diff options
| author | George Hazan <ghazan@miranda.im> | 2019-09-17 12:36:24 +0300 |
|---|---|---|
| committer | George Hazan <ghazan@miranda.im> | 2019-09-17 12:36:24 +0300 |
| commit | fe2500aa99137c9ce35907c118745d65a0c0c07e (patch) | |
| tree | 5b4024359b5344b1490f7568bfb6dec897cd1aae /libs/libcurl | |
| parent | adbda1ab567b2baf45c80a62a6aa4c3171a5c2e3 (diff) | |
libcurl updated to 7.66
Diffstat (limited to 'libs/libcurl')
88 files changed, 3895 insertions, 3217 deletions
diff --git a/libs/libcurl/docs/CHANGES b/libs/libcurl/docs/CHANGES index 447b46a526..0047ab41ac 100644 --- a/libs/libcurl/docs/CHANGES +++ b/libs/libcurl/docs/CHANGES @@ -6,6 +6,1296 @@ Changelog +Version 7.66.0 (10 Sep 2019) + +Daniel Stenberg (10 Sep 2019) +- RELEASE-NOTES: curl 7.66.0 + +- THANKS: from the 7.66.0 release + +- curl: make sure the parallel transfers do them all + + The logic could erroneously break the loop too early before all + transfers had been transferred. + + Reported-by: Tom van der Woerdt + Fixes #4316 + Closes #4317 + +- urlapi: one colon is enough for the strspn() input (typo) + +- urlapi: verify the IPv6 numerical address + + It needs to parse correctly. Otherwise it could be tricked into letting + through a-f using host names that libcurl would then resolve. Like + '[ab.be]'. + + Reported-by: Thomas Vegas + Closes #4315 + +- [Clément Notin brought this change] + + openssl: use SSL_CTX_set_<min|max>_proto_version() when available + + OpenSSL 1.1.0 adds SSL_CTX_set_<min|max>_proto_version() that we now use + when available. Existing code is preserved for older versions of + OpenSSL. + + Closes #4304 + +- [Clément Notin brought this change] + + openssl: indent, re-organize and add comments + +- [migueljcrum brought this change] + + sspi: fix memory leaks + + Closes #4299 + +- travis: disable ngtcp2 builds (again) + +- Curl_fillreadbuffer: avoid double-free trailer buf on error + + Reviewed-by: Jay Satiro + Reported-by: Thomas Vegas + + Closes #4307 + +- tool_setopt: handle a libcurl build without netrc support + + Reported-by: codesniffer13 on github + Fixes #4302 + Closes #4305 + +- security:read_data fix bad realloc() + + ... that could end up a double-free + + CVE-2019-5481 + Bug: https://curl.haxx.se/docs/CVE-2019-5481.html + +- [Thomas Vegas brought this change] + + tftp: Alloc maximum blksize, and use default unless OACK is received + + Fixes potential buffer overflow from 'recvfrom()', should the server + return an OACK without blksize. + + Bug: https://curl.haxx.se/docs/CVE-2019-5482.html + CVE-2019-5482 + +- [Thomas Vegas brought this change] + + tftp: return error when packet is too small for options + +- KNOWN_BUGS/TODO: cleanup and remove outdated issues + +- RELEASE-NOTES: synced + +- netrc: free 'home' on error + + Follow-up to f9c7ba9096ec2 + + Coverity CID 1453474 + + Closes #4291 + +- urldata: avoid 'generic', use dedicated pointers + + For the 'proto' union within the connectdata struct. + + Closes #4290 + +- cleanup: move functions out of url.c and make them static + + Closes #4289 + +- smtp: check for and bail out on too short EHLO response + + Otherwise, a three byte response would make the smtp_state_ehlo_resp() + function misbehave. + + Credit to OSS-Fuzz + Bug: https://crbug.com/oss-fuzz/16918 + + Assisted-by: Max Dymond + + Closes #4287 + +- smb: init *msg to NULL in smb_send_and_recv() + + ... it might otherwise return OK from this function leaving that pointer + uninitialized. + + Bug: https://crbug.com/oss-fuzz/16907 + + Closes #4286 + +- ROADMAP: updated after recent user poll + + In rough prio order + +- THANKS: remove duplicate + +- Curl_addr2string: take an addrlen argument too + + This allows the function to figure out if a unix domain socket has a + file name or not associated with it! When a socket is created with + socketpair(), as done in the fuzzer testing, the path struct member is + uninitialized and must not be accessed. + + Bug: https://crbug.com/oss-fuzz/16699 + + Closes #4283 + +- [Rolf Eike Beer brought this change] + + CMake: remove needless newlines at end of gss variables + +- [Rolf Eike Beer brought this change] + + CI: remove duplicate configure flag for LGTM.com + +- [Rolf Eike Beer brought this change] + + CMake: use platform dependent name for dlopen() library + + Closes #4279 + +- quiche: expire when poll returned data + + ... to make sure we continue draining the queue until empty + + Closes #4281 + +- quiche: decrease available buffer size, don't assign it! + + Found-by: Jeremy Lainé + +- RELEASE-NOTES: synced + +- [Kyohei Kadota brought this change] + + curl: fix include conditions + +- [Kyohei Kadota brought this change] + + plan9: fix installation instructions + + Closes #4276 + +- ngtcp2: on h3 stream close, call expire + + ... to trigger a new read to detect the stream close! + + Closes #4275 + +- [Tatsuhiro Tsujikawa brought this change] + + ngtcp2: build latest ngtcp2 and ngtcp2_crypto_openssl + + Closes #4278 + +- ngtcp2: set flow control window to stream buffer size + + Closes #4274 + +- [Christopher Head brought this change] + + CURLOPT_HEADERFUNCTION.3: clarify + + Closes #4273 + +- CURLINFO docs: mention that in redirects times are added + + Suggested-by: Brandon Dong + Fixes #4250 + Closes #4269 + +- travis: enable ngtcp2 builds again + + Switched to the openssl-quic-draft-22 openssl branch. + + Closes #4271 + +- HTTP3: switched openssl branch to use + +- [Tatsuhiro Tsujikawa brought this change] + + ngtcp2: Build with latest ngtcp2 and ngtcp2_crypto_openssl + + Closes #4270 + +- http2: when marked for closure and wanted to close == OK + + It could otherwise return an error even when closed correctly if GOAWAY + had been received previously. + + Reported-by: Tom van der Woerdt + Fixes #4267 + Closes #4268 + +- RELEASE-NOTES: synced + +- build-openssl: fix build with Visual Studio 2019 + + Reviewed-by: Marcel Raad + Contributed-by: osabc on github + Fixes #4188 + Closes #4266 + +Kamil Dudka (26 Aug 2019) +- vauth: return CURLE_AUTH_ERROR on gss_init_sec_context() failure + + This is a follow-up to https://github.com/curl/curl/pull/3864 . + + Closes #4224 + +Daniel Stenberg (26 Aug 2019) +- KNOWN_BUGS: USE_UNIX_SOCKETS on Windows + + Closes #4040 + +- quiche: send the HTTP body correctly on callback uploads + + Closes #4265 + +- travis: disable ngtcp2 builds (temporarily) + + Just too many API changes right now + + Closes #4264 + +- ngtcp2: add support for SSLKEYLOGFILE + + Closes #4260 + +- ngtcp2: improve h3 response receiving + + Closes #4259 + +- ngtcp2: use nghttp3_version() + +- ngtcp2: sync with upstream API changes + + Assisted-by: Tatsuhiro Tsujikawa + +- [Kyle Abramowitz brought this change] + + scp: fix directory name length used in memcpy + + Fix read off end of array due to bad pointer math in getworkingpath for + SCP home directory case. + + Closes #4258 + +- http: the 'closed' struct field is used by both ngh2 and ngh3 + + and remove 'header_recvbuf', not used for anything + + Reported-by: Jeremy Lainé + + Closes #4257 + +- ngtcp2: accept upload via callback + + Closes #4256 + +- defines: avoid underscore-prefixed defines + + Double-underscored or underscore plus uppercase letter at least. + + ... as they're claimed to be reserved. + + Reported-by: patnyb on github + + Fixes #4254 + Closes #4255 + +- travis: add a build using ngtcp2 + nghttp3 (and a patched OpenSSL) + + Runs no tests + + Closes #4253 + +- travis: bump to using nghttp2 version 1.39.2 + + Closes #4252 + +- [Gisle Vanem brought this change] + + docs/examples/curlx: fix errors + + Initialise 'mimetype' and require the -p12 arg. + + Closes #4248 + +- cleanup: remove DOT_CHAR completely + + Follow-up to f9c7ba9096ec + + The use of DOT_CHAR for ".ssh" was probably a mistake and is removed + now. + + Pointed-out-by: Gisle Vanem + Bug: https://github.com/curl/curl/pull/4230#issuecomment-522960638 + + Closes #4247 + +- spnego_sspi: add typecast to fix build warning + + Reported in build "Win32 target on Debian Stretch (64-bit) - + i686-w64-mingw32 - gcc-20170516" + + Closes #4245 + +- openssl: build warning free with boringssl + + Closes #4244 + +- curl: make --libcurl use CURL_HTTP_VERSION_3 + + Closes #4243 + +- ngtcp2: make postfields-set posts work + + Closes #4242 + +- http: remove chunked-encoding and expect header use for HTTP/3 + +- [Alessandro Ghedini brought this change] + + configure: use pkg-config to detect quiche + + This removes the need to hard-code the quiche target path in + configure.ac. + + This depends on https://github.com/cloudflare/quiche/pull/128 + + Closes #4237 + +- CURLOPT_SSL_VERIFYHOST: treat the value 1 as 2 + + For a long time (since 7.28.1) we've returned error when setting the + value to 1 to make applications notice that we stopped supported the old + behavior for 1. Starting now, we treat 1 and 2 exactly the same. + + Closes #4241 + +- curl: use .curlrc (with a dot) on Windows as well + + Fall-back to _curlrc if the dot-version is missing. + + Co-Authored-By: Steve Holme + + Closes #4230 + +- netrc: make the code try ".netrc" on Windows as well + + ... but fall back and try "_netrc" too if the dot version didn't work. + + Co-Authored-By: Steve Holme + +- ngtcp2: use ngtcp2_version() to get the run-time version + + ... which of course doesn't have to be the same used at build-time. + + Function just recently merged in ngtcp2. + +- ngtcp2: move the h3 initing to immediately after the rx key + + To fix a segfault and to better deal with 0-RTT + + Assisted-by: Tatsuhiro Tsujikawa + +- [Alessandro Ghedini brought this change] + + quiche: register debug callback once and earlier + + The quiche debug callback is global and can only be initialized once, so + make sure we don't do it multiple times (e.g. if multiple requests are + executed). + + In addition this initializes the callback before the connection is + created, so we get logs for the handshake as well. + + Closes #4236 + +- ssh: add a generic Curl_ssh_version function for SSH backends + + Closes #4235 + +- base64: check for SSH, not specific SSH backends + +- vssh: move ssh init/cleanup functions into backend code + +- vssh: create directory for SSH backend code + +- TODO/ROADMAP: remove "refuse downgrade redirects" and HTTP/3 + + HTTP3 is now already in full progress + + Downgrade redirects can be achived almost exactly like that by setting + CURLOPT_REDIR_PROTOCOLS. + +- RELEASE-NOTES: synced + +- travis: add a quiche build + + Closes #4207 + +- http: fix use of credentials from URL when using HTTP proxy + + When a username and password are provided in the URL, they were wrongly + removed from the stored URL so that subsequent uses of the same URL + wouldn't find the crendentials. This made doing HTTP auth with multiple + connections (like Digest) mishave. + + Regression from 46e164069d1a5230 (7.62.0) + + Test case 335 added to verify. + + Reported-by: Mike Crowe + + Fixes #4228 + Closes #4229 + +- [Mike Crowe brought this change] + + tests: Replace outdated test case numbering documentation + + Tests are no longer grouped by numeric range[1]. Let's stop saying that + and provide some alternative advice for numbering tests. + + [1] https://curl.haxx.se/mail/lib-2019-08/0043.html + + Closes #4227 + +- travis: reduce number of torture tests in 'coverage' + + ... to make it complete in time. This cut seems not almost not affect + the coverage percentage and yet completes within 35 minutes on travis + where the previous runs recently always timed out after 50. + + Closes #4223 + +- [Igor Makarov brought this change] + + configure: use -lquiche to link to quiche + + Closes #4226 + +- ngtcp2: provide the callbacks as a static struct + + ... instead of having them in quicsocket + +- [Tatsuhiro Tsujikawa brought this change] + + ngtcp2: add missing nghttp3_conn_add_write_offset call + + Closes #4225 + +- [Tatsuhiro Tsujikawa brought this change] + + ngtcp2: deal with stream close + +- [Tatsuhiro Tsujikawa brought this change] + + ngtcp2: Consume QUIC STREAM data properly + +- [Tatsuhiro Tsujikawa brought this change] + + ngtcp2: don't reinitialize SSL on Retry + +- multi: getsock improvements for QUIC connecting + +- connect: connections are persistent by default for HTTP/3 + +- quiche: happy eyeballs + + Closes #4220 + +- ngtcp2: do QUIC connections happy-eyeballs friendly + +- curl_version: bump string buffer size to 250 + + With HTTP/3 libs and plenty TLS libs, I manged to hit the limit (which + causes a truncated output). + +- CURLOPT_ALTSVC.3: use a "" file name to not load from a file + +Jay Satiro (14 Aug 2019) +- vauth: Use CURLE_AUTH_ERROR for auth function errors + + - Add new error code CURLE_AUTH_ERROR. + + Prior to this change auth function errors were signaled by + CURLE_OUT_OF_MEMORY and CURLE_RECV_ERROR, and neither one was + technically correct. + + Ref: https://github.com/curl/curl/pull/3848 + + Co-authored-by: Dominik Hölzl + + Closes https://github.com/curl/curl/pull/3864 + +Daniel Stenberg (13 Aug 2019) +- curl_version_info: make the quic_version a const + + Follow-up from 1a2df1518ad8653f + + Closes #4222 + +- examples: add http3.c, altsvc.c and http3-present.c + + Closes #4221 + +Peter Wu (13 Aug 2019) +- nss: use TLSv1.3 as default if supported + + SSL_VersionRangeGetDefault returns (TLSv1.0, TLSv1.2) as supported + range in NSS 3.45. It looks like the intention is to raise the minimum + version rather than lowering the maximum, so adjust accordingly. Note + that the caller (nss_setup_connect) initializes the version range to + (TLSv1.0, TLSv1.3), so there is no need to check for >= TLSv1.0 again. + + Closes #4187 + Reviewed-by: Daniel Stenberg + Reviewed-by: Kamil Dudka + +Daniel Stenberg (13 Aug 2019) +- quic.h: remove unused proto + +- curl_version_info.3: mentioned ALTSVC and HTTP3 + + ... and sorted the list alphabetically + +- lib/quic.c: unused - removed + +- CURLOPT_ALTSVC_CTRL.3: remove CURLALTSVC_ALTUSED + + Follow-up to 98c3f148 that removed it from the header file + +- [Junho Choi brought this change] + + docs/HTTP3: simplify quiche build instruction + + Use --recursive to get boringssl in one line + + Closes #4219 + +- altsvc: make it use h3-22 with ngtcp2 as well + +- ngtcp2: initial h3 request work + + Closes #4217 + +- curl_version_info: offer quic (and h3) library info + + Closes #4216 + +- HTTP3: use ngtcp2's draft-22 branch + +- RELEASE-NOTES: synced + +- CURLOPT_READFUNCTION.3: provide inline example + + ... instead of mentioning one in another place + +- [Tatsuhiro Tsujikawa brought this change] + + ngtcp2: send HTTP/3 request with nghttp3 + + This commit makes sending HTTP/3 request with nghttp3 work. It + minimally receives HTTP response and calls nghttp3 callbacks, but no + processing is made at the moment. + + Closes #4215 + +- nghttp3: initial h3 template code added + +- nghttp3: required when ngtcp2 is used for QUIC + + - checked for by configure + - updated docs/HTTP3.md + - shown in the version string + + Closes #4210 + +- [Eric Wong brought this change] + + asyn-thread: issue CURL_POLL_REMOVE before closing socket + + This avoids EBADF errors from EPOLL_CTL_DEL operations in the + ephiperfifo.c example. EBADF is dangerous in multi-threaded + applications where I rely on epoll_ctl to operate on the same + epoll description from different threads. + + Follow-up to eb9a604f8d7db8 + + Bug: https://curl.haxx.se/mail/lib-2019-08/0026.html + Closes #4211 + +- [Carlo Marcelo Arenas Belón brought this change] + + configure: avoid undefined check_for_ca_bundle + + instead of using a "greater than 0" test, check for variable being + set, as it is always set to 1, and could be left unset if non of + OPENSSL MBEDTLS GNUTLS WOLFSSL is being configured for. + + Closes #4213 + +- [Tatsuhiro Tsujikawa brought this change] + + ngtcp2: Send ALPN h3-22 + + Closes #4212 + +- [Tatsuhiro Tsujikawa brought this change] + + ngtcp2: use ngtcp2_settings_default and specify initial_ts + +- curl_global_init_mem.3: mention it was added in 7.12.0 + +- [Tatsuhiro Tsujikawa brought this change] + + ngtcp2: make the QUIC handshake work + + Closes #4209 + +- [Alex Mayorga brought this change] + + HTTP3.md: Update quiche build instructions + + Added cloning for quiche and BoringSSL and modified the build + instructions so they work on a clean folder. + + Closes #4208 + +- CURLOPT_H3: removed + + There's no use for this anymore and it was never in a release. + + Closes #4206 + +- http3: make connection reuse work + + Closes #4204 + +- quiche: add SSLKEYLOGFILE support + +- cleanup: s/curl_debug/curl_dbg_debug in comments and docs + + Leftovers from the function rename back in 76b63489495 + + Reported-by: Gisle Vanem + Bug: https://github.com/curl/curl/commit/f3e0f071b14fcb46a453f69bdf4e062bcaacf362#com + mitcomment-34601751 + + Closes #4203 + +- RELEASE-NOTES: synced + +- alt-svc: add protocol version selection masking + + So that users can mask in/out specific HTTP versions when Alt-Svc is + used. + + - Removed "h2c" and updated test case accordingly + - Changed how the altsvc struct is laid out + - Added ifdefs to make the unittest run even in a quiche-tree + + Closes #4201 + +- http3: fix the HTTP/3 in the request, make alt-svc set right versions + + Closes #4200 + +- alt-svc: send Alt-Used: in redirected requests + + RFC 7838 section 5: + + When using an alternative service, clients SHOULD include an Alt-Used + header field in all requests. + + Removed CURLALTSVC_ALTUSED again (feature is still EXPERIMENTAL thus + this is deemed ok). + + You can disable sending this header just like you disable any other HTTP + header in libcurl. + + Closes #4199 + +- CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directly + + Even though it cannot fall-back to a lower HTTP version automatically. The + safer way to upgrade remains via CURLOPT_ALTSVC. + + CURLOPT_H3 no longer has any bits that do anything and might be removed + before we remove the experimental label. + + Updated the curl tool accordingly to use "--http3". + + Closes #4197 + +- docs/ALTSVC: remove what works and the experimental explanation + + Also, put the TODO items at the bottom. + + Closes #4198 + +- docs/EXPERIMENTAL: explain what it means and what's experimental now + +- curl: make use of CURLINFO_RETRY_AFTER when retrying + + If a Retry-After: header was used in the response, that value overrides + other retry timing options. + + Fixes #3794 + Closes #4195 + +- curl: use CURLINFO_PROTOCOL to check for HTTP(s) + + ... instead of CURLINFO_EFFECTIVE_URL to avoid string operations. + +- CURLINFO_RETRY_AFTER: parse the Retry-After header value + + This is only the libcurl part that provides the information. There's no + user of the parsed value. This change includes three new tests for the + parser. + + Ref: #3794 + +- docs/ALTSVC.md: first basic file format description + +- curl: have -w's 'http_version' show '3' for HTTP/3 + + Closes #4196 + +- curl.h: add CURL_HTTP_VERSION_3 to the version enum + + It can't be set for CURLOPT_HTTP_VERSION, but it can be extracted with + CURLINFO_HTTP_VERSION. + +- quiche: make use of the connection timeout API properly + +- quiche: make POSTFIELDS posts work + +- quiche: improved error handling and memory cleanups + +- quiche: flush egress in h3_stream_recv() too + +- RELEASE-NOTES: synced + +Jay Satiro (6 Aug 2019) +- [Patrick Monnerat brought this change] + + os400: take care of CURLOPT_SASL_AUTHZID in curl_easy_setopt_ccsid(). + + Ref: https://github.com/curl/curl/issues/3653 + Ref: https://github.com/curl/curl/pull/3790 + + NOTE: This commit was cherry-picked and is part of a series of commits + that added the authzid feature for upcoming 7.66.0. The series was + temporarily reverted in db8ec1f so that it would not ship in a 7.65.x + patch release. + + Closes https://github.com/curl/curl/pull/4186 + +- tests: Fix the line endings for the SASL alt-auth tests + + - Change data and protocol sections to CRLF line endings. + + Prior to this change the tests would fail or hang, which is because + certain sections such as protocol require CRLF line endings. + + Follow-up to grandparent commit which added the tests. + + Ref: https://github.com/curl/curl/issues/3653 + Ref: https://github.com/curl/curl/pull/3790 + + NOTE: This commit was cherry-picked and is part of a series of commits + that added the authzid feature for upcoming 7.66.0. The series was + temporarily reverted in db8ec1f so that it would not ship in a 7.65.x + patch release. + + Closes https://github.com/curl/curl/pull/4186 + +- [Steve Holme brought this change] + + examples: Added SASL PLAIN authorisation identity (authzid) examples + + Ref: https://github.com/curl/curl/issues/3653 + Ref: https://github.com/curl/curl/pull/3790 + + NOTE: This commit was cherry-picked and is part of a series of commits + that added the authzid feature for upcoming 7.66.0. The series was + temporarily reverted in db8ec1f so that it would not ship in a 7.65.x + patch release. + + Closes https://github.com/curl/curl/pull/4186 + +- [Steve Holme brought this change] + + curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool + + Ref: https://github.com/curl/curl/issues/3653 + Ref: https://github.com/curl/curl/pull/3790 + + NOTE: This commit was cherry-picked and is part of a series of commits + that added the authzid feature for upcoming 7.66.0. The series was + temporarily reverted in db8ec1f so that it would not ship in a 7.65.x + patch release. + + Closes https://github.com/curl/curl/pull/4186 + +- [Steve Holme brought this change] + + sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID + + Added the ability for the calling program to specify the authorisation + identity (authzid), the identity to act as, in addition to the + authentication identity (authcid) and password when using SASL PLAIN + authentication. + + Fixes #3653 + Closes #3790 + + NOTE: This commit was cherry-picked and is part of a series of commits + that added the authzid feature for upcoming 7.66.0. The series was + temporarily reverted in db8ec1f so that it would not ship in a 7.65.x + patch release. + + Closes https://github.com/curl/curl/pull/4186 + +Daniel Stenberg (6 Aug 2019) +- docs/HTTP3: refreshed as it is now in master and HTTP/3 can be tested + +- [Yiming Jing brought this change] + + mesalink: implement client authentication + + Closes #4184 + +- curl_multi_poll: a sister to curl_multi_wait() that waits more + + Repeatedly we see problems where using curl_multi_wait() is difficult or + just awkward because if it has no file descriptor to wait for + internally, it returns immediately and leaves it to the caller to wait + for a small amount of time in order to avoid occasional busy-looping. + + This is often missed or misunderstood, leading to underperforming + applications. + + This change introduces curl_multi_poll() as a replacement drop-in + function that accepts the exact same set of arguments. This function + works identically to curl_multi_wait() - EXCEPT - for the case when + there's nothing to wait for internally, as then this function will by + itself wait for a "suitable" short time before it returns. This + effectiely avoids all risks of busy-looping and should also make it less + likely that apps "over-wait". + + This also changes the curl tool to use this funtion internally when + doing parallel transfers and changes curl_easy_perform() to use it + internally. + + Closes #4163 + +- quiche:h3_stream_recv return 0 at end of stream + + ... and remove some verbose messages we don't need. Made transfers from + facebook.com work better. + +- altsvc: make quiche use h3-22 now + +- quiche: show the actual version number + +- quiche: first working HTTP/3 request + + - enable debug log + - fix use of quiche API + - use download buffer + - separate header/body + + Closes #4193 + +- http09: disable HTTP/0.9 by default in both tool and library + + As the plan has been laid out in DEPRECATED. Update docs accordingly and + verify in test 1174. Now requires the option to be set to allow HTTP/0.9 + responses. + + Closes #4191 + +- quiche: initial h3 request send/receive + +- lib/Makefile.am: make checksrc run in vquic too + +- altsvc: fix removal of expired cache entry + + Closes #4192 + +- RELEASE-NOTES: synced + +Steve Holme (4 Aug 2019) +- md4: Use our own MD4 implementation when no crypto libraries are available + + Closes #3780 + +- md4: No need to include Curl_md4.h for each TLS library + +- md4: No need for the NTLM code to call Curl_md4it() for each TLS library + + As the NTLM code no longer calls any of TLS libraries' specific MD4 + functions, there is no need to call this function for each #ifdef. + +- md4: Move the mbed TLS MD4 implementation out of the NTLM code + +- md4: Move the WinCrypt implementation out of the NTLM code + +- md4: Move the SecureTransport implementation out of the NTLM code + +- md4: Use the Curl_md4it() function for OpenSSL based NTLM + +- md4: Move the GNU TLS gcrypt MD4 implementation out of the NTLM code + +- md4: Move the GNU TLS Nettle MD4 implementation out of the NTLM code + +Jay Satiro (4 Aug 2019) +- OS400: Add CURLOPT_H3 symbols + + Follow-up to 3af0e76 which added experimental H3 support. + + Closes https://github.com/curl/curl/pull/4185 + +Daniel Stenberg (3 Aug 2019) +- url: make use of new HTTP version if alt-svc has one + +- url: set conn->transport to default TCP at init time + +- altsvc: with quiche, use the quiche h3 alpn string + + Closes #4183 + +- alt-svc: more liberal ALPN name parsing + + Allow pretty much anything to be part of the ALPN identifier. In + particular minus, which is used for "h3-20" (in-progress HTTP/3 + versions) etc. + + Updated test 356. + Closes #4182 + +- quiche: use the proper HTTP/3 ALPN + +- quiche: add failf() calls for two error cases + + To aid debugging + + Closes #4181 + +- mailmap: added Kyohei Kadota + +Kamil Dudka (1 Aug 2019) +- http_negotiate: improve handling of gss_init_sec_context() failures + + If HTTPAUTH_GSSNEGOTIATE was used for a POST request and + gss_init_sec_context() failed, the POST request was sent + with empty body. This commit also restores the original + behavior of `curl --fail --negotiate`, which was changed + by commit 6c6035532383e300c712e4c1cd9fdd749ed5cf59. + + Add regression tests 2077 and 2078 to cover this. + + Fixes #3992 + Closes #4171 + +Daniel Stenberg (1 Aug 2019) +- mailmap: added 4 more names + + Evgeny Grin, Peter Pih, Anton Malov and Marquis de Muesli + +- mailmap: add Giorgos Oikonomou + +- src/makefile: fix uncompressed hugehelp.c generation + + Regression from 5cf5d57ab9 (7.64.1) + + Fixed-by: Lance Ware + Fixes #4176 + Closes #4177 + +- appveyor: pass on -k to make + +- timediff: make it 64 bit (if possible) even with 32 bit time_t + + ... to make it hold microseconds too. + + Fixes #4165 + Closes #4168 + +- ROADMAP: parallel transfers are merged now + +- getenv: support up to 4K environment variable contents on windows + + Reported-by: Michal Čaplygin + Fixes #4174 + Closes #4175 + +- [Kyohei Kadota brought this change] + + plan9: add support for running on Plan 9 + + Closes #3701 + +- [Kyohei Kadota brought this change] + + ntlm: explicit type casting + +- [Justin brought this change] + + curl.h: fix outdated comment + + Closes #4167 + +- curl: remove outdated comment + + Turned bad with commit b8894085000 + + Reported-by: niallor on github + Fixes #4172 + Closes #4173 + +- cleanup: remove the 'numsocks' argument used in many places + + It was used (intended) to pass in the size of the 'socks' array that is + also passed to these functions, but was rarely actually checked/used and + the array is defined to a fixed size of MAX_SOCKSPEREASYHANDLE entries + that should be used instead. + + Closes #4169 + +- readwrite_data: repair setting the TIMER_STARTTRANSFER stamp + + Regression, broken in commit 65eb65fde64bd5f (curl 7.64.1) + + Reported-by: Jonathan Cardoso Machado + Assisted-by: Jay Satiro + + Fixes #4136 + Closes #4162 + +- mailmap: Amit Katyal + +- asyn-thread: removed unused variable + + Follow-up to eb9a604f. Mistake caused by me when I edited the commit + before push... + +- RELEASE-NOTES: synced + +- [Amit Katyal brought this change] + + asyn-thread: create a socketpair to wait on + + Closes #4157 + +- curl: cap the maximum allowed values for retry time arguments + + ... to avoid integer overflows later when multiplying with 1000 to + convert seconds to milliseconds. + + Added test 1269 to verify. + + Reported-by: Jason Lee + Closes #4166 + +- progress: reset download/uploaded counter + + ... to make CURLOPT_MAX_RECV_SPEED_LARGE and + CURLOPT_MAX_SEND_SPEED_LARGE work correctly on subsequent transfers that + reuse the same handle. + + Fixed-by: Ironbars13 on github + Fixes #4084 + Closes #4161 + +- http2_recv: trigger another read when the last data is returned + + ... so that end-of-stream is detected properly. + + Reported-by: Tom van der Woerdt + Fixes #4043 + Closes #4160 + +- curl: avoid uncessary libcurl timeouts (in parallel mode) + + When curl_multi_wait() returns OK without file descriptors to wait for, + it might already have done a long timeout. + + Closes #4159 + +- [Balazs Kovacsics brought this change] + + HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknown + + If using the read callback for HTTP_POST, and POSTFIELDSIZE is not set, + automatically add a Transfer-Encoding: chunked header, same as it is + already done for HTTP_PUT, HTTP_POST_FORM and HTTP_POST_MIME. Update + test 1514 according to the new behaviour. + + Closes #4138 + +Jay Satiro (29 Jul 2019) +- [Daniel Stenberg brought this change] + + winbuild: add vquic to list of build directories + + This fixes the winbuild build method which broke several days ago + when experimental quic support was added in 3af0e76. + + Reported-by: Michael Lee + + Fixes https://github.com/curl/curl/issues/4158 + +- easy: resize receive buffer on easy handle reset + + - In curl_easy_reset attempt to resize the receive buffer to its default + size. If realloc fails then continue using the previous size. + + Prior to this change curl_easy_reset did not properly handle resetting + the receive buffer (data->state.buffer). It reset the variable holding + its size (data->set.buffer_size) to the default size (READBUFFER_SIZE) + but then did not actually resize the buffer. If a user resized the + buffer by using CURLOPT_BUFFERSIZE to set the size smaller than the + default, later called curl_easy_reset and attempted to reuse the handle + then a heap overflow would very likely occur during that handle's next + transfer. + + Reported-by: Felix Hädicke + + Fixes https://github.com/curl/curl/issues/4143 + Closes https://github.com/curl/curl/pull/4145 + +- [Brad Spencer brought this change] + + examples: Avoid reserved names in hiperfifo examples + + - Trade in __attribute__((unused)) for the classic (void)x to silence + unused symbols. + + Because the classic way is not gcc specific. Also because the prior + method mapped to symbol _Unused, which starts with _ and a capital + letter which is reserved. + + Assisted-by: The Infinnovation team + + Bug: https://github.com/curl/curl/issues/4120#issuecomment-512542108 + + Closes https://github.com/curl/curl/pull/4153 + +Daniel Stenberg (25 Jul 2019) +- RELEASE-NOTES: synced + +- [Felix Hädicke brought this change] + + ssh-libssh: do not specify O_APPEND when not in append mode + + Specifying O_APPEND in conjunction with O_TRUNC and O_CREAT does not + make much sense. And this combination of flags is not accepted by all + SFTP servers (at least not Apache SSHD). + + Fixes #4147 + Closes #4148 + +- [Gergely Nagy brought this change] + + multi: call detach_connection before Curl_disconnect + + Curl_disconnect bails out if conn->easyq is not empty, detach_connection + needs to be called first to remove the current easy from the queue. + + Fixes #4144 + Closes #4151 + +Jay Satiro (23 Jul 2019) +- tool_operate: fix implicit call to easysrc_cleanup + + easysrc_cleanup is only defined when CURL_DISABLE_LIBCURL_OPTION is not + defined, and prior to this change would be called regardless. + + Bug: https://github.com/curl/curl/pull/3804#issuecomment-513922637 + Reported-by: Marcel Raad + + Closes https://github.com/curl/curl/pull/4142 + +Daniel Stenberg (22 Jul 2019) +- curl:create_transfers check return code from curl_easy_setopt + + From commit b8894085 + + Pointed out by Coverity CID 1451703 + + Closes #4134 + +- HTTP3: initial (experimental) support + + USe configure --with-ngtcp2 or --with-quiche + + Using either option will enable a HTTP3 build. + Co-authored-by: Alessandro Ghedini <alessandro@ghedini.me> + + Closes #3500 + +- curl: remove dead code + + The loop never loops (since b889408500), pointed out by Coverity (CID + 1451702) + + Closes #4133 + +- docs/PARALLEL-TRANSFERS: correct the version number + +- docs/PARALLEL-TRANSFERS: added + +- curl: support parallel transfers + + This is done by making sure each individual transfer is first added to a + linked list as then they can be performed serially, or at will, in + parallel. + + Closes #3804 + +- docs/MANUAL.md: converted to markdown from plain text + + ... will make it render as a nicer web page. + + Closes #4131 + +- curl_version_info: provide nghttp2 details + + Introducing CURLVERSION_SIXTH with nghttp2 info. + + Closes #4121 + +- bump: start working on 7.66.0 + +- source: remove names from source comments + + Several reasons: + + - we can't add everyone who's helping out so its unfair to just a few + selected ones. + - we already list all helpers in THANKS and in RELEASE-NOTES for each + release + - we don't want to give the impression that some parts of the code is + "owned" or "controlled" by specific persons + + Assisted-by: Daniel Gustafsson + Closes #4129 + Version 7.65.3 (19 Jul 2019) Daniel Stenberg (19 Jul 2019) @@ -59,7 +1349,7 @@ Jay Satiro (17 Jul 2019) Closes https://github.com/curl/curl/pull/4118 -- [georgeok brought this change] +- [Giorgos Oikonomou brought this change] CIPHERS.md: Explain Schannel error SEC_E_ALGORITHM_MISMATCH @@ -3621,7 +4911,7 @@ Jay Satiro (25 Feb 2019) Fixes https://github.com/curl/curl/issues/3595 Closes https://github.com/curl/curl/pull/3596 -- [georgeok brought this change] +- [Giorgos Oikonomou brought this change] schannel: support CALG_ECDH_EPHEM algorithm @@ -4651,7 +5941,7 @@ Daniel Stenberg (4 Feb 2019) CVE-2018-16890 Marcel Raad (1 Feb 2019) -- [georgeok brought this change] +- [Giorgos Oikonomou brought this change] spnego_sspi: add support for channel binding @@ -4824,7 +6114,7 @@ Daniel Stenberg (19 Jan 2019) Closes #3484 Marcel Raad (19 Jan 2019) -- [georgeok brought this change] +- [Giorgos Oikonomou brought this change] ntlm_sspi: add support for channel binding @@ -6333,1683 +7623,3 @@ Daniel Stenberg (12 Nov 2018) practice". Closes #3225 - -- curl: --local-port range was not "including" - - The end port number in a given range was not included in the range used, - as it is documented to be. - - Reported-by: infinnovation-dev on github - Fixes #3251 - Closes #3255 - -- [Jérémy Rocher brought this change] - - openssl: support BoringSSL TLS renegotiation - - As per BoringSSL porting documentation [1], BoringSSL rejects peer - renegotiations by default. - - curl fails when trying to authenticate to server through client - certificate if it is requested by server after the initial TLS - handshake. - - Enable renegotiation by default with BoringSSL to get same behavior as - with OpenSSL. This is done by calling SSL_set_renegotiate_mode [2] - which was introduced in commit 1d5ef3bb1eb9 [3]. - - 1 - https://boringssl.googlesource.com/boringssl/+/HEAD/PORTING.md#tls-renegotiation - 2 - https://boringssl.googlesource.com/boringssl/+/master/include/openssl/ssl.h#3482 - 3 - https://boringssl.googlesource.com/boringssl/+/1d5ef3bb1eb97848617db5e7d633d735a401df86 - - Signed-off-by: Jérémy Rocher <rocher.jeremy@gmail.com> - Fixes #3258 - Closes #3259 - -- HISTORY: add some milestones - - Added a few of the more notable milestones in curl history that were - missing. Primarily more recent ones but I also noted some older that - could be worth mentioning. - - [ci skip] - Closes #3257 - -Daniel Gustafsson (9 Nov 2018) -- KNOWN_BUGS: add --proxy-any connection issue - - Add the identified issue with --proxy-any and proxy servers which - advertise authentication schemes other than the supported one. - - Closes #876 - Closes #3250 - Reported-by: NTMan on Github - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -Daniel Stenberg (9 Nov 2018) -- [Jim Fuller brought this change] - - setopt: add CURLOPT_CURLU - - Allows an application to pass in a pre-parsed URL via a URL handle. - - Closes #3227 - -- [Gisle Vanem brought this change] - - docs: ESCape "\n" codes - - Groff / Troff will display a: - printaf("Errno: %ld\n", error); - as: - printf("Errno: %ld0, error); - - when a "\n" is not escaped. Use "\\n" instead. - - Closes #3246 - -- curl: --local-port fix followup - - Regression by 52db54869e6. - - Reported-by: infinnovation-dev on github - Fixes #3248 - Closes #3249 - -GitHub (7 Nov 2018) -- [Gisle Vanem brought this change] - - More "\n" ESCaping - -Daniel Stenberg (7 Nov 2018) -- RELEASE-NOTES: synced - -- curl: fix --local-port integer overflow - - The tool's local port command line range parser didn't check for integer - overflows and could pass "weird" data to libcurl for this option. - libcurl however, has a strict range check for the values so it rejects - anything outside of the accepted range. - - Reported-by: Brian Carpenter - Closes #3242 - -- curl: correct the switch() logic in ourWriteOut - - Follow-up to e431daf013, as I did the wrong correction for a compiler - warning. It should be a break and not a fall-through. - - Pointed-out-by: Frank Gevaerts - -- [Frank Gevaerts brought this change] - - curl: add %{stderr} and %{stdout} for --write-out - - Closes #3115 - -Daniel Gustafsson (7 Nov 2018) -- winssl: be consistent in Schannel capitalization - - The productname from Microsoft is "Schannel", but in infof/failf - reporting we use "schannel". This removes different versions. - - Closes #3243 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -Daniel Stenberg (7 Nov 2018) -- TODO: Have the URL API offer IDN decoding - - Similar to how URL decoding/encoding is done, we could have URL - functions to convert IDN host names to punycode. - - Suggested-by: Alexey Melnichuk - Closes #3232 - -- urlapi: only skip encoding the first '=' with APPENDQUERY set - - APPENDQUERY + URLENCODE would skip all equals signs but now it only skip - encoding the first to better allow "name=content" for any content. - - Reported-by: Alexey Melnichuk - Fixes #3231 - Closes #3231 - -- url: a short host name + port is not a scheme - - The function identifying a leading "scheme" part of the URL considered a - few letters ending with a colon to be a scheme, making something like - "short:80" to become an unknown scheme instead of a short host name and - a port number. - - Extended test 1560 to verify. - - Also fixed test203 to use file_pwd to make it get the correct path on - windows. Removed test 2070 since it was a duplicate of 203. - - Assisted-by: Marcel Raad - Reported-by: Hagai Auro - Fixes #3220 - Fixes #3233 - Closes #3223 - Closes #3235 - -- [Sangamkar brought this change] - - libcurl: stop reading from paused transfers - - In the transfer loop it would previously not acknwledge the pause bit - and continue until drained or loop ended. - - Closes #3240 - -Jay Satiro (6 Nov 2018) -- tool: add undocumented option --dump-module-paths for win32 - - - Add an undocumented diagnostic option for Windows to show the full - paths of all loaded modules regardless of whether or not libcurl - initialization succeeds. - - This is needed so that in the CI we can get a list of all DLL - dependencies after initialization (when they're most likely to have - finished loading) and then package them as artifacts so that a - functioning build can be downloaded. Also I imagine it may have some use - as a diagnostic for help requests. - - Ref: https://github.com/curl/curl/pull/3103 - - Closes https://github.com/curl/curl/pull/3208 - -- curl_multibyte: fix a malloc overcalculation - - Prior to this change twice as many bytes as necessary were malloc'd when - converting wchar to UTF8. To allay confusion in the future I also - changed the variable name for the amount of bytes from len to bytes. - - Closes https://github.com/curl/curl/pull/3209 - -Michael Kaufmann (5 Nov 2018) -- netrc: don't ignore the login name specified with "--user" - - - for "--netrc", don't ignore the login/password specified with "--user", - only ignore the login/password in the URL. - This restores the netrc behaviour of curl 7.61.1 and earlier. - - fix the documentation of CURL_NETRC_REQUIRED - - improve the detection of login/password changes when reading .netrc - - don't read .netrc if both login and password are already set - - Fixes #3213 - Closes #3224 - -Patrick Monnerat (5 Nov 2018) -- OS400: add URL API ccsid wrappers and sync ILE/RPG bindings - -Daniel Stenberg (5 Nov 2018) -- [Yasuhiro Matsumoto brought this change] - - curl: fixed UTF-8 in current console code page (Windows) - - Fixes #3211 - Fixes #3175 - Closes #3212 - -- TODO: 2.6 multi upkeep - - Closes #3199 - -Daniel Gustafsson (5 Nov 2018) -- unittest: make 1652 stable across collations - - The previous coding used a format string whose output depended on the - current locale of the environment running the test. Since the gist of - the test is to have a format string, with the actual formatting being - less important, switch to a more stable formatstring with decimals. - - Reported-by: Marcel Raad - Closes #3234 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com> - -Daniel Stenberg (5 Nov 2018) -- Revert "url: a short host name + port is not a scheme" - - This reverts commit 226cfa8264cd979eff3fd52c0f3585ef095e7cf2. - - This commit caused test failures on appveyor/windows. Work on fixing them is - in #3235. - -- symbols-in-versions: add missing CURLU_ symbols - - ...and fix symbol-scan.pl to also scan urlapi.h - - Reported-by: Alexey Melnichuk - Fixes #3226 - Closes #3230 - -Daniel Gustafsson (3 Nov 2018) -- infof: clearly indicate truncation - - The internal buffer in infof() is limited to 2048 bytes of payload plus - an additional byte for NULL termination. Servers with very long error - messages can however cause truncation of the string, which currently - isn't very clear, and leads to badly formatted output. - - This appends a "...\n" (or just "..." in case the format didn't with a - newline char) marker to the end of the string to clearly show - that it has been truncated. - - Also include a unittest covering infof() to try and catch any bugs - introduced in this quite important function. - - Closes #3216 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com> - -Michael Kaufmann (3 Nov 2018) -- tool_getparam: fix some comments - -Daniel Stenberg (3 Nov 2018) -- url: a short host name + port is not a scheme - - The function identifying a leading "scheme" part of the URL considered a few - letters ending with a colon to be a scheme, making something like "short:80" - to become an unknown scheme instead of a short host name and a port number. - - Extended test 1560 to verify. - - Reported-by: Hagai Auro - Fixes #3220 - Closes #3223 - -- URL: fix IPv6 numeral address parser - - Regression from 46e164069d1a52. Extended test 1560 to verify. - - Reported-by: tpaukrt on github - Fixes #3218 - Closes #3219 - -- travis: remove curl before a normal build - - on Linux. To make sure the test suite runs with its newly build tool and - doesn't require an external one present. - - Bug: #3198 - Closes #3200 - -- [Tim Rühsen brought this change] - - mprintf: avoid unsigned integer overflow warning - - The overflow has no real world impact. - Just avoid it for "best practice". - - Code change suggested by "The Infinnovation Team" and Daniel Stenberg. - Closes #3184 - -- Curl_follow: accept non-supported schemes for "fake" redirects - - When not actually following the redirect and the target URL is only - stored for later retrieval, curl always accepted "non-supported" - schemes. This was a regression from 46e164069d1a5230. - - Reported-by: Brad King - Fixes #3210 - Closes #3215 - -Daniel Gustafsson (2 Nov 2018) -- openvms: fix example name - - Commit efc696a2e09225bfeab4 renamed persistant.c to persistent.c to - fix the typo in the name, but missed to update the OpenVMS package - files which still looked for the old name. - - Closes #3217 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - Reviewed-by: Viktor Szakats <commit@vszakats.net> - -Daniel Stenberg (1 Nov 2018) -- configure: show CFLAGS, LDFLAGS etc in summary - - To make it easier to understand other people's and remote builds etc. - - Closes #3207 - -- version: bump for next cycle - -- axtls: removed - - As has been outlined in the DEPRECATE.md document, the axTLS code has - been disabled for 6 months and is hereby removed. - - Use a better supported TLS library! - - Assisted-by: Daniel Gustafsson - Closes #3194 - -- [marcosdiazr brought this change] - - schannel: make CURLOPT_CERTINFO support using Issuer chain - - Closes #3197 - -- travis: build with sanitize=address,undefined,signed-integer-overflow - - ... using clang - - Closes #3190 - -- schannel: use Curl_ prefix for global private symbols - - Curl_verify_certificate() must use the Curl_ prefix since it is globally - available in the lib and otherwise steps outside of our namespace! - - Closes #3201 - -Kamil Dudka (1 Nov 2018) -- tests: drop http_pipe.py script no longer used - - It is unused since commit f7208df7d9d5cd5e15e2d89237e828f32b63f135. - - Closes #3204 - -Daniel Stenberg (31 Oct 2018) -- runtests: use the local curl for verifying - - ... revert the mistaken change brought in commit 8440616f53. - - Reported-by: Alessandro Ghedini - Bug: https://curl.haxx.se/mail/lib-2018-10/0118.html - - Closes #3198 - -Version 7.62.0 (30 Oct 2018) - -Daniel Stenberg (30 Oct 2018) -- RELEASE-NOTES: 7.62.0 - -- THANKS: 7.62.0 status - -Daniel Gustafsson (30 Oct 2018) -- vtls: add MesaLink to curl_sslbackend enum - - MesaLink support was added in commit 57348eb97d1b8fc3742e02c but the - backend was never added to the curl_sslbackend enum in curl/curl.h. - This adds the new backend to the enum and updates the relevant docs. - - Closes #3195 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -Daniel Stenberg (30 Oct 2018) -- [Ruslan Baratov brought this change] - - cmake: Remove unused CURL_CONFIG_HAS_BEEN_RUN_BEFORE variable - - Closes #3191 - -- test2080: verify the fix for CVE-2018-16842 - -- voutf: fix bad arethmetic when outputting warnings to stderr - - CVE-2018-16842 - Reported-by: Brian Carpenter - Bug: https://curl.haxx.se/docs/CVE-2018-16842.html - -- [Tuomo Rinne brought this change] - - cmake: uniform ZLIB to use USE_ variable and clean curl-config.cmake.in - - Closes #3123 - -- [Tuomo Rinne brought this change] - - cmake: add find_dependency call for ZLIB to CMake config file - -- [Tuomo Rinne brought this change] - - cmake: add support for transitive ZLIB target - -- unit1650: fix "null pointer passed as argument 1 to memcmp" - - Detected by UndefinedBehaviorSanitizer - - Closes #3187 - -- travis: add a "make tidy" build that runs clang-tidy - - Closes #3182 - -- unit1300: fix stack-use-after-scope AddressSanitizer warning - - Closes #3186 - -- Curl_auth_create_plain_message: fix too-large-input-check - - CVE-2018-16839 - Reported-by: Harry Sintonen - Bug: https://curl.haxx.se/docs/CVE-2018-16839.html - -- Curl_close: clear data->multi_easy on free to avoid use-after-free - - Regression from b46cfbc068 (7.59.0) - CVE-2018-16840 - Reported-by: Brian Carpenter (Geeknik Labs) - - Bug: https://curl.haxx.se/docs/CVE-2018-16840.html - -- [randomswdev brought this change] - - system.h: use proper setting with Sun C++ as well - - system.h selects the proper Sun settings when __SUNPRO_C is defined. The - Sun compiler does not define it when compiling C++ files. I'm adding a - check also on __SUNPRO_CC to allow curl to work properly also when used - in a C++ project on Sun Solaris. - - Closes #3181 - -- rand: add comment to skip a clang-tidy false positive - -- test1651: unit test Curl_extract_certinfo() - - The version used for Gskit, NSS, GnuTLS, WolfSSL and schannel. - -- x509asn1: always check return code from getASN1Element() - -- Makefile: add 'tidy' target that runs clang-tidy - - Available in the root, src and lib dirs. - - Closes #3163 - -- RELEASE-PROCEDURE: adjust the release dates - - See: https://curl.haxx.se/mail/lib-2018-10/0107.html - -Patrick Monnerat (27 Oct 2018) -- x509asn1: suppress left shift on signed value - - Use an unsigned variable: as the signed operation behavior is undefined, - this change silents clang-tidy about it. - - Ref: https://github.com/curl/curl/pull/3163 - Reported-By: Daniel Stenberg - -Michael Kaufmann (27 Oct 2018) -- multi: Fix error handling in the SENDPROTOCONNECT state - - If Curl_protocol_connect() returns an error code, - handle the error instead of switching to the next state. - - Closes #3170 - -Daniel Stenberg (27 Oct 2018) -- RELEASE-NOTES: synced - -- openssl: output the correct cipher list on TLS 1.3 error - - When failing to set the 1.3 cipher suite, the wrong string pointer would - be used in the error message. Most often saying "(nil)". - - Reported-by: Ricky-Tigg on github - Fixes #3178 - Closes #3180 - -- docs/CIPHERS: fix the TLS 1.3 cipher names - - ... picked straight from the OpenSSL man page: - https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_ciphersuites.html - - Reported-by: Ricky-Tigg on github - Bug: #3178 - -Marcel Raad (27 Oct 2018) -- travis: install gnutls-bin package - - This is required for gnutls-serv, which enables a few more tests. - - Closes https://github.com/curl/curl/pull/2958 - -Daniel Gustafsson (26 Oct 2018) -- ssh: free the session on init failures - - Ensure to clear the session object in case the libssh2 initialization - fails. - - It could be argued that the libssh2 error function should be called to - get a proper error message in this case. But since the only error path - in libssh2_knownhost_init() is memory a allocation failure it's safest - to avoid since the libssh2 error handling allocates memory. - - Closes #3179 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -Daniel Stenberg (26 Oct 2018) -- docs/RELEASE-PROCEDURE: remove old entries, modify the Dec 2018 date - - ... I'm moving it up one week due to travels. The rest stays. - -- [Daniel Gustafsson brought this change] - - openssl: make 'done' a proper boolean - - Closes #3176 - -- gtls: Values stored to but never read - - Detected by clang-tidy - - Closes #3176 - -- [Alexey Eremikhin brought this change] - - curl.1: --ipv6 mutexes ipv4 (fixed typo) - - Fixes #3171 - Closes #3172 - -- tool_main: make TerminalSettings static - - Reported-by: Gisle Vanem - Bug: https://github.com/curl/curl/commit/becfe1233ff2b6b0c3e1b6a10048b55b68c2539f#commitcomment-31008819 - Closes #3161 - -- curl-config.in: remove dependency on bc - - Reported-by: Dima Pasechnik - Fixes #3143 - Closes #3174 - -- [Gisle Vanem brought this change] - - rtmp: fix for compiling with lwIP - - Compiling on _WIN32 and with USE_LWIPSOCK, causes this error: - curl_rtmp.c(223,3): error: use of undeclared identifier 'setsockopt' - setsockopt(r->m_sb.sb_socket, SOL_SOCKET, SO_RCVTIMEO, - ^ - curl_rtmp.c(41,32): note: expanded from macro 'setsockopt' - #define setsockopt(a,b,c,d,e) (setsockopt)(a,b,c,(const char *)d,(int)e) - ^ - Closes #3155 - -- configure: remove CURL_CONFIGURE_CURL_SOCKLEN_T - - Follow-up to #3166 which did the cmake part of this. This type/define is - not used. - - Closes #3168 - -- [Ruslan Baratov brought this change] - - cmake: remove unused variables - - Remove variables: - * HAVE_SOCKLEN_T - * CURL_SIZEOF_CURL_SOCKLEN_T - * CURL_TYPEOF_CURL_SOCKLEN_T - - Closes #3166 - -Michael Kaufmann (25 Oct 2018) -- urldata: Fix comment in header - - The "connecting" function is used by multiple protocols, not only FTP - -- netrc: free temporary strings if memory allocation fails - - - Change the inout parameters after all needed memory has been - allocated. Do not change them if something goes wrong. - - Free the allocated temporary strings if strdup() fails. - - Closes #3122 - -Daniel Stenberg (24 Oct 2018) -- [Ruslan Baratov brought this change] - - config: Remove unused SIZEOF_VOIDP - - Closes #3162 - -- RELEASE-NOTES: synced - -GitHub (23 Oct 2018) -- [Gisle Vanem brought this change] - - Fix for compiling with lwIP (3) - - lwIP on Windows does not have a WSAIoctl() function. - But it do have a SO_SNDBUF option to lwip_setsockopt(). But it currently does nothing. - -Daniel Stenberg (23 Oct 2018) -- Curl_follow: return better errors on URL problems - - ... by making the converter function global and accessible. - - Closes #3153 - -- Curl_follow: remove remaining free(newurl) - - Follow-up to 05564e750e8f0c. This function no longer frees the passed-in - URL. - - Reported-by: Michael Kaufmann - Bug: https://github.com/curl/curl/commit/05564e750e8f0c79016c680f301ce251e6e86155#commitcomm - ent-30985666 - -Daniel Gustafsson (23 Oct 2018) -- headers: end all headers with guard comment - - Most headerfiles end with a /* <headerguard> */ comment, but it was - missing from some. The comment isn't the most important part of our - code documentation but consistency has an intrinsic value in itself. - This adds header guard comments to the files that were lacking it. - - Closes #3158 - Reviewed-by: Jay Satiro <raysatiro@yahoo.com> - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -Jay Satiro (23 Oct 2018) -- CIPHERS.md: Mention the options used to set TLS 1.3 ciphers - - Closes https://github.com/curl/curl/pull/3159 - -Daniel Stenberg (20 Oct 2018) -- docs/BUG-BOUNTY: the sponsors actually decide the amount - - Retract the previous approach as the sponsors will be the ones to set the - final amounts. - - Closes #3152 - [ci skip] - -- multi: avoid double-free - - Curl_follow() no longer frees the string. Make sure it happens in the - caller function, like we normally handle allocations. - - This bug was introduced with the use of the URL API internally, it has - never been in a release version - - Reported-by: Dario Weißer - Closes #3149 - -- multi: make the closure handle "inherit" CURLOPT_NOSIGNAL - - Otherwise, closing that handle can still cause surprises! - - Reported-by: Martin Ankerl - Fixes #3138 - Closes #3147 - -Marcel Raad (19 Oct 2018) -- VS projects: add USE_IPV6 - - The Visual Studio builds didn't use IPv6. Add it to all projects since - Visual Studio 2008, which is verified to build via AppVeyor. - - Closes https://github.com/curl/curl/pull/3137 - -- config_win32: enable LDAPS - - As done in the autotools and CMake builds by default. - - Closes https://github.com/curl/curl/pull/3137 - -Daniel Stenberg (18 Oct 2018) -- travis: add build for "configure --disable-verbose" - - Closes #3144 - -Kamil Dudka (17 Oct 2018) -- tool_cb_hdr: handle failure of rename() - - Detected by Coverity. - - Closes #3140 - Reviewed-by: Jay Satiro - -Daniel Stenberg (17 Oct 2018) -- RELEASE-NOTES: synced - -- docs/SECURITY-PROCESS: the hackerone IBB program drops curl - - ... now there's only BountyGraph. - -Jay Satiro (16 Oct 2018) -- [Matthew Whitehead brought this change] - - x509asn1: Fix SAN IP address verification - - For IP addresses in the subject alternative name field, the length - of the IP address (and hence the number of bytes to perform a - memcmp on) is incorrectly calculated to be zero. The code previously - subtracted q from name.end. where in a successful case q = name.end - and therefore addrlen equalled 0. The change modifies the code to - subtract name.beg from name.end to calculate the length correctly. - - The issue only affects libcurl with GSKit SSL, not other SSL backends. - The issue is not a security issue as IP verification would always fail. - - Fixes #3102 - Closes #3141 - -Daniel Gustafsson (15 Oct 2018) -- INSTALL: mention mesalink in TLS section - - Commit 57348eb97d1b8fc3742e02c6587d2d02ff592da5 added support for the - MesaLink vtls backend, but missed updating the TLS section containing - supported backends in the docs. - - Closes #3134 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -Marcel Raad (14 Oct 2018) -- nonblock: fix unused parameter warning - - If USE_BLOCKING_SOCKETS is defined, curlx_nonblock's arguments are not - used. - -Michael Kaufmann (13 Oct 2018) -- Curl_follow: Always free the passed new URL - - Closes #3124 - -Viktor Szakats (12 Oct 2018) -- replace rawgit links [ci skip] - - Ref: https://rawgit.com/ "RawGit has reached the end of its useful life" - Ref: https://news.ycombinator.com/item?id=18202481 - Closes https://github.com/curl/curl/pull/3131 - -Daniel Stenberg (12 Oct 2018) -- docs/BUG-BOUNTY.md: for vulns published since Aug 1st 2018 - - [ci skip] - -- travis: make distcheck scan for BOM markers - - and remove BOM from projects/wolfssl_override.props - - Closes #3126 - -Marcel Raad (11 Oct 2018) -- CMake: remove BOM - - Accidentally aded in commit 1bb86057ff07083deeb0b00f8ad35879ec4d03ea. - - Reported-by: Viktor Szakats - Ref: https://github.com/curl/curl/pull/3120#issuecomment-428673136 - -Daniel Gustafsson (10 Oct 2018) -- transfer: fix typo in comment - -Michael Kaufmann (10 Oct 2018) -- docs: add "see also" links for SSL options - - - link TLS 1.2 and TLS 1.3 options - - link proxy and non-proxy options - - Closes #3121 - -Marcel Raad (10 Oct 2018) -- AppVeyor: remove BDIR variable that sneaked in again - - Removed in ae762e1abebe3a5fe75658583c85059a0957ef6e, accidentally added - again in 9f3be5672dc4dda30ab43e0152e13d714a84d762. - -- CMake: disable -Wpedantic-ms-format - - As done in the autotools build. This is required for MinGW, which - supports only %I64 for printing 64-bit values, but warns about it. - - Closes https://github.com/curl/curl/pull/3120 - -Viktor Szakats (9 Oct 2018) -- ldap: show precise LDAP call in error message on Windows - - Also add a unique but common text ('bind via') to make it - easy to grep this specific failure regardless of platform. - - Ref: https://github.com/curl/curl/pull/878/files#diff-7a636f08047c4edb53a240f540b4ecf6R468 - Closes https://github.com/curl/curl/pull/3118 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com> - -Daniel Stenberg (9 Oct 2018) -- docs/DEPRECATE: minor reformat to render nicer on web - -Daniel Gustafsson (9 Oct 2018) -- CURLOPT_SSL_VERIFYSTATUS: Fix typo - - Changes s/OSCP/OCSP/ and bumps the copyright year due to the change. - -Marcel Raad (9 Oct 2018) -- curl_setup: define NOGDI on Windows - - This avoids an ERROR macro clash between <wingdi.h> and <arpa/tftp.h> - on MinGW. - - Closes https://github.com/curl/curl/pull/3113 - -- Windows: fixes for MinGW targeting Windows Vista - - Classic MinGW has neither InitializeCriticalSectionEx nor - GetTickCount64, independent of the target Windows version. - - Closes https://github.com/curl/curl/pull/3113 - -Daniel Stenberg (8 Oct 2018) -- TODO: fixed 'API for URL parsing/splitting' - -Daniel Gustafsson (8 Oct 2018) -- KNOWN_BUGS: Fix various typos - - Closes #3112 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -Viktor Szakats (8 Oct 2018) -- spelling fixes [ci skip] - - as detected by codespell 1.14.0 - - Closes https://github.com/curl/curl/pull/3114 - Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com> - -Daniel Stenberg (8 Oct 2018) -- RELEASE-NOTES: synced - -- curl_ntlm_wb: check aprintf() return codes - - ... when they return NULL we're out of memory and MUST return failure. - - closes #3111 - -- docs/BUG-BOUNTY: proposed additional docs - - Bug bounty explainer. See https://bountygraph.com/programs/curl - - Closes #3067 - -- [Rick Deist brought this change] - - hostip: fix check on Curl_shuffle_addr return value - - Closes #3110 - -- FILE: fix CURLOPT_NOBODY and CURLOPT_HEADER output - - Now FILE transfers send headers to the header callback like HTTP and - other protocols. Also made curl_easy_getinfo(...CURLINFO_PROTOCOL...) - work for FILE in the callbacks. - - Makes "curl -i file://.." and "curl -I file://.." work like before - again. Applied the bold header logic to them too. - - Regression from c1c2762 (7.61.0) - - Reported-by: Shaun Jackman - Fixes #3083 - Closes #3101 - -Daniel Gustafsson (7 Oct 2018) -- gskit: make sure to terminate version string - - In case a very small buffer was passed to the version function, it could - result in the buffer not being NULL-terminated since strncpy() doesn't - guarantee a terminator on an overflowed buffer. Rather than adding code - to terminate (and handle zero-sized buffers), move to using snprintf() - instead like all the other vtls backends. - - Closes #3105 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - Reviewed-by: Viktor Szakats <commit@vszakats.net> - -- TODO: add LD_PRELOAD support on macOS - - Add DYLD_INSERT_LIBRARIES support to the TODO list. Reported in #2394. - -- runtests: skip ld_preload tests on macOS - - The LD_PRELOAD functionality doesn't exist on macOS, so skip any tests - requiring it. - - Fixes #2394 - Closes #3106 - Reported-by: Github user @jakirkham - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -Marcel Raad (7 Oct 2018) -- AppVeyor: use Debug builds to run tests - - This enables more tests. - - Closes https://github.com/curl/curl/pull/3104 - -- AppVeyor: add HTTP_ONLY build - - Closes https://github.com/curl/curl/pull/3104 - -- AppVeyor: add WinSSL builds - - Use the oldest and latest Windows SDKs for them. - Also, remove all but one OpenSSL build. - - Closes https://github.com/curl/curl/pull/3104 - -- AppVeyor: add remaining Visual Studio versions - - This adds Visual Studio 9 and 10 builds. - There's no 64-bit VC9 compiler on AppVeyor, so use it as the Win32 - build. Also, VC9 cannot be used for running the test suite. - - Closes https://github.com/curl/curl/pull/3104 - -- AppVeyor: break long line - - Closes https://github.com/curl/curl/pull/3104 - -- AppVeyor: remove unused BDIR variable - - Closes https://github.com/curl/curl/pull/3104 - -Daniel Stenberg (6 Oct 2018) -- test2100: test DoH using IPv4-only - - To make it only send one DoH request and avoid the race condition that - could lead to the requests getting sent in reversed order and thus - making it hard to compare in the test case. - - Fixes #3107 - Closes #3108 - -- tests/FILEFORMAT: mention how to use <fileN> and <stripfileN> too - - [ci skip] - -- RELEASE-NOTES: synced - -- [Dmitry Kostjuchenko brought this change] - - timeval: fix use of weak symbol clock_gettime() on Apple platforms - - Closes #3048 - -- doh: keep the IPv4 address in (original) network byte order - - Ideally this will fix the reversed order shown in SPARC tests: - - resp 8: Expected 127.0.0.1 got 1.0.0.127 - - Closes #3091 - -Jay Satiro (5 Oct 2018) -- INTERNALS.md: wrap lines longer than 79 - -Daniel Gustafsson (5 Oct 2018) -- INTERNALS: escape reference to parameter - - The parameter reference <string> was causing rendering issues in the - generated HTML page, as <string> isn't a valid HTML tag. Fix by back- - tick escaping it. - - Closes #3099 - Reviewed-by: Jay Satiro <raysatiro@yahoo.com> - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -- checksrc: handle zero scoped ignore commands - - If a !checksrc! disable command specified to ignore zero errors, it was - still added to the ignore block even though nothing was ignored. While - there were no blocks ignored that shouldn't be ignored, the processing - ended with with a warning: - - <filename>:<line>:<col>: warning: Unused ignore: LONGLINE (UNUSEDIGNORE) - /* !checksrc! disable LONGLINE 0 */ - ^ - Fix by instead treating a zero ignore as a a badcommand and throw a - warning for that one. - - Closes #3096 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -- checksrc: enable strict mode and warnings - - Enable strict and warnings mode for checksrc to ensure we aren't missing - anything due to bugs in the checking code. This uncovered a few things - which are all fixed in this commit: - - * several variables were used uninitialized - * several variables were not defined in the correct scope - * the whitelist filehandle was read even if the file didn't exist - * the enable_warn() call when a disable counter had expired was passing - incorrect variables, but since the checkwarn() call is unlikely to hit - (the counter is only decremented to zero on actual ignores) it didn't - manifest a problem. - - Closes #3090 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com> - -Marcel Raad (5 Oct 2018) -- CMake: suppress MSVC warning C4127 for libtest - - It's issued by older Windows SDKs (prior to version 8.0). - -Sergei Nikulov (5 Oct 2018) -- Merge branch 'dmitrykos-fix_missing_CMake_defines' - -- [Dmitry Kostjuchenko brought this change] - - cmake: test and set missed defines during configuration - - Added configuration checks for HAVE_BUILTIN_AVAILABLE and HAVE_CLOCK_GETTIME_MONOTONIC. - - Closes #3097 - -Marcel Raad (5 Oct 2018) -- AppVeyor: disable test 500 - - It almost always results in - "starttransfer vs total: 0.000001 0.000000". - I cannot reproduce this locally, so disable it for now. - - Closes https://github.com/curl/curl/pull/3100 - -- AppVeyor: set custom install prefix - - CMake's default has spaces and in 32-bit mode parentheses, which result - in syntax errors in curl-config. - - Closes https://github.com/curl/curl/pull/3100 - -- AppVeyor: Remove non-SSL non-test builds - - They don't add much value. - - Closes https://github.com/curl/curl/pull/3100 - -- AppVeyor: run test suite - - Use the preinstalled MSYS2 bash for that. - Disable test 1139 as the CMake build doesn't generate curl.1. - - Ref: https://github.com/curl/curl/issues/3070#issuecomment-425922224 - Closes https://github.com/curl/curl/pull/3100 - -- AppVeyor: use in-tree build - - Required to run the tests. - - Closes https://github.com/curl/curl/pull/3100 - -Daniel Stenberg (4 Oct 2018) -- doh: make sure TTL isn't re-inited by second (discarded?) response - - Closes #3092 - -- test320: strip out more HTML when comparing - - To make the test case work with different gnutls-serv versions better. - - Reported-by: Kamil Dudka - Fixes #3093 - Closes #3094 - -Marcel Raad (4 Oct 2018) -- runtests: use Windows paths for Windows curl - - curl generated by CMake's Visual Studio generator has "Windows" in the - version number. - -Daniel Stenberg (4 Oct 2018) -- [Colin Hogben brought this change] - - tests/negtelnetserver.py: fix Python2-ism in neg TELNET server - - Fix problems caused by differences in treatment of bytes objects between - python2 and python3. - - Fixes #2929 - Closes #3080 - -Daniel Gustafsson (3 Oct 2018) -- memory: ensure to check allocation results - - The result of a memory allocation should always be checked, as we may - run under memory pressure where even a small allocation can fail. This - adds checking and error handling to a few cases where the allocation - wasn't checked for success. In the ftp case, the freeing of the path - variable is moved ahead of the allocation since there is little point - in keeping it around across the strdup, and the separation makes for - more readable code. In nwlib, the lock is aslo freed in the error path. - - Also bumps the copyright years on affected files. - - Closes #3084 - Reviewed-by: Jay Satiro <raysatiro@yahoo.com> - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -- comment: Fix multiple typos in function parameters - - Ensure that the parameters in the comment match the actual names in the - prototype. - - Closes #3079 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -- CURLOPT_SSLVERSION.3: fix typos and consistent spelling - - Use TLS vX.Y throughout the document, instead of TLS X.Y, as that was - already done in all but a few cases. Also fix a few typos. - - Closes #3076 - Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com> - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -- SECURITY-PROCESS: make links into hyperlinks - - Use proper Markdown hyperlink format for the Bountygraph links in order - for the generated website page to be more user friendly. Also link to - the sponsors to give them a little extra credit. - - Closes #3082 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -Jay Satiro (3 Oct 2018) -- CURLOPT_HEADER.3: fix typo - -- nss: fix nssckbi module loading on Windows - - - Use .DLL extension instead of .so to load modules on Windows. - - Bug: https://curl.haxx.se/mail/lib-2018-09/0077.html - Reported-by: Maxime Legros - - Ref: https://github.com/curl/curl/pull/3016/#issuecomment-423069442 - - Closes https://github.com/curl/curl/pull/3086 - -- data-binary.d: clarify default content-type is x-www-form-urlencoded - - - Advise user that --data-binary sends a default content type of - x-www-form-urlencoded, and to have the data treated as arbitrary - binary data by the server set the content-type header to octet-stream. - - Ref: https://github.com/curl/curl/pull/2852#issuecomment-426465094 - - Closes https://github.com/curl/curl/pull/3085 - -Marcel Raad (2 Oct 2018) -- test1299: use single quotes around asterisk - - Ref: https://github.com/curl/curl/issues/1751#issuecomment-321522580 - -Daniel Stenberg (2 Oct 2018) -- docs/CIPHERS: mention the colon separation for OpenSSL - - Bug: #3077 - -- runtests: ignore disabled even when ranges are given - - runtests.pl support running a range of tests, like "44 to 127". Starting - now, the code makes sure that even such given ranges will ignore tests - that are marked as disabled. - - Disabled tests can still be run by explictly specifying that test - number. - - Closes #3075 - -- urlapi: starting with a drive letter on win32 is not an abs url - - ... and libcurl doesn't support any single-letter URL schemes (if there - even exist any) so it should be fairly risk-free. - - Reported-by: Marcel Raad - - Fixes #3070 - Closes #3071 - -Marcel Raad (2 Oct 2018) -- doh: fix curl_easy_setopt argument type - - CURLOPT_POSTFIELDSIZE is long. Fixes a compiler warning on 64-bit - MinGW. - -Daniel Stenberg (2 Oct 2018) -- RELEASE-NOTES: synced - -Jay Satiro (1 Oct 2018) -- [Ruslan Baratov brought this change] - - CMake: Improve config installation - - Use 'GNUInstallDirs' standard module to set destinations of installed - files. - - Use uppercase "CURL" names instead of lowercase "curl" to match standard - 'FindCURL.cmake' CMake module: - * https://cmake.org/cmake/help/latest/module/FindCURL.html - - Meaning: - * Install 'CURLConfig.cmake' instead of 'curl-config.cmake' - * User should call 'find_package(CURL)' instead of 'find_package(curl)' - - Use 'configure_package_config_file' function to generate - 'CURLConfig.cmake' file. This will make 'curl-config.cmake.in' template - file smaller and handle components better. E.g. current configuration - report no error if user specified unknown components (note: new - configuration expects no components, report error if user will try to - specify any). - - Closes https://github.com/curl/curl/pull/2849 - -Daniel Stenberg (1 Oct 2018) -- test1650: make it depend on http/2 - - Follow-up to 570008c99da0ccbb as it gets link errors. - - Reported-by: Michael Kaufmann - Closes #3068 - -- [Nate Prewitt brought this change] - - MANUAL: minor grammar fix - - Noticed a typo reading through the docs. - - Closes #3069 - -- doh: only build if h2 enabled - - The DoH spec says "HTTP/2 [RFC7540] is the minimum RECOMMENDED version - of HTTP for use with DoH". - - Reported-by: Marcel Raad - Closes #3066 - -- test2100: require http2 to run - - Reported-by: Marcel Raad - Fixes #3064 - Closes #3065 - -- multi: fix memory leak in content encoding related error path - - ... a missing multi_done() call. - - Credit to OSS-Fuzz - Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10728 - Closes #3063 - -- travis: bump the Secure Transport build to use xcode 10 - - Due to an issue with travis - (https://github.com/travis-ci/travis-ci/issues/9956) we've been using - Xcode 9.2 for darwinssl builds for a while. Now xcode 10 is offered as - an alternative and as it builds curl+darwinssl fine that seems like a - better choice. - - Closes #3062 - -- [Rich Turner brought this change] - - curl: enabled Windows VT Support and UTF-8 output - - Enabled Console VT support (if running OS supports VT) in tool_main.c. - - Fixes #3008 - Closes #3011 - -- multi: fix location URL memleak in error path - - Follow-up to #3044 - fix a leak OSS-Fuzz detected - Closes #3057 - -Sergei Nikulov (28 Sep 2018) -- cmake: fixed path used in generation of docs/tests during curl build through add_subdicectory(...) - -- [Brad King brought this change] - - cmake: Backport to work with CMake 3.0 again - - Changes in commit 7867aaa9a0 (cmake: link curl to the OpenSSL targets - instead of lib absolute paths, 2018-07-17) and commit f826b4ce98 (cmake: - bumped minimum version to 3.4, 2018-07-19) required CMake 3.4 to fix - issue #2746. This broke support for users on older versions of CMake - even if they just want to build curl and do not care whether transitive - dependencies work. - - Backport the logic to work with CMake 3.0 again by implementing the - fix only when the version of CMake is at least 3.4. - -Marcel Raad (27 Sep 2018) -- curl_threads: fix classic MinGW compile break - - Classic MinGW still has _beginthreadex's return type as unsigned long - instead of uintptr_t [0]. uintptr_t is not even defined because of [1]. - - [0] https://sourceforge.net/p/mingw/mingw-org-wsl/ci/wsl-5.1-release/tree/mingwrt/include/process.h#l167 - [1] https://sourceforge.net/p/mingw/mingw-org-wsl/ci/wsl-5.1-release/tree/mingwrt/include/process.h#l90 - - Bug: https://github.com/curl/curl/issues/2924#issuecomment-424334807 - Closes https://github.com/curl/curl/pull/3051 - -Daniel Stenberg (26 Sep 2018) -- configure: s/AC_RUN_IFELSE/CURL_RUN_IFELSE - - fix a few leftovers - - Fixes #3006 - Closes #3049 - -- [Doron Behar brought this change] - - example/htmltidy: fix include paths of tidy libraries - - Closes #3050 - -- RELEASE-NOTES: synced - -- Curl_http2_done: fix memleak in error path - - Free 'header_recvbuf' unconditionally even if 'h2' isn't (yet) set, for - early failures. - - Detected by OSS-Fuzz - - Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10669 - Closes #3046 - -- http: fix memleak in rewind error path - - If the rewind would fail, a strdup() would not get freed. - - Detected by OSS-Fuzz - - Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10665 - Closes #3044 - -Viktor Szakats (24 Sep 2018) -- test320: fix regression in [ci skip] - - The value in question is coming directly from `gnutls-serv`, so it cannot - be modified freely. - - Reported-by: Marcel Raad - Ref: https://github.com/curl/curl/commit/6ae6b2a533e8630afbb21f570305bd4ceece6348#commitcomment-30621004 - -Daniel Stenberg (24 Sep 2018) -- Curl_retry_request: fix memory leak - - Detected by OSS-Fuzz - - Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10648 - Closes #3042 - -- openssl: load built-in engines too - - Regression since 38203f1 - - Reported-by: Jean Fabrice - Fixes #3023 - Closes #3040 - -- [Christian Heimes brought this change] - - OpenSSL: enable TLS 1.3 post-handshake auth - - OpenSSL 1.1.1 requires clients to opt-in for post-handshake - authentication. - - Fixes: https://github.com/curl/curl/issues/3026 - Signed-off-by: Christian Heimes <christian@python.org> - - Closes https://github.com/curl/curl/pull/3027 - -- [Even Rouault brought this change] - - Curl_dedotdotify(): always nul terminate returned string. - - This fixes potential out-of-buffer access on "file:./" URL - - $ valgrind curl "file:./" - ==24516== Memcheck, a memory error detector - ==24516== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. - ==24516== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info - ==24516== Command: /home/even/install-curl-git/bin/curl file:./ - ==24516== - ==24516== Conditional jump or move depends on uninitialised value(s) - ==24516== at 0x4C31F9C: strcmp (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) - ==24516== by 0x4EBB315: seturl (urlapi.c:801) - ==24516== by 0x4EBB568: parseurl (urlapi.c:861) - ==24516== by 0x4EBC509: curl_url_set (urlapi.c:1199) - ==24516== by 0x4E644C6: parseurlandfillconn (url.c:2044) - ==24516== by 0x4E67AEF: create_conn (url.c:3613) - ==24516== by 0x4E68A4F: Curl_connect (url.c:4119) - ==24516== by 0x4E7F0A4: multi_runsingle (multi.c:1440) - ==24516== by 0x4E808E5: curl_multi_perform (multi.c:2173) - ==24516== by 0x4E7558C: easy_transfer (easy.c:686) - ==24516== by 0x4E75801: easy_perform (easy.c:779) - ==24516== by 0x4E75868: curl_easy_perform (easy.c:798) - - Was originally spotted by - https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10637 - Credit to OSS-Fuzz - - Closes #3039 - -Viktor Szakats (23 Sep 2018) -- update URLs in tests - - - and one in docs/MANUAL as well - - Closes https://github.com/curl/curl/pull/3038 - -- whitespace fixes - - - replace tabs with spaces where possible - - remove line ending spaces - - remove double/triple newlines at EOF - - fix a non-UTF-8 character - - cleanup a few indentations/line continuations - in manual examples - - Closes https://github.com/curl/curl/pull/3037 - -Daniel Stenberg (23 Sep 2018) -- http: add missing return code check - - Detected by Coverity. CID 1439610. - - Follow-up from 46e164069d1a523 - - Closes #3034 - -- ftp: don't access pointer before NULL check - - Detected by Coverity. CID 1439611. - - Follow-up from 46e164069d1a523 - -- unit1650: fix out of boundary access - - Fixes #2987 - Closes #3035 - -Viktor Szakats (23 Sep 2018) -- docs/examples: URL updates - - - also update two URLs outside of docs/examples - - fix spelling of filename persistant.c - - fix three long lines that started failing checksrc.pl - - Closes https://github.com/curl/curl/pull/3036 - -- examples/Makefile.m32: sync with core [ci skip] - - also: - - fix two warnings in synctime.c (one of them Windows-specific) - - upgrade URLs in synctime.c and remove a broken one - - Closes https://github.com/curl/curl/pull/3033 - -Daniel Stenberg (22 Sep 2018) -- examples/parseurl.c: show off the URL API a bit - - Closes #3030 - -- SECURITY-PROCESS: mention the bountygraph program [ci skip] - - Closes #3032 - -- url: use the URL API internally as well - - ... to make it a truly unified URL parser. - - Closes #3017 - -Viktor Szakats (22 Sep 2018) -- URL and mailmap updates, remove an obsolete directory [ci skip] - - Closes https://github.com/curl/curl/pull/3031 - -Daniel Stenberg (22 Sep 2018) -- RELEASE-NOTES: synced - -- configure: force-use -lpthreads on HPUX - - When trying to detect pthreads use on HPUX the checks will succeed - without the correct -l option but then end up failing at run-time. - - Reported-by: Eason-Yu on github - Fixes #2697 - Closes #3025 - -- [Erik Minekus brought this change] - - Curl_saferealloc: Fixed typo in docblock - - Closes #3029 - -- urlapi: fix support for address scope in IPv6 numerical addresses - - Closes #3024 - -- [Loganaden Velvindron brought this change] - - GnutTLS: TLS 1.3 support - - Closes #2971 - -- TODO: c-ares and CURLOPT_OPENSOCKETFUNCTION - - Removed DoH. - - Closes #2734 - -Jay Satiro (20 Sep 2018) -- vtls: fix ssl version "or later" behavior change for many backends - - - Treat CURL_SSLVERSION_MAX_NONE the same as - CURL_SSLVERSION_MAX_DEFAULT. Prior to this change NONE would mean use - the minimum version also as the maximum. - - This is a follow-up to 6015cef which changed the behavior of setting - the SSL version so that the requested version would only be the minimum - and not the maximum. It appears it was (mostly) implemented in OpenSSL - but not other backends. In other words CURL_SSLVERSION_TLSv1_0 used to - mean use just TLS v1.0 and now it means use TLS v1.0 *or later*. - - - Fix CURL_SSLVERSION_MAX_DEFAULT for OpenSSL. - - Prior to this change CURL_SSLVERSION_MAX_DEFAULT with OpenSSL was - erroneously treated as always TLS 1.3, and would cause an error if - OpenSSL was built without TLS 1.3 support. - - Co-authored-by: Daniel Gustafsson - - Fixes https://github.com/curl/curl/issues/2969 - Closes https://github.com/curl/curl/pull/3012 - -Daniel Stenberg (20 Sep 2018) -- certs: generate tests certs with sha256 digest algorithm - - As OpenSSL 1.1.1 starts to complain and fail on sha1 CAs: - - "SSL certificate problem: CA signature digest algorithm too weak" - - Closes #3014 - -- urlapi: document the error codes, remove two unused ones - - Assisted-by: Daniel Gustafsson - Closes #3019 - -- urlapi: add CURLU_GUESS_SCHEME and fix hostname acceptance - - In order for this API to fully work for libcurl itself, it now offers a - CURLU_GUESS_SCHEME flag that makes it "guess" scheme based on the host - name prefix just like libcurl always did. If there's no known prefix, it - will guess "http://". - - Separately, it relaxes the check of the host name so that IDN host names - can be passed in as well. - - Both these changes are necessary for libcurl itself to use this API. - - Assisted-by: Daniel Gustafsson - Closes #3018 - -Kamil Dudka (19 Sep 2018) -- nss: try to connect even if libnssckbi.so fails to load - - One can still use CA certificates stored in NSS database. - - Reported-by: Maxime Legros - Bug: https://curl.haxx.se/mail/lib-2018-09/0077.html - - Closes #3016 - -Daniel Gustafsson (19 Sep 2018) -- urlapi: don't set value which is never read - - In the CURLUPART_URL case, there is no codepath which invokes url - decoding so remove the assignment of the urldecode variable. This - fixes the deadstore bug-report from clang static analysis. - - Closes #3015 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -- todo: Update reference to already done item - - TODO item 1.1 was implemented in commit 946ce5b61f, update reference - to it with instead referencing the implemented option. - - Closes #3013 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -Daniel Stenberg (18 Sep 2018) -- RELEASE-NOTES: synced - -- [slodki brought this change] - - cmake: don't require OpenSSL if USE_OPENSSL=OFF - - User must have OpenSSL installed even if not used by libcurl at all - since 7.61.1 release. Broken at - 7867aaa9a01decf93711428462335be8cef70212 - - Reviewed-by: Sergei Nikulov - Closes #3001 - -- curl_multi_wait: call getsock before figuring out timeout - - .... since getsock may update the expiry timer. - - Fixes #2996 - Closes #3000 - -- examples/http2-pushinmemory: receive HTTP/2 pushed files in memory - - Closes #3004 diff --git a/libs/libcurl/docs/THANKS b/libs/libcurl/docs/THANKS index 385ecd8518..73b84cfdb3 100644 --- a/libs/libcurl/docs/THANKS +++ b/libs/libcurl/docs/THANKS @@ -52,6 +52,7 @@ Alex Fishman Alex Grebenschikov Alex Gruz Alex Malinovich +Alex Mayorga Alex McLellan Alex Neblett Alex Nichols @@ -84,6 +85,7 @@ Alfonso Martone Alfred Gebert Allen Pulsifer Alona Rossen +Amit Katyal Amol Pattekar Amr Shahin Anatol Belski @@ -172,6 +174,7 @@ Ayoub Boudhar Balaji Parasuram Balaji S Rao Balaji Salunke +Balazs Kovacsics Balint Szilakszi Barry Abrahamson Bart Whiteley @@ -230,6 +233,7 @@ Brad King Brad Spencer Bradford Bruce Brandon Casey +Brandon Dong Brandon Wang Brendan Jurd Brent Beardsley @@ -261,6 +265,7 @@ Camille Moncelier Caolan McNamara Carie Pointer Carlo Cannas +Carlo Marcelo Arenas Belón Carlo Teubner Carlo Wood Carlos ORyan @@ -315,6 +320,7 @@ Clemens Gruber Cliff Crosland Clifford Wolf Clint Clayton +Clément Notin Cody Jones Cody Mack Colby Ranger @@ -714,6 +720,7 @@ Ian Wilkes Ignacio Vazquez-Abrams Igor Franchuk Igor Khristophorov +Igor Makarov Igor Novoseltsev Igor Polyakov Ihor Karpenko @@ -726,6 +733,7 @@ Ingmar Runge Ingo Ralf Blum Ingo Wilken Irfan Adilovic +Ironbars13 on github Irving Wolfe Isaac Boukris Isaiah Norton @@ -775,6 +783,7 @@ Jari Sundell Jason Baietto Jason Glasgow Jason Juang +Jason Lee Jason Liu Jason McDonald Jason S. Priebe @@ -809,6 +818,7 @@ Jens Schleusener Jeremie Rapin Jeremy Friesner Jeremy Huddleston +Jeremy Lainé Jeremy Lin Jeremy Pearson Jeremy Tan @@ -929,6 +939,7 @@ Julien Chaffraix Julien Nabet Julien Royer Jun-ichiro itojun Hagino +Junho Choi Jurij Smakov Juro Bystricky Justin Clift @@ -996,13 +1007,16 @@ Kristiyan Tsaklev Kristoffer Gleditsch Kunal Ekawde Kurt Fankhauser +Kyle Abramowitz Kyle Edwards Kyle J. McKay Kyle L. Huff Kyle Sallee +Kyohei Kadota Kyselgov E.N Lachlan O'Dea Ladar Levison +Lance Ware Larry Campbell Larry Fahnoe Larry Lin @@ -1207,6 +1221,7 @@ Michael Kaufmann Michael Kilburn Michael Kujawa Michael König +Michael Lee Michael Maltese Michael Mealling Michael Mueller @@ -1220,6 +1235,7 @@ Michael Wallner Michal Bonino Michal Marek Michal Trybus +Michal Čaplygin Michał Antoniak Michał Fita Michał Górny @@ -1549,6 +1565,7 @@ Roger Leigh Roland Blom Roland Krikava Roland Zimmermann +Rolf Eike Beer Rolland Dudemaine Romain Coltel Romain Fliedel @@ -1682,7 +1699,6 @@ Stephen Kick Stephen More Stephen Toub Sterling Hughes -Steve Brokenshire Steve Green Steve H Truong Steve Havelka @@ -1723,6 +1739,7 @@ Teemu Yli-Elsila Temprimus Terri Oda Terry Wu +The Infinnovation team TheAssassin on github Theodore Dubois Thomas Braun @@ -1736,6 +1753,7 @@ Thomas Petazzoni Thomas Ruecker Thomas Schwinge Thomas Tonino +Thomas Vegas Thomas van Hesteren Thorsten Schöning Tiit Pikma @@ -1921,6 +1939,7 @@ cbartl on github cclauss on github clbr on github cmfrolick on github +codesniffer13 on github d912e3 on github daboul on github dasimx on github @@ -1956,20 +1975,24 @@ madblobfish on github marc-groundctl on github masbug on github mccormickt12 on github +migueljcrum on github mkzero on github moohoorama on github nedres on github neex on github neheb on github nevv on HackerOne/curl +niallor on github nianxuejie on github niner on github nk nopjmp on github olesteban on github omau on github +osabc on github ovidiu-benea on github patelvivekv1993 on github +patnyb on github pendrek at hackerone pszemus on github silveja1 on github diff --git a/libs/libcurl/include/curl/curl.h b/libs/libcurl/include/curl/curl.h index 19f6c0b5a1..ff0c774962 100644 --- a/libs/libcurl/include/curl/curl.h +++ b/libs/libcurl/include/curl/curl.h @@ -1,5 +1,5 @@ -#ifndef __CURL_CURL_H -#define __CURL_CURL_H +#ifndef CURLINC_CURL_H +#define CURLINC_CURL_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | @@ -284,10 +284,7 @@ typedef enum { #define CURLFINFOFLAG_KNOWN_SIZE (1<<6) #define CURLFINFOFLAG_KNOWN_HLINKCOUNT (1<<7) -/* Content of this structure depends on information which is known and is - achievable (e.g. by FTP LIST parsing). Please see the url_easy_setopt(3) man - page for callbacks returning this structure -- some fields are mandatory, - some others are optional. The FLAG field has special meaning. */ +/* Information about a single file, used when doing FTP wildcard matching */ struct curl_fileinfo { char *filename; curlfiletype filetype; @@ -603,6 +600,8 @@ typedef enum { */ CURLE_RECURSIVE_API_CALL, /* 93 - an api function was called from inside a callback */ + CURLE_AUTH_ERROR, /* 94 - an authentication function returned an + error */ CURL_LAST /* never use! */ } CURLcode; @@ -886,7 +885,7 @@ typedef enum { /* CURLALTSVC_* are bits for the CURLOPT_ALTSVC_CTRL option */ #define CURLALTSVC_IMMEDIATELY (1<<0) -#define CURLALTSVC_ALTUSED (1<<1) + #define CURLALTSVC_READONLYFILE (1<<2) #define CURLALTSVC_H1 (1<<3) #define CURLALTSVC_H2 (1<<4) @@ -1925,6 +1924,9 @@ typedef enum { /* maximum age of a connection to consider it for reuse (in seconds) */ CINIT(MAXAGE_CONN, LONG, 288), + /* SASL authorisation identity */ + CINIT(SASL_AUTHZID, STRINGPOINT, 289), + CURLOPT_LASTENTRY /* the last unused */ } CURLoption; @@ -1978,7 +1980,8 @@ enum { CURL_HTTP_VERSION_2TLS, /* use version 2 for HTTPS, version 1.1 for HTTP */ CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE, /* please use HTTP 2 without HTTP/1.1 Upgrade */ - + CURL_HTTP_VERSION_3 = 30, /* Makes use of explicit HTTP/3 without fallback. + Use CURLOPT_ALTSVC to enable HTTP/3 upgrade */ CURL_HTTP_VERSION_LAST /* *ILLEGAL* http version */ }; @@ -2614,8 +2617,9 @@ typedef enum { CURLINFO_STARTTRANSFER_TIME_T = CURLINFO_OFF_T + 54, CURLINFO_REDIRECT_TIME_T = CURLINFO_OFF_T + 55, CURLINFO_APPCONNECT_TIME_T = CURLINFO_OFF_T + 56, + CURLINFO_RETRY_AFTER = CURLINFO_OFF_T + 57, - CURLINFO_LASTONE = 56 + CURLINFO_LASTONE = 57 } CURLINFO; /* CURLINFO_RESPONSE_CODE is the new name for the option previously known as @@ -2714,6 +2718,7 @@ typedef enum { CURLVERSION_THIRD, CURLVERSION_FOURTH, CURLVERSION_FIFTH, + CURLVERSION_SIXTH, CURLVERSION_LAST /* never actually use this */ } CURLversion; @@ -2722,7 +2727,7 @@ typedef enum { meant to be a built-in version number for what kind of struct the caller expects. If the struct ever changes, we redefine the NOW to another enum from above. */ -#define CURLVERSION_NOW CURLVERSION_FIFTH +#define CURLVERSION_NOW CURLVERSION_SIXTH typedef struct { CURLversion age; /* age of the returned struct */ @@ -2751,11 +2756,16 @@ typedef struct { const char *libssh_version; /* human readable string */ /* These fields were added in CURLVERSION_FIFTH */ - unsigned int brotli_ver_num; /* Numeric Brotli version (MAJOR << 24) | (MINOR << 12) | PATCH */ const char *brotli_version; /* human readable string. */ + /* These fields were added in CURLVERSION_SIXTH */ + unsigned int nghttp2_ver_num; /* Numeric nghttp2 version + (MAJOR << 16) | (MINOR << 8) | PATCH */ + const char *nghttp2_version; /* human readable string. */ + const char *quic_version; /* human readable quic (+ HTTP/3) library + + version or NULL */ } curl_version_info_data; #define CURL_VERSION_IPV6 (1<<0) /* IPv6-enabled */ @@ -2788,6 +2798,7 @@ typedef struct { #define CURL_VERSION_MULTI_SSL (1<<22) /* Multiple SSL backends available */ #define CURL_VERSION_BROTLI (1<<23) /* Brotli features are present. */ #define CURL_VERSION_ALTSVC (1<<24) /* Alt-Svc handling built-in */ +#define CURL_VERSION_HTTP3 (1<<25) /* HTTP3 support built-in */ /* * NAME curl_version_info() @@ -2868,4 +2879,4 @@ CURL_EXTERN CURLcode curl_easy_pause(CURL *handle, int bitmask); #endif /* __STDC__ >= 1 */ #endif /* gcc >= 4.3 && !__cplusplus */ -#endif /* __CURL_CURL_H */ +#endif /* CURLINC_CURL_H */ diff --git a/libs/libcurl/include/curl/curlver.h b/libs/libcurl/include/curl/curlver.h index 3e8789e86b..f537b9205e 100644 --- a/libs/libcurl/include/curl/curlver.h +++ b/libs/libcurl/include/curl/curlver.h @@ -1,5 +1,5 @@ -#ifndef __CURL_CURLVER_H -#define __CURL_CURLVER_H +#ifndef CURLINC_CURLVER_H +#define CURLINC_CURLVER_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | @@ -30,13 +30,13 @@ /* This is the version number of the libcurl package from which this header file origins: */ -#define LIBCURL_VERSION "7.65.3" +#define LIBCURL_VERSION "7.66.0" /* The numeric version number is also available "in parts" by using these defines: */ #define LIBCURL_VERSION_MAJOR 7 -#define LIBCURL_VERSION_MINOR 65 -#define LIBCURL_VERSION_PATCH 3 +#define LIBCURL_VERSION_MINOR 66 +#define LIBCURL_VERSION_PATCH 0 /* This is the numeric version of the libcurl version number, meant for easier parsing and comparions by programs. The LIBCURL_VERSION_NUM define will @@ -57,7 +57,7 @@ CURL_VERSION_BITS() macro since curl's own configure script greps for it and needs it to contain the full number. */ -#define LIBCURL_VERSION_NUM 0x074103 +#define LIBCURL_VERSION_NUM 0x074200 /* * This is the date and time when the full source package was created. The @@ -68,10 +68,10 @@ * * "2007-11-23" */ -#define LIBCURL_TIMESTAMP "2019-07-19" +#define LIBCURL_TIMESTAMP "2019-09-11" #define CURL_VERSION_BITS(x,y,z) ((x)<<16|(y)<<8|(z)) #define CURL_AT_LEAST_VERSION(x,y,z) \ (LIBCURL_VERSION_NUM >= CURL_VERSION_BITS(x, y, z)) -#endif /* __CURL_CURLVER_H */ +#endif /* CURLINC_CURLVER_H */ diff --git a/libs/libcurl/include/curl/easy.h b/libs/libcurl/include/curl/easy.h index f42a8a9692..592f5d3c1c 100644 --- a/libs/libcurl/include/curl/easy.h +++ b/libs/libcurl/include/curl/easy.h @@ -1,5 +1,5 @@ -#ifndef __CURL_EASY_H -#define __CURL_EASY_H +#ifndef CURLINC_EASY_H +#define CURLINC_EASY_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms diff --git a/libs/libcurl/include/curl/mprintf.h b/libs/libcurl/include/curl/mprintf.h index e20f546e19..f615ed7d63 100644 --- a/libs/libcurl/include/curl/mprintf.h +++ b/libs/libcurl/include/curl/mprintf.h @@ -1,5 +1,5 @@ -#ifndef __CURL_MPRINTF_H -#define __CURL_MPRINTF_H +#ifndef CURLINC_MPRINTF_H +#define CURLINC_MPRINTF_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -47,4 +47,4 @@ CURL_EXTERN char *curl_mvaprintf(const char *format, va_list args); } #endif -#endif /* __CURL_MPRINTF_H */ +#endif /* CURLINC_MPRINTF_H */ diff --git a/libs/libcurl/include/curl/multi.h b/libs/libcurl/include/curl/multi.h index b19dbaf791..02df0f3893 100644 --- a/libs/libcurl/include/curl/multi.h +++ b/libs/libcurl/include/curl/multi.h @@ -1,5 +1,5 @@ -#ifndef __CURL_MULTI_H -#define __CURL_MULTI_H +#ifndef CURLINC_MULTI_H +#define CURLINC_MULTI_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -173,6 +173,20 @@ CURL_EXTERN CURLMcode curl_multi_wait(CURLM *multi_handle, int timeout_ms, int *ret); +/* + * Name: curl_multi_poll() + * + * Desc: Poll on all fds within a CURLM set as well as any + * additional fds passed to the function. + * + * Returns: CURLMcode type, general multi error code. + */ +CURL_EXTERN CURLMcode curl_multi_poll(CURLM *multi_handle, + struct curl_waitfd extra_fds[], + unsigned int extra_nfds, + int timeout_ms, + int *ret); + /* * Name: curl_multi_perform() * diff --git a/libs/libcurl/include/curl/stdcheaders.h b/libs/libcurl/include/curl/stdcheaders.h index 027b6f4211..a6bdc1a25c 100644 --- a/libs/libcurl/include/curl/stdcheaders.h +++ b/libs/libcurl/include/curl/stdcheaders.h @@ -1,5 +1,5 @@ -#ifndef __STDC_HEADERS_H -#define __STDC_HEADERS_H +#ifndef CURLINC_STDCHEADERS_H +#define CURLINC_STDCHEADERS_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -30,4 +30,4 @@ size_t fwrite(const void *, size_t, size_t, FILE *); int strcasecmp(const char *, const char *); int strncasecmp(const char *, const char *, size_t); -#endif /* __STDC_HEADERS_H */ +#endif /* CURLINC_STDCHEADERS_H */ diff --git a/libs/libcurl/include/curl/system.h b/libs/libcurl/include/curl/system.h index 1e555ec19e..cd37c2bf54 100644 --- a/libs/libcurl/include/curl/system.h +++ b/libs/libcurl/include/curl/system.h @@ -1,5 +1,5 @@ -#ifndef __CURL_SYSTEM_H -#define __CURL_SYSTEM_H +#ifndef CURLINC_SYSTEM_H +#define CURLINC_SYSTEM_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -473,21 +473,21 @@ */ #if defined(__BORLANDC__) && (__BORLANDC__ == 0x0551) -# define __CURL_OFF_T_C_HLPR2(x) x -# define __CURL_OFF_T_C_HLPR1(x) __CURL_OFF_T_C_HLPR2(x) -# define CURL_OFF_T_C(Val) __CURL_OFF_T_C_HLPR1(Val) ## \ - __CURL_OFF_T_C_HLPR1(CURL_SUFFIX_CURL_OFF_T) -# define CURL_OFF_TU_C(Val) __CURL_OFF_T_C_HLPR1(Val) ## \ - __CURL_OFF_T_C_HLPR1(CURL_SUFFIX_CURL_OFF_TU) +# define CURLINC_OFF_T_C_HLPR2(x) x +# define CURLINC_OFF_T_C_HLPR1(x) CURLINC_OFF_T_C_HLPR2(x) +# define CURL_OFF_T_C(Val) CURLINC_OFF_T_C_HLPR1(Val) ## \ + CURLINC_OFF_T_C_HLPR1(CURL_SUFFIX_CURL_OFF_T) +# define CURL_OFF_TU_C(Val) CURLINC_OFF_T_C_HLPR1(Val) ## \ + CURLINC_OFF_T_C_HLPR1(CURL_SUFFIX_CURL_OFF_TU) #else # ifdef CURL_ISOCPP -# define __CURL_OFF_T_C_HLPR2(Val,Suffix) Val ## Suffix +# define CURLINC_OFF_T_C_HLPR2(Val,Suffix) Val ## Suffix # else -# define __CURL_OFF_T_C_HLPR2(Val,Suffix) Val/**/Suffix +# define CURLINC_OFF_T_C_HLPR2(Val,Suffix) Val/**/Suffix # endif -# define __CURL_OFF_T_C_HLPR1(Val,Suffix) __CURL_OFF_T_C_HLPR2(Val,Suffix) -# define CURL_OFF_T_C(Val) __CURL_OFF_T_C_HLPR1(Val,CURL_SUFFIX_CURL_OFF_T) -# define CURL_OFF_TU_C(Val) __CURL_OFF_T_C_HLPR1(Val,CURL_SUFFIX_CURL_OFF_TU) +# define CURLINC_OFF_T_C_HLPR1(Val,Suffix) CURLINC_OFF_T_C_HLPR2(Val,Suffix) +# define CURL_OFF_T_C(Val) CURLINC_OFF_T_C_HLPR1(Val,CURL_SUFFIX_CURL_OFF_T) +# define CURL_OFF_TU_C(Val) CURLINC_OFF_T_C_HLPR1(Val,CURL_SUFFIX_CURL_OFF_TU) #endif -#endif /* __CURL_SYSTEM_H */ +#endif /* CURLINC_SYSTEM_H */ diff --git a/libs/libcurl/include/curl/typecheck-gcc.h b/libs/libcurl/include/curl/typecheck-gcc.h index eeb36abc09..03c84fc85b 100644 --- a/libs/libcurl/include/curl/typecheck-gcc.h +++ b/libs/libcurl/include/curl/typecheck-gcc.h @@ -1,5 +1,5 @@ -#ifndef __CURL_TYPECHECK_GCC_H -#define __CURL_TYPECHECK_GCC_H +#ifndef CURLINC_TYPECHECK_GCC_H +#define CURLINC_TYPECHECK_GCC_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | @@ -25,10 +25,10 @@ /* wraps curl_easy_setopt() with typechecking */ /* To add a new kind of warning, add an - * if(_curl_is_sometype_option(_curl_opt)) - * if(!_curl_is_sometype(value)) + * if(curlcheck_sometype_option(_curl_opt)) + * if(!curlcheck_sometype(value)) * _curl_easy_setopt_err_sometype(); - * block and define _curl_is_sometype_option, _curl_is_sometype and + * block and define curlcheck_sometype_option, curlcheck_sometype and * _curl_easy_setopt_err_sometype below * * NOTE: We use two nested 'if' statements here instead of the && operator, in @@ -38,112 +38,112 @@ * To add an option that uses the same type as an existing option, you'll just * need to extend the appropriate _curl_*_option macro */ -#define curl_easy_setopt(handle, option, value) \ -__extension__ ({ \ - __typeof__(option) _curl_opt = option; \ - if(__builtin_constant_p(_curl_opt)) { \ - if(_curl_is_long_option(_curl_opt)) \ - if(!_curl_is_long(value)) \ - _curl_easy_setopt_err_long(); \ - if(_curl_is_off_t_option(_curl_opt)) \ - if(!_curl_is_off_t(value)) \ - _curl_easy_setopt_err_curl_off_t(); \ - if(_curl_is_string_option(_curl_opt)) \ - if(!_curl_is_string(value)) \ - _curl_easy_setopt_err_string(); \ - if(_curl_is_write_cb_option(_curl_opt)) \ - if(!_curl_is_write_cb(value)) \ - _curl_easy_setopt_err_write_callback(); \ - if((_curl_opt) == CURLOPT_RESOLVER_START_FUNCTION) \ - if(!_curl_is_resolver_start_callback(value)) \ - _curl_easy_setopt_err_resolver_start_callback(); \ - if((_curl_opt) == CURLOPT_READFUNCTION) \ - if(!_curl_is_read_cb(value)) \ - _curl_easy_setopt_err_read_cb(); \ - if((_curl_opt) == CURLOPT_IOCTLFUNCTION) \ - if(!_curl_is_ioctl_cb(value)) \ - _curl_easy_setopt_err_ioctl_cb(); \ - if((_curl_opt) == CURLOPT_SOCKOPTFUNCTION) \ - if(!_curl_is_sockopt_cb(value)) \ - _curl_easy_setopt_err_sockopt_cb(); \ - if((_curl_opt) == CURLOPT_OPENSOCKETFUNCTION) \ - if(!_curl_is_opensocket_cb(value)) \ - _curl_easy_setopt_err_opensocket_cb(); \ - if((_curl_opt) == CURLOPT_PROGRESSFUNCTION) \ - if(!_curl_is_progress_cb(value)) \ - _curl_easy_setopt_err_progress_cb(); \ - if((_curl_opt) == CURLOPT_DEBUGFUNCTION) \ - if(!_curl_is_debug_cb(value)) \ - _curl_easy_setopt_err_debug_cb(); \ - if((_curl_opt) == CURLOPT_SSL_CTX_FUNCTION) \ - if(!_curl_is_ssl_ctx_cb(value)) \ - _curl_easy_setopt_err_ssl_ctx_cb(); \ - if(_curl_is_conv_cb_option(_curl_opt)) \ - if(!_curl_is_conv_cb(value)) \ - _curl_easy_setopt_err_conv_cb(); \ - if((_curl_opt) == CURLOPT_SEEKFUNCTION) \ - if(!_curl_is_seek_cb(value)) \ - _curl_easy_setopt_err_seek_cb(); \ - if(_curl_is_cb_data_option(_curl_opt)) \ - if(!_curl_is_cb_data(value)) \ - _curl_easy_setopt_err_cb_data(); \ - if((_curl_opt) == CURLOPT_ERRORBUFFER) \ - if(!_curl_is_error_buffer(value)) \ - _curl_easy_setopt_err_error_buffer(); \ - if((_curl_opt) == CURLOPT_STDERR) \ - if(!_curl_is_FILE(value)) \ - _curl_easy_setopt_err_FILE(); \ - if(_curl_is_postfields_option(_curl_opt)) \ - if(!_curl_is_postfields(value)) \ - _curl_easy_setopt_err_postfields(); \ - if((_curl_opt) == CURLOPT_HTTPPOST) \ - if(!_curl_is_arr((value), struct curl_httppost)) \ - _curl_easy_setopt_err_curl_httpost(); \ - if((_curl_opt) == CURLOPT_MIMEPOST) \ - if(!_curl_is_ptr((value), curl_mime)) \ - _curl_easy_setopt_err_curl_mimepost(); \ - if(_curl_is_slist_option(_curl_opt)) \ - if(!_curl_is_arr((value), struct curl_slist)) \ - _curl_easy_setopt_err_curl_slist(); \ - if((_curl_opt) == CURLOPT_SHARE) \ - if(!_curl_is_ptr((value), CURLSH)) \ - _curl_easy_setopt_err_CURLSH(); \ - } \ - curl_easy_setopt(handle, _curl_opt, value); \ -}) +#define curl_easy_setopt(handle, option, value) \ + __extension__({ \ + __typeof__(option) _curl_opt = option; \ + if(__builtin_constant_p(_curl_opt)) { \ + if(curlcheck_long_option(_curl_opt)) \ + if(!curlcheck_long(value)) \ + _curl_easy_setopt_err_long(); \ + if(curlcheck_off_t_option(_curl_opt)) \ + if(!curlcheck_off_t(value)) \ + _curl_easy_setopt_err_curl_off_t(); \ + if(curlcheck_string_option(_curl_opt)) \ + if(!curlcheck_string(value)) \ + _curl_easy_setopt_err_string(); \ + if(curlcheck_write_cb_option(_curl_opt)) \ + if(!curlcheck_write_cb(value)) \ + _curl_easy_setopt_err_write_callback(); \ + if((_curl_opt) == CURLOPT_RESOLVER_START_FUNCTION) \ + if(!curlcheck_resolver_start_callback(value)) \ + _curl_easy_setopt_err_resolver_start_callback(); \ + if((_curl_opt) == CURLOPT_READFUNCTION) \ + if(!curlcheck_read_cb(value)) \ + _curl_easy_setopt_err_read_cb(); \ + if((_curl_opt) == CURLOPT_IOCTLFUNCTION) \ + if(!curlcheck_ioctl_cb(value)) \ + _curl_easy_setopt_err_ioctl_cb(); \ + if((_curl_opt) == CURLOPT_SOCKOPTFUNCTION) \ + if(!curlcheck_sockopt_cb(value)) \ + _curl_easy_setopt_err_sockopt_cb(); \ + if((_curl_opt) == CURLOPT_OPENSOCKETFUNCTION) \ + if(!curlcheck_opensocket_cb(value)) \ + _curl_easy_setopt_err_opensocket_cb(); \ + if((_curl_opt) == CURLOPT_PROGRESSFUNCTION) \ + if(!curlcheck_progress_cb(value)) \ + _curl_easy_setopt_err_progress_cb(); \ + if((_curl_opt) == CURLOPT_DEBUGFUNCTION) \ + if(!curlcheck_debug_cb(value)) \ + _curl_easy_setopt_err_debug_cb(); \ + if((_curl_opt) == CURLOPT_SSL_CTX_FUNCTION) \ + if(!curlcheck_ssl_ctx_cb(value)) \ + _curl_easy_setopt_err_ssl_ctx_cb(); \ + if(curlcheck_conv_cb_option(_curl_opt)) \ + if(!curlcheck_conv_cb(value)) \ + _curl_easy_setopt_err_conv_cb(); \ + if((_curl_opt) == CURLOPT_SEEKFUNCTION) \ + if(!curlcheck_seek_cb(value)) \ + _curl_easy_setopt_err_seek_cb(); \ + if(curlcheck_cb_data_option(_curl_opt)) \ + if(!curlcheck_cb_data(value)) \ + _curl_easy_setopt_err_cb_data(); \ + if((_curl_opt) == CURLOPT_ERRORBUFFER) \ + if(!curlcheck_error_buffer(value)) \ + _curl_easy_setopt_err_error_buffer(); \ + if((_curl_opt) == CURLOPT_STDERR) \ + if(!curlcheck_FILE(value)) \ + _curl_easy_setopt_err_FILE(); \ + if(curlcheck_postfields_option(_curl_opt)) \ + if(!curlcheck_postfields(value)) \ + _curl_easy_setopt_err_postfields(); \ + if((_curl_opt) == CURLOPT_HTTPPOST) \ + if(!curlcheck_arr((value), struct curl_httppost)) \ + _curl_easy_setopt_err_curl_httpost(); \ + if((_curl_opt) == CURLOPT_MIMEPOST) \ + if(!curlcheck_ptr((value), curl_mime)) \ + _curl_easy_setopt_err_curl_mimepost(); \ + if(curlcheck_slist_option(_curl_opt)) \ + if(!curlcheck_arr((value), struct curl_slist)) \ + _curl_easy_setopt_err_curl_slist(); \ + if((_curl_opt) == CURLOPT_SHARE) \ + if(!curlcheck_ptr((value), CURLSH)) \ + _curl_easy_setopt_err_CURLSH(); \ + } \ + curl_easy_setopt(handle, _curl_opt, value); \ + }) /* wraps curl_easy_getinfo() with typechecking */ -#define curl_easy_getinfo(handle, info, arg) \ -__extension__ ({ \ - __typeof__(info) _curl_info = info; \ - if(__builtin_constant_p(_curl_info)) { \ - if(_curl_is_string_info(_curl_info)) \ - if(!_curl_is_arr((arg), char *)) \ - _curl_easy_getinfo_err_string(); \ - if(_curl_is_long_info(_curl_info)) \ - if(!_curl_is_arr((arg), long)) \ - _curl_easy_getinfo_err_long(); \ - if(_curl_is_double_info(_curl_info)) \ - if(!_curl_is_arr((arg), double)) \ - _curl_easy_getinfo_err_double(); \ - if(_curl_is_slist_info(_curl_info)) \ - if(!_curl_is_arr((arg), struct curl_slist *)) \ - _curl_easy_getinfo_err_curl_slist(); \ - if(_curl_is_tlssessioninfo_info(_curl_info)) \ - if(!_curl_is_arr((arg), struct curl_tlssessioninfo *)) \ - _curl_easy_getinfo_err_curl_tlssesssioninfo(); \ - if(_curl_is_certinfo_info(_curl_info)) \ - if(!_curl_is_arr((arg), struct curl_certinfo *)) \ - _curl_easy_getinfo_err_curl_certinfo(); \ - if(_curl_is_socket_info(_curl_info)) \ - if(!_curl_is_arr((arg), curl_socket_t)) \ - _curl_easy_getinfo_err_curl_socket(); \ - if(_curl_is_off_t_info(_curl_info)) \ - if(!_curl_is_arr((arg), curl_off_t)) \ - _curl_easy_getinfo_err_curl_off_t(); \ - } \ - curl_easy_getinfo(handle, _curl_info, arg); \ -}) +#define curl_easy_getinfo(handle, info, arg) \ + __extension__({ \ + __typeof__(info) _curl_info = info; \ + if(__builtin_constant_p(_curl_info)) { \ + if(curlcheck_string_info(_curl_info)) \ + if(!curlcheck_arr((arg), char *)) \ + _curl_easy_getinfo_err_string(); \ + if(curlcheck_long_info(_curl_info)) \ + if(!curlcheck_arr((arg), long)) \ + _curl_easy_getinfo_err_long(); \ + if(curlcheck_double_info(_curl_info)) \ + if(!curlcheck_arr((arg), double)) \ + _curl_easy_getinfo_err_double(); \ + if(curlcheck_slist_info(_curl_info)) \ + if(!curlcheck_arr((arg), struct curl_slist *)) \ + _curl_easy_getinfo_err_curl_slist(); \ + if(curlcheck_tlssessioninfo_info(_curl_info)) \ + if(!curlcheck_arr((arg), struct curl_tlssessioninfo *)) \ + _curl_easy_getinfo_err_curl_tlssesssioninfo(); \ + if(curlcheck_certinfo_info(_curl_info)) \ + if(!curlcheck_arr((arg), struct curl_certinfo *)) \ + _curl_easy_getinfo_err_curl_certinfo(); \ + if(curlcheck_socket_info(_curl_info)) \ + if(!curlcheck_arr((arg), curl_socket_t)) \ + _curl_easy_getinfo_err_curl_socket(); \ + if(curlcheck_off_t_info(_curl_info)) \ + if(!curlcheck_arr((arg), curl_off_t)) \ + _curl_easy_getinfo_err_curl_off_t(); \ + } \ + curl_easy_getinfo(handle, _curl_info, arg); \ + }) /* * For now, just make sure that the functions are called with three arguments @@ -156,83 +156,83 @@ __extension__ ({ \ * functions */ /* To define a new warning, use _CURL_WARNING(identifier, "message") */ -#define _CURL_WARNING(id, message) \ - static void __attribute__((__warning__(message))) \ - __attribute__((__unused__)) __attribute__((__noinline__)) \ +#define CURLWARNING(id, message) \ + static void __attribute__((__warning__(message))) \ + __attribute__((__unused__)) __attribute__((__noinline__)) \ id(void) { __asm__(""); } -_CURL_WARNING(_curl_easy_setopt_err_long, +CURLWARNING(_curl_easy_setopt_err_long, "curl_easy_setopt expects a long argument for this option") -_CURL_WARNING(_curl_easy_setopt_err_curl_off_t, +CURLWARNING(_curl_easy_setopt_err_curl_off_t, "curl_easy_setopt expects a curl_off_t argument for this option") -_CURL_WARNING(_curl_easy_setopt_err_string, +CURLWARNING(_curl_easy_setopt_err_string, "curl_easy_setopt expects a " "string ('char *' or char[]) argument for this option" ) -_CURL_WARNING(_curl_easy_setopt_err_write_callback, +CURLWARNING(_curl_easy_setopt_err_write_callback, "curl_easy_setopt expects a curl_write_callback argument for this option") -_CURL_WARNING(_curl_easy_setopt_err_resolver_start_callback, +CURLWARNING(_curl_easy_setopt_err_resolver_start_callback, "curl_easy_setopt expects a " "curl_resolver_start_callback argument for this option" ) -_CURL_WARNING(_curl_easy_setopt_err_read_cb, +CURLWARNING(_curl_easy_setopt_err_read_cb, "curl_easy_setopt expects a curl_read_callback argument for this option") -_CURL_WARNING(_curl_easy_setopt_err_ioctl_cb, +CURLWARNING(_curl_easy_setopt_err_ioctl_cb, "curl_easy_setopt expects a curl_ioctl_callback argument for this option") -_CURL_WARNING(_curl_easy_setopt_err_sockopt_cb, +CURLWARNING(_curl_easy_setopt_err_sockopt_cb, "curl_easy_setopt expects a curl_sockopt_callback argument for this option") -_CURL_WARNING(_curl_easy_setopt_err_opensocket_cb, +CURLWARNING(_curl_easy_setopt_err_opensocket_cb, "curl_easy_setopt expects a " "curl_opensocket_callback argument for this option" ) -_CURL_WARNING(_curl_easy_setopt_err_progress_cb, +CURLWARNING(_curl_easy_setopt_err_progress_cb, "curl_easy_setopt expects a curl_progress_callback argument for this option") -_CURL_WARNING(_curl_easy_setopt_err_debug_cb, +CURLWARNING(_curl_easy_setopt_err_debug_cb, "curl_easy_setopt expects a curl_debug_callback argument for this option") -_CURL_WARNING(_curl_easy_setopt_err_ssl_ctx_cb, +CURLWARNING(_curl_easy_setopt_err_ssl_ctx_cb, "curl_easy_setopt expects a curl_ssl_ctx_callback argument for this option") -_CURL_WARNING(_curl_easy_setopt_err_conv_cb, +CURLWARNING(_curl_easy_setopt_err_conv_cb, "curl_easy_setopt expects a curl_conv_callback argument for this option") -_CURL_WARNING(_curl_easy_setopt_err_seek_cb, +CURLWARNING(_curl_easy_setopt_err_seek_cb, "curl_easy_setopt expects a curl_seek_callback argument for this option") -_CURL_WARNING(_curl_easy_setopt_err_cb_data, +CURLWARNING(_curl_easy_setopt_err_cb_data, "curl_easy_setopt expects a " "private data pointer as argument for this option") -_CURL_WARNING(_curl_easy_setopt_err_error_buffer, +CURLWARNING(_curl_easy_setopt_err_error_buffer, "curl_easy_setopt expects a " "char buffer of CURL_ERROR_SIZE as argument for this option") -_CURL_WARNING(_curl_easy_setopt_err_FILE, +CURLWARNING(_curl_easy_setopt_err_FILE, "curl_easy_setopt expects a 'FILE *' argument for this option") -_CURL_WARNING(_curl_easy_setopt_err_postfields, +CURLWARNING(_curl_easy_setopt_err_postfields, "curl_easy_setopt expects a 'void *' or 'char *' argument for this option") -_CURL_WARNING(_curl_easy_setopt_err_curl_httpost, +CURLWARNING(_curl_easy_setopt_err_curl_httpost, "curl_easy_setopt expects a 'struct curl_httppost *' " "argument for this option") -_CURL_WARNING(_curl_easy_setopt_err_curl_mimepost, +CURLWARNING(_curl_easy_setopt_err_curl_mimepost, "curl_easy_setopt expects a 'curl_mime *' " "argument for this option") -_CURL_WARNING(_curl_easy_setopt_err_curl_slist, +CURLWARNING(_curl_easy_setopt_err_curl_slist, "curl_easy_setopt expects a 'struct curl_slist *' argument for this option") -_CURL_WARNING(_curl_easy_setopt_err_CURLSH, +CURLWARNING(_curl_easy_setopt_err_CURLSH, "curl_easy_setopt expects a CURLSH* argument for this option") -_CURL_WARNING(_curl_easy_getinfo_err_string, +CURLWARNING(_curl_easy_getinfo_err_string, "curl_easy_getinfo expects a pointer to 'char *' for this info") -_CURL_WARNING(_curl_easy_getinfo_err_long, +CURLWARNING(_curl_easy_getinfo_err_long, "curl_easy_getinfo expects a pointer to long for this info") -_CURL_WARNING(_curl_easy_getinfo_err_double, +CURLWARNING(_curl_easy_getinfo_err_double, "curl_easy_getinfo expects a pointer to double for this info") -_CURL_WARNING(_curl_easy_getinfo_err_curl_slist, +CURLWARNING(_curl_easy_getinfo_err_curl_slist, "curl_easy_getinfo expects a pointer to 'struct curl_slist *' for this info") -_CURL_WARNING(_curl_easy_getinfo_err_curl_tlssesssioninfo, +CURLWARNING(_curl_easy_getinfo_err_curl_tlssesssioninfo, "curl_easy_getinfo expects a pointer to " "'struct curl_tlssessioninfo *' for this info") -_CURL_WARNING(_curl_easy_getinfo_err_curl_certinfo, +CURLWARNING(_curl_easy_getinfo_err_curl_certinfo, "curl_easy_getinfo expects a pointer to " "'struct curl_certinfo *' for this info") -_CURL_WARNING(_curl_easy_getinfo_err_curl_socket, +CURLWARNING(_curl_easy_getinfo_err_curl_socket, "curl_easy_getinfo expects a pointer to curl_socket_t for this info") -_CURL_WARNING(_curl_easy_getinfo_err_curl_off_t, +CURLWARNING(_curl_easy_getinfo_err_curl_off_t, "curl_easy_getinfo expects a pointer to curl_off_t for this info") /* groups of curl_easy_setops options that take the same type of argument */ @@ -244,14 +244,14 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_off_t, */ /* evaluates to true if option takes a long argument */ -#define _curl_is_long_option(option) \ +#define curlcheck_long_option(option) \ (0 < (option) && (option) < CURLOPTTYPE_OBJECTPOINT) -#define _curl_is_off_t_option(option) \ +#define curlcheck_off_t_option(option) \ ((option) > CURLOPTTYPE_OFF_T) /* evaluates to true if option takes a char* argument */ -#define _curl_is_string_option(option) \ +#define curlcheck_string_option(option) \ ((option) == CURLOPT_ABSTRACT_UNIX_SOCKET || \ (option) == CURLOPT_ACCEPT_ENCODING || \ (option) == CURLOPT_ALTSVC || \ @@ -311,6 +311,7 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_off_t, (option) == CURLOPT_RTSP_SESSION_ID || \ (option) == CURLOPT_RTSP_STREAM_URI || \ (option) == CURLOPT_RTSP_TRANSPORT || \ + (option) == CURLOPT_SASL_AUTHZID || \ (option) == CURLOPT_SERVICE_NAME || \ (option) == CURLOPT_SOCKS5_GSSAPI_SERVICE || \ (option) == CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 || \ @@ -336,18 +337,18 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_off_t, 0) /* evaluates to true if option takes a curl_write_callback argument */ -#define _curl_is_write_cb_option(option) \ - ((option) == CURLOPT_HEADERFUNCTION || \ +#define curlcheck_write_cb_option(option) \ + ((option) == CURLOPT_HEADERFUNCTION || \ (option) == CURLOPT_WRITEFUNCTION) /* evaluates to true if option takes a curl_conv_callback argument */ -#define _curl_is_conv_cb_option(option) \ - ((option) == CURLOPT_CONV_TO_NETWORK_FUNCTION || \ - (option) == CURLOPT_CONV_FROM_NETWORK_FUNCTION || \ +#define curlcheck_conv_cb_option(option) \ + ((option) == CURLOPT_CONV_TO_NETWORK_FUNCTION || \ + (option) == CURLOPT_CONV_FROM_NETWORK_FUNCTION || \ (option) == CURLOPT_CONV_FROM_UTF8_FUNCTION) /* evaluates to true if option takes a data argument to pass to a callback */ -#define _curl_is_cb_data_option(option) \ +#define curlcheck_cb_data_option(option) \ ((option) == CURLOPT_CHUNK_DATA || \ (option) == CURLOPT_CLOSESOCKETDATA || \ (option) == CURLOPT_DEBUGDATA || \ @@ -369,13 +370,13 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_off_t, 0) /* evaluates to true if option takes a POST data argument (void* or char*) */ -#define _curl_is_postfields_option(option) \ +#define curlcheck_postfields_option(option) \ ((option) == CURLOPT_POSTFIELDS || \ (option) == CURLOPT_COPYPOSTFIELDS || \ 0) /* evaluates to true if option takes a struct curl_slist * argument */ -#define _curl_is_slist_option(option) \ +#define curlcheck_slist_option(option) \ ((option) == CURLOPT_HTTP200ALIASES || \ (option) == CURLOPT_HTTPHEADER || \ (option) == CURLOPT_MAIL_RCPT || \ @@ -391,40 +392,40 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_off_t, /* groups of curl_easy_getinfo infos that take the same type of argument */ /* evaluates to true if info expects a pointer to char * argument */ -#define _curl_is_string_info(info) \ +#define curlcheck_string_info(info) \ (CURLINFO_STRING < (info) && (info) < CURLINFO_LONG) /* evaluates to true if info expects a pointer to long argument */ -#define _curl_is_long_info(info) \ +#define curlcheck_long_info(info) \ (CURLINFO_LONG < (info) && (info) < CURLINFO_DOUBLE) /* evaluates to true if info expects a pointer to double argument */ -#define _curl_is_double_info(info) \ +#define curlcheck_double_info(info) \ (CURLINFO_DOUBLE < (info) && (info) < CURLINFO_SLIST) /* true if info expects a pointer to struct curl_slist * argument */ -#define _curl_is_slist_info(info) \ +#define curlcheck_slist_info(info) \ (((info) == CURLINFO_SSL_ENGINES) || ((info) == CURLINFO_COOKIELIST)) /* true if info expects a pointer to struct curl_tlssessioninfo * argument */ -#define _curl_is_tlssessioninfo_info(info) \ +#define curlcheck_tlssessioninfo_info(info) \ (((info) == CURLINFO_TLS_SSL_PTR) || ((info) == CURLINFO_TLS_SESSION)) /* true if info expects a pointer to struct curl_certinfo * argument */ -#define _curl_is_certinfo_info(info) ((info) == CURLINFO_CERTINFO) +#define curlcheck_certinfo_info(info) ((info) == CURLINFO_CERTINFO) /* true if info expects a pointer to struct curl_socket_t argument */ -#define _curl_is_socket_info(info) \ +#define curlcheck_socket_info(info) \ (CURLINFO_SOCKET < (info) && (info) < CURLINFO_OFF_T) /* true if info expects a pointer to curl_off_t argument */ -#define _curl_is_off_t_info(info) \ +#define curlcheck_off_t_info(info) \ (CURLINFO_OFF_T < (info)) /* typecheck helpers -- check whether given expression has requested type*/ -/* For pointers, you can use the _curl_is_ptr/_curl_is_arr macros, +/* For pointers, you can use the curlcheck_ptr/curlcheck_arr macros, * otherwise define a new macro. Search for __builtin_types_compatible_p * in the GCC manual. * NOTE: these macros MUST NOT EVALUATE their arguments! The argument is @@ -434,35 +435,35 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_off_t, */ /* XXX: should evaluate to true if expr is a pointer */ -#define _curl_is_any_ptr(expr) \ +#define curlcheck_any_ptr(expr) \ (sizeof(expr) == sizeof(void *)) /* evaluates to true if expr is NULL */ /* XXX: must not evaluate expr, so this check is not accurate */ -#define _curl_is_NULL(expr) \ +#define curlcheck_NULL(expr) \ (__builtin_types_compatible_p(__typeof__(expr), __typeof__(NULL))) /* evaluates to true if expr is type*, const type* or NULL */ -#define _curl_is_ptr(expr, type) \ - (_curl_is_NULL(expr) || \ - __builtin_types_compatible_p(__typeof__(expr), type *) || \ +#define curlcheck_ptr(expr, type) \ + (curlcheck_NULL(expr) || \ + __builtin_types_compatible_p(__typeof__(expr), type *) || \ __builtin_types_compatible_p(__typeof__(expr), const type *)) /* evaluates to true if expr is one of type[], type*, NULL or const type* */ -#define _curl_is_arr(expr, type) \ - (_curl_is_ptr((expr), type) || \ +#define curlcheck_arr(expr, type) \ + (curlcheck_ptr((expr), type) || \ __builtin_types_compatible_p(__typeof__(expr), type [])) /* evaluates to true if expr is a string */ -#define _curl_is_string(expr) \ - (_curl_is_arr((expr), char) || \ - _curl_is_arr((expr), signed char) || \ - _curl_is_arr((expr), unsigned char)) +#define curlcheck_string(expr) \ + (curlcheck_arr((expr), char) || \ + curlcheck_arr((expr), signed char) || \ + curlcheck_arr((expr), unsigned char)) /* evaluates to true if expr is a long (no matter the signedness) * XXX: for now, int is also accepted (and therefore short and char, which * are promoted to int when passed to a variadic function) */ -#define _curl_is_long(expr) \ +#define curlcheck_long(expr) \ (__builtin_types_compatible_p(__typeof__(expr), long) || \ __builtin_types_compatible_p(__typeof__(expr), signed long) || \ __builtin_types_compatible_p(__typeof__(expr), unsigned long) || \ @@ -477,59 +478,59 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_off_t, __builtin_types_compatible_p(__typeof__(expr), unsigned char)) /* evaluates to true if expr is of type curl_off_t */ -#define _curl_is_off_t(expr) \ +#define curlcheck_off_t(expr) \ (__builtin_types_compatible_p(__typeof__(expr), curl_off_t)) /* evaluates to true if expr is abuffer suitable for CURLOPT_ERRORBUFFER */ /* XXX: also check size of an char[] array? */ -#define _curl_is_error_buffer(expr) \ - (_curl_is_NULL(expr) || \ - __builtin_types_compatible_p(__typeof__(expr), char *) || \ +#define curlcheck_error_buffer(expr) \ + (curlcheck_NULL(expr) || \ + __builtin_types_compatible_p(__typeof__(expr), char *) || \ __builtin_types_compatible_p(__typeof__(expr), char[])) /* evaluates to true if expr is of type (const) void* or (const) FILE* */ #if 0 -#define _curl_is_cb_data(expr) \ - (_curl_is_ptr((expr), void) || \ - _curl_is_ptr((expr), FILE)) +#define curlcheck_cb_data(expr) \ + (curlcheck_ptr((expr), void) || \ + curlcheck_ptr((expr), FILE)) #else /* be less strict */ -#define _curl_is_cb_data(expr) \ - _curl_is_any_ptr(expr) +#define curlcheck_cb_data(expr) \ + curlcheck_any_ptr(expr) #endif /* evaluates to true if expr is of type FILE* */ -#define _curl_is_FILE(expr) \ - (_curl_is_NULL(expr) || \ +#define curlcheck_FILE(expr) \ + (curlcheck_NULL(expr) || \ (__builtin_types_compatible_p(__typeof__(expr), FILE *))) /* evaluates to true if expr can be passed as POST data (void* or char*) */ -#define _curl_is_postfields(expr) \ - (_curl_is_ptr((expr), void) || \ - _curl_is_arr((expr), char) || \ - _curl_is_arr((expr), unsigned char)) +#define curlcheck_postfields(expr) \ + (curlcheck_ptr((expr), void) || \ + curlcheck_arr((expr), char) || \ + curlcheck_arr((expr), unsigned char)) /* helper: __builtin_types_compatible_p distinguishes between functions and * function pointers, hide it */ -#define _curl_callback_compatible(func, type) \ - (__builtin_types_compatible_p(__typeof__(func), type) || \ +#define curlcheck_cb_compatible(func, type) \ + (__builtin_types_compatible_p(__typeof__(func), type) || \ __builtin_types_compatible_p(__typeof__(func) *, type)) /* evaluates to true if expr is of type curl_resolver_start_callback */ -#define _curl_is_resolver_start_callback(expr) \ - (_curl_is_NULL(expr) || \ - _curl_callback_compatible((expr), curl_resolver_start_callback)) +#define curlcheck_resolver_start_callback(expr) \ + (curlcheck_NULL(expr) || \ + curlcheck_cb_compatible((expr), curl_resolver_start_callback)) /* evaluates to true if expr is of type curl_read_callback or "similar" */ -#define _curl_is_read_cb(expr) \ - (_curl_is_NULL(expr) || \ - _curl_callback_compatible((expr), __typeof__(fread) *) || \ - _curl_callback_compatible((expr), curl_read_callback) || \ - _curl_callback_compatible((expr), _curl_read_callback1) || \ - _curl_callback_compatible((expr), _curl_read_callback2) || \ - _curl_callback_compatible((expr), _curl_read_callback3) || \ - _curl_callback_compatible((expr), _curl_read_callback4) || \ - _curl_callback_compatible((expr), _curl_read_callback5) || \ - _curl_callback_compatible((expr), _curl_read_callback6)) +#define curlcheck_read_cb(expr) \ + (curlcheck_NULL(expr) || \ + curlcheck_cb_compatible((expr), __typeof__(fread) *) || \ + curlcheck_cb_compatible((expr), curl_read_callback) || \ + curlcheck_cb_compatible((expr), _curl_read_callback1) || \ + curlcheck_cb_compatible((expr), _curl_read_callback2) || \ + curlcheck_cb_compatible((expr), _curl_read_callback3) || \ + curlcheck_cb_compatible((expr), _curl_read_callback4) || \ + curlcheck_cb_compatible((expr), _curl_read_callback5) || \ + curlcheck_cb_compatible((expr), _curl_read_callback6)) typedef size_t (*_curl_read_callback1)(char *, size_t, size_t, void *); typedef size_t (*_curl_read_callback2)(char *, size_t, size_t, const void *); typedef size_t (*_curl_read_callback3)(char *, size_t, size_t, FILE *); @@ -538,16 +539,16 @@ typedef size_t (*_curl_read_callback5)(void *, size_t, size_t, const void *); typedef size_t (*_curl_read_callback6)(void *, size_t, size_t, FILE *); /* evaluates to true if expr is of type curl_write_callback or "similar" */ -#define _curl_is_write_cb(expr) \ - (_curl_is_read_cb(expr) || \ - _curl_callback_compatible((expr), __typeof__(fwrite) *) || \ - _curl_callback_compatible((expr), curl_write_callback) || \ - _curl_callback_compatible((expr), _curl_write_callback1) || \ - _curl_callback_compatible((expr), _curl_write_callback2) || \ - _curl_callback_compatible((expr), _curl_write_callback3) || \ - _curl_callback_compatible((expr), _curl_write_callback4) || \ - _curl_callback_compatible((expr), _curl_write_callback5) || \ - _curl_callback_compatible((expr), _curl_write_callback6)) +#define curlcheck_write_cb(expr) \ + (curlcheck_read_cb(expr) || \ + curlcheck_cb_compatible((expr), __typeof__(fwrite) *) || \ + curlcheck_cb_compatible((expr), curl_write_callback) || \ + curlcheck_cb_compatible((expr), _curl_write_callback1) || \ + curlcheck_cb_compatible((expr), _curl_write_callback2) || \ + curlcheck_cb_compatible((expr), _curl_write_callback3) || \ + curlcheck_cb_compatible((expr), _curl_write_callback4) || \ + curlcheck_cb_compatible((expr), _curl_write_callback5) || \ + curlcheck_cb_compatible((expr), _curl_write_callback6)) typedef size_t (*_curl_write_callback1)(const char *, size_t, size_t, void *); typedef size_t (*_curl_write_callback2)(const char *, size_t, size_t, const void *); @@ -558,37 +559,37 @@ typedef size_t (*_curl_write_callback5)(const void *, size_t, size_t, typedef size_t (*_curl_write_callback6)(const void *, size_t, size_t, FILE *); /* evaluates to true if expr is of type curl_ioctl_callback or "similar" */ -#define _curl_is_ioctl_cb(expr) \ - (_curl_is_NULL(expr) || \ - _curl_callback_compatible((expr), curl_ioctl_callback) || \ - _curl_callback_compatible((expr), _curl_ioctl_callback1) || \ - _curl_callback_compatible((expr), _curl_ioctl_callback2) || \ - _curl_callback_compatible((expr), _curl_ioctl_callback3) || \ - _curl_callback_compatible((expr), _curl_ioctl_callback4)) +#define curlcheck_ioctl_cb(expr) \ + (curlcheck_NULL(expr) || \ + curlcheck_cb_compatible((expr), curl_ioctl_callback) || \ + curlcheck_cb_compatible((expr), _curl_ioctl_callback1) || \ + curlcheck_cb_compatible((expr), _curl_ioctl_callback2) || \ + curlcheck_cb_compatible((expr), _curl_ioctl_callback3) || \ + curlcheck_cb_compatible((expr), _curl_ioctl_callback4)) typedef curlioerr (*_curl_ioctl_callback1)(CURL *, int, void *); typedef curlioerr (*_curl_ioctl_callback2)(CURL *, int, const void *); typedef curlioerr (*_curl_ioctl_callback3)(CURL *, curliocmd, void *); typedef curlioerr (*_curl_ioctl_callback4)(CURL *, curliocmd, const void *); /* evaluates to true if expr is of type curl_sockopt_callback or "similar" */ -#define _curl_is_sockopt_cb(expr) \ - (_curl_is_NULL(expr) || \ - _curl_callback_compatible((expr), curl_sockopt_callback) || \ - _curl_callback_compatible((expr), _curl_sockopt_callback1) || \ - _curl_callback_compatible((expr), _curl_sockopt_callback2)) +#define curlcheck_sockopt_cb(expr) \ + (curlcheck_NULL(expr) || \ + curlcheck_cb_compatible((expr), curl_sockopt_callback) || \ + curlcheck_cb_compatible((expr), _curl_sockopt_callback1) || \ + curlcheck_cb_compatible((expr), _curl_sockopt_callback2)) typedef int (*_curl_sockopt_callback1)(void *, curl_socket_t, curlsocktype); typedef int (*_curl_sockopt_callback2)(const void *, curl_socket_t, curlsocktype); /* evaluates to true if expr is of type curl_opensocket_callback or "similar" */ -#define _curl_is_opensocket_cb(expr) \ - (_curl_is_NULL(expr) || \ - _curl_callback_compatible((expr), curl_opensocket_callback) || \ - _curl_callback_compatible((expr), _curl_opensocket_callback1) || \ - _curl_callback_compatible((expr), _curl_opensocket_callback2) || \ - _curl_callback_compatible((expr), _curl_opensocket_callback3) || \ - _curl_callback_compatible((expr), _curl_opensocket_callback4)) +#define curlcheck_opensocket_cb(expr) \ + (curlcheck_NULL(expr) || \ + curlcheck_cb_compatible((expr), curl_opensocket_callback) || \ + curlcheck_cb_compatible((expr), _curl_opensocket_callback1) || \ + curlcheck_cb_compatible((expr), _curl_opensocket_callback2) || \ + curlcheck_cb_compatible((expr), _curl_opensocket_callback3) || \ + curlcheck_cb_compatible((expr), _curl_opensocket_callback4)) typedef curl_socket_t (*_curl_opensocket_callback1) (void *, curlsocktype, struct curl_sockaddr *); typedef curl_socket_t (*_curl_opensocket_callback2) @@ -599,28 +600,28 @@ typedef curl_socket_t (*_curl_opensocket_callback4) (const void *, curlsocktype, const struct curl_sockaddr *); /* evaluates to true if expr is of type curl_progress_callback or "similar" */ -#define _curl_is_progress_cb(expr) \ - (_curl_is_NULL(expr) || \ - _curl_callback_compatible((expr), curl_progress_callback) || \ - _curl_callback_compatible((expr), _curl_progress_callback1) || \ - _curl_callback_compatible((expr), _curl_progress_callback2)) +#define curlcheck_progress_cb(expr) \ + (curlcheck_NULL(expr) || \ + curlcheck_cb_compatible((expr), curl_progress_callback) || \ + curlcheck_cb_compatible((expr), _curl_progress_callback1) || \ + curlcheck_cb_compatible((expr), _curl_progress_callback2)) typedef int (*_curl_progress_callback1)(void *, double, double, double, double); typedef int (*_curl_progress_callback2)(const void *, double, double, double, double); /* evaluates to true if expr is of type curl_debug_callback or "similar" */ -#define _curl_is_debug_cb(expr) \ - (_curl_is_NULL(expr) || \ - _curl_callback_compatible((expr), curl_debug_callback) || \ - _curl_callback_compatible((expr), _curl_debug_callback1) || \ - _curl_callback_compatible((expr), _curl_debug_callback2) || \ - _curl_callback_compatible((expr), _curl_debug_callback3) || \ - _curl_callback_compatible((expr), _curl_debug_callback4) || \ - _curl_callback_compatible((expr), _curl_debug_callback5) || \ - _curl_callback_compatible((expr), _curl_debug_callback6) || \ - _curl_callback_compatible((expr), _curl_debug_callback7) || \ - _curl_callback_compatible((expr), _curl_debug_callback8)) +#define curlcheck_debug_cb(expr) \ + (curlcheck_NULL(expr) || \ + curlcheck_cb_compatible((expr), curl_debug_callback) || \ + curlcheck_cb_compatible((expr), _curl_debug_callback1) || \ + curlcheck_cb_compatible((expr), _curl_debug_callback2) || \ + curlcheck_cb_compatible((expr), _curl_debug_callback3) || \ + curlcheck_cb_compatible((expr), _curl_debug_callback4) || \ + curlcheck_cb_compatible((expr), _curl_debug_callback5) || \ + curlcheck_cb_compatible((expr), _curl_debug_callback6) || \ + curlcheck_cb_compatible((expr), _curl_debug_callback7) || \ + curlcheck_cb_compatible((expr), _curl_debug_callback8)) typedef int (*_curl_debug_callback1) (CURL *, curl_infotype, char *, size_t, void *); typedef int (*_curl_debug_callback2) (CURL *, @@ -640,17 +641,17 @@ typedef int (*_curl_debug_callback8) (CURL *, /* evaluates to true if expr is of type curl_ssl_ctx_callback or "similar" */ /* this is getting even messier... */ -#define _curl_is_ssl_ctx_cb(expr) \ - (_curl_is_NULL(expr) || \ - _curl_callback_compatible((expr), curl_ssl_ctx_callback) || \ - _curl_callback_compatible((expr), _curl_ssl_ctx_callback1) || \ - _curl_callback_compatible((expr), _curl_ssl_ctx_callback2) || \ - _curl_callback_compatible((expr), _curl_ssl_ctx_callback3) || \ - _curl_callback_compatible((expr), _curl_ssl_ctx_callback4) || \ - _curl_callback_compatible((expr), _curl_ssl_ctx_callback5) || \ - _curl_callback_compatible((expr), _curl_ssl_ctx_callback6) || \ - _curl_callback_compatible((expr), _curl_ssl_ctx_callback7) || \ - _curl_callback_compatible((expr), _curl_ssl_ctx_callback8)) +#define curlcheck_ssl_ctx_cb(expr) \ + (curlcheck_NULL(expr) || \ + curlcheck_cb_compatible((expr), curl_ssl_ctx_callback) || \ + curlcheck_cb_compatible((expr), _curl_ssl_ctx_callback1) || \ + curlcheck_cb_compatible((expr), _curl_ssl_ctx_callback2) || \ + curlcheck_cb_compatible((expr), _curl_ssl_ctx_callback3) || \ + curlcheck_cb_compatible((expr), _curl_ssl_ctx_callback4) || \ + curlcheck_cb_compatible((expr), _curl_ssl_ctx_callback5) || \ + curlcheck_cb_compatible((expr), _curl_ssl_ctx_callback6) || \ + curlcheck_cb_compatible((expr), _curl_ssl_ctx_callback7) || \ + curlcheck_cb_compatible((expr), _curl_ssl_ctx_callback8)) typedef CURLcode (*_curl_ssl_ctx_callback1)(CURL *, void *, void *); typedef CURLcode (*_curl_ssl_ctx_callback2)(CURL *, void *, const void *); typedef CURLcode (*_curl_ssl_ctx_callback3)(CURL *, const void *, void *); @@ -673,26 +674,26 @@ typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback8; #endif /* evaluates to true if expr is of type curl_conv_callback or "similar" */ -#define _curl_is_conv_cb(expr) \ - (_curl_is_NULL(expr) || \ - _curl_callback_compatible((expr), curl_conv_callback) || \ - _curl_callback_compatible((expr), _curl_conv_callback1) || \ - _curl_callback_compatible((expr), _curl_conv_callback2) || \ - _curl_callback_compatible((expr), _curl_conv_callback3) || \ - _curl_callback_compatible((expr), _curl_conv_callback4)) +#define curlcheck_conv_cb(expr) \ + (curlcheck_NULL(expr) || \ + curlcheck_cb_compatible((expr), curl_conv_callback) || \ + curlcheck_cb_compatible((expr), _curl_conv_callback1) || \ + curlcheck_cb_compatible((expr), _curl_conv_callback2) || \ + curlcheck_cb_compatible((expr), _curl_conv_callback3) || \ + curlcheck_cb_compatible((expr), _curl_conv_callback4)) typedef CURLcode (*_curl_conv_callback1)(char *, size_t length); typedef CURLcode (*_curl_conv_callback2)(const char *, size_t length); typedef CURLcode (*_curl_conv_callback3)(void *, size_t length); typedef CURLcode (*_curl_conv_callback4)(const void *, size_t length); /* evaluates to true if expr is of type curl_seek_callback or "similar" */ -#define _curl_is_seek_cb(expr) \ - (_curl_is_NULL(expr) || \ - _curl_callback_compatible((expr), curl_seek_callback) || \ - _curl_callback_compatible((expr), _curl_seek_callback1) || \ - _curl_callback_compatible((expr), _curl_seek_callback2)) +#define curlcheck_seek_cb(expr) \ + (curlcheck_NULL(expr) || \ + curlcheck_cb_compatible((expr), curl_seek_callback) || \ + curlcheck_cb_compatible((expr), _curl_seek_callback1) || \ + curlcheck_cb_compatible((expr), _curl_seek_callback2)) typedef CURLcode (*_curl_seek_callback1)(void *, curl_off_t, int); typedef CURLcode (*_curl_seek_callback2)(const void *, curl_off_t, int); -#endif /* __CURL_TYPECHECK_GCC_H */ +#endif /* CURLINC_TYPECHECK_GCC_H */ diff --git a/libs/libcurl/include/curl/urlapi.h b/libs/libcurl/include/curl/urlapi.h index 58e89d85c2..0f2f152f1f 100644 --- a/libs/libcurl/include/curl/urlapi.h +++ b/libs/libcurl/include/curl/urlapi.h @@ -1,5 +1,5 @@ -#ifndef __CURL_URLAPI_H -#define __CURL_URLAPI_H +#ifndef CURLINC_URLAPI_H +#define CURLINC_URLAPI_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | @@ -120,4 +120,4 @@ CURL_EXTERN CURLUcode curl_url_set(CURLU *handle, CURLUPart what, } /* end of extern "C" */ #endif -#endif +#endif /* CURLINC_URLAPI_H */ diff --git a/libs/libcurl/libcurl.vcxproj b/libs/libcurl/libcurl.vcxproj index 5909d76717..b8724b921a 100644 --- a/libs/libcurl/libcurl.vcxproj +++ b/libs/libcurl/libcurl.vcxproj @@ -29,6 +29,9 @@ <ClCompile Include="src\vauth\*.c">
<PrecompiledHeader>NotUsing</PrecompiledHeader>
</ClCompile>
+ <ClCompile Include="src\vssh\*.c">
+ <PrecompiledHeader>NotUsing</PrecompiledHeader>
+ </ClCompile>
<ClCompile Include="src\vtls\*.c">
<PrecompiledHeader>NotUsing</PrecompiledHeader>
</ClCompile>
diff --git a/libs/libcurl/src/Makefile.am b/libs/libcurl/src/Makefile.am index 7c258b3fa7..516a2394df 100644 --- a/libs/libcurl/src/Makefile.am +++ b/libs/libcurl/src/Makefile.am @@ -23,8 +23,8 @@ AUTOMAKE_OPTIONS = foreign nostdinc CMAKE_DIST = CMakeLists.txt curl_config.h.cmake -EXTRA_DIST = Makefile.m32 config-win32.h \ - config-win32ce.h config-riscos.h config-mac.h curl_config.h.in \ +EXTRA_DIST = Makefile.m32 config-win32.h config-win32ce.h \ + config-plan9.h config-riscos.h config-mac.h curl_config.h.in \ makefile.dj config-dos.h libcurl.plist libcurl.rc config-amigaos.h \ makefile.amiga Makefile.netware nwlib.c nwos.c config-win32ce.h \ config-os400.h setup-os400.h config-symbian.h Makefile.Watcom \ @@ -65,7 +65,7 @@ endif # Prevent LIBS from being used for all link targets LIBS = $(BLANK_AT_MAKETIME) -VERSIONINFO=-version-info 9:0:5 +VERSIONINFO=-version-info 10:0:6 # This flag accepts an argument of the form current[:revision[:age]]. So, # passing -version-info 3:12:1 sets current to 3, revision to 12, and age to # 1. @@ -138,7 +138,7 @@ CS_ = $(CS_0) checksrc: $(CHECKSRC)(@PERL@ $(srcdir)/checksrc.pl -D$(srcdir) -W$(srcdir)/curl_config.h \ - $(srcdir)/*.[ch] $(srcdir)/vauth/*.[ch] $(srcdir)/vtls/*.[ch]) + $(srcdir)/*.[ch] $(srcdir)/vauth/*.[ch] $(srcdir)/vtls/*.[ch] $(srcdir)/vquic/*.[ch] $(srcdir)/vssh/*.[ch]) if CURLDEBUG # for debug builds, we scan the sources on all regular make invokes diff --git a/libs/libcurl/src/Makefile.in b/libs/libcurl/src/Makefile.in index da01c26a66..28dfe93e43 100644 --- a/libs/libcurl/src/Makefile.in +++ b/libs/libcurl/src/Makefile.in @@ -205,25 +205,24 @@ am__objects_1 = libcurl_la-file.lo libcurl_la-timeval.lo \ libcurl_la-hostsyn.lo libcurl_la-inet_ntop.lo \ libcurl_la-parsedate.lo libcurl_la-select.lo \ libcurl_la-tftp.lo libcurl_la-splay.lo libcurl_la-strdup.lo \ - libcurl_la-socks.lo libcurl_la-ssh.lo libcurl_la-ssh-libssh.lo \ - libcurl_la-curl_addrinfo.lo libcurl_la-socks_gssapi.lo \ - libcurl_la-socks_sspi.lo libcurl_la-curl_sspi.lo \ - libcurl_la-slist.lo libcurl_la-nonblock.lo \ - libcurl_la-curl_memrchr.lo libcurl_la-imap.lo \ - libcurl_la-pop3.lo libcurl_la-smtp.lo libcurl_la-pingpong.lo \ - libcurl_la-rtsp.lo libcurl_la-curl_threads.lo \ - libcurl_la-warnless.lo libcurl_la-hmac.lo \ - libcurl_la-curl_rtmp.lo libcurl_la-openldap.lo \ - libcurl_la-curl_gethostname.lo libcurl_la-gopher.lo \ - libcurl_la-idn_win32.lo libcurl_la-http_proxy.lo \ - libcurl_la-non-ascii.lo libcurl_la-asyn-ares.lo \ - libcurl_la-asyn-thread.lo libcurl_la-curl_gssapi.lo \ - libcurl_la-http_ntlm.lo libcurl_la-curl_ntlm_wb.lo \ - libcurl_la-curl_ntlm_core.lo libcurl_la-curl_sasl.lo \ - libcurl_la-rand.lo libcurl_la-curl_multibyte.lo \ - libcurl_la-hostcheck.lo libcurl_la-conncache.lo \ - libcurl_la-dotdot.lo libcurl_la-x509asn1.lo \ - libcurl_la-http2.lo libcurl_la-smb.lo \ + libcurl_la-socks.lo libcurl_la-curl_addrinfo.lo \ + libcurl_la-socks_gssapi.lo libcurl_la-socks_sspi.lo \ + libcurl_la-curl_sspi.lo libcurl_la-slist.lo \ + libcurl_la-nonblock.lo libcurl_la-curl_memrchr.lo \ + libcurl_la-imap.lo libcurl_la-pop3.lo libcurl_la-smtp.lo \ + libcurl_la-pingpong.lo libcurl_la-rtsp.lo \ + libcurl_la-curl_threads.lo libcurl_la-warnless.lo \ + libcurl_la-hmac.lo libcurl_la-curl_rtmp.lo \ + libcurl_la-openldap.lo libcurl_la-curl_gethostname.lo \ + libcurl_la-gopher.lo libcurl_la-idn_win32.lo \ + libcurl_la-http_proxy.lo libcurl_la-non-ascii.lo \ + libcurl_la-asyn-ares.lo libcurl_la-asyn-thread.lo \ + libcurl_la-curl_gssapi.lo libcurl_la-http_ntlm.lo \ + libcurl_la-curl_ntlm_wb.lo libcurl_la-curl_ntlm_core.lo \ + libcurl_la-curl_sasl.lo libcurl_la-rand.lo \ + libcurl_la-curl_multibyte.lo libcurl_la-hostcheck.lo \ + libcurl_la-conncache.lo libcurl_la-dotdot.lo \ + libcurl_la-x509asn1.lo libcurl_la-http2.lo libcurl_la-smb.lo \ libcurl_la-curl_endian.lo libcurl_la-curl_des.lo \ libcurl_la-system_win32.lo libcurl_la-mime.lo \ libcurl_la-sha256.lo libcurl_la-setopt.lo \ @@ -247,10 +246,14 @@ am__objects_3 = vtls/libcurl_la-openssl.lo vtls/libcurl_la-gtls.lo \ vtls/libcurl_la-schannel_verify.lo \ vtls/libcurl_la-sectransp.lo vtls/libcurl_la-gskit.lo \ vtls/libcurl_la-mbedtls.lo vtls/libcurl_la-mesalink.lo -am__objects_4 = $(am__objects_1) $(am__objects_2) $(am__objects_3) -am__objects_5 = -am__objects_6 = $(am__objects_5) $(am__objects_5) $(am__objects_5) -am_libcurl_la_OBJECTS = $(am__objects_4) $(am__objects_6) +am__objects_4 = vquic/libcurl_la-ngtcp2.lo vquic/libcurl_la-quiche.lo +am__objects_5 = vssh/libcurl_la-libssh2.lo vssh/libcurl_la-libssh.lo +am__objects_6 = $(am__objects_1) $(am__objects_2) $(am__objects_3) \ + $(am__objects_4) $(am__objects_5) +am__objects_7 = +am__objects_8 = $(am__objects_7) $(am__objects_7) $(am__objects_7) \ + $(am__objects_7) +am_libcurl_la_OBJECTS = $(am__objects_6) $(am__objects_8) libcurl_la_OBJECTS = $(am_libcurl_la_OBJECTS) AM_V_lt = $(am__v_lt_@AM_V@) am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) @@ -260,7 +263,7 @@ libcurl_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(libcurl_la_CFLAGS) \ $(CFLAGS) $(libcurl_la_LDFLAGS) $(LDFLAGS) -o $@ libcurlu_la_LIBADD = -am__objects_7 = libcurlu_la-file.lo libcurlu_la-timeval.lo \ +am__objects_9 = libcurlu_la-file.lo libcurlu_la-timeval.lo \ libcurlu_la-base64.lo libcurlu_la-hostip.lo \ libcurlu_la-progress.lo libcurlu_la-formdata.lo \ libcurlu_la-cookie.lo libcurlu_la-http.lo libcurlu_la-sendf.lo \ @@ -287,12 +290,12 @@ am__objects_7 = libcurlu_la-file.lo libcurlu_la-timeval.lo \ libcurlu_la-hostip6.lo libcurlu_la-hostsyn.lo \ libcurlu_la-inet_ntop.lo libcurlu_la-parsedate.lo \ libcurlu_la-select.lo libcurlu_la-tftp.lo libcurlu_la-splay.lo \ - libcurlu_la-strdup.lo libcurlu_la-socks.lo libcurlu_la-ssh.lo \ - libcurlu_la-ssh-libssh.lo libcurlu_la-curl_addrinfo.lo \ - libcurlu_la-socks_gssapi.lo libcurlu_la-socks_sspi.lo \ - libcurlu_la-curl_sspi.lo libcurlu_la-slist.lo \ - libcurlu_la-nonblock.lo libcurlu_la-curl_memrchr.lo \ - libcurlu_la-imap.lo libcurlu_la-pop3.lo libcurlu_la-smtp.lo \ + libcurlu_la-strdup.lo libcurlu_la-socks.lo \ + libcurlu_la-curl_addrinfo.lo libcurlu_la-socks_gssapi.lo \ + libcurlu_la-socks_sspi.lo libcurlu_la-curl_sspi.lo \ + libcurlu_la-slist.lo libcurlu_la-nonblock.lo \ + libcurlu_la-curl_memrchr.lo libcurlu_la-imap.lo \ + libcurlu_la-pop3.lo libcurlu_la-smtp.lo \ libcurlu_la-pingpong.lo libcurlu_la-rtsp.lo \ libcurlu_la-curl_threads.lo libcurlu_la-warnless.lo \ libcurlu_la-hmac.lo libcurlu_la-curl_rtmp.lo \ @@ -313,7 +316,7 @@ am__objects_7 = libcurlu_la-file.lo libcurlu_la-timeval.lo \ libcurlu_la-curl_ctype.lo libcurlu_la-curl_range.lo \ libcurlu_la-psl.lo libcurlu_la-doh.lo libcurlu_la-urlapi.lo \ libcurlu_la-curl_get_line.lo libcurlu_la-altsvc.lo -am__objects_8 = vauth/libcurlu_la-vauth.lo \ +am__objects_10 = vauth/libcurlu_la-vauth.lo \ vauth/libcurlu_la-cleartext.lo vauth/libcurlu_la-cram.lo \ vauth/libcurlu_la-digest.lo vauth/libcurlu_la-digest_sspi.lo \ vauth/libcurlu_la-krb5_gssapi.lo \ @@ -321,7 +324,7 @@ am__objects_8 = vauth/libcurlu_la-vauth.lo \ vauth/libcurlu_la-ntlm_sspi.lo vauth/libcurlu_la-oauth2.lo \ vauth/libcurlu_la-spnego_gssapi.lo \ vauth/libcurlu_la-spnego_sspi.lo -am__objects_9 = vtls/libcurlu_la-openssl.lo vtls/libcurlu_la-gtls.lo \ +am__objects_11 = vtls/libcurlu_la-openssl.lo vtls/libcurlu_la-gtls.lo \ vtls/libcurlu_la-vtls.lo vtls/libcurlu_la-nss.lo \ vtls/libcurlu_la-polarssl.lo \ vtls/libcurlu_la-polarssl_threadlock.lo \ @@ -329,8 +332,13 @@ am__objects_9 = vtls/libcurlu_la-openssl.lo vtls/libcurlu_la-gtls.lo \ vtls/libcurlu_la-schannel_verify.lo \ vtls/libcurlu_la-sectransp.lo vtls/libcurlu_la-gskit.lo \ vtls/libcurlu_la-mbedtls.lo vtls/libcurlu_la-mesalink.lo -am__objects_10 = $(am__objects_7) $(am__objects_8) $(am__objects_9) -am_libcurlu_la_OBJECTS = $(am__objects_10) $(am__objects_6) +am__objects_12 = vquic/libcurlu_la-ngtcp2.lo \ + vquic/libcurlu_la-quiche.lo +am__objects_13 = vssh/libcurlu_la-libssh2.lo \ + vssh/libcurlu_la-libssh.lo +am__objects_14 = $(am__objects_9) $(am__objects_10) $(am__objects_11) \ + $(am__objects_12) $(am__objects_13) +am_libcurlu_la_OBJECTS = $(am__objects_14) $(am__objects_8) libcurlu_la_OBJECTS = $(am_libcurlu_la_OBJECTS) libcurlu_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(libcurlu_la_CFLAGS) \ @@ -441,8 +449,6 @@ am__depfiles_remade = ./$(DEPDIR)/libcurl_la-altsvc.Plo \ ./$(DEPDIR)/libcurl_la-socks_sspi.Plo \ ./$(DEPDIR)/libcurl_la-speedcheck.Plo \ ./$(DEPDIR)/libcurl_la-splay.Plo \ - ./$(DEPDIR)/libcurl_la-ssh-libssh.Plo \ - ./$(DEPDIR)/libcurl_la-ssh.Plo \ ./$(DEPDIR)/libcurl_la-strcase.Plo \ ./$(DEPDIR)/libcurl_la-strdup.Plo \ ./$(DEPDIR)/libcurl_la-strerror.Plo \ @@ -553,8 +559,6 @@ am__depfiles_remade = ./$(DEPDIR)/libcurl_la-altsvc.Plo \ ./$(DEPDIR)/libcurlu_la-socks_sspi.Plo \ ./$(DEPDIR)/libcurlu_la-speedcheck.Plo \ ./$(DEPDIR)/libcurlu_la-splay.Plo \ - ./$(DEPDIR)/libcurlu_la-ssh-libssh.Plo \ - ./$(DEPDIR)/libcurlu_la-ssh.Plo \ ./$(DEPDIR)/libcurlu_la-strcase.Plo \ ./$(DEPDIR)/libcurlu_la-strdup.Plo \ ./$(DEPDIR)/libcurlu_la-strerror.Plo \ @@ -595,6 +599,14 @@ am__depfiles_remade = ./$(DEPDIR)/libcurl_la-altsvc.Plo \ vauth/$(DEPDIR)/libcurlu_la-spnego_gssapi.Plo \ vauth/$(DEPDIR)/libcurlu_la-spnego_sspi.Plo \ vauth/$(DEPDIR)/libcurlu_la-vauth.Plo \ + vquic/$(DEPDIR)/libcurl_la-ngtcp2.Plo \ + vquic/$(DEPDIR)/libcurl_la-quiche.Plo \ + vquic/$(DEPDIR)/libcurlu_la-ngtcp2.Plo \ + vquic/$(DEPDIR)/libcurlu_la-quiche.Plo \ + vssh/$(DEPDIR)/libcurl_la-libssh.Plo \ + vssh/$(DEPDIR)/libcurl_la-libssh2.Plo \ + vssh/$(DEPDIR)/libcurlu_la-libssh.Plo \ + vssh/$(DEPDIR)/libcurlu_la-libssh2.Plo \ vtls/$(DEPDIR)/libcurl_la-gskit.Plo \ vtls/$(DEPDIR)/libcurl_la-gtls.Plo \ vtls/$(DEPDIR)/libcurl_la-mbedtls.Plo \ @@ -808,8 +820,12 @@ USE_LIBSSH2 = @USE_LIBSSH2@ USE_MBEDTLS = @USE_MBEDTLS@ USE_MESALINK = @USE_MESALINK@ USE_NGHTTP2 = @USE_NGHTTP2@ +USE_NGHTTP3 = @USE_NGHTTP3@ +USE_NGTCP2 = @USE_NGTCP2@ +USE_NGTCP2_CRYPTO_OPENSSL = @USE_NGTCP2_CRYPTO_OPENSSL@ USE_NSS = @USE_NSS@ USE_OPENLDAP = @USE_OPENLDAP@ +USE_QUICHE = @USE_QUICHE@ USE_SCHANNEL = @USE_SCHANNEL@ USE_SECTRANSP = @USE_SECTRANSP@ USE_UNIX_SOCKETS = @USE_UNIX_SOCKETS@ @@ -898,8 +914,8 @@ top_srcdir = @top_srcdir@ ########################################################################### AUTOMAKE_OPTIONS = foreign nostdinc CMAKE_DIST = CMakeLists.txt curl_config.h.cmake -EXTRA_DIST = Makefile.m32 config-win32.h \ - config-win32ce.h config-riscos.h config-mac.h curl_config.h.in \ +EXTRA_DIST = Makefile.m32 config-win32.h config-win32ce.h \ + config-plan9.h config-riscos.h config-mac.h curl_config.h.in \ makefile.dj config-dos.h libcurl.plist libcurl.rc config-amigaos.h \ makefile.amiga Makefile.netware nwlib.c nwos.c config-win32ce.h \ config-os400.h setup-os400.h config-symbian.h Makefile.Watcom \ @@ -934,7 +950,7 @@ lib_LTLIBRARIES = libcurl.la # For the full guide on libcurl ABI rules, see docs/libcurl/ABI AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_builddir)/lib \ -I$(top_srcdir)/lib $(am__append_1) -DBUILDING_LIBCURL -VERSIONINFO = -version-info 9:0:5 +VERSIONINFO = -version-info 10:0:6 AM_LDFLAGS = AM_CFLAGS = libcurl_la_CPPFLAGS_EXTRA = $(am__append_7) $(am__append_8) @@ -963,6 +979,9 @@ LIB_VTLS_HFILES = vtls/openssl.h vtls/vtls.h vtls/gtls.h \ vtls/wolfssl.h vtls/schannel.h vtls/sectransp.h vtls/gskit.h \ vtls/mbedtls.h vtls/mesalink.h +LIB_VQUIC_CFILES = vquic/ngtcp2.c vquic/quiche.c +LIB_VQUIC_HFILES = vquic/ngtcp2.h vquic/quiche.h +LIB_VSSH_CFILES = vssh/libssh2.c vssh/libssh.c LIB_CFILES = file.c timeval.c base64.c hostip.c progress.c formdata.c \ cookie.c http.c sendf.c ftp.c url.c dict.c if2ip.c speedcheck.c \ ldap.c version.c getenv.c escape.c mprintf.c telnet.c netrc.c \ @@ -972,7 +991,7 @@ LIB_CFILES = file.c timeval.c base64.c hostip.c progress.c formdata.c \ http_digest.c md4.c md5.c http_negotiate.c inet_pton.c strtoofft.c \ strerror.c amigaos.c hostasyn.c hostip4.c hostip6.c hostsyn.c \ inet_ntop.c parsedate.c select.c tftp.c splay.c strdup.c socks.c \ - ssh.c ssh-libssh.c curl_addrinfo.c socks_gssapi.c socks_sspi.c \ + curl_addrinfo.c socks_gssapi.c socks_sspi.c \ curl_sspi.c slist.c nonblock.c curl_memrchr.c imap.c pop3.c smtp.c \ pingpong.c rtsp.c curl_threads.c warnless.c hmac.c curl_rtmp.c \ openldap.c curl_gethostname.c gopher.c idn_win32.c \ @@ -1002,11 +1021,15 @@ LIB_HFILES = arpa_telnet.h netrc.h file.h timeval.h hostip.h progress.h \ x509asn1.h http2.h sigpipe.h smb.h curl_endian.h curl_des.h \ curl_printf.h system_win32.h rand.h mime.h curl_sha256.h setopt.h \ curl_path.h curl_ctype.h curl_range.h psl.h doh.h urlapi-int.h \ - curl_get_line.h altsvc.h + curl_get_line.h altsvc.h quic.h LIB_RCFILES = libcurl.rc -CSOURCES = $(LIB_CFILES) $(LIB_VAUTH_CFILES) $(LIB_VTLS_CFILES) -HHEADERS = $(LIB_HFILES) $(LIB_VAUTH_HFILES) $(LIB_VTLS_HFILES) +CSOURCES = $(LIB_CFILES) $(LIB_VAUTH_CFILES) $(LIB_VTLS_CFILES) \ + $(LIB_VQUIC_CFILES) $(LIB_VSSH_CFILES) + +HHEADERS = $(LIB_HFILES) $(LIB_VAUTH_HFILES) $(LIB_VTLS_HFILES) \ + $(LIB_VQUIC_HFILES) + # Makefile.inc provides the CSOURCES and HHEADERS defines libcurl_la_SOURCES = $(CSOURCES) $(HHEADERS) @@ -1179,6 +1202,26 @@ vtls/libcurl_la-mbedtls.lo: vtls/$(am__dirstamp) \ vtls/$(DEPDIR)/$(am__dirstamp) vtls/libcurl_la-mesalink.lo: vtls/$(am__dirstamp) \ vtls/$(DEPDIR)/$(am__dirstamp) +vquic/$(am__dirstamp): + @$(MKDIR_P) vquic + @: > vquic/$(am__dirstamp) +vquic/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) vquic/$(DEPDIR) + @: > vquic/$(DEPDIR)/$(am__dirstamp) +vquic/libcurl_la-ngtcp2.lo: vquic/$(am__dirstamp) \ + vquic/$(DEPDIR)/$(am__dirstamp) +vquic/libcurl_la-quiche.lo: vquic/$(am__dirstamp) \ + vquic/$(DEPDIR)/$(am__dirstamp) +vssh/$(am__dirstamp): + @$(MKDIR_P) vssh + @: > vssh/$(am__dirstamp) +vssh/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) vssh/$(DEPDIR) + @: > vssh/$(DEPDIR)/$(am__dirstamp) +vssh/libcurl_la-libssh2.lo: vssh/$(am__dirstamp) \ + vssh/$(DEPDIR)/$(am__dirstamp) +vssh/libcurl_la-libssh.lo: vssh/$(am__dirstamp) \ + vssh/$(DEPDIR)/$(am__dirstamp) libcurl.la: $(libcurl_la_OBJECTS) $(libcurl_la_DEPENDENCIES) $(EXTRA_libcurl_la_DEPENDENCIES) $(AM_V_CCLD)$(libcurl_la_LINK) -rpath $(libdir) $(libcurl_la_OBJECTS) $(libcurl_la_LIBADD) $(LIBS) @@ -1232,6 +1275,14 @@ vtls/libcurlu_la-mbedtls.lo: vtls/$(am__dirstamp) \ vtls/$(DEPDIR)/$(am__dirstamp) vtls/libcurlu_la-mesalink.lo: vtls/$(am__dirstamp) \ vtls/$(DEPDIR)/$(am__dirstamp) +vquic/libcurlu_la-ngtcp2.lo: vquic/$(am__dirstamp) \ + vquic/$(DEPDIR)/$(am__dirstamp) +vquic/libcurlu_la-quiche.lo: vquic/$(am__dirstamp) \ + vquic/$(DEPDIR)/$(am__dirstamp) +vssh/libcurlu_la-libssh2.lo: vssh/$(am__dirstamp) \ + vssh/$(DEPDIR)/$(am__dirstamp) +vssh/libcurlu_la-libssh.lo: vssh/$(am__dirstamp) \ + vssh/$(DEPDIR)/$(am__dirstamp) libcurlu.la: $(libcurlu_la_OBJECTS) $(libcurlu_la_DEPENDENCIES) $(EXTRA_libcurlu_la_DEPENDENCIES) $(AM_V_CCLD)$(libcurlu_la_LINK) $(am_libcurlu_la_rpath) $(libcurlu_la_OBJECTS) $(libcurlu_la_LIBADD) $(LIBS) @@ -1240,6 +1291,10 @@ mostlyclean-compile: -rm -f *.$(OBJEXT) -rm -f vauth/*.$(OBJEXT) -rm -f vauth/*.lo + -rm -f vquic/*.$(OBJEXT) + -rm -f vquic/*.lo + -rm -f vssh/*.$(OBJEXT) + -rm -f vssh/*.lo -rm -f vtls/*.$(OBJEXT) -rm -f vtls/*.lo @@ -1340,8 +1395,6 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-socks_sspi.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-speedcheck.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-splay.Plo@am__quote@ # am--include-marker -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-ssh-libssh.Plo@am__quote@ # am--include-marker -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-ssh.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-strcase.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-strdup.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-strerror.Plo@am__quote@ # am--include-marker @@ -1452,8 +1505,6 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-socks_sspi.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-speedcheck.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-splay.Plo@am__quote@ # am--include-marker -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-ssh-libssh.Plo@am__quote@ # am--include-marker -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-ssh.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-strcase.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-strdup.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-strerror.Plo@am__quote@ # am--include-marker @@ -1494,6 +1545,14 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurlu_la-spnego_gssapi.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurlu_la-spnego_sspi.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurlu_la-vauth.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@vquic/$(DEPDIR)/libcurl_la-ngtcp2.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@vquic/$(DEPDIR)/libcurl_la-quiche.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@vquic/$(DEPDIR)/libcurlu_la-ngtcp2.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@vquic/$(DEPDIR)/libcurlu_la-quiche.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@vssh/$(DEPDIR)/libcurl_la-libssh.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@vssh/$(DEPDIR)/libcurl_la-libssh2.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@vssh/$(DEPDIR)/libcurlu_la-libssh.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@vssh/$(DEPDIR)/libcurlu_la-libssh2.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurl_la-gskit.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurl_la-gtls.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurl_la-mbedtls.Plo@am__quote@ # am--include-marker @@ -1964,20 +2023,6 @@ libcurl_la-socks.lo: socks.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-socks.lo `test -f 'socks.c' || echo '$(srcdir)/'`socks.c -libcurl_la-ssh.lo: ssh.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-ssh.lo -MD -MP -MF $(DEPDIR)/libcurl_la-ssh.Tpo -c -o libcurl_la-ssh.lo `test -f 'ssh.c' || echo '$(srcdir)/'`ssh.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-ssh.Tpo $(DEPDIR)/libcurl_la-ssh.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ssh.c' object='libcurl_la-ssh.lo' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-ssh.lo `test -f 'ssh.c' || echo '$(srcdir)/'`ssh.c - -libcurl_la-ssh-libssh.lo: ssh-libssh.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-ssh-libssh.lo -MD -MP -MF $(DEPDIR)/libcurl_la-ssh-libssh.Tpo -c -o libcurl_la-ssh-libssh.lo `test -f 'ssh-libssh.c' || echo '$(srcdir)/'`ssh-libssh.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-ssh-libssh.Tpo $(DEPDIR)/libcurl_la-ssh-libssh.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ssh-libssh.c' object='libcurl_la-ssh-libssh.lo' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-ssh-libssh.lo `test -f 'ssh-libssh.c' || echo '$(srcdir)/'`ssh-libssh.c - libcurl_la-curl_addrinfo.lo: curl_addrinfo.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-curl_addrinfo.lo -MD -MP -MF $(DEPDIR)/libcurl_la-curl_addrinfo.Tpo -c -o libcurl_la-curl_addrinfo.lo `test -f 'curl_addrinfo.c' || echo '$(srcdir)/'`curl_addrinfo.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-curl_addrinfo.Tpo $(DEPDIR)/libcurl_la-curl_addrinfo.Plo @@ -2510,6 +2555,34 @@ vtls/libcurl_la-mesalink.lo: vtls/mesalink.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vtls/libcurl_la-mesalink.lo `test -f 'vtls/mesalink.c' || echo '$(srcdir)/'`vtls/mesalink.c +vquic/libcurl_la-ngtcp2.lo: vquic/ngtcp2.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vquic/libcurl_la-ngtcp2.lo -MD -MP -MF vquic/$(DEPDIR)/libcurl_la-ngtcp2.Tpo -c -o vquic/libcurl_la-ngtcp2.lo `test -f 'vquic/ngtcp2.c' || echo '$(srcdir)/'`vquic/ngtcp2.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vquic/$(DEPDIR)/libcurl_la-ngtcp2.Tpo vquic/$(DEPDIR)/libcurl_la-ngtcp2.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vquic/ngtcp2.c' object='vquic/libcurl_la-ngtcp2.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vquic/libcurl_la-ngtcp2.lo `test -f 'vquic/ngtcp2.c' || echo '$(srcdir)/'`vquic/ngtcp2.c + +vquic/libcurl_la-quiche.lo: vquic/quiche.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vquic/libcurl_la-quiche.lo -MD -MP -MF vquic/$(DEPDIR)/libcurl_la-quiche.Tpo -c -o vquic/libcurl_la-quiche.lo `test -f 'vquic/quiche.c' || echo '$(srcdir)/'`vquic/quiche.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vquic/$(DEPDIR)/libcurl_la-quiche.Tpo vquic/$(DEPDIR)/libcurl_la-quiche.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vquic/quiche.c' object='vquic/libcurl_la-quiche.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vquic/libcurl_la-quiche.lo `test -f 'vquic/quiche.c' || echo '$(srcdir)/'`vquic/quiche.c + +vssh/libcurl_la-libssh2.lo: vssh/libssh2.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vssh/libcurl_la-libssh2.lo -MD -MP -MF vssh/$(DEPDIR)/libcurl_la-libssh2.Tpo -c -o vssh/libcurl_la-libssh2.lo `test -f 'vssh/libssh2.c' || echo '$(srcdir)/'`vssh/libssh2.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vssh/$(DEPDIR)/libcurl_la-libssh2.Tpo vssh/$(DEPDIR)/libcurl_la-libssh2.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vssh/libssh2.c' object='vssh/libcurl_la-libssh2.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vssh/libcurl_la-libssh2.lo `test -f 'vssh/libssh2.c' || echo '$(srcdir)/'`vssh/libssh2.c + +vssh/libcurl_la-libssh.lo: vssh/libssh.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vssh/libcurl_la-libssh.lo -MD -MP -MF vssh/$(DEPDIR)/libcurl_la-libssh.Tpo -c -o vssh/libcurl_la-libssh.lo `test -f 'vssh/libssh.c' || echo '$(srcdir)/'`vssh/libssh.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vssh/$(DEPDIR)/libcurl_la-libssh.Tpo vssh/$(DEPDIR)/libcurl_la-libssh.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vssh/libssh.c' object='vssh/libcurl_la-libssh.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vssh/libcurl_la-libssh.lo `test -f 'vssh/libssh.c' || echo '$(srcdir)/'`vssh/libssh.c + libcurlu_la-file.lo: file.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-file.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-file.Tpo -c -o libcurlu_la-file.lo `test -f 'file.c' || echo '$(srcdir)/'`file.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-file.Tpo $(DEPDIR)/libcurlu_la-file.Plo @@ -2923,20 +2996,6 @@ libcurlu_la-socks.lo: socks.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-socks.lo `test -f 'socks.c' || echo '$(srcdir)/'`socks.c -libcurlu_la-ssh.lo: ssh.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-ssh.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-ssh.Tpo -c -o libcurlu_la-ssh.lo `test -f 'ssh.c' || echo '$(srcdir)/'`ssh.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-ssh.Tpo $(DEPDIR)/libcurlu_la-ssh.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ssh.c' object='libcurlu_la-ssh.lo' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-ssh.lo `test -f 'ssh.c' || echo '$(srcdir)/'`ssh.c - -libcurlu_la-ssh-libssh.lo: ssh-libssh.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-ssh-libssh.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-ssh-libssh.Tpo -c -o libcurlu_la-ssh-libssh.lo `test -f 'ssh-libssh.c' || echo '$(srcdir)/'`ssh-libssh.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-ssh-libssh.Tpo $(DEPDIR)/libcurlu_la-ssh-libssh.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ssh-libssh.c' object='libcurlu_la-ssh-libssh.lo' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-ssh-libssh.lo `test -f 'ssh-libssh.c' || echo '$(srcdir)/'`ssh-libssh.c - libcurlu_la-curl_addrinfo.lo: curl_addrinfo.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-curl_addrinfo.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-curl_addrinfo.Tpo -c -o libcurlu_la-curl_addrinfo.lo `test -f 'curl_addrinfo.c' || echo '$(srcdir)/'`curl_addrinfo.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-curl_addrinfo.Tpo $(DEPDIR)/libcurlu_la-curl_addrinfo.Plo @@ -3469,12 +3528,42 @@ vtls/libcurlu_la-mesalink.lo: vtls/mesalink.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vtls/libcurlu_la-mesalink.lo `test -f 'vtls/mesalink.c' || echo '$(srcdir)/'`vtls/mesalink.c +vquic/libcurlu_la-ngtcp2.lo: vquic/ngtcp2.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vquic/libcurlu_la-ngtcp2.lo -MD -MP -MF vquic/$(DEPDIR)/libcurlu_la-ngtcp2.Tpo -c -o vquic/libcurlu_la-ngtcp2.lo `test -f 'vquic/ngtcp2.c' || echo '$(srcdir)/'`vquic/ngtcp2.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vquic/$(DEPDIR)/libcurlu_la-ngtcp2.Tpo vquic/$(DEPDIR)/libcurlu_la-ngtcp2.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vquic/ngtcp2.c' object='vquic/libcurlu_la-ngtcp2.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vquic/libcurlu_la-ngtcp2.lo `test -f 'vquic/ngtcp2.c' || echo '$(srcdir)/'`vquic/ngtcp2.c + +vquic/libcurlu_la-quiche.lo: vquic/quiche.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vquic/libcurlu_la-quiche.lo -MD -MP -MF vquic/$(DEPDIR)/libcurlu_la-quiche.Tpo -c -o vquic/libcurlu_la-quiche.lo `test -f 'vquic/quiche.c' || echo '$(srcdir)/'`vquic/quiche.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vquic/$(DEPDIR)/libcurlu_la-quiche.Tpo vquic/$(DEPDIR)/libcurlu_la-quiche.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vquic/quiche.c' object='vquic/libcurlu_la-quiche.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vquic/libcurlu_la-quiche.lo `test -f 'vquic/quiche.c' || echo '$(srcdir)/'`vquic/quiche.c + +vssh/libcurlu_la-libssh2.lo: vssh/libssh2.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vssh/libcurlu_la-libssh2.lo -MD -MP -MF vssh/$(DEPDIR)/libcurlu_la-libssh2.Tpo -c -o vssh/libcurlu_la-libssh2.lo `test -f 'vssh/libssh2.c' || echo '$(srcdir)/'`vssh/libssh2.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vssh/$(DEPDIR)/libcurlu_la-libssh2.Tpo vssh/$(DEPDIR)/libcurlu_la-libssh2.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vssh/libssh2.c' object='vssh/libcurlu_la-libssh2.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vssh/libcurlu_la-libssh2.lo `test -f 'vssh/libssh2.c' || echo '$(srcdir)/'`vssh/libssh2.c + +vssh/libcurlu_la-libssh.lo: vssh/libssh.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vssh/libcurlu_la-libssh.lo -MD -MP -MF vssh/$(DEPDIR)/libcurlu_la-libssh.Tpo -c -o vssh/libcurlu_la-libssh.lo `test -f 'vssh/libssh.c' || echo '$(srcdir)/'`vssh/libssh.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vssh/$(DEPDIR)/libcurlu_la-libssh.Tpo vssh/$(DEPDIR)/libcurlu_la-libssh.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vssh/libssh.c' object='vssh/libcurlu_la-libssh.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vssh/libcurlu_la-libssh.lo `test -f 'vssh/libssh.c' || echo '$(srcdir)/'`vssh/libssh.c + mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -rm -rf vauth/.libs vauth/_libs + -rm -rf vquic/.libs vquic/_libs + -rm -rf vssh/.libs vssh/_libs -rm -rf vtls/.libs vtls/_libs ID: $(am__tagged_files) @@ -3598,6 +3687,10 @@ distclean-generic: -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) -rm -f vauth/$(DEPDIR)/$(am__dirstamp) -rm -f vauth/$(am__dirstamp) + -rm -f vquic/$(DEPDIR)/$(am__dirstamp) + -rm -f vquic/$(am__dirstamp) + -rm -f vssh/$(DEPDIR)/$(am__dirstamp) + -rm -f vssh/$(am__dirstamp) -rm -f vtls/$(DEPDIR)/$(am__dirstamp) -rm -f vtls/$(am__dirstamp) @@ -3704,8 +3797,6 @@ distclean: distclean-am -rm -f ./$(DEPDIR)/libcurl_la-socks_sspi.Plo -rm -f ./$(DEPDIR)/libcurl_la-speedcheck.Plo -rm -f ./$(DEPDIR)/libcurl_la-splay.Plo - -rm -f ./$(DEPDIR)/libcurl_la-ssh-libssh.Plo - -rm -f ./$(DEPDIR)/libcurl_la-ssh.Plo -rm -f ./$(DEPDIR)/libcurl_la-strcase.Plo -rm -f ./$(DEPDIR)/libcurl_la-strdup.Plo -rm -f ./$(DEPDIR)/libcurl_la-strerror.Plo @@ -3816,8 +3907,6 @@ distclean: distclean-am -rm -f ./$(DEPDIR)/libcurlu_la-socks_sspi.Plo -rm -f ./$(DEPDIR)/libcurlu_la-speedcheck.Plo -rm -f ./$(DEPDIR)/libcurlu_la-splay.Plo - -rm -f ./$(DEPDIR)/libcurlu_la-ssh-libssh.Plo - -rm -f ./$(DEPDIR)/libcurlu_la-ssh.Plo -rm -f ./$(DEPDIR)/libcurlu_la-strcase.Plo -rm -f ./$(DEPDIR)/libcurlu_la-strdup.Plo -rm -f ./$(DEPDIR)/libcurlu_la-strerror.Plo @@ -3858,6 +3947,14 @@ distclean: distclean-am -rm -f vauth/$(DEPDIR)/libcurlu_la-spnego_gssapi.Plo -rm -f vauth/$(DEPDIR)/libcurlu_la-spnego_sspi.Plo -rm -f vauth/$(DEPDIR)/libcurlu_la-vauth.Plo + -rm -f vquic/$(DEPDIR)/libcurl_la-ngtcp2.Plo + -rm -f vquic/$(DEPDIR)/libcurl_la-quiche.Plo + -rm -f vquic/$(DEPDIR)/libcurlu_la-ngtcp2.Plo + -rm -f vquic/$(DEPDIR)/libcurlu_la-quiche.Plo + -rm -f vssh/$(DEPDIR)/libcurl_la-libssh.Plo + -rm -f vssh/$(DEPDIR)/libcurl_la-libssh2.Plo + -rm -f vssh/$(DEPDIR)/libcurlu_la-libssh.Plo + -rm -f vssh/$(DEPDIR)/libcurlu_la-libssh2.Plo -rm -f vtls/$(DEPDIR)/libcurl_la-gskit.Plo -rm -f vtls/$(DEPDIR)/libcurl_la-gtls.Plo -rm -f vtls/$(DEPDIR)/libcurl_la-mbedtls.Plo @@ -4023,8 +4120,6 @@ maintainer-clean: maintainer-clean-am -rm -f ./$(DEPDIR)/libcurl_la-socks_sspi.Plo -rm -f ./$(DEPDIR)/libcurl_la-speedcheck.Plo -rm -f ./$(DEPDIR)/libcurl_la-splay.Plo - -rm -f ./$(DEPDIR)/libcurl_la-ssh-libssh.Plo - -rm -f ./$(DEPDIR)/libcurl_la-ssh.Plo -rm -f ./$(DEPDIR)/libcurl_la-strcase.Plo -rm -f ./$(DEPDIR)/libcurl_la-strdup.Plo -rm -f ./$(DEPDIR)/libcurl_la-strerror.Plo @@ -4135,8 +4230,6 @@ maintainer-clean: maintainer-clean-am -rm -f ./$(DEPDIR)/libcurlu_la-socks_sspi.Plo -rm -f ./$(DEPDIR)/libcurlu_la-speedcheck.Plo -rm -f ./$(DEPDIR)/libcurlu_la-splay.Plo - -rm -f ./$(DEPDIR)/libcurlu_la-ssh-libssh.Plo - -rm -f ./$(DEPDIR)/libcurlu_la-ssh.Plo -rm -f ./$(DEPDIR)/libcurlu_la-strcase.Plo -rm -f ./$(DEPDIR)/libcurlu_la-strdup.Plo -rm -f ./$(DEPDIR)/libcurlu_la-strerror.Plo @@ -4177,6 +4270,14 @@ maintainer-clean: maintainer-clean-am -rm -f vauth/$(DEPDIR)/libcurlu_la-spnego_gssapi.Plo -rm -f vauth/$(DEPDIR)/libcurlu_la-spnego_sspi.Plo -rm -f vauth/$(DEPDIR)/libcurlu_la-vauth.Plo + -rm -f vquic/$(DEPDIR)/libcurl_la-ngtcp2.Plo + -rm -f vquic/$(DEPDIR)/libcurl_la-quiche.Plo + -rm -f vquic/$(DEPDIR)/libcurlu_la-ngtcp2.Plo + -rm -f vquic/$(DEPDIR)/libcurlu_la-quiche.Plo + -rm -f vssh/$(DEPDIR)/libcurl_la-libssh.Plo + -rm -f vssh/$(DEPDIR)/libcurl_la-libssh2.Plo + -rm -f vssh/$(DEPDIR)/libcurlu_la-libssh.Plo + -rm -f vssh/$(DEPDIR)/libcurlu_la-libssh2.Plo -rm -f vtls/$(DEPDIR)/libcurl_la-gskit.Plo -rm -f vtls/$(DEPDIR)/libcurl_la-gtls.Plo -rm -f vtls/$(DEPDIR)/libcurl_la-mbedtls.Plo @@ -4244,7 +4345,7 @@ uninstall-am: uninstall-libLTLIBRARIES checksrc: $(CHECKSRC)(@PERL@ $(srcdir)/checksrc.pl -D$(srcdir) -W$(srcdir)/curl_config.h \ - $(srcdir)/*.[ch] $(srcdir)/vauth/*.[ch] $(srcdir)/vtls/*.[ch]) + $(srcdir)/*.[ch] $(srcdir)/vauth/*.[ch] $(srcdir)/vtls/*.[ch] $(srcdir)/vquic/*.[ch] $(srcdir)/vssh/*.[ch]) # for debug builds, we scan the sources on all regular make invokes @CURLDEBUG_TRUE@all-local: checksrc diff --git a/libs/libcurl/src/Makefile.inc b/libs/libcurl/src/Makefile.inc index 37f7026818..3e3a385c59 100644 --- a/libs/libcurl/src/Makefile.inc +++ b/libs/libcurl/src/Makefile.inc @@ -37,6 +37,12 @@ LIB_VTLS_HFILES = vtls/openssl.h vtls/vtls.h vtls/gtls.h \ vtls/wolfssl.h vtls/schannel.h vtls/sectransp.h vtls/gskit.h \ vtls/mbedtls.h vtls/mesalink.h +LIB_VQUIC_CFILES = vquic/ngtcp2.c vquic/quiche.c + +LIB_VQUIC_HFILES = vquic/ngtcp2.h vquic/quiche.h + +LIB_VSSH_CFILES = vssh/libssh2.c vssh/libssh.c + LIB_CFILES = file.c timeval.c base64.c hostip.c progress.c formdata.c \ cookie.c http.c sendf.c ftp.c url.c dict.c if2ip.c speedcheck.c \ ldap.c version.c getenv.c escape.c mprintf.c telnet.c netrc.c \ @@ -46,7 +52,7 @@ LIB_CFILES = file.c timeval.c base64.c hostip.c progress.c formdata.c \ http_digest.c md4.c md5.c http_negotiate.c inet_pton.c strtoofft.c \ strerror.c amigaos.c hostasyn.c hostip4.c hostip6.c hostsyn.c \ inet_ntop.c parsedate.c select.c tftp.c splay.c strdup.c socks.c \ - ssh.c ssh-libssh.c curl_addrinfo.c socks_gssapi.c socks_sspi.c \ + curl_addrinfo.c socks_gssapi.c socks_sspi.c \ curl_sspi.c slist.c nonblock.c curl_memrchr.c imap.c pop3.c smtp.c \ pingpong.c rtsp.c curl_threads.c warnless.c hmac.c curl_rtmp.c \ openldap.c curl_gethostname.c gopher.c idn_win32.c \ @@ -76,9 +82,11 @@ LIB_HFILES = arpa_telnet.h netrc.h file.h timeval.h hostip.h progress.h \ x509asn1.h http2.h sigpipe.h smb.h curl_endian.h curl_des.h \ curl_printf.h system_win32.h rand.h mime.h curl_sha256.h setopt.h \ curl_path.h curl_ctype.h curl_range.h psl.h doh.h urlapi-int.h \ - curl_get_line.h altsvc.h + curl_get_line.h altsvc.h quic.h LIB_RCFILES = libcurl.rc -CSOURCES = $(LIB_CFILES) $(LIB_VAUTH_CFILES) $(LIB_VTLS_CFILES) -HHEADERS = $(LIB_HFILES) $(LIB_VAUTH_HFILES) $(LIB_VTLS_HFILES) +CSOURCES = $(LIB_CFILES) $(LIB_VAUTH_CFILES) $(LIB_VTLS_CFILES) \ + $(LIB_VQUIC_CFILES) $(LIB_VSSH_CFILES) +HHEADERS = $(LIB_HFILES) $(LIB_VAUTH_HFILES) $(LIB_VTLS_HFILES) \ + $(LIB_VQUIC_HFILES) diff --git a/libs/libcurl/src/altsvc.c b/libs/libcurl/src/altsvc.c index 85a4e01b50..a649fefd80 100644 --- a/libs/libcurl/src/altsvc.c +++ b/libs/libcurl/src/altsvc.c @@ -54,10 +54,13 @@ static enum alpnid alpn2alpnid(char *name) return ALPN_h1; if(strcasecompare(name, "h2")) return ALPN_h2; - if(strcasecompare(name, "h2c")) - return ALPN_h2c; +#if (defined(USE_QUICHE) || defined(USE_NGHTTP2)) && !defined(UNITTESTS) + if(strcasecompare(name, "h3-22")) + return ALPN_h3; +#else if(strcasecompare(name, "h3")) return ALPN_h3; +#endif return ALPN_none; /* unknown, probably rubbish input */ } @@ -69,10 +72,12 @@ const char *Curl_alpnid2str(enum alpnid id) return "h1"; case ALPN_h2: return "h2"; - case ALPN_h2c: - return "h2c"; case ALPN_h3: +#if (defined(USE_QUICHE) || defined(USE_NGHTTP2)) && !defined(UNITTESTS) + return "h3-22"; +#else return "h3"; +#endif default: return ""; /* bad */ } @@ -81,8 +86,8 @@ const char *Curl_alpnid2str(enum alpnid id) static void altsvc_free(struct altsvc *as) { - free(as->srchost); - free(as->dsthost); + free(as->src.host); + free(as->dst.host); free(as); } @@ -97,17 +102,17 @@ static struct altsvc *altsvc_createid(const char *srchost, if(!as) return NULL; - as->srchost = strdup(srchost); - if(!as->srchost) + as->src.host = strdup(srchost); + if(!as->src.host) goto error; - as->dsthost = strdup(dsthost); - if(!as->dsthost) + as->dst.host = strdup(dsthost); + if(!as->dst.host) goto error; - as->srcalpnid = srcalpnid; - as->dstalpnid = dstalpnid; - as->srcport = curlx_ultous(srcport); - as->dstport = curlx_ultous(dstport); + as->src.alpnid = srcalpnid; + as->dst.alpnid = dstalpnid; + as->src.port = curlx_ultous(srcport); + as->dst.port = curlx_ultous(dstport); return as; error: @@ -226,8 +231,8 @@ static CURLcode altsvc_out(struct altsvc *as, FILE *fp) "\"%d%02d%02d " "%02d:%02d:%02d\" " "%u %d\n", - Curl_alpnid2str(as->srcalpnid), as->srchost, as->srcport, - Curl_alpnid2str(as->dstalpnid), as->dsthost, as->dstport, + Curl_alpnid2str(as->src.alpnid), as->src.host, as->src.port, + Curl_alpnid2str(as->dst.alpnid), as->dst.host, as->dst.port, stamp.tm_year + 1900, stamp.tm_mon + 1, stamp.tm_mday, stamp.tm_hour, stamp.tm_min, stamp.tm_sec, as->persist, as->prio); @@ -252,7 +257,7 @@ struct altsvcinfo *Curl_altsvc_init(void) #ifdef USE_NGHTTP2 | CURLALTSVC_H2 #endif -#ifdef USE_HTTP3 +#ifdef ENABLE_QUIC | CURLALTSVC_H3 #endif ; @@ -343,7 +348,7 @@ static CURLcode getalnum(const char **ptr, char *alpnbuf, size_t buflen) while(*p && ISBLANK(*p)) p++; protop = p; - while(*p && ISALNUM(*p)) + while(*p && !ISBLANK(*p) && (*p != ';') && (*p != '=')) p++; len = p - protop; @@ -365,9 +370,9 @@ static void altsvc_flush(struct altsvcinfo *asi, enum alpnid srcalpnid, for(e = asi->list.head; e; e = n) { struct altsvc *as = e->ptr; n = e->next; - if((srcalpnid == as->srcalpnid) && - (srcport == as->srcport) && - strcasecompare(srchost, as->srchost)) { + if((srcalpnid == as->src.alpnid) && + (srcport == as->src.port) && + strcasecompare(srchost, as->src.host)) { Curl_llist_remove(&asi->list, e, NULL); altsvc_free(as); asi->num--; @@ -535,31 +540,31 @@ CURLcode Curl_altsvc_parse(struct Curl_easy *data, bool Curl_altsvc_lookup(struct altsvcinfo *asi, enum alpnid srcalpnid, const char *srchost, int srcport, - enum alpnid *dstalpnid, const char **dsthost, - int *dstport) + struct altsvc **dstentry, + const int versions) /* one or more bits */ { struct curl_llist_element *e; struct curl_llist_element *n; time_t now = time(NULL); DEBUGASSERT(asi); DEBUGASSERT(srchost); - DEBUGASSERT(dsthost); + DEBUGASSERT(dstentry); for(e = asi->list.head; e; e = n) { struct altsvc *as = e->ptr; n = e->next; if(as->expires < now) { /* an expired entry, remove */ + Curl_llist_remove(&asi->list, e, NULL); altsvc_free(as); continue; } - if((as->srcalpnid == srcalpnid) && - strcasecompare(as->srchost, srchost) && - as->srcport == srcport) { + if((as->src.alpnid == srcalpnid) && + strcasecompare(as->src.host, srchost) && + (as->src.port == srcport) && + (versions & as->dst.alpnid)) { /* match */ - *dstalpnid = as->dstalpnid; - *dsthost = as->dsthost; - *dstport = as->dstport; + *dstentry = as; return TRUE; } } diff --git a/libs/libcurl/src/altsvc.h b/libs/libcurl/src/altsvc.h index eefb45bf61..99d0499af7 100644 --- a/libs/libcurl/src/altsvc.h +++ b/libs/libcurl/src/altsvc.h @@ -28,20 +28,21 @@ #include "llist.h" enum alpnid { - ALPN_none, - ALPN_h1, - ALPN_h2, - ALPN_h2c, - ALPN_h3 + ALPN_none = 0, + ALPN_h1 = CURLALTSVC_H1, + ALPN_h2 = CURLALTSVC_H2, + ALPN_h3 = CURLALTSVC_H3 +}; + +struct althost { + char *host; + unsigned short port; + enum alpnid alpnid; }; struct altsvc { - char *srchost; - char *dsthost; - unsigned short srcport; - unsigned short dstport; - enum alpnid srcalpnid; - enum alpnid dstalpnid; + struct althost src; + struct althost dst; time_t expires; bool persist; int prio; @@ -68,8 +69,8 @@ CURLcode Curl_altsvc_parse(struct Curl_easy *data, bool Curl_altsvc_lookup(struct altsvcinfo *asi, enum alpnid srcalpnid, const char *srchost, int srcport, - enum alpnid *dstalpnid, const char **dsthost, - int *dstport); + struct altsvc **dstentry, + int versions); /* one or more CURLALTSVC_H* bits */ #else /* disabled */ #define Curl_altsvc_save(a,b) diff --git a/libs/libcurl/src/asyn-ares.c b/libs/libcurl/src/asyn-ares.c index 6b14aa6981..835cfa48fa 100644 --- a/libs/libcurl/src/asyn-ares.c +++ b/libs/libcurl/src/asyn-ares.c @@ -253,16 +253,14 @@ static void destroy_async_data(struct Curl_async *async) */ int Curl_resolver_getsock(struct connectdata *conn, - curl_socket_t *socks, - int numsocks) - + curl_socket_t *socks) { struct timeval maxtime; struct timeval timebuf; struct timeval *timeout; long milli; int max = ares_getsock((ares_channel)conn->data->state.resolver, - (ares_socket_t *)socks, numsocks); + (ares_socket_t *)socks, MAX_SOCKSPEREASYHANDLE); maxtime.tv_sec = CURL_TIMEOUT_RESOLVE; maxtime.tv_usec = 0; diff --git a/libs/libcurl/src/asyn-thread.c b/libs/libcurl/src/asyn-thread.c index 55e0811c5c..24da748850 100644 --- a/libs/libcurl/src/asyn-thread.c +++ b/libs/libcurl/src/asyn-thread.c @@ -163,6 +163,10 @@ struct thread_sync_data { char *hostname; /* hostname to resolve, Curl_async.hostname duplicate */ int port; +#ifdef HAVE_SOCKETPAIR + struct connectdata *conn; + curl_socket_t sock_pair[2]; /* socket pair */ +#endif int sock_error; Curl_addrinfo *res; #ifdef HAVE_GETADDRINFO @@ -197,6 +201,15 @@ void destroy_thread_sync_data(struct thread_sync_data * tsd) if(tsd->res) Curl_freeaddrinfo(tsd->res); +#ifdef HAVE_SOCKETPAIR + /* + * close one end of the socket pair (may be done in resolver thread); + * the other end (for reading) is always closed in the parent thread. + */ + if(tsd->sock_pair[1] != CURL_SOCKET_BAD) { + sclose(tsd->sock_pair[1]); + } +#endif memset(tsd, 0, sizeof(*tsd)); } @@ -230,6 +243,14 @@ int init_thread_sync_data(struct thread_data * td, Curl_mutex_init(tsd->mtx); +#ifdef HAVE_SOCKETPAIR + /* create socket pair */ + if(socketpair(AF_LOCAL, SOCK_STREAM, 0, &tsd->sock_pair[0]) < 0) { + tsd->sock_pair[0] = CURL_SOCKET_BAD; + tsd->sock_pair[1] = CURL_SOCKET_BAD; + goto err_exit; + } +#endif tsd->sock_error = CURL_ASYNC_SUCCESS; /* Copying hostname string because original can be destroyed by parent @@ -276,6 +297,9 @@ static unsigned int CURL_STDCALL getaddrinfo_thread(void *arg) struct thread_data *td = tsd->td; char service[12]; int rc; +#ifdef HAVE_SOCKETPAIR + char buf[1]; +#endif msnprintf(service, sizeof(service), "%d", tsd->port); @@ -298,6 +322,16 @@ static unsigned int CURL_STDCALL getaddrinfo_thread(void *arg) free(td); } else { +#ifdef HAVE_SOCKETPAIR + if(tsd->sock_pair[1] != CURL_SOCKET_BAD) { + /* DNS has been resolved, signal client task */ + buf[0] = 1; + if(write(tsd->sock_pair[1], buf, sizeof(buf)) < 0) { + /* update sock_erro to errno */ + tsd->sock_error = SOCKERRNO; + } + } +#endif tsd->done = 1; Curl_mutex_release(tsd->mtx); } @@ -348,6 +382,10 @@ static void destroy_async_data(struct Curl_async *async) if(async->os_specific) { struct thread_data *td = (struct thread_data*) async->os_specific; int done; +#ifdef HAVE_SOCKETPAIR + curl_socket_t sock_rd = td->tsd.sock_pair[0]; + struct connectdata *conn = td->tsd.conn; +#endif /* * if the thread is still blocking in the resolve syscall, detach it and @@ -369,6 +407,15 @@ static void destroy_async_data(struct Curl_async *async) free(async->os_specific); } +#ifdef HAVE_SOCKETPAIR + /* + * ensure CURLMOPT_SOCKETFUNCTION fires CURL_POLL_REMOVE + * before the FD is invalidated to avoid EBADF on EPOLL_CTL_DEL + */ + if(conn) + Curl_multi_closed(conn->data, sock_rd); + sclose(sock_rd); +#endif } async->os_specific = NULL; @@ -569,8 +616,9 @@ CURLcode Curl_resolver_is_resolved(struct connectdata *conn, } else { /* poll for name lookup done with exponential backoff up to 250ms */ - timediff_t elapsed = Curl_timediff(Curl_now(), - data->progress.t_startsingle); + /* should be fine even if this converts to 32 bit */ + time_t elapsed = (time_t)Curl_timediff(Curl_now(), + data->progress.t_startsingle); if(elapsed < 0) elapsed = 0; @@ -592,26 +640,45 @@ CURLcode Curl_resolver_is_resolved(struct connectdata *conn, } int Curl_resolver_getsock(struct connectdata *conn, - curl_socket_t *socks, - int numsocks) + curl_socket_t *socks) { + int ret_val = 0; time_t milli; timediff_t ms; struct Curl_easy *data = conn->data; struct resdata *reslv = (struct resdata *)data->state.resolver; +#ifdef HAVE_SOCKETPAIR + struct thread_data *td = (struct thread_data*)conn->async.os_specific; +#else (void)socks; - (void)numsocks; - ms = Curl_timediff(Curl_now(), reslv->start); - if(ms < 3) - milli = 0; - else if(ms <= 50) - milli = ms/3; - else if(ms <= 250) - milli = 50; - else - milli = 200; - Curl_expire(data, milli, EXPIRE_ASYNC_NAME); - return 0; +#endif + +#ifdef HAVE_SOCKETPAIR + if(td) { + /* return read fd to client for polling the DNS resolution status */ + socks[0] = td->tsd.sock_pair[0]; + DEBUGASSERT(td->tsd.conn == conn || !td->tsd.conn); + td->tsd.conn = conn; + ret_val = GETSOCK_READSOCK(0); + } + else { +#endif + ms = Curl_timediff(Curl_now(), reslv->start); + if(ms < 3) + milli = 0; + else if(ms <= 50) + milli = (time_t)ms/3; + else if(ms <= 250) + milli = 50; + else + milli = 200; + Curl_expire(data, milli, EXPIRE_ASYNC_NAME); +#ifdef HAVE_SOCKETPAIR + } +#endif + + + return ret_val; } #ifndef HAVE_GETADDRINFO @@ -706,7 +773,8 @@ Curl_addrinfo *Curl_resolver_getaddrinfo(struct connectdata *conn, memset(&hints, 0, sizeof(hints)); hints.ai_family = pf; - hints.ai_socktype = conn->socktype; + hints.ai_socktype = (conn->transport == TRNSPRT_TCP)? + SOCK_STREAM : SOCK_DGRAM; msnprintf(sbuf, sizeof(sbuf), "%d", port); diff --git a/libs/libcurl/src/asyn.h b/libs/libcurl/src/asyn.h index ccd4b1f7e2..081c3fef03 100644 --- a/libs/libcurl/src/asyn.h +++ b/libs/libcurl/src/asyn.h @@ -114,8 +114,7 @@ void Curl_resolver_kill(struct connectdata *conn); * return bitmask indicating what file descriptors (referring to array indexes * in the 'sock' array) to wait for, read/write. */ -int Curl_resolver_getsock(struct connectdata *conn, curl_socket_t *sock, - int numsocks); +int Curl_resolver_getsock(struct connectdata *conn, curl_socket_t *sock); /* * Curl_resolver_is_resolved() diff --git a/libs/libcurl/src/base64.c b/libs/libcurl/src/base64.c index fb081a6bb8..643cef6251 100644 --- a/libs/libcurl/src/base64.c +++ b/libs/libcurl/src/base64.c @@ -24,8 +24,8 @@ #include "curl_setup.h" -#if !defined(CURL_DISABLE_HTTP_AUTH) || defined(USE_LIBSSH2) || \ - defined(USE_LIBSSH) || !defined(CURL_DISABLE_LDAP) || \ +#if !defined(CURL_DISABLE_HTTP_AUTH) || defined(USE_SSH) || \ + !defined(CURL_DISABLE_LDAP) || \ !defined(CURL_DISABLE_DOH) || defined(USE_SSL) #include "urldata.h" /* for the Curl_easy definition */ diff --git a/libs/libcurl/src/config-os400.h b/libs/libcurl/src/config-os400.h index a741e91857..d14bd33917 100644 --- a/libs/libcurl/src/config-os400.h +++ b/libs/libcurl/src/config-os400.h @@ -434,6 +434,9 @@ /* Define to enable alt-svc support (experimental) */ #undef USE_ALTSVC +/* Define to enable HTTP3 support (experimental, requires NGTCP2 or QUICHE) */ +#undef ENABLE_QUIC + /* Version number of package */ #undef VERSION diff --git a/libs/libcurl/src/config-plan9.h b/libs/libcurl/src/config-plan9.h new file mode 100644 index 0000000000..70833a51dd --- /dev/null +++ b/libs/libcurl/src/config-plan9.h @@ -0,0 +1,217 @@ +#ifndef HEADER_CURL_CONFIG_PLAN9_H +#define HEADER_CURL_CONFIG_PLAN9_H +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +#define BUILDING_LIBCURL 1 +#define CURL_CA_BUNDLE "/sys/lib/tls/ca.pem" +#define CURL_CA_PATH "/sys/lib/tls" +#define CURL_STATICLIB 1 +#define ENABLE_IPV6 1 +#define CURL_DISABLE_LDAP 1 + +#define NEED_REENTRANT 1 +#define OS "plan9" +#define PACKAGE "curl" +#define PACKAGE_NAME "curl" +#define PACKAGE_BUGREPORT "a suitable mailing list: https://curl.haxx.se/mail/" +#define PACKAGE_STRING "curl -" +#define PACKAGE_TARNAME "curl" +#define PACKAGE_VERSION "-" +#define RANDOM_FILE "/dev/random" +#define VERSION "0.0.0" /* TODO */ + +#define RETSIGTYPE void + +#define STDC_HEADERS 1 + +#ifdef _BITS64 +#error not implement +#else +#define SIZEOF_INT 4 +#define SIZEOF_SHORT 2 +#define SIZEOF_LONG 4 +#define SIZEOF_OFF_T 8 +#define SIZEOF_CURL_OFF_T 4 /* curl_off_t = timediff_t = int */ +#define SIZEOF_SIZE_T 4 +#define SIZEOF_TIME_T 4 +#endif + +#define HAVE_GETNAMEINFO 1 +#define GETNAMEINFO_QUAL_ARG1 const +#define GETNAMEINFO_TYPE_ARG1 struct sockaddr * +#define GETNAMEINFO_TYPE_ARG2 int +#define GETNAMEINFO_TYPE_ARG46 long +#define GETNAMEINFO_TYPE_ARG7 int + +#define HAVE_RECV 1 +#define RECV_TYPE_ARG1 int +#define RECV_TYPE_ARG2 void * +#define RECV_TYPE_ARG3 int +#define RECV_TYPE_ARG4 int +#define RECV_TYPE_RETV int + +#define HAVE_RECVFROM 1 +#define RECVFROM_TYPE_ARG1 int +#define RECVFROM_TYPE_ARG2 void +#define RECVFROM_TYPE_ARG2_IS_VOID 1 +#define RECVFROM_TYPE_ARG3 int +#define RECVFROM_TYPE_ARG4 int +#define RECVFROM_TYPE_ARG5 void +#define RECVFROM_TYPE_ARG5_IS_VOID 1 +#define RECVFROM_TYPE_ARG6 int +#define RECVFROM_TYPE_ARG6_IS_VOID 1 +#define RECVFROM_TYPE_RETV int + +#define HAVE_SELECT 1 +#define SELECT_TYPE_ARG1 int +#define SELECT_TYPE_ARG234 fd_set * +#define SELECT_TYPE_ARG5 struct timeval * +#define SELECT_TYPE_RETV int + +#define HAVE_SEND 1 +#define SEND_TYPE_ARG1 int +#define SEND_TYPE_ARG2 void * +#define SEND_QUAL_ARG2 +#define SEND_TYPE_ARG3 int +#define SEND_TYPE_ARG4 int +#define SEND_TYPE_RETV int + +#define HAVE_ALARM 1 +#define HAVE_ARPA_INET_H 1 +#define HAVE_ASSERT_H 1 +#define HAVE_BASENAME 1 +#define HAVE_BOOL_T 1 +#define HAVE_CRYPTO_CLEANUP_ALL_EX_DATA 1 +#define HAVE_ENGINE_LOAD_BUILTIN_ENGINES 1 +#define HAVE_ERRNO_H 1 +#define HAVE_FCNTL 1 +#define HAVE_FCNTL_H 1 +#define HAVE_FDOPEN 1 +#define HAVE_FORK 1 +#define HAVE_FREEADDRINFO 1 +#define HAVE_FTRUNCATE 1 +#define HAVE_GETADDRINFO 1 +#define HAVE_GETEUID 1 +#define HAVE_GETHOSTBYADDR 1 +#define HAVE_GETHOSTBYNAME 1 +#define HAVE_GETHOSTNAME 1 +#define HAVE_GETPPID 1 +#define HAVE_GETPROTOBYNAME 1 +#define HAVE_GETPWUID 1 +#define HAVE_GETTIMEOFDAY 1 +#define HAVE_GMTIME_R 1 +#define HAVE_INET_ADDR 1 +#define HAVE_INET_NTOP 1 +#define HAVE_INET_PTON 1 +#define HAVE_INTTYPES_H 1 +#define HAVE_IOCTL 1 +#define HAVE_LIBGEN_H 1 +#define HAVE_LIBSSL 1 +#define HAVE_LIBZ 1 +#define HAVE_LL 1 +#define HAVE_LOCALE_H 1 +#define HAVE_LOCALTIME_R 1 +#define HAVE_LONGLONG 1 +#define HAVE_NETDB_H 1 +#define HAVE_NETINET_IN_H 1 +#define HAVE_NETINET_TCP_H 1 +#define HAVE_PWD_H 1 +#define HAVE_SYS_SELECT_H 1 + +#define USE_OPENSSL 1 +#define HAVE_OPENSSL_CRYPTO_H 1 +#define HAVE_OPENSSL_ENGINE_H 1 +#define HAVE_OPENSSL_ERR_H 1 +#define HAVE_OPENSSL_PEM_H 1 +#define HAVE_OPENSSL_PKCS12_H 1 +#define HAVE_OPENSSL_RSA_H 1 +#define HAVE_OPENSSL_SSL_H 1 +#define HAVE_OPENSSL_X509_H 1 + +#define HAVE_PERROR 1 +#define HAVE_PIPE 1 +#define HAVE_POLL 1 +#define HAVE_POLL_FINE 1 +#define HAVE_POLL_H 1 +#define HAVE_PTHREAD_H 1 +#define HAVE_RAND_STATUS 1 +#define HAVE_SETJMP_H 1 +#define HAVE_SETLOCALE 1 + +#define HAVE_SETSOCKOPT 1 +#define HAVE_SOCK_OPTS 1 /* for /sys/include/ape/sys/socket.h */ + +#define HAVE_SIGACTION 1 +#define HAVE_SIGNAL 1 +#define HAVE_SIGNAL_H 1 +#define HAVE_SIGSETJMP 1 +#define HAVE_SIG_ATOMIC_T 1 +#define HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID 1 +#define HAVE_SOCKET 1 +#define HAVE_SSL_GET_SHUTDOWN 1 +#define HAVE_STDBOOL_H 1 +#define HAVE_STDINT_H 1 +#define HAVE_STDIO_H 1 +#define HAVE_STDLIB_H 1 +#define HAVE_STRCASECMP 1 +#define HAVE_STRDUP 1 +#define HAVE_STRING_H 1 +#define HAVE_STRNCASECMP 1 +#define HAVE_STRSTR 1 +#define HAVE_STRTOK_R 1 +#define HAVE_STRTOLL 1 +#define HAVE_STRUCT_TIMEVAL 1 +#define HAVE_SYS_IOCTL_H 1 +#define HAVE_SYS_PARAM_H 1 +#define HAVE_SYS_RESOURCE_H 1 +#define HAVE_SYS_SOCKET_H 1 +#define HAVE_SYS_STAT_H 1 +#define HAVE_SYS_TIME_H 1 +#define HAVE_SYS_TYPES_H 1 +#define HAVE_SYS_UIO_H 1 +#define HAVE_SYS_UN_H 1 +#define HAVE_TERMIOS_H 1 +#define HAVE_TIME_H 1 +#define HAVE_UNAME 1 +#define HAVE_UNISTD_H 1 +#define HAVE_UTIME 1 +#define HAVE_UTIME_H 1 +#define HAVE_WRITEV 1 + +#define HAVE_ZLIB_H 1 + +#define HAVE_POSIX_STRERROR_R 1 +#define HAVE_STRERROR_R 1 +#define STRERROR_R_TYPE_ARG3 int + +#define TIME_WITH_SYS_TIME 1 +#define USE_BLOCKING_SOCKETS 1 +#define USE_MANUAL 1 + +#define __attribute__(x) + +#ifndef __cplusplus +#undef inline +#endif + +#endif /* HEADER_CURL_CONFIG_PLAN9_H */ diff --git a/libs/libcurl/src/connect.c b/libs/libcurl/src/connect.c index 4a1f2c6406..77196250de 100644 --- a/libs/libcurl/src/connect.c +++ b/libs/libcurl/src/connect.c @@ -75,6 +75,8 @@ #include "conncache.h" #include "multihandle.h" #include "system_win32.h" +#include "quic.h" +#include "socks.h" /* The last 3 #include files should be in this order */ #include "curl_printf.h" @@ -165,7 +167,7 @@ tcpkeepalive(struct Curl_easy *data, static CURLcode singleipconnect(struct connectdata *conn, const Curl_addrinfo *ai, /* start connecting to this */ - curl_socket_t *sock); + int sockindex); /* 0 or 1 among the temp ones */ /* * Curl_timeleft() returns the amount of milliseconds left allowed for the @@ -595,7 +597,7 @@ static CURLcode trynextip(struct connectdata *conn, } if(ai) { - result = singleipconnect(conn, ai, &conn->tempsock[tempindex]); + result = singleipconnect(conn, ai, tempindex); if(result == CURLE_COULDNT_CONNECT) { ai = ai->ai_next; continue; @@ -625,13 +627,10 @@ void Curl_persistconninfo(struct connectdata *conn) conn->data->info.conn_local_port = conn->local_port; } -UNITTEST bool getaddressinfo(struct sockaddr *sa, char *addr, - long *port); - /* retrieves ip address and port from a sockaddr structure. note it calls Curl_inet_ntop which sets errno on fail, not SOCKERRNO. */ -UNITTEST bool getaddressinfo(struct sockaddr *sa, char *addr, - long *port) +bool Curl_addr2string(struct sockaddr *sa, curl_socklen_t salen, + char *addr, long *port) { struct sockaddr_in *si = NULL; #ifdef ENABLE_IPV6 @@ -639,6 +638,8 @@ UNITTEST bool getaddressinfo(struct sockaddr *sa, char *addr, #endif #if defined(HAVE_SYS_UN_H) && defined(AF_UNIX) struct sockaddr_un *su = NULL; +#else + (void)salen; #endif switch(sa->sa_family) { @@ -664,8 +665,12 @@ UNITTEST bool getaddressinfo(struct sockaddr *sa, char *addr, #endif #if defined(HAVE_SYS_UN_H) && defined(AF_UNIX) case AF_UNIX: - su = (struct sockaddr_un*)sa; - msnprintf(addr, MAX_IPADR_LEN, "%s", su->sun_path); + if(salen > sizeof(sa_family_t)) { + su = (struct sockaddr_un*)sa; + msnprintf(addr, MAX_IPADR_LEN, "%s", su->sun_path); + } + else + addr[0] = 0; /* socket with no name */ *port = 0; return TRUE; #endif @@ -683,8 +688,8 @@ UNITTEST bool getaddressinfo(struct sockaddr *sa, char *addr, connection */ void Curl_updateconninfo(struct connectdata *conn, curl_socket_t sockfd) { - if(conn->socktype == SOCK_DGRAM) - /* there's no connection! */ + if(conn->transport != TRNSPRT_TCP) + /* there's no TCP connection! */ return; #if defined(HAVE_GETPEERNAME) || defined(HAVE_GETSOCKNAME) @@ -693,10 +698,11 @@ void Curl_updateconninfo(struct connectdata *conn, curl_socket_t sockfd) char buffer[STRERROR_LEN]; struct Curl_sockaddr_storage ssrem; struct Curl_sockaddr_storage ssloc; - curl_socklen_t len; + curl_socklen_t plen; + curl_socklen_t slen; #ifdef HAVE_GETPEERNAME - len = sizeof(struct Curl_sockaddr_storage); - if(getpeername(sockfd, (struct sockaddr*) &ssrem, &len)) { + plen = sizeof(struct Curl_sockaddr_storage); + if(getpeername(sockfd, (struct sockaddr*) &ssrem, &plen)) { int error = SOCKERRNO; failf(data, "getpeername() failed with errno %d: %s", error, Curl_strerror(error, buffer, sizeof(buffer))); @@ -704,9 +710,9 @@ void Curl_updateconninfo(struct connectdata *conn, curl_socket_t sockfd) } #endif #ifdef HAVE_GETSOCKNAME - len = sizeof(struct Curl_sockaddr_storage); + slen = sizeof(struct Curl_sockaddr_storage); memset(&ssloc, 0, sizeof(ssloc)); - if(getsockname(sockfd, (struct sockaddr*) &ssloc, &len)) { + if(getsockname(sockfd, (struct sockaddr*) &ssloc, &slen)) { int error = SOCKERRNO; failf(data, "getsockname() failed with errno %d: %s", error, Curl_strerror(error, buffer, sizeof(buffer))); @@ -714,8 +720,8 @@ void Curl_updateconninfo(struct connectdata *conn, curl_socket_t sockfd) } #endif #ifdef HAVE_GETPEERNAME - if(!getaddressinfo((struct sockaddr*)&ssrem, - conn->primary_ip, &conn->primary_port)) { + if(!Curl_addr2string((struct sockaddr*)&ssrem, plen, + conn->primary_ip, &conn->primary_port)) { failf(data, "ssrem inet_ntop() failed with errno %d: %s", errno, Curl_strerror(errno, buffer, sizeof(buffer))); return; @@ -723,8 +729,8 @@ void Curl_updateconninfo(struct connectdata *conn, curl_socket_t sockfd) memcpy(conn->ip_addr_str, conn->primary_ip, MAX_IPADR_LEN); #endif #ifdef HAVE_GETSOCKNAME - if(!getaddressinfo((struct sockaddr*)&ssloc, - conn->local_ip, &conn->local_port)) { + if(!Curl_addr2string((struct sockaddr*)&ssloc, slen, + conn->local_ip, &conn->local_port)) { failf(data, "ssloc inet_ntop() failed with errno %d: %s", errno, Curl_strerror(errno, buffer, sizeof(buffer))); return; @@ -739,6 +745,58 @@ void Curl_updateconninfo(struct connectdata *conn, curl_socket_t sockfd) Curl_persistconninfo(conn); } +/* after a TCP connection to the proxy has been verified, this function does + the next magic step. + + Note: this function's sub-functions call failf() + +*/ +static CURLcode connected_proxy(struct connectdata *conn, int sockindex) +{ + CURLcode result = CURLE_OK; + + if(conn->bits.socksproxy) { +#ifndef CURL_DISABLE_PROXY + /* for the secondary socket (FTP), use the "connect to host" + * but ignore the "connect to port" (use the secondary port) + */ + const char * const host = conn->bits.httpproxy ? + conn->http_proxy.host.name : + conn->bits.conn_to_host ? + conn->conn_to_host.name : + sockindex == SECONDARYSOCKET ? + conn->secondaryhostname : conn->host.name; + const int port = conn->bits.httpproxy ? (int)conn->http_proxy.port : + sockindex == SECONDARYSOCKET ? conn->secondary_port : + conn->bits.conn_to_port ? conn->conn_to_port : + conn->remote_port; + conn->bits.socksproxy_connecting = TRUE; + switch(conn->socks_proxy.proxytype) { + case CURLPROXY_SOCKS5: + case CURLPROXY_SOCKS5_HOSTNAME: + result = Curl_SOCKS5(conn->socks_proxy.user, conn->socks_proxy.passwd, + host, port, sockindex, conn); + break; + + case CURLPROXY_SOCKS4: + case CURLPROXY_SOCKS4A: + result = Curl_SOCKS4(conn->socks_proxy.user, host, port, sockindex, + conn); + break; + + default: + failf(conn->data, "unknown proxytype option given"); + result = CURLE_COULDNT_CONNECT; + } /* switch proxytype */ + conn->bits.socksproxy_connecting = FALSE; +#else + (void)sockindex; +#endif /* CURL_DISABLE_PROXY */ + } + + return result; +} + /* * Curl_is_connected() checks if the socket has connected. */ @@ -781,6 +839,24 @@ CURLcode Curl_is_connected(struct connectdata *conn, if(conn->tempsock[i] == CURL_SOCKET_BAD) continue; +#ifdef ENABLE_QUIC + if(conn->transport == TRNSPRT_QUIC) { + result = Curl_quic_is_connected(conn, i, connected); + if(result) { + error = SOCKERRNO; + goto error; + } + if(*connected) { + /* use this socket from now on */ + conn->sock[sockindex] = conn->tempsock[i]; + conn->ip_addr = conn->tempaddr[i]; + conn->tempsock[i] = CURL_SOCKET_BAD; + connkeep(conn, "HTTP/3 default"); + } + return result; + } +#endif + #ifdef mpeix /* Call this function once now, and ignore the results. We do this to "clear" the error state on the socket so that we can later read it @@ -794,8 +870,8 @@ CURLcode Curl_is_connected(struct connectdata *conn, if(rc == 0) { /* no connection yet */ error = 0; if(Curl_timediff(now, conn->connecttime) >= conn->timeoutms_per_addr) { - infof(data, "After %ldms connect time, move on!\n", - conn->timeoutms_per_addr); + infof(data, "After %" CURL_FORMAT_TIMEDIFF_T + "ms connect time, move on!\n", conn->timeoutms_per_addr); error = ETIMEDOUT; } @@ -825,7 +901,7 @@ CURLcode Curl_is_connected(struct connectdata *conn, } /* see if we need to do any proxy magic first once we connected */ - result = Curl_connected_proxy(conn, sockindex); + result = connected_proxy(conn, sockindex); if(result) return result; @@ -844,6 +920,9 @@ CURLcode Curl_is_connected(struct connectdata *conn, else if(rc & CURL_CSELECT_ERR) (void)verifyconnect(conn->tempsock[i], &error); +#ifdef ENABLE_QUIC + error: +#endif /* * The connection failed here, we should attempt to connect to the "next * address" for the given host. But first remember the latest error. @@ -861,11 +940,11 @@ CURLcode Curl_is_connected(struct connectdata *conn, Curl_strerror(error, buffer, sizeof(buffer))); conn->timeoutms_per_addr = conn->tempaddr[i]->ai_next == NULL ? - allow : allow / 2; + allow : allow / 2; status = trynextip(conn, sockindex, i); - if(status != CURLE_COULDNT_CONNECT - || conn->tempsock[other] == CURL_SOCKET_BAD) + if((status != CURLE_COULDNT_CONNECT) || + conn->tempsock[other] == CURL_SOCKET_BAD) /* the last attempt failed and no other sockets remain open */ result = status; } @@ -1004,7 +1083,7 @@ void Curl_sndbufset(curl_socket_t sockfd) */ static CURLcode singleipconnect(struct connectdata *conn, const Curl_addrinfo *ai, - curl_socket_t *sockp) + int sockindex) { struct Curl_sockaddr_ex addr; int rc = -1; @@ -1020,7 +1099,7 @@ static CURLcode singleipconnect(struct connectdata *conn, int optval = 1; #endif char buffer[STRERROR_LEN]; - + curl_socket_t *sockp = &conn->tempsock[sockindex]; *sockp = CURL_SOCKET_BAD; result = Curl_socket(conn, ai, &addr, &sockfd); @@ -1031,8 +1110,8 @@ static CURLcode singleipconnect(struct connectdata *conn, return CURLE_OK; /* store remote address and port used in this connection attempt */ - if(!getaddressinfo((struct sockaddr*)&addr.sa_addr, - ipaddress, &port)) { + if(!Curl_addr2string((struct sockaddr*)&addr.sa_addr, addr.addrlen, + ipaddress, &port)) { /* malformed address or bug in inet_ntop, try next address */ failf(data, "sa_addr inet_ntop() failed with errno %d: %s", errno, Curl_strerror(errno, buffer, sizeof(buffer))); @@ -1099,8 +1178,8 @@ static CURLcode singleipconnect(struct connectdata *conn, if(conn->num_addr > 1) Curl_expire(data, conn->timeoutms_per_addr, EXPIRE_DNS_PER_NAME); - /* Connect TCP sockets, bind UDP */ - if(!isconnected && (conn->socktype == SOCK_STREAM)) { + /* Connect TCP and QUIC sockets */ + if(!isconnected && (conn->transport != TRNSPRT_UDP)) { if(conn->bits.tcp_fastopen) { #if defined(CONNECT_DATA_IDEMPOTENT) /* Darwin */ # if defined(HAVE_BUILTIN_AVAILABLE) @@ -1146,6 +1225,16 @@ static CURLcode singleipconnect(struct connectdata *conn, if(-1 == rc) error = SOCKERRNO; +#ifdef ENABLE_QUIC + else if(conn->transport == TRNSPRT_QUIC) { + /* pass in 'sockfd' separately since it hasn't been put into the + tempsock array at this point */ + result = Curl_quic_connect(conn, sockfd, sockindex, + &addr.sa_addr, addr.addrlen); + if(result) + error = SOCKERRNO; + } +#endif } else { *sockp = sockfd; @@ -1219,7 +1308,7 @@ CURLcode Curl_connecthost(struct connectdata *conn, /* context */ /* start connecting to first IP */ while(conn->tempaddr[0]) { - result = singleipconnect(conn, conn->tempaddr[0], &(conn->tempsock[0])); + result = singleipconnect(conn, conn->tempaddr[0], 0); if(!result) break; conn->tempaddr[0] = conn->tempaddr[0]->ai_next; @@ -1386,8 +1475,9 @@ CURLcode Curl_socket(struct connectdata *conn, */ addr->family = ai->ai_family; - addr->socktype = conn->socktype; - addr->protocol = conn->socktype == SOCK_DGRAM?IPPROTO_UDP:ai->ai_protocol; + addr->socktype = (conn->transport == TRNSPRT_TCP) ? SOCK_STREAM : SOCK_DGRAM; + addr->protocol = conn->transport != TRNSPRT_TCP ? IPPROTO_UDP : + ai->ai_protocol; addr->addrlen = ai->ai_addrlen; if(addr->addrlen > sizeof(struct Curl_sockaddr_storage)) diff --git a/libs/libcurl/src/connect.h b/libs/libcurl/src/connect.h index 6a5c755cc1..b23085a98a 100644 --- a/libs/libcurl/src/connect.h +++ b/libs/libcurl/src/connect.h @@ -51,6 +51,9 @@ timediff_t Curl_timeleft(struct Curl_easy *data, curl_socket_t Curl_getconnectinfo(struct Curl_easy *data, struct connectdata **connp); +bool Curl_addr2string(struct sockaddr *sa, curl_socklen_t salen, + char *addr, long *port); + /* * Check if a connection seems to be alive. */ diff --git a/libs/libcurl/src/cookie.c b/libs/libcurl/src/cookie.c index 9a9e14d012..53ca40237f 100644 --- a/libs/libcurl/src/cookie.c +++ b/libs/libcurl/src/cookie.c @@ -819,22 +819,14 @@ Curl_cookie_add(struct Curl_easy *data, badcookie = TRUE; break; case 1: - /* This field got its explanation on the 23rd of May 2001 by - Andrés García: - - flag: A TRUE/FALSE value indicating if all machines within a given - domain can access the variable. This value is set automatically by - the browser, depending on the value you set for the domain. - - As far as I can see, it is set to true when the cookie says + /* flag: A TRUE/FALSE value indicating if all machines within a given + domain can access the variable. Set TRUE when the cookie says .domain.com and to false when the domain is complete www.domain.com */ co->tailmatch = strcasecompare(ptr, "TRUE")?TRUE:FALSE; break; case 2: - /* It turns out, that sometimes the file format allows the path - field to remain not filled in, we try to detect this and work - around it! Andrés García made us aware of this... */ + /* The file format allows the path field to remain not filled in */ if(strcmp("TRUE", ptr) && strcmp("FALSE", ptr)) { /* only if the path doesn't look like a boolean option! */ co->path = strdup(ptr); diff --git a/libs/libcurl/src/curl_config.h.in b/libs/libcurl/src/curl_config.h.in index 871c664e55..e5abe77b9e 100644 --- a/libs/libcurl/src/curl_config.h.in +++ b/libs/libcurl/src/curl_config.h.in @@ -486,6 +486,15 @@ /* Define to 1 if you have the <nghttp2/nghttp2.h> header file. */ #undef HAVE_NGHTTP2_NGHTTP2_H +/* Define to 1 if you have the <nghttp3/nghttp3.h> header file. */ +#undef HAVE_NGHTTP3_NGHTTP3_H + +/* Define to 1 if you have the <ngtcp2/ngtcp2_crypto.h> header file. */ +#undef HAVE_NGTCP2_NGTCP2_CRYPTO_H + +/* Define to 1 if you have the <ngtcp2/ngtcp2.h> header file. */ +#undef HAVE_NGTCP2_NGTCP2_H + /* if you have an old MIT Kerberos version, lacking GSS_C_NT_HOSTBASED_SERVICE */ #undef HAVE_OLD_GSSMIT @@ -544,6 +553,9 @@ /* Define to 1 if you have the <pwd.h> header file. */ #undef HAVE_PWD_H +/* Define to 1 if you have the <quiche.h> header file. */ +#undef HAVE_QUICHE_H + /* Define to 1 if you have the `RAND_egd' function. */ #undef HAVE_RAND_EGD @@ -739,6 +751,9 @@ /* Define to 1 if you have the <unistd.h> header file. */ #undef HAVE_UNISTD_H +/* Define to 1 if you have the `usleep' function. */ +#undef HAVE_USLEEP + /* Define to 1 if you have the `utime' function. */ #undef HAVE_UTIME @@ -970,6 +985,15 @@ /* if nghttp2 is in use */ #undef USE_NGHTTP2 +/* if nghttp3 is in use */ +#undef USE_NGHTTP3 + +/* if ngtcp2 is in use */ +#undef USE_NGTCP2 + +/* if ngtcp2_crypto_openssl is in use */ +#undef USE_NGTCP2_CRYPTO_OPENSSL + /* if NSS is enabled */ #undef USE_NSS @@ -979,6 +1003,9 @@ /* if OpenSSL is in use */ #undef USE_OPENSSL +/* if quiche is in use */ +#undef USE_QUICHE + /* to enable Windows native SSL/TLS support */ #undef USE_SCHANNEL diff --git a/libs/libcurl/src/curl_md4.h b/libs/libcurl/src/curl_md4.h index 392203f9e3..82df708cee 100644 --- a/libs/libcurl/src/curl_md4.h +++ b/libs/libcurl/src/curl_md4.h @@ -24,14 +24,12 @@ #include "curl_setup.h" -#if defined(USE_NSS) || defined(USE_OS400CRYPTO) || \ - (defined(USE_OPENSSL) && defined(OPENSSL_NO_MD4)) || \ - (defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C)) +#if !defined(CURL_DISABLE_CRYPTO_AUTH) + +#define MD4_DIGEST_LENGTH 16 void Curl_md4it(unsigned char *output, const unsigned char *input, size_t len); -#endif /* defined(USE_NSS) || defined(USE_OS400CRYPTO) || - (defined(USE_OPENSSL) && defined(OPENSSL_NO_MD4)) || - (defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C)) */ +#endif /* !defined(CURL_DISABLE_CRYPTO_AUTH) */ #endif /* HEADER_CURL_MD4_H */ diff --git a/libs/libcurl/src/curl_ntlm_core.c b/libs/libcurl/src/curl_ntlm_core.c index 9e6fdcab2e..19f9b61d87 100644 --- a/libs/libcurl/src/curl_ntlm_core.c +++ b/libs/libcurl/src/curl_ntlm_core.c @@ -55,11 +55,6 @@ #ifdef USE_OPENSSL # include <openssl/des.h> -# ifndef OPENSSL_NO_MD4 -# include <openssl/md4.h> -# else -# include "curl_md4.h" -# endif # include <openssl/md5.h> # include <openssl/ssl.h> # include <openssl/rand.h> @@ -79,29 +74,23 @@ #elif defined(USE_GNUTLS_NETTLE) # include <nettle/des.h> -# include <nettle/md4.h> #elif defined(USE_GNUTLS) # include <gcrypt.h> # define MD5_DIGEST_LENGTH 16 -# define MD4_DIGEST_LENGTH 16 #elif defined(USE_NSS) # include <nss.h> # include <pk11pub.h> # include <hasht.h> -# include "curl_md4.h" # define MD5_DIGEST_LENGTH MD5_LENGTH #elif defined(USE_MBEDTLS) # include <mbedtls/des.h> -# include <mbedtls/md4.h> -# if !defined(MBEDTLS_MD4_C) -# include "curl_md4.h" -# endif +# include "curl_md4.h" #elif defined(USE_SECTRANSP) @@ -110,7 +99,6 @@ #elif defined(USE_OS400CRYPTO) # include "cipher.mih" /* mih/cipher */ -# include "curl_md4.h" #elif defined(USE_WIN32_CRYPTO) # include <wincrypt.h> #else @@ -126,6 +114,7 @@ #include "warnless.h" #include "curl_endian.h" #include "curl_des.h" +#include "curl_md4.h" /* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" @@ -552,7 +541,7 @@ CURLcode Curl_ntlm_core_mk_nt_hash(struct Curl_easy *data, CURLcode result; if(len > SIZE_T_MAX/2) /* avoid integer overflow */ return CURLE_OUT_OF_MEMORY; - pw = len ? malloc(len * 2) : strdup(""); + pw = len ? malloc(len * 2) : (unsigned char *)strdup(""); if(!pw) return CURLE_OUT_OF_MEMORY; @@ -566,57 +555,10 @@ CURLcode Curl_ntlm_core_mk_nt_hash(struct Curl_easy *data, if(result) return result; - { - /* Create NT hashed password. */ -#ifdef USE_OPENSSL -#if !defined(OPENSSL_NO_MD4) - MD4_CTX MD4pw; - MD4_Init(&MD4pw); - MD4_Update(&MD4pw, pw, 2 * len); - MD4_Final(ntbuffer, &MD4pw); -#else - Curl_md4it(ntbuffer, pw, 2 * len); -#endif -#elif defined(USE_GNUTLS_NETTLE) - struct md4_ctx MD4pw; - md4_init(&MD4pw); - md4_update(&MD4pw, (unsigned int)(2 * len), pw); - md4_digest(&MD4pw, MD4_DIGEST_SIZE, ntbuffer); -#elif defined(USE_GNUTLS) - gcry_md_hd_t MD4pw; - gcry_md_open(&MD4pw, GCRY_MD_MD4, 0); - gcry_md_write(MD4pw, pw, 2 * len); - memcpy(ntbuffer, gcry_md_read(MD4pw, 0), MD4_DIGEST_LENGTH); - gcry_md_close(MD4pw); -#elif defined(USE_NSS) - Curl_md4it(ntbuffer, pw, 2 * len); -#elif defined(USE_MBEDTLS) -#if defined(MBEDTLS_MD4_C) - mbedtls_md4(pw, 2 * len, ntbuffer); -#else - Curl_md4it(ntbuffer, pw, 2 * len); -#endif -#elif defined(USE_SECTRANSP) - (void)CC_MD4(pw, (CC_LONG)(2 * len), ntbuffer); -#elif defined(USE_OS400CRYPTO) - Curl_md4it(ntbuffer, pw, 2 * len); -#elif defined(USE_WIN32_CRYPTO) - HCRYPTPROV hprov; - if(CryptAcquireContext(&hprov, NULL, NULL, PROV_RSA_FULL, - CRYPT_VERIFYCONTEXT)) { - HCRYPTHASH hhash; - if(CryptCreateHash(hprov, CALG_MD4, 0, 0, &hhash)) { - DWORD length = 16; - CryptHashData(hhash, pw, (unsigned int)len * 2, 0); - CryptGetHashParam(hhash, HP_HASHVAL, ntbuffer, &length, 0); - CryptDestroyHash(hhash); - } - CryptReleaseContext(hprov, 0); - } -#endif + /* Create NT hashed password. */ + Curl_md4it(ntbuffer, pw, 2 * len); - memset(ntbuffer + 16, 0, 21 - 16); - } + memset(ntbuffer + 16, 0, 21 - 16); free(pw); diff --git a/libs/libcurl/src/curl_path.c b/libs/libcurl/src/curl_path.c index 85dddcef1b..f429634630 100644 --- a/libs/libcurl/src/curl_path.c +++ b/libs/libcurl/src/curl_path.c @@ -55,7 +55,7 @@ CURLcode Curl_getworkingpath(struct connectdata *conn, } if((working_path_len > 3) && (!memcmp(working_path, "/~/", 3))) /* It is referenced to the home directory, so strip the leading '/~/' */ - memcpy(real_path, working_path + 3, 4 + working_path_len-3); + memcpy(real_path, working_path + 3, working_path_len - 2); else memcpy(real_path, working_path, 1 + working_path_len); } diff --git a/libs/libcurl/src/curl_rtmp.c b/libs/libcurl/src/curl_rtmp.c index 16b1de1ae4..df8f2b1d95 100644 --- a/libs/libcurl/src/curl_rtmp.c +++ b/libs/libcurl/src/curl_rtmp.c @@ -199,13 +199,13 @@ static CURLcode rtmp_setup_connection(struct connectdata *conn) RTMP_Free(r); return CURLE_URL_MALFORMAT; } - conn->proto.generic = r; + conn->proto.rtmp = r; return CURLE_OK; } static CURLcode rtmp_connect(struct connectdata *conn, bool *done) { - RTMP *r = conn->proto.generic; + RTMP *r = conn->proto.rtmp; SET_RCVTIMEO(tv, 10); r->m_sb.sb_socket = (int)conn->sock[FIRSTSOCKET]; @@ -240,7 +240,7 @@ static CURLcode rtmp_connect(struct connectdata *conn, bool *done) static CURLcode rtmp_do(struct connectdata *conn, bool *done) { struct Curl_easy *data = conn->data; - RTMP *r = conn->proto.generic; + RTMP *r = conn->proto.rtmp; if(!RTMP_ConnectStream(r, 0)) return CURLE_FAILED_INIT; @@ -268,10 +268,10 @@ static CURLcode rtmp_done(struct connectdata *conn, CURLcode status, static CURLcode rtmp_disconnect(struct connectdata *conn, bool dead_connection) { - RTMP *r = conn->proto.generic; + RTMP *r = conn->proto.rtmp; (void)dead_connection; if(r) { - conn->proto.generic = NULL; + conn->proto.rtmp = NULL; RTMP_Close(r); RTMP_Free(r); } @@ -281,7 +281,7 @@ static CURLcode rtmp_disconnect(struct connectdata *conn, static ssize_t rtmp_recv(struct connectdata *conn, int sockindex, char *buf, size_t len, CURLcode *err) { - RTMP *r = conn->proto.generic; + RTMP *r = conn->proto.rtmp; ssize_t nread; (void)sockindex; /* unused */ @@ -302,7 +302,7 @@ static ssize_t rtmp_recv(struct connectdata *conn, int sockindex, char *buf, static ssize_t rtmp_send(struct connectdata *conn, int sockindex, const void *buf, size_t len, CURLcode *err) { - RTMP *r = conn->proto.generic; + RTMP *r = conn->proto.rtmp; ssize_t num; (void)sockindex; /* unused */ diff --git a/libs/libcurl/src/curl_sasl.c b/libs/libcurl/src/curl_sasl.c index 018e4228b3..0aa1f5bb7a 100644 --- a/libs/libcurl/src/curl_sasl.c +++ b/libs/libcurl/src/curl_sasl.c @@ -370,8 +370,9 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn, sasl->authused = SASL_MECH_PLAIN; if(force_ir || data->set.sasl_ir) - result = Curl_auth_create_plain_message(data, NULL, conn->user, - conn->passwd, &resp, &len); + result = Curl_auth_create_plain_message(data, conn->sasl_authzid, + conn->user, conn->passwd, + &resp, &len); } else if(enabledmechs & SASL_MECH_LOGIN) { mech = SASL_MECH_STRING_LOGIN; @@ -453,8 +454,9 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn, *progress = SASL_DONE; return result; case SASL_PLAIN: - result = Curl_auth_create_plain_message(data, NULL, conn->user, - conn->passwd, &resp, &len); + result = Curl_auth_create_plain_message(data, conn->sasl_authzid, + conn->user, conn->passwd, + &resp, &len); break; case SASL_LOGIN: result = Curl_auth_create_login_message(data, conn->user, &resp, &len); diff --git a/libs/libcurl/src/curl_setup.h b/libs/libcurl/src/curl_setup.h index 27414a540e..13af8cdec9 100644 --- a/libs/libcurl/src/curl_setup.h +++ b/libs/libcurl/src/curl_setup.h @@ -96,6 +96,10 @@ # include "config-vxworks.h" #endif +#ifdef __PLAN9__ +# include "config-plan9.h" +#endif + #endif /* HAVE_CONFIG_H */ /* ================================================================ */ @@ -482,7 +486,6 @@ #ifdef WIN32 # define DIR_CHAR "\\" -# define DOT_CHAR "_" #else /* WIN32 */ @@ -508,14 +511,6 @@ # endif # define DIR_CHAR "/" -# ifndef DOT_CHAR -# define DOT_CHAR "." -# endif - -# ifdef MSDOS -# undef DOT_CHAR -# define DOT_CHAR "_" -# endif # ifndef fileno /* sunos 4 have this as a macro! */ int fileno(FILE *stream); @@ -827,4 +822,8 @@ int getpwuid_r(uid_t uid, struct passwd *pwd, char *buf, #define UNITTEST static #endif +#if defined(USE_NGTCP2) || defined(USE_QUICHE) +#define ENABLE_QUIC +#endif + #endif /* HEADER_CURL_SETUP_H */ diff --git a/libs/libcurl/src/doh.h b/libs/libcurl/src/doh.h index 34bfa6f2ba..f522d33085 100644 --- a/libs/libcurl/src/doh.h +++ b/libs/libcurl/src/doh.h @@ -40,8 +40,7 @@ Curl_addrinfo *Curl_doh(struct connectdata *conn, CURLcode Curl_doh_is_resolved(struct connectdata *conn, struct Curl_dns_entry **dns); -int Curl_doh_getsock(struct connectdata *conn, curl_socket_t *socks, - int numsocks); +int Curl_doh_getsock(struct connectdata *conn, curl_socket_t *socks); typedef enum { DOH_OK, diff --git a/libs/libcurl/src/easy.c b/libs/libcurl/src/easy.c index a4fff5b36e..0b0016be47 100644 --- a/libs/libcurl/src/easy.c +++ b/libs/libcurl/src/easy.c @@ -187,16 +187,8 @@ static CURLcode global_init(long flags, bool memoryfuncs) (void)Curl_ipv6works(); -#if defined(USE_LIBSSH2) && defined(HAVE_LIBSSH2_INIT) - if(libssh2_init(0)) { - DEBUGF(fprintf(stderr, "Error: libssh2_init failed\n")); - return CURLE_FAILED_INIT; - } -#endif - -#if defined(USE_LIBSSH) - if(ssh_init()) { - DEBUGF(fprintf(stderr, "Error: libssh_init failed\n")); +#if defined(USE_SSH) + if(Curl_ssh_init()) { return CURLE_FAILED_INIT; } #endif @@ -274,13 +266,7 @@ void curl_global_cleanup(void) Curl_amiga_cleanup(); -#if defined(USE_LIBSSH2) && defined(HAVE_LIBSSH2_EXIT) - (void)libssh2_exit(); -#endif - -#if defined(USE_LIBSSH) - (void)ssh_finalize(); -#endif + Curl_ssh_cleanup(); init_flags = 0; } @@ -602,27 +588,11 @@ static CURLcode easy_transfer(struct Curl_multi *multi) while(!done && !mcode) { int still_running = 0; - bool gotsocket = FALSE; - - mcode = Curl_multi_wait(multi, NULL, 0, 1000, NULL, &gotsocket); - - if(!mcode) { - if(!gotsocket) { - long sleep_ms; - - /* If it returns without any filedescriptor instantly, we need to - avoid busy-looping during periods where it has nothing particular - to wait for */ - curl_multi_timeout(multi, &sleep_ms); - if(sleep_ms) { - if(sleep_ms > 1000) - sleep_ms = 1000; - Curl_wait_ms((int)sleep_ms); - } - } + mcode = curl_multi_poll(multi, NULL, 0, 1000, NULL); + + if(!mcode) mcode = curl_multi_perform(multi, &still_running); - } /* only read 'still_running' if curl_multi_perform() return OK */ if(!mcode && !still_running) { @@ -942,6 +912,8 @@ struct Curl_easy *curl_easy_duphandle(struct Curl_easy *data) */ void curl_easy_reset(struct Curl_easy *data) { + long old_buffer_size = data->set.buffer_size; + Curl_free_request_state(data); /* zero out UserDefined data: */ @@ -965,6 +937,18 @@ void curl_easy_reset(struct Curl_easy *data) #if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_CRYPTO_AUTH) Curl_http_auth_cleanup_digest(data); #endif + + /* resize receive buffer */ + if(old_buffer_size != data->set.buffer_size) { + char *newbuff = realloc(data->state.buffer, data->set.buffer_size + 1); + if(!newbuff) { + DEBUGF(fprintf(stderr, "Error: realloc of buffer failed\n")); + /* nothing we can do here except use the old size */ + data->set.buffer_size = old_buffer_size; + } + else + data->state.buffer = newbuff; + } } /* @@ -1141,6 +1125,35 @@ CURLcode curl_easy_send(struct Curl_easy *data, const void *buffer, } /* + * Wrapper to call functions in Curl_conncache_foreach() + * + * Returns always 0. + */ +static int conn_upkeep(struct connectdata *conn, + void *param) +{ + /* Param is unused. */ + (void)param; + + if(conn->handler->connection_check) { + /* Do a protocol-specific keepalive check on the connection. */ + conn->handler->connection_check(conn, CONNCHECK_KEEPALIVE); + } + + return 0; /* continue iteration */ +} + +static CURLcode upkeep(struct conncache *conn_cache, void *data) +{ + /* Loop over every connection and make connection alive. */ + Curl_conncache_foreach(data, + conn_cache, + data, + conn_upkeep); + return CURLE_OK; +} + +/* * Performs connection upkeep for the given session handle. */ CURLcode curl_easy_upkeep(struct Curl_easy *data) @@ -1151,7 +1164,7 @@ CURLcode curl_easy_upkeep(struct Curl_easy *data) if(data->multi_easy) { /* Use the common function to keep connections alive. */ - return Curl_upkeep(&data->multi_easy->conn_cache, data); + return upkeep(&data->multi_easy->conn_cache, data); } else { /* No connections, so just return success */ diff --git a/libs/libcurl/src/ftp.c b/libs/libcurl/src/ftp.c index 76ebbc44f4..e807a2acde 100644 --- a/libs/libcurl/src/ftp.c +++ b/libs/libcurl/src/ftp.c @@ -132,10 +132,8 @@ static CURLcode ftp_connect(struct connectdata *conn, bool *done); static CURLcode ftp_disconnect(struct connectdata *conn, bool dead_connection); static CURLcode ftp_do_more(struct connectdata *conn, int *completed); static CURLcode ftp_multi_statemach(struct connectdata *conn, bool *done); -static int ftp_getsock(struct connectdata *conn, curl_socket_t *socks, - int numsocks); -static int ftp_domore_getsock(struct connectdata *conn, curl_socket_t *socks, - int numsocks); +static int ftp_getsock(struct connectdata *conn, curl_socket_t *socks); +static int ftp_domore_getsock(struct connectdata *conn, curl_socket_t *socks); static CURLcode ftp_doing(struct connectdata *conn, bool *dophase_done); static CURLcode ftp_setup_connection(struct connectdata * conn); @@ -382,7 +380,7 @@ static CURLcode ReceivedServerConnect(struct connectdata *conn, bool *received) struct ftp_conn *ftpc = &conn->proto.ftpc; struct pingpong *pp = &ftpc->pp; int result; - time_t timeout_ms; + timediff_t timeout_ms; ssize_t nread; int ftpcode; @@ -493,7 +491,7 @@ static CURLcode InitiateTransfer(struct connectdata *conn) static CURLcode AllowServerConnect(struct connectdata *conn, bool *connected) { struct Curl_easy *data = conn->data; - time_t timeout_ms; + timediff_t timeout_ms; CURLcode result = CURLE_OK; *connected = FALSE; @@ -810,21 +808,16 @@ static CURLcode ftp_state_pwd(struct connectdata *conn) /* For the FTP "protocol connect" and "doing" phases only */ static int ftp_getsock(struct connectdata *conn, - curl_socket_t *socks, - int numsocks) + curl_socket_t *socks) { - return Curl_pp_getsock(&conn->proto.ftpc.pp, socks, numsocks); + return Curl_pp_getsock(&conn->proto.ftpc.pp, socks); } /* For the FTP "DO_MORE" phase only */ -static int ftp_domore_getsock(struct connectdata *conn, curl_socket_t *socks, - int numsocks) +static int ftp_domore_getsock(struct connectdata *conn, curl_socket_t *socks) { struct ftp_conn *ftpc = &conn->proto.ftpc; - if(!numsocks) - return GETSOCK_BLANK; - /* When in DO_MORE state, we could be either waiting for us to connect to a * remote site, or we could wait for that site to connect to us. Or just * handle ordinary commands. @@ -856,7 +849,7 @@ static int ftp_domore_getsock(struct connectdata *conn, curl_socket_t *socks, return bits; } - return Curl_pp_getsock(&conn->proto.ftpc.pp, socks, numsocks); + return Curl_pp_getsock(&conn->proto.ftpc.pp, socks); } /* This is called after the FTP_QUOTE state is passed. diff --git a/libs/libcurl/src/getenv.c b/libs/libcurl/src/getenv.c index 89d181de3c..e444a6a3ad 100644 --- a/libs/libcurl/src/getenv.c +++ b/libs/libcurl/src/getenv.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -35,7 +35,7 @@ char *GetEnv(const char *variable) return NULL; #else #ifdef WIN32 - char env[MAX_PATH]; /* MAX_PATH is from windef.h */ + char env[4096]; char *temp = getenv(variable); env[0] = '\0'; if(temp != NULL) diff --git a/libs/libcurl/src/getinfo.c b/libs/libcurl/src/getinfo.c index e118da80d4..2b8f2303e1 100644 --- a/libs/libcurl/src/getinfo.c +++ b/libs/libcurl/src/getinfo.c @@ -235,6 +235,9 @@ static CURLcode getinfo_long(struct Curl_easy *data, CURLINFO info, case 20: *param_longp = CURL_HTTP_VERSION_2_0; break; + case 30: + *param_longp = CURL_HTTP_VERSION_3; + break; default: *param_longp = CURL_HTTP_VERSION_NONE; break; @@ -243,7 +246,6 @@ static CURLcode getinfo_long(struct Curl_easy *data, CURLINFO info, case CURLINFO_PROTOCOL: *param_longp = data->info.conn_protocol; break; - default: return CURLE_UNKNOWN_OPTION; } @@ -301,7 +303,9 @@ static CURLcode getinfo_offt(struct Curl_easy *data, CURLINFO info, case CURLINFO_REDIRECT_TIME_T: *param_offt = data->progress.t_redirect; break; - + case CURLINFO_RETRY_AFTER: + *param_offt = data->info.retry_after; + break; default: return CURLE_UNKNOWN_OPTION; } diff --git a/libs/libcurl/src/hostip.c b/libs/libcurl/src/hostip.c index cf33ed8f4d..bd532a891e 100644 --- a/libs/libcurl/src/hostip.c +++ b/libs/libcurl/src/hostip.c @@ -624,7 +624,7 @@ int Curl_resolv_timeout(struct connectdata *conn, const char *hostname, int port, struct Curl_dns_entry **entry, - time_t timeoutms) + timediff_t timeoutms) { #ifdef USE_ALARM_TIMEOUT #ifdef HAVE_SIGACTION @@ -1027,19 +1027,17 @@ CURLcode Curl_resolv_check(struct connectdata *conn, } int Curl_resolv_getsock(struct connectdata *conn, - curl_socket_t *socks, - int numsocks) + curl_socket_t *socks) { #ifdef CURLRES_ASYNCH if(conn->data->set.doh) /* nothing to wait for during DOH resolve, those handles have their own sockets */ return GETSOCK_BLANK; - return Curl_resolver_getsock(conn, socks, numsocks); + return Curl_resolver_getsock(conn, socks); #else (void)conn; (void)socks; - (void)numsocks; return GETSOCK_BLANK; #endif } diff --git a/libs/libcurl/src/hostip.h b/libs/libcurl/src/hostip.h index 1bda524be4..e0597ea96a 100644 --- a/libs/libcurl/src/hostip.h +++ b/libs/libcurl/src/hostip.h @@ -25,6 +25,7 @@ #include "curl_setup.h" #include "hash.h" #include "curl_addrinfo.h" +#include "timeval.h" /* for timediff_t */ #include "asyn.h" #ifdef HAVE_SETJMP_H @@ -89,7 +90,7 @@ int Curl_resolv(struct connectdata *conn, struct Curl_dns_entry **dnsentry); int Curl_resolv_timeout(struct connectdata *conn, const char *hostname, int port, struct Curl_dns_entry **dnsentry, - time_t timeoutms); + timediff_t timeoutms); #ifdef CURLRES_IPV6 /* @@ -240,7 +241,6 @@ CURLcode Curl_loadhostpairs(struct Curl_easy *data); CURLcode Curl_resolv_check(struct connectdata *conn, struct Curl_dns_entry **dns); int Curl_resolv_getsock(struct connectdata *conn, - curl_socket_t *socks, - int numsocks); + curl_socket_t *socks); #endif /* HEADER_CURL_HOSTIP_H */ diff --git a/libs/libcurl/src/hostip6.c b/libs/libcurl/src/hostip6.c index 5511f1aab1..e0e0c58dfa 100644 --- a/libs/libcurl/src/hostip6.c +++ b/libs/libcurl/src/hostip6.c @@ -165,7 +165,8 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn, memset(&hints, 0, sizeof(hints)); hints.ai_family = pf; - hints.ai_socktype = conn->socktype; + hints.ai_socktype = (conn->transport == TRNSPRT_TCP) ? + SOCK_STREAM : SOCK_DGRAM; #ifndef USE_RESOLVE_ON_IPS /* diff --git a/libs/libcurl/src/http.c b/libs/libcurl/src/http.c index 9fbd7201e8..28d1fa607d 100644 --- a/libs/libcurl/src/http.c +++ b/libs/libcurl/src/http.c @@ -88,8 +88,7 @@ */ static int http_getsock_do(struct connectdata *conn, - curl_socket_t *socks, - int numsocks); + curl_socket_t *socks); static int http_should_fail(struct connectdata *conn); #ifndef CURL_DISABLE_PROXY @@ -99,8 +98,7 @@ static CURLcode add_haproxy_protocol_header(struct connectdata *conn); #ifdef USE_SSL static CURLcode https_connecting(struct connectdata *conn, bool *done); static int https_getsock(struct connectdata *conn, - curl_socket_t *socks, - int numsocks); + curl_socket_t *socks); #else #define https_connecting(x,y) CURLE_COULDNT_CONNECT #endif @@ -171,10 +169,22 @@ static CURLcode http_setup_conn(struct connectdata *conn) Curl_mime_initpart(&http->form, conn->data); data->req.protop = http; - if(!CONN_INUSE(conn)) - /* if not already multi-using, setup connection details */ - Curl_http2_setup_conn(conn); - Curl_http2_setup_req(data); + if(data->set.httpversion == CURL_HTTP_VERSION_3) { + if(conn->handler->flags & PROTOPT_SSL) + /* Only go HTTP/3 directly on HTTPS URLs. It needs a UDP socket and does + the QUIC dance. */ + conn->transport = TRNSPRT_QUIC; + else { + failf(data, "HTTP/3 requested for non-HTTPS URL"); + return CURLE_URL_MALFORMAT; + } + } + else { + if(!CONN_INUSE(conn)) + /* if not already multi-using, setup connection details */ + Curl_http2_setup_conn(conn); + Curl_http2_setup_req(data); + } return CURLE_OK; } @@ -1136,10 +1146,14 @@ Curl_send_buffer *Curl_add_buffer_init(void) */ void Curl_add_buffer_free(Curl_send_buffer **inp) { - Curl_send_buffer *in = *inp; - if(in) /* deal with NULL input */ + Curl_send_buffer *in; + if(!inp) + return; + in = *inp; + if(in) { /* deal with NULL input */ free(in->buffer); - free(in); + free(in); + } *inp = NULL; } @@ -1497,11 +1511,9 @@ CURLcode Curl_http_connect(struct connectdata *conn, bool *done) interface and then we're always _sending_ a request and thus we wait for the single socket to become writable only */ static int http_getsock_do(struct connectdata *conn, - curl_socket_t *socks, - int numsocks) + curl_socket_t *socks) { /* write mode */ - (void)numsocks; /* unused, we trust it to be at least 1 */ socks[0] = conn->sock[FIRSTSOCKET]; return GETSOCK_WRITESOCK(0); } @@ -1555,6 +1567,13 @@ static CURLcode https_connecting(struct connectdata *conn, bool *done) CURLcode result; DEBUGASSERT((conn) && (conn->handler->flags & PROTOPT_SSL)); +#ifdef ENABLE_QUIC + if(conn->transport == TRNSPRT_QUIC) { + *done = TRUE; + return CURLE_OK; + } +#endif + /* perform SSL initialization for this socket */ result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, done); if(result) @@ -1564,11 +1583,10 @@ static CURLcode https_connecting(struct connectdata *conn, bool *done) } static int https_getsock(struct connectdata *conn, - curl_socket_t *socks, - int numsocks) + curl_socket_t *socks) { if(conn->handler->flags & PROTOPT_SSL) - return Curl_ssl_getsock(conn, socks, numsocks); + return Curl_ssl_getsock(conn, socks); return GETSOCK_BLANK; } #endif /* USE_SSL */ @@ -1650,6 +1668,12 @@ static bool use_http_1_1plus(const struct Curl_easy *data, static const char *get_http_string(const struct Curl_easy *data, const struct connectdata *conn) { +#ifdef ENABLE_QUIC + if((data->set.httpversion == CURL_HTTP_VERSION_3) || + (conn->httpversion == 30)) + return "3"; +#endif + #ifdef USE_NGHTTP2 if(conn->proto.httpc.h2) return "2"; @@ -1670,7 +1694,7 @@ static CURLcode expect100(struct Curl_easy *data, data->state.expect100header = FALSE; /* default to false unless it is set to TRUE below */ if(use_http_1_1plus(data, conn) && - (conn->httpversion != 20)) { + (conn->httpversion < 20)) { /* if not doing HTTP 1.0 or version 2, or disabled explicitly, we add an Expect: 100-continue to the headers which actually speeds up post operations (as there is one packet coming back from the web server) */ @@ -1700,7 +1724,7 @@ enum proxy_use { will return an error code if one of the headers is not formatted correctly */ CURLcode Curl_http_compile_trailers(struct curl_slist *trailers, - Curl_send_buffer *buffer, + Curl_send_buffer **buffer, struct Curl_easy *handle) { char *ptr = NULL; @@ -1726,7 +1750,7 @@ CURLcode Curl_http_compile_trailers(struct curl_slist *trailers, /* only add correctly formatted trailers */ ptr = strchr(trailers->data, ':'); if(ptr && *(ptr + 1) == ' ') { - result = Curl_add_bufferf(&buffer, "%s%s", trailers->data, + result = Curl_add_bufferf(buffer, "%s%s", trailers->data, endofline_native); if(result) return result; @@ -1735,7 +1759,7 @@ CURLcode Curl_http_compile_trailers(struct curl_slist *trailers, infof(handle, "Malformatted trailing header ! Skipping trailer."); trailers = trailers->next; } - result = Curl_add_buffer(&buffer, endofline_network, + result = Curl_add_buffer(buffer, endofline_network, strlen(endofline_network)); return result; } @@ -1851,7 +1875,7 @@ CURLcode Curl_add_custom_headers(struct connectdata *conn, Connection: */ checkprefix("Connection:", compare)) ; - else if((conn->httpversion == 20) && + else if((conn->httpversion >= 20) && checkprefix("Transfer-Encoding:", compare)) /* HTTP/2 doesn't support chunked requests */ ; @@ -1982,55 +2006,57 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) const char *httpstring; Curl_send_buffer *req_buffer; curl_off_t postsize = 0; /* curl_off_t to handle large file sizes */ + char *altused = NULL; /* Always consider the DO phase done after this function call, even if there may be parts of the request that is not yet sent, since we can deal with the rest of the request in the PERFORM phase. */ *done = TRUE; - if(conn->httpversion < 20) { /* unless the connection is re-used and already - http2 */ - switch(conn->negnpn) { - case CURL_HTTP_VERSION_2: - conn->httpversion = 20; /* we know we're on HTTP/2 now */ - - result = Curl_http2_switched(conn, NULL, 0); - if(result) - return result; - break; - case CURL_HTTP_VERSION_1_1: - /* continue with HTTP/1.1 when explicitly requested */ - break; - default: - /* Check if user wants to use HTTP/2 with clear TCP*/ -#ifdef USE_NGHTTP2 - if(conn->data->set.httpversion == - CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE) { - if(conn->bits.httpproxy && !conn->bits.tunnel_proxy) { - /* We don't support HTTP/2 proxies yet. Also it's debatable whether - or not this setting should apply to HTTP/2 proxies. */ - infof(data, "Ignoring HTTP/2 prior knowledge due to proxy\n"); - break; - } - - DEBUGF(infof(data, "HTTP/2 over clean TCP\n")); - conn->httpversion = 20; + if(conn->transport != TRNSPRT_QUIC) { + if(conn->httpversion < 20) { /* unless the connection is re-used and + already http2 */ + switch(conn->negnpn) { + case CURL_HTTP_VERSION_2: + conn->httpversion = 20; /* we know we're on HTTP/2 now */ result = Curl_http2_switched(conn, NULL, 0); if(result) return result; - } + break; + case CURL_HTTP_VERSION_1_1: + /* continue with HTTP/1.1 when explicitly requested */ + break; + default: + /* Check if user wants to use HTTP/2 with clear TCP*/ +#ifdef USE_NGHTTP2 + if(conn->data->set.httpversion == + CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE) { + if(conn->bits.httpproxy && !conn->bits.tunnel_proxy) { + /* We don't support HTTP/2 proxies yet. Also it's debatable + whether or not this setting should apply to HTTP/2 proxies. */ + infof(data, "Ignoring HTTP/2 prior knowledge due to proxy\n"); + break; + } + + DEBUGF(infof(data, "HTTP/2 over clean TCP\n")); + conn->httpversion = 20; + + result = Curl_http2_switched(conn, NULL, 0); + if(result) + return result; + } #endif - break; + break; + } + } + else { + /* prepare for a http2 request */ + result = Curl_http2_setup(conn); + if(result) + return result; } } - else { - /* prepare for a http2 request */ - result = Curl_http2_setup(conn); - if(result) - return result; - } - http = data->req.protop; DEBUGASSERT(http); @@ -2226,14 +2252,16 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) else { if((conn->handler->protocol & PROTO_FAMILY_HTTP) && (((httpreq == HTTPREQ_POST_MIME || httpreq == HTTPREQ_POST_FORM) && - http->postsize < 0) || - (data->set.upload && data->state.infilesize == -1))) { + http->postsize < 0) || + ((data->set.upload || httpreq == HTTPREQ_POST) && + data->state.infilesize == -1))) { if(conn->bits.authneg) /* don't enable chunked during auth neg */ ; else if(use_http_1_1plus(data, conn)) { - /* HTTP, upload, unknown file size and not HTTP 1.0 */ - data->req.upload_chunky = TRUE; + if(conn->httpversion < 20) + /* HTTP, upload, unknown file size and not HTTP 1.0 */ + data->req.upload_chunky = TRUE; } else { failf(data, "Chunky upload is not supported by HTTP 1.0"); @@ -2334,7 +2362,6 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) /* and no fragment part */ CURLUcode uc; - char *url; CURLU *h = curl_url_dup(data->state.uh); if(!h) return CURLE_OUT_OF_MEMORY; @@ -2365,19 +2392,15 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) return CURLE_OUT_OF_MEMORY; } } - /* now extract the new version of the URL */ - uc = curl_url_get(h, CURLUPART_URL, &url, 0); + /* Extract the the URL to use in the request. Store in STRING_TEMP_URL for + clean-up reasons if the function returns before the free() further + down. */ + uc = curl_url_get(h, CURLUPART_URL, &data->set.str[STRING_TEMP_URL], 0); if(uc) { curl_url_cleanup(h); return CURLE_OUT_OF_MEMORY; } - if(data->change.url_alloc) - free(data->change.url); - - data->change.url = url; - data->change.url_alloc = TRUE; - curl_url_cleanup(h); if(strcasecompare("ftp", data->state.up.scheme)) { @@ -2556,12 +2579,16 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) query = NULL; } +#ifndef CURL_DISABLE_PROXY /* url */ if(conn->bits.httpproxy && !conn->bits.tunnel_proxy) { - char *url = data->change.url; + char *url = data->set.str[STRING_TEMP_URL]; result = Curl_add_buffer(&req_buffer, url, strlen(url)); + Curl_safefree(data->set.str[STRING_TEMP_URL]); } - else if(paste_ftp_userpwd) + else +#endif + if(paste_ftp_userpwd) result = Curl_add_bufferf(&req_buffer, "ftp://%s:%s@%s", conn->user, conn->passwd, path + sizeof("ftp://") - 1); @@ -2575,6 +2602,14 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) if(result) return result; +#ifdef USE_ALTSVC + if(conn->bits.altused && !Curl_checkheaders(conn, "Alt-Used")) { + altused = aprintf("Alt-Used: %s:%d\r\n", + conn->conn_to_host.name, conn->conn_to_port); + if(!altused) + return CURLE_OUT_OF_MEMORY; + } +#endif result = Curl_add_bufferf(&req_buffer, "%s" /* ftp typecode (;type=x) */ @@ -2589,7 +2624,8 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) "%s" /* accept-encoding */ "%s" /* referer */ "%s" /* Proxy-Connection */ - "%s",/* transfer-encoding */ + "%s" /* transfer-encoding */ + "%s",/* Alt-Used */ ftp_typecode, httpstring, @@ -2615,13 +2651,15 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) !conn->bits.tunnel_proxy && !Curl_checkProxyheaders(conn, "Proxy-Connection"))? "Proxy-Connection: Keep-Alive\r\n":"", - te + te, + altused ? altused : "" ); /* clear userpwd and proxyuserpwd to avoid re-using old credentials * from re-used connections */ Curl_safefree(conn->allocptr.userpwd); Curl_safefree(conn->allocptr.proxyuserpwd); + free(altused); if(result) return result; @@ -3660,6 +3698,7 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, * guarantees on future behaviors since it isn't within the protocol. */ char separator; + char twoorthree[2]; nc = sscanf(HEADER1, " HTTP/%1d.%1d%c%3d", &httpversion_major, @@ -3667,8 +3706,8 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, &separator, &k->httpcode); - if(nc == 1 && httpversion_major == 2 && - 1 == sscanf(HEADER1, " HTTP/2 %d", &k->httpcode)) { + if(nc == 1 && httpversion_major >= 2 && + 2 == sscanf(HEADER1, " HTTP/%1[23] %d", twoorthree, &k->httpcode)) { conn->httpversion = 0; nc = 4; separator = ' '; @@ -3706,7 +3745,7 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, } } else { - failf(data, "Unsupported HTTP version in response\n"); + failf(data, "Unsupported HTTP version in response"); return CURLE_UNSUPPORTED_PROTOCOL; } } @@ -3935,6 +3974,19 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, if(result) return result; } + else if(checkprefix("Retry-After:", k->p)) { + /* Retry-After = HTTP-date / delay-seconds */ + curl_off_t retry_after = 0; /* zero for unknown or "now" */ + time_t date = curl_getdate(&k->p[12], NULL); + if(-1 == date) { + /* not a date, try it as a decimal number */ + (void)curlx_strtoofft(&k->p[12], NULL, 10, &retry_after); + } + else + /* convert date to number of seconds into the future */ + retry_after = date - time(NULL); + data->info.retry_after = retry_after; /* store it */ + } else if(!k->http_bodyless && checkprefix("Content-Range:", k->p)) { /* Content-Range: bytes [num]- Content-Range: bytes: [num]- diff --git a/libs/libcurl/src/http.h b/libs/libcurl/src/http.h index 72161f6b03..f0ddec7590 100644 --- a/libs/libcurl/src/http.h +++ b/libs/libcurl/src/http.h @@ -75,7 +75,7 @@ CURLcode Curl_add_custom_headers(struct connectdata *conn, bool is_connect, Curl_send_buffer *req_buffer); CURLcode Curl_http_compile_trailers(struct curl_slist *trailers, - Curl_send_buffer *buffer, + Curl_send_buffer **buffer, struct Curl_easy *handle); /* protocol-specific functions set up to be called by the main engine */ @@ -126,6 +126,10 @@ CURLcode Curl_http_auth_act(struct connectdata *conn); #endif /* CURL_DISABLE_HTTP */ +#ifdef USE_NGHTTP3 +struct h3out; /* see ngtcp2 */ +#endif + /**************************************************************************** * HTTP unique setup ***************************************************************************/ @@ -172,19 +176,34 @@ struct HTTP { int status_code; /* HTTP status code */ const uint8_t *pausedata; /* pointer to data received in on_data_chunk */ size_t pauselen; /* the number of bytes left in data */ - bool closed; /* TRUE on HTTP2 stream close */ bool close_handled; /* TRUE if stream closure is handled by libcurl */ + + char **push_headers; /* allocated array */ + size_t push_headers_used; /* number of entries filled in */ + size_t push_headers_alloc; /* number of entries allocated */ +#endif +#if defined(USE_NGHTTP2) || defined(USE_NGHTTP3) + bool closed; /* TRUE on HTTP2 stream close */ char *mem; /* points to a buffer in memory to store received data */ size_t len; /* size of the buffer 'mem' points to */ size_t memlen; /* size of data copied to mem */ - +#endif +#if defined(USE_NGHTTP2) || defined(ENABLE_QUIC) + /* fields used by both HTTP/2 and HTTP/3 */ const uint8_t *upload_mem; /* points to a buffer to read from */ size_t upload_len; /* size of the buffer 'upload_mem' points to */ curl_off_t upload_left; /* number of bytes left to upload */ +#endif - char **push_headers; /* allocated array */ - size_t push_headers_used; /* number of entries filled in */ - size_t push_headers_alloc; /* number of entries allocated */ +#ifdef ENABLE_QUIC + /*********** for HTTP/3 we store stream-local data here *************/ + int64_t stream3_id; /* stream we are interested in */ + bool firstbody; /* FALSE until body arrives */ + bool h3req; /* FALSE until request is issued */ + bool upload_done; +#endif +#ifdef USE_NGHTTP3 + struct h3out *h3out; /* per-stream buffers for upload */ #endif }; diff --git a/libs/libcurl/src/http2.c b/libs/libcurl/src/http2.c index eb55e62d1c..31d2d698ad 100644 --- a/libs/libcurl/src/http2.c +++ b/libs/libcurl/src/http2.c @@ -100,16 +100,11 @@ void Curl_http2_init_userset(struct UserDefined *set) } static int http2_perform_getsock(const struct connectdata *conn, - curl_socket_t *sock, /* points to - numsocks - number of - sockets */ - int numsocks) + curl_socket_t *sock) { const struct http_conn *c = &conn->proto.httpc; struct SingleRequest *k = &conn->data->req; int bitmap = GETSOCK_BLANK; - (void)numsocks; sock[0] = conn->sock[FIRSTSOCKET]; @@ -126,11 +121,9 @@ static int http2_perform_getsock(const struct connectdata *conn, } static int http2_getsock(struct connectdata *conn, - curl_socket_t *sock, /* points to numsocks - number of sockets */ - int numsocks) + curl_socket_t *socks) { - return http2_perform_getsock(conn, sock, numsocks); + return http2_perform_getsock(conn, socks); } /* @@ -240,7 +233,7 @@ static unsigned int http2_conncheck(struct connectdata *check, if(checks_to_perform & CONNCHECK_KEEPALIVE) { struct curltime now = Curl_now(); - time_t elapsed = Curl_timediff(now, check->keepalive); + timediff_t elapsed = Curl_timediff(now, check->keepalive); if(elapsed > check->upkeep_interval_ms) { /* Perform an HTTP/2 PING */ @@ -1566,6 +1559,11 @@ static ssize_t http2_recv(struct connectdata *conn, int sockindex, if(should_close_session(httpc)) { H2BUGF(infof(data, "http2_recv: nothing to do in this session\n")); + if(conn->bits.close) { + /* already marked for closure, return OK and we're done */ + *err = CURLE_OK; + return 0; + } *err = CURLE_HTTP2; return -1; } @@ -1755,6 +1753,9 @@ static ssize_t http2_recv(struct connectdata *conn, int sockindex, else if(!stream->closed) { drained_transfer(data, httpc); } + else + /* this stream is closed, trigger a another read ASAP to detect that */ + Curl_expire(data, 0, EXPIRE_RUN_NOW); return retlen; } diff --git a/libs/libcurl/src/http_negotiate.c b/libs/libcurl/src/http_negotiate.c index c8f4064449..8e1f3bf685 100644 --- a/libs/libcurl/src/http_negotiate.c +++ b/libs/libcurl/src/http_negotiate.c @@ -148,10 +148,10 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy) } if(!neg_ctx->context) { result = Curl_input_negotiate(conn, proxy, "Negotiate"); - if(result == CURLE_LOGIN_DENIED) { + if(result == CURLE_AUTH_ERROR) { /* negotiate auth failed, let's continue unauthenticated to stay * compatible with the behavior before curl-7_64_0-158-g6c6035532 */ - conn->data->state.authproblem = TRUE; + authp->done = TRUE; return CURLE_OK; } else if(result) diff --git a/libs/libcurl/src/imap.c b/libs/libcurl/src/imap.c index f3ffa290b4..ff9b629470 100644 --- a/libs/libcurl/src/imap.c +++ b/libs/libcurl/src/imap.c @@ -95,8 +95,7 @@ static CURLcode imap_done(struct connectdata *conn, CURLcode status, static CURLcode imap_connect(struct connectdata *conn, bool *done); static CURLcode imap_disconnect(struct connectdata *conn, bool dead); static CURLcode imap_multi_statemach(struct connectdata *conn, bool *done); -static int imap_getsock(struct connectdata *conn, curl_socket_t *socks, - int numsocks); +static int imap_getsock(struct connectdata *conn, curl_socket_t *socks); static CURLcode imap_doing(struct connectdata *conn, bool *dophase_done); static CURLcode imap_setup_connection(struct connectdata *conn); static char *imap_atom(const char *str, bool escape_only); @@ -1392,10 +1391,9 @@ static CURLcode imap_init(struct connectdata *conn) } /* For the IMAP "protocol connect" and "doing" phases only */ -static int imap_getsock(struct connectdata *conn, curl_socket_t *socks, - int numsocks) +static int imap_getsock(struct connectdata *conn, curl_socket_t *socks) { - return Curl_pp_getsock(&conn->proto.imapc.pp, socks, numsocks); + return Curl_pp_getsock(&conn->proto.imapc.pp, socks); } /*********************************************************************** diff --git a/libs/libcurl/src/libcurl.plist b/libs/libcurl/src/libcurl.plist index c0adf43f54..9db8aa3107 100644 --- a/libs/libcurl/src/libcurl.plist +++ b/libs/libcurl/src/libcurl.plist @@ -15,7 +15,7 @@ <string>se.haxx.curl.libcurl</string> <key>CFBundleVersion</key> - <string>7.65.3</string> + <string>7.66.0</string> <key>CFBundleName</key> <string>libcurl</string> @@ -27,9 +27,9 @@ <string>????</string> <key>CFBundleShortVersionString</key> - <string>libcurl 7.65.3</string> + <string>libcurl 7.66.0</string> <key>CFBundleGetInfoString</key> - <string>libcurl.plist 7.65.3</string> + <string>libcurl.plist 7.66.0</string> </dict> </plist> diff --git a/libs/libcurl/src/md4.c b/libs/libcurl/src/md4.c index 0b4ea9a3c3..bbf8975081 100644 --- a/libs/libcurl/src/md4.c +++ b/libs/libcurl/src/md4.c @@ -1,5 +1,223 @@ -/* - * !checksrc! disable COPYRIGHT +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if !defined(CURL_DISABLE_CRYPTO_AUTH) + +#include "curl_md4.h" +#include "warnless.h" + +#ifdef USE_OPENSSL +#include <openssl/opensslconf.h> +#endif +#ifdef USE_MBEDTLS +#include <mbedtls/config.h> +#endif + +#if defined(USE_GNUTLS_NETTLE) + +#include <nettle/md4.h> + +#include "curl_memory.h" + +/* The last #include file should be: */ +#include "memdebug.h" + +typedef struct md4_ctx MD4_CTX; + +static void MD4_Init(MD4_CTX *ctx) +{ + md4_init(ctx); +} + +static void MD4_Update(MD4_CTX *ctx, const void *data, unsigned long size) +{ + md4_update(ctx, size, data); +} + +static void MD4_Final(unsigned char *result, MD4_CTX *ctx) +{ + md4_digest(ctx, MD4_DIGEST_SIZE, result); +} + +#elif defined(USE_GNUTLS) + +#include <gcrypt.h> + +#include "curl_memory.h" +/* The last #include file should be: */ +#include "memdebug.h" + +typedef struct gcry_md_hd_t MD4_CTX; + +static void MD4_Init(MD4_CTX *ctx) +{ + gcry_md_open(ctx, GCRY_MD_MD4, 0); +} + +static void MD4_Update(MD4_CTX *ctx, const void *data, unsigned long size) +{ + gcry_md_write(*ctx, data, size); +} + +static void MD4_Final(unsigned char *result, MD4_CTX *ctx) +{ + memcpy(result, gcry_md_read(ctx, 0), MD4_DIGEST_LENGTH); + gcry_md_close(ctx); +} + +#elif defined(USE_OPENSSL) && !defined(OPENSSL_NO_MD4) +/* When OpenSSL is available we use the MD4-functions from OpenSSL */ +#include <openssl/md4.h> + +#elif defined(USE_SECTRANSP) + +#include <CommonCrypto/CommonDigest.h> + +#include "curl_memory.h" +/* The last #include file should be: */ +#include "memdebug.h" + +typedef struct { + void *data; + unsigned long size; +} MD4_CTX; + +static void MD4_Init(MD4_CTX *ctx) +{ + ctx->data = NULL; + ctx->size = 0; +} + +static void MD4_Update(MD4_CTX *ctx, const void *data, unsigned long size) +{ + if(ctx->data == NULL) { + ctx->data = malloc(size); + if(ctx->data != NULL) { + memcpy(ctx->data, data, size); + ctx->size = size; + } + } +} + +static void MD4_Final(unsigned char *result, MD4_CTX *ctx) +{ + if(ctx->data != NULL) { + (void)CC_MD4(ctx->data, (CC_LONG) ctx->size, result); + + Curl_safefree(ctx->data); + ctx->size = 0; + } +} + +#elif defined(USE_WIN32_CRYPTO) + +#include <wincrypt.h> + +#include "curl_memory.h" + /* The last #include file should be: */ +#include "memdebug.h" + +typedef struct { + HCRYPTPROV hCryptProv; + HCRYPTHASH hHash; +} MD4_CTX; + +static void MD4_Init(MD4_CTX *ctx) +{ + ctx->hCryptProv = 0; + ctx->hHash = 0; + + if(CryptAcquireContext(&ctx->hCryptProv, NULL, NULL, PROV_RSA_FULL, + CRYPT_VERIFYCONTEXT)) { + CryptCreateHash(ctx->hCryptProv, CALG_MD4, 0, 0, &ctx->hHash); + } +} + +static void MD4_Update(MD4_CTX *ctx, const void *data, unsigned long size) +{ + CryptHashData(ctx->hHash, data, (unsigned int) size, 0); +} + +static void MD4_Final(unsigned char *result, MD4_CTX *ctx) +{ + unsigned long length = 0; + + CryptGetHashParam(ctx->hHash, HP_HASHVAL, NULL, &length, 0); + if(length == MD4_DIGEST_LENGTH) + CryptGetHashParam(ctx->hHash, HP_HASHVAL, result, &length, 0); + + if(ctx->hHash) + CryptDestroyHash(ctx->hHash); + + if(ctx->hCryptProv) + CryptReleaseContext(ctx->hCryptProv, 0); +} + +#elif(defined(USE_MBEDTLS) && defined(MBEDTLS_MD4_C)) + +#include <mbedtls/md4.h> + +#include "curl_memory.h" +/* The last #include file should be: */ +#include "memdebug.h" + +typedef struct { + void *data; + unsigned long size; +} MD4_CTX; + +static void MD4_Init(MD4_CTX *ctx) +{ + ctx->data = NULL; + ctx->size = 0; +} + +static void MD4_Update(MD4_CTX *ctx, const void *data, unsigned long size) +{ + if(ctx->data == NULL) { + ctx->data = malloc(size); + if(ctx->data != NULL) { + memcpy(ctx->data, data, size); + ctx->size = size; + } + } +} + +static void MD4_Final(unsigned char *result, MD4_CTX *ctx) +{ + if(ctx->data != NULL) { + mbedtls_md4(ctx->data, ctx->size, result); + + Curl_safefree(ctx->data); + ctx->size = 0; + } +} + +#else +/* When no other crypto library is available, or the crypto library doesn't + * support MD4, we use this code segment this implementation of it + * * This is an OpenSSL-compatible implementation of the RSA Data Security, Inc. * MD4 Message-Digest Algorithm (RFC 1320). * @@ -36,26 +254,6 @@ * compile-time configuration. */ -#include "curl_setup.h" - -#ifdef USE_OPENSSL -#include <openssl/opensslconf.h> -#endif -#ifdef USE_MBEDTLS -#include <mbedtls/config.h> -#endif - -/* The NSS, OS/400, and when not included, OpenSSL and mbed TLS crypto - * libraries do not provide the MD4 hash algorithm, so we use this - * implementation of it */ -#if defined(USE_NSS) || defined(USE_OS400CRYPTO) || \ - (defined(USE_OPENSSL) && defined(OPENSSL_NO_MD4)) || \ - (defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C)) - -#include "curl_md4.h" -#include "warnless.h" - -#ifndef HAVE_OPENSSL #include <string.h> @@ -305,7 +503,7 @@ static void MD4_Final(unsigned char *result, MD4_CTX *ctx) memset(ctx, 0, sizeof(*ctx)); } -#endif +#endif /* CRYPTO LIBS */ void Curl_md4it(unsigned char *output, const unsigned char *input, size_t len) { @@ -315,6 +513,4 @@ void Curl_md4it(unsigned char *output, const unsigned char *input, size_t len) MD4_Final(output, &ctx); } -#endif /* defined(USE_NSS) || defined(USE_OS400CRYPTO) || - (defined(USE_OPENSSL) && defined(OPENSSL_NO_MD4)) || - (defined(USE_MBEDTLS) && !defined(MBEDTLS_MD4_C)) */ +#endif /* CURL_DISABLE_CRYPTO_AUTH */ diff --git a/libs/libcurl/src/multi.c b/libs/libcurl/src/multi.c index 2b6b1bc522..2e91e4ff35 100644 --- a/libs/libcurl/src/multi.c +++ b/libs/libcurl/src/multi.c @@ -818,25 +818,27 @@ void Curl_attach_connnection(struct Curl_easy *data, } static int waitconnect_getsock(struct connectdata *conn, - curl_socket_t *sock, - int numsocks) + curl_socket_t *sock) { int i; int s = 0; int rc = 0; - if(!numsocks) - return GETSOCK_BLANK; - #ifdef USE_SSL if(CONNECT_FIRSTSOCKET_PROXY_SSL()) - return Curl_ssl_getsock(conn, sock, numsocks); + return Curl_ssl_getsock(conn, sock); #endif for(i = 0; i<2; i++) { if(conn->tempsock[i] != CURL_SOCKET_BAD) { sock[s] = conn->tempsock[i]; - rc |= GETSOCK_WRITESOCK(s++); + rc |= GETSOCK_WRITESOCK(s); +#ifdef ENABLE_QUIC + if(conn->transport == TRNSPRT_QUIC) + /* when connecting QUIC, we want to read the socket too */ + rc |= GETSOCK_READSOCK(s); +#endif + s++; } } @@ -844,12 +846,8 @@ static int waitconnect_getsock(struct connectdata *conn, } static int waitproxyconnect_getsock(struct connectdata *conn, - curl_socket_t *sock, - int numsocks) + curl_socket_t *sock) { - if(!numsocks) - return GETSOCK_BLANK; - sock[0] = conn->sock[FIRSTSOCKET]; /* when we've sent a CONNECT to a proxy, we should rather wait for the @@ -861,19 +859,37 @@ static int waitproxyconnect_getsock(struct connectdata *conn, } static int domore_getsock(struct connectdata *conn, - curl_socket_t *socks, - int numsocks) + curl_socket_t *socks) { if(conn && conn->handler->domore_getsock) - return conn->handler->domore_getsock(conn, socks, numsocks); + return conn->handler->domore_getsock(conn, socks); + return GETSOCK_BLANK; +} + +static int doing_getsock(struct connectdata *conn, + curl_socket_t *socks) +{ + if(conn && conn->handler->doing_getsock) + return conn->handler->doing_getsock(conn, socks); return GETSOCK_BLANK; } -/* returns bitmapped flags for this handle and its sockets */ +static int protocol_getsock(struct connectdata *conn, + curl_socket_t *socks) +{ + if(conn->handler->proto_getsock) + return conn->handler->proto_getsock(conn, socks); + /* Backup getsock logic. Since there is a live socket in use, we must wait + for it or it will be removed from watching when the multi_socket API is + used. */ + socks[0] = conn->sock[FIRSTSOCKET]; + return GETSOCK_READSOCK(0) | GETSOCK_WRITESOCK(0); +} + +/* returns bitmapped flags for this handle and its sockets. The 'socks[]' + array contains MAX_SOCKSPEREASYHANDLE entries. */ static int multi_getsock(struct Curl_easy *data, - curl_socket_t *socks, /* points to numsocks number - of sockets */ - int numsocks) + curl_socket_t *socks) { /* The no connection case can happen when this is called from curl_multi_remove_handle() => singlesocket() => multi_getsock(). @@ -905,30 +921,30 @@ static int multi_getsock(struct Curl_easy *data, return 0; case CURLM_STATE_WAITRESOLVE: - return Curl_resolv_getsock(data->conn, socks, numsocks); + return Curl_resolv_getsock(data->conn, socks); case CURLM_STATE_PROTOCONNECT: case CURLM_STATE_SENDPROTOCONNECT: - return Curl_protocol_getsock(data->conn, socks, numsocks); + return protocol_getsock(data->conn, socks); case CURLM_STATE_DO: case CURLM_STATE_DOING: - return Curl_doing_getsock(data->conn, socks, numsocks); + return doing_getsock(data->conn, socks); case CURLM_STATE_WAITPROXYCONNECT: - return waitproxyconnect_getsock(data->conn, socks, numsocks); + return waitproxyconnect_getsock(data->conn, socks); case CURLM_STATE_WAITCONNECT: - return waitconnect_getsock(data->conn, socks, numsocks); + return waitconnect_getsock(data->conn, socks); case CURLM_STATE_DO_MORE: - return domore_getsock(data->conn, socks, numsocks); + return domore_getsock(data->conn, socks); case CURLM_STATE_DO_DONE: /* since is set after DO is completed, we switch to waiting for the same as the *PERFORM states */ case CURLM_STATE_PERFORM: - return Curl_single_getsock(data->conn, socks, numsocks); + return Curl_single_getsock(data->conn, socks); } } @@ -954,7 +970,7 @@ CURLMcode curl_multi_fdset(struct Curl_multi *multi, data = multi->easyp; while(data) { - int bitmap = multi_getsock(data, sockbunch, MAX_SOCKSPEREASYHANDLE); + int bitmap = multi_getsock(data, sockbunch); for(i = 0; i< MAX_SOCKSPEREASYHANDLE; i++) { curl_socket_t s = CURL_SOCKET_BAD; @@ -984,12 +1000,12 @@ CURLMcode curl_multi_fdset(struct Curl_multi *multi, #define NUM_POLLS_ON_STACK 10 -CURLMcode Curl_multi_wait(struct Curl_multi *multi, - struct curl_waitfd extra_fds[], - unsigned int extra_nfds, - int timeout_ms, - int *ret, - bool *gotsocket) /* if any socket was checked */ +static CURLMcode Curl_multi_wait(struct Curl_multi *multi, + struct curl_waitfd extra_fds[], + unsigned int extra_nfds, + int timeout_ms, + int *ret, + bool extrawait) /* when no socket, wait */ { struct Curl_easy *data; curl_socket_t sockbunch[MAX_SOCKSPEREASYHANDLE]; @@ -1003,9 +1019,6 @@ CURLMcode Curl_multi_wait(struct Curl_multi *multi, struct pollfd a_few_on_stack[NUM_POLLS_ON_STACK]; struct pollfd *ufds = &a_few_on_stack[0]; - if(gotsocket) - *gotsocket = FALSE; - if(!GOOD_MULTI_HANDLE(multi)) return CURLM_BAD_HANDLE; @@ -1015,7 +1028,7 @@ CURLMcode Curl_multi_wait(struct Curl_multi *multi, /* Count up how many fds we have from the multi handle */ data = multi->easyp; while(data) { - bitmap = multi_getsock(data, sockbunch, MAX_SOCKSPEREASYHANDLE); + bitmap = multi_getsock(data, sockbunch); for(i = 0; i< MAX_SOCKSPEREASYHANDLE; i++) { curl_socket_t s = CURL_SOCKET_BAD; @@ -1065,7 +1078,7 @@ CURLMcode Curl_multi_wait(struct Curl_multi *multi, /* Add the curl handles to our pollfds first */ data = multi->easyp; while(data) { - bitmap = multi_getsock(data, sockbunch, MAX_SOCKSPEREASYHANDLE); + bitmap = multi_getsock(data, sockbunch); for(i = 0; i< MAX_SOCKSPEREASYHANDLE; i++) { curl_socket_t s = CURL_SOCKET_BAD; @@ -1134,9 +1147,19 @@ CURLMcode Curl_multi_wait(struct Curl_multi *multi, free(ufds); if(ret) *ret = retcode; - if(gotsocket && (extra_fds || curlfds)) + if(!extrawait || extra_fds || curlfds) /* if any socket was checked */ - *gotsocket = TRUE; + ; + else { + long sleep_ms = 0; + + /* Avoid busy-looping when there's nothing particular to wait for */ + if(!curl_multi_timeout(multi, &sleep_ms) && sleep_ms) { + if(sleep_ms > timeout_ms) + sleep_ms = timeout_ms; + Curl_wait_ms((int)sleep_ms); + } + } return CURLM_OK; } @@ -1147,7 +1170,16 @@ CURLMcode curl_multi_wait(struct Curl_multi *multi, int timeout_ms, int *ret) { - return Curl_multi_wait(multi, extra_fds, extra_nfds, timeout_ms, ret, NULL); + return Curl_multi_wait(multi, extra_fds, extra_nfds, timeout_ms, ret, FALSE); +} + +CURLMcode curl_multi_poll(struct Curl_multi *multi, + struct curl_waitfd extra_fds[], + unsigned int extra_nfds, + int timeout_ms, + int *ret) +{ + return Curl_multi_wait(multi, extra_fds, extra_nfds, timeout_ms, ret, TRUE); } /* @@ -1247,6 +1279,109 @@ static CURLcode multi_do_more(struct connectdata *conn, int *complete) return result; } +/* + * We are doing protocol-specific connecting and this is being called over and + * over from the multi interface until the connection phase is done on + * protocol layer. + */ + +static CURLcode protocol_connecting(struct connectdata *conn, + bool *done) +{ + CURLcode result = CURLE_OK; + + if(conn && conn->handler->connecting) { + *done = FALSE; + result = conn->handler->connecting(conn, done); + } + else + *done = TRUE; + + return result; +} + +/* + * We are DOING this is being called over and over from the multi interface + * until the DOING phase is done on protocol layer. + */ + +static CURLcode protocol_doing(struct connectdata *conn, bool *done) +{ + CURLcode result = CURLE_OK; + + if(conn && conn->handler->doing) { + *done = FALSE; + result = conn->handler->doing(conn, done); + } + else + *done = TRUE; + + return result; +} + +/* + * We have discovered that the TCP connection has been successful, we can now + * proceed with some action. + * + */ +static CURLcode protocol_connect(struct connectdata *conn, + bool *protocol_done) +{ + CURLcode result = CURLE_OK; + + DEBUGASSERT(conn); + DEBUGASSERT(protocol_done); + + *protocol_done = FALSE; + + if(conn->bits.tcpconnect[FIRSTSOCKET] && conn->bits.protoconnstart) { + /* We already are connected, get back. This may happen when the connect + worked fine in the first call, like when we connect to a local server + or proxy. Note that we don't know if the protocol is actually done. + + Unless this protocol doesn't have any protocol-connect callback, as + then we know we're done. */ + if(!conn->handler->connecting) + *protocol_done = TRUE; + + return CURLE_OK; + } + + if(!conn->bits.protoconnstart) { + + result = Curl_proxy_connect(conn, FIRSTSOCKET); + if(result) + return result; + + if(CONNECT_FIRSTSOCKET_PROXY_SSL()) + /* wait for HTTPS proxy SSL initialization to complete */ + return CURLE_OK; + + if(conn->bits.tunnel_proxy && conn->bits.httpproxy && + Curl_connect_ongoing(conn)) + /* when using an HTTP tunnel proxy, await complete tunnel establishment + before proceeding further. Return CURLE_OK so we'll be called again */ + return CURLE_OK; + + if(conn->handler->connect_it) { + /* is there a protocol-specific connect() procedure? */ + + /* Call the protocol-specific connect function */ + result = conn->handler->connect_it(conn, protocol_done); + } + else + *protocol_done = TRUE; + + /* it has started, possibly even completed but that knowledge isn't stored + in this bit! */ + if(!result) + conn->bits.protoconnstart = TRUE; + } + + return result; /* pass back status */ +} + + static CURLMcode multi_runsingle(struct Curl_multi *multi, struct curltime now, struct Curl_easy *data) @@ -1254,7 +1389,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, struct Curl_message *msg = NULL; bool connected; bool async; - bool protocol_connect = FALSE; + bool protocol_connected = FALSE; bool dophase_done = FALSE; bool done = FALSE; CURLMcode rc; @@ -1373,7 +1508,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, if(data->set.connecttimeout) Curl_expire(data, data->set.connecttimeout, EXPIRE_CONNECTTIMEOUT); - result = Curl_connect(data, &async, &protocol_connect); + result = Curl_connect(data, &async, &protocol_connected); if(CURLE_NO_CONNECTION_AVAILABLE == result) { /* There was no connection available. We will go to the pending state and wait for an available connection. */ @@ -1401,7 +1536,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, WAITDO or DO! */ rc = CURLM_CALL_MULTI_PERFORM; - if(protocol_connect) + if(protocol_connected) multistate(data, CURLM_STATE_DO); else { #ifndef CURL_DISABLE_HTTP @@ -1456,7 +1591,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, if(dns) { /* Perform the next step in the connection phase, and then move on to the WAITCONNECT state */ - result = Curl_once_resolved(data->conn, &protocol_connect); + result = Curl_once_resolved(data->conn, &protocol_connected); if(result) /* if Curl_once_resolved() returns failure, the connection struct @@ -1465,7 +1600,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, else { /* call again please so that we get the next socket setup */ rc = CURLM_CALL_MULTI_PERFORM; - if(protocol_connect) + if(protocol_connected) multistate(data, CURLM_STATE_DO); else { #ifndef CURL_DISABLE_HTTP @@ -1490,7 +1625,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, case CURLM_STATE_WAITPROXYCONNECT: /* this is HTTP-specific, but sending CONNECT to a proxy is HTTP... */ DEBUGASSERT(data->conn); - result = Curl_http_connect(data->conn, &protocol_connect); + result = Curl_http_connect(data->conn, &protocol_connected); if(data->conn->bits.proxy_connect_closed) { rc = CURLM_CALL_MULTI_PERFORM; @@ -1541,8 +1676,8 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, break; case CURLM_STATE_SENDPROTOCONNECT: - result = Curl_protocol_connect(data->conn, &protocol_connect); - if(!result && !protocol_connect) + result = protocol_connect(data->conn, &protocol_connected); + if(!result && !protocol_connected) /* switch to waiting state */ multistate(data, CURLM_STATE_PROTOCONNECT); else if(!result) { @@ -1560,8 +1695,8 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, case CURLM_STATE_PROTOCONNECT: /* protocol-specific connect phase */ - result = Curl_protocol_connecting(data->conn, &protocol_connect); - if(!result && protocol_connect) { + result = protocol_connecting(data->conn, &protocol_connected); + if(!result && protocol_connected) { /* after the connect has completed, go WAITDO or DO */ multistate(data, CURLM_STATE_DO); rc = CURLM_CALL_MULTI_PERFORM; @@ -1683,8 +1818,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, case CURLM_STATE_DOING: /* we continue DOING until the DO phase is complete */ DEBUGASSERT(data->conn); - result = Curl_protocol_doing(data->conn, - &dophase_done); + result = protocol_doing(data->conn, &dophase_done); if(!result) { if(dophase_done) { /* after DO, go DO_DONE or DO_MORE */ @@ -2012,13 +2146,15 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, if(stream_error) { /* Don't attempt to send data over a connection that timed out */ bool dead_connection = result == CURLE_OPERATION_TIMEDOUT; - /* disconnect properly */ - Curl_disconnect(data, data->conn, dead_connection); + struct connectdata *conn = data->conn; /* This is where we make sure that the conn pointer is reset. We don't have to do this in every case block above where a failure is detected */ detach_connnection(data); + + /* disconnect properly */ + Curl_disconnect(data, conn, dead_connection); } } else if(data->mstate == CURLM_STATE_CONNECT) { @@ -2234,7 +2370,7 @@ static CURLMcode singlesocket(struct Curl_multi *multi, /* Fill in the 'current' struct with the state as it is now: what sockets to supervise and for what actions */ - curraction = multi_getsock(data, socks, MAX_SOCKSPEREASYHANDLE); + curraction = multi_getsock(data, socks); /* We have 0 .. N sockets already and we get to know about the 0 .. M sockets we should have from now on. Detect the differences, remove no @@ -2846,7 +2982,7 @@ multi_addtimeout(struct Curl_easy *data, * * Expire replaces a former timeout using the same id if already set. */ -void Curl_expire(struct Curl_easy *data, time_t milli, expire_id id) +void Curl_expire(struct Curl_easy *data, timediff_t milli, expire_id id) { struct Curl_multi *multi = data->multi; struct curltime *nowp = &data->state.expiretime; @@ -2860,7 +2996,7 @@ void Curl_expire(struct Curl_easy *data, time_t milli, expire_id id) DEBUGASSERT(id < EXPIRE_LAST); set = Curl_now(); - set.tv_sec += milli/1000; + set.tv_sec += (time_t)(milli/1000); /* might be a 64 to 32 bit conversion */ set.tv_usec += (unsigned int)(milli%1000)*1000; if(set.tv_usec >= 1000000) { diff --git a/libs/libcurl/src/multiif.h b/libs/libcurl/src/multiif.h index a644558677..0755a7cd24 100644 --- a/libs/libcurl/src/multiif.h +++ b/libs/libcurl/src/multiif.h @@ -27,7 +27,7 @@ */ void Curl_updatesocket(struct Curl_easy *data); -void Curl_expire(struct Curl_easy *data, time_t milli, expire_id); +void Curl_expire(struct Curl_easy *data, timediff_t milli, expire_id); void Curl_expire_clear(struct Curl_easy *data); void Curl_expire_done(struct Curl_easy *data, expire_id id); void Curl_update_timer(struct Curl_multi *multi); @@ -89,11 +89,4 @@ CURLMcode Curl_multi_add_perform(struct Curl_multi *multi, struct Curl_easy *data, struct connectdata *conn); -CURLMcode Curl_multi_wait(struct Curl_multi *multi, - struct curl_waitfd extra_fds[], - unsigned int extra_nfds, - int timeout_ms, - int *ret, - bool *gotsocket); /* if any socket was checked */ - #endif /* HEADER_CURL_MULTIIF_H */ diff --git a/libs/libcurl/src/netrc.c b/libs/libcurl/src/netrc.c index f41636e974..c74065e813 100644 --- a/libs/libcurl/src/netrc.c +++ b/libs/libcurl/src/netrc.c @@ -45,27 +45,27 @@ enum host_lookup_state { HOSTVALID /* this is "our" machine! */ }; +#define NETRC_FILE_MISSING 1 +#define NETRC_FAILED -1 +#define NETRC_SUCCESS 0 + /* - * @unittest: 1304 - * - * *loginp and *passwordp MUST be allocated if they aren't NULL when passed - * in. + * Returns zero on success. */ -int Curl_parsenetrc(const char *host, - char **loginp, - char **passwordp, - bool *login_changed, - bool *password_changed, - char *netrcfile) +static int parsenetrc(const char *host, + char **loginp, + char **passwordp, + bool *login_changed, + bool *password_changed, + char *netrcfile) { FILE *file; - int retcode = 1; + int retcode = NETRC_FILE_MISSING; char *login = *loginp; char *password = *passwordp; bool specific_login = (login && *login != 0); bool login_alloc = FALSE; bool password_alloc = FALSE; - bool netrc_alloc = FALSE; enum host_lookup_state state = NOTHING; char state_login = 0; /* Found a login keyword */ @@ -73,51 +73,9 @@ int Curl_parsenetrc(const char *host, int state_our_login = FALSE; /* With specific_login, found *our* login name */ -#define NETRC DOT_CHAR "netrc" - - if(!netrcfile) { - bool home_alloc = FALSE; - char *home = curl_getenv("HOME"); /* portable environment reader */ - if(home) { - home_alloc = TRUE; -#if defined(HAVE_GETPWUID_R) && defined(HAVE_GETEUID) - } - else { - struct passwd pw, *pw_res; - char pwbuf[1024]; - if(!getpwuid_r(geteuid(), &pw, pwbuf, sizeof(pwbuf), &pw_res) - && pw_res) { - home = strdup(pw.pw_dir); - if(!home) - return -1; - home_alloc = TRUE; - } -#elif defined(HAVE_GETPWUID) && defined(HAVE_GETEUID) - } - else { - struct passwd *pw; - pw = getpwuid(geteuid()); - if(pw) { - home = pw->pw_dir; - } -#endif - } - - if(!home) - return retcode; /* no home directory found (or possibly out of memory) */ - - netrcfile = curl_maprintf("%s%s%s", home, DIR_CHAR, NETRC); - if(home_alloc) - free(home); - if(!netrcfile) { - return -1; - } - netrc_alloc = TRUE; - } + DEBUGASSERT(netrcfile); file = fopen(netrcfile, FOPEN_READTEXT); - if(netrc_alloc) - free(netrcfile); if(file) { char *tok; char *tok_buf; @@ -148,14 +106,14 @@ int Curl_parsenetrc(const char *host, } else if(strcasecompare("default", tok)) { state = HOSTVALID; - retcode = 0; /* we did find our host */ + retcode = NETRC_SUCCESS; /* we did find our host */ } break; case HOSTFOUND: if(strcasecompare(host, tok)) { /* and yes, this is our host! */ state = HOSTVALID; - retcode = 0; /* we did find our host */ + retcode = NETRC_SUCCESS; /* we did find our host */ } else /* not our host */ @@ -174,7 +132,7 @@ int Curl_parsenetrc(const char *host, } login = strdup(tok); if(!login) { - retcode = -1; /* allocation failed */ + retcode = NETRC_FAILED; /* allocation failed */ goto out; } login_alloc = TRUE; @@ -190,7 +148,7 @@ int Curl_parsenetrc(const char *host, } password = strdup(tok); if(!password) { - retcode = -1; /* allocation failed */ + retcode = NETRC_FAILED; /* allocation failed */ goto out; } password_alloc = TRUE; @@ -215,6 +173,7 @@ int Curl_parsenetrc(const char *host, out: if(!retcode) { + /* success */ *login_changed = FALSE; *password_changed = FALSE; if(login_alloc) { @@ -242,4 +201,78 @@ int Curl_parsenetrc(const char *host, return retcode; } +/* + * @unittest: 1304 + * + * *loginp and *passwordp MUST be allocated if they aren't NULL when passed + * in. + */ +int Curl_parsenetrc(const char *host, + char **loginp, + char **passwordp, + bool *login_changed, + bool *password_changed, + char *netrcfile) +{ + int retcode = 1; + char *filealloc = NULL; + + if(!netrcfile) { + char *home = NULL; + char *homea = curl_getenv("HOME"); /* portable environment reader */ + if(homea) { + home = homea; +#if defined(HAVE_GETPWUID_R) && defined(HAVE_GETEUID) + } + else { + struct passwd pw, *pw_res; + char pwbuf[1024]; + if(!getpwuid_r(geteuid(), &pw, pwbuf, sizeof(pwbuf), &pw_res) + && pw_res) { + home = pw.pw_dir; + } +#elif defined(HAVE_GETPWUID) && defined(HAVE_GETEUID) + } + else { + struct passwd *pw; + pw = getpwuid(geteuid()); + if(pw) { + home = pw->pw_dir; + } +#endif + } + + if(!home) + return retcode; /* no home directory found (or possibly out of + memory) */ + + filealloc = curl_maprintf("%s%s.netrc", home, DIR_CHAR); + if(!filealloc) { + free(homea); + return -1; + } + retcode = parsenetrc(host, loginp, passwordp, login_changed, + password_changed, filealloc); + free(filealloc); +#ifdef WIN32 + if(retcode == NETRC_FILE_MISSING) { + /* fallback to the old-style "_netrc" file */ + filealloc = curl_maprintf("%s%s_netrc", home, DIR_CHAR); + if(!filealloc) { + free(homea); + return -1; + } + retcode = parsenetrc(host, loginp, passwordp, login_changed, + password_changed, filealloc); + free(filealloc); + } +#endif + free(homea); + } + else + retcode = parsenetrc(host, loginp, passwordp, login_changed, + password_changed, netrcfile); + return retcode; +} + #endif diff --git a/libs/libcurl/src/openldap.c b/libs/libcurl/src/openldap.c index eeab2c7a78..734ca5fa0c 100644 --- a/libs/libcurl/src/openldap.c +++ b/libs/libcurl/src/openldap.c @@ -151,7 +151,7 @@ static const char *url_errs[] = { "bad or missing extensions" }; -typedef struct ldapconninfo { +struct ldapconninfo { LDAP *ld; Curl_recv *recv; /* for stacking SSL handler */ Curl_send *send; @@ -160,7 +160,7 @@ typedef struct ldapconninfo { bool ssldone; bool sslinst; bool didbind; -} ldapconninfo; +}; typedef struct ldapreqinfo { int msgid; @@ -169,7 +169,7 @@ typedef struct ldapreqinfo { static CURLcode ldap_setup_connection(struct connectdata *conn) { - ldapconninfo *li; + struct ldapconninfo *li; LDAPURLDesc *lud; struct Curl_easy *data = conn->data; int rc, proto; @@ -190,11 +190,11 @@ static CURLcode ldap_setup_connection(struct connectdata *conn) proto = ldap_pvt_url_scheme2proto(lud->lud_scheme); ldap_free_urldesc(lud); - li = calloc(1, sizeof(ldapconninfo)); + li = calloc(1, sizeof(struct ldapconninfo)); if(!li) return CURLE_OUT_OF_MEMORY; li->proto = proto; - conn->proto.generic = li; + conn->proto.ldapc = li; connkeep(conn, "OpenLDAP default"); return CURLE_OK; } @@ -205,7 +205,7 @@ static Sockbuf_IO ldapsb_tls; static CURLcode ldap_connect(struct connectdata *conn, bool *done) { - ldapconninfo *li = conn->proto.generic; + struct ldapconninfo *li = conn->proto.ldapc; struct Curl_easy *data = conn->data; int rc, proto = LDAP_VERSION3; char hosturl[1024]; @@ -252,7 +252,7 @@ static CURLcode ldap_connect(struct connectdata *conn, bool *done) static CURLcode ldap_connecting(struct connectdata *conn, bool *done) { - ldapconninfo *li = conn->proto.generic; + struct ldapconninfo *li = conn->proto.ldapc; struct Curl_easy *data = conn->data; LDAPMessage *msg = NULL; struct timeval tv = {0, 1}, *tvp; @@ -357,7 +357,7 @@ static CURLcode ldap_connecting(struct connectdata *conn, bool *done) static CURLcode ldap_disconnect(struct connectdata *conn, bool dead_connection) { - ldapconninfo *li = conn->proto.generic; + struct ldapconninfo *li = conn->proto.ldapc; (void) dead_connection; if(li) { @@ -365,7 +365,7 @@ static CURLcode ldap_disconnect(struct connectdata *conn, bool dead_connection) ldap_unbind_ext(li->ld, NULL, NULL); li->ld = NULL; } - conn->proto.generic = NULL; + conn->proto.ldapc = NULL; free(li); } return CURLE_OK; @@ -373,7 +373,7 @@ static CURLcode ldap_disconnect(struct connectdata *conn, bool dead_connection) static CURLcode ldap_do(struct connectdata *conn, bool *done) { - ldapconninfo *li = conn->proto.generic; + struct ldapconninfo *li = conn->proto.ldapc; ldapreqinfo *lr; CURLcode status = CURLE_OK; int rc = 0; @@ -427,7 +427,7 @@ static CURLcode ldap_done(struct connectdata *conn, CURLcode res, if(lr) { /* if there was a search in progress, abandon it */ if(lr->msgid) { - ldapconninfo *li = conn->proto.generic; + struct ldapconninfo *li = conn->proto.ldapc; ldap_abandon_ext(li->ld, lr->msgid, NULL, NULL); lr->msgid = 0; } @@ -441,7 +441,7 @@ static CURLcode ldap_done(struct connectdata *conn, CURLcode res, static ssize_t ldap_recv(struct connectdata *conn, int sockindex, char *buf, size_t len, CURLcode *err) { - ldapconninfo *li = conn->proto.generic; + struct ldapconninfo *li = conn->proto.ldapc; struct Curl_easy *data = conn->data; ldapreqinfo *lr = data->req.protop; int rc, ret; @@ -718,7 +718,7 @@ static ber_slen_t ldapsb_tls_read(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len) { struct connectdata *conn = sbiod->sbiod_pvt; - ldapconninfo *li = conn->proto.generic; + struct ldapconninfo *li = conn->proto.ldapc; ber_slen_t ret; CURLcode err = CURLE_RECV_ERROR; @@ -733,7 +733,7 @@ static ber_slen_t ldapsb_tls_write(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len) { struct connectdata *conn = sbiod->sbiod_pvt; - ldapconninfo *li = conn->proto.generic; + struct ldapconninfo *li = conn->proto.ldapc; ber_slen_t ret; CURLcode err = CURLE_SEND_ERROR; diff --git a/libs/libcurl/src/pingpong.c b/libs/libcurl/src/pingpong.c index e9568ee3de..d0710053bd 100644 --- a/libs/libcurl/src/pingpong.c +++ b/libs/libcurl/src/pingpong.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -60,12 +60,12 @@ time_t Curl_pp_state_timeout(struct pingpong *pp, bool disconnecting) /* Without a requested timeout, we only wait 'response_time' seconds for the full response to arrive before we bail out */ timeout_ms = response_time - - Curl_timediff(Curl_now(), pp->response); /* spent time */ + (time_t)Curl_timediff(Curl_now(), pp->response); /* spent time */ if(data->set.timeout && !disconnecting) { /* if timeout is requested, find out how much remaining time we have */ time_t timeout2_ms = data->set.timeout - /* timeout time */ - Curl_timediff(Curl_now(), conn->now); /* spent time */ + (time_t)Curl_timediff(Curl_now(), conn->now); /* spent time */ /* pick the lowest number */ timeout_ms = CURLMIN(timeout_ms, timeout2_ms); @@ -463,14 +463,9 @@ CURLcode Curl_pp_readresp(curl_socket_t sockfd, } int Curl_pp_getsock(struct pingpong *pp, - curl_socket_t *socks, - int numsocks) + curl_socket_t *socks) { struct connectdata *conn = pp->conn; - - if(!numsocks) - return GETSOCK_BLANK; - socks[0] = conn->sock[FIRSTSOCKET]; if(pp->sendleft) { diff --git a/libs/libcurl/src/pingpong.h b/libs/libcurl/src/pingpong.h index dbe1f8d3d7..849a7c0ff7 100644 --- a/libs/libcurl/src/pingpong.h +++ b/libs/libcurl/src/pingpong.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -135,8 +135,7 @@ CURLcode Curl_pp_flushsend(struct pingpong *pp); /* call this when a pingpong connection is disconnected */ CURLcode Curl_pp_disconnect(struct pingpong *pp); -int Curl_pp_getsock(struct pingpong *pp, curl_socket_t *socks, - int numsocks); +int Curl_pp_getsock(struct pingpong *pp, curl_socket_t *socks); /*********************************************************************** diff --git a/libs/libcurl/src/pop3.c b/libs/libcurl/src/pop3.c index a681d5213f..57c1373aa8 100644 --- a/libs/libcurl/src/pop3.c +++ b/libs/libcurl/src/pop3.c @@ -95,8 +95,7 @@ static CURLcode pop3_done(struct connectdata *conn, CURLcode status, static CURLcode pop3_connect(struct connectdata *conn, bool *done); static CURLcode pop3_disconnect(struct connectdata *conn, bool dead); static CURLcode pop3_multi_statemach(struct connectdata *conn, bool *done); -static int pop3_getsock(struct connectdata *conn, curl_socket_t *socks, - int numsocks); +static int pop3_getsock(struct connectdata *conn, curl_socket_t *socks); static CURLcode pop3_doing(struct connectdata *conn, bool *dophase_done); static CURLcode pop3_setup_connection(struct connectdata *conn); static CURLcode pop3_parse_url_options(struct connectdata *conn); @@ -1055,10 +1054,9 @@ static CURLcode pop3_init(struct connectdata *conn) } /* For the POP3 "protocol connect" and "doing" phases only */ -static int pop3_getsock(struct connectdata *conn, curl_socket_t *socks, - int numsocks) +static int pop3_getsock(struct connectdata *conn, curl_socket_t *socks) { - return Curl_pp_getsock(&conn->proto.pop3c.pp, socks, numsocks); + return Curl_pp_getsock(&conn->proto.pop3c.pp, socks); } /*********************************************************************** diff --git a/libs/libcurl/src/progress.c b/libs/libcurl/src/progress.c index 9f953ef5a1..2aa9295993 100644 --- a/libs/libcurl/src/progress.c +++ b/libs/libcurl/src/progress.c @@ -26,6 +26,7 @@ #include "sendf.h" #include "multiif.h" #include "progress.h" +#include "timeval.h" #include "curl_printf.h" /* check rate limits within this many recent milliseconds, at minimum. */ @@ -168,7 +169,7 @@ void Curl_pgrsResetTransferSizes(struct Curl_easy *data) void Curl_pgrsTime(struct Curl_easy *data, timerid timer) { struct curltime now = Curl_now(); - time_t *delta = NULL; + timediff_t *delta = NULL; switch(timer) { default: @@ -238,6 +239,8 @@ void Curl_pgrsStartNow(struct Curl_easy *data) data->progress.ul_limit_start.tv_usec = 0; data->progress.dl_limit_start.tv_sec = 0; data->progress.dl_limit_start.tv_usec = 0; + data->progress.downloaded = 0; + data->progress.uploaded = 0; /* clear all bits except HIDE and HEADERS_OUT */ data->progress.flags &= PGRS_HIDE|PGRS_HEADERS_OUT; Curl_ratelimit(data, data->progress.start); @@ -268,8 +271,8 @@ timediff_t Curl_pgrsLimitWaitTime(curl_off_t cursize, struct curltime now) { curl_off_t size = cursize - startsize; - time_t minimum; - time_t actual; + timediff_t minimum; + timediff_t actual; if(!limit || !size) return 0; @@ -282,10 +285,10 @@ timediff_t Curl_pgrsLimitWaitTime(curl_off_t cursize, minimum = (time_t) (CURL_OFF_T_C(1000) * size / limit); else { minimum = (time_t) (size / limit); - if(minimum < TIME_T_MAX/1000) + if(minimum < TIMEDIFF_T_MAX/1000) minimum *= 1000; else - minimum = TIME_T_MAX; + minimum = TIMEDIFF_T_MAX; } /* diff --git a/libs/libcurl/src/quic.h b/libs/libcurl/src/quic.h new file mode 100644 index 0000000000..6c132a3247 --- /dev/null +++ b/libs/libcurl/src/quic.h @@ -0,0 +1,53 @@ +#ifndef HEADER_CURL_QUIC_H +#define HEADER_CURL_QUIC_H +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +#include "curl_setup.h" + +#ifdef ENABLE_QUIC +#ifdef USE_NGTCP2 +#include "vquic/ngtcp2.h" +#endif +#ifdef USE_QUICHE +#include "vquic/quiche.h" +#endif + +#include "urldata.h" + +/* functions provided by the specific backends */ +CURLcode Curl_quic_connect(struct connectdata *conn, + curl_socket_t sockfd, + int sockindex, + const struct sockaddr *addr, + socklen_t addrlen); +CURLcode Curl_quic_is_connected(struct connectdata *conn, + curl_socket_t sockfd, + bool *connected); +int Curl_quic_ver(char *p, size_t len); +CURLcode Curl_quic_done_sending(struct connectdata *conn); + +#else /* ENABLE_QUIC */ +#define Curl_quic_done_sending(x) +#endif /* !ENABLE_QUIC */ + +#endif /* HEADER_CURL_QUIC_H */ diff --git a/libs/libcurl/src/rtsp.c b/libs/libcurl/src/rtsp.c index 25e194a233..bba4c16a1e 100644 --- a/libs/libcurl/src/rtsp.c +++ b/libs/libcurl/src/rtsp.c @@ -52,10 +52,7 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done); static CURLcode rtsp_done(struct connectdata *conn, CURLcode, bool premature); static CURLcode rtsp_connect(struct connectdata *conn, bool *done); static CURLcode rtsp_disconnect(struct connectdata *conn, bool dead); - -static int rtsp_getsock_do(struct connectdata *conn, - curl_socket_t *socks, - int numsocks); +static int rtsp_getsock_do(struct connectdata *conn, curl_socket_t *socks); /* * Parse and write out any available RTP data. @@ -77,11 +74,9 @@ static unsigned int rtsp_conncheck(struct connectdata *check, interface and then we're always _sending_ a request and thus we wait for the single socket to become writable only */ static int rtsp_getsock_do(struct connectdata *conn, - curl_socket_t *socks, - int numsocks) + curl_socket_t *socks) { /* write mode */ - (void)numsocks; /* unused, we trust it to be at least 1 */ socks[0] = conn->sock[FIRSTSOCKET]; return GETSOCK_WRITESOCK(0); } diff --git a/libs/libcurl/src/security.c b/libs/libcurl/src/security.c index 550ea2da8d..c5e4e135df 100644 --- a/libs/libcurl/src/security.c +++ b/libs/libcurl/src/security.c @@ -191,7 +191,6 @@ static CURLcode read_data(struct connectdata *conn, struct krb5buffer *buf) { int len; - void *tmp = NULL; CURLcode result; result = socket_read(fd, &len, sizeof(len)); @@ -201,12 +200,11 @@ static CURLcode read_data(struct connectdata *conn, if(len) { /* only realloc if there was a length */ len = ntohl(len); - tmp = Curl_saferealloc(buf->data, len); + buf->data = Curl_saferealloc(buf->data, len); } - if(tmp == NULL) + if(!len || !buf->data) return CURLE_OUT_OF_MEMORY; - buf->data = tmp; result = socket_read(fd, buf->data, len); if(result) return result; diff --git a/libs/libcurl/src/select.h b/libs/libcurl/src/select.h index 9a1ba45a7d..f5652a74f7 100644 --- a/libs/libcurl/src/select.h +++ b/libs/libcurl/src/select.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -77,9 +77,9 @@ int Curl_socket_check(curl_socket_t readfd, curl_socket_t readfd2, time_t timeout_ms); #define SOCKET_READABLE(x,z) \ - Curl_socket_check(x, CURL_SOCKET_BAD, CURL_SOCKET_BAD, z) + Curl_socket_check(x, CURL_SOCKET_BAD, CURL_SOCKET_BAD, (time_t)z) #define SOCKET_WRITABLE(x,z) \ - Curl_socket_check(CURL_SOCKET_BAD, CURL_SOCKET_BAD, x, z) + Curl_socket_check(CURL_SOCKET_BAD, CURL_SOCKET_BAD, x, (time_t)z) int Curl_poll(struct pollfd ufds[], unsigned int nfds, int timeout_ms); diff --git a/libs/libcurl/src/setopt.c b/libs/libcurl/src/setopt.c index 1dbf00faf7..8909035a97 100644 --- a/libs/libcurl/src/setopt.c +++ b/libs/libcurl/src/setopt.c @@ -809,6 +809,11 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param) arg = va_arg(param, long); if(arg < CURL_HTTP_VERSION_NONE) return CURLE_BAD_FUNCTION_ARGUMENT; +#ifdef ENABLE_QUIC + if(arg == CURL_HTTP_VERSION_3) + ; + else +#endif #ifndef USE_NGHTTP2 if(arg >= CURL_HTTP_VERSION_2) return CURLE_UNSUPPORTED_PROTOCOL; @@ -1778,16 +1783,9 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param) arg = va_arg(param, long); /* Obviously people are not reading documentation and too many thought - this argument took a boolean when it wasn't and misused it. We thus ban - 1 as a sensible input and we warn about its use. Then we only have the - 2 action internally stored as TRUE. */ - - if(1 == arg) { - failf(data, "CURLOPT_SSL_VERIFYHOST no longer supports 1 as value!"); - return CURLE_BAD_FUNCTION_ARGUMENT; - } - - data->set.ssl.primary.verifyhost = (0 != arg) ? TRUE : FALSE; + this argument took a boolean when it wasn't and misused it. + Treat 1 and 2 the same */ + data->set.ssl.primary.verifyhost = (bool)((arg & 3) ? TRUE : FALSE); /* Update the current connection ssl_config. */ if(data->conn) { @@ -1802,17 +1800,8 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param) */ arg = va_arg(param, long); - /* Obviously people are not reading documentation and too many thought - this argument took a boolean when it wasn't and misused it. We thus ban - 1 as a sensible input and we warn about its use. Then we only have the - 2 action internally stored as TRUE. */ - - if(1 == arg) { - failf(data, "CURLOPT_SSL_VERIFYHOST no longer supports 1 as value!"); - return CURLE_BAD_FUNCTION_ARGUMENT; - } - - data->set.proxy_ssl.primary.verifyhost = (0 != arg)?TRUE:FALSE; + /* Treat both 1 and 2 as TRUE */ + data->set.proxy_ssl.primary.verifyhost = (bool)((arg & 3)?TRUE:FALSE); /* Update the current connection proxy_ssl_config. */ if(data->conn) { @@ -2402,6 +2391,12 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param) break; #endif + case CURLOPT_SASL_AUTHZID: + /* Authorisation identity (identity to act as) */ + result = Curl_setstropt(&data->set.str[STRING_SASL_AUTHZID], + va_arg(param, char *)); + break; + case CURLOPT_SASL_IR: /* Enable/disable SASL initial response */ data->set.sasl_ir = (0 != va_arg(param, long)) ? TRUE : FALSE; diff --git a/libs/libcurl/src/smb.c b/libs/libcurl/src/smb.c index 870244cb72..f66c05ca42 100644 --- a/libs/libcurl/src/smb.c +++ b/libs/libcurl/src/smb.c @@ -6,7 +6,7 @@ * \___|\___/|_| \_\_____| * * Copyright (C) 2014, Bill Nagel <wnagel@tycoint.com>, Exacq Technologies - * Copyright (C) 2016-2018, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 2016-2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -64,8 +64,7 @@ static CURLcode smb_request_state(struct connectdata *conn, bool *done); static CURLcode smb_done(struct connectdata *conn, CURLcode status, bool premature); static CURLcode smb_disconnect(struct connectdata *conn, bool dead); -static int smb_getsock(struct connectdata *conn, curl_socket_t *socks, - int numsocks); +static int smb_getsock(struct connectdata *conn, curl_socket_t *socks); static CURLcode smb_parse_url_path(struct connectdata *conn); /* @@ -607,6 +606,7 @@ static CURLcode smb_send_and_recv(struct connectdata *conn, void **msg) { struct smb_conn *smbc = &conn->proto.smbc; CURLcode result; + *msg = NULL; /* if it returns early */ /* Check if there is data in the transfer buffer */ if(!smbc->send_size && smbc->upload_size) { @@ -936,12 +936,8 @@ static CURLcode smb_disconnect(struct connectdata *conn, bool dead) return CURLE_OK; } -static int smb_getsock(struct connectdata *conn, curl_socket_t *socks, - int numsocks) +static int smb_getsock(struct connectdata *conn, curl_socket_t *socks) { - if(!numsocks) - return GETSOCK_BLANK; - socks[0] = conn->sock[FIRSTSOCKET]; return GETSOCK_READSOCK(0) | GETSOCK_WRITESOCK(0); } diff --git a/libs/libcurl/src/smtp.c b/libs/libcurl/src/smtp.c index e10d0fbfc9..65220b0f68 100644 --- a/libs/libcurl/src/smtp.c +++ b/libs/libcurl/src/smtp.c @@ -95,8 +95,7 @@ static CURLcode smtp_done(struct connectdata *conn, CURLcode status, static CURLcode smtp_connect(struct connectdata *conn, bool *done); static CURLcode smtp_disconnect(struct connectdata *conn, bool dead); static CURLcode smtp_multi_statemach(struct connectdata *conn, bool *done); -static int smtp_getsock(struct connectdata *conn, curl_socket_t *socks, - int numsocks); +static int smtp_getsock(struct connectdata *conn, curl_socket_t *socks); static CURLcode smtp_doing(struct connectdata *conn, bool *dophase_done); static CURLcode smtp_setup_connection(struct connectdata *conn); static CURLcode smtp_parse_url_options(struct connectdata *conn); @@ -715,7 +714,7 @@ static CURLcode smtp_state_ehlo_resp(struct connectdata *conn, int smtpcode, result = CURLE_REMOTE_ACCESS_DENIED; } } - else { + else if(len >= 4) { line += 4; len -= 4; @@ -786,6 +785,10 @@ static CURLcode smtp_state_ehlo_resp(struct connectdata *conn, int smtpcode, result = smtp_perform_authentication(conn); } } + else { + failf(data, "Unexpectedly short EHLO response"); + result = CURLE_WEIRD_SERVER_REPLY; + } return result; } @@ -1114,10 +1117,9 @@ static CURLcode smtp_init(struct connectdata *conn) } /* For the SMTP "protocol connect" and "doing" phases only */ -static int smtp_getsock(struct connectdata *conn, curl_socket_t *socks, - int numsocks) +static int smtp_getsock(struct connectdata *conn, curl_socket_t *socks) { - return Curl_pp_getsock(&conn->proto.smtpc.pp, socks, numsocks); + return Curl_pp_getsock(&conn->proto.smtpc.pp, socks); } /*********************************************************************** diff --git a/libs/libcurl/src/ssh.h b/libs/libcurl/src/ssh.h index 0620aac328..3213c5a52e 100644 --- a/libs/libcurl/src/ssh.h +++ b/libs/libcurl/src/ssh.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -239,7 +239,16 @@ extern const struct Curl_handler Curl_handler_sftp; extern const struct Curl_handler Curl_handler_scp; extern const struct Curl_handler Curl_handler_sftp; - #endif /* USE_LIBSSH2 */ +#ifdef USE_SSH +/* generic SSH backend functions */ +CURLcode Curl_ssh_init(void); +void Curl_ssh_cleanup(void); +size_t Curl_ssh_version(char *buffer, size_t buflen); +#else +/* for non-SSH builds */ +#define Curl_ssh_cleanup() +#endif + #endif /* HEADER_CURL_SSH_H */ diff --git a/libs/libcurl/src/strerror.c b/libs/libcurl/src/strerror.c index e273f3765c..d0650d80c5 100644 --- a/libs/libcurl/src/strerror.c +++ b/libs/libcurl/src/strerror.c @@ -311,6 +311,9 @@ curl_easy_strerror(CURLcode error) case CURLE_RECURSIVE_API_CALL: return "API function called from within callback"; + case CURLE_AUTH_ERROR: + return "An authentication function returned an error"; + /* error codes not used by current libcurl */ case CURLE_OBSOLETE20: case CURLE_OBSOLETE24: diff --git a/libs/libcurl/src/tftp.c b/libs/libcurl/src/tftp.c index 289cda2825..346f293dc5 100644 --- a/libs/libcurl/src/tftp.c +++ b/libs/libcurl/src/tftp.c @@ -157,8 +157,7 @@ static CURLcode tftp_done(struct connectdata *conn, static CURLcode tftp_setup_connection(struct connectdata * conn); static CURLcode tftp_multi_statemach(struct connectdata *conn, bool *done); static CURLcode tftp_doing(struct connectdata *conn, bool *dophase_done); -static int tftp_getsock(struct connectdata *conn, curl_socket_t *socks, - int numsocks); +static int tftp_getsock(struct connectdata *conn, curl_socket_t *socks); static CURLcode tftp_translate_code(tftp_error_t error); @@ -404,13 +403,14 @@ static CURLcode tftp_parse_option_ack(tftp_state_data_t *state, return CURLE_OK; } -static size_t tftp_option_add(tftp_state_data_t *state, size_t csize, - char *buf, const char *option) +static CURLcode tftp_option_add(tftp_state_data_t *state, size_t *csize, + char *buf, const char *option) { - if(( strlen(option) + csize + 1) > (size_t)state->blksize) - return 0; + if(( strlen(option) + *csize + 1) > (size_t)state->blksize) + return CURLE_TFTP_ILLEGAL; strcpy(buf, option); - return strlen(option) + 1; + *csize += strlen(option) + 1; + return CURLE_OK; } static CURLcode tftp_connect_for_tx(tftp_state_data_t *state, @@ -511,26 +511,38 @@ static CURLcode tftp_send_first(tftp_state_data_t *state, tftp_event_t event) else strcpy(buf, "0"); /* the destination is large enough */ - sbytes += tftp_option_add(state, sbytes, - (char *)state->spacket.data + sbytes, - TFTP_OPTION_TSIZE); - sbytes += tftp_option_add(state, sbytes, - (char *)state->spacket.data + sbytes, buf); + result = tftp_option_add(state, &sbytes, + (char *)state->spacket.data + sbytes, + TFTP_OPTION_TSIZE); + if(result == CURLE_OK) + result = tftp_option_add(state, &sbytes, + (char *)state->spacket.data + sbytes, buf); + /* add blksize option */ msnprintf(buf, sizeof(buf), "%d", state->requested_blksize); - sbytes += tftp_option_add(state, sbytes, - (char *)state->spacket.data + sbytes, - TFTP_OPTION_BLKSIZE); - sbytes += tftp_option_add(state, sbytes, - (char *)state->spacket.data + sbytes, buf); + if(result == CURLE_OK) + result = tftp_option_add(state, &sbytes, + (char *)state->spacket.data + sbytes, + TFTP_OPTION_BLKSIZE); + if(result == CURLE_OK) + result = tftp_option_add(state, &sbytes, + (char *)state->spacket.data + sbytes, buf); /* add timeout option */ msnprintf(buf, sizeof(buf), "%d", state->retry_time); - sbytes += tftp_option_add(state, sbytes, - (char *)state->spacket.data + sbytes, - TFTP_OPTION_INTERVAL); - sbytes += tftp_option_add(state, sbytes, - (char *)state->spacket.data + sbytes, buf); + if(result == CURLE_OK) + result = tftp_option_add(state, &sbytes, + (char *)state->spacket.data + sbytes, + TFTP_OPTION_INTERVAL); + if(result == CURLE_OK) + result = tftp_option_add(state, &sbytes, + (char *)state->spacket.data + sbytes, buf); + + if(result != CURLE_OK) { + failf(data, "TFTP buffer too small for options"); + free(filename); + return CURLE_TFTP_ILLEGAL; + } } /* the typecase for the 3rd argument is mostly for systems that do @@ -973,6 +985,7 @@ static CURLcode tftp_connect(struct connectdata *conn, bool *done) { tftp_state_data_t *state; int blksize; + int need_blksize; blksize = TFTP_BLKSIZE_DEFAULT; @@ -987,15 +1000,20 @@ static CURLcode tftp_connect(struct connectdata *conn, bool *done) return CURLE_TFTP_ILLEGAL; } + need_blksize = blksize; + /* default size is the fallback when no OACK is received */ + if(need_blksize < TFTP_BLKSIZE_DEFAULT) + need_blksize = TFTP_BLKSIZE_DEFAULT; + if(!state->rpacket.data) { - state->rpacket.data = calloc(1, blksize + 2 + 2); + state->rpacket.data = calloc(1, need_blksize + 2 + 2); if(!state->rpacket.data) return CURLE_OUT_OF_MEMORY; } if(!state->spacket.data) { - state->spacket.data = calloc(1, blksize + 2 + 2); + state->spacket.data = calloc(1, need_blksize + 2 + 2); if(!state->spacket.data) return CURLE_OUT_OF_MEMORY; @@ -1009,7 +1027,7 @@ static CURLcode tftp_connect(struct connectdata *conn, bool *done) state->sockfd = state->conn->sock[FIRSTSOCKET]; state->state = TFTP_STATE_START; state->error = TFTP_ERR_NONE; - state->blksize = blksize; + state->blksize = TFTP_BLKSIZE_DEFAULT; /* Unless updated by OACK response */ state->requested_blksize = blksize; ((struct sockaddr *)&state->local_addr)->sa_family = @@ -1082,14 +1100,9 @@ static CURLcode tftp_done(struct connectdata *conn, CURLcode status, * The getsock callback * **********************************************************/ -static int tftp_getsock(struct connectdata *conn, curl_socket_t *socks, - int numsocks) +static int tftp_getsock(struct connectdata *conn, curl_socket_t *socks) { - if(!numsocks) - return GETSOCK_BLANK; - socks[0] = conn->sock[FIRSTSOCKET]; - return GETSOCK_READSOCK(0); } @@ -1376,7 +1389,7 @@ static CURLcode tftp_setup_connection(struct connectdata * conn) struct Curl_easy *data = conn->data; char *type; - conn->socktype = SOCK_DGRAM; /* UDP datagram based */ + conn->transport = TRNSPRT_UDP; /* TFTP URLs support an extension like ";mode=<typecode>" that * we'll try to get now! */ diff --git a/libs/libcurl/src/timeval.c b/libs/libcurl/src/timeval.c index e2bd7fd143..9b05cf0512 100644 --- a/libs/libcurl/src/timeval.c +++ b/libs/libcurl/src/timeval.c @@ -174,14 +174,6 @@ struct curltime Curl_now(void) #endif -#if SIZEOF_TIME_T < 8 -#define TIME_MAX INT_MAX -#define TIME_MIN INT_MIN -#else -#define TIME_MAX 9223372036854775807LL -#define TIME_MIN -9223372036854775807LL -#endif - /* * Returns: time difference in number of milliseconds. For too large diffs it * returns max value. @@ -191,10 +183,10 @@ struct curltime Curl_now(void) timediff_t Curl_timediff(struct curltime newer, struct curltime older) { timediff_t diff = (timediff_t)newer.tv_sec-older.tv_sec; - if(diff >= (TIME_MAX/1000)) - return TIME_MAX; - else if(diff <= (TIME_MIN/1000)) - return TIME_MIN; + if(diff >= (TIMEDIFF_T_MAX/1000)) + return TIMEDIFF_T_MAX; + else if(diff <= (TIMEDIFF_T_MIN/1000)) + return TIMEDIFF_T_MIN; return diff * 1000 + (newer.tv_usec-older.tv_usec)/1000; } @@ -205,9 +197,9 @@ timediff_t Curl_timediff(struct curltime newer, struct curltime older) timediff_t Curl_timediff_us(struct curltime newer, struct curltime older) { timediff_t diff = (timediff_t)newer.tv_sec-older.tv_sec; - if(diff >= (TIME_MAX/1000000)) - return TIME_MAX; - else if(diff <= (TIME_MIN/1000000)) - return TIME_MIN; + if(diff >= (TIMEDIFF_T_MAX/1000000)) + return TIMEDIFF_T_MAX; + else if(diff <= (TIMEDIFF_T_MIN/1000000)) + return TIMEDIFF_T_MIN; return diff * 1000000 + newer.tv_usec-older.tv_usec; } diff --git a/libs/libcurl/src/timeval.h b/libs/libcurl/src/timeval.h index 96867d7139..53e063607c 100644 --- a/libs/libcurl/src/timeval.h +++ b/libs/libcurl/src/timeval.h @@ -24,13 +24,13 @@ #include "curl_setup.h" -#if SIZEOF_TIME_T < 8 -typedef int timediff_t; -#define CURL_FORMAT_TIMEDIFF_T "d" -#else +/* Use a larger type even for 32 bit time_t systems so that we can keep + microsecond accuracy in it */ typedef curl_off_t timediff_t; #define CURL_FORMAT_TIMEDIFF_T CURL_FORMAT_CURL_OFF_T -#endif + +#define TIMEDIFF_T_MAX CURL_OFF_T_MAX +#define TIMEDIFF_T_MIN CURL_OFF_T_MIN struct curltime { time_t tv_sec; /* seconds */ diff --git a/libs/libcurl/src/transfer.c b/libs/libcurl/src/transfer.c index b9bb5f6edd..ef0d806384 100644 --- a/libs/libcurl/src/transfer.c +++ b/libs/libcurl/src/transfer.c @@ -176,7 +176,7 @@ CURLcode Curl_fillreadbuffer(struct connectdata *conn, size_t bytes, #ifndef CURL_DISABLE_HTTP if(data->state.trailers_state == TRAILERS_INITIALIZED) { struct curl_slist *trailers = NULL; - CURLcode c; + CURLcode result; int trailers_ret_code; /* at this point we already verified that the callback exists @@ -195,17 +195,18 @@ CURLcode Curl_fillreadbuffer(struct connectdata *conn, size_t bytes, data->set.trailer_data); Curl_set_in_callback(data, false); if(trailers_ret_code == CURL_TRAILERFUNC_OK) { - c = Curl_http_compile_trailers(trailers, data->state.trailers_buf, data); + result = Curl_http_compile_trailers(trailers, &data->state.trailers_buf, + data); } else { failf(data, "operation aborted by trailing headers callback"); *nreadp = 0; - c = CURLE_ABORTED_BY_CALLBACK; + result = CURLE_ABORTED_BY_CALLBACK; } - if(c != CURLE_OK) { + if(result) { Curl_add_buffer_free(&data->state.trailers_buf); curl_slist_free_all(trailers); - return c; + return result; } infof(data, "Successfully compiled trailers.\r\n"); curl_slist_free_all(trailers); @@ -497,7 +498,7 @@ static int data_pending(const struct connectdata *conn) TRUE. The thing is if we read everything, then http2_recv won't be called and we cannot signal the HTTP/2 stream has closed. As a workaround, we return nonzero here to call http2_recv. */ - ((conn->handler->protocol&PROTO_FAMILY_HTTP) && conn->httpversion == 20); + ((conn->handler->protocol&PROTO_FAMILY_HTTP) && conn->httpversion >= 20); #else Curl_ssl_data_pending(conn, FIRSTSOCKET); #endif @@ -601,7 +602,7 @@ static CURLcode readwrite_data(struct Curl_easy *data, nread = 0; } - if((k->bytecount == 0) && (k->writebytecount == 0)) { + if(!k->bytecount) { Curl_pgrsTime(data, TIMER_STARTTRANSFER); if(k->exp100 > EXP100_SEND_DATA) /* set time stamp to compare with when waiting for the 100 */ @@ -942,7 +943,9 @@ CURLcode Curl_done_sending(struct connectdata *conn, { k->keepon &= ~KEEP_SEND; /* we're done writing */ + /* These functions should be moved into the handler struct! */ Curl_http2_done_sending(conn); + Curl_quic_done_sending(conn); if(conn->bits.rewindaftersend) { CURLcode result = Curl_readrewind(conn); @@ -1354,20 +1357,14 @@ CURLcode Curl_readwrite(struct connectdata *conn, * in the proper state to have this information available. */ int Curl_single_getsock(const struct connectdata *conn, - curl_socket_t *sock, /* points to numsocks number - of sockets */ - int numsocks) + curl_socket_t *sock) { const struct Curl_easy *data = conn->data; int bitmap = GETSOCK_BLANK; unsigned sockindex = 0; if(conn->handler->perform_getsock) - return conn->handler->perform_getsock(conn, sock, numsocks); - - if(numsocks < 2) - /* simple check but we might need two slots */ - return GETSOCK_BLANK; + return conn->handler->perform_getsock(conn, sock); /* don't include HOLD and PAUSE connections */ if((data->req.keepon & KEEP_RECVBITS) == KEEP_RECV) { diff --git a/libs/libcurl/src/transfer.h b/libs/libcurl/src/transfer.h index da36f19f81..67fd91f25b 100644 --- a/libs/libcurl/src/transfer.h +++ b/libs/libcurl/src/transfer.h @@ -47,8 +47,7 @@ CURLcode Curl_readwrite(struct connectdata *conn, struct Curl_easy *data, bool *done, bool *comeback); int Curl_single_getsock(const struct connectdata *conn, - curl_socket_t *socks, - int numsocks); + curl_socket_t *socks); CURLcode Curl_readrewind(struct connectdata *conn); CURLcode Curl_fillreadbuffer(struct connectdata *conn, size_t bytes, size_t *nreadp); diff --git a/libs/libcurl/src/url.c b/libs/libcurl/src/url.c index 2b47b235de..b7cf7bedd3 100644 --- a/libs/libcurl/src/url.c +++ b/libs/libcurl/src/url.c @@ -112,7 +112,6 @@ bool curl_win32_idn_to_ascii(const char *in, char **out); #include "connect.h" #include "inet_ntop.h" #include "http_ntlm.h" -#include "socks.h" #include "curl_rtmp.h" #include "gopher.h" #include "http_proxy.h" @@ -546,7 +545,7 @@ CURLcode Curl_init_userdefined(struct Curl_easy *data) set->upkeep_interval_ms = CURL_UPKEEP_INTERVAL_DEFAULT; set->maxconnects = DEFAULT_CONNCACHE_SIZE; /* for easy handles */ set->maxage_conn = 118; - set->http09_allowed = TRUE; + set->http09_allowed = FALSE; set->httpversion = #ifdef USE_NGHTTP2 CURL_HTTP_VERSION_2TLS @@ -715,6 +714,7 @@ static void conn_free(struct connectdata *conn) Curl_safefree(conn->user); Curl_safefree(conn->passwd); Curl_safefree(conn->oauth_bearer); + Curl_safefree(conn->sasl_authzid); Curl_safefree(conn->options); Curl_safefree(conn->http_proxy.user); Curl_safefree(conn->socks_proxy.user); @@ -972,7 +972,8 @@ static int call_extract_if_dead(struct connectdata *conn, void *param) static void prune_dead_connections(struct Curl_easy *data) { struct curltime now = Curl_now(); - time_t elapsed = Curl_timediff(now, data->state.conn_cache->last_cleanup); + timediff_t elapsed = + Curl_timediff(now, data->state.conn_cache->last_cleanup); if(elapsed >= 1000L) { struct prunedead prune; @@ -1371,58 +1372,6 @@ ConnectionExists(struct Curl_easy *data, return FALSE; /* no matching connecting exists */ } -/* after a TCP connection to the proxy has been verified, this function does - the next magic step. - - Note: this function's sub-functions call failf() - -*/ -CURLcode Curl_connected_proxy(struct connectdata *conn, int sockindex) -{ - CURLcode result = CURLE_OK; - - if(conn->bits.socksproxy) { -#ifndef CURL_DISABLE_PROXY - /* for the secondary socket (FTP), use the "connect to host" - * but ignore the "connect to port" (use the secondary port) - */ - const char * const host = conn->bits.httpproxy ? - conn->http_proxy.host.name : - conn->bits.conn_to_host ? - conn->conn_to_host.name : - sockindex == SECONDARYSOCKET ? - conn->secondaryhostname : conn->host.name; - const int port = conn->bits.httpproxy ? (int)conn->http_proxy.port : - sockindex == SECONDARYSOCKET ? conn->secondary_port : - conn->bits.conn_to_port ? conn->conn_to_port : - conn->remote_port; - conn->bits.socksproxy_connecting = TRUE; - switch(conn->socks_proxy.proxytype) { - case CURLPROXY_SOCKS5: - case CURLPROXY_SOCKS5_HOSTNAME: - result = Curl_SOCKS5(conn->socks_proxy.user, conn->socks_proxy.passwd, - host, port, sockindex, conn); - break; - - case CURLPROXY_SOCKS4: - case CURLPROXY_SOCKS4A: - result = Curl_SOCKS4(conn->socks_proxy.user, host, port, sockindex, - conn); - break; - - default: - failf(conn->data, "unknown proxytype option given"); - result = CURLE_COULDNT_CONNECT; - } /* switch proxytype */ - conn->bits.socksproxy_connecting = FALSE; -#else - (void)sockindex; -#endif /* CURL_DISABLE_PROXY */ - } - - return result; -} - /* * verboseconnect() displays verbose information after a connect */ @@ -1439,127 +1388,6 @@ void Curl_verboseconnect(struct connectdata *conn) } #endif -int Curl_protocol_getsock(struct connectdata *conn, - curl_socket_t *socks, - int numsocks) -{ - if(conn->handler->proto_getsock) - return conn->handler->proto_getsock(conn, socks, numsocks); - /* Backup getsock logic. Since there is a live socket in use, we must wait - for it or it will be removed from watching when the multi_socket API is - used. */ - socks[0] = conn->sock[FIRSTSOCKET]; - return GETSOCK_READSOCK(0) | GETSOCK_WRITESOCK(0); -} - -int Curl_doing_getsock(struct connectdata *conn, - curl_socket_t *socks, - int numsocks) -{ - if(conn && conn->handler->doing_getsock) - return conn->handler->doing_getsock(conn, socks, numsocks); - return GETSOCK_BLANK; -} - -/* - * We are doing protocol-specific connecting and this is being called over and - * over from the multi interface until the connection phase is done on - * protocol layer. - */ - -CURLcode Curl_protocol_connecting(struct connectdata *conn, - bool *done) -{ - CURLcode result = CURLE_OK; - - if(conn && conn->handler->connecting) { - *done = FALSE; - result = conn->handler->connecting(conn, done); - } - else - *done = TRUE; - - return result; -} - -/* - * We are DOING this is being called over and over from the multi interface - * until the DOING phase is done on protocol layer. - */ - -CURLcode Curl_protocol_doing(struct connectdata *conn, bool *done) -{ - CURLcode result = CURLE_OK; - - if(conn && conn->handler->doing) { - *done = FALSE; - result = conn->handler->doing(conn, done); - } - else - *done = TRUE; - - return result; -} - -/* - * We have discovered that the TCP connection has been successful, we can now - * proceed with some action. - * - */ -CURLcode Curl_protocol_connect(struct connectdata *conn, - bool *protocol_done) -{ - CURLcode result = CURLE_OK; - - *protocol_done = FALSE; - - if(conn->bits.tcpconnect[FIRSTSOCKET] && conn->bits.protoconnstart) { - /* We already are connected, get back. This may happen when the connect - worked fine in the first call, like when we connect to a local server - or proxy. Note that we don't know if the protocol is actually done. - - Unless this protocol doesn't have any protocol-connect callback, as - then we know we're done. */ - if(!conn->handler->connecting) - *protocol_done = TRUE; - - return CURLE_OK; - } - - if(!conn->bits.protoconnstart) { - - result = Curl_proxy_connect(conn, FIRSTSOCKET); - if(result) - return result; - - if(CONNECT_FIRSTSOCKET_PROXY_SSL()) - /* wait for HTTPS proxy SSL initialization to complete */ - return CURLE_OK; - - if(conn->bits.tunnel_proxy && conn->bits.httpproxy && - Curl_connect_ongoing(conn)) - /* when using an HTTP tunnel proxy, await complete tunnel establishment - before proceeding further. Return CURLE_OK so we'll be called again */ - return CURLE_OK; - - if(conn->handler->connect_it) { - /* is there a protocol-specific connect() procedure? */ - - /* Call the protocol-specific connect function */ - result = conn->handler->connect_it(conn, protocol_done); - } - else - *protocol_done = TRUE; - - /* it has started, possibly even completed but that knowledge isn't stored - in this bit! */ - if(!result) - conn->bits.protoconnstart = TRUE; - } - - return result; /* pass back status */ -} - /* * Helpers for IDNA conversions. */ @@ -1774,6 +1602,7 @@ static struct connectdata *allocate_conn(struct Curl_easy *data) conn->proxy_ssl_config.verifyhost = data->set.proxy_ssl.primary.verifyhost; conn->ip_version = data->set.ipver; conn->bits.connect_only = data->set.connect_only; + conn->transport = TRNSPRT_TCP; /* most of them are TCP streams */ #if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM) && \ defined(NTLM_WB_ENABLED) @@ -2110,7 +1939,6 @@ static CURLcode setup_connection_internals(struct connectdata *conn) { const struct Curl_handler * p; CURLcode result; - conn->socktype = SOCK_STREAM; /* most of them are TCP streams */ /* Perform setup complement if some. */ p = conn->handler; @@ -2860,8 +2688,7 @@ static CURLcode override_login(struct Curl_easy *data, &netrc_user_changed, &netrc_passwd_changed, data->set.str[STRING_NETRC_FILE]); if(ret > 0) { - infof(data, "Couldn't find host %s in the " - DOT_CHAR "netrc file; using defaults\n", + infof(data, "Couldn't find host %s in the .netrc file; using defaults\n", conn->host.name); } else if(ret < 0) { @@ -3158,26 +2985,65 @@ static CURLcode parse_connect_to_slist(struct Curl_easy *data, if(data->asi && !host && (port == -1) && (conn->handler->protocol == CURLPROTO_HTTPS)) { /* no connect_to match, try alt-svc! */ - const char *nhost; - int nport; - enum alpnid nalpnid; + enum alpnid srcalpnid; bool hit; + struct altsvc *as; + const int allowed_versions = ( ALPN_h1 +#ifdef USE_NGHTTP2 + | ALPN_h2 +#endif +#ifdef ENABLE_QUIC + | ALPN_h3 +#endif + ) & data->asi->flags; + host = conn->host.rawalloc; +#ifdef USE_NGHTTP2 + /* with h2 support, check that first */ + srcalpnid = ALPN_h2; hit = Curl_altsvc_lookup(data->asi, - ALPN_h1, host, conn->remote_port, /* from */ - &nalpnid, &nhost, &nport /* to */); + srcalpnid, host, conn->remote_port, /* from */ + &as /* to */, + allowed_versions); + if(!hit) +#endif + { + srcalpnid = ALPN_h1; + hit = Curl_altsvc_lookup(data->asi, + srcalpnid, host, conn->remote_port, /* from */ + &as /* to */, + allowed_versions); + } if(hit) { - char *hostd = strdup((char *)nhost); + char *hostd = strdup((char *)as->dst.host); if(!hostd) return CURLE_OUT_OF_MEMORY; conn->conn_to_host.rawalloc = hostd; conn->conn_to_host.name = hostd; conn->bits.conn_to_host = TRUE; - conn->conn_to_port = nport; + conn->conn_to_port = as->dst.port; conn->bits.conn_to_port = TRUE; + conn->bits.altused = TRUE; infof(data, "Alt-svc connecting from [%s]%s:%d to [%s]%s:%d\n", - Curl_alpnid2str(ALPN_h1), host, conn->remote_port, - Curl_alpnid2str(nalpnid), hostd, nport); + Curl_alpnid2str(srcalpnid), host, conn->remote_port, + Curl_alpnid2str(as->dst.alpnid), hostd, as->dst.port); + if(srcalpnid != as->dst.alpnid) { + /* protocol version switch */ + switch(as->dst.alpnid) { + case ALPN_h1: + conn->httpversion = 11; + break; + case ALPN_h2: + conn->httpversion = 20; + break; + case ALPN_h3: + conn->transport = TRNSPRT_QUIC; + conn->httpversion = 30; + break; + default: /* shouldn't be possible */ + break; + } + } } } #endif @@ -3464,6 +3330,14 @@ static CURLcode create_conn(struct Curl_easy *data, } } + if(data->set.str[STRING_SASL_AUTHZID]) { + conn->sasl_authzid = strdup(data->set.str[STRING_SASL_AUTHZID]); + if(!conn->sasl_authzid) { + result = CURLE_OUT_OF_MEMORY; + goto out; + } + } + #ifdef USE_UNIX_SOCKETS if(data->set.str[STRING_UNIX_SOCKET_PATH]) { conn->unix_domain_socket = strdup(data->set.str[STRING_UNIX_SOCKET_PATH]); @@ -4162,34 +4036,3 @@ static unsigned int get_protocol_family(unsigned int protocol) return family; } - - -/* - * Wrapper to call functions in Curl_conncache_foreach() - * - * Returns always 0. - */ -static int conn_upkeep(struct connectdata *conn, - void *param) -{ - /* Param is unused. */ - (void)param; - - if(conn->handler->connection_check) { - /* Do a protocol-specific keepalive check on the connection. */ - conn->handler->connection_check(conn, CONNCHECK_KEEPALIVE); - } - - return 0; /* continue iteration */ -} - -CURLcode Curl_upkeep(struct conncache *conn_cache, - void *data) -{ - /* Loop over every connection and make connection alive. */ - Curl_conncache_foreach(data, - conn_cache, - data, - conn_upkeep); - return CURLE_OK; -} diff --git a/libs/libcurl/src/url.h b/libs/libcurl/src/url.h index 7c87432c94..f4d611adda 100644 --- a/libs/libcurl/src/url.h +++ b/libs/libcurl/src/url.h @@ -53,23 +53,12 @@ CURLcode Curl_close(struct Curl_easy *data); /* opposite of curl_open() */ CURLcode Curl_connect(struct Curl_easy *, bool *async, bool *protocol_connect); CURLcode Curl_disconnect(struct Curl_easy *data, struct connectdata *, bool dead_connection); -CURLcode Curl_protocol_connect(struct connectdata *conn, bool *done); -CURLcode Curl_protocol_connecting(struct connectdata *conn, bool *done); -CURLcode Curl_protocol_doing(struct connectdata *conn, bool *done); CURLcode Curl_setup_conn(struct connectdata *conn, bool *protocol_done); void Curl_free_request_state(struct Curl_easy *data); - -int Curl_protocol_getsock(struct connectdata *conn, - curl_socket_t *socks, - int numsocks); -int Curl_doing_getsock(struct connectdata *conn, - curl_socket_t *socks, - int numsocks); CURLcode Curl_parse_login_details(const char *login, const size_t len, char **userptr, char **passwdptr, char **optionsptr); -CURLcode Curl_upkeep(struct conncache *conn_cache, void *data); const struct Curl_handler *Curl_builtin_scheme(const char *scheme); @@ -77,8 +66,6 @@ const struct Curl_handler *Curl_builtin_scheme(const char *scheme); #define CURL_DEFAULT_HTTPS_PROXY_PORT 443 /* default https proxy port unless specified */ -CURLcode Curl_connected_proxy(struct connectdata *conn, int sockindex); - #ifdef CURL_DISABLE_VERBOSE_STRINGS #define Curl_verboseconnect(x) Curl_nop_stmt #else diff --git a/libs/libcurl/src/urlapi.c b/libs/libcurl/src/urlapi.c index d07e4f5dff..a0ee331dab 100644 --- a/libs/libcurl/src/urlapi.c +++ b/libs/libcurl/src/urlapi.c @@ -29,6 +29,7 @@ #include "url.h" #include "escape.h" #include "curl_ctype.h" +#include "inet_pton.h" /* The last 3 #include files should be in this order */ #include "curl_printf.h" @@ -591,20 +592,22 @@ static CURLUcode junkscan(char *part) static CURLUcode hostname_check(struct Curl_URL *u, char *hostname) { - const char *l = NULL; /* accepted characters */ size_t len; size_t hlen = strlen(hostname); if(hostname[0] == '[') { + char dest[16]; /* fits a binary IPv6 address */ + const char *l = "0123456789abcdefABCDEF:."; hostname++; - l = "0123456789abcdefABCDEF::."; hlen -= 2; - } - if(l) { + if(hostname[hlen] != ']') + return CURLUE_MALFORMED_INPUT; + /* only valid letters are ok */ len = strspn(hostname, l); if(hlen != len) { + hlen = len; if(hostname[len] == '%') { /* this could now be '%[zone id]' */ char zoneid[16]; @@ -628,6 +631,12 @@ static CURLUcode hostname_check(struct Curl_URL *u, char *hostname) return CURLUE_MALFORMED_INPUT; /* hostname is fine */ } +#ifdef ENABLE_IPV6 + hostname[hlen] = 0; /* end the address there */ + if(1 != Curl_inet_pton(AF_INET6, hostname, dest)) + return CURLUE_MALFORMED_INPUT; + hostname[hlen] = ']'; /* restore ending bracket */ +#endif } else { /* letters from the second string is not ok */ diff --git a/libs/libcurl/src/urldata.h b/libs/libcurl/src/urldata.h index fdc185b228..acc1fd1b9d 100644 --- a/libs/libcurl/src/urldata.h +++ b/libs/libcurl/src/urldata.h @@ -129,6 +129,7 @@ typedef ssize_t (Curl_recv)(struct connectdata *conn, /* connection data */ #include "smb.h" #include "wildcard.h" #include "multihandle.h" +#include "quic.h" #ifdef HAVE_GSSAPI # ifdef HAVE_GSSGNU @@ -404,6 +405,7 @@ struct ConnectBits { the first time on the first connect function call */ bit close:1; /* if set, we close the connection after this request */ bit reuse:1; /* if set, this is a re-used connection */ + bit altused:1; /* this is an alt-svc "redirect" */ bit conn_to_host:1; /* if set, this connection has a "connect to host" that overrides the host in the URL */ bit conn_to_port:1; /* if set, this connection has a "connect to port" @@ -663,27 +665,23 @@ struct Curl_handler { /* Called from the multi interface during the PROTOCONNECT phase, and it should then return a proper fd set */ int (*proto_getsock)(struct connectdata *conn, - curl_socket_t *socks, - int numsocks); + curl_socket_t *socks); /* Called from the multi interface during the DOING phase, and it should then return a proper fd set */ int (*doing_getsock)(struct connectdata *conn, - curl_socket_t *socks, - int numsocks); + curl_socket_t *socks); /* Called from the multi interface during the DO_MORE phase, and it should then return a proper fd set */ int (*domore_getsock)(struct connectdata *conn, - curl_socket_t *socks, - int numsocks); + curl_socket_t *socks); /* Called from the multi interface during the DO_DONE, PERFORM and WAITPERFORM phases, and it should then return a proper fd set. Not setting this will make libcurl use the generic default one. */ int (*perform_getsock)(const struct connectdata *conn, - curl_socket_t *socks, - int numsocks); + curl_socket_t *socks); /* This function *MAY* be set to a protocol-dependent function that is run * by the curl_disconnect(), as a step in the disconnection. If the handler @@ -782,6 +780,8 @@ struct http_connect_state { bit close_connection:1; }; +struct ldapconninfo; + /* * The connectdata struct contains all fields and variables that should be * unique for an entire connection. @@ -831,7 +831,16 @@ struct connectdata { unsigned int scope_id; /* Scope id for IPv6 */ - int socktype; /* SOCK_STREAM or SOCK_DGRAM */ + enum { + TRNSPRT_TCP = 3, + TRNSPRT_UDP = 4, + TRNSPRT_QUIC = 5 + } transport; + +#ifdef ENABLE_QUIC + struct quicsocket hequic[2]; /* two, for happy eyeballs! */ + struct quicsocket *quic; +#endif struct hostname host; char *hostname_resolve; /* host name to resolve to address, allocated */ @@ -870,7 +879,8 @@ struct connectdata { char *passwd; /* password string, allocated */ char *options; /* options string, allocated */ - char *oauth_bearer; /* bearer token for OAuth 2.0, allocated */ + char *oauth_bearer; /* bearer token for OAuth 2.0, allocated */ + char *sasl_authzid; /* authorisation identity string, allocated */ int httpversion; /* the HTTP version*10 reported by the server */ int rtspversion; /* the RTSP version*10 reported by the server */ @@ -904,8 +914,8 @@ struct connectdata { struct curltime connecttime; /* The two fields below get set in Curl_connecthost */ int num_addr; /* number of addresses to try to connect to */ - time_t timeoutms_per_addr; /* how long time in milliseconds to spend on - trying to connect to each IP address */ + timediff_t timeoutms_per_addr; /* how long time in milliseconds to spend on + trying to connect to each IP address */ const struct Curl_handler *handler; /* Connection's protocol handler */ const struct Curl_handler *given; /* The protocol first given */ @@ -1010,7 +1020,8 @@ struct connectdata { struct smtp_conn smtpc; struct rtsp_conn rtspc; struct smb_conn smbc; - void *generic; /* RTMP and LDAP use this */ + void *rtmp; + struct ldapconninfo *ldapc; } proto; int cselect_bits; /* bitmask of socket events */ @@ -1065,6 +1076,7 @@ struct PureInfo { long numconnects; /* how many new connection did libcurl created */ char *contenttype; /* the content type of the object */ char *wouldredirect; /* URL this would've been redirected to if asked to */ + curl_off_t retry_after; /* info from Retry-After: header */ /* PureInfo members 'conn_primary_ip', 'conn_primary_port', 'conn_local_ip' and, 'conn_local_port' are copied over from the connectdata struct in @@ -1084,7 +1096,6 @@ struct PureInfo { OpenSSL, GnuTLS, Schannel, NSS and GSKit builds. Asked for with CURLOPT_CERTINFO / CURLINFO_CERTINFO */ - bit timecond:1; /* set to TRUE if the time condition didn't match, which thus made the document NOT get fetched */ }; @@ -1103,17 +1114,17 @@ struct Progress { int width; /* screen width at download start */ int flags; /* see progress.h */ - time_t timespent; + timediff_t timespent; curl_off_t dlspeed; curl_off_t ulspeed; - time_t t_nslookup; - time_t t_connect; - time_t t_appconnect; - time_t t_pretransfer; - time_t t_starttransfer; - time_t t_redirect; + timediff_t t_nslookup; + timediff_t t_connect; + timediff_t t_appconnect; + timediff_t t_pretransfer; + timediff_t t_starttransfer; + timediff_t t_redirect; struct curltime start; struct curltime t_startsingle; @@ -1221,6 +1232,7 @@ typedef enum { EXPIRE_SPEEDCHECK, EXPIRE_TIMEOUT, EXPIRE_TOOFAST, + EXPIRE_QUIC, EXPIRE_LAST /* not an actual timer, used as a marker only */ } expire_id; @@ -1493,6 +1505,10 @@ enum dupstring { #ifdef USE_ALTSVC STRING_ALTSVC, /* CURLOPT_ALTSVC */ #endif + STRING_SASL_AUTHZID, /* CURLOPT_SASL_AUTHZID */ +#ifndef CURL_DISABLE_PROXY + STRING_TEMP_URL, /* temp URL storage for proxy use */ +#endif /* -- end of zero-terminated strings -- */ STRING_LASTZEROTERMINATED, diff --git a/libs/libcurl/src/vauth/digest_sspi.c b/libs/libcurl/src/vauth/digest_sspi.c index fe8093e8b3..a1090568b2 100644 --- a/libs/libcurl/src/vauth/digest_sspi.c +++ b/libs/libcurl/src/vauth/digest_sspi.c @@ -61,6 +61,11 @@ bool Curl_auth_is_digest_supported(void) status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_DIGEST), &SecurityPackage); + /* Release the package buffer as it is not required anymore */ + if(status == SEC_E_OK) { + s_pSecFn->FreeContextBuffer(SecurityPackage); + } + return (status == SEC_E_OK ? TRUE : FALSE); } @@ -220,7 +225,10 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, free(output_token); free(input_token); - return CURLE_RECV_ERROR; + if(status == SEC_E_INSUFFICIENT_MEMORY) + return CURLE_OUT_OF_MEMORY; + + return CURLE_AUTH_ERROR; } /* Base64 encode the response */ @@ -607,7 +615,10 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data, Curl_safefree(digest->http_context); - return CURLE_OUT_OF_MEMORY; + if(status == SEC_E_INSUFFICIENT_MEMORY) + return CURLE_OUT_OF_MEMORY; + + return CURLE_AUTH_ERROR; } output_token_len = resp_buf.cbBuffer; diff --git a/libs/libcurl/src/vauth/krb5_gssapi.c b/libs/libcurl/src/vauth/krb5_gssapi.c index ea0a5f1892..95bab0e2ee 100644 --- a/libs/libcurl/src/vauth/krb5_gssapi.c +++ b/libs/libcurl/src/vauth/krb5_gssapi.c @@ -121,7 +121,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data, free(spn); - return CURLE_OUT_OF_MEMORY; + return CURLE_AUTH_ERROR; } free(spn); @@ -168,7 +168,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data, Curl_gss_log_error(data, "gss_init_sec_context() failed: ", major_status, minor_status); - return CURLE_RECV_ERROR; + return CURLE_AUTH_ERROR; } if(output_token.value && output_token.length) { @@ -252,7 +252,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data, free(chlg); - return CURLE_OUT_OF_MEMORY; + return CURLE_AUTH_ERROR; } /* Convert the username from internal format to a displayable token */ @@ -264,7 +264,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data, free(chlg); - return CURLE_OUT_OF_MEMORY; + return CURLE_AUTH_ERROR; } /* Setup the challenge "input" security buffer */ @@ -355,7 +355,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data, free(message); - return CURLE_OUT_OF_MEMORY; + return CURLE_AUTH_ERROR; } /* Base64 encode the response */ diff --git a/libs/libcurl/src/vauth/krb5_sspi.c b/libs/libcurl/src/vauth/krb5_sspi.c index 1f6e462bf7..98041d9156 100644 --- a/libs/libcurl/src/vauth/krb5_sspi.c +++ b/libs/libcurl/src/vauth/krb5_sspi.c @@ -58,6 +58,11 @@ bool Curl_auth_is_gssapi_supported(void) TEXT(SP_NAME_KERBEROS), &SecurityPackage); + /* Release the package buffer as it is not required anymore */ + if(status == SEC_E_OK) { + s_pSecFn->FreeContextBuffer(SecurityPackage); + } + return (status == SEC_E_OK ? TRUE : FALSE); } @@ -217,8 +222,12 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data, /* Free the decoded challenge as it is not required anymore */ free(chlg); + if(status == SEC_E_INSUFFICIENT_MEMORY) { + return CURLE_OUT_OF_MEMORY; + } + if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) { - return CURLE_RECV_ERROR; + return CURLE_AUTH_ERROR; } if(memcmp(&context, krb5->context, sizeof(context))) { @@ -309,7 +318,10 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data, if(status != SEC_E_OK) { free(chlg); - return CURLE_OUT_OF_MEMORY; + if(status == SEC_E_INSUFFICIENT_MEMORY) + return CURLE_OUT_OF_MEMORY; + + return CURLE_AUTH_ERROR; } /* Get the fully qualified username back from the context */ @@ -319,7 +331,10 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data, if(status != SEC_E_OK) { free(chlg); - return CURLE_RECV_ERROR; + if(status == SEC_E_INSUFFICIENT_MEMORY) + return CURLE_OUT_OF_MEMORY; + + return CURLE_AUTH_ERROR; } /* Setup the "input" security buffer */ @@ -438,7 +453,10 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data, free(message); free(trailer); - return CURLE_OUT_OF_MEMORY; + if(status == SEC_E_INSUFFICIENT_MEMORY) + return CURLE_OUT_OF_MEMORY; + + return CURLE_AUTH_ERROR; } /* Allocate the encryption (wrap) buffer */ diff --git a/libs/libcurl/src/vauth/ntlm_sspi.c b/libs/libcurl/src/vauth/ntlm_sspi.c index 589cca16c0..cd6cb79c14 100644 --- a/libs/libcurl/src/vauth/ntlm_sspi.c +++ b/libs/libcurl/src/vauth/ntlm_sspi.c @@ -56,6 +56,11 @@ bool Curl_auth_is_ntlm_supported(void) status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_NTLM), &SecurityPackage); + /* Release the package buffer as it is not required anymore */ + if(status == SEC_E_OK) { + s_pSecFn->FreeContextBuffer(SecurityPackage); + } + return (status == SEC_E_OK ? TRUE : FALSE); } @@ -169,8 +174,10 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data, if(status == SEC_I_COMPLETE_NEEDED || status == SEC_I_COMPLETE_AND_CONTINUE) s_pSecFn->CompleteAuthToken(ntlm->context, &type_1_desc); + else if(status == SEC_E_INSUFFICIENT_MEMORY) + return CURLE_OUT_OF_MEMORY; else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) - return CURLE_RECV_ERROR; + return CURLE_AUTH_ERROR; /* Base64 encode the response */ return Curl_base64_encode(data, (char *) ntlm->output_token, @@ -316,7 +323,10 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, infof(data, "NTLM handshake failure (type-3 message): Status=%x\n", status); - return CURLE_RECV_ERROR; + if(status == SEC_E_INSUFFICIENT_MEMORY) + return CURLE_OUT_OF_MEMORY; + + return CURLE_AUTH_ERROR; } /* Base64 encode the response */ diff --git a/libs/libcurl/src/vauth/spnego_gssapi.c b/libs/libcurl/src/vauth/spnego_gssapi.c index 5d43e11001..ed7ce029ec 100644 --- a/libs/libcurl/src/vauth/spnego_gssapi.c +++ b/libs/libcurl/src/vauth/spnego_gssapi.c @@ -121,7 +121,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, free(spn); - return CURLE_OUT_OF_MEMORY; + return CURLE_AUTH_ERROR; } free(spn); @@ -170,14 +170,14 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, Curl_gss_log_error(data, "gss_init_sec_context() failed: ", major_status, minor_status); - return CURLE_LOGIN_DENIED; + return CURLE_AUTH_ERROR; } if(!output_token.value || !output_token.length) { if(output_token.value) gss_release_buffer(&unused_status, &output_token); - return CURLE_OUT_OF_MEMORY; + return CURLE_AUTH_ERROR; } /* Free previous token */ diff --git a/libs/libcurl/src/vauth/spnego_sspi.c b/libs/libcurl/src/vauth/spnego_sspi.c index 4b21cc769e..b9c2cf7d62 100644 --- a/libs/libcurl/src/vauth/spnego_sspi.c +++ b/libs/libcurl/src/vauth/spnego_sspi.c @@ -59,6 +59,12 @@ bool Curl_auth_is_spnego_supported(void) TEXT(SP_NAME_NEGOTIATE), &SecurityPackage); + /* Release the package buffer as it is not required anymore */ + if(status == SEC_E_OK) { + s_pSecFn->FreeContextBuffer(SecurityPackage); + } + + return (status == SEC_E_OK ? TRUE : FALSE); } @@ -165,7 +171,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, nego->p_identity, NULL, NULL, nego->credentials, &expiry); if(nego->status != SEC_E_OK) - return CURLE_LOGIN_DENIED; + return CURLE_AUTH_ERROR; /* Allocate our new context handle */ nego->context = calloc(1, sizeof(CtxtHandle)); @@ -251,14 +257,25 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, char buffer[STRERROR_LEN]; failf(data, "InitializeSecurityContext failed: %s", Curl_sspi_strerror(nego->status, buffer, sizeof(buffer))); - return CURLE_OUT_OF_MEMORY; + + if(nego->status == (DWORD)SEC_E_INSUFFICIENT_MEMORY) + return CURLE_OUT_OF_MEMORY; + + return CURLE_AUTH_ERROR; } if(nego->status == SEC_I_COMPLETE_NEEDED || nego->status == SEC_I_COMPLETE_AND_CONTINUE) { nego->status = s_pSecFn->CompleteAuthToken(nego->context, &resp_desc); if(GSS_ERROR(nego->status)) { - return CURLE_RECV_ERROR; + char buffer[STRERROR_LEN]; + failf(data, "CompleteAuthToken failed: %s", + Curl_sspi_strerror(nego->status, buffer, sizeof(buffer))); + + if(nego->status == (DWORD)SEC_E_INSUFFICIENT_MEMORY) + return CURLE_OUT_OF_MEMORY; + + return CURLE_AUTH_ERROR; } } diff --git a/libs/libcurl/src/version.c b/libs/libcurl/src/version.c index 14b0531d37..ae2b09d310 100644 --- a/libs/libcurl/src/version.c +++ b/libs/libcurl/src/version.c @@ -27,6 +27,7 @@ #include "vtls/vtls.h" #include "http2.h" #include "ssh.h" +#include "quic.h" #include "curl_printf.h" #ifdef USE_ARES @@ -53,18 +54,6 @@ #include <librtmp/rtmp.h> #endif -#ifdef USE_LIBSSH2 -#include <libssh2.h> -#endif - -#ifdef HAVE_LIBSSH2_VERSION -/* get it run-time if possible */ -#define CURL_LIBSSH2_VERSION libssh2_version(0) -#else -/* use build-time if run-time not possible */ -#define CURL_LIBSSH2_VERSION LIBSSH2_VERSION -#endif - #ifdef HAVE_ZLIB_H #include <zlib.h> #ifdef __SYMBIAN32__ @@ -102,7 +91,7 @@ static size_t brotli_version(char *buf, size_t bufsz) char *curl_version(void) { static bool initialized; - static char version[200]; + static char version[250]; char *ptr = version; size_t len; size_t left = sizeof(version); @@ -172,18 +161,22 @@ char *curl_version(void) left -= len; ptr += len; #endif -#ifdef USE_LIBSSH2 - len = msnprintf(ptr, left, " libssh2/%s", CURL_LIBSSH2_VERSION); +#ifdef USE_SSH + if(left) { + *ptr++=' '; + left--; + } + len = Curl_ssh_version(ptr, left); left -= len; ptr += len; #endif -#ifdef USE_LIBSSH - len = msnprintf(ptr, left, " libssh/%s", CURL_LIBSSH_VERSION); +#ifdef USE_NGHTTP2 + len = Curl_http2_ver(ptr, left); left -= len; ptr += len; #endif -#ifdef USE_NGHTTP2 - len = Curl_http2_ver(ptr, left); +#ifdef ENABLE_QUIC + len = Curl_quic_ver(ptr, left); left -= len; ptr += len; #endif @@ -358,6 +351,9 @@ static curl_version_info_data version_info = { #if defined(USE_NGHTTP2) | CURL_VERSION_HTTP2 #endif +#if defined(ENABLE_QUIC) + | CURL_VERSION_HTTP3 +#endif #if defined(USE_UNIX_SOCKETS) | CURL_VERSION_UNIX_SOCKETS #endif @@ -385,6 +381,9 @@ static curl_version_info_data version_info = { NULL, /* ssh lib version */ 0, /* brotli_ver_num */ NULL, /* brotli version */ + 0, /* nghttp2 version number */ + NULL, /* nghttp2 version string */ + NULL /* quic library string */ }; curl_version_info_data *curl_version_info(CURLversion stamp) @@ -446,11 +445,8 @@ curl_version_info_data *curl_version_info(CURLversion stamp) #endif /* _LIBICONV_VERSION */ #endif -#if defined(USE_LIBSSH2) - msnprintf(ssh_buffer, sizeof(ssh_buffer), "libssh2/%s", LIBSSH2_VERSION); - version_info.libssh_version = ssh_buffer; -#elif defined(USE_LIBSSH) - msnprintf(ssh_buffer, sizeof(ssh_buffer), "libssh/%s", CURL_LIBSSH_VERSION); +#if defined(USE_SSH) + Curl_ssh_version(ssh_buffer, sizeof(ssh_buffer)); version_info.libssh_version = ssh_buffer; #endif @@ -460,6 +456,22 @@ curl_version_info_data *curl_version_info(CURLversion stamp) version_info.brotli_version = brotli_buffer; #endif +#ifdef USE_NGHTTP2 + { + nghttp2_info *h2 = nghttp2_version(0); + version_info.nghttp2_ver_num = h2->version_num; + version_info.nghttp2_version = h2->version_str; + } +#endif + +#ifdef ENABLE_QUIC + { + static char quicbuffer[80]; + Curl_quic_ver(quicbuffer, sizeof(quicbuffer)); + version_info.quic_version = quicbuffer; + } +#endif + (void)stamp; /* avoid compiler warnings, we don't use this */ initialized = true; diff --git a/libs/libcurl/src/ssh-libssh.c b/libs/libcurl/src/vssh/libssh.c index ca13376775..76956a3c1f 100644 --- a/libs/libcurl/src/ssh-libssh.c +++ b/libs/libcurl/src/vssh/libssh.c @@ -126,13 +126,9 @@ CURLcode sftp_perform(struct connectdata *conn, static void sftp_quote(struct connectdata *conn); static void sftp_quote_stat(struct connectdata *conn); - -static int myssh_getsock(struct connectdata *conn, curl_socket_t *sock, - int numsocks); - +static int myssh_getsock(struct connectdata *conn, curl_socket_t *sock); static int myssh_perform_getsock(const struct connectdata *conn, - curl_socket_t *sock, - int numsocks); + curl_socket_t *sock); static CURLcode myssh_setup_connection(struct connectdata *conn); @@ -1119,7 +1115,7 @@ static CURLcode myssh_statemach_act(struct connectdata *conn, bool *block) flags = O_WRONLY|O_APPEND; else /* Clear file before writing (normal behaviour) */ - flags = O_WRONLY|O_APPEND|O_CREAT|O_TRUNC; + flags = O_WRONLY|O_CREAT|O_TRUNC; if(sshc->sftp_file) sftp_close(sshc->sftp_file); @@ -1913,13 +1909,9 @@ static CURLcode myssh_statemach_act(struct connectdata *conn, bool *block) /* called by the multi interface to figure out what socket(s) to wait for and for what actions in the DO_DONE, PERFORM and WAITPERFORM states */ static int myssh_perform_getsock(const struct connectdata *conn, - curl_socket_t *sock, /* points to numsocks - number of sockets */ - int numsocks) + curl_socket_t *sock) { int bitmap = GETSOCK_BLANK; - (void) numsocks; - sock[0] = conn->sock[FIRSTSOCKET]; if(conn->waitfor & KEEP_RECV) @@ -1934,13 +1926,11 @@ static int myssh_perform_getsock(const struct connectdata *conn, /* Generic function called by the multi interface to figure out what socket(s) to wait for and for what actions during the DOING and PROTOCONNECT states*/ static int myssh_getsock(struct connectdata *conn, - curl_socket_t *sock, /* points to numsocks - number of sockets */ - int numsocks) + curl_socket_t *sock) { /* if we know the direction we can use the generic *_getsock() function even for the protocol_connect and doing states */ - return myssh_perform_getsock(conn, sock, numsocks); + return myssh_perform_getsock(conn, sock); } static void myssh_block2waitfor(struct connectdata *conn, bool block) @@ -2735,5 +2725,23 @@ static void sftp_quote_stat(struct connectdata *conn) return; } +CURLcode Curl_ssh_init(void) +{ + if(ssh_init()) { + DEBUGF(fprintf(stderr, "Error: libssh_init failed\n")); + return CURLE_FAILED_INIT; + } + return CURLE_OK; +} + +void Curl_ssh_cleanup(void) +{ + (void)ssh_finalize(); +} + +size_t Curl_ssh_version(char *buffer, size_t buflen) +{ + return msnprintf(buffer, buflen, "libssh/%s", CURL_LIBSSH_VERSION); +} #endif /* USE_LIBSSH */ diff --git a/libs/libcurl/src/ssh.c b/libs/libcurl/src/vssh/libssh2.c index a265c3c9ad..2b25a514f4 100644 --- a/libs/libcurl/src/ssh.c +++ b/libs/libcurl/src/vssh/libssh2.c @@ -125,17 +125,9 @@ static CURLcode sftp_perform(struct connectdata *conn, bool *connected, bool *dophase_done); - -static int ssh_getsock(struct connectdata *conn, - curl_socket_t *sock, /* points to numsocks number - of sockets */ - int numsocks); - +static int ssh_getsock(struct connectdata *conn, curl_socket_t *sock); static int ssh_perform_getsock(const struct connectdata *conn, - curl_socket_t *sock, /* points to numsocks - number of sockets */ - int numsocks); - + curl_socket_t *sock); static CURLcode ssh_setup_connection(struct connectdata *conn); /* @@ -2700,13 +2692,10 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block) /* called by the multi interface to figure out what socket(s) to wait for and for what actions in the DO_DONE, PERFORM and WAITPERFORM states */ static int ssh_perform_getsock(const struct connectdata *conn, - curl_socket_t *sock, /* points to numsocks - number of sockets */ - int numsocks) + curl_socket_t *sock) { #ifdef HAVE_LIBSSH2_SESSION_BLOCK_DIRECTION int bitmap = GETSOCK_BLANK; - (void)numsocks; sock[0] = conn->sock[FIRSTSOCKET]; @@ -2720,28 +2709,25 @@ static int ssh_perform_getsock(const struct connectdata *conn, #else /* if we don't know the direction we can use the generic *_getsock() function even for the protocol_connect and doing states */ - return Curl_single_getsock(conn, sock, numsocks); + return Curl_single_getsock(conn, sock); #endif } /* Generic function called by the multi interface to figure out what socket(s) to wait for and for what actions during the DOING and PROTOCONNECT states*/ static int ssh_getsock(struct connectdata *conn, - curl_socket_t *sock, /* points to numsocks number - of sockets */ - int numsocks) + curl_socket_t *sock) { #ifndef HAVE_LIBSSH2_SESSION_BLOCK_DIRECTION (void)conn; (void)sock; - (void)numsocks; /* if we don't know any direction we can just play along as we used to and not provide any sensible info */ return GETSOCK_BLANK; #else /* if we know the direction we can use the generic *_getsock() function even for the protocol_connect and doing states */ - return ssh_perform_getsock(conn, sock, numsocks); + return ssh_perform_getsock(conn, sock); #endif } @@ -3334,4 +3320,27 @@ static const char *sftp_libssh2_strerror(int err) return "Unknown error in libssh2"; } +CURLcode Curl_ssh_init(void) +{ +#ifdef HAVE_LIBSSH2_INIT + if(libssh2_init(0)) { + DEBUGF(fprintf(stderr, "Error: libssh2_init failed\n")); + return CURLE_FAILED_INIT; + } +#endif + return CURLE_OK; +} + +void Curl_ssh_cleanup(void) +{ +#ifdef HAVE_LIBSSH2_EXIT + (void)libssh2_exit(); +#endif +} + +size_t Curl_ssh_version(char *buffer, size_t buflen) +{ + return msnprintf(buffer, buflen, "libssh2/%s", LIBSSH2_VERSION); +} + #endif /* USE_LIBSSH2 */ diff --git a/libs/libcurl/src/vtls/mesalink.c b/libs/libcurl/src/vtls/mesalink.c index 7ca4f0eac5..9507888bdf 100644 --- a/libs/libcurl/src/vtls/mesalink.c +++ b/libs/libcurl/src/vtls/mesalink.c @@ -73,6 +73,17 @@ struct ssl_backend_data static Curl_recv mesalink_recv; static Curl_send mesalink_send; +static int do_file_type(const char *type) +{ + if(!type || !type[0]) + return SSL_FILETYPE_PEM; + if(strcasecompare(type, "PEM")) + return SSL_FILETYPE_PEM; + if(strcasecompare(type, "DER")) + return SSL_FILETYPE_ASN1; + return -1; +} + /* * This function loads all the client/CA certificates and CRLs. Setup the TLS * layer and do all necessary magic. @@ -83,9 +94,6 @@ mesalink_connect_step1(struct connectdata *conn, int sockindex) char *ciphers; struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - const bool verifypeer = SSL_CONN_CONFIG(verifypeer); - const char *const ssl_cafile = SSL_CONN_CONFIG(CAfile); - const char *const ssl_capath = SSL_CONN_CONFIG(CApath); struct in_addr addr4; #ifdef ENABLE_IPV6 struct in6_addr addr6; @@ -142,21 +150,25 @@ mesalink_connect_step1(struct connectdata *conn, int sockindex) } SSL_CTX_set_verify( - BACKEND->ctx, verifypeer ? SSL_VERIFY_PEER : SSL_VERIFY_NONE, NULL); + BACKEND->ctx, SSL_CONN_CONFIG(verifypeer) ? + SSL_VERIFY_PEER : SSL_VERIFY_NONE, NULL); - if(ssl_cafile || ssl_capath) { - if(!SSL_CTX_load_verify_locations(BACKEND->ctx, ssl_cafile, ssl_capath)) { - if(verifypeer) { + if(SSL_CONN_CONFIG(CAfile) || SSL_CONN_CONFIG(CApath)) { + if(!SSL_CTX_load_verify_locations(BACKEND->ctx, SSL_CONN_CONFIG(CAfile), + SSL_CONN_CONFIG(CApath))) { + if(SSL_CONN_CONFIG(verifypeer)) { failf(data, "error setting certificate verify locations:\n" " CAfile: %s\n CApath: %s", - ssl_cafile ? ssl_cafile : "none", - ssl_capath ? ssl_capath : "none"); + SSL_CONN_CONFIG(CAfile) ? + SSL_CONN_CONFIG(CAfile) : "none", + SSL_CONN_CONFIG(CApath) ? + SSL_CONN_CONFIG(CApath) : "none"); return CURLE_SSL_CACERT_BADFILE; } infof(data, - "error setting certificate verify locations," - " continuing anyway:\n"); + "error setting certificate verify locations," + " continuing anyway:\n"); } else { infof(data, "successfully set certificate verify locations:\n"); @@ -164,8 +176,32 @@ mesalink_connect_step1(struct connectdata *conn, int sockindex) infof(data, " CAfile: %s\n" " CApath: %s\n", - ssl_cafile ? ssl_cafile : "none", - ssl_capath ? ssl_capath : "none"); + SSL_CONN_CONFIG(CAfile)? + SSL_CONN_CONFIG(CAfile): "none", + SSL_CONN_CONFIG(CApath)? + SSL_CONN_CONFIG(CApath): "none"); + } + + if(SSL_SET_OPTION(cert) && SSL_SET_OPTION(key)) { + int file_type = do_file_type(SSL_SET_OPTION(cert_type)); + + if(SSL_CTX_use_certificate_chain_file(BACKEND->ctx, SSL_SET_OPTION(cert), + file_type) != 1) { + failf(data, "unable to use client certificate (no key or wrong pass" + " phrase?)"); + return CURLE_SSL_CONNECT_ERROR; + } + + file_type = do_file_type(SSL_SET_OPTION(key_type)); + if(SSL_CTX_use_PrivateKey_file(BACKEND->ctx, SSL_SET_OPTION(key), + file_type) != 1) { + failf(data, "unable to set private key"); + return CURLE_SSL_CONNECT_ERROR; + } + infof(data, + "client cert: %s\n", + SSL_CONN_CONFIG(clientcert)? + SSL_CONN_CONFIG(clientcert): "none"); } ciphers = SSL_CONN_CONFIG(cipher_list); diff --git a/libs/libcurl/src/vtls/nss.c b/libs/libcurl/src/vtls/nss.c index 482fd5e99a..435f3e93a1 100644 --- a/libs/libcurl/src/vtls/nss.c +++ b/libs/libcurl/src/vtls/nss.c @@ -1734,20 +1734,16 @@ static CURLcode nss_init_sslver(SSLVersionRange *sslver, CURLcode result; const long min = SSL_CONN_CONFIG(version); const long max = SSL_CONN_CONFIG(version_max); - - /* map CURL_SSLVERSION_DEFAULT to NSS default */ - if(min == CURL_SSLVERSION_DEFAULT || max == CURL_SSLVERSION_MAX_DEFAULT) { - /* map CURL_SSLVERSION_DEFAULT to NSS default */ - if(SSL_VersionRangeGetDefault(ssl_variant_stream, sslver) != SECSuccess) - return CURLE_SSL_CONNECT_ERROR; - /* ... but make sure we use at least TLSv1.0 according to libcurl API */ - if(sslver->min < SSL_LIBRARY_VERSION_TLS_1_0) - sslver->min = SSL_LIBRARY_VERSION_TLS_1_0; - } + SSLVersionRange vrange; switch(min) { case CURL_SSLVERSION_TLSv1: case CURL_SSLVERSION_DEFAULT: + /* Bump our minimum TLS version if NSS has stricter requirements. */ + if(SSL_VersionRangeGetDefault(ssl_variant_stream, &vrange) != SECSuccess) + return CURLE_SSL_CONNECT_ERROR; + if(sslver->min < vrange.min) + sslver->min = vrange.min; break; default: result = nss_sslver_from_curl(&sslver->min, min); diff --git a/libs/libcurl/src/vtls/openssl.c b/libs/libcurl/src/vtls/openssl.c index fb9f27123e..385f281793 100644 --- a/libs/libcurl/src/vtls/openssl.c +++ b/libs/libcurl/src/vtls/openssl.c @@ -25,11 +25,6 @@ * but vtls.c should ever call or use these functions. */ -/* - * The original SSLeay-using code for curl was written by Linas Vepstas and - * Sampo Kellomaki 1998. - */ - #include "curl_setup.h" #ifdef USE_OPENSSL @@ -396,7 +391,11 @@ static const char *SSL_ERROR_to_str(int err) */ static char *ossl_strerror(unsigned long error, char *buf, size_t size) { +#ifdef OPENSSL_IS_BORINGSSL + ERR_error_string_n((uint32_t)error, buf, size); +#else ERR_error_string_n(error, buf, size); +#endif return buf; } @@ -1534,8 +1533,13 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert) altnames = X509_get_ext_d2i(server_cert, NID_subject_alt_name, NULL, NULL); if(altnames) { +#ifdef OPENSSL_IS_BORINGSSL + size_t numalts; + size_t i; +#else int numalts; int i; +#endif bool dnsmatched = FALSE; bool ipmatched = FALSE; @@ -1565,11 +1569,10 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert) assumed that the data returned by ASN1_STRING_data() is null terminated or does not contain embedded nulls." But also that "The actual format of the data will depend on the actual string - type itself: for example for and IA5String the data will be ASCII" + type itself: for example for an IA5String the data will be ASCII" - Gisle researched the OpenSSL sources: - "I checked the 0.9.6 and 0.9.8 sources before my patch and - it always 0-terminates an IA5String." + It has been however verified that in 0.9.6 and 0.9.7, IA5String + is always zero-terminated. */ if((altlen == strlen(altptr)) && /* if this isn't true, there was an embedded zero in the name @@ -1633,8 +1636,7 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert) /* In OpenSSL 0.9.7d and earlier, ASN1_STRING_to_UTF8 fails if the input is already UTF-8 encoded. We check for this case and copy the raw string manually to avoid the problem. This code can be made - conditional in the future when OpenSSL has been fixed. Work-around - brought by Alexis S. L. Carvalho. */ + conditional in the future when OpenSSL has been fixed. */ if(tmp) { if(ASN1_STRING_type(tmp) == V_ASN1_UTF8STRING) { j = ASN1_STRING_length(tmp); @@ -2154,9 +2156,96 @@ get_ssl_version_txt(SSL *ssl) } #endif +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) /* 1.1.0 */ +static CURLcode +set_ssl_version_min_max(SSL_CTX *ctx, struct connectdata *conn) +{ + /* first, TLS min version... */ + long curl_ssl_version_min = SSL_CONN_CONFIG(version); + long curl_ssl_version_max; + + /* convert cURL min SSL version option to OpenSSL constant */ + long ossl_ssl_version_min = 0; + long ossl_ssl_version_max = 0; + switch(curl_ssl_version_min) { + case CURL_SSLVERSION_TLSv1: /* TLS 1.x */ + case CURL_SSLVERSION_TLSv1_0: + ossl_ssl_version_min = TLS1_VERSION; + break; + case CURL_SSLVERSION_TLSv1_1: + ossl_ssl_version_min = TLS1_1_VERSION; + break; + case CURL_SSLVERSION_TLSv1_2: + ossl_ssl_version_min = TLS1_2_VERSION; + break; +#ifdef TLS1_3_VERSION + case CURL_SSLVERSION_TLSv1_3: + ossl_ssl_version_min = TLS1_3_VERSION; + break; +#endif + } + + /* CURL_SSLVERSION_DEFAULT means that no option was selected. + We don't want to pass 0 to SSL_CTX_set_min_proto_version as + it would enable all versions down to the lowest supported by + the library. + So we skip this, and stay with the OS default + */ + if(curl_ssl_version_min != CURL_SSLVERSION_DEFAULT) { + if(!SSL_CTX_set_min_proto_version(ctx, ossl_ssl_version_min)) { + return CURLE_SSL_CONNECT_ERROR; + } + } + + /* ... then, TLS max version */ + curl_ssl_version_max = SSL_CONN_CONFIG(version_max); + + /* convert cURL max SSL version option to OpenSSL constant */ + ossl_ssl_version_max = 0; + switch(curl_ssl_version_max) { + case CURL_SSLVERSION_MAX_TLSv1_0: + ossl_ssl_version_max = TLS1_VERSION; + break; + case CURL_SSLVERSION_MAX_TLSv1_1: + ossl_ssl_version_max = TLS1_1_VERSION; + break; + case CURL_SSLVERSION_MAX_TLSv1_2: + ossl_ssl_version_max = TLS1_2_VERSION; + break; +#ifdef TLS1_3_VERSION + case CURL_SSLVERSION_MAX_TLSv1_3: + ossl_ssl_version_max = TLS1_3_VERSION; + break; +#endif + case CURL_SSLVERSION_MAX_NONE: /* none selected */ + case CURL_SSLVERSION_MAX_DEFAULT: /* max selected */ + default: + /* SSL_CTX_set_max_proto_version states that: + setting the maximum to 0 will enable + protocol versions up to the highest version + supported by the library */ + ossl_ssl_version_max = 0; + break; + } + + if(!SSL_CTX_set_max_proto_version(ctx, ossl_ssl_version_max)) { + return CURLE_SSL_CONNECT_ERROR; + } + + return CURLE_OK; +} +#endif + +#ifdef OPENSSL_IS_BORINGSSL +typedef uint32_t ctx_option_t; +#else +typedef long ctx_option_t; +#endif + +#if (OPENSSL_VERSION_NUMBER < 0x10100000L) /* 1.1.0 */ static CURLcode -set_ssl_version_min_max(long *ctx_options, struct connectdata *conn, - int sockindex) +set_ssl_version_min_max_legacy(ctx_option_t *ctx_options, + struct connectdata *conn, int sockindex) { #if (OPENSSL_VERSION_NUMBER < 0x1000100FL) || !defined(TLS1_3_VERSION) /* convoluted #if condition just to avoid compiler warnings on unused @@ -2228,6 +2317,7 @@ set_ssl_version_min_max(long *ctx_options, struct connectdata *conn, } return CURLE_OK; } +#endif /* The "new session" callback must return zero if the session can be removed * or non-zero if the session has been put into the session cache. @@ -2294,7 +2384,8 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) X509_LOOKUP *lookup = NULL; curl_socket_t sockfd = conn->sock[sockindex]; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - long ctx_options = 0; + ctx_option_t ctx_options = 0; + #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME bool sni; const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name : @@ -2457,48 +2548,66 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) #endif switch(ssl_version) { - case CURL_SSLVERSION_SSLv3: - ctx_options |= SSL_OP_NO_SSLv2; - ctx_options |= SSL_OP_NO_TLSv1; -#if OPENSSL_VERSION_NUMBER >= 0x1000100FL - ctx_options |= SSL_OP_NO_TLSv1_1; - ctx_options |= SSL_OP_NO_TLSv1_2; -#ifdef TLS1_3_VERSION - ctx_options |= SSL_OP_NO_TLSv1_3; -#endif + /* "--sslv2" option means SSLv2 only, disable all others */ + case CURL_SSLVERSION_SSLv2: +#if OPENSSL_VERSION_NUMBER >= 0x10100000L /* 1.1.0 */ + SSL_CTX_set_min_proto_version(BACKEND->ctx, SSL2_VERSION); + SSL_CTX_set_max_proto_version(BACKEND->ctx, SSL2_VERSION); +#else + ctx_options |= SSL_OP_NO_SSLv3; + ctx_options |= SSL_OP_NO_TLSv1; +# if OPENSSL_VERSION_NUMBER >= 0x1000100FL + ctx_options |= SSL_OP_NO_TLSv1_1; + ctx_options |= SSL_OP_NO_TLSv1_2; +# ifdef TLS1_3_VERSION + ctx_options |= SSL_OP_NO_TLSv1_3; +# endif +# endif #endif - break; - - case CURL_SSLVERSION_DEFAULT: - case CURL_SSLVERSION_TLSv1: - case CURL_SSLVERSION_TLSv1_0: - case CURL_SSLVERSION_TLSv1_1: - case CURL_SSLVERSION_TLSv1_2: - case CURL_SSLVERSION_TLSv1_3: - /* asking for any TLS version as the minimum, means no SSL versions - allowed */ - ctx_options |= SSL_OP_NO_SSLv2; - ctx_options |= SSL_OP_NO_SSLv3; - result = set_ssl_version_min_max(&ctx_options, conn, sockindex); - if(result != CURLE_OK) - return result; - break; + break; - case CURL_SSLVERSION_SSLv2: - ctx_options |= SSL_OP_NO_SSLv3; - ctx_options |= SSL_OP_NO_TLSv1; -#if OPENSSL_VERSION_NUMBER >= 0x1000100FL - ctx_options |= SSL_OP_NO_TLSv1_1; - ctx_options |= SSL_OP_NO_TLSv1_2; -#ifdef TLS1_3_VERSION - ctx_options |= SSL_OP_NO_TLSv1_3; + /* "--sslv3" option means SSLv3 only, disable all others */ + case CURL_SSLVERSION_SSLv3: +#if OPENSSL_VERSION_NUMBER >= 0x10100000L /* 1.1.0 */ + SSL_CTX_set_min_proto_version(BACKEND->ctx, SSL3_VERSION); + SSL_CTX_set_max_proto_version(BACKEND->ctx, SSL3_VERSION); +#else + ctx_options |= SSL_OP_NO_SSLv2; + ctx_options |= SSL_OP_NO_TLSv1; +# if OPENSSL_VERSION_NUMBER >= 0x1000100FL + ctx_options |= SSL_OP_NO_TLSv1_1; + ctx_options |= SSL_OP_NO_TLSv1_2; +# ifdef TLS1_3_VERSION + ctx_options |= SSL_OP_NO_TLSv1_3; +# endif +# endif #endif + break; + + /* "--tlsv<x.y>" options mean TLS >= version <x.y> */ + case CURL_SSLVERSION_DEFAULT: + case CURL_SSLVERSION_TLSv1: /* TLS >= version 1.0 */ + case CURL_SSLVERSION_TLSv1_0: /* TLS >= version 1.0 */ + case CURL_SSLVERSION_TLSv1_1: /* TLS >= version 1.1 */ + case CURL_SSLVERSION_TLSv1_2: /* TLS >= version 1.2 */ + case CURL_SSLVERSION_TLSv1_3: /* TLS >= version 1.3 */ + /* asking for any TLS version as the minimum, means no SSL versions + allowed */ + ctx_options |= SSL_OP_NO_SSLv2; + ctx_options |= SSL_OP_NO_SSLv3; + +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) /* 1.1.0 */ + result = set_ssl_version_min_max(BACKEND->ctx, conn); +#else + result = set_ssl_version_min_max_legacy(&ctx_options, conn, sockindex); #endif - break; + if(result != CURLE_OK) + return result; + break; - default: - failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION"); - return CURLE_SSL_CONNECT_ERROR; + default: + failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION"); + return CURLE_SSL_CONNECT_ERROR; } SSL_CTX_set_options(BACKEND->ctx, ctx_options); @@ -2654,11 +2763,11 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) } /* Try building a chain using issuers in the trusted store first to avoid - problems with server-sent legacy intermediates. - Newer versions of OpenSSL do alternate chain checking by default which - gives us the same fix without as much of a performance hit (slight), so we - prefer that if available. - https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest + problems with server-sent legacy intermediates. Newer versions of + OpenSSL do alternate chain checking by default which gives us the same + fix without as much of a performance hit (slight), so we prefer that if + available. + https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest */ #if defined(X509_V_FLAG_TRUSTED_FIRST) && !defined(X509_V_FLAG_NO_ALT_CHAINS) if(verifypeer) { @@ -3038,6 +3147,12 @@ static int X509V3_ext(struct Curl_easy *data, return 0; /* all is fine */ } +#ifdef OPENSSL_IS_BORINGSSL +typedef size_t numcert_t; +#else +typedef int numcert_t; +#endif + static CURLcode get_cert_chain(struct connectdata *conn, struct ssl_connect_data *connssl) @@ -3046,7 +3161,7 @@ static CURLcode get_cert_chain(struct connectdata *conn, STACK_OF(X509) *sk; int i; struct Curl_easy *data = conn->data; - int numcerts; + numcert_t numcerts; BIO *mem; sk = SSL_get_peer_cert_chain(BACKEND->handle); @@ -3056,14 +3171,14 @@ static CURLcode get_cert_chain(struct connectdata *conn, numcerts = sk_X509_num(sk); - result = Curl_ssl_init_certinfo(data, numcerts); + result = Curl_ssl_init_certinfo(data, (int)numcerts); if(result) { return result; } mem = BIO_new(BIO_s_mem()); - for(i = 0; i < numcerts; i++) { + for(i = 0; i < (int)numcerts; i++) { ASN1_INTEGER *num; X509 *x = sk_X509_value(sk, i); EVP_PKEY *pubkey = NULL; diff --git a/libs/libcurl/src/vtls/vtls.c b/libs/libcurl/src/vtls/vtls.c index 6a0e60fb6c..422819899e 100644 --- a/libs/libcurl/src/vtls/vtls.c +++ b/libs/libcurl/src/vtls/vtls.c @@ -515,14 +515,10 @@ void Curl_ssl_close_all(struct Curl_easy *data) #if defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \ defined(USE_SECTRANSP) || defined(USE_POLARSSL) || defined(USE_NSS) || \ defined(USE_MBEDTLS) || defined(USE_WOLFSSL) -int Curl_ssl_getsock(struct connectdata *conn, curl_socket_t *socks, - int numsocks) +int Curl_ssl_getsock(struct connectdata *conn, curl_socket_t *socks) { struct ssl_connect_data *connssl = &conn->ssl[FIRSTSOCKET]; - if(!numsocks) - return GETSOCK_BLANK; - if(connssl->connecting_state == ssl_connect_2_writing) { /* write mode */ socks[0] = conn->sock[FIRSTSOCKET]; @@ -538,12 +534,10 @@ int Curl_ssl_getsock(struct connectdata *conn, curl_socket_t *socks, } #else int Curl_ssl_getsock(struct connectdata *conn, - curl_socket_t *socks, - int numsocks) + curl_socket_t *socks) { (void)conn; (void)socks; - (void)numsocks; return GETSOCK_BLANK; } /* USE_OPENSSL || USE_GNUTLS || USE_SCHANNEL || USE_SECTRANSP || USE_NSS */ diff --git a/libs/libcurl/src/vtls/vtls.h b/libs/libcurl/src/vtls/vtls.h index 173d360de8..61d8416c29 100644 --- a/libs/libcurl/src/vtls/vtls.h +++ b/libs/libcurl/src/vtls/vtls.h @@ -143,8 +143,7 @@ bool Curl_ssl_config_matches(struct ssl_primary_config* data, bool Curl_clone_primary_ssl_config(struct ssl_primary_config *source, struct ssl_primary_config *dest); void Curl_free_primary_ssl_config(struct ssl_primary_config* sslc); -int Curl_ssl_getsock(struct connectdata *conn, curl_socket_t *socks, - int numsocks); +int Curl_ssl_getsock(struct connectdata *conn, curl_socket_t *socks); int Curl_ssl_backend(void); |