 1; + } Sleep(1); } #else diff --git a/libs/libcurl/src/setopt.c b/libs/libcurl/src/setopt.c index 90edf6aa7a..d6213357cc 100644 --- a/libs/libcurl/src/setopt.c +++ b/libs/libcurl/src/setopt.c @@ -274,6 +274,8 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param) if(data->set.opt_no_body) /* in HTTP lingo, no body means using the HEAD request... */ data->set.method = HTTPREQ_HEAD; + else if(data->set.method == HTTPREQ_HEAD) + data->set.method = HTTPREQ_GET; break; case CURLOPT_FAILONERROR: /* diff --git a/libs/libcurl/src/smtp.c b/libs/libcurl/src/smtp.c index 685513b3b1..aea41bb4e3 100644 --- a/libs/libcurl/src/smtp.c +++ b/libs/libcurl/src/smtp.c @@ -1760,8 +1760,10 @@ static CURLcode smtp_parse_address(struct connectdata *conn, const char *fqma, return CURLE_OUT_OF_MEMORY; length = strlen(dup); - if(dup[length - 1] == '>') - dup[length - 1] = '\0'; + if(length) { + if(dup[length - 1] == '>') + dup[length - 1] = '\0'; + } /* Extract the host name from the address (if we can) */ host->name = strpbrk(dup, "@"); diff --git a/libs/libcurl/src/socks.c b/libs/libcurl/src/socks.c index b2215fef30..44783d015c 100644 --- a/libs/libcurl/src/socks.c +++ b/libs/libcurl/src/socks.c @@ -327,18 +327,18 @@ CURLcode Curl_SOCKS4(const char *proxy_user, * Make connection */ { - ssize_t packetsize = 9 + + size_t packetsize = 9 + strlen((char *)socksreq + 8); /* size including NUL */ /* If SOCKS4a, set special invalid IP address 0.0.0.x */ if(protocol4a) { - ssize_t hostnamelen = 0; + size_t hostnamelen = 0; socksreq[4] = 0; socksreq[5] = 0; socksreq[6] = 0; socksreq[7] = 1; /* append hostname */ - hostnamelen = (ssize_t)strlen(hostname) + 1; /* length including NUL */ + hostnamelen = strlen(hostname) + 1; /* length including NUL */ if(hostnamelen <= 255) strcpy((char *)socksreq + packetsize, hostname); else { diff --git a/libs/libcurl/src/strdup.c b/libs/libcurl/src/strdup.c index 1ab10fd644..7732802b07 100644 --- a/libs/libcurl/src/strdup.c +++ b/libs/libcurl/src/strdup.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -39,19 +39,14 @@ char *curlx_strdup(const char *str) if(!str) return (char *)NULL; - len = strlen(str); + len = strlen(str) + 1; - if(len >= ((size_t)-1) / sizeof(char)) - return (char *)NULL; - - newstr = malloc((len + 1)*sizeof(char)); + newstr = malloc(len); if(!newstr) return (char *)NULL; - memcpy(newstr, str, (len + 1)*sizeof(char)); - + memcpy(newstr, str, len); return newstr; - } #endif diff --git a/libs/libcurl/src/system_win32.c b/libs/libcurl/src/system_win32.c index b9587b5f3a..2e59e032e2 100644 --- a/libs/libcurl/src/system_win32.c +++ b/libs/libcurl/src/system_win32.c @@ -26,6 +26,7 @@ #include <curl/curl.h> #include "system_win32.h" +#include "version_win32.h" #include "curl_sspi.h" #include "warnless.h" @@ -106,8 +107,8 @@ CURLcode Curl_win32_init(long flags) Curl_if_nametoindex = pIfNameToIndex; } - if(Curl_verify_windows_version(6, 0, PLATFORM_WINNT, - VERSION_GREATER_THAN_EQUAL)) { + if(curlx_verify_windows_version(6, 0, PLATFORM_WINNT, + VERSION_GREATER_THAN_EQUAL)) { Curl_isVistaOrGreater = TRUE; } else @@ -160,198 +161,6 @@ typedef HMODULE (APIENTRY *LOADLIBRARYEX_FN)(LPCTSTR, HANDLE, DWORD); #endif /* - * Curl_verify_windows_version() - * - * This is used to verify if we are running on a specific windows version. - * - * Parameters: - * - * majorVersion [in] - The major version number. - * minorVersion [in] - The minor version number. - * platform [in] - The optional platform identifier. - * condition [in] - The test condition used to specifier whether we are - * checking a version less then, equal to or greater than - * what is specified in the major and minor version - * numbers. - * - * Returns TRUE if matched; otherwise FALSE. - */ -bool Curl_verify_windows_version(const unsigned int majorVersion, - const unsigned int minorVersion, - const PlatformIdentifier platform, - const VersionCondition condition) -{ - bool matched = FALSE; - -#if defined(CURL_WINDOWS_APP) - /* We have no way to determine the Windows version from Windows apps, - so let's assume we're running on the target Windows version. */ - const WORD fullVersion = MAKEWORD(minorVersion, majorVersion); - const WORD targetVersion = (WORD)_WIN32_WINNT; - - switch(condition) { - case VERSION_LESS_THAN: - matched = targetVersion < fullVersion; - break; - - case VERSION_LESS_THAN_EQUAL: - matched = targetVersion <= fullVersion; - break; - - case VERSION_EQUAL: - matched = targetVersion == fullVersion; - break; - - case VERSION_GREATER_THAN_EQUAL: - matched = targetVersion >= fullVersion; - break; - - case VERSION_GREATER_THAN: - matched = targetVersion > fullVersion; - break; - } - - if(matched && (platform == PLATFORM_WINDOWS)) { - /* we're always running on PLATFORM_WINNT */ - matched = FALSE; - } -#elif !defined(_WIN32_WINNT) || !defined(_WIN32_WINNT_WIN2K) || \ - (_WIN32_WINNT < _WIN32_WINNT_WIN2K) - OSVERSIONINFO osver; - - memset(&osver, 0, sizeof(osver)); - osver.dwOSVersionInfoSize = sizeof(osver); - - /* Find out Windows version */ - if(GetVersionEx(&osver)) { - /* Verify the Operating System version number */ - switch(condition) { - case VERSION_LESS_THAN: - if(osver.dwMajorVersion < majorVersion || - (osver.dwMajorVersion == majorVersion && - osver.dwMinorVersion < minorVersion)) - matched = TRUE; - break; - - case VERSION_LESS_THAN_EQUAL: - if(osver.dwMajorVersion < majorVersion || - (osver.dwMajorVersion == majorVersion && - osver.dwMinorVersion <= minorVersion)) - matched = TRUE; - break; - - case VERSION_EQUAL: - if(osver.dwMajorVersion == majorVersion && - osver.dwMinorVersion == minorVersion) - matched = TRUE; - break; - - case VERSION_GREATER_THAN_EQUAL: - if(osver.dwMajorVersion > majorVersion || - (osver.dwMajorVersion == majorVersion && - osver.dwMinorVersion >= minorVersion)) - matched = TRUE; - break; - - case VERSION_GREATER_THAN: - if(osver.dwMajorVersion > majorVersion || - (osver.dwMajorVersion == majorVersion && - osver.dwMinorVersion > minorVersion)) - matched = TRUE; - break; - } - - /* Verify the platform identifier (if necessary) */ - if(matched) { - switch(platform) { - case PLATFORM_WINDOWS: - if(osver.dwPlatformId != VER_PLATFORM_WIN32_WINDOWS) - matched = FALSE; - break; - - case PLATFORM_WINNT: - if(osver.dwPlatformId != VER_PLATFORM_WIN32_NT) - matched = FALSE; - - default: /* like platform == PLATFORM_DONT_CARE */ - break; - } - } - } -#else - ULONGLONG cm = 0; - OSVERSIONINFOEX osver; - BYTE majorCondition; - BYTE minorCondition; - BYTE spMajorCondition; - BYTE spMinorCondition; - - switch(condition) { - case VERSION_LESS_THAN: - majorCondition = VER_LESS; - minorCondition = VER_LESS; - spMajorCondition = VER_LESS_EQUAL; - spMinorCondition = VER_LESS_EQUAL; - break; - - case VERSION_LESS_THAN_EQUAL: - majorCondition = VER_LESS_EQUAL; - minorCondition = VER_LESS_EQUAL; - spMajorCondition = VER_LESS_EQUAL; - spMinorCondition = VER_LESS_EQUAL; - break; - - case VERSION_EQUAL: - majorCondition = VER_EQUAL; - minorCondition = VER_EQUAL; - spMajorCondition = VER_GREATER_EQUAL; - spMinorCondition = VER_GREATER_EQUAL; - break; - - case VERSION_GREATER_THAN_EQUAL: - majorCondition = VER_GREATER_EQUAL; - minorCondition = VER_GREATER_EQUAL; - spMajorCondition = VER_GREATER_EQUAL; - spMinorCondition = VER_GREATER_EQUAL; - break; - - case VERSION_GREATER_THAN: - majorCondition = VER_GREATER; - minorCondition = VER_GREATER; - spMajorCondition = VER_GREATER_EQUAL; - spMinorCondition = VER_GREATER_EQUAL; - break; - - default: - return FALSE; - } - - memset(&osver, 0, sizeof(osver)); - osver.dwOSVersionInfoSize = sizeof(osver); - osver.dwMajorVersion = majorVersion; - osver.dwMinorVersion = minorVersion; - if(platform == PLATFORM_WINDOWS) - osver.dwPlatformId = VER_PLATFORM_WIN32_WINDOWS; - else if(platform == PLATFORM_WINNT) - osver.dwPlatformId = VER_PLATFORM_WIN32_NT; - - cm = VerSetConditionMask(cm, VER_MAJORVERSION, majorCondition); - cm = VerSetConditionMask(cm, VER_MINORVERSION, minorCondition); - cm = VerSetConditionMask(cm, VER_SERVICEPACKMAJOR, spMajorCondition); - cm = VerSetConditionMask(cm, VER_SERVICEPACKMINOR, spMinorCondition); - if(platform != PLATFORM_DONT_CARE) - cm = VerSetConditionMask(cm, VER_PLATFORMID, VER_EQUAL); - - if(VerifyVersionInfo(&osver, (VER_MAJORVERSION | VER_MINORVERSION | - VER_SERVICEPACKMAJOR | VER_SERVICEPACKMINOR), - cm)) - matched = TRUE; -#endif - - return matched; -} - -/* * Curl_load_library() * * This is used to dynamically load DLLs using the most secure method available diff --git a/libs/libcurl/src/system_win32.h b/libs/libcurl/src/system_win32.h index d2882fce1a..2547bda952 100644 --- a/libs/libcurl/src/system_win32.h +++ b/libs/libcurl/src/system_win32.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 2016 - 2019, Steve Holme, <steve_holme@hotmail.com>. + * Copyright (C) 2016 - 2020, Steve Holme, <steve_holme@hotmail.com>. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -32,34 +32,12 @@ extern bool Curl_isVistaOrGreater; CURLcode Curl_win32_init(long flags); void Curl_win32_cleanup(long init_flags); -/* Version condition */ -typedef enum { - VERSION_LESS_THAN, - VERSION_LESS_THAN_EQUAL, - VERSION_EQUAL, - VERSION_GREATER_THAN_EQUAL, - VERSION_GREATER_THAN -} VersionCondition; - -/* Platform identifier */ -typedef enum { - PLATFORM_DONT_CARE, - PLATFORM_WINDOWS, - PLATFORM_WINNT -} PlatformIdentifier; - /* We use our own typedef here since some headers might lack this */ typedef unsigned int(WINAPI *IF_NAMETOINDEX_FN)(const char *); /* This is used instead of if_nametoindex if available on Windows */ extern IF_NAMETOINDEX_FN Curl_if_nametoindex; -/* This is used to verify if we are running on a specific windows version */ -bool Curl_verify_windows_version(const unsigned int majorVersion, - const unsigned int minorVersion, - const PlatformIdentifier platform, - const VersionCondition condition); - /* This is used to dynamically load DLLs */ HMODULE Curl_load_library(LPCTSTR filename); diff --git a/libs/libcurl/src/transfer.c b/libs/libcurl/src/transfer.c index 133a4783c6..a07c7af8ce 100644 --- a/libs/libcurl/src/transfer.c +++ b/libs/libcurl/src/transfer.c @@ -487,6 +487,12 @@ CURLcode Curl_readrewind(struct connectdata *conn) static int data_pending(const struct Curl_easy *data) { struct connectdata *conn = data->conn; + +#ifdef ENABLE_QUIC + if(conn->transport == TRNSPRT_QUIC) + return Curl_quic_data_pending(data); +#endif + /* in the case of libssh2, we can never be really sure that we have emptied its internal buffers so we MUST always try until we get EAGAIN back */ return conn->handler->protocol&(CURLPROTO_SCP|CURLPROTO_SFTP) || @@ -500,8 +506,6 @@ static int data_pending(const struct Curl_easy *data) be called and we cannot signal the HTTP/2 stream has closed. As a workaround, we return nonzero here to call http2_recv. */ ((conn->handler->protocol&PROTO_FAMILY_HTTP) && conn->httpversion >= 20); -#elif defined(ENABLE_QUIC) - Curl_ssl_data_pending(conn, FIRSTSOCKET) || Curl_quic_data_pending(data); #else Curl_ssl_data_pending(conn, FIRSTSOCKET); #endif @@ -1441,8 +1445,9 @@ CURLcode Curl_pretransfer(struct Curl_easy *data) if(!data->change.url && data->set.uh) { CURLUcode uc; + free(data->set.str[STRING_SET_URL]); uc = curl_url_get(data->set.uh, - CURLUPART_URL, &data->set.str[STRING_SET_URL], 0); + CURLUPART_URL, &data->set.str[STRING_SET_URL], 0); if(uc) { failf(data, "No URL set!"); return CURLE_URL_MALFORMAT; @@ -1799,12 +1804,14 @@ CURLcode Curl_retry_request(struct connectdata *conn, } if(retry) { #define CONN_MAX_RETRIES 5 - if(conn->retrycount++ >= CONN_MAX_RETRIES) { + if(data->state.retrycount++ >= CONN_MAX_RETRIES) { failf(data, "Connection died, tried %d times before giving up", CONN_MAX_RETRIES); + data->state.retrycount = 0; return CURLE_SEND_ERROR; } - infof(conn->data, "Connection died, retrying a fresh connect\n"); + infof(conn->data, "Connection died, retrying a fresh connect\ +(retry count: %d)\n", data->state.retrycount); *url = strdup(conn->data->change.url); if(!*url) return CURLE_OUT_OF_MEMORY; diff --git a/libs/libcurl/src/url.c b/libs/libcurl/src/url.c index a1a6b69103..150667aa97 100644 --- a/libs/libcurl/src/url.c +++ b/libs/libcurl/src/url.c @@ -630,7 +630,7 @@ CURLcode Curl_open(struct Curl_easy **curl) Curl_initinfo(data); /* most recent connection is not yet defined */ - data->state.lastconnect = NULL; + data->state.lastconnect_id = -1; data->progress.flags |= PGRS_HIDE; data->state.current_speed = -1; /* init to negative == impossible */ @@ -1836,11 +1836,12 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data, CURLU *uh; CURLUcode uc; char *hostname; + bool use_set_uh = (data->set.uh && !data->state.this_is_a_follow); up_free(data); /* cleanup previous leftovers first */ /* parse the URL */ - if(data->set.uh) { + if(use_set_uh) { uh = data->state.uh = curl_url_dup(data->set.uh); } else { @@ -1863,7 +1864,7 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data, data->change.url_alloc = TRUE; } - if(!data->set.uh) { + if(!use_set_uh) { char *newurl; uc = curl_url_set(uh, CURLUPART_URL, data->change.url, CURLU_GUESS_SCHEME | @@ -3170,7 +3171,7 @@ static CURLcode resolve_server(struct Curl_easy *data, else { /* this is a fresh connect */ int rc; - struct Curl_dns_entry *hostaddr; + struct Curl_dns_entry *hostaddr = NULL; #ifdef USE_UNIX_SOCKETS if(conn->unix_domain_socket) { diff --git a/libs/libcurl/src/urldata.h b/libs/libcurl/src/urldata.h index f80a02defc..0ae9269275 100644 --- a/libs/libcurl/src/urldata.h +++ b/libs/libcurl/src/urldata.h @@ -1090,7 +1090,6 @@ struct connectdata { struct http_connect_state *connect_state; /* for HTTP CONNECT */ struct connectbundle *bundle; /* The bundle we are member of */ int negnpn; /* APLN or NPN TLS negotiated protocol, CURL_HTTP_VERSION* */ - int retrycount; /* number of retries on a new connection */ #ifdef USE_UNIX_SOCKETS char *unix_domain_socket; #endif @@ -1195,7 +1194,6 @@ typedef enum { HTTPREQ_POST_MIME, /* we make a difference internally */ HTTPREQ_PUT, HTTPREQ_HEAD, - HTTPREQ_OPTIONS, HTTPREQ_LAST /* last in list */ } Curl_HttpReq; @@ -1297,10 +1295,12 @@ struct UrlState { /* Points to the connection cache */ struct conncache *conn_cache; + int retrycount; /* number of retries on a new connection */ + /* buffers to store authentication data in, as parsed from input options */ struct curltime keeps_speed; /* for the progress meter really */ - struct connectdata *lastconnect; /* The last connection, NULL if undefined */ + long lastconnect_id; /* The last connection, -1 if undefined */ struct dynbuf headerb; /* buffer to store headers in */ char *buffer; /* download buffer */ diff --git a/libs/libcurl/src/vauth/ntlm.c b/libs/libcurl/src/vauth/ntlm.c index 3b46e1a468..ecfeacb9af 100644 --- a/libs/libcurl/src/vauth/ntlm.c +++ b/libs/libcurl/src/vauth/ntlm.c @@ -191,6 +191,7 @@ static CURLcode ntlm_decode_type2_target(struct Curl_easy *data, return CURLE_BAD_CONTENT_ENCODING; } + free(ntlm->target_info); /* replace any previous data */ ntlm->target_info = malloc(target_info_len); if(!ntlm->target_info) return CURLE_OUT_OF_MEMORY; diff --git a/libs/libcurl/src/version.c b/libs/libcurl/src/version.c index 14e5096065..4f6dda24fe 100644 --- a/libs/libcurl/src/version.c +++ b/libs/libcurl/src/version.c @@ -66,6 +66,10 @@ #include <brotli/decode.h> #endif +#ifdef HAVE_ZSTD +#include <zstd.h> +#endif + #ifdef HAVE_BROTLI static size_t brotli_version(char *buf, size_t bufsz) { @@ -78,6 +82,20 @@ static size_t brotli_version(char *buf, size_t bufsz) } #endif +#ifdef HAVE_ZSTD +static size_t zstd_version(char *buf, size_t bufsz) +{ + unsigned long zstd_version = (unsigned long)ZSTD_versionNumber(); + unsigned int major = (unsigned int)(zstd_version / (100 * 100)); + unsigned int minor = (unsigned int)((zstd_version - + (major * 100 * 100)) / 100); + unsigned int patch = (unsigned int)(zstd_version - + (major * 100 * 100) - (minor * 100)); + + return msnprintf(buf, bufsz, "%u.%u.%u", major, minor, patch); +} +#endif + /* * curl_version() returns a pointer to a static buffer. * @@ -103,6 +121,9 @@ char *curl_version(void) #ifdef HAVE_BROTLI char br_version[40] = "brotli/"; #endif +#ifdef HAVE_ZSTD + char zst_version[40] = "zstd/"; +#endif #ifdef USE_ARES char cares_version[40]; #endif @@ -153,6 +174,10 @@ char *curl_version(void) brotli_version(&br_version[7], sizeof(br_version) - 7); src[i++] = br_version; #endif +#ifdef HAVE_ZSTD + zstd_version(&zst_version[5], sizeof(zst_version) - 5); + src[i++] = zst_version; +#endif #ifdef USE_ARES msnprintf(cares_version, sizeof(cares_version), "c-ares/%s", ares_version(NULL)); @@ -365,6 +390,9 @@ static curl_version_info_data version_info = { ( (SIZEOF_OFF_T > 4) || defined(USE_WIN32_LARGE_FILES) ) | CURL_VERSION_LARGEFILE #endif +#if defined(WIN32) && defined(UNICODE) && defined(_UNICODE) + | CURL_VERSION_UNICODE +#endif #if defined(CURL_DOES_CONVERSIONS) | CURL_VERSION_CONV #endif @@ -389,6 +417,9 @@ static curl_version_info_data version_info = { #if defined(HAVE_BROTLI) | CURL_VERSION_BROTLI #endif +#if defined(HAVE_ZSTD) + | CURL_VERSION_ZSTD +#endif #if defined(USE_ALTSVC) | CURL_VERSION_ALTSVC #endif @@ -413,10 +444,12 @@ static curl_version_info_data version_info = { NULL, #endif #ifdef CURL_CA_PATH - CURL_CA_PATH /* capath */ + CURL_CA_PATH, /* capath */ #else - NULL + NULL, #endif + 0, /* zstd_ver_num */ + NULL /* zstd version */ }; curl_version_info_data *curl_version_info(CURLversion stamp) @@ -434,6 +467,10 @@ curl_version_info_data *curl_version_info(CURLversion stamp) #ifdef HAVE_BROTLI static char brotli_buffer[80]; #endif +#ifdef HAVE_ZSTD + static char zstd_buffer[80]; +#endif + #ifdef USE_SSL Curl_ssl_version(ssl_buffer, sizeof(ssl_buffer)); @@ -485,6 +522,12 @@ curl_version_info_data *curl_version_info(CURLversion stamp) version_info.brotli_version = brotli_buffer; #endif +#ifdef HAVE_ZSTD + version_info.zstd_ver_num = (unsigned int)ZSTD_versionNumber(); + zstd_version(zstd_buffer, sizeof(zstd_buffer)); + version_info.zstd_version = zstd_buffer; +#endif + #ifdef USE_NGHTTP2 { nghttp2_info *h2 = nghttp2_version(0); diff --git a/libs/libcurl/src/version_win32.c b/libs/libcurl/src/version_win32.c new file mode 100644 index 0000000000..6561d36be8 --- /dev/null +++ b/libs/libcurl/src/version_win32.c @@ -0,0 +1,226 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 2016 - 2020, Steve Holme, <steve_holme@hotmail.com>. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if defined(WIN32) + +#include <curl/curl.h> +#include "version_win32.h" + +/* The last #include files should be: */ +#include "curl_memory.h" +#include "memdebug.h" + +/* + * curlx_verify_windows_version() + * + * This is used to verify if we are running on a specific windows version. + * + * Parameters: + * + * majorVersion [in] - The major version number. + * minorVersion [in] - The minor version number. + * platform [in] - The optional platform identifier. + * condition [in] - The test condition used to specifier whether we are + * checking a version less then, equal to or greater than + * what is specified in the major and minor version + * numbers. + * + * Returns TRUE if matched; otherwise FALSE. + */ +bool curlx_verify_windows_version(const unsigned int majorVersion, + const unsigned int minorVersion, + const PlatformIdentifier platform, + const VersionCondition condition) +{ + bool matched = FALSE; + +#if defined(CURL_WINDOWS_APP) + /* We have no way to determine the Windows version from Windows apps, + so let's assume we're running on the target Windows version. */ + const WORD fullVersion = MAKEWORD(minorVersion, majorVersion); + const WORD targetVersion = (WORD)_WIN32_WINNT; + + switch(condition) { + case VERSION_LESS_THAN: + matched = targetVersion < fullVersion; + break; + + case VERSION_LESS_THAN_EQUAL: + matched = targetVersion <= fullVersion; + break; + + case VERSION_EQUAL: + matched = targetVersion == fullVersion; + break; + + case VERSION_GREATER_THAN_EQUAL: + matched = targetVersion >= fullVersion; + break; + + case VERSION_GREATER_THAN: + matched = targetVersion > fullVersion; + break; + } + + if(matched && (platform == PLATFORM_WINDOWS)) { + /* we're always running on PLATFORM_WINNT */ + matched = FALSE; + } +#elif !defined(_WIN32_WINNT) || !defined(_WIN32_WINNT_WIN2K) || \ + (_WIN32_WINNT < _WIN32_WINNT_WIN2K) + OSVERSIONINFO osver; + + memset(&osver, 0, sizeof(osver)); + osver.dwOSVersionInfoSize = sizeof(osver); + + /* Find out Windows version */ + if(GetVersionEx(&osver)) { + /* Verify the Operating System version number */ + switch(condition) { + case VERSION_LESS_THAN: + if(osver.dwMajorVersion < majorVersion || + (osver.dwMajorVersion == majorVersion && + osver.dwMinorVersion < minorVersion)) + matched = TRUE; + break; + + case VERSION_LESS_THAN_EQUAL: + if(osver.dwMajorVersion < majorVersion || + (osver.dwMajorVersion == majorVersion && + osver.dwMinorVersion <= minorVersion)) + matched = TRUE; + break; + + case VERSION_EQUAL: + if(osver.dwMajorVersion == majorVersion && + osver.dwMinorVersion == minorVersion) + matched = TRUE; + break; + + case VERSION_GREATER_THAN_EQUAL: + if(osver.dwMajorVersion > majorVersion || + (osver.dwMajorVersion == majorVersion && + osver.dwMinorVersion >= minorVersion)) + matched = TRUE; + break; + + case VERSION_GREATER_THAN: + if(osver.dwMajorVersion > majorVersion || + (osver.dwMajorVersion == majorVersion && + osver.dwMinorVersion > minorVersion)) + matched = TRUE; + break; + } + + /* Verify the platform identifier (if necessary) */ + if(matched) { + switch(platform) { + case PLATFORM_WINDOWS: + if(osver.dwPlatformId != VER_PLATFORM_WIN32_WINDOWS) + matched = FALSE; + break; + + case PLATFORM_WINNT: + if(osver.dwPlatformId != VER_PLATFORM_WIN32_NT) + matched = FALSE; + + default: /* like platform == PLATFORM_DONT_CARE */ + break; + } + } + } +#else + ULONGLONG cm = 0; + OSVERSIONINFOEX osver; + BYTE majorCondition; + BYTE minorCondition; + BYTE spMajorCondition; + BYTE spMinorCondition; + + switch(condition) { + case VERSION_LESS_THAN: + majorCondition = VER_LESS; + minorCondition = VER_LESS; + spMajorCondition = VER_LESS_EQUAL; + spMinorCondition = VER_LESS_EQUAL; + break; + + case VERSION_LESS_THAN_EQUAL: + majorCondition = VER_LESS_EQUAL; + minorCondition = VER_LESS_EQUAL; + spMajorCondition = VER_LESS_EQUAL; + spMinorCondition = VER_LESS_EQUAL; + break; + + case VERSION_EQUAL: + majorCondition = VER_EQUAL; + minorCondition = VER_EQUAL; + spMajorCondition = VER_GREATER_EQUAL; + spMinorCondition = VER_GREATER_EQUAL; + break; + + case VERSION_GREATER_THAN_EQUAL: + majorCondition = VER_GREATER_EQUAL; + minorCondition = VER_GREATER_EQUAL; + spMajorCondition = VER_GREATER_EQUAL; + spMinorCondition = VER_GREATER_EQUAL; + break; + + case VERSION_GREATER_THAN: + majorCondition = VER_GREATER; + minorCondition = VER_GREATER; + spMajorCondition = VER_GREATER_EQUAL; + spMinorCondition = VER_GREATER_EQUAL; + break; + + default: + return FALSE; + } + + memset(&osver, 0, sizeof(osver)); + osver.dwOSVersionInfoSize = sizeof(osver); + osver.dwMajorVersion = majorVersion; + osver.dwMinorVersion = minorVersion; + if(platform == PLATFORM_WINDOWS) + osver.dwPlatformId = VER_PLATFORM_WIN32_WINDOWS; + else if(platform == PLATFORM_WINNT) + osver.dwPlatformId = VER_PLATFORM_WIN32_NT; + + cm = VerSetConditionMask(cm, VER_MAJORVERSION, majorCondition); + cm = VerSetConditionMask(cm, VER_MINORVERSION, minorCondition); + cm = VerSetConditionMask(cm, VER_SERVICEPACKMAJOR, spMajorCondition); + cm = VerSetConditionMask(cm, VER_SERVICEPACKMINOR, spMinorCondition); + if(platform != PLATFORM_DONT_CARE) + cm = VerSetConditionMask(cm, VER_PLATFORMID, VER_EQUAL); + + if(VerifyVersionInfo(&osver, (VER_MAJORVERSION | VER_MINORVERSION | + VER_SERVICEPACKMAJOR | VER_SERVICEPACKMINOR), + cm)) + matched = TRUE; +#endif + + return matched; +} + +#endif /* WIN32 */ diff --git a/libs/libcurl/src/version_win32.h b/libs/libcurl/src/version_win32.h new file mode 100644 index 0000000000..94cc626678 --- /dev/null +++ b/libs/libcurl/src/version_win32.h @@ -0,0 +1,53 @@ +#ifndef HEADER_CURL_VERSION_WIN32_H +#define HEADER_CURL_VERSION_WIN32_H +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 2016 - 2020, Steve Holme, <steve_holme@hotmail.com>. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if defined(WIN32) + +/* Version condition */ +typedef enum { + VERSION_LESS_THAN, + VERSION_LESS_THAN_EQUAL, + VERSION_EQUAL, + VERSION_GREATER_THAN_EQUAL, + VERSION_GREATER_THAN +} VersionCondition; + +/* Platform identifier */ +typedef enum { + PLATFORM_DONT_CARE, + PLATFORM_WINDOWS, + PLATFORM_WINNT +} PlatformIdentifier; + +/* This is used to verify if we are running on a specific windows version */ +bool curlx_verify_windows_version(const unsigned int majorVersion, + const unsigned int minorVersion, + const PlatformIdentifier platform, + const VersionCondition condition); + +#endif /* WIN32 */ + +#endif /* HEADER_CURL_VERSION_WIN32_H */ diff --git a/libs/libcurl/src/vquic/ngtcp2.c b/libs/libcurl/src/vquic/ngtcp2.c index d29cb378de..20ee08dd65 100644 --- a/libs/libcurl/src/vquic/ngtcp2.c +++ b/libs/libcurl/src/vquic/ngtcp2.c @@ -150,9 +150,11 @@ quic_from_gtls_level(gnutls_record_encryption_level_t gtls_level) } #endif -static void qlog_callback(void *user_data, const void *data, size_t datalen) +static void qlog_callback(void *user_data, uint32_t flags, + const void *data, size_t datalen) { struct quicsocket *qs = (struct quicsocket *)user_data; + (void)flags; if(qs->qlogfd != -1) { ssize_t rc = write(qs->qlogfd, data, datalen); if(rc == -1) { @@ -826,9 +828,8 @@ CURLcode Curl_quic_connect(struct connectdata *conn, if(rv == -1) return CURLE_QUIC_CONNECT_ERROR; - ngtcp2_addr_init(&path.local, (uint8_t *)&qs->local_addr, qs->local_addrlen, - NULL); - ngtcp2_addr_init(&path.remote, (uint8_t*)addr, addrlen, NULL); + ngtcp2_addr_init(&path.local, &qs->local_addr, qs->local_addrlen, NULL); + ngtcp2_addr_init(&path.remote, addr, addrlen, NULL); #ifdef NGTCP2_PROTO_VER #define QUICVER NGTCP2_PROTO_VER @@ -1744,10 +1745,10 @@ static CURLcode ng_process_ingress(struct connectdata *conn, int sockfd, return CURLE_RECV_ERROR; } - ngtcp2_addr_init(&path.local, (uint8_t *)&qs->local_addr, + ngtcp2_addr_init(&path.local, &qs->local_addr, qs->local_addrlen, NULL); - ngtcp2_addr_init(&path.remote, (uint8_t *)&remote_addr, remote_addrlen, - NULL); + ngtcp2_addr_init(&path.remote, (struct sockaddr *)&remote_addr, + remote_addrlen, NULL); rv = ngtcp2_conn_read_pkt(qs->qconn, &path, buf, recvd, ts); if(rv != 0) { @@ -1778,7 +1779,7 @@ static CURLcode ng_flush_egress(struct connectdata *conn, int sockfd, nghttp3_vec vec[16]; ssize_t ndatalen; - switch(qs->local_addr.ss_family) { + switch(qs->local_addr.sa_family) { case AF_INET: pktlen = NGTCP2_MAX_PKTLEN_IPV4; break; @@ -1834,7 +1835,7 @@ static CURLcode ng_flush_egress(struct connectdata *conn, int sockfd, } continue; } - else if(outlen == NGTCP2_ERR_WRITE_STREAM_MORE) { + else if(outlen == NGTCP2_ERR_WRITE_MORE) { assert(ndatalen > 0); rv = nghttp3_conn_add_write_offset(qs->h3conn, stream_id, ndatalen); diff --git a/libs/libcurl/src/vquic/ngtcp2.h b/libs/libcurl/src/vquic/ngtcp2.h index e2f8b56001..afdd01b7c2 100644 --- a/libs/libcurl/src/vquic/ngtcp2.h +++ b/libs/libcurl/src/vquic/ngtcp2.h @@ -58,7 +58,7 @@ struct quicsocket { struct quic_handshake crypto_data[3]; /* the last TLS alert description generated by the local endpoint */ uint8_t tls_alert; - struct sockaddr_storage local_addr; + struct sockaddr local_addr; socklen_t local_addrlen; nghttp3_conn *h3conn; diff --git a/libs/libcurl/src/vquic/quiche.c b/libs/libcurl/src/vquic/quiche.c index be6f15c199..fd9cb8bd34 100644 --- a/libs/libcurl/src/vquic/quiche.c +++ b/libs/libcurl/src/vquic/quiche.c @@ -95,8 +95,14 @@ static CURLcode qs_disconnect(struct quicsocket *qs) quiche_h3_config_free(qs->h3config); if(qs->h3c) quiche_h3_conn_free(qs->h3c); - quiche_config_free(qs->cfg); - quiche_conn_free(qs->conn); + if(qs->cfg) { + quiche_config_free(qs->cfg); + qs->cfg = NULL; + } + if(qs->conn) { + quiche_conn_free(qs->conn); + qs->conn = NULL; + } return CURLE_OK; } diff --git a/libs/libcurl/src/vssh/libssh2.c b/libs/libcurl/src/vssh/libssh2.c index 555afc9ef6..4f56bb44ce 100644 --- a/libs/libcurl/src/vssh/libssh2.c +++ b/libs/libcurl/src/vssh/libssh2.c @@ -1256,7 +1256,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block) result = CURLE_SSH; sshc->actualcode = result; DEBUGF(infof(data, "error = %d makes libcurl = %d\n", - ssherr, (int)result)); + sftperr, (int)result)); state(conn, SSH_STOP); break; } diff --git a/libs/libcurl/src/vtls/bearssl.c b/libs/libcurl/src/vtls/bearssl.c index 628e16a124..44e7406e8e 100644 --- a/libs/libcurl/src/vtls/bearssl.c +++ b/libs/libcurl/src/vtls/bearssl.c @@ -300,8 +300,12 @@ static CURLcode bearssl_connect_step1(struct connectdata *conn, int sockindex) struct ssl_connect_data *connssl = &conn->ssl[sockindex]; struct ssl_backend_data *backend = connssl->backend; const char * const ssl_cafile = SSL_CONN_CONFIG(CAfile); +#ifndef CURL_DISABLE_PROXY const char *hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name : conn->host.name; +#else + const char *hostname = conn->host.name; +#endif const bool verifypeer = SSL_CONN_CONFIG(verifypeer); const bool verifyhost = SSL_CONN_CONFIG(verifyhost); CURLcode ret; @@ -386,8 +390,11 @@ static CURLcode bearssl_connect_step1(struct connectdata *conn, int sockindex) */ #ifdef USE_NGHTTP2 - if(data->set.httpversion >= CURL_HTTP_VERSION_2 && - (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy)) { + if(data->set.httpversion >= CURL_HTTP_VERSION_2 +#ifndef CURL_DISABLE_PROXY + && (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy) +#endif + ) { backend->protocols[cur++] = NGHTTP2_PROTO_VERSION_ID; infof(data, "ALPN, offering %s\n", NGHTTP2_PROTO_VERSION_ID); } diff --git a/libs/libcurl/src/vtls/gtls.c b/libs/libcurl/src/vtls/gtls.c index 9b4c3659ac..16b0bd6cb5 100644 --- a/libs/libcurl/src/vtls/gtls.c +++ b/libs/libcurl/src/vtls/gtls.c @@ -399,10 +399,15 @@ gtls_connect_step1(struct connectdata *conn, #endif const char *prioritylist; const char *err = NULL; +#ifndef CURL_DISABLE_PROXY const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name : conn->host.name; long * const certverifyresult = SSL_IS_PROXY() ? &data->set.proxy_ssl.certverifyresult : &data->set.ssl.certverifyresult; +#else + const char * const hostname = conn->host.name; + long * const certverifyresult = &data->set.ssl.certverifyresult; +#endif if(connssl->state == ssl_connection_complete) /* to make us tolerant against being called more than once for the @@ -620,8 +625,11 @@ gtls_connect_step1(struct connectdata *conn, gnutls_datum_t protocols[2]; #ifdef USE_NGHTTP2 - if(data->set.httpversion >= CURL_HTTP_VERSION_2 && - (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy)) { + if(data->set.httpversion >= CURL_HTTP_VERSION_2 +#ifndef CURL_DISABLE_PROXY + && (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy) +#endif + ) { protocols[cur].data = (unsigned char *)NGHTTP2_PROTO_VERSION_ID; protocols[cur].size = NGHTTP2_PROTO_VERSION_ID_LEN; cur++; @@ -694,12 +702,15 @@ gtls_connect_step1(struct connectdata *conn, } } +#ifndef CURL_DISABLE_PROXY if(conn->proxy_ssl[sockindex].use) { transport_ptr = conn->proxy_ssl[sockindex].backend->session; gnutls_transport_push = Curl_gtls_push_ssl; gnutls_transport_pull = Curl_gtls_pull_ssl; } - else { + else +#endif + { /* file descriptor for the socket */ transport_ptr = &conn->sock[sockindex]; gnutls_transport_push = Curl_gtls_push; @@ -828,10 +839,15 @@ gtls_connect_step3(struct connectdata *conn, unsigned int bits; gnutls_protocol_t version = gnutls_protocol_get_version(session); #endif +#ifndef CURL_DISABLE_PROXY const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name : conn->host.name; long * const certverifyresult = SSL_IS_PROXY() ? &data->set.proxy_ssl.certverifyresult : &data->set.ssl.certverifyresult; +#else + const char * const hostname = conn->host.name; + long * const certverifyresult = &data->set.ssl.certverifyresult; +#endif /* the name of the cipher suite used, e.g. ECDHE_RSA_AES_256_GCM_SHA384. */ ptr = gnutls_cipher_suite_get_name(gnutls_kx_get(session), @@ -1112,8 +1128,12 @@ gtls_connect_step3(struct connectdata *conn, } #endif if(!rc) { +#ifndef CURL_DISABLE_PROXY const char * const dispname = SSL_IS_PROXY() ? conn->http_proxy.host.dispname : conn->host.dispname; +#else + const char * const dispname = conn->host.dispname; +#endif if(SSL_CONN_CONFIG(verifyhost)) { failf(data, "SSL: certificate subject name (%s) does not match " @@ -1216,20 +1236,23 @@ gtls_connect_step3(struct connectdata *conn, rc = gnutls_x509_crt_get_dn2(x509_cert, &certfields); - if(rc != 0) - return CURLE_OUT_OF_MEMORY; - infof(data, "\t subject: %s\n", certfields.data); + if(rc) + infof(data, "Failed to get certificate name\n"); + else { + infof(data, "\t subject: %s\n", certfields.data); - certclock = gnutls_x509_crt_get_activation_time(x509_cert); - showtime(data, "start date", certclock); + certclock = gnutls_x509_crt_get_activation_time(x509_cert); + showtime(data, "start date", certclock); - certclock = gnutls_x509_crt_get_expiration_time(x509_cert); - showtime(data, "expire date", certclock); + certclock = gnutls_x509_crt_get_expiration_time(x509_cert); + showtime(data, "expire date", certclock); + } rc = gnutls_x509_crt_get_issuer_dn2(x509_cert, &certfields); - if(rc != 0) - return CURLE_OUT_OF_MEMORY; - infof(data, "\t issuer: %s\n", certfields.data); + if(rc) + infof(data, "Failed to get certificate issuer\n"); + else + infof(data, "\t issuer: %s\n", certfields.data); #endif gnutls_x509_crt_deinit(x509_cert); @@ -1381,10 +1404,13 @@ static bool Curl_gtls_data_pending(const struct connectdata *conn, 0 != gnutls_record_check_pending(backend->session)) res = TRUE; +#ifndef CURL_DISABLE_PROXY connssl = &conn->proxy_ssl[connindex]; + backend = connssl->backend; if(backend->session && 0 != gnutls_record_check_pending(backend->session)) res = TRUE; +#endif return res; } @@ -1433,7 +1459,9 @@ static void close_one(struct ssl_connect_data *connssl) static void Curl_gtls_close(struct connectdata *conn, int sockindex) { close_one(&conn->ssl[sockindex]); +#ifndef CURL_DISABLE_PROXY close_one(&conn->proxy_ssl[sockindex]); +#endif } /* diff --git a/libs/libcurl/src/vtls/nss.c b/libs/libcurl/src/vtls/nss.c index fca2926138..0f0d1ee6c8 100644 --- a/libs/libcurl/src/vtls/nss.c +++ b/libs/libcurl/src/vtls/nss.c @@ -1027,9 +1027,11 @@ static SECStatus BadCertHandler(void *arg, PRFileDesc *sock) CERTCertificate *cert; /* remember the cert verification result */ +#ifndef CURL_DISABLE_PROXY if(SSL_IS_PROXY()) data->set.proxy_ssl.certverifyresult = err; else +#endif data->set.ssl.certverifyresult = err; if(err == SSL_ERROR_BAD_CERT_DOMAIN && !SSL_CONN_CONFIG(verifyhost)) @@ -1553,24 +1555,32 @@ static void nss_close(struct ssl_connect_data *connssl) static void Curl_nss_close(struct connectdata *conn, int sockindex) { struct ssl_connect_data *connssl = &conn->ssl[sockindex]; +#ifndef CURL_DISABLE_PROXY struct ssl_connect_data *connssl_proxy = &conn->proxy_ssl[sockindex]; +#endif struct ssl_backend_data *backend = connssl->backend; - if(backend->handle || connssl_proxy->backend->handle) { + if(backend->handle +#ifndef CURL_DISABLE_PROXY + || connssl_proxy->backend->handle +#endif + ) { /* NSS closes the socket we previously handed to it, so we must mark it as closed to avoid double close */ fake_sclose(conn->sock[sockindex]); conn->sock[sockindex] = CURL_SOCKET_BAD; } +#ifndef CURL_DISABLE_PROXY if(backend->handle) /* nss_close(connssl) will transitively close also connssl_proxy->backend->handle if both are used. Clear it to avoid a double close leading to crash. */ connssl_proxy->backend->handle = NULL; - nss_close(connssl); nss_close(connssl_proxy); +#endif + nss_close(connssl); } /* return true if NSS can provide error code (and possibly msg) for the @@ -1828,6 +1838,12 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex) CURLcode result; bool second_layer = FALSE; SSLVersionRange sslver_supported; +#ifndef CURL_DISABLE_PROXY + const char *hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name : + conn->host.name; +#else + const char *hostname = conn->host.name; +#endif SSLVersionRange sslver = { SSL_LIBRARY_VERSION_TLS_1_0, /* min */ @@ -1932,9 +1948,11 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex) goto error; /* not checked yet */ +#ifndef CURL_DISABLE_PROXY if(SSL_IS_PROXY()) data->set.proxy_ssl.certverifyresult = 0; else +#endif data->set.ssl.certverifyresult = 0; if(SSL_BadCertHook(model, BadCertHandler, conn) != SECSuccess) @@ -1991,12 +2009,14 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex) goto error; } +#ifndef CURL_DISABLE_PROXY if(conn->proxy_ssl[sockindex].use) { DEBUGASSERT(ssl_connection_complete == conn->proxy_ssl[sockindex].state); DEBUGASSERT(conn->proxy_ssl[sockindex].backend->handle != NULL); nspr_io = conn->proxy_ssl[sockindex].backend->handle; second_layer = TRUE; } +#endif else { /* wrap OS file descriptor by NSPR's file descriptor abstraction */ nspr_io = PR_ImportTCPSocket(sockfd); @@ -2077,8 +2097,11 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex) unsigned char protocols[128]; #ifdef USE_NGHTTP2 - if(data->set.httpversion >= CURL_HTTP_VERSION_2 && - (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy)) { + if(data->set.httpversion >= CURL_HTTP_VERSION_2 +#ifndef CURL_DISABLE_PROXY + && (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy) +#endif + ) { protocols[cur++] = NGHTTP2_PROTO_VERSION_ID_LEN; memcpy(&protocols[cur], NGHTTP2_PROTO_VERSION_ID, NGHTTP2_PROTO_VERSION_ID_LEN); @@ -2101,14 +2124,11 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex) goto error; /* propagate hostname to the TLS layer */ - if(SSL_SetURL(backend->handle, SSL_IS_PROXY() ? conn->http_proxy.host.name : - conn->host.name) != SECSuccess) + if(SSL_SetURL(backend->handle, hostname) != SECSuccess) goto error; /* prevent NSS from re-using the session for a different hostname */ - if(SSL_SetSockPeerID(backend->handle, SSL_IS_PROXY() ? - conn->http_proxy.host.name : conn->host.name) - != SECSuccess) + if(SSL_SetSockPeerID(backend->handle, hostname) != SECSuccess) goto error; return CURLE_OK; @@ -2127,11 +2147,17 @@ static CURLcode nss_do_connect(struct connectdata *conn, int sockindex) struct Curl_easy *data = conn->data; CURLcode result = CURLE_SSL_CONNECT_ERROR; PRUint32 timeout; +#ifndef CURL_DISABLE_PROXY long * const certverifyresult = SSL_IS_PROXY() ? &data->set.proxy_ssl.certverifyresult : &data->set.ssl.certverifyresult; const char * const pinnedpubkey = SSL_IS_PROXY() ? data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] : data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]; +#else + long * const certverifyresult = &data->set.ssl.certverifyresult; + const char * const pinnedpubkey = + data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]; +#endif /* check timeout situation */ diff --git a/libs/libcurl/src/vtls/openssl.c b/libs/libcurl/src/vtls/openssl.c index 2e9f900da3..1685a4aa4c 100644 --- a/libs/libcurl/src/vtls/openssl.c +++ b/libs/libcurl/src/vtls/openssl.c @@ -619,7 +619,9 @@ SSL_CTX_use_certificate_chain_bio(SSL_CTX *ctx, BIO* in, const char *key_passwd) { /* SSL_CTX_add1_chain_cert introduced in OpenSSL 1.0.2 */ -#if (OPENSSL_VERSION_NUMBER >= 0x1000200fL) /* 1.0.2 or later */ +#if (OPENSSL_VERSION_NUMBER >= 0x1000200fL) && /* OpenSSL 1.0.2 or later */ \ + !(defined(LIBRESSL_VERSION_NUMBER) && \ + (LIBRESSL_VERSION_NUMBER < 0x2090100fL)) /* LibreSSL 2.9.1 or later */ int ret = 0; X509 *x = NULL; void *passwd_callback_userdata = (void *)key_passwd; @@ -2825,7 +2827,8 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) if((SSL_CONN_CONFIG(verifypeer) || SSL_CONN_CONFIG(verifyhost)) && (SSL_SET_OPTION(native_ca_store))) { X509_STORE *store = SSL_CTX_get_cert_store(backend->ctx); - HCERTSTORE hStore = CertOpenSystemStoreA((HCRYPTPROV_LEGACY)NULL, "ROOT"); + HCERTSTORE hStore = CertOpenSystemStore((HCRYPTPROV_LEGACY)NULL, + TEXT("ROOT")); if(hStore) { PCCERT_CONTEXT pContext = NULL; diff --git a/libs/libcurl/src/vtls/schannel.c b/libs/libcurl/src/vtls/schannel.c index 1996526066..1c1432d757 100644 --- a/libs/libcurl/src/vtls/schannel.c +++ b/libs/libcurl/src/vtls/schannel.c @@ -50,7 +50,7 @@ #include "x509asn1.h" #include "curl_printf.h" #include "multiif.h" -#include "system_win32.h" +#include "version_win32.h" /* The last #include file should be: */ #include "curl_memory.h" @@ -436,8 +436,8 @@ schannel_connect_step1(struct connectdata *conn, int sockindex) "schannel: SSL/TLS connection with %s port %hu (step 1/3)\n", hostname, conn->remote_port)); - if(Curl_verify_windows_version(5, 1, PLATFORM_WINNT, - VERSION_LESS_THAN_EQUAL)) { + if(curlx_verify_windows_version(5, 1, PLATFORM_WINNT, + VERSION_LESS_THAN_EQUAL)) { /* Schannel in Windows XP (OS version 5.1) uses legacy handshakes and algorithms that may not be supported by all servers. */ infof(data, "schannel: Windows version is old and may not be able to " @@ -448,10 +448,10 @@ schannel_connect_step1(struct connectdata *conn, int sockindex) /* ALPN is only supported on Windows 8.1 / Server 2012 R2 and above. Also it doesn't seem to be supported for Wine, see curl bug #983. */ BACKEND->use_alpn = conn->bits.tls_enable_alpn && - !GetProcAddress(GetModuleHandleA("ntdll"), + !GetProcAddress(GetModuleHandle(TEXT("ntdll")), "wine_get_version") && - Curl_verify_windows_version(6, 3, PLATFORM_WINNT, - VERSION_GREATER_THAN_EQUAL); + curlx_verify_windows_version(6, 3, PLATFORM_WINNT, + VERSION_GREATER_THAN_EQUAL); #else BACKEND->use_alpn = false; #endif @@ -467,8 +467,8 @@ schannel_connect_step1(struct connectdata *conn, int sockindex) #else #ifdef HAS_MANUAL_VERIFY_API if(SSL_CONN_CONFIG(CAfile)) { - if(Curl_verify_windows_version(6, 1, PLATFORM_WINNT, - VERSION_GREATER_THAN_EQUAL)) { + if(curlx_verify_windows_version(6, 1, PLATFORM_WINNT, + VERSION_GREATER_THAN_EQUAL)) { BACKEND->use_manual_cred_validation = true; } else { @@ -2015,8 +2015,8 @@ schannel_recv(struct connectdata *conn, int sockindex, */ if(len && !BACKEND->decdata_offset && BACKEND->recv_connection_closed && !BACKEND->recv_sspi_close_notify) { - bool isWin2k = Curl_verify_windows_version(5, 0, PLATFORM_WINNT, - VERSION_EQUAL); + bool isWin2k = curlx_verify_windows_version(5, 0, PLATFORM_WINNT, + VERSION_EQUAL); if(isWin2k && sspi_status == SEC_E_OK) BACKEND->recv_sspi_close_notify = true; diff --git a/libs/libcurl/src/vtls/schannel_verify.c b/libs/libcurl/src/vtls/schannel_verify.c index bdd7199e49..ab7be39500 100644 --- a/libs/libcurl/src/vtls/schannel_verify.c +++ b/libs/libcurl/src/vtls/schannel_verify.c @@ -45,7 +45,7 @@ #include "curl_multibyte.h" #include "curl_printf.h" #include "hostcheck.h" -#include "system_win32.h" +#include "version_win32.h" /* The last #include file should be: */ #include "curl_memory.h" @@ -317,8 +317,8 @@ static DWORD cert_get_name_string(struct Curl_easy *data, DWORD i; /* CERT_NAME_SEARCH_ALL_NAMES_FLAG is available from Windows 8 onwards. */ - if(Curl_verify_windows_version(6, 2, PLATFORM_WINNT, - VERSION_GREATER_THAN_EQUAL)) { + if(curlx_verify_windows_version(6, 2, PLATFORM_WINNT, + VERSION_GREATER_THAN_EQUAL)) { #ifdef CERT_NAME_SEARCH_ALL_NAMES_FLAG /* CertGetNameString will provide the 8-bit character string without * any decoding */ @@ -564,7 +564,7 @@ CURLcode Curl_verify_certificate(struct connectdata *conn, int sockindex) * trusted certificates. This is only supported on Windows 7+. */ - if(Curl_verify_windows_version(6, 1, PLATFORM_WINNT, VERSION_LESS_THAN)) { + if(curlx_verify_windows_version(6, 1, PLATFORM_WINNT, VERSION_LESS_THAN)) { failf(data, "schannel: this version of Windows is too old to support " "certificate verification via CA bundle file."); result = CURLE_SSL_CACERT_BADFILE; diff --git a/libs/libcurl/src/vtls/vtls.c b/libs/libcurl/src/vtls/vtls.c index c3a55fb1cb..281043aa63 100644 --- a/libs/libcurl/src/vtls/vtls.c +++ b/libs/libcurl/src/vtls/vtls.c @@ -621,6 +621,7 @@ void Curl_ssl_close(struct connectdata *conn, int sockindex) { DEBUGASSERT((sockindex <= 1) && (sockindex >= -1)); Curl_ssl->close_one(conn, sockindex); + conn->ssl[sockindex].state = ssl_connection_none; } CURLcode Curl_ssl_shutdown(struct connectdata *conn, int sockindex) |