diff options
Diffstat (limited to 'libs/libcurl')
63 files changed, 1486 insertions, 1378 deletions
diff --git a/libs/libcurl/docs/CHANGES b/libs/libcurl/docs/CHANGES index 945a790b24..57280ebcc6 100644 --- a/libs/libcurl/docs/CHANGES +++ b/libs/libcurl/docs/CHANGES @@ -6,6 +6,919 @@ Changelog +Version 7.65.2 (17 Jul 2019) + +Daniel Stenberg (17 Jul 2019) +- RELEASE-NOTES: 7.65.2 + +- THANKS: add contributors from 7.65.2 + +Jay Satiro (17 Jul 2019) +- [aasivov brought this change] + + cmake: Fix finding Brotli on case-sensitive file systems + + - Find package "Brotli" instead of "BROTLI" since the former is the + casing used for CMake/FindBrotli.cmake, and otherwise find_package + may fail on a case-sensitive file system. + + Fixes https://github.com/curl/curl/issues/4117 + +- CURLOPT_RANGE.3: Caution against using it for HTTP PUT + + AFAICT CURLOPT_RANGE does not support ranged HTTP PUT uploads so I've + cautioned against using it for that purpose and included a workaround. + + Bug: https://curl.haxx.se/mail/lib-2019-04/0075.html + Reported-by: Christopher Head + + Closes https://github.com/curl/curl/issues/3814 + +- [Stefano Simonelli brought this change] + + CURLOPT_SEEKDATA.3: fix variable name + + Closes https://github.com/curl/curl/pull/4118 + +- [georgeok brought this change] + + CIPHERS.md: Explain Schannel error SEC_E_ALGORITHM_MISMATCH + + If the SSL backend is Schannel and the user specifies an Schannel CALG_ + that is not supported by the protocol or the server then curl returns + CURLE_SSL_CONNECT_ERROR (35) SEC_E_ALGORITHM_MISMATCH. + + Fixes https://github.com/curl/curl/issues/3389 + Closes https://github.com/curl/curl/pull/4106 + +- [Daniel Gustafsson brought this change] + + nss: inspect returnvalue of token check + + PK11_IsPresent() checks for the token for the given slot is available, + and sets needlogin flags for the PK11_Authenticate() call. Should it + return false, we should however treat it as an error and bail out. + + Closes https://github.com/curl/curl/pull/4110 + +- docs: Explain behavior change in --tlsv1. options since 7.54 + + Since 7.54 --tlsv1. options use the specified version or later, however + older versions of curl documented it as using just the specified version + which may or may not have happened depending on the TLS library. + Document this discrepancy to allay confusion for users familiar with the + old documentation that expect just the specified version. + + Fixes https://github.com/curl/curl/issues/4097 + Closes https://github.com/curl/curl/pull/4119 + +- libcurl: Restrict redirect schemes (follow-up) + + - Allow FTPS on redirect. + + - Update default allowed redirect protocols in documentation. + + Follow-up to 6080ea0. + + Ref: https://github.com/curl/curl/pull/4094 + + Closes https://github.com/curl/curl/pull/4115 + +Daniel Stenberg (16 Jul 2019) +- test1173: make it also check all libcurl option man pages + + ... and adjust those that cause errors + + Closes #4116 + +- curl: only accept COLUMNS less than 10000 + + ... as larger values would rather indicate something silly (and could + potentially cause buffer problems). + + Reported-by: pendrek at hackerone + Closes #4114 + +- dist: add manpage-syntax.pl + + follow-up to 7fb66c403 + +- test1173: detect some basic man page format mistakes + + Triggered by PR #4111 + + Closes #4113 + +Jay Satiro (15 Jul 2019) +- [Bjarni Ingi Gislason brought this change] + + docs: Fix missing lines caused by undefined macros + + - Escape apostrophes at line start. + + Some lines begin with a "'" (apostrophe, single quote), which is then + interpreted as a control character in *roff. + + Such lines are interpreted as being a call to a macro, and if + undefined, the lines are removed from the output. + + Bug: https://bugs.debian.org/926352 + Signed-off-by: Bjarni Ingi Gislason <bjarniig@rhi.hi.is> + + Submitted-by: Alessandro Ghedini + + Closes https://github.com/curl/curl/pull/4111 + +Daniel Stenberg (14 Jul 2019) +- libcurl-security.3: update to new CURLOPT_REDIR_PROTOCOLS defaults + + follow-up to 6080ea098 + +- [Linos Giannopoulos brought this change] + + libcurl: Add testcase for gopher redirects + + The testcase ensures that redirects to CURLPROTO_GOPHER won't be + allowed, by default, in the future. Also, curl is being used + for convenience while keeping the testcases DRY. + + The expected error code is CURLE_UNSUPPORTED_PROTOCOL when the client is + redirected to CURLPROTO_GOPHER + + Signed-off-by: Linos Giannopoulos <lgian@skroutz.gr> + +- [Linos Giannopoulos brought this change] + + libcurl: Restrict redirect schemes + + All protocols except for CURLPROTO_FILE/CURLPROTO_SMB and their TLS + counterpart were allowed for redirect. This vastly broadens the + exploitation surface in case of a vulnerability such as SSRF [1], where + libcurl-based clients are forced to make requests to arbitrary hosts. + + For instance, CURLPROTO_GOPHER can be used to smuggle any TCP-based + protocol by URL-encoding a payload in the URI. Gopher will open a TCP + connection and send the payload. + + Only HTTP/HTTPS and FTP are allowed. All other protocols have to be + explicitly enabled for redirects through CURLOPT_REDIR_PROTOCOLS. + + [1]: https://www.acunetix.com/blog/articles/server-side-request-forgery-vulnerability/ + + Signed-off-by: Linos Giannopoulos <lgian@skroutz.gr> + + Closes #4094 + +- [Zenju brought this change] + + openssl: define HAVE_SSL_GET_SHUTDOWN based on version number + + Closes #4100 + +- [Peter Simonyi brought this change] + + http: allow overriding timecond with custom header + + With CURLOPT_TIMECONDITION set, a header is automatically added (e.g. + If-Modified-Since). Allow this to be replaced or suppressed with + CURLOPT_HTTPHEADER. + + Fixes #4103 + Closes #4109 + +Jay Satiro (11 Jul 2019) +- [Juergen Hoetzel brought this change] + + smb: Use the correct error code for access denied on file open + + - Return CURLE_REMOTE_ACCESS_DENIED for SMB access denied on file open. + + Prior to this change CURLE_REMOTE_FILE_NOT_FOUND was returned instead. + + Closes https://github.com/curl/curl/pull/4095 + +- [Daniel Gustafsson brought this change] + + DEPRECATE: fixup versions and spelling + + Correctly set the July 17 version to 7.65.2, and update spelling to + be consistent. Also fix a typo. + + Closes https://github.com/curl/curl/pull/4107 + +- [Gisle Vanem brought this change] + + system_win32: fix clang warning + + - Declare variable in header as extern. + + Bug: https://github.com/curl/curl/commit/48b9ea4#commitcomment-34084597 + +Daniel Gustafsson (10 Jul 2019) +- headers: Remove no longer exported functions + + There were a leftover few prototypes of Curl_ functions that we used to + export but no longer do, this removes those prototypes and cleans up any + comments still referring to them. + + Curl_write32_le(), Curl_strcpy_url(), Curl_strlen_url(), Curl_up_free() + Curl_concat_url(), Curl_detach_connnection(), Curl_http_setup_conn() + were made static in 05b100aee247bb9bec8e9a1b0166496aa4248d1c. + Curl_http_perhapsrewind() made static in 574aecee208f79d391f10d57520b3. + + For the remainder, I didn't trawl the Git logs hard enough to capture + their exact time of deletion, but they were all gone: Curl_splayprint(), + Curl_http2_send_request(), Curl_global_host_cache_dtor(), + Curl_scan_cache_used(), Curl_hostcache_destroy(), Curl_second_connect(), + Curl_http_auth_stage() and Curl_close_connections(). + + Closes #4096 + Reviewed-by: Daniel Stenberg <daniel@haxx.se> + +- CMake: fix typos and spelling + +- [Kyle Edwards brought this change] + + CMake: Convert errant elseif() to else() + + CMake interprets an elseif() with no arguments as elseif(FALSE), + resulting in the elseif() block not being executed. That is not what + was intended here. Change the empty elseif() to an else() as it was + intended. + + Closes #4101 + Reported-by: Artalus <artalus-mail@yandex.ru> + Reviewed-by: Daniel Gustafsson <daniel@yesql.se> + +- buildconf: fix header filename + + The header file inclusion had a typo, it should be .h and not .hd. + Fix by renaming. + + Fixes #4102 + Reported-by: AceCrow on Github + +- [Jan Chren brought this change] + + configure: fix --disable-code-coverage + + This fixes the case when --disable-code-coverage supplied to ./configure + would result in coverage="yes" being set. + + Closes #4099 + Reviewed-by: Daniel Gustafsson <daniel@yesql.se> + +- cleanup: fix typo in comment + +- RELEASE-NOTES: synced + +Jay Satiro (6 Jul 2019) +- [Daniel Gustafsson brought this change] + + nss: support using libnss on macOS + + The file suffix for dynamically loadable objects on macOS is .dylib, + which need to be added for the module definitions in order to get the + NSS TLS backend to work properly on macOS. + + Closes https://github.com/curl/curl/pull/4046 + +- [Daniel Gustafsson brought this change] + + nss: don't set unused parameter + + The value of the maxPTDs parameter to PR_Init() has since at least + NSPR 2.1, which was released sometime in 1998, been marked ignored + as is accordingly not used in the initialization code. Setting it + to a value when calling PR_Init() is thus benign, but indicates an + intent which may be misleading. Reset the value to zero to improve + clarity. + + Closes https://github.com/curl/curl/pull/4054 + +- [Daniel Gustafsson brought this change] + + nss: only cache valid CRL entries + + Change the logic around such that we only keep CRLs that NSS actually + ended up caching around for later deletion. If CERT_CacheCRL() fails + then there is little point in delaying the freeing of the CRL as it + is not used. + + Closes https://github.com/curl/curl/pull/4053 + +- [Gergely Nagy brought this change] + + lib: Use UTF-8 encoding in comments + + Some editors and IDEs assume that source files use UTF-8 file encodings. + It also fixes the build with MSVC when /utf-8 command line option is + used (this option is mandatory for some other open-source projects, this + is useful when using the same options is desired for building all + libraries of a project). + + Closes https://github.com/curl/curl/pull/4087 + +- [Caleb Raitto brought this change] + + CURLOPT_HEADEROPT.3: Fix example + + Fix an issue where example builds a curl_slist, but fails to actually + use it, or free it. + + Closes https://github.com/curl/curl/pull/4090 + +- [Shankar Jadhavar brought this change] + + winbuild: Change Makefile to honor ENABLE_OPENSSL_AUTO_LOAD_CONFIG + + - Made changes so that ENABLE_OPENSSL_AUTO_LOAD_CONFIG will be honored. + + - Also removed some ^M chars from file. + + Prior to this change while building on Windows platform even if we pass + the ENABLE_OPENSSL_AUTO_LOAD_CONFIG option with value as "no" it does + not set the CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG flag. + + Closes https://github.com/curl/curl/pull/4086 + +Daniel Stenberg (4 Jul 2019) +- doh-url.d: added in 7.62.0 + +Jay Satiro (30 Jun 2019) +- docs: Fix links to OpenSSL docs + + OpenSSL changed their manual locations and does not redirect to the new + locations. + + Bug: https://curl.haxx.se/mail/lib-2019-06/0056.html + Reported-by: Daniel Stenberg + +Daniel Stenberg (26 Jun 2019) +- [Gaël PORTAY brought this change] + + curl_multi_wait.3: escape backslash in example + + The backslash in the character Line Feed must be escaped. + + The current man-page outputs the code as following: + + fprintf(stderr, "curl_multi failed, code %d.0, mc); + + The commit fixes it as follow: + + fprintf(stderr, "curl_multi failed, code %d\n", mc); + + Closes #4079 + +- openssl: disable engine if OPENSSL_NO_UI_CONSOLE is defined + + ... since that needs UI_OpenSSL() which isn't provided when OpenSSL is + built with OPENSSL_NO_UI_CONSOLE which happens when OpenSSL is built for + UWP (with "VC-WIN32-UWP"). + + Reported-by: Vasily Lobaskin + Fixes #4073 + Closes #4077 + +- test1521: adapt to SLISTPOINT + + The header now has the slist-using options marked as SLISTPOINT so this + makes sure test 1521 understands that. + + Follow-up to ae99b4de1c443ae989 + + Closes #4074 + +- win32: make DLL loading a no-op for UWP + + Reported-by: Michael Brehm + Fixes #4060 + Closes #4072 + +- [1ocalhost brought this change] + + configure: fix typo '--disable-http-uath' + + Closes #4076 + +- [Niklas Hambüchen brought this change] + + docs: fix string suggesting HTTP/2 is not the default + + Commit 25fd1057c9c86e3 made HTTP2 the default, and further down in the + man page that new default is mentioned, but the section at the top + contradicted it until now. + + Also remove claim that setting the HTTP version is not sensible. + + Closes #4075 + +- RELEASE-NOTES: synced + +- [Stephan Szabo brought this change] + + tests: update fixed IP for hostip/clientip split + + These tests give differences for me on linux when using a hostip + pointing to the external ip address for the local machine. + + Closes #4070 + +Daniel Gustafsson (24 Jun 2019) +- http: clarify header buffer size calculation + + The header buffer size calculation can from static analysis seem to + overlow as it performs an addition between two size_t variables and + stores the result in a size_t variable. Overflow is however guarded + against elsewhere since the input to the addition is regulated by + the maximum read buffer size. Clarify this with a comment since the + question was asked. + + Reviewed-by: Daniel Stenberg <daniel@haxx.se> + +Daniel Stenberg (24 Jun 2019) +- KNOWN_BUGS: Don't clear digest for single realm + + Closes #3267 + +- KNOWN_BUGS: Schannel disable CURLOPT_SSL_VERIFYPEER and verify hostname + + Closes #3284 + +- http2: call done_sending on end of upload + + To make sure a HTTP/2 stream registers the end of stream. + + Bug #4043 made me find this problem but this fix doesn't correct the + reported issue. + + Closes #4068 + +- [James Brown brought this change] + + c-ares: honor port numbers in CURLOPT_DNS_SERVERS + + By using ares_set_servers_ports_csv on new enough c-ares. + + Fixes #4066 + Closes #4067 + +Daniel Gustafsson (24 Jun 2019) +- CURLMOPT_SOCKETFUNCTION.3: fix typo + +Daniel Stenberg (24 Jun 2019) +- [Koen Dergent brought this change] + + curl: skip CURLOPT_PROXY_CAPATH for disabled-proxy builds + + Closes #4061 + +- test153: fix content-length to avoid occasional hang + + Closes #4065 + +- RELEASE-NOTES: synced + +- multi: enable multiplexing by default (again) + + It was originally made default in d7c4213bd0c (7.62.0) but mistakenly + reverted in commit 2f44e94efb3d (7.65.0). Now enabled again. + + Closes #4051 + +- typecheck: add 3 missing strings and a callback data pointer + + Closes #4050 + +- tests: add disable-scan.pl to dist + + follow-up from 29177f422a5 + + Closes #4059 + +- http2: don't call stream-close on already closed streams + + Closes #4055 + +Marcel Raad (20 Jun 2019) +- travis: enable alt-svc for coverage build + + Closes + +- travis: enable libssh2 for coverage build + + It was enabled by default before commit c92d2e14cfb. + + Disable torture tests 600 and 601 because of + https://github.com/curl/curl/issues/1678. + + Closes + +- travis: disable threaded resolver for coverage build + + This enables more tests. + + Closes + +- travis: enable brotli for all xenial jobs + + There's no need for a separate job, and no need to build it from source + with Xenial. + + Closes + +- travis: enable warnings-as-errors for coverage build + + Closes + +GitHub (20 Jun 2019) +- [Gisle Vanem brought this change] + + system_win32: fix typo + +Daniel Stenberg (20 Jun 2019) +- typecheck: CURLOPT_CONNECT_TO takes an slist too + + Additionally, add an alias in curl.h for slist-using options so that + we can grep/parse those out at will. + + Closes #4042 + +- [Stephan Szabo brought this change] + + tests: support non-localhost HOSTIP for dict/smb servers + + smbserver.py/dictserver.py were explicitly using localhost/127.0.0.1 for + binding the server which when we were running the tests with a separate + HOSTIP and CLIENTIP had failures verifying the server from the device we + were testing. + + This changes them to take the address from runtests.py and default to + localhost/127.0.0.1 if none is given. + + Closes #4048 + +- test1523: basic test of CURLOPT_LOW_SPEED_LIMIT + +- configure: --disable-progress-meter + + Builds libcurl without support for the built-in progress meter. + + Closes #4023 + +- curl: improved skip-setopt-options when built with disabled features + + Reduces #ifdefs in src/tool_operate.c + + Follow-up from 4e86f2fc4e6 + Closes #3936 + +Steve Holme (18 Jun 2019) +- netrc: Return the correct error code when out of memory + + Introduced in 763c5178. + + Closes #4036 + +Daniel Stenberg (18 Jun 2019) +- config-os400: add getpeername and getsockname defines + + Reported-by: jonrumsey on github + Fixes #4037 + Closes #4039 + +- runtests: keep logfiles around by default + + Make '-k' a no-op. The singletest function now clears the log directory + BEFORE each individual test and not after, which makes it possible to + always keep the logfiles around after a test has been run. No need to + specify -k anymore. Keeping the option parsing around to work with users + of old habits. + + Some tests also didn't work properly when -k was used (since the old + logs would be kep when a new test starts) which this change also fixes. + + Closes #4035 + +- [Gergely Nagy brought this change] + + openssl: fix pubkey/signature algorithm detection in certinfo + + Certinfo gives the same result for all OpenSSL versions. + Also made printing RSA pubkeys consistent with older versions. + + Reported-by: Michael Wallner + Fixes #3706 + Closes #4030 + +- conn_maxage: move the check to prune_dead_connections() + + ... and avoid the locking issue. + + Reported-by: Kunal Ekawde + Fixes #4029 + Closes #4032 + +- tests: have runtests figure out disabled features + + ... so that runtests can skip individual test cases that test features + that are explicitly disabled in this build. This new logic is intended + for disabled features that aren't otherwise easily visible through the + curl_version_info() or other API calls. + + tests/server/disabled is a newly built executable that will output a + list of disabled features. Outputs nothing for a default build. + + Closes #3950 + +- test188/189: fix Content-Length + + This cures the flaky test results + + Closes #4034 + +- [Thomas Gamper brought this change] + + winbuild: use WITH_PREFIX if given + + Closes #4031 + +Daniel Gustafsson (17 Jun 2019) +- openssl: remove outdated comment + + OpenSSL used to call exit(1) on syntax errors in OPENSSL_config(), + which is why we switched to CONF_modules_load_file() and introduced + a comment stating why. This behavior was however changed in OpenSSL + commit abdd677125f3a9e3082f8c5692203590fdb9b860, so remove the now + outdated and incorrect comment. The mentioned commit also declares + OPENSSL_config() deprecated so keep the current coding. + + Closes #4033 + Reviewed-by: Daniel Stenberg <daniel@haxx.se> + +Daniel Stenberg (16 Jun 2019) +- RELEASE-NOTES: synced + +Patrick Monnerat (16 Jun 2019) +- os400: make vsetopt() non-static as Curl_vsetopt() for os400 support. + + Use it in curl_easy_setopt_ccsid(). + + Reported-by: jonrumsey on github + Fixes #3833 + Closes #4028 + +Daniel Stenberg (15 Jun 2019) +- runtests: report single test time + total duration + + ... after each successful test. + + Closes #4027 + +- multi: fix the transfer hash function + + Follow-up from 8b987cc7eb + + Reported-by: Tom van der Woerdt + Fixes #4018 + Closes #4024 + +- unit1654: cleanup on memory failure + + ... to make it handle torture tests properly. + + Reported-by: Marcel Raad + Fixes #4021 + Closes #4022 + +Marcel Raad (13 Jun 2019) +- krb5: fix compiler warning + + Even though the variable was used in a DEBUGASSERT, GCC 8 warned in + debug mode: + krb5.c:324:17: error: unused variable 'maj' [-Werror=unused-variable] + + Just suppress the warning and declare the variable unconditionally + instead of only for DEBUGBUILD (which also missed the check for + HAVE_ASSERT_H). + + Closes https://github.com/curl/curl/pull/4020 + +Daniel Stenberg (13 Jun 2019) +- quote.d: asterisk prefix works for SFTP as well + + Reported-by: Ben Voris + Fixes #4017 + Closes #4019 + +- multi: fix the transfer hashes in the socket hash entries + + - The transfer hashes weren't using the correct keys so removing entries + failed. + + - Simplified the iteration logic over transfers sharing the same socket and + they now simply are set to expire and thus get handled in the "regular" + timer loop instead. + + Reported-by: Tom van der Woerdt + Fixes #4012 + Closes #4014 + +Jay Satiro (12 Jun 2019) +- [Cliff Crosland brought this change] + + url: Fix CURLOPT_MAXAGE_CONN time comparison + + Old connections are meant to expire from the connection cache after + CURLOPT_MAXAGE_CONN seconds. However, they actually expire after 1000x + that value. This occurs because a time value measured in milliseconds is + accidentally divided by 1M instead of by 1,000. + + Closes https://github.com/curl/curl/pull/4013 + +Daniel Stenberg (11 Jun 2019) +- test1165: verify that CURL_DISABLE_ symbols are in sync + + between configure.ac and source code. They should be possible to switch + on/off in configure AND be used in source code. + +- configure: remove CURL_DISABLE_TLS_SRP + + It isn't used by code so stop providing the define. + + Closes #4010 + +- Revert "cmake: add SMB to list of disabled protocols if HTTP_ONLY is specified" + + This reverts commit 36738caeb78603ce24e3ea089a167b8c216fb938. + + Apparently several of the appveyor windows builds broke. + +- [sergey-raevskiy brought this change] + + cmake: add SMB to list of disabled protocols if HTTP_ONLY is specified + + Reviewed-by: Jakub Zakrzewski + Closes #3770 + +- RELEASE-NOTES: synced + +- http2: remove CURL_DISABLE_TYPECHECK define + + ... in http2-less builds as it served no use. + +- configure: more --disable switches to toggle off individual features + + ... actual support in the code for disabling these has already landed. + + Closes #4009 + +- wolfssl: fix key pinning build error + + follow-up from deb9462ff2de8 + +- CURLMOPT_SOCKETFUNCTION.3: clarified + + Moved away the callback explanation from curl_multi_socket_action.3 and + expanded it somewhat. + + Closes #4006 + +- wolfssl: fixup for SNI use + + follow-up from deb9462ff2de8 + + Closes #4007 + +- CURLOPT_CAINFO.3: polished wording + + Clarify the functionality when built to use Schannel and Secure + Transport and stop calling it the "recommended" or "preferred" way and + instead rather call it the default. + + Removed the reference to the ssl comparison table as it isn't necessary. + + Reported-by: Richard Alcock + Bug: https://curl.haxx.se/mail/lib-2019-06/0019.html + Closes #4005 + +GitHub (10 Jun 2019) +- [Daniel Stenberg brought this change] + + SECURITY.md: created + + Brief security policy description for use/display on github. + +Daniel Gustafsson (10 Jun 2019) +- tool_cb_prg: Fix integer overflow in progress bar + + Commit 61faa0b420c236480bc9ef6fd52b4ecc1e0f8d17 fixed the progress bar + width calculation to avoid integer overflow, but failed to account for + the fact that initial_size is initialized to -1 when the file size is + retrieved from the remote on an upload, causing another signed integer + overflow. Fix by separately checking for this case before the width + calculation. + + Closes #3984 + Reported-by: Brian Carpenter (Geeknik Labs) + Reviewed-by: Daniel Stenberg <daniel@haxx.se> + +Daniel Stenberg (10 Jun 2019) +- wolfssl: refer to it as wolfSSL only + + Remove support for, references to and use of "cyaSSL" from the source + and docs. wolfSSL is the current name and there's no point in keeping + references to ancient history. + + Assisted-by: Daniel Gustafsson + + Closes #3903 + +- RELEASE-NOTES: synced + +- bindlocal: detect and avoid IP version mismatches in bind() + + Reported-by: Alex Grebenschikov + Fixes #3993 + Closes #4002 + +- multi: make sure 'data' can present in several sockhash entries + + Since more than one socket can be used by each transfer at a given time, + each sockhash entry how has its own hash table with transfers using that + socket. + + In addition, the sockhash entry can now be marked 'blocked = TRUE'" + which then makes the delete function just set 'removed = TRUE' instead + of removing it "for real", as a way to not rip out the carpet under the + feet of a parent function that iterates over the transfers of that same + sockhash entry. + + Reported-by: Tom van der Woerdt + Fixes #3961 + Fixes #3986 + Fixes #3995 + Fixes #4004 + Closes #3997 + +- [Sorcus brought this change] + + libcurl-tutorial.3: Fix small typo (mutipart -> multipart) + + Fixed-by: MrSorcus on github + Closes #4000 + +- unpause: trigger a timeout for event-based transfers + + ... so that timeouts or other state machine actions get going again + after a changing pause state. For example, if the last delivery was + paused there's no pending socket activity. + + Reported-by: sstruchtrup on github + Fixes #3994 + Closes #4001 + +Marcel Raad (9 Jun 2019) +- travis: use xenial LLVM package for scan-build + + I missed that in commit 99a49d6. + +- travis: update scan-build job to xenial + + Closes https://github.com/curl/curl/pull/3999 + +Daniel Stenberg (8 Jun 2019) +- bump: start working on 7.65.2 + +Marcel Raad (5 Jun 2019) +- examples/htmltitle: use C++ casts between pointer types + + Compilers and static analyzers warn about using C-style casts here. + + Closes https://github.com/curl/curl/pull/3975 + +- examples/fopen: fix comparison + + As want is size_t, (file->buffer_pos - want) is unsigned, so checking + if it's less than zero makes no sense. + Check if file->buffer_pos is less than want instead to avoid the + unsigned integer wraparound. + + Closes https://github.com/curl/curl/pull/3975 + +- build: fix Codacy warnings + + Reduce variable scopes and remove redundant variable stores. + + Closes https://github.com/curl/curl/pull/3975 + +- sws: remove unused variables + + Unused since commit 2f44e94. + + Closes https://github.com/curl/curl/pull/3975 + Version 7.65.1 (4 Jun 2019) Daniel Stenberg (4 Jun 2019) @@ -7122,791 +8035,3 @@ Daniel Stenberg (16 Sep 2018) the error-paths and their cleanups easier. Closes #2992 - -- http2: fix memory leaks on error-path - -- [Rikard Falkeborn brought this change] - - libtest: Add chkdecimalpoint to .gitignore - - Closes #2998 - -Viktor Szakats (14 Sep 2018) -- secure Openwall URLs - -Daniel Stenberg (14 Sep 2018) -- openssl: show "proper" version number for libressl builds - - Closes #2989 - -- [Rainer Jung brought this change] - - openssl: assume engine support in 0.9.8 or later - - Fixes #2983 - Closes #2988 - -Daniel Gustafsson (13 Sep 2018) -- sendf: use failf() rather than Curl_failf() - - The failf() macro is the name used for invoking Curl_failf(). While - there isn't a way to turn off failf like there is for infof, but it's - still a good idea to use the macro. - - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -- sendf: Fix whitespace in infof/failf concatenation - - Strings broken on multiple rows in the .c file need to have appropriate - whitespace padding on either side of the concatenation point to render - a correct amalgamated string. Fix by adding a space at the occurrences - found. - - Closes #2986 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -- krb5: fix memory leak in krb_auth - - The FTP command allocated by aprintf() must be freed after usage. - - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -- ftp: include command in Curl_ftpsend sendbuffer - - Commit 8238ba9c5f10414a88f502bf3f5d5a42d632984c inadvertently removed - the actual command to be sent from the send buffer in a refactoring. - Add back copying the command into the buffer. Also add more guards - against malformed input while at it. - - Closes #2985 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -- ntlm_wb: Fix memory leaks in ntlm_wb_response - - When erroring out on a request being too large, the existing buffer was - leaked. Fix by explicitly freeing on the way out. - - Closes #2966 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -Daniel Stenberg (13 Sep 2018) -- [Yiming Jing brought this change] - - travis: build the MesaLink vtls backend with MesaLink 0.7.1 - -- [Yiming Jing brought this change] - - runtests.pl: run tests against the MesaLink vtls backend - -- [Yiming Jing brought this change] - - vtls: add a MesaLink vtls backend - - Closes #2984 - -- [Yiming Jing brought this change] - - configure.ac: add a MesaLink vtls backend - -- [Dave Reisner brought this change] - - curl_url_set.3: properly escape \n in example code - - This yields - - "the scheme is %s\n" - - instead of - - "the scheme is %s0 - - Closes #2970 - -- [Dave Reisner brought this change] - - curl_url_set.3: fix typo in reference to CURLU_APPENDQUERY - -- urlglob: improve error message - - to help user understand what the problem is - - Reported-by: Daniel Shahaf - - Fixes #2763 - Closes #2977 - -- [Yiming Jing brought this change] - - tests/certs: rebuild certs with 2048-bit RSA keys - - The previous test certificates contained RSA keys of only 1024 bits. - However, RSA claims that 1024-bit RSA keys are likely to become - crackable some time before 2010. The NIST recommends at least 2048-bit - keys for RSA for now. - - Better use full 2048 also for testing. - - Closes #2973 - -Daniel Gustafsson (12 Sep 2018) -- TODO: fix typo in item - - Closes #2968 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -Marcel Raad (12 Sep 2018) -- anyauthput: fix compiler warning on 64-bit Windows - - On Windows, the read function from <io.h> is used, which has its byte - count parameter as unsigned int instead of size_t. - - Closes https://github.com/curl/curl/pull/2972 - -Viktor Szakats (12 Sep 2018) -- lib: fix gcc8 warning on Windows - - Closes https://github.com/curl/curl/pull/2979 - -Jay Satiro (12 Sep 2018) -- openssl: fix gcc8 warning - - - Use memcpy instead of strncpy to copy a string without termination, - since gcc8 warns about using strncpy to copy as many bytes from a - string as its length. - - Suggested-by: Viktor Szakats - - Closes https://github.com/curl/curl/issues/2980 - -Daniel Stenberg (10 Sep 2018) -- libcurl-url.3: overview man page for the URL API - - Closes #2967 - -- example/asiohiper: insert warning comment about its status - - This example is simply not working correctly but there's nobody around - with the skills and energy to fix it. - - Closes #2407 - -Kamil Dudka (10 Sep 2018) -- docs/cmdline-opts: update the documentation of --tlsv1.0 - - ... to reflect the changes in 6015cefb1b2cfde4b4850121c42405275e5e77d9 - - Closes #2955 - -- docs/examples: do not wait when no transfers are running - - Closes #2948 - -Daniel Stenberg (10 Sep 2018) -- [Daniel Gustafsson brought this change] - - cookies: Move failure case label to end of function - - Rather than jumping backwards to where failure cleanup happens - to be performed, move the failure case to end of the function - where it is expected per existing coding convention. - - Closes #2965 - -- [Daniel Gustafsson brought this change] - - misc: fix typos in comments - - Closes #2963 - -- [Daniel Gustafsson brought this change] - - cookies: fix leak when writing cookies to file - - If the formatting fails, we error out on a fatal error and - clean up on the way out. The array was however freed within - the wrong scope and was thus never freed in case the cookies - were written to a file instead of STDOUT. - - Closes #2957 - -- [Daniel Gustafsson brought this change] - - cookies: Remove redundant expired check - - Expired cookies have already been purged at a later expiration time - before this check, so remove the redundant check. - - closes #2962 - -- ntlm_wb: bail out if the response gets overly large - - Exit the realloc() loop if the response turns out ridiculously large to - avoid worse problems. - - Reported-by: Harry Sintonen - Closes #2959 - -- [Daniel Gustafsson brought this change] - - url.c: fix comment typo and indentation - - Closes #2960 - -- urlapi: avoid derefencing a possible NULL pointer - - Coverity CID 1439134 - -- RELEASE-NOTES: synced - -Marcel Raad (8 Sep 2018) -- test324: fix after 3f3b26d6feb0667714902e836af608094235fca2 - - The expected error code is now 60. 51 is dead. - -Daniel Stenberg (8 Sep 2018) -- curl_url_set.3: correct description - -- curl_url-docs: fix AVAILABILITY as Added in curl 7.62.0 - -- URL-API - - See header file and man pages for API. All documented API details work - and are tested in the 1560 test case. - - Closes #2842 - -- curl_easy_upkeep: removed 'conn' from the name - - ... including the associated option. - - Fixes #2951 - Closes #2952 - -- [Max Dymond brought this change] - - upkeep: add a connection upkeep API: curl_easy_conn_upkeep() - - Add functionality so that protocols can do custom keepalive on their - connections, when an external API function is called. - - Add docs for the new options in 7.62.0 - - Closes #1641 - -- [Philipp Waehnert brought this change] - - configure: add option to disable automatic OpenSSL config loading - - Sometimes it may be considered a security risk to load an external - OpenSSL configuration automatically inside curl_global_init(). The - configuration option --disable-ssl-auto-load-config disables this - automatism. The Windows build scripts winbuild/Makefile.vs provide a - corresponding option ENABLE_SSL_AUTO_LOAD_CONFIG accepting a boolean - value. - - Setting neither of these options corresponds to the previous behavior - loading the external OpenSSL configuration automatically. - - Fixes #2724 - Closes #2791 - -- doh: minor edits to please Coverity - - The gcc typecheck macros and coverity combined made it warn on the 2nd - argument for ERROR_CHECK_SETOPT(). Here's minor rearrange to please it. - - Coverity CID 1439115 and CID 1439114. - -- schannel: avoid switch-cases that go to default anyway - - SEC_E_APPLICATION_PROTOCOL_MISMATCH isn't defined in some versions of - mingw and would require an ifdef otherwise. - - Reported-by: Thomas Glanzmann - Approved-by: Marc Hörsken - Bug: https://curl.haxx.se/mail/lib-2018-09/0020.html - Closes #2950 - -- [Nicklas Avén brought this change] - - imap: change from "FETCH" to "UID FETCH" - - ... and add "MAILINDEX". - - As described in #2789, this is a suggested solution. Changing UID=xx to - actually get mail with UID xx and add "MAILINDEX" to get a mail with a - special index in the mail box (old behavior). So MAILINDEX=1 gives the - first non deleted mail in the mail box. - - Fixes #2789 - Closes #2815 - -- CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size - - This is step 3 of #2888. - - Fixes #2888 - Closes #2896 - -- travis: add the DOH tests to the torture testing - -- DOH: add test case 1650 and 2100 - -- curl: --doh-url added - -- setopt: add CURLOPT_DOH_URL - - Closes #2668 - -- [Han Han brought this change] - - ssl: deprecate CURLE_SSL_CACERT in favour of a unified error code - - Long live CURLE_PEER_FAILED_VERIFICATION - -- [Han Han brought this change] - - x509asn1: return CURLE_PEER_FAILED_VERIFICATION on failure to parse cert - - CURLE_PEER_FAILED_VERIFICATION makes more sense because Curl_parseX509 - does not allocate memory internally as its first argument is a pointer - to the certificate structure. The same error code is also returned by - Curl_verifyhost when its call to Curl_parseX509 fails so the change - makes error handling more consistent. - -- [Han Han brought this change] - - openssl: return CURLE_PEER_FAILED_VERIFICATION on failure to parse issuer - - Failure to extract the issuer name from the server certificate should - return a more specific error code like on other TLS backends. - -- [Han Han brought this change] - - schannel: unified error code handling - - Closes #2901 - -- [Han Han brought this change] - - darwinssl: more specific and unified error codes - - Closes #2901 - -- CURLOPT_DNS_USE_GLOBAL_CACHE: deprecated - - Disable the CURLOPT_DNS_USE_GLOBAL_CACHE option and mark it for - deprecation and complete removal in six months. - - Bug: https://curl.haxx.se/mail/lib-2018-09/0010.html - Closes #2942 - -- url: default to CURL_HTTP_VERSION_2TLS if built h2-enabled - - Closes #2709 - -- multiplex: enable by default - - Starting 7.62.0, multiplexing is enabled by default in multi handles. - -- [Jim Fuller brought this change] - - tests: add unit tests for url.c - - Approved-by: Daniel Gustafsson - Closes #2937 - -- test1452: mark as flaky - - makes it not run in the CI builds - - Closes #2941 - -- pipelining: deprecated - - Transparently. The related curl_multi_setopt() options all still returns - OK when pipelining is selected. - - To re-enable the support, the single line change in lib/multi.c needs to - be reverted. - - See docs/DEPRECATE.md - - Closes #2705 - -- RELEASE-NOTES: start working on 7.62.0 - -Version 7.61.1 (4 Sep 2018) - -Daniel Stenberg (4 Sep 2018) -- THANKS: 7.61.1 status - -- RELEASE-NOTES: 7.61.1 - -- Curl_getoff_all_pipelines: ignore unused return values - - Since scan-build would warn on the dead "Dead store/Dead increment" - -Viktor Szakats (4 Sep 2018) -- sftp: fix indentation - -Daniel Stenberg (4 Sep 2018) -- [PrzemysÅ‚aw Tomaszewski brought this change] - - sftp: don't send post-qoute sequence when retrying a connection - - Fixes #2939 - Closes #2940 - -Kamil Dudka (3 Sep 2018) -- url, vtls: make CURLOPT{,_PROXY}_TLS13_CIPHERS work - - This is a follow-up to PR #2607 and PR #2926. - - Closes #2936 - -Daniel Stenberg (3 Sep 2018) -- [Jay Satiro brought this change] - - tool_operate: Add http code 408 to transient list for --retry - - - Treat 408 request timeout as transient so that curl will retry the - request if --retry was used. - - Closes #2925 - -- [Jay Satiro brought this change] - - openssl: Fix setting TLS 1.3 cipher suites - - The flag indicating TLS 1.3 cipher support in the OpenSSL backend was - missing. - - Bug: https://github.com/curl/curl/pull/2607#issuecomment-417283187 - Reported-by: Kamil Dudka - - Closes #2926 - -- Curl_ntlm_core_mk_nt_hash: return error on too long password - - ... since it would cause an integer overflow if longer than (max size_t - / 2). - - This is CVE-2018-14618 - - Bug: https://curl.haxx.se/docs/CVE-2018-14618.html - Closes #2756 - Reported-by: Zhaoyang Wu - -- [Rikard Falkeborn brought this change] - - http2: Use correct format identifier for stream_id - - Closes #2928 - -Marcel Raad (2 Sep 2018) -- test1148: fix precheck output - - "precheck command error" is not very helpful. - -Daniel Stenberg (1 Sep 2018) -- all: s/int/size_t cleanup - - Assisted-by: Rikard Falkeborn - - Closes #2922 - -- ssh-libssh: use FALLTHROUGH to silence gcc8 - -Jay Satiro (31 Aug 2018) -- tool_operate: Fix setting proxy TLS 1.3 ciphers - -Daniel Stenberg (31 Aug 2018) -- [Daniel Gustafsson brought this change] - - cookies: support creation-time attribute for cookies - - According to RFC6265 section 5.4, cookies with equal path lengths - SHOULD be sorted by creation-time (earlier first). This adds a - creation-time record to the cookie struct in order to make cookie - sorting more deterministic. The creation-time is defined as the - order of the cookies in the jar, the first cookie read fro the - jar being the oldest. The creation-time is thus not serialized - into the jar. Also remove the strcmp() matching in the sorting as - there is no lexicographic ordering in RFC6265. Existing tests are - updated to match. - - Closes #2524 - -Marcel Raad (31 Aug 2018) -- Don't use Windows path %PWD for SSH tests - - All these tests failed on Windows because something like - sftp://%HOSTIP:%SSHPORT%PWD/ - expanded to - sftp://127.0.0.1:1234c:/msys64/home/bla/curl - and then curl complained about the port number ending with a letter. - - Use the original POSIX path instead of the Windows path created in - checksystem to fix this. - - Closes https://github.com/curl/curl/pull/2920 - -Jay Satiro (29 Aug 2018) -- CURLOPT_SSL_CTX_FUNCTION.3: clarify connection reuse warning - - Reported-by: Daniel Stenberg - - Closes https://github.com/curl/curl/issues/2916 - -Daniel Stenberg (28 Aug 2018) -- THANKS-filter: dedup Daniel JeliÅ„ski - -- RELEASE-NOTES: synced - -- CURLOPT_ACCEPT_ENCODING.3: list them comma-separated [ci skip] - -- CURLOPT_SSL_CTX_FUNCTION.3: might cause unintended connection reuse [ci skip] - - Added a warning! - - Closes #2915 - -- curl: fix time-of-check, time-of-use race in dir creation - - Patch-by: Jay Satiro - Detected by Coverity - Fixes #2739 - Closes #2912 - -- cmdline-opts/page-footer: fix edit mistake - - There was a missing newline. - - follow-up to a7ba60bb7250 - -- docs: clarify NO_PROXY env variable functionality - - Reported-by: Kirill Marchuk - Fixes #2773 - Closes #2911 - -Marcel Raad (24 Aug 2018) -- lib1522: fix curl_easy_setopt argument type - - CURLOPT_POSTFIELDSIZE is a long option. - -- curl_threads: silence bad-function-cast warning - - As uintptr_t and HANDLE are always the same size, this warning is - harmless. Just silence it using an intermediate uintptr_t variable. - - Closes https://github.com/curl/curl/pull/2908 - -Daniel Stenberg (24 Aug 2018) -- README: add appveyor build badge [ci skip] - - Closes #2913 - -- [Ihor Karpenko brought this change] - - schannel: client certificate store opening fix - - 1) Using CERT_STORE_OPEN_EXISTING_FLAG ( or CERT_STORE_READONLY_FLAG ) - while opening certificate store would be sufficient in this scenario and - less-demanding in sense of required user credentials ( for example, - IIS_IUSRS will get "Access Denied" 0x05 error for existing CertOpenStore - call without any of flags mentioned above ), - - 2) as 'cert_store_name' is a DWORD, attempt to format its value like a - string ( in "Failed to open cert store" error message ) will throw null - pointer exception - - 3) adding GetLastError(), in my opinion, will make error message more - useful. - - Bug: https://curl.haxx.se/mail/lib-2018-08/0198.html - - Closes #2909 - -- [Leonardo Taccari brought this change] - - gopher: Do not translate `?' to `%09' - - Since GOPHER support was added in curl `?' character was automatically - translated to `%09' (`\t'). - - However, this behaviour does not seems documented in RFC 4266 and for - search selectors it is documented to directly use `%09' in the URL. - Apart that several gopher servers in the current gopherspace have CGI - support where `?' is used as part of the selector and translating it to - `%09' often leads to surprising results. - - Closes #2910 - -Marcel Raad (23 Aug 2018) -- cookie tests: treat files as text - - Fixes test failures because of wrong line endings on Windows. - -Daniel Stenberg (23 Aug 2018) -- libcurl-thread.3: expand somewhat on the NO_SIGNAL motivation - - Multi-threaded applictions basically MUST set CURLOPT_NO_SIGNAL to 1L to - avoid the risk of getting a SIGPIPE. - - Either way, a multi-threaded application that uses libcurl/openssl needs - to have a signhandler for or ignore SIGPIPE on its own. - - Based on discussions in #2800 - Closes #2904 - -- RELEASE-NOTES: synced - -Marcel Raad (22 Aug 2018) -- Tests: fixes for Windows - - - test 1268 requires unix sockets - - test 2072 must be disabled also for MSYS/MinGW - -Daniel Stenberg (22 Aug 2018) -- http2: abort the send_callback if not setup yet - - When Curl_http2_done() gets called before the http2 data is setup all - the way, we cannot send anything and this should just return an error. - - Detected by OSS-Fuzz - Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10012 - -- http2: remove four unused nghttp2 callbacks - - Closes #2903 - -- x509asn1: use FALLTHROUGH - - ... as no other comments are accepted since 014ed7c22f51463 - -Marcel Raad (21 Aug 2018) -- test1148: disable if decimal separator is not point - - Modifying the locale with environment variables doesn't work for native - Windows applications. Just disable the test in this case if the decimal - separator is something different than a point. Use a precheck with a - small C program to achieve that. - - Closes https://github.com/curl/curl/pull/2786 - -- Enable more GCC warnings - - This enables the following additional warnings: - -Wold-style-definition - -Warray-bounds=2 instead of the default 1 - -Wformat=2, but only for GCC 4.8+ as Wno-format-nonliteral is not - respected for older versions - -Wunused-const-variable, which enables level 2 instead of the default 1 - -Warray-bounds also in debug mode through -ftree-vrp - -Wnull-dereference also in debug mode through - -fdelete-null-pointer-checks - - Closes https://github.com/curl/curl/pull/2747 - -- curl-compilers: enable -Wimplicit-fallthrough=4 for GCC - - This enables level 4 instead of the default level 3, which of the - currently used comments only allows /* FALLTHROUGH */ to silence the - warning. - - Closes https://github.com/curl/curl/pull/2747 - -- curl-compilers: enable -Wbad-function-cast on GCC - - This warning used to be enabled only for clang as it's a bit stricter - on GCC. Silence the remaining occurrences and enable it on GCC too. - - Closes https://github.com/curl/curl/pull/2747 - -- configure: conditionally enable pedantic-errors - - Enable pedantic-errors for GCC >= 5 with --enable-werror. Before GCC 5, - pedantic-errors was synonymous to -Werror=pedantic [0], which is still - the case for clang [1]. With GCC 5, it became complementary [2]. - - Also fix a resulting error in acinclude.m4 as main's return type was - missing, which is illegal in C99. - - [0] https://gcc.gnu.org/onlinedocs/gcc-4.9.0/gcc/Warning-Options.html - [1] https://clang.llvm.org/docs/UsersManual.html#options-to-control-error-and-warning-messages - [2] https://gcc.gnu.org/onlinedocs/gcc-5.1.0/gcc/Warning-Options.html - - Closes https://github.com/curl/curl/pull/2747 - -- Remove unused definitions - - Closes https://github.com/curl/curl/pull/2747 - -Daniel Stenberg (21 Aug 2018) -- x509asn1: make several functions static - - and remove the private SIZE_T_MAX define and use the generic one. - - Closes #2902 - -- INTERNALS: require GnuTLS >= 2.11.3 - - Since the public pinning support was brought in e644866caf4. GnuTLS - 2.11.3 was released in October 2010. - - Figured out in #2890 - -- http2: avoid set_stream_user_data() before stream is assigned - - ... before the stream is started, we have it set to -1. - - Fixes #2894 - Closes #2898 - -- SSLCERTS: improve the openssl command line - - ... for extracting certs from a live HTTPS server to make a cacerts.pem - from them. - -- docs/SECURITY-PROCESS: now we name the files after the CVE id - -- RELEASE-NOTES: synced - -- upload: change default UPLOAD_BUFSIZE to 64KB - - To make uploads significantly faster in some circumstances. - - Part 2 of #2888 - Closes #2892 - -- upload: allocate upload buffer on-demand - - Saves 16KB on the easy handle for operations that don't need that - buffer. - - Part 1 of #2888 - -- [Laurent Bonnans brought this change] - - vtls: reinstantiate engine on duplicated handles - - Handles created with curl_easy_duphandle do not use the SSL engine set - up in the original handle. This fixes the issue by storing the engine - name in the internal url state and setting the engine from its name - inside curl_easy_duphandle. - - Reported-by: Anton Gerasimov - Signed-of-by: Laurent Bonnans - Fixes #2829 - Closes #2833 - -- http2: make sure to send after RST_STREAM - - If this is the last stream on this connection, the RST_STREAM might not - get pushed to the wire otherwise. - - Fixes #2882 - Closes #2887 - Researched-by: Michael Kaufmann diff --git a/libs/libcurl/docs/THANKS b/libs/libcurl/docs/THANKS index ef4d7a3c65..16c3c378ee 100644 --- a/libs/libcurl/docs/THANKS +++ b/libs/libcurl/docs/THANKS @@ -6,11 +6,13 @@ "Captain Basil" "Spoon Man" +1ocalhost on github Aaro Koskinen Aaron Oneal Aaron Orenstein Aaron Scarisbrick Abram Pousada +AceCrow on Github Adam Barclay Adam Brown Adam Coyne @@ -47,6 +49,7 @@ Alex Baines Alex Bligh Alex Chan Alex Fishman +Alex Grebenschikov Alex Gruz Alex Malinovich Alex McLellan @@ -182,6 +185,7 @@ Ben Kohler Ben Madsen Ben Noordhuis Ben Van Hof +Ben Voris Ben Winslow Benbuck Nason Benjamin Gerard @@ -208,6 +212,7 @@ Bill Hoffman Bill Middlecamp Bill Nagel Bill Pyne +Bjarni Ingi Gislason Bjoern Sikora Bjorn Augustsson Bjorn Reese @@ -249,6 +254,7 @@ Bruno de Carvalho Bryan Henderson Bryan Kemp Byrial Jensen +Caleb Raitto Cameron Kaiser Cameron MacMinn Camille Moncelier @@ -305,6 +311,7 @@ Claes Jakobsson Clarence Gardner Claudio Neves Clemens Gruber +Cliff Crosland Clifford Wolf Clint Clayton Cody Jones @@ -752,6 +759,7 @@ Jamie Lokier Jamie Newton Jamie Wilkinson Jan Alexander Steffens +Jan Chren Jan Ehrhardt Jan Koen Annot Jan Kunder @@ -908,6 +916,7 @@ Juan F. Codagnone Juan Ignacio Hervás Juan RP Judson Bishop +Juergen Hoetzel Juergen Wilke Jukka Pihl Julian Noble @@ -974,6 +983,7 @@ Kjetil Jacobsen Klaus Stein Klevtsov Vadim Kobi Gurkan +Koen Dergent Konstantin Isakov Konstantin Kushnir Kris Kennaway @@ -985,6 +995,7 @@ Kristiyan Tsaklev Kristoffer Gleditsch Kunal Ekawde Kurt Fankhauser +Kyle Edwards Kyle J. McKay Kyle L. Huff Kyle Sallee @@ -1026,6 +1037,7 @@ Lijo Antony Linas Vepstas Lindley French Ling Thio +Linos Giannopoulos Linus Lewandowski Linus Nielsen Feltzing Linus Nordberg @@ -1179,6 +1191,7 @@ Mert YazıcıoÄŸlu Mettgut Jamalla Michael Anti Michael Benedict +Michael Brehm Michael Calmer Michael Cronenworth Michael Curtis @@ -1243,6 +1256,7 @@ Mohammad AlSaleh Mohun Biswas Mostyn Bramley-Moore Moti Avrahami +MrSorcus on github Muz Dima Myk Taylor NTMan on Github @@ -1279,6 +1293,7 @@ Niels van Tongeren Nikita Schmidt Nikitinskit Dmitriy Niklas Angebrand +Niklas Hambüchen Nikolai Kondrashov Nikos Mavrogiannopoulos Nikos Tsipinakis @@ -1381,6 +1396,7 @@ Peter O'Gorman Peter Pentchev Peter Piekarski Peter Silva +Peter Simonyi Peter Su Peter Sylvester Peter Todd @@ -1471,6 +1487,7 @@ Ricardo Cadime Ricardo Gomes Rich Burridge Rich Gray +Rich Mirch Rich Rauenzahn Rich Turner Richard Adams @@ -1610,6 +1627,7 @@ Seth Mos Sevan Janiyan Sh Diao Shachaf Ben-Kiki +Shankar Jadhavar Shao Shuchao Sharad Gupta Shard @@ -1650,11 +1668,13 @@ Stefan Neis Stefan Teleman Stefan Tomanek Stefan Ulrich +Stefano Simonelli Steinar H. Gunderson Stepan Broz Stephan Bergmann Stephan Lagerholm Stephan Mühlstrasser +Stephan Szabo Stephen Brokenshire Stephen Collyer Stephen Kick @@ -1705,6 +1725,7 @@ Terry Wu TheAssassin on github Theodore Dubois Thomas Braun +Thomas Gamper Thomas Glanzmann Thomas J. Moore Thomas Klausner @@ -1801,6 +1822,7 @@ Ulrich Telle Ulrich Zadow Valentin David Vasiliy Faronov +Vasily Lobaskin Vasy Okhin Venkat Akella Venkataramana Mokkapati @@ -1882,6 +1904,7 @@ Zhibiao Wu Zhouyihai Ding Zmey Petroff Zvi Har'El +aasivov on github accountantM on github adnn on github afrind on github @@ -1946,9 +1969,11 @@ olesteban on github omau on github ovidiu-benea on github patelvivekv1993 on github +pendrek at hackerone pszemus on github silveja1 on github smuellerDD on github +sstruchtrup on github steelman on github steini2000 on github stootill on github diff --git a/libs/libcurl/include/curl/curl.h b/libs/libcurl/include/curl/curl.h index e7f812daca..19f6c0b5a1 100644 --- a/libs/libcurl/include/curl/curl.h +++ b/libs/libcurl/include/curl/curl.h @@ -927,7 +927,6 @@ typedef enum { but 32 */ #define CURLOPTTYPE_LONG 0 #define CURLOPTTYPE_OBJECTPOINT 10000 -#define CURLOPTTYPE_STRINGPOINT 10000 #define CURLOPTTYPE_FUNCTIONPOINT 20000 #define CURLOPTTYPE_OFF_T 30000 @@ -947,12 +946,15 @@ typedef enum { /* The macro "##" is ISO C, we assume pre-ISO C doesn't support it. */ #define LONG CURLOPTTYPE_LONG #define OBJECTPOINT CURLOPTTYPE_OBJECTPOINT -#define STRINGPOINT CURLOPTTYPE_OBJECTPOINT #define FUNCTIONPOINT CURLOPTTYPE_FUNCTIONPOINT #define OFF_T CURLOPTTYPE_OFF_T #define CINIT(name,type,number) CURLOPT_/**/name = type + number #endif +/* handy aliases that make no run-time difference */ +#define CURLOPTTYPE_STRINGPOINT CURLOPTTYPE_OBJECTPOINT +#define CURLOPTTYPE_SLISTPOINT CURLOPTTYPE_OBJECTPOINT + /* * This macro-mania below setups the CURLOPT_[what] enum, to be used with * curl_easy_setopt(). The first argument in the CINIT() macro is the [what] @@ -1050,7 +1052,7 @@ typedef enum { /* This points to a linked list of headers, struct curl_slist kind. This list is also used for RTSP (in spite of its name) */ - CINIT(HTTPHEADER, OBJECTPOINT, 23), + CINIT(HTTPHEADER, SLISTPOINT, 23), /* This points to a linked list of post entries, struct curl_httppost */ CINIT(HTTPPOST, OBJECTPOINT, 24), @@ -1065,7 +1067,7 @@ typedef enum { CINIT(CRLF, LONG, 27), /* send linked-list of QUOTE commands */ - CINIT(QUOTE, OBJECTPOINT, 28), + CINIT(QUOTE, SLISTPOINT, 28), /* send FILE * or void * to store headers to, if you use a callback it is simply passed to the callback unmodified */ @@ -1100,7 +1102,7 @@ typedef enum { /* 38 is not used */ /* send linked-list of post-transfer QUOTE commands */ - CINIT(POSTQUOTE, OBJECTPOINT, 39), + CINIT(POSTQUOTE, SLISTPOINT, 39), CINIT(OBSOLETE40, OBJECTPOINT, 40), /* OBSOLETE, do not use! */ @@ -1176,7 +1178,7 @@ typedef enum { CINIT(FILETIME, LONG, 69), /* This points to a linked list of telnet options */ - CINIT(TELNETOPTIONS, OBJECTPOINT, 70), + CINIT(TELNETOPTIONS, SLISTPOINT, 70), /* Max amount of cached alive connections */ CINIT(MAXCONNECTS, LONG, 71), @@ -1260,7 +1262,7 @@ typedef enum { CINIT(DNS_CACHE_TIMEOUT, LONG, 92), /* send linked-list of pre-transfer QUOTE commands */ - CINIT(PREQUOTE, OBJECTPOINT, 93), + CINIT(PREQUOTE, SLISTPOINT, 93), /* set the debug function */ CINIT(DEBUGFUNCTION, FUNCTIONPOINT, 94), @@ -1300,7 +1302,7 @@ typedef enum { CINIT(PRIVATE, OBJECTPOINT, 103), /* Set aliases for HTTP 200 in the HTTP Response header */ - CINIT(HTTP200ALIASES, OBJECTPOINT, 104), + CINIT(HTTP200ALIASES, SLISTPOINT, 104), /* Continue to send authentication (user+password) when following locations, even when hostname changed. This can potentially send off the name @@ -1572,8 +1574,7 @@ typedef enum { /* set the bitmask for the protocols that libcurl is allowed to follow to, as a subset of the CURLOPT_PROTOCOLS ones. That means the protocol needs - to be set in both bitmasks to be allowed to get redirected to. Defaults - to all protocols except FILE and SCP. */ + to be set in both bitmasks to be allowed to get redirected to. */ CINIT(REDIR_PROTOCOLS, LONG, 182), /* set the SSH knownhost file name to use */ @@ -1590,7 +1591,7 @@ typedef enum { CINIT(MAIL_FROM, STRINGPOINT, 186), /* set the list of SMTP mail receiver(s) */ - CINIT(MAIL_RCPT, OBJECTPOINT, 187), + CINIT(MAIL_RCPT, SLISTPOINT, 187), /* FTP: send PRET before PASV */ CINIT(FTP_USE_PRET, LONG, 188), @@ -1640,7 +1641,7 @@ typedef enum { CINIT(FNMATCH_DATA, OBJECTPOINT, 202), /* send linked-list of name:port:address sets */ - CINIT(RESOLVE, OBJECTPOINT, 203), + CINIT(RESOLVE, SLISTPOINT, 203), /* Set a username for authenticated TLS */ CINIT(TLSAUTH_USERNAME, STRINGPOINT, 204), @@ -1730,7 +1731,7 @@ typedef enum { /* This points to a linked list of headers used for proxy requests only, struct curl_slist kind */ - CINIT(PROXYHEADER, OBJECTPOINT, 228), + CINIT(PROXYHEADER, SLISTPOINT, 228), /* Pass in a bitmask of "header options" */ CINIT(HEADEROPT, LONG, 229), @@ -1777,7 +1778,7 @@ typedef enum { /* Linked-list of host:port:connect-to-host:connect-to-port, overrides the URL's host:port (only for the network layer) */ - CINIT(CONNECT_TO, OBJECTPOINT, 243), + CINIT(CONNECT_TO, SLISTPOINT, 243), /* Set TCP Fast Open */ CINIT(TCP_FASTOPEN, LONG, 244), diff --git a/libs/libcurl/include/curl/curlver.h b/libs/libcurl/include/curl/curlver.h index 0f588741c9..c753cff6f2 100644 --- a/libs/libcurl/include/curl/curlver.h +++ b/libs/libcurl/include/curl/curlver.h @@ -30,13 +30,13 @@ /* This is the version number of the libcurl package from which this header file origins: */ -#define LIBCURL_VERSION "7.65.1" +#define LIBCURL_VERSION "7.65.2" /* The numeric version number is also available "in parts" by using these defines: */ #define LIBCURL_VERSION_MAJOR 7 #define LIBCURL_VERSION_MINOR 65 -#define LIBCURL_VERSION_PATCH 1 +#define LIBCURL_VERSION_PATCH 2 /* This is the numeric version of the libcurl version number, meant for easier parsing and comparions by programs. The LIBCURL_VERSION_NUM define will @@ -57,7 +57,7 @@ CURL_VERSION_BITS() macro since curl's own configure script greps for it and needs it to contain the full number. */ -#define LIBCURL_VERSION_NUM 0x074101 +#define LIBCURL_VERSION_NUM 0x074102 /* * This is the date and time when the full source package was created. The @@ -68,7 +68,7 @@ * * "2007-11-23" */ -#define LIBCURL_TIMESTAMP "2019-06-05" +#define LIBCURL_TIMESTAMP "2019-07-17" #define CURL_VERSION_BITS(x,y,z) ((x)<<16|(y)<<8|(z)) #define CURL_AT_LEAST_VERSION(x,y,z) \ diff --git a/libs/libcurl/include/curl/typecheck-gcc.h b/libs/libcurl/include/curl/typecheck-gcc.h index 2d1de4d43a..eeb36abc09 100644 --- a/libs/libcurl/include/curl/typecheck-gcc.h +++ b/libs/libcurl/include/curl/typecheck-gcc.h @@ -300,12 +300,14 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_off_t, (option) == CURLOPT_PROXY_SSLKEY || \ (option) == CURLOPT_PROXY_SSLKEYTYPE || \ (option) == CURLOPT_PROXY_SSL_CIPHER_LIST || \ + (option) == CURLOPT_PROXY_TLS13_CIPHERS || \ (option) == CURLOPT_PROXY_TLSAUTH_PASSWORD || \ - (option) == CURLOPT_PROXY_TLSAUTH_USERNAME || \ (option) == CURLOPT_PROXY_TLSAUTH_TYPE || \ + (option) == CURLOPT_PROXY_TLSAUTH_USERNAME || \ (option) == CURLOPT_RANDOM_FILE || \ (option) == CURLOPT_RANGE || \ (option) == CURLOPT_REFERER || \ + (option) == CURLOPT_REQUEST_TARGET || \ (option) == CURLOPT_RTSP_SESSION_ID || \ (option) == CURLOPT_RTSP_STREAM_URI || \ (option) == CURLOPT_RTSP_TRANSPORT || \ @@ -321,6 +323,7 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_off_t, (option) == CURLOPT_SSLKEY || \ (option) == CURLOPT_SSLKEYTYPE || \ (option) == CURLOPT_SSL_CIPHER_LIST || \ + (option) == CURLOPT_TLS13_CIPHERS || \ (option) == CURLOPT_TLSAUTH_PASSWORD || \ (option) == CURLOPT_TLSAUTH_TYPE || \ (option) == CURLOPT_TLSAUTH_USERNAME || \ @@ -362,7 +365,7 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_off_t, (option) == CURLOPT_SSL_CTX_DATA || \ (option) == CURLOPT_WRITEDATA || \ (option) == CURLOPT_RESOLVER_START_DATA || \ - (option) == CURLOPT_CURLU || \ + (option) == CURLOPT_TRAILERDATA || \ 0) /* evaluates to true if option takes a POST data argument (void* or char*) */ @@ -382,6 +385,7 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_off_t, (option) == CURLOPT_QUOTE || \ (option) == CURLOPT_RESOLVE || \ (option) == CURLOPT_TELNETOPTIONS || \ + (option) == CURLOPT_CONNECT_TO || \ 0) /* groups of curl_easy_getinfo infos that take the same type of argument */ diff --git a/libs/libcurl/src/Makefile.in b/libs/libcurl/src/Makefile.in index f6504437cf..da01c26a66 100644 --- a/libs/libcurl/src/Makefile.in +++ b/libs/libcurl/src/Makefile.in @@ -243,7 +243,7 @@ am__objects_3 = vtls/libcurl_la-openssl.lo vtls/libcurl_la-gtls.lo \ vtls/libcurl_la-vtls.lo vtls/libcurl_la-nss.lo \ vtls/libcurl_la-polarssl.lo \ vtls/libcurl_la-polarssl_threadlock.lo \ - vtls/libcurl_la-cyassl.lo vtls/libcurl_la-schannel.lo \ + vtls/libcurl_la-wolfssl.lo vtls/libcurl_la-schannel.lo \ vtls/libcurl_la-schannel_verify.lo \ vtls/libcurl_la-sectransp.lo vtls/libcurl_la-gskit.lo \ vtls/libcurl_la-mbedtls.lo vtls/libcurl_la-mesalink.lo @@ -325,7 +325,7 @@ am__objects_9 = vtls/libcurlu_la-openssl.lo vtls/libcurlu_la-gtls.lo \ vtls/libcurlu_la-vtls.lo vtls/libcurlu_la-nss.lo \ vtls/libcurlu_la-polarssl.lo \ vtls/libcurlu_la-polarssl_threadlock.lo \ - vtls/libcurlu_la-cyassl.lo vtls/libcurlu_la-schannel.lo \ + vtls/libcurlu_la-wolfssl.lo vtls/libcurlu_la-schannel.lo \ vtls/libcurlu_la-schannel_verify.lo \ vtls/libcurlu_la-sectransp.lo vtls/libcurlu_la-gskit.lo \ vtls/libcurlu_la-mbedtls.lo vtls/libcurlu_la-mesalink.lo @@ -595,7 +595,6 @@ am__depfiles_remade = ./$(DEPDIR)/libcurl_la-altsvc.Plo \ vauth/$(DEPDIR)/libcurlu_la-spnego_gssapi.Plo \ vauth/$(DEPDIR)/libcurlu_la-spnego_sspi.Plo \ vauth/$(DEPDIR)/libcurlu_la-vauth.Plo \ - vtls/$(DEPDIR)/libcurl_la-cyassl.Plo \ vtls/$(DEPDIR)/libcurl_la-gskit.Plo \ vtls/$(DEPDIR)/libcurl_la-gtls.Plo \ vtls/$(DEPDIR)/libcurl_la-mbedtls.Plo \ @@ -608,7 +607,7 @@ am__depfiles_remade = ./$(DEPDIR)/libcurl_la-altsvc.Plo \ vtls/$(DEPDIR)/libcurl_la-schannel_verify.Plo \ vtls/$(DEPDIR)/libcurl_la-sectransp.Plo \ vtls/$(DEPDIR)/libcurl_la-vtls.Plo \ - vtls/$(DEPDIR)/libcurlu_la-cyassl.Plo \ + vtls/$(DEPDIR)/libcurl_la-wolfssl.Plo \ vtls/$(DEPDIR)/libcurlu_la-gskit.Plo \ vtls/$(DEPDIR)/libcurlu_la-gtls.Plo \ vtls/$(DEPDIR)/libcurlu_la-mbedtls.Plo \ @@ -620,7 +619,8 @@ am__depfiles_remade = ./$(DEPDIR)/libcurl_la-altsvc.Plo \ vtls/$(DEPDIR)/libcurlu_la-schannel.Plo \ vtls/$(DEPDIR)/libcurlu_la-schannel_verify.Plo \ vtls/$(DEPDIR)/libcurlu_la-sectransp.Plo \ - vtls/$(DEPDIR)/libcurlu_la-vtls.Plo + vtls/$(DEPDIR)/libcurlu_la-vtls.Plo \ + vtls/$(DEPDIR)/libcurlu_la-wolfssl.Plo am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) @@ -800,7 +800,6 @@ STRIP = @STRIP@ SUPPORT_FEATURES = @SUPPORT_FEATURES@ SUPPORT_PROTOCOLS = @SUPPORT_PROTOCOLS@ USE_ARES = @USE_ARES@ -USE_CYASSL = @USE_CYASSL@ USE_GNUTLS = @USE_GNUTLS@ USE_GNUTLS_NETTLE = @USE_GNUTLS_NETTLE@ USE_LIBRTMP = @USE_LIBRTMP@ @@ -815,6 +814,7 @@ USE_SCHANNEL = @USE_SCHANNEL@ USE_SECTRANSP = @USE_SECTRANSP@ USE_UNIX_SOCKETS = @USE_UNIX_SOCKETS@ USE_WINDOWS_SSPI = @USE_WINDOWS_SSPI@ +USE_WOLFSSL = @USE_WOLFSSL@ VERSION = @VERSION@ VERSIONNUM = @VERSIONNUM@ ZLIB_LIBS = @ZLIB_LIBS@ @@ -955,12 +955,12 @@ LIB_VAUTH_CFILES = vauth/vauth.c vauth/cleartext.c vauth/cram.c \ LIB_VAUTH_HFILES = vauth/vauth.h vauth/digest.h vauth/ntlm.h LIB_VTLS_CFILES = vtls/openssl.c vtls/gtls.c vtls/vtls.c vtls/nss.c \ vtls/polarssl.c vtls/polarssl_threadlock.c \ - vtls/cyassl.c vtls/schannel.c vtls/schannel_verify.c \ + vtls/wolfssl.c vtls/schannel.c vtls/schannel_verify.c \ vtls/sectransp.c vtls/gskit.c vtls/mbedtls.c vtls/mesalink.c LIB_VTLS_HFILES = vtls/openssl.h vtls/vtls.h vtls/gtls.h \ vtls/nssg.h vtls/polarssl.h vtls/polarssl_threadlock.h \ - vtls/cyassl.h vtls/schannel.h vtls/sectransp.h vtls/gskit.h \ + vtls/wolfssl.h vtls/schannel.h vtls/sectransp.h vtls/gskit.h \ vtls/mbedtls.h vtls/mesalink.h LIB_CFILES = file.c timeval.c base64.c hostip.c progress.c formdata.c \ @@ -1165,7 +1165,7 @@ vtls/libcurl_la-polarssl.lo: vtls/$(am__dirstamp) \ vtls/$(DEPDIR)/$(am__dirstamp) vtls/libcurl_la-polarssl_threadlock.lo: vtls/$(am__dirstamp) \ vtls/$(DEPDIR)/$(am__dirstamp) -vtls/libcurl_la-cyassl.lo: vtls/$(am__dirstamp) \ +vtls/libcurl_la-wolfssl.lo: vtls/$(am__dirstamp) \ vtls/$(DEPDIR)/$(am__dirstamp) vtls/libcurl_la-schannel.lo: vtls/$(am__dirstamp) \ vtls/$(DEPDIR)/$(am__dirstamp) @@ -1218,7 +1218,7 @@ vtls/libcurlu_la-polarssl.lo: vtls/$(am__dirstamp) \ vtls/$(DEPDIR)/$(am__dirstamp) vtls/libcurlu_la-polarssl_threadlock.lo: vtls/$(am__dirstamp) \ vtls/$(DEPDIR)/$(am__dirstamp) -vtls/libcurlu_la-cyassl.lo: vtls/$(am__dirstamp) \ +vtls/libcurlu_la-wolfssl.lo: vtls/$(am__dirstamp) \ vtls/$(DEPDIR)/$(am__dirstamp) vtls/libcurlu_la-schannel.lo: vtls/$(am__dirstamp) \ vtls/$(DEPDIR)/$(am__dirstamp) @@ -1494,7 +1494,6 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurlu_la-spnego_gssapi.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurlu_la-spnego_sspi.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurlu_la-vauth.Plo@am__quote@ # am--include-marker -@AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurl_la-cyassl.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurl_la-gskit.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurl_la-gtls.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurl_la-mbedtls.Plo@am__quote@ # am--include-marker @@ -1507,7 +1506,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurl_la-schannel_verify.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurl_la-sectransp.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurl_la-vtls.Plo@am__quote@ # am--include-marker -@AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurlu_la-cyassl.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurl_la-wolfssl.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurlu_la-gskit.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurlu_la-gtls.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurlu_la-mbedtls.Plo@am__quote@ # am--include-marker @@ -1520,6 +1519,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurlu_la-schannel_verify.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurlu_la-sectransp.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurlu_la-vtls.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurlu_la-wolfssl.Plo@am__quote@ # am--include-marker $(am__depfiles_remade): @$(MKDIR_P) $(@D) @@ -2461,12 +2461,12 @@ vtls/libcurl_la-polarssl_threadlock.lo: vtls/polarssl_threadlock.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vtls/libcurl_la-polarssl_threadlock.lo `test -f 'vtls/polarssl_threadlock.c' || echo '$(srcdir)/'`vtls/polarssl_threadlock.c -vtls/libcurl_la-cyassl.lo: vtls/cyassl.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vtls/libcurl_la-cyassl.lo -MD -MP -MF vtls/$(DEPDIR)/libcurl_la-cyassl.Tpo -c -o vtls/libcurl_la-cyassl.lo `test -f 'vtls/cyassl.c' || echo '$(srcdir)/'`vtls/cyassl.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vtls/$(DEPDIR)/libcurl_la-cyassl.Tpo vtls/$(DEPDIR)/libcurl_la-cyassl.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vtls/cyassl.c' object='vtls/libcurl_la-cyassl.lo' libtool=yes @AMDEPBACKSLASH@ +vtls/libcurl_la-wolfssl.lo: vtls/wolfssl.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vtls/libcurl_la-wolfssl.lo -MD -MP -MF vtls/$(DEPDIR)/libcurl_la-wolfssl.Tpo -c -o vtls/libcurl_la-wolfssl.lo `test -f 'vtls/wolfssl.c' || echo '$(srcdir)/'`vtls/wolfssl.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vtls/$(DEPDIR)/libcurl_la-wolfssl.Tpo vtls/$(DEPDIR)/libcurl_la-wolfssl.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vtls/wolfssl.c' object='vtls/libcurl_la-wolfssl.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vtls/libcurl_la-cyassl.lo `test -f 'vtls/cyassl.c' || echo '$(srcdir)/'`vtls/cyassl.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vtls/libcurl_la-wolfssl.lo `test -f 'vtls/wolfssl.c' || echo '$(srcdir)/'`vtls/wolfssl.c vtls/libcurl_la-schannel.lo: vtls/schannel.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vtls/libcurl_la-schannel.lo -MD -MP -MF vtls/$(DEPDIR)/libcurl_la-schannel.Tpo -c -o vtls/libcurl_la-schannel.lo `test -f 'vtls/schannel.c' || echo '$(srcdir)/'`vtls/schannel.c @@ -3420,12 +3420,12 @@ vtls/libcurlu_la-polarssl_threadlock.lo: vtls/polarssl_threadlock.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vtls/libcurlu_la-polarssl_threadlock.lo `test -f 'vtls/polarssl_threadlock.c' || echo '$(srcdir)/'`vtls/polarssl_threadlock.c -vtls/libcurlu_la-cyassl.lo: vtls/cyassl.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vtls/libcurlu_la-cyassl.lo -MD -MP -MF vtls/$(DEPDIR)/libcurlu_la-cyassl.Tpo -c -o vtls/libcurlu_la-cyassl.lo `test -f 'vtls/cyassl.c' || echo '$(srcdir)/'`vtls/cyassl.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vtls/$(DEPDIR)/libcurlu_la-cyassl.Tpo vtls/$(DEPDIR)/libcurlu_la-cyassl.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vtls/cyassl.c' object='vtls/libcurlu_la-cyassl.lo' libtool=yes @AMDEPBACKSLASH@ +vtls/libcurlu_la-wolfssl.lo: vtls/wolfssl.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vtls/libcurlu_la-wolfssl.lo -MD -MP -MF vtls/$(DEPDIR)/libcurlu_la-wolfssl.Tpo -c -o vtls/libcurlu_la-wolfssl.lo `test -f 'vtls/wolfssl.c' || echo '$(srcdir)/'`vtls/wolfssl.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vtls/$(DEPDIR)/libcurlu_la-wolfssl.Tpo vtls/$(DEPDIR)/libcurlu_la-wolfssl.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vtls/wolfssl.c' object='vtls/libcurlu_la-wolfssl.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vtls/libcurlu_la-cyassl.lo `test -f 'vtls/cyassl.c' || echo '$(srcdir)/'`vtls/cyassl.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vtls/libcurlu_la-wolfssl.lo `test -f 'vtls/wolfssl.c' || echo '$(srcdir)/'`vtls/wolfssl.c vtls/libcurlu_la-schannel.lo: vtls/schannel.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vtls/libcurlu_la-schannel.lo -MD -MP -MF vtls/$(DEPDIR)/libcurlu_la-schannel.Tpo -c -o vtls/libcurlu_la-schannel.lo `test -f 'vtls/schannel.c' || echo '$(srcdir)/'`vtls/schannel.c @@ -3858,7 +3858,6 @@ distclean: distclean-am -rm -f vauth/$(DEPDIR)/libcurlu_la-spnego_gssapi.Plo -rm -f vauth/$(DEPDIR)/libcurlu_la-spnego_sspi.Plo -rm -f vauth/$(DEPDIR)/libcurlu_la-vauth.Plo - -rm -f vtls/$(DEPDIR)/libcurl_la-cyassl.Plo -rm -f vtls/$(DEPDIR)/libcurl_la-gskit.Plo -rm -f vtls/$(DEPDIR)/libcurl_la-gtls.Plo -rm -f vtls/$(DEPDIR)/libcurl_la-mbedtls.Plo @@ -3871,7 +3870,7 @@ distclean: distclean-am -rm -f vtls/$(DEPDIR)/libcurl_la-schannel_verify.Plo -rm -f vtls/$(DEPDIR)/libcurl_la-sectransp.Plo -rm -f vtls/$(DEPDIR)/libcurl_la-vtls.Plo - -rm -f vtls/$(DEPDIR)/libcurlu_la-cyassl.Plo + -rm -f vtls/$(DEPDIR)/libcurl_la-wolfssl.Plo -rm -f vtls/$(DEPDIR)/libcurlu_la-gskit.Plo -rm -f vtls/$(DEPDIR)/libcurlu_la-gtls.Plo -rm -f vtls/$(DEPDIR)/libcurlu_la-mbedtls.Plo @@ -3884,6 +3883,7 @@ distclean: distclean-am -rm -f vtls/$(DEPDIR)/libcurlu_la-schannel_verify.Plo -rm -f vtls/$(DEPDIR)/libcurlu_la-sectransp.Plo -rm -f vtls/$(DEPDIR)/libcurlu_la-vtls.Plo + -rm -f vtls/$(DEPDIR)/libcurlu_la-wolfssl.Plo -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-hdr distclean-tags @@ -4177,7 +4177,6 @@ maintainer-clean: maintainer-clean-am -rm -f vauth/$(DEPDIR)/libcurlu_la-spnego_gssapi.Plo -rm -f vauth/$(DEPDIR)/libcurlu_la-spnego_sspi.Plo -rm -f vauth/$(DEPDIR)/libcurlu_la-vauth.Plo - -rm -f vtls/$(DEPDIR)/libcurl_la-cyassl.Plo -rm -f vtls/$(DEPDIR)/libcurl_la-gskit.Plo -rm -f vtls/$(DEPDIR)/libcurl_la-gtls.Plo -rm -f vtls/$(DEPDIR)/libcurl_la-mbedtls.Plo @@ -4190,7 +4189,7 @@ maintainer-clean: maintainer-clean-am -rm -f vtls/$(DEPDIR)/libcurl_la-schannel_verify.Plo -rm -f vtls/$(DEPDIR)/libcurl_la-sectransp.Plo -rm -f vtls/$(DEPDIR)/libcurl_la-vtls.Plo - -rm -f vtls/$(DEPDIR)/libcurlu_la-cyassl.Plo + -rm -f vtls/$(DEPDIR)/libcurl_la-wolfssl.Plo -rm -f vtls/$(DEPDIR)/libcurlu_la-gskit.Plo -rm -f vtls/$(DEPDIR)/libcurlu_la-gtls.Plo -rm -f vtls/$(DEPDIR)/libcurlu_la-mbedtls.Plo @@ -4203,6 +4202,7 @@ maintainer-clean: maintainer-clean-am -rm -f vtls/$(DEPDIR)/libcurlu_la-schannel_verify.Plo -rm -f vtls/$(DEPDIR)/libcurlu_la-sectransp.Plo -rm -f vtls/$(DEPDIR)/libcurlu_la-vtls.Plo + -rm -f vtls/$(DEPDIR)/libcurlu_la-wolfssl.Plo -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic diff --git a/libs/libcurl/src/Makefile.inc b/libs/libcurl/src/Makefile.inc index 235b82b0e3..37f7026818 100644 --- a/libs/libcurl/src/Makefile.inc +++ b/libs/libcurl/src/Makefile.inc @@ -29,12 +29,12 @@ LIB_VAUTH_HFILES = vauth/vauth.h vauth/digest.h vauth/ntlm.h LIB_VTLS_CFILES = vtls/openssl.c vtls/gtls.c vtls/vtls.c vtls/nss.c \ vtls/polarssl.c vtls/polarssl_threadlock.c \ - vtls/cyassl.c vtls/schannel.c vtls/schannel_verify.c \ + vtls/wolfssl.c vtls/schannel.c vtls/schannel_verify.c \ vtls/sectransp.c vtls/gskit.c vtls/mbedtls.c vtls/mesalink.c LIB_VTLS_HFILES = vtls/openssl.h vtls/vtls.h vtls/gtls.h \ vtls/nssg.h vtls/polarssl.h vtls/polarssl_threadlock.h \ - vtls/cyassl.h vtls/schannel.h vtls/sectransp.h vtls/gskit.h \ + vtls/wolfssl.h vtls/schannel.h vtls/sectransp.h vtls/gskit.h \ vtls/mbedtls.h vtls/mesalink.h LIB_CFILES = file.c timeval.c base64.c hostip.c progress.c formdata.c \ diff --git a/libs/libcurl/src/asyn-ares.c b/libs/libcurl/src/asyn-ares.c index 8561a47246..6b14aa6981 100644 --- a/libs/libcurl/src/asyn-ares.c +++ b/libs/libcurl/src/asyn-ares.c @@ -734,7 +734,11 @@ CURLcode Curl_set_dns_servers(struct Curl_easy *data, return CURLE_OK; #if (ARES_VERSION >= 0x010704) +#if (ARES_VERSION >= 0x010b00) + ares_result = ares_set_servers_ports_csv(data->state.resolver, servers); +#else ares_result = ares_set_servers_csv(data->state.resolver, servers); +#endif switch(ares_result) { case ARES_SUCCESS: result = CURLE_OK; diff --git a/libs/libcurl/src/config-os400.h b/libs/libcurl/src/config-os400.h index bde4f0b331..a741e91857 100644 --- a/libs/libcurl/src/config-os400.h +++ b/libs/libcurl/src/config-os400.h @@ -127,12 +127,18 @@ /* Define if you have the `getpass_r' function. */ #undef HAVE_GETPASS_R +/* Define to 1 if you have the getpeername function. */ +#define HAVE_GETPEERNAME 1 + /* Define if you have the `getpwuid' function. */ #define HAVE_GETPWUID /* Define if you have the `getservbyname' function. */ #define HAVE_GETSERVBYNAME +/* Define to 1 if you have the getsockname function. */ +#define HAVE_GETSOCKNAME 1 + /* Define if you have the `gettimeofday' function. */ #define HAVE_GETTIMEOFDAY diff --git a/libs/libcurl/src/config-symbian.h b/libs/libcurl/src/config-symbian.h index d23de33255..b7b93c6f4c 100644 --- a/libs/libcurl/src/config-symbian.h +++ b/libs/libcurl/src/config-symbian.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -478,9 +478,6 @@ /* Define to 1 if you have the `socket' function. */ #define HAVE_SOCKET 1 -/* Define to 1 if you have the `SSL_get_shutdown' function. */ -/*#define HAVE_SSL_GET_SHUTDOWN 1*/ - /* Define to 1 if you have the <ssl.h> header file. */ /* #undef HAVE_SSL_H */ diff --git a/libs/libcurl/src/config-vxworks.h b/libs/libcurl/src/config-vxworks.h index 8790f82669..89af3525be 100644 --- a/libs/libcurl/src/config-vxworks.h +++ b/libs/libcurl/src/config-vxworks.h @@ -541,9 +541,6 @@ /* Define to 1 if you have the `socket' function. */ #define HAVE_SOCKET 1 -/* Define to 1 if you have the `SSL_get_shutdown' function. */ -#define HAVE_SSL_GET_SHUTDOWN 1 - /* Define to 1 if you have the <ssl.h> header file. */ /* #undef HAVE_SSL_H */ diff --git a/libs/libcurl/src/config-win32.h b/libs/libcurl/src/config-win32.h index 5b028f193f..90c1054765 100644 --- a/libs/libcurl/src/config-win32.h +++ b/libs/libcurl/src/config-win32.h @@ -246,10 +246,6 @@ /* Define if you have the socket function. */ #define HAVE_SOCKET 1 -/* Define if libSSH2 is in use */ -#define USE_LIBSSH2 1 -#define HAVE_LIBSSH2_H 1 - /* Define if you have the strcasecmp function. */ /* #define HAVE_STRCASECMP 1 */ diff --git a/libs/libcurl/src/connect.c b/libs/libcurl/src/connect.c index 002535b429..4a1f2c6406 100644 --- a/libs/libcurl/src/connect.c +++ b/libs/libcurl/src/connect.c @@ -368,6 +368,11 @@ static CURLcode bindlocal(struct connectdata *conn, infof(data, "Name '%s' family %i resolved to '%s' family %i\n", dev, af, myhost, h->addr->ai_family); Curl_resolv_unlock(data, h); + if(af != h->addr->ai_family) { + /* bad IP version combo, signal the caller to try another address + family if available */ + return CURLE_UNSUPPORTED_PROTOCOL; + } done = 1; } else { diff --git a/libs/libcurl/src/cookie.c b/libs/libcurl/src/cookie.c index 05ce62193a..9a9e14d012 100644 --- a/libs/libcurl/src/cookie.c +++ b/libs/libcurl/src/cookie.c @@ -820,7 +820,7 @@ Curl_cookie_add(struct Curl_easy *data, break; case 1: /* This field got its explanation on the 23rd of May 2001 by - Andrés García: + Andrés GarcÃa: flag: A TRUE/FALSE value indicating if all machines within a given domain can access the variable. This value is set automatically by @@ -834,7 +834,7 @@ Curl_cookie_add(struct Curl_easy *data, case 2: /* It turns out, that sometimes the file format allows the path field to remain not filled in, we try to detect this and work - around it! Andrés García made us aware of this... */ + around it! Andrés GarcÃa made us aware of this... */ if(strcmp("TRUE", ptr) && strcmp("FALSE", ptr)) { /* only if the path doesn't look like a boolean option! */ co->path = strdup(ptr); diff --git a/libs/libcurl/src/curl_config.h.cmake b/libs/libcurl/src/curl_config.h.cmake index 3d96c498c7..5458cbaca7 100644 --- a/libs/libcurl/src/curl_config.h.cmake +++ b/libs/libcurl/src/curl_config.h.cmake @@ -587,9 +587,6 @@ /* Define to 1 if you have the `socket' function. */ #cmakedefine HAVE_SOCKET 1 -/* Define to 1 if you have the `SSL_get_shutdown' function. */ -#cmakedefine HAVE_SSL_GET_SHUTDOWN 1 - /* Define to 1 if you have the <ssl.h> header file. */ #cmakedefine HAVE_SSL_H 1 diff --git a/libs/libcurl/src/curl_config.h.in b/libs/libcurl/src/curl_config.h.in index 778991ca67..871c664e55 100644 --- a/libs/libcurl/src/curl_config.h.in +++ b/libs/libcurl/src/curl_config.h.in @@ -24,6 +24,9 @@ /* to disable DICT */ #undef CURL_DISABLE_DICT +/* disable DoH */ +#undef CURL_DISABLE_DOH + /* to disable FILE */ #undef CURL_DISABLE_FILE @@ -36,6 +39,9 @@ /* to disable HTTP */ #undef CURL_DISABLE_HTTP +/* disable HTTP authentication */ +#undef CURL_DISABLE_HTTP_AUTH + /* to disable IMAP */ #undef CURL_DISABLE_IMAP @@ -48,18 +54,33 @@ /* to disable --libcurl C code generation option */ #undef CURL_DISABLE_LIBCURL_OPTION +/* disable mime API */ +#undef CURL_DISABLE_MIME + +/* disable netrc parsing */ +#undef CURL_DISABLE_NETRC + /* if the OpenSSL configuration won't be loaded automatically */ #undef CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG +/* disable date parsing */ +#undef CURL_DISABLE_PARSEDATE + /* to disable POP3 */ #undef CURL_DISABLE_POP3 +/* disable progress-meter */ +#undef CURL_DISABLE_PROGRESS_METER + /* to disable proxies */ #undef CURL_DISABLE_PROXY /* to disable RTSP */ #undef CURL_DISABLE_RTSP +/* disable DNS shuffling */ +#undef CURL_DISABLE_SHUFFLE_DNS + /* to disable SMB/CIFS */ #undef CURL_DISABLE_SMB @@ -72,9 +93,6 @@ /* to disable TFTP */ #undef CURL_DISABLE_TFTP -/* to disable TLS-SRP authentication */ -#undef CURL_DISABLE_TLS_SRP - /* to disable verbose strings */ #undef CURL_DISABLE_VERBOSE_STRINGS @@ -153,18 +171,6 @@ /* Define to 1 if you have the <crypto.h> header file. */ #undef HAVE_CRYPTO_H -/* Define to 1 if you have the `CyaSSL_CTX_UseSupportedCurve' function. */ -#undef HAVE_CYASSL_CTX_USESUPPORTEDCURVE - -/* Define to 1 if you have the <cyassl/error-ssl.h> header file. */ -#undef HAVE_CYASSL_ERROR_SSL_H - -/* Define to 1 if you have the `CyaSSL_get_peer_certificate' function. */ -#undef HAVE_CYASSL_GET_PEER_CERTIFICATE - -/* Define to 1 if you have the <cyassl/options.h> header file. */ -#undef HAVE_CYASSL_OPTIONS_H - /* Define to 1 if you have the declaration of `getpwuid_r', and to 0 if you don't. */ #undef HAVE_DECL_GETPWUID_R @@ -610,9 +616,6 @@ /* Define to 1 if you have the `SSLv2_client_method' function. */ #undef HAVE_SSLV2_CLIENT_METHOD -/* Define to 1 if you have the `SSL_get_shutdown' function. */ -#undef HAVE_SSL_GET_SHUTDOWN - /* Define to 1 if you have the <ssl.h> header file. */ #undef HAVE_SSL_H @@ -934,9 +937,6 @@ /* Define to enable c-ares support */ #undef USE_ARES -/* if CyaSSL/WolfSSL is enabled */ -#undef USE_CYASSL - /* if GnuTLS is enabled */ #undef USE_GNUTLS @@ -1014,6 +1014,9 @@ /* to enable SSPI support */ #undef USE_WINDOWS_SSPI +/* if wolfSSL is enabled */ +#undef USE_WOLFSSL + /* Version number of package */ #undef VERSION diff --git a/libs/libcurl/src/curl_endian.h b/libs/libcurl/src/curl_endian.h index 4f345a6a22..9830e58fd7 100644 --- a/libs/libcurl/src/curl_endian.h +++ b/libs/libcurl/src/curl_endian.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -31,9 +31,6 @@ unsigned int Curl_read32_le(const unsigned char *buf); /* Converts a 16-bit integer from big endian */ unsigned short Curl_read16_be(const unsigned char *buf); -/* Converts a 32-bit integer to little endian */ -void Curl_write32_le(const int value, unsigned char *buffer); - #if (CURL_SIZEOF_CURL_OFF_T > 4) /* Converts a 64-bit integer to little endian */ #if defined(HAVE_LONGLONG) diff --git a/libs/libcurl/src/curl_ntlm_core.c b/libs/libcurl/src/curl_ntlm_core.c index b6df38f710..9e6fdcab2e 100644 --- a/libs/libcurl/src/curl_ntlm_core.c +++ b/libs/libcurl/src/curl_ntlm_core.c @@ -218,7 +218,6 @@ static bool encrypt_des(const unsigned char *in, unsigned char *out, const unsigned char *key_56) { const CK_MECHANISM_TYPE mech = CKM_DES_ECB; /* DES cipher in ECB mode */ - PK11SlotInfo *slot = NULL; char key[8]; /* expanded 64 bit key */ SECItem key_item; PK11SymKey *symkey = NULL; @@ -228,7 +227,7 @@ static bool encrypt_des(const unsigned char *in, unsigned char *out, bool rv = FALSE; /* use internal slot for DES encryption (requires NSS to be initialized) */ - slot = PK11_GetInternalKeySlot(); + PK11SlotInfo *slot = PK11_GetInternalKeySlot(); if(!slot) return FALSE; diff --git a/libs/libcurl/src/curl_setup.h b/libs/libcurl/src/curl_setup.h index a4601c49e8..27414a540e 100644 --- a/libs/libcurl/src/curl_setup.h +++ b/libs/libcurl/src/curl_setup.h @@ -648,7 +648,7 @@ int netware_init(void); #if defined(USE_GNUTLS) || defined(USE_OPENSSL) || defined(USE_NSS) || \ defined(USE_MBEDTLS) || \ - defined(USE_CYASSL) || defined(USE_SCHANNEL) || \ + defined(USE_WOLFSSL) || defined(USE_SCHANNEL) || \ defined(USE_SECTRANSP) || defined(USE_GSKIT) || defined(USE_MESALINK) #define USE_SSL /* SSL support has been enabled */ #endif diff --git a/libs/libcurl/src/easy.c b/libs/libcurl/src/easy.c index 4a6f965677..a4fff5b36e 100644 --- a/libs/libcurl/src/easy.c +++ b/libs/libcurl/src/easy.c @@ -1038,8 +1038,11 @@ CURLcode curl_easy_pause(struct Curl_easy *data, int action) to have this handle checked soon */ if(!result && ((newstate&(KEEP_RECV_PAUSE|KEEP_SEND_PAUSE)) != - (KEEP_RECV_PAUSE|KEEP_SEND_PAUSE)) ) + (KEEP_RECV_PAUSE|KEEP_SEND_PAUSE)) ) { Curl_expire(data, 0, EXPIRE_RUN_NOW); /* get this handle going again */ + if(data->multi) + Curl_update_timer(data->multi); + } /* This transfer may have been moved in or out of the bundle, update the corresponding socket callback, if used */ diff --git a/libs/libcurl/src/ftp.c b/libs/libcurl/src/ftp.c index d6343fd516..76ebbc44f4 100644 --- a/libs/libcurl/src/ftp.c +++ b/libs/libcurl/src/ftp.c @@ -565,10 +565,8 @@ static CURLcode ftp_readresp(curl_socket_t sockfd, #ifdef HAVE_GSSAPI char * const buf = data->state.buffer; #endif - CURLcode result = CURLE_OK; int code; - - result = Curl_pp_readresp(sockfd, pp, &code, size); + CURLcode result = Curl_pp_readresp(sockfd, pp, &code, size); #if defined(HAVE_GSSAPI) /* handle the security-oriented responses 6xx ***/ @@ -1499,24 +1497,14 @@ static CURLcode ftp_state_list(struct connectdata *conn) static CURLcode ftp_state_retr_prequote(struct connectdata *conn) { - CURLcode result = CURLE_OK; - /* We've sent the TYPE, now we must send the list of prequote strings */ - - result = ftp_state_quote(conn, TRUE, FTP_RETR_PREQUOTE); - - return result; + return ftp_state_quote(conn, TRUE, FTP_RETR_PREQUOTE); } static CURLcode ftp_state_stor_prequote(struct connectdata *conn) { - CURLcode result = CURLE_OK; - /* We've sent the TYPE, now we must send the list of prequote strings */ - - result = ftp_state_quote(conn, TRUE, FTP_STOR_PREQUOTE); - - return result; + return ftp_state_quote(conn, TRUE, FTP_STOR_PREQUOTE); } static CURLcode ftp_state_type(struct connectdata *conn) diff --git a/libs/libcurl/src/hash.h b/libs/libcurl/src/hash.h index 90a25d1ca3..558d0f47ca 100644 --- a/libs/libcurl/src/hash.h +++ b/libs/libcurl/src/hash.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -80,7 +80,7 @@ int Curl_hash_delete(struct curl_hash *h, void *key, size_t key_len); void *Curl_hash_pick(struct curl_hash *, void *key, size_t key_len); void Curl_hash_apply(struct curl_hash *h, void *user, void (*cb)(void *user, void *ptr)); -int Curl_hash_count(struct curl_hash *h); +#define Curl_hash_count(h) ((h)->size) void Curl_hash_destroy(struct curl_hash *h); void Curl_hash_clean(struct curl_hash *h); void Curl_hash_clean_with_criterium(struct curl_hash *h, void *user, diff --git a/libs/libcurl/src/hostip.h b/libs/libcurl/src/hostip.h index 9dc0d5a177..1bda524be4 100644 --- a/libs/libcurl/src/hostip.h +++ b/libs/libcurl/src/hostip.h @@ -61,7 +61,6 @@ struct connectdata; * Returns a struct curl_hash pointer on success, NULL on failure. */ struct curl_hash *Curl_global_host_cache_init(void); -void Curl_global_host_cache_dtor(void); struct Curl_dns_entry { Curl_addrinfo *addr; @@ -124,9 +123,6 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn, void Curl_resolv_unlock(struct Curl_easy *data, struct Curl_dns_entry *dns); -/* for debugging purposes only: */ -void Curl_scan_cache_used(void *user, void *ptr); - /* init a new dns cache and return success */ int Curl_mk_dnscache(struct curl_hash *hash); @@ -237,11 +233,6 @@ CURLcode Curl_set_dns_local_ip6(struct Curl_easy *data, void Curl_hostcache_clean(struct Curl_easy *data, struct curl_hash *hash); /* - * Destroy the hostcache of this handle. - */ -void Curl_hostcache_destroy(struct Curl_easy *data); - -/* * Populate the cache with specified entries from CURLOPT_RESOLVE. */ CURLcode Curl_loadhostpairs(struct Curl_easy *data); diff --git a/libs/libcurl/src/http.c b/libs/libcurl/src/http.c index a80e801575..9fbd7201e8 100644 --- a/libs/libcurl/src/http.c +++ b/libs/libcurl/src/http.c @@ -383,7 +383,7 @@ static bool pickoneauth(struct auth *pick, unsigned long mask) } /* - * Curl_http_perhapsrewind() + * http_perhapsrewind() * * If we are doing POST or PUT { * If we have more data to send { @@ -1881,9 +1881,10 @@ CURLcode Curl_add_custom_headers(struct connectdata *conn, } #ifndef CURL_DISABLE_PARSEDATE -CURLcode Curl_add_timecondition(struct Curl_easy *data, +CURLcode Curl_add_timecondition(const struct connectdata *conn, Curl_send_buffer *req_buffer) { + struct Curl_easy *data = conn->data; const struct tm *tm; struct tm keeptime; CURLcode result; @@ -1916,6 +1917,11 @@ CURLcode Curl_add_timecondition(struct Curl_easy *data, break; } + if(Curl_checkheaders(conn, condp)) { + /* A custom header was specified; it will be sent instead. */ + return CURLE_OK; + } + /* The If-Modified-Since header family should have their times set in * GMT as RFC2616 defines: "All HTTP date/time stamps MUST be * represented in Greenwich Mean Time (GMT), without exception. For the @@ -1941,10 +1947,10 @@ CURLcode Curl_add_timecondition(struct Curl_easy *data, } #else /* disabled */ -CURLcode Curl_add_timecondition(struct Curl_easy *data, +CURLcode Curl_add_timecondition(const struct connectdata *conn, Curl_send_buffer *req_buffer) { - (void)data; + (void)conn; (void)req_buffer; return CURLE_OK; } @@ -2683,7 +2689,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) } #endif - result = Curl_add_timecondition(data, req_buffer); + result = Curl_add_timecondition(conn, req_buffer); if(result) return result; @@ -3147,6 +3153,9 @@ static CURLcode header_append(struct Curl_easy *data, struct SingleRequest *k, size_t length) { + /* length is at most the size of a full read buffer, for which the upper + bound is CURL_MAX_READ_SIZE. There is thus no chance of overflow in this + calculation. */ size_t newsize = k->hbuflen + length; if(newsize > CURL_MAX_HTTP_HEADER) { /* The reason to have a max limit for this is to avoid the risk of a bad @@ -3511,8 +3520,10 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, else { infof(data, "HTTP error before end of send, stop sending\n"); streamclose(conn, "Stop sending data before everything sent"); + result = Curl_done_sending(conn, k); + if(result) + return result; k->upload_done = TRUE; - k->keepon &= ~KEEP_SEND; /* don't send */ if(data->state.expect100header) k->exp100 = EXP100_FAILED; } diff --git a/libs/libcurl/src/http.h b/libs/libcurl/src/http.h index a59fe7af0e..72161f6b03 100644 --- a/libs/libcurl/src/http.h +++ b/libs/libcurl/src/http.h @@ -69,7 +69,7 @@ CURLcode Curl_add_buffer_send(Curl_send_buffer **inp, size_t included_body_bytes, int socketindex); -CURLcode Curl_add_timecondition(struct Curl_easy *data, +CURLcode Curl_add_timecondition(const struct connectdata *conn, Curl_send_buffer *buf); CURLcode Curl_add_custom_headers(struct connectdata *conn, bool is_connect, @@ -82,7 +82,6 @@ CURLcode Curl_http_compile_trailers(struct curl_slist *trailers, CURLcode Curl_http(struct connectdata *conn, bool *done); CURLcode Curl_http_done(struct connectdata *, CURLcode, bool premature); CURLcode Curl_http_connect(struct connectdata *conn, bool *done); -CURLcode Curl_http_setup_conn(struct connectdata *conn); /* The following functions are defined in http_chunks.c */ void Curl_httpchunk_init(struct connectdata *conn); @@ -90,11 +89,9 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn, char *datap, ssize_t length, ssize_t *wrote); /* These functions are in http.c */ -void Curl_http_auth_stage(struct Curl_easy *data, int stage); CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy, const char *auth); CURLcode Curl_http_auth_act(struct connectdata *conn); -CURLcode Curl_http_perhapsrewind(struct connectdata *conn); /* If only the PICKNONE bit is set, there has been a round-trip and we selected to use no auth at all. Ie, we actively select no auth, as opposed diff --git a/libs/libcurl/src/http2.c b/libs/libcurl/src/http2.c index a535d14bbe..eb55e62d1c 100644 --- a/libs/libcurl/src/http2.c +++ b/libs/libcurl/src/http2.c @@ -269,7 +269,7 @@ static unsigned int http2_conncheck(struct connectdata *check, return ret_val; } -/* called from Curl_http_setup_conn */ +/* called from http_setup_conn */ void Curl_http2_setup_req(struct Curl_easy *data) { struct HTTP *http = data->req.protop; @@ -286,7 +286,7 @@ void Curl_http2_setup_req(struct Curl_easy *data) http->memlen = 0; } -/* called from Curl_http_setup_conn */ +/* called from http_setup_conn */ void Curl_http2_setup_conn(struct connectdata *conn) { conn->proto.httpc.settings.max_concurrent_streams = @@ -1758,11 +1758,10 @@ static ssize_t http2_recv(struct connectdata *conn, int sockindex, return retlen; } - /* If stream is closed, return 0 to signal the http routine to close + /* If this stream is closed, return 0 to signal the http routine to close the connection */ - if(stream->closed) { - return http2_handle_stream_close(conn, data, stream, err); - } + if(stream->closed) + return 0; *err = CURLE_AGAIN; H2BUGF(infof(data, "http2_recv returns AGAIN for stream %u\n", stream->stream_id)); @@ -1881,7 +1880,11 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex, are going to send or sending request body in DATA frame */ stream->upload_mem = mem; stream->upload_len = len; - nghttp2_session_resume_data(h2, stream->stream_id); + rv = nghttp2_session_resume_data(h2, stream->stream_id); + if(nghttp2_is_fatal(rv)) { + *err = CURLE_SEND_ERROR; + return -1; + } rv = h2_session_send(conn->data, h2); if(nghttp2_is_fatal(rv)) { *err = CURLE_SEND_ERROR; @@ -2415,8 +2418,6 @@ bool Curl_h2_http_1_1_error(struct connectdata *conn) #else /* !USE_NGHTTP2 */ /* Satisfy external references even if http2 is not compiled in. */ - -#define CURL_DISABLE_TYPECHECK #include <curl/curl.h> char *curl_pushheader_bynum(struct curl_pushheaders *h, size_t num) diff --git a/libs/libcurl/src/http2.h b/libs/libcurl/src/http2.h index db6217b11e..93058ccb31 100644 --- a/libs/libcurl/src/http2.h +++ b/libs/libcurl/src/http2.h @@ -42,13 +42,12 @@ const char *Curl_http2_strerror(uint32_t err); CURLcode Curl_http2_init(struct connectdata *conn); void Curl_http2_init_state(struct UrlState *state); void Curl_http2_init_userset(struct UserDefined *set); -CURLcode Curl_http2_send_request(struct connectdata *conn); CURLcode Curl_http2_request_upgrade(Curl_send_buffer *req, struct connectdata *conn); CURLcode Curl_http2_setup(struct connectdata *conn); CURLcode Curl_http2_switched(struct connectdata *conn, const char *data, size_t nread); -/* called from Curl_http_setup_conn */ +/* called from http_setup_conn */ void Curl_http2_setup_conn(struct connectdata *conn); void Curl_http2_setup_req(struct Curl_easy *data); void Curl_http2_done(struct connectdata *conn, bool premature); @@ -63,7 +62,6 @@ void Curl_http2_cleanup_dependencies(struct Curl_easy *data); /* returns true if the HTTP/2 stream error was HTTP_1_1_REQUIRED */ bool Curl_h2_http_1_1_error(struct connectdata *conn); #else /* USE_NGHTTP2 */ -#define Curl_http2_send_request(x) CURLE_UNSUPPORTED_PROTOCOL #define Curl_http2_request_upgrade(x,y) CURLE_UNSUPPORTED_PROTOCOL #define Curl_http2_setup(x) CURLE_UNSUPPORTED_PROTOCOL #define Curl_http2_switched(x,y,z) CURLE_UNSUPPORTED_PROTOCOL diff --git a/libs/libcurl/src/imap.c b/libs/libcurl/src/imap.c index bdcc69c67a..f3ffa290b4 100644 --- a/libs/libcurl/src/imap.c +++ b/libs/libcurl/src/imap.c @@ -444,10 +444,8 @@ static CURLcode imap_perform_capability(struct connectdata *conn) */ static CURLcode imap_perform_starttls(struct connectdata *conn) { - CURLcode result = CURLE_OK; - /* Send the STARTTLS command */ - result = imap_sendf(conn, "STARTTLS"); + CURLcode result = imap_sendf(conn, "STARTTLS"); if(!result) state(conn, IMAP_STARTTLS); @@ -463,11 +461,10 @@ static CURLcode imap_perform_starttls(struct connectdata *conn) */ static CURLcode imap_perform_upgrade_tls(struct connectdata *conn) { - CURLcode result = CURLE_OK; - struct imap_conn *imapc = &conn->proto.imapc; - /* Start the SSL connection */ - result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, &imapc->ssldone); + struct imap_conn *imapc = &conn->proto.imapc; + CURLcode result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, + &imapc->ssldone); if(!result) { if(imapc->state != IMAP_UPGRADETLS) @@ -826,10 +823,8 @@ static CURLcode imap_perform_search(struct connectdata *conn) */ static CURLcode imap_perform_logout(struct connectdata *conn) { - CURLcode result = CURLE_OK; - /* Send the LOGOUT command */ - result = imap_sendf(conn, "LOGOUT"); + CURLcode result = imap_sendf(conn, "LOGOUT"); if(!result) state(conn, IMAP_LOGOUT); diff --git a/libs/libcurl/src/krb5.c b/libs/libcurl/src/krb5.c index e51dcd1c68..5a47d481b4 100644 --- a/libs/libcurl/src/krb5.c +++ b/libs/libcurl/src/krb5.c @@ -1,6 +1,6 @@ /* GSSAPI/krb5 support for FTP - loosely based on old krb4.c * - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * Copyright (c) 2004 - 2017 Daniel Stenberg * All rights reserved. @@ -320,10 +320,8 @@ static void krb5_end(void *app_data) OM_uint32 min; gss_ctx_id_t *context = app_data; if(*context != GSS_C_NO_CONTEXT) { -#ifdef DEBUGBUILD - OM_uint32 maj = -#endif - gss_delete_sec_context(&min, context, GSS_C_NO_BUFFER); + OM_uint32 maj = gss_delete_sec_context(&min, context, GSS_C_NO_BUFFER); + (void)maj; DEBUGASSERT(maj == GSS_S_COMPLETE); } } diff --git a/libs/libcurl/src/libcurl.plist b/libs/libcurl/src/libcurl.plist index 760130c9ce..46106abd8b 100644 --- a/libs/libcurl/src/libcurl.plist +++ b/libs/libcurl/src/libcurl.plist @@ -15,7 +15,7 @@ <string>se.haxx.curl.libcurl</string> <key>CFBundleVersion</key> - <string>7.65.1</string> + <string>7.65.2</string> <key>CFBundleName</key> <string>libcurl</string> @@ -27,9 +27,9 @@ <string>????</string> <key>CFBundleShortVersionString</key> - <string>libcurl 7.65.1</string> + <string>libcurl 7.65.2</string> <key>CFBundleGetInfoString</key> - <string>libcurl.plist 7.65.1</string> + <string>libcurl.plist 7.65.2</string> </dict> </plist> diff --git a/libs/libcurl/src/multi.c b/libs/libcurl/src/multi.c index 02f846033b..2b6b1bc522 100644 --- a/libs/libcurl/src/multi.c +++ b/libs/libcurl/src/multi.c @@ -71,8 +71,6 @@ static CURLMcode singlesocket(struct Curl_multi *multi, struct Curl_easy *data); -static int update_timer(struct Curl_multi *multi); - static CURLMcode add_next_timeout(struct curltime now, struct Curl_multi *multi, struct Curl_easy *d); @@ -189,7 +187,7 @@ static void mstate(struct Curl_easy *data, CURLMstate state */ struct Curl_sh_entry { - struct curl_llist list; /* list of easy handles using this socket */ + struct curl_hash transfers; /* hash of transfers using this socket */ unsigned int action; /* what combined action READ/WRITE this socket waits for */ void *socketp; /* settable by users with curl_multi_assign() */ @@ -206,12 +204,36 @@ struct Curl_sh_entry { static struct Curl_sh_entry *sh_getentry(struct curl_hash *sh, curl_socket_t s) { - if(s != CURL_SOCKET_BAD) + if(s != CURL_SOCKET_BAD) { /* only look for proper sockets */ return Curl_hash_pick(sh, (char *)&s, sizeof(curl_socket_t)); + } return NULL; } +#define TRHASH_SIZE 13 +static size_t trhash(void *key, size_t key_length, size_t slots_num) +{ + size_t keyval = (size_t)*(struct Curl_easy **)key; + (void) key_length; + + return (keyval % slots_num); +} + +static size_t trhash_compare(void *k1, size_t k1_len, void *k2, size_t k2_len) +{ + (void)k1_len; + (void)k2_len; + + return *(struct Curl_easy **)k1 == *(struct Curl_easy **)k2; +} + +static void trhash_dtor(void *nada) +{ + (void)nada; +} + + /* make sure this socket is present in the hash for this handle */ static struct Curl_sh_entry *sh_addentry(struct curl_hash *sh, curl_socket_t s) @@ -219,16 +241,21 @@ static struct Curl_sh_entry *sh_addentry(struct curl_hash *sh, struct Curl_sh_entry *there = sh_getentry(sh, s); struct Curl_sh_entry *check; - if(there) + if(there) { /* it is present, return fine */ return there; + } /* not present, add it */ check = calloc(1, sizeof(struct Curl_sh_entry)); if(!check) return NULL; /* major failure */ - Curl_llist_init(&check->list, NULL); + if(Curl_hash_init(&check->transfers, TRHASH_SIZE, trhash, + trhash_compare, trhash_dtor)) { + free(check); + return NULL; + } /* make/add new hash entry */ if(!Curl_hash_add(sh, (char *)&s, sizeof(curl_socket_t), check)) { @@ -244,14 +271,8 @@ static struct Curl_sh_entry *sh_addentry(struct curl_hash *sh, static void sh_delentry(struct Curl_sh_entry *entry, struct curl_hash *sh, curl_socket_t s) { - struct curl_llist *list = &entry->list; - struct curl_llist_element *e; - /* clear the list of transfers first */ - for(e = list->head; e; e = list->head) { - struct Curl_easy *dta = e->ptr; - Curl_llist_remove(&entry->list, e, NULL); - dta->sh_entry = NULL; - } + Curl_hash_destroy(&entry->transfers); + /* We remove the hash entry. This will end up in a call to sh_freeentry(). */ Curl_hash_delete(sh, (char *)&s, sizeof(curl_socket_t)); @@ -320,17 +341,6 @@ static CURLMcode multi_addmsg(struct Curl_multi *multi, return CURLM_OK; } -/* - * multi_freeamsg() - * - * Callback used by the llist system when a single list entry is destroyed. - */ -static void multi_freeamsg(void *a, void *b) -{ - (void)a; - (void)b; -} - struct Curl_multi *Curl_multi_handle(int hashsize, /* socket hash */ int chashsize) /* connection hash */ { @@ -350,8 +360,10 @@ struct Curl_multi *Curl_multi_handle(int hashsize, /* socket hash */ if(Curl_conncache_init(&multi->conn_cache, chashsize)) goto error; - Curl_llist_init(&multi->msglist, multi_freeamsg); - Curl_llist_init(&multi->pending, multi_freeamsg); + Curl_llist_init(&multi->msglist, NULL); + Curl_llist_init(&multi->pending, NULL); + + multi->multiplexing = CURLPIPE_MULTIPLEX; /* -1 means it not set by user, use the default value */ multi->maxconnects = -1; @@ -462,16 +474,16 @@ CURLMcode curl_multi_add_handle(struct Curl_multi *multi, /* increase the alive-counter */ multi->num_alive++; - /* A somewhat crude work-around for a little glitch in update_timer() that - happens if the lastcall time is set to the same time when the handle is - removed as when the next handle is added, as then the check in - update_timer() that prevents calling the application multiple times with - the same timer info will not trigger and then the new handle's timeout - will not be notified to the app. + /* A somewhat crude work-around for a little glitch in Curl_update_timer() + that happens if the lastcall time is set to the same time when the handle + is removed as when the next handle is added, as then the check in + Curl_update_timer() that prevents calling the application multiple times + with the same timer info will not trigger and then the new handle's + timeout will not be notified to the app. The work-around is thus simply to clear the 'lastcall' variable to force - update_timer() to always trigger a callback to the app when a new easy - handle is added */ + Curl_update_timer() to always trigger a callback to the app when a new + easy handle is added */ memset(&multi->timer_lastcall, 0, sizeof(multi->timer_lastcall)); /* The closure handle only ever has default timeouts set. To improve the @@ -484,7 +496,7 @@ CURLMcode curl_multi_add_handle(struct Curl_multi *multi, data->state.conn_cache->closure_handle->set.no_signal = data->set.no_signal; - update_timer(multi); + Curl_update_timer(multi); return CURLM_OK; } @@ -774,7 +786,7 @@ CURLMcode curl_multi_remove_handle(struct Curl_multi *multi, We do not touch the easy handle here! */ multi->num_easy--; /* one less to care about now */ - update_timer(multi); + Curl_update_timer(multi); return CURLM_OK; } @@ -789,11 +801,6 @@ bool Curl_multiplex_wanted(const struct Curl_multi *multi) static void detach_connnection(struct Curl_easy *data) { struct connectdata *conn = data->conn; - if(data->sh_entry) { - /* still listed as a user of a socket hash entry, remove it */ - Curl_llist_remove(&data->sh_entry->list, &data->sh_queue, NULL); - data->sh_entry = NULL; - } if(conn) Curl_llist_remove(&conn->easyq, &data->conn_queue, NULL); data->conn = NULL; @@ -1266,6 +1273,9 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, bool stream_error = FALSE; rc = CURLM_OK; + DEBUGASSERT((data->mstate <= CURLM_STATE_CONNECT) || + (data->mstate >= CURLM_STATE_DONE) || + data->conn); if(!data->conn && data->mstate > CURLM_STATE_CONNECT && data->mstate < CURLM_STATE_DONE) { @@ -2107,7 +2117,7 @@ CURLMcode curl_multi_perform(struct Curl_multi *multi, int *running_handles) *running_handles = multi->num_alive; if(CURLM_OK >= returncode) - update_timer(multi); + Curl_update_timer(multi); return returncode; } @@ -2287,30 +2297,22 @@ static CURLMcode singlesocket(struct Curl_multi *multi, if(action & CURL_POLL_OUT) entry->writers++; - /* add 'data' to the list of handles using this socket! */ - Curl_llist_insert_next(&entry->list, entry->list.tail, - data, &data->sh_queue); - data->sh_entry = entry; + /* add 'data' to the transfer hash on this socket! */ + if(!Curl_hash_add(&entry->transfers, (char *)&data, /* hash key */ + sizeof(struct Curl_easy *), data)) + return CURLM_OUT_OF_MEMORY; } comboaction = (entry->writers? CURL_POLL_OUT : 0) | (entry->readers ? CURL_POLL_IN : 0); -#if 0 - infof(data, "--- Comboaction: %u readers %u writers\n", - entry->readers, entry->writers); -#endif - /* check if it has the same action set */ - if(entry->action == comboaction) + /* socket existed before and has the same action set as before */ + if(sincebefore && (entry->action == comboaction)) /* same, continue */ continue; - /* we know (entry != NULL) at this point, see the logic above */ if(multi->socket_cb) - multi->socket_cb(data, - s, - comboaction, - multi->socket_userp, + multi->socket_cb(data, s, comboaction, multi->socket_userp, entry->socketp); entry->action = comboaction; /* store the current action state */ @@ -2352,6 +2354,13 @@ static CURLMcode singlesocket(struct Curl_multi *multi, entry->socketp); sh_delentry(entry, &multi->sockhash, s); } + else { + /* still users, but remove this handle as a user of this socket */ + if(Curl_hash_delete(&entry->transfers, (char *)&data, + sizeof(struct Curl_easy *))) { + DEBUGASSERT(NULL); + } + } } } /* for loop over numsocks */ @@ -2495,19 +2504,14 @@ static CURLMcode multi_socket(struct Curl_multi *multi, and just move on. */ ; else { - struct curl_llist *list = &entry->list; - struct curl_llist_element *e; - struct curl_llist_element *enext; - SIGPIPE_VARIABLE(pipe_st); + struct curl_hash_iterator iter; + struct curl_hash_element *he; /* the socket can be shared by many transfers, iterate */ - for(e = list->head; e; e = enext) { - data = (struct Curl_easy *)e->ptr; - - /* assign 'enext' here since the 'e' struct might be cleared - further down in the singlesocket() call */ - enext = e->next; - + Curl_hash_start_iterate(&entry->transfers, &iter); + for(he = Curl_hash_next_element(&iter); he; + he = Curl_hash_next_element(&iter)) { + data = (struct Curl_easy *)he->ptr; DEBUGASSERT(data); DEBUGASSERT(data->magic == CURLEASY_MAGIC_NUMBER); @@ -2515,21 +2519,7 @@ static CURLMcode multi_socket(struct Curl_multi *multi, /* set socket event bitmask if they're not locked */ data->conn->cselect_bits = ev_bitmask; - sigpipe_ignore(data, &pipe_st); - result = multi_runsingle(multi, now, data); - sigpipe_restore(&pipe_st); - - if(data->conn && !(data->conn->handler->flags & PROTOPT_DIRLOCK)) - /* clear the bitmask only if not locked */ - data->conn->cselect_bits = 0; - - if(CURLM_OK >= result) { - /* get the socket(s) and check if the state has been changed since - last */ - result = singlesocket(multi, data); - if(result) - return result; - } + Curl_expire(data, 0, EXPIRE_RUN_NOW); } /* Now we fall-through and do the timer-based stuff, since we don't want @@ -2544,9 +2534,10 @@ static CURLMcode multi_socket(struct Curl_multi *multi, } else { /* Asked to run due to time-out. Clear the 'lastcall' variable to force - update_timer() to trigger a callback to the app again even if the same - timeout is still the one to run after this call. That handles the case - when the application asks libcurl to run the timeout prematurely. */ + Curl_update_timer() to trigger a callback to the app again even if the + same timeout is still the one to run after this call. That handles the + case when the application asks libcurl to run the timeout + prematurely. */ memset(&multi->timer_lastcall, 0, sizeof(multi->timer_lastcall)); } @@ -2664,7 +2655,7 @@ CURLMcode curl_multi_socket(struct Curl_multi *multi, curl_socket_t s, return CURLM_RECURSIVE_API_CALL; result = multi_socket(multi, FALSE, s, 0, running_handles); if(CURLM_OK >= result) - update_timer(multi); + Curl_update_timer(multi); return result; } @@ -2676,7 +2667,7 @@ CURLMcode curl_multi_socket_action(struct Curl_multi *multi, curl_socket_t s, return CURLM_RECURSIVE_API_CALL; result = multi_socket(multi, FALSE, s, ev_bitmask, running_handles); if(CURLM_OK >= result) - update_timer(multi); + Curl_update_timer(multi); return result; } @@ -2688,7 +2679,7 @@ CURLMcode curl_multi_socket_all(struct Curl_multi *multi, int *running_handles) return CURLM_RECURSIVE_API_CALL; result = multi_socket(multi, TRUE, CURL_SOCKET_BAD, 0, running_handles); if(CURLM_OK >= result) - update_timer(multi); + Curl_update_timer(multi); return result; } @@ -2748,14 +2739,14 @@ CURLMcode curl_multi_timeout(struct Curl_multi *multi, * Tell the application it should update its timers, if it subscribes to the * update timer callback. */ -static int update_timer(struct Curl_multi *multi) +void Curl_update_timer(struct Curl_multi *multi) { long timeout_ms; if(!multi->timer_cb) - return 0; + return; if(multi_timeout(multi, &timeout_ms)) { - return -1; + return; } if(timeout_ms < 0) { static const struct curltime none = {0, 0}; @@ -2763,9 +2754,10 @@ static int update_timer(struct Curl_multi *multi) multi->timer_lastcall = none; /* there's no timeout now but there was one previously, tell the app to disable it */ - return multi->timer_cb(multi, -1, multi->timer_userp); + multi->timer_cb(multi, -1, multi->timer_userp); + return; } - return 0; + return; } /* When multi_timeout() is done, multi->timetree points to the node with the @@ -2773,11 +2765,11 @@ static int update_timer(struct Curl_multi *multi) * if this is the same (fixed) time as we got in a previous call and then * avoid calling the callback again. */ if(Curl_splaycomparekeys(multi->timetree->key, multi->timer_lastcall) == 0) - return 0; + return; multi->timer_lastcall = multi->timetree->key; - return multi->timer_cb(multi, timeout_ms, multi->timer_userp); + multi->timer_cb(multi, timeout_ms, multi->timer_userp); } /* diff --git a/libs/libcurl/src/multiif.h b/libs/libcurl/src/multiif.h index e8a5e7062d..a644558677 100644 --- a/libs/libcurl/src/multiif.h +++ b/libs/libcurl/src/multiif.h @@ -30,7 +30,7 @@ void Curl_updatesocket(struct Curl_easy *data); void Curl_expire(struct Curl_easy *data, time_t milli, expire_id); void Curl_expire_clear(struct Curl_easy *data); void Curl_expire_done(struct Curl_easy *data, expire_id id); -void Curl_detach_connnection(struct Curl_easy *data); +void Curl_update_timer(struct Curl_multi *multi); void Curl_attach_connnection(struct Curl_easy *data, struct connectdata *conn); bool Curl_multiplex_wanted(const struct Curl_multi *multi); diff --git a/libs/libcurl/src/netrc.c b/libs/libcurl/src/netrc.c index 1bd998f9c5..f41636e974 100644 --- a/libs/libcurl/src/netrc.c +++ b/libs/libcurl/src/netrc.c @@ -89,7 +89,7 @@ int Curl_parsenetrc(const char *host, && pw_res) { home = strdup(pw.pw_dir); if(!home) - return CURLE_OUT_OF_MEMORY; + return -1; home_alloc = TRUE; } #elif defined(HAVE_GETPWUID) && defined(HAVE_GETEUID) diff --git a/libs/libcurl/src/pop3.c b/libs/libcurl/src/pop3.c index c8f3965e49..a681d5213f 100644 --- a/libs/libcurl/src/pop3.c +++ b/libs/libcurl/src/pop3.c @@ -339,10 +339,8 @@ static CURLcode pop3_perform_capa(struct connectdata *conn) */ static CURLcode pop3_perform_starttls(struct connectdata *conn) { - CURLcode result = CURLE_OK; - /* Send the STLS command */ - result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "STLS"); + CURLcode result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "STLS"); if(!result) state(conn, POP3_STARTTLS); @@ -358,11 +356,10 @@ static CURLcode pop3_perform_starttls(struct connectdata *conn) */ static CURLcode pop3_perform_upgrade_tls(struct connectdata *conn) { - CURLcode result = CURLE_OK; - struct pop3_conn *pop3c = &conn->proto.pop3c; - /* Start the SSL connection */ - result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, &pop3c->ssldone); + struct pop3_conn *pop3c = &conn->proto.pop3c; + CURLcode result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, + &pop3c->ssldone); if(!result) { if(pop3c->state != POP3_UPGRADETLS) @@ -593,10 +590,8 @@ static CURLcode pop3_perform_command(struct connectdata *conn) */ static CURLcode pop3_perform_quit(struct connectdata *conn) { - CURLcode result = CURLE_OK; - /* Send the QUIT command */ - result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "QUIT"); + CURLcode result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "QUIT"); if(!result) state(conn, POP3_QUIT); diff --git a/libs/libcurl/src/progress.c b/libs/libcurl/src/progress.c index fe9929bb90..7282e02321 100644 --- a/libs/libcurl/src/progress.c +++ b/libs/libcurl/src/progress.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -31,6 +31,7 @@ /* check rate limits within this many recent milliseconds, at minimum. */ #define MIN_RATE_LIMIT_PERIOD 3000 +#ifndef CURL_DISABLE_PROGRESS_METER /* Provide a string that is 2 + 1 + 2 + 1 + 2 = 8 letters long (plus the zero byte) */ static void time2str(char *r, curl_off_t seconds) @@ -119,6 +120,7 @@ static char *max5data(curl_off_t bytes, char *max5) return max5; } +#endif /* @@ -362,23 +364,14 @@ void Curl_pgrsSetUploadSize(struct Curl_easy *data, curl_off_t size) } } -/* - * Curl_pgrsUpdate() returns 0 for success or the value returned by the - * progress callback! - */ -int Curl_pgrsUpdate(struct connectdata *conn) +static void progress_calc(struct connectdata *conn, struct curltime now) { - struct curltime now; curl_off_t timespent; curl_off_t timespent_ms; /* milliseconds */ struct Curl_easy *data = conn->data; - int nowindex = data->progress.speeder_c% CURR_TIME; - bool shownow = FALSE; curl_off_t dl = data->progress.downloaded; curl_off_t ul = data->progress.uploaded; - now = Curl_now(); /* what time is it */ - /* The time spent so far (from the start) */ data->progress.timespent = Curl_timediff_us(now, data->progress.start); timespent = (curl_off_t)data->progress.timespent/1000000; /* seconds */ @@ -399,8 +392,7 @@ int Curl_pgrsUpdate(struct connectdata *conn) /* Calculations done at most once a second, unless end is reached */ if(data->progress.lastshow != now.tv_sec) { int countindex; /* amount of seconds stored in the speeder array */ - shownow = TRUE; - + int nowindex = data->progress.speeder_c% CURR_TIME; data->progress.lastshow = now.tv_sec; /* Let's do the "current speed" thing, with the dl + ul speeds @@ -434,8 +426,7 @@ int Curl_pgrsUpdate(struct connectdata *conn) data->progress.speeder_c%CURR_TIME:0; /* Figure out the exact time for the time span */ - span_ms = Curl_timediff(now, - data->progress.speeder_time[checkindex]); + span_ms = Curl_timediff(now, data->progress.speeder_time[checkindex]); if(0 == span_ms) span_ms = 1; /* at least one millisecond MUST have passed */ @@ -461,8 +452,25 @@ int Curl_pgrsUpdate(struct connectdata *conn) data->progress.ulspeed + data->progress.dlspeed; } /* Calculations end */ +} - if(!(data->progress.flags & PGRS_HIDE)) { +#ifndef CURL_DISABLE_PROGRESS_METER +static void progress_meter(struct connectdata *conn, + struct curltime now) +{ + struct Curl_easy *data = conn->data; + bool shownow = FALSE; + if(data->progress.lastshow != now.tv_sec) { + if(!(data->progress.flags & PGRS_HIDE)) + shownow = TRUE; + } + + if(!shownow) + /* only show the internal progress meter once per second */ + return; + else { + /* If there's no external callback set, use internal code to show + progress */ /* progress meter has not been shut off */ char max5[6][10]; curl_off_t dlpercen = 0; @@ -476,42 +484,8 @@ int Curl_pgrsUpdate(struct connectdata *conn) curl_off_t ulestimate = 0; curl_off_t dlestimate = 0; curl_off_t total_estimate; - - if(data->set.fxferinfo) { - int result; - /* There's a callback set, call that */ - Curl_set_in_callback(data, true); - result = data->set.fxferinfo(data->set.progress_client, - data->progress.size_dl, - data->progress.downloaded, - data->progress.size_ul, - data->progress.uploaded); - Curl_set_in_callback(data, false); - if(result) - failf(data, "Callback aborted"); - return result; - } - if(data->set.fprogress) { - int result; - /* The older deprecated callback is set, call that */ - Curl_set_in_callback(data, true); - result = data->set.fprogress(data->set.progress_client, - (double)data->progress.size_dl, - (double)data->progress.downloaded, - (double)data->progress.size_ul, - (double)data->progress.uploaded); - Curl_set_in_callback(data, false); - if(result) - failf(data, "Callback aborted"); - return result; - } - - if(!shownow) - /* only show the internal progress meter once per second */ - return 0; - - /* If there's no external callback set, use internal code to show - progress */ + curl_off_t timespent = + (curl_off_t)data->progress.timespent/1000000; /* seconds */ if(!(data->progress.flags & PGRS_HEADERS_OUT)) { if(data->state.resume_from) { @@ -595,13 +569,60 @@ int Curl_pgrsUpdate(struct connectdata *conn) time_total, /* 8 letters */ /* total time */ time_spent, /* 8 letters */ /* time spent */ time_left, /* 8 letters */ /* time left */ - max5data(data->progress.current_speed, max5[5]) /* current speed */ - ); + max5data(data->progress.current_speed, max5[5]) + ); /* we flush the output stream to make it appear as soon as possible */ fflush(data->set.err); + } /* don't show now */ +} +#else + /* progress bar disabled */ +#define progress_meter(x,y) +#endif + + +/* + * Curl_pgrsUpdate() returns 0 for success or the value returned by the + * progress callback! + */ +int Curl_pgrsUpdate(struct connectdata *conn) +{ + struct Curl_easy *data = conn->data; + struct curltime now = Curl_now(); /* what time is it */ - } /* !(data->progress.flags & PGRS_HIDE) */ + progress_calc(conn, now); + if(!(data->progress.flags & PGRS_HIDE)) { + if(data->set.fxferinfo) { + int result; + /* There's a callback set, call that */ + Curl_set_in_callback(data, true); + result = data->set.fxferinfo(data->set.progress_client, + data->progress.size_dl, + data->progress.downloaded, + data->progress.size_ul, + data->progress.uploaded); + Curl_set_in_callback(data, false); + if(result) + failf(data, "Callback aborted"); + return result; + } + if(data->set.fprogress) { + int result; + /* The older deprecated callback is set, call that */ + Curl_set_in_callback(data, true); + result = data->set.fprogress(data->set.progress_client, + (double)data->progress.size_dl, + (double)data->progress.downloaded, + (double)data->progress.size_ul, + (double)data->progress.uploaded); + Curl_set_in_callback(data, false); + if(result) + failf(data, "Callback aborted"); + return result; + } + } + progress_meter(conn, now); return 0; } diff --git a/libs/libcurl/src/rtsp.c b/libs/libcurl/src/rtsp.c index 74cf232448..25e194a233 100644 --- a/libs/libcurl/src/rtsp.c +++ b/libs/libcurl/src/rtsp.c @@ -491,7 +491,7 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done) return result; if((rtspreq == RTSPREQ_SETUP) || (rtspreq == RTSPREQ_DESCRIBE)) { - result = Curl_add_timecondition(data, req_buffer); + result = Curl_add_timecondition(conn, req_buffer); if(result) return result; } diff --git a/libs/libcurl/src/security.c b/libs/libcurl/src/security.c index 82ae5c2cda..550ea2da8d 100644 --- a/libs/libcurl/src/security.c +++ b/libs/libcurl/src/security.c @@ -7,7 +7,7 @@ * rewrite to work around the paragraph 2 in the BSD licenses as explained * below. * - * Copyright (c) 1998, 1999, 2017 Kungliga Tekniska Högskolan + * Copyright (c) 1998, 1999, 2017 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * * Copyright (C) 2001 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. @@ -267,7 +267,7 @@ static ssize_t sec_recv(struct connectdata *conn, int sockindex, } /* Send |length| bytes from |from| to the |fd| socket taking care of encoding - and negociating with the server. |from| can be NULL. */ + and negotiating with the server. |from| can be NULL. */ static void do_sec_send(struct connectdata *conn, curl_socket_t fd, const char *from, int length) { diff --git a/libs/libcurl/src/setopt.c b/libs/libcurl/src/setopt.c index 92cd5b271f..1dbf00faf7 100644 --- a/libs/libcurl/src/setopt.c +++ b/libs/libcurl/src/setopt.c @@ -119,8 +119,11 @@ static CURLcode setstropt_userpwd(char *option, char **userp, char **passwdp) #define C_SSLVERSION_VALUE(x) (x & 0xffff) #define C_SSLVERSION_MAX_VALUE(x) (x & 0xffff0000) -static CURLcode vsetopt(struct Curl_easy *data, CURLoption option, - va_list param) +/* + * Do not make Curl_vsetopt() static: it is called from + * packages/OS400/ccsidcurl.c. + */ +CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param) { char *argptr; CURLcode result = CURLE_OK; @@ -2371,8 +2374,7 @@ static CURLcode vsetopt(struct Curl_easy *data, CURLoption option, case CURLOPT_REDIR_PROTOCOLS: /* set the bitmask for the protocols that libcurl is allowed to follow to, as a subset of the CURLOPT_PROTOCOLS ones. That means the protocol needs - to be set in both bitmasks to be allowed to get redirected to. Defaults - to all protocols except FILE and SCP. */ + to be set in both bitmasks to be allowed to get redirected to. */ data->set.redir_protocols = va_arg(param, long); break; @@ -2770,7 +2772,7 @@ CURLcode curl_easy_setopt(struct Curl_easy *data, CURLoption tag, ...) va_start(arg, tag); - result = vsetopt(data, tag, arg); + result = Curl_vsetopt(data, tag, arg); va_end(arg); return result; diff --git a/libs/libcurl/src/setopt.h b/libs/libcurl/src/setopt.h index c658e04aeb..5e347dd66b 100644 --- a/libs/libcurl/src/setopt.h +++ b/libs/libcurl/src/setopt.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -23,7 +23,6 @@ ***************************************************************************/ CURLcode Curl_setstropt(char **charp, const char *s); -CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, - va_list arg); +CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list arg); #endif /* HEADER_CURL_SETOPT_H */ diff --git a/libs/libcurl/src/smb.c b/libs/libcurl/src/smb.c index 76c99a2301..870244cb72 100644 --- a/libs/libcurl/src/smb.c +++ b/libs/libcurl/src/smb.c @@ -785,6 +785,8 @@ static CURLcode smb_request_state(struct connectdata *conn, bool *done) case SMB_OPEN: if(h->status || smbc->got < sizeof(struct smb_nt_create_response)) { req->result = CURLE_REMOTE_FILE_NOT_FOUND; + if(h->status == smb_swap32(SMB_ERR_NOACCESS)) + req->result = CURLE_REMOTE_ACCESS_DENIED; next_state = SMB_TREE_DISCONNECT; break; } @@ -957,7 +959,6 @@ static CURLcode smb_do(struct connectdata *conn, bool *done) static CURLcode smb_parse_url_path(struct connectdata *conn) { - CURLcode result = CURLE_OK; struct Curl_easy *data = conn->data; struct smb_request *req = data->req.protop; struct smb_conn *smbc = &conn->proto.smbc; @@ -965,7 +966,8 @@ static CURLcode smb_parse_url_path(struct connectdata *conn) char *slash; /* URL decode the path */ - result = Curl_urldecode(data, data->state.up.path, 0, &path, NULL, TRUE); + CURLcode result = Curl_urldecode(data, data->state.up.path, 0, &path, NULL, + TRUE); if(result) return result; diff --git a/libs/libcurl/src/smtp.c b/libs/libcurl/src/smtp.c index 4a3462b84b..e10d0fbfc9 100644 --- a/libs/libcurl/src/smtp.c +++ b/libs/libcurl/src/smtp.c @@ -359,10 +359,8 @@ static CURLcode smtp_perform_helo(struct connectdata *conn) */ static CURLcode smtp_perform_starttls(struct connectdata *conn) { - CURLcode result = CURLE_OK; - /* Send the STARTTLS command */ - result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "STARTTLS"); + CURLcode result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "STARTTLS"); if(!result) state(conn, SMTP_STARTTLS); @@ -378,11 +376,10 @@ static CURLcode smtp_perform_starttls(struct connectdata *conn) */ static CURLcode smtp_perform_upgrade_tls(struct connectdata *conn) { - CURLcode result = CURLE_OK; - struct smtp_conn *smtpc = &conn->proto.smtpc; - /* Start the SSL connection */ - result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, &smtpc->ssldone); + struct smtp_conn *smtpc = &conn->proto.smtpc; + CURLcode result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, + &smtpc->ssldone); if(!result) { if(smtpc->state != SMTP_UPGRADETLS) @@ -645,10 +642,8 @@ static CURLcode smtp_perform_rcpt_to(struct connectdata *conn) */ static CURLcode smtp_perform_quit(struct connectdata *conn) { - CURLcode result = CURLE_OK; - /* Send the QUIT command */ - result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "QUIT"); + CURLcode result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "QUIT"); if(!result) state(conn, SMTP_QUIT); diff --git a/libs/libcurl/src/splay.h b/libs/libcurl/src/splay.h index 4612ec271f..9292f349b5 100644 --- a/libs/libcurl/src/splay.h +++ b/libs/libcurl/src/splay.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1997 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1997 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -59,10 +59,4 @@ int Curl_splayremovebyaddr(struct Curl_tree *t, ( ((i.tv_usec) < (j.tv_usec)) ? -1 : \ ( ((i.tv_usec) > (j.tv_usec)) ? 1 : 0)))) -#ifdef DEBUGBUILD -void Curl_splayprint(struct Curl_tree * t, int d, char output); -#else -#define Curl_splayprint(x,y,z) Curl_nop_stmt -#endif - #endif /* HEADER_CURL_SPLAY_H */ diff --git a/libs/libcurl/src/ssh-libssh.c b/libs/libcurl/src/ssh-libssh.c index 6cfd6bda8b..ca13376775 100644 --- a/libs/libcurl/src/ssh-libssh.c +++ b/libs/libcurl/src/ssh-libssh.c @@ -1968,11 +1968,10 @@ static CURLcode myssh_multi_statemach(struct connectdata *conn, bool *done) { struct ssh_conn *sshc = &conn->proto.sshc; - CURLcode result = CURLE_OK; bool block; /* we store the status and use that to provide a ssh_getsock() implementation */ + CURLcode result = myssh_statemach_act(conn, &block); - result = myssh_statemach_act(conn, &block); *done = (sshc->state == SSH_STOP) ? TRUE : FALSE; myssh_block2waitfor(conn, block); diff --git a/libs/libcurl/src/stdafx.cxx b/libs/libcurl/src/stdafx.cxx deleted file mode 100644 index 1647228cd0..0000000000 --- a/libs/libcurl/src/stdafx.cxx +++ /dev/null @@ -1,2 +0,0 @@ - -#include "stdafx.h"
\ No newline at end of file diff --git a/libs/libcurl/src/stdafx.h b/libs/libcurl/src/stdafx.h deleted file mode 100644 index 6f70f09bee..0000000000 --- a/libs/libcurl/src/stdafx.h +++ /dev/null @@ -1 +0,0 @@ -#pragma once diff --git a/libs/libcurl/src/system_win32.c b/libs/libcurl/src/system_win32.c index 1143fa6aae..52a5fd9519 100644 --- a/libs/libcurl/src/system_win32.c +++ b/libs/libcurl/src/system_win32.c @@ -367,6 +367,7 @@ bool Curl_verify_windows_version(const unsigned int majorVersion, */ HMODULE Curl_load_library(LPCTSTR filename) { +#ifndef CURL_WINDOWS_APP HMODULE hModule = NULL; LOADLIBRARYEX_FN pLoadLibraryEx = NULL; @@ -421,8 +422,12 @@ HMODULE Curl_load_library(LPCTSTR filename) free(path); } } - return hModule; +#else + /* the Universal Windows Platform (UWP) can't do this */ + (void)filename; + return NULL; +#endif } #endif /* WIN32 */ diff --git a/libs/libcurl/src/system_win32.h b/libs/libcurl/src/system_win32.h index c07cf1fb72..d2882fce1a 100644 --- a/libs/libcurl/src/system_win32.h +++ b/libs/libcurl/src/system_win32.h @@ -51,8 +51,8 @@ typedef enum { /* We use our own typedef here since some headers might lack this */ typedef unsigned int(WINAPI *IF_NAMETOINDEX_FN)(const char *); -/* This is used instread of if_nametoindex if available on Windows */ -IF_NAMETOINDEX_FN Curl_if_nametoindex; +/* This is used instead of if_nametoindex if available on Windows */ +extern IF_NAMETOINDEX_FN Curl_if_nametoindex; /* This is used to verify if we are running on a specific windows version */ bool Curl_verify_windows_version(const unsigned int majorVersion, diff --git a/libs/libcurl/src/transfer.c b/libs/libcurl/src/transfer.c index 514330e8c1..b9bb5f6edd 100644 --- a/libs/libcurl/src/transfer.c +++ b/libs/libcurl/src/transfer.c @@ -225,7 +225,7 @@ CURLcode Curl_fillreadbuffer(struct connectdata *conn, size_t bytes, if(data->state.trailers_state == TRAILERS_SENDING) { /* if we're here then that means that we already sent the last empty chunk but we didn't send a final CR LF, so we sent 0 CR LF. We then start - pulling trailing data until we ²have no more at which point we + pulling trailing data until we have no more at which point we simply return to the previous point in the state machine as if nothing happened. */ @@ -937,8 +937,8 @@ static CURLcode readwrite_data(struct Curl_easy *data, return CURLE_OK; } -static CURLcode done_sending(struct connectdata *conn, - struct SingleRequest *k) +CURLcode Curl_done_sending(struct connectdata *conn, + struct SingleRequest *k) { k->keepon &= ~KEEP_SEND; /* we're done writing */ @@ -1046,7 +1046,7 @@ static CURLcode readwrite_upload(struct Curl_easy *data, break; } if(nread <= 0) { - result = done_sending(conn, k); + result = Curl_done_sending(conn, k); if(result) return result; break; @@ -1164,7 +1164,7 @@ static CURLcode readwrite_upload(struct Curl_easy *data, k->upload_present = 0; /* no more bytes left */ if(k->upload_done) { - result = done_sending(conn, k); + result = Curl_done_sending(conn, k); if(result) return result; } diff --git a/libs/libcurl/src/transfer.h b/libs/libcurl/src/transfer.h index a9bff63486..da36f19f81 100644 --- a/libs/libcurl/src/transfer.h +++ b/libs/libcurl/src/transfer.h @@ -29,7 +29,6 @@ char *Curl_checkheaders(const struct connectdata *conn, void Curl_init_CONNECT(struct Curl_easy *data); CURLcode Curl_pretransfer(struct Curl_easy *data); -CURLcode Curl_second_connect(struct connectdata *conn); CURLcode Curl_posttransfer(struct Curl_easy *data); typedef enum { @@ -57,6 +56,9 @@ CURLcode Curl_retry_request(struct connectdata *conn, char **url); bool Curl_meets_timecondition(struct Curl_easy *data, time_t timeofdoc); CURLcode Curl_get_upload_buffer(struct Curl_easy *data); +CURLcode Curl_done_sending(struct connectdata *conn, + struct SingleRequest *k); + /* This sets up a forthcoming transfer */ void Curl_setup_transfer (struct Curl_easy *data, diff --git a/libs/libcurl/src/url.c b/libs/libcurl/src/url.c index eb22dcc374..2b47b235de 100644 --- a/libs/libcurl/src/url.c +++ b/libs/libcurl/src/url.c @@ -488,9 +488,8 @@ CURLcode Curl_init_userdefined(struct Curl_easy *data) define since we internally only use the lower 16 bits for the passed in bitmask to not conflict with the private bits */ set->allowed_protocols = CURLPROTO_ALL; - set->redir_protocols = CURLPROTO_ALL & /* All except FILE, SCP and SMB */ - ~(CURLPROTO_FILE | CURLPROTO_SCP | CURLPROTO_SMB | - CURLPROTO_SMBS); + set->redir_protocols = CURLPROTO_HTTP | CURLPROTO_HTTPS | CURLPROTO_FTP | + CURLPROTO_FTPS; #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) /* @@ -881,6 +880,26 @@ proxy_info_matches(const struct proxy_info* data, #define proxy_info_matches(x,y) FALSE #endif +/* A connection has to have been idle for a shorter time than 'maxage_conn' to + be subject for reuse. The success rate is just too low after this. */ + +static bool conn_maxage(struct Curl_easy *data, + struct connectdata *conn, + struct curltime now) +{ + if(!conn->data) { + timediff_t idletime = Curl_timediff(now, conn->lastused); + idletime /= 1000; /* integer seconds is fine */ + + if(idletime > data->set.maxage_conn) { + infof(data, "Too old connection (%ld seconds), disconnect it\n", + idletime); + return TRUE; + } + } + return FALSE; +} + /* * This function checks if the given connection is dead and extracts it from * the connection cache if so. @@ -897,7 +916,11 @@ static bool extract_if_dead(struct connectdata *conn, /* The check for a dead socket makes sense only if the connection isn't in use */ bool dead; - if(conn->handler->connection_check) { + struct curltime now = Curl_now(); + if(conn_maxage(data, conn, now)) { + dead = TRUE; + } + else if(conn->handler->connection_check) { /* The protocol has a special method for checking the state of the connection. Use it to check if the connection is dead. */ unsigned int state; @@ -964,25 +987,6 @@ static void prune_dead_connections(struct Curl_easy *data) } } -/* A connection has to have been idle for a shorter time than 'maxage_conn' to - be subject for reuse. The success rate is just too low after this. */ - -static bool conn_maxage(struct Curl_easy *data, - struct connectdata *conn, - struct curltime now) -{ - if(!conn->data) { - timediff_t idletime = Curl_timediff(now, conn->lastused); - idletime /= 1000; /* integer seconds is fine */ - - if(idletime/1000 > data->set.maxage_conn) { - infof(data, "Too old connection (%ld seconds), disconnect it\n", - idletime); - return TRUE; - } - } - return FALSE; -} /* * Given one filled in connection struct (named needle), this function should * detect if there already is one that has all the significant details @@ -1006,7 +1010,6 @@ ConnectionExists(struct Curl_easy *data, bool foundPendingCandidate = FALSE; bool canmultiplex = IsMultiplexingPossible(data, needle); struct connectbundle *bundle; - struct curltime now = Curl_now(); const char *hostbundle; #ifdef USE_NTLM @@ -1074,12 +1077,6 @@ ConnectionExists(struct Curl_easy *data, /* connect-only connections will not be reused */ continue; - if(conn_maxage(data, check, now) || extract_if_dead(check, data)) { - /* disconnect it */ - (void)Curl_disconnect(data, check, /* dead_connection */TRUE); - continue; - } - multiplexed = CONN_INUSE(check) && (bundle->multiuse == BUNDLE_MULTIPLEX); @@ -1673,13 +1670,6 @@ static void free_idnconverted_hostname(struct hostname *host) #endif } -static void llist_dtor(void *user, void *element) -{ - (void)user; - (void)element; - /* Do nothing */ -} - /* * Allocate and initialize a new connectdata object. */ @@ -1791,7 +1781,7 @@ static struct connectdata *allocate_conn(struct Curl_easy *data) #endif /* Initialize the easy handle list */ - Curl_llist_init(&conn->easyq, (curl_llist_dtor) llist_dtor); + Curl_llist_init(&conn->easyq, NULL); #ifdef HAVE_GSSAPI conn->data_prot = PROT_CLEAR; diff --git a/libs/libcurl/src/url.h b/libs/libcurl/src/url.h index 4db9e86532..7c87432c94 100644 --- a/libs/libcurl/src/url.h +++ b/libs/libcurl/src/url.h @@ -48,8 +48,6 @@ CURLcode Curl_open(struct Curl_easy **curl); CURLcode Curl_init_userdefined(struct Curl_easy *data); void Curl_freeset(struct Curl_easy * data); -/* free the URL pieces */ -void Curl_up_free(struct Curl_easy *data); CURLcode Curl_uc_to_curlcode(CURLUcode uc); CURLcode Curl_close(struct Curl_easy *data); /* opposite of curl_open() */ CURLcode Curl_connect(struct Curl_easy *, bool *async, bool *protocol_connect); @@ -71,7 +69,6 @@ int Curl_doing_getsock(struct connectdata *conn, CURLcode Curl_parse_login_details(const char *login, const size_t len, char **userptr, char **passwdptr, char **optionsptr); -void Curl_close_connections(struct Curl_easy *data); CURLcode Curl_upkeep(struct conncache *conn_cache, void *data); const struct Curl_handler *Curl_builtin_scheme(const char *scheme); diff --git a/libs/libcurl/src/urlapi-int.h b/libs/libcurl/src/urlapi-int.h index 5f059c203a..d14d53d97a 100644 --- a/libs/libcurl/src/urlapi-int.h +++ b/libs/libcurl/src/urlapi-int.h @@ -26,9 +26,6 @@ #define MAX_SCHEME_LEN 40 bool Curl_is_absolute_url(const char *url, char *scheme, size_t buflen); -char *Curl_concat_url(const char *base, const char *relurl); -size_t Curl_strlen_url(const char *url, bool relative); -void Curl_strcpy_url(char *output, const char *url, bool relative); #ifdef DEBUGBUILD CURLUcode Curl_parse_port(struct Curl_URL *u, char *hostname); diff --git a/libs/libcurl/src/urldata.h b/libs/libcurl/src/urldata.h index f8ba591dde..fdc185b228 100644 --- a/libs/libcurl/src/urldata.h +++ b/libs/libcurl/src/urldata.h @@ -1778,8 +1778,6 @@ struct Curl_easy { struct connectdata *conn; struct curl_llist_element connect_queue; - struct curl_llist_element sh_queue; /* list per Curl_sh_entry */ - struct Curl_sh_entry *sh_entry; /* the socket hash this was added to */ struct curl_llist_element conn_queue; /* list per connectdata */ CURLMstate mstate; /* the handle's state */ diff --git a/libs/libcurl/src/vauth/digest.c b/libs/libcurl/src/vauth/digest.c index f9cdc9dd00..8cd4d83ed3 100644 --- a/libs/libcurl/src/vauth/digest.c +++ b/libs/libcurl/src/vauth/digest.c @@ -357,7 +357,6 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, const char *service, char **outptr, size_t *outlen) { - CURLcode result = CURLE_OK; size_t i; MD5_context *ctxt; char *response = NULL; @@ -377,10 +376,12 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, char *spn = NULL; /* Decode the challenge message */ - result = auth_decode_digest_md5_message(chlg64, nonce, sizeof(nonce), - realm, sizeof(realm), - algorithm, sizeof(algorithm), - qop_options, sizeof(qop_options)); + CURLcode result = auth_decode_digest_md5_message(chlg64, nonce, + sizeof(nonce), realm, + sizeof(realm), algorithm, + sizeof(algorithm), + qop_options, + sizeof(qop_options)); if(result) return result; diff --git a/libs/libcurl/src/vtls/mesalink.c b/libs/libcurl/src/vtls/mesalink.c index 718c282ee5..7ca4f0eac5 100644 --- a/libs/libcurl/src/vtls/mesalink.c +++ b/libs/libcurl/src/vtls/mesalink.c @@ -265,7 +265,6 @@ mesalink_connect_step2(struct connectdata *conn, int sockindex) ret = SSL_connect(BACKEND->handle); if(ret != SSL_SUCCESS) { - char error_buffer[MESALINK_MAX_ERROR_SZ]; int detail = SSL_get_error(BACKEND->handle, ret); if(SSL_ERROR_WANT_CONNECT == detail || SSL_ERROR_WANT_READ == detail) { @@ -273,6 +272,7 @@ mesalink_connect_step2(struct connectdata *conn, int sockindex) return CURLE_OK; } else { + char error_buffer[MESALINK_MAX_ERROR_SZ]; failf(data, "SSL_connect failed with error %d: %s", detail, diff --git a/libs/libcurl/src/vtls/nss.c b/libs/libcurl/src/vtls/nss.c index 3125f0b709..482fd5e99a 100644 --- a/libs/libcurl/src/vtls/nss.c +++ b/libs/libcurl/src/vtls/nss.c @@ -223,9 +223,12 @@ static const cipher_s cipherlist[] = { #endif }; -#ifdef WIN32 +#if defined(WIN32) static const char *pem_library = "nsspem.dll"; static const char *trust_library = "nssckbi.dll"; +#elif defined(__APPLE__) +static const char *pem_library = "libnsspem.dylib"; +static const char *trust_library = "libnssckbi.dylib"; #else static const char *pem_library = "libnsspem.so"; static const char *trust_library = "libnssckbi.so"; @@ -578,17 +581,19 @@ static CURLcode nss_cache_crl(SECItem *crl_der) /* acquire lock before call of CERT_CacheCRL() and accessing nss_crl_list */ PR_Lock(nss_crllock); - /* store the CRL item so that we can free it in Curl_nss_cleanup() */ - if(insert_wrapped_ptr(&nss_crl_list, crl_der) != CURLE_OK) { + if(SECSuccess != CERT_CacheCRL(db, crl_der)) { + /* unable to cache CRL */ SECITEM_FreeItem(crl_der, PR_TRUE); PR_Unlock(nss_crllock); - return CURLE_OUT_OF_MEMORY; + return CURLE_SSL_CRL_BADFILE; } - if(SECSuccess != CERT_CacheCRL(db, crl_der)) { - /* unable to cache CRL */ + /* store the CRL item so that we can free it in Curl_nss_cleanup() */ + if(insert_wrapped_ptr(&nss_crl_list, crl_der) != CURLE_OK) { + if(SECSuccess == CERT_UncacheCRL(db, crl_der)) + SECITEM_FreeItem(crl_der, PR_TRUE); PR_Unlock(nss_crllock); - return CURLE_SSL_CRL_BADFILE; + return CURLE_OUT_OF_MEMORY; } /* we need to clear session cache, so that the CRL could take effect */ @@ -686,7 +691,10 @@ static CURLcode nss_load_key(struct connectdata *conn, int sockindex, tmp = SECMOD_WaitForAnyTokenEvent(pem_module, 0, 0); if(tmp) PK11_FreeSlot(tmp); - PK11_IsPresent(slot); + if(!PK11_IsPresent(slot)) { + PK11_FreeSlot(slot); + return CURLE_SSL_CERTPROBLEM; + } status = PK11_Authenticate(slot, PR_TRUE, SSL_SET_OPTION(key_passwd)); PK11_FreeSlot(slot); @@ -1421,7 +1429,7 @@ static int Curl_nss_init(void) { /* curl_global_init() is not thread-safe so this test is ok */ if(nss_initlock == NULL) { - PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 256); + PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0); nss_initlock = PR_NewLock(); nss_crllock = PR_NewLock(); nss_findslot_lock = PR_NewLock(); diff --git a/libs/libcurl/src/vtls/openssl.c b/libs/libcurl/src/vtls/openssl.c index 85e9be6161..fb9f27123e 100644 --- a/libs/libcurl/src/vtls/openssl.c +++ b/libs/libcurl/src/vtls/openssl.c @@ -75,7 +75,7 @@ #endif #if (OPENSSL_VERSION_NUMBER >= 0x0090700fL) && /* 0.9.7 or later */ \ - !defined(OPENSSL_NO_ENGINE) + !defined(OPENSSL_NO_ENGINE) && !defined(OPENSSL_NO_UI_CONSOLE) #define USE_OPENSSL_ENGINE #include <openssl/engine.h> #endif @@ -156,6 +156,10 @@ #define HAVE_X509_GET0_SIGNATURE 1 #endif +#if (OPENSSL_VERSION_NUMBER >= 0x1000200fL) /* 1.0.2 or later */ +#define HAVE_SSL_GET_SHUTDOWN 1 +#endif + #if OPENSSL_VERSION_NUMBER >= 0x10002003L && \ OPENSSL_VERSION_NUMBER <= 0x10002FFFL && \ !defined(OPENSSL_NO_COMP) @@ -1022,14 +1026,8 @@ static int Curl_ossl_init(void) ENGINE_load_builtin_engines(); #endif - /* OPENSSL_config(NULL); is "strongly recommended" to use but unfortunately - that function makes an exit() call on wrongly formatted config files - which makes it hard to use in some situations. OPENSSL_config() itself - calls CONF_modules_load_file() and we use that instead and we ignore - its return code! */ - - /* CONF_MFLAGS_DEFAULT_SECTION introduced some time between 0.9.8b and - 0.9.8e */ +/* CONF_MFLAGS_DEFAULT_SECTION was introduced some time between 0.9.8b and + 0.9.8e */ #ifndef CONF_MFLAGS_DEFAULT_SECTION #define CONF_MFLAGS_DEFAULT_SECTION 0x0 #endif @@ -3091,18 +3089,25 @@ static CURLcode get_cert_chain(struct connectdata *conn, #if defined(HAVE_X509_GET0_SIGNATURE) && defined(HAVE_X509_GET0_EXTENSIONS) { - const X509_ALGOR *palg = NULL; - ASN1_STRING *a = ASN1_STRING_new(); - if(a) { - X509_get0_signature(&psig, &palg, x); - X509_signature_print(mem, ARG2_X509_signature_print palg, a); - ASN1_STRING_free(a); - - if(palg) { - i2a_ASN1_OBJECT(mem, palg->algorithm); + const X509_ALGOR *sigalg = NULL; + X509_PUBKEY *xpubkey = NULL; + ASN1_OBJECT *pubkeyoid = NULL; + + X509_get0_signature(&psig, &sigalg, x); + if(sigalg) { + i2a_ASN1_OBJECT(mem, sigalg->algorithm); + push_certinfo("Signature Algorithm", i); + } + + xpubkey = X509_get_X509_PUBKEY(x); + if(xpubkey) { + X509_PUBKEY_get0_param(&pubkeyoid, NULL, NULL, NULL, xpubkey); + if(pubkeyoid) { + i2a_ASN1_OBJECT(mem, pubkeyoid); push_certinfo("Public Key Algorithm", i); } } + X509V3_ext(data, i, X509_get0_extensions(x)); } #else @@ -3154,7 +3159,7 @@ static CURLcode get_cert_chain(struct connectdata *conn, const BIGNUM *e; RSA_get0_key(rsa, &n, &e, NULL); - BN_print(mem, n); + BIO_printf(mem, "%d", BN_num_bits(n)); push_certinfo("RSA Public Key", i); print_pubkey_BN(rsa, n, i); print_pubkey_BN(rsa, e, i); @@ -3279,7 +3284,6 @@ static CURLcode pkp_pin_peer_pubkey(struct Curl_easy *data, X509* cert, if(len1 < 1) break; /* failed */ - /* https://www.openssl.org/docs/crypto/buffer.html */ buff1 = temp = malloc(len1); if(!buff1) break; /* failed */ @@ -3301,7 +3305,6 @@ static CURLcode pkp_pin_peer_pubkey(struct Curl_easy *data, X509* cert, result = Curl_pin_peer_pubkey(data, pinnedpubkey, buff1, len1); } while(0); - /* https://www.openssl.org/docs/crypto/buffer.html */ if(buff1) free(buff1); diff --git a/libs/libcurl/src/vtls/vtls.c b/libs/libcurl/src/vtls/vtls.c index a7452dcd53..6a0e60fb6c 100644 --- a/libs/libcurl/src/vtls/vtls.c +++ b/libs/libcurl/src/vtls/vtls.c @@ -514,7 +514,7 @@ void Curl_ssl_close_all(struct Curl_easy *data) #if defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \ defined(USE_SECTRANSP) || defined(USE_POLARSSL) || defined(USE_NSS) || \ - defined(USE_MBEDTLS) || defined(USE_CYASSL) + defined(USE_MBEDTLS) || defined(USE_WOLFSSL) int Curl_ssl_getsock(struct connectdata *conn, curl_socket_t *socks, int numsocks) { @@ -1172,8 +1172,8 @@ static const struct Curl_ssl Curl_ssl_multi = { const struct Curl_ssl *Curl_ssl = #if defined(CURL_WITH_MULTI_SSL) &Curl_ssl_multi; -#elif defined(USE_CYASSL) - &Curl_ssl_cyassl; +#elif defined(USE_WOLFSSL) + &Curl_ssl_wolfssl; #elif defined(USE_SECTRANSP) &Curl_ssl_sectransp; #elif defined(USE_GNUTLS) @@ -1197,8 +1197,8 @@ const struct Curl_ssl *Curl_ssl = #endif static const struct Curl_ssl *available_backends[] = { -#if defined(USE_CYASSL) - &Curl_ssl_cyassl, +#if defined(USE_WOLFSSL) + &Curl_ssl_wolfssl, #endif #if defined(USE_SECTRANSP) &Curl_ssl_sectransp, diff --git a/libs/libcurl/src/vtls/vtls.h b/libs/libcurl/src/vtls/vtls.h index 2a87ca1f72..173d360de8 100644 --- a/libs/libcurl/src/vtls/vtls.h +++ b/libs/libcurl/src/vtls/vtls.h @@ -103,7 +103,7 @@ CURLcode Curl_none_md5sum(unsigned char *input, size_t inputlen, #include "nssg.h" /* NSS versions */ #include "gskit.h" /* Global Secure ToolKit versions */ #include "polarssl.h" /* PolarSSL versions */ -#include "cyassl.h" /* CyaSSL versions */ +#include "wolfssl.h" /* wolfSSL versions */ #include "schannel.h" /* Schannel SSPI version */ #include "sectransp.h" /* SecureTransport (Darwin) version */ #include "mbedtls.h" /* mbedTLS versions */ diff --git a/libs/libcurl/src/vtls/cyassl.c b/libs/libcurl/src/vtls/wolfssl.c index 44a2bdda62..890bcbf797 100644 --- a/libs/libcurl/src/vtls/cyassl.c +++ b/libs/libcurl/src/vtls/wolfssl.c @@ -21,31 +21,21 @@ ***************************************************************************/ /* - * Source file for all CyaSSL-specific code for the TLS/SSL layer. No code + * Source file for all wolfSSL specific code for the TLS/SSL layer. No code * but vtls.c should ever call or use these functions. * */ #include "curl_setup.h" -#ifdef USE_CYASSL +#ifdef USE_WOLFSSL #define WOLFSSL_OPTIONS_IGNORE_SYS -/* CyaSSL's version.h, which should contain only the version, should come -before all other CyaSSL includes and be immediately followed by build config -aka options.h. https://curl.haxx.se/mail/lib-2015-04/0069.html */ -#include <cyassl/version.h> -#if defined(HAVE_CYASSL_OPTIONS_H) && (LIBCYASSL_VERSION_HEX > 0x03004008) -#if defined(CYASSL_API) || defined(WOLFSSL_API) -/* Safety measure. If either is defined some API include was already included -and that's a problem since options.h hasn't been included yet. */ -#error "CyaSSL API was included before the CyaSSL build options." -#endif -#include <cyassl/options.h> -#endif +#include <wolfssl/version.h> +#include <wolfssl/options.h> /* To determine what functions are available we rely on one or both of: - - the user's options.h generated by CyaSSL/wolfSSL + - the user's options.h generated by wolfSSL - the symbols detected by curl's configure Since they are markedly different from one another, and one or the other may not be available, we do some checking below to bring things in sync. */ @@ -61,8 +51,8 @@ and that's a problem since options.h hasn't been included yet. */ options.h, but is only seen in >= 3.6.6 since that's when they started disabling SSLv3 by default. */ #ifndef WOLFSSL_ALLOW_SSLV3 -#if (LIBCYASSL_VERSION_HEX < 0x03006006) || \ - defined(HAVE_WOLFSSLV3_CLIENT_METHOD) +#if (LIBWOLFSSL_VERSION_HEX < 0x03006006) || \ + defined(HAVE_WOLFSSLV3_CLIENT_METHOD) #define WOLFSSL_ALLOW_SSLV3 #endif #endif @@ -81,33 +71,21 @@ and that's a problem since options.h hasn't been included yet. */ #include "curl_printf.h" #include "multiif.h" -#include <cyassl/openssl/ssl.h> -#include <cyassl/ssl.h> -#ifdef HAVE_CYASSL_ERROR_SSL_H -#include <cyassl/error-ssl.h> -#else -#include <cyassl/error.h> -#endif -#include <cyassl/ctaocrypt/random.h> -#include <cyassl/ctaocrypt/sha256.h> - -#include "cyassl.h" +#include <wolfssl/openssl/ssl.h> +#include <wolfssl/ssl.h> +#include <wolfssl/error-ssl.h> +#include "wolfssl.h" /* The last #include files should be: */ #include "curl_memory.h" #include "memdebug.h" -#if LIBCYASSL_VERSION_HEX < 0x02007002 /* < 2.7.2 */ -#define CYASSL_MAX_ERROR_SZ 80 -#endif - /* KEEP_PEER_CERT is a product of the presence of build time symbol OPENSSL_EXTRA without NO_CERTS, depending on the version. KEEP_PEER_CERT is in wolfSSL's settings.h, and the latter two are build time symbols in options.h. */ #ifndef KEEP_PEER_CERT -#if defined(HAVE_CYASSL_GET_PEER_CERTIFICATE) || \ - defined(HAVE_WOLFSSL_GET_PEER_CERTIFICATE) || \ +#if defined(HAVE_WOLFSSL_GET_PEER_CERTIFICATE) || \ (defined(OPENSSL_EXTRA) && !defined(NO_CERTS)) #define KEEP_PEER_CERT #endif @@ -120,8 +98,8 @@ struct ssl_backend_data { #define BACKEND connssl->backend -static Curl_recv cyassl_recv; -static Curl_send cyassl_send; +static Curl_recv wolfssl_recv; +static Curl_send wolfssl_send; static int do_file_type(const char *type) @@ -140,7 +118,7 @@ static int do_file_type(const char *type) * layer and do all necessary magic. */ static CURLcode -cyassl_connect_step1(struct connectdata *conn, +wolfssl_connect_step1(struct connectdata *conn, int sockindex) { char *ciphers; @@ -159,7 +137,7 @@ cyassl_connect_step1(struct connectdata *conn, return CURLE_OK; if(SSL_CONN_CONFIG(version_max) != CURL_SSLVERSION_MAX_NONE) { - failf(data, "CyaSSL does not support to set maximum SSL/TLS version"); + failf(data, "wolfSSL does not support to set maximum SSL/TLS version"); return CURLE_SSL_CONNECT_ERROR; } @@ -167,11 +145,11 @@ cyassl_connect_step1(struct connectdata *conn, switch(SSL_CONN_CONFIG(version)) { case CURL_SSLVERSION_DEFAULT: case CURL_SSLVERSION_TLSv1: -#if LIBCYASSL_VERSION_HEX >= 0x03003000 /* >= 3.3.0 */ +#if LIBWOLFSSL_VERSION_HEX >= 0x03003000 /* >= 3.3.0 */ /* minimum protocol version is set later after the CTX object is created */ req_method = SSLv23_client_method(); #else - infof(data, "CyaSSL <3.3.0 cannot be configured to use TLS 1.0-1.2, " + infof(data, "wolfSSL <3.3.0 cannot be configured to use TLS 1.0-1.2, " "TLS 1.0 is used exclusively\n"); req_method = TLSv1_client_method(); #endif @@ -182,7 +160,7 @@ cyassl_connect_step1(struct connectdata *conn, req_method = TLSv1_client_method(); use_sni(TRUE); #else - failf(data, "CyaSSL does not support TLS 1.0"); + failf(data, "wolfSSL does not support TLS 1.0"); return CURLE_NOT_BUILT_IN; #endif break; @@ -200,7 +178,7 @@ cyassl_connect_step1(struct connectdata *conn, use_sni(TRUE); break; #else - failf(data, "CyaSSL: TLS 1.3 is not yet supported"); + failf(data, "wolfSSL: TLS 1.3 is not yet supported"); return CURLE_SSL_CONNECT_ERROR; #endif case CURL_SSLVERSION_SSLv3: @@ -208,12 +186,12 @@ cyassl_connect_step1(struct connectdata *conn, req_method = SSLv3_client_method(); use_sni(FALSE); #else - failf(data, "CyaSSL does not support SSLv3"); + failf(data, "wolfSSL does not support SSLv3"); return CURLE_NOT_BUILT_IN; #endif break; case CURL_SSLVERSION_SSLv2: - failf(data, "CyaSSL does not support SSLv2"); + failf(data, "wolfSSL does not support SSLv2"); return CURLE_SSL_CONNECT_ERROR; default: failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION"); @@ -237,13 +215,12 @@ cyassl_connect_step1(struct connectdata *conn, switch(SSL_CONN_CONFIG(version)) { case CURL_SSLVERSION_DEFAULT: case CURL_SSLVERSION_TLSv1: -#if LIBCYASSL_VERSION_HEX > 0x03004006 /* > 3.4.6 */ - /* Versions 3.3.0 to 3.4.6 we know the minimum protocol version is whatever - minimum version of TLS was built in and at least TLS 1.0. For later library - versions that could change (eg TLS 1.0 built in but defaults to TLS 1.1) so - we have this short circuit evaluation to find the minimum supported TLS - version. We use wolfSSL_CTX_SetMinVersion and not CyaSSL_SetMinVersion - because only the former will work before the user's CTX callback is called. +#if LIBWOLFSSL_VERSION_HEX > 0x03004006 /* > 3.4.6 */ + /* Versions 3.3.0 to 3.4.6 we know the minimum protocol version is + * whatever minimum version of TLS was built in and at least TLS 1.0. For + * later library versions that could change (eg TLS 1.0 built in but + * defaults to TLS 1.1) so we have this short circuit evaluation to find + * the minimum supported TLS version. */ if((wolfSSL_CTX_SetMinVersion(BACKEND->ctx, WOLFSSL_TLSV1) != 1) && (wolfSSL_CTX_SetMinVersion(BACKEND->ctx, WOLFSSL_TLSV1_1) != 1) && @@ -347,7 +324,7 @@ cyassl_connect_step1(struct connectdata *conn, #ifdef ENABLE_IPV6 (0 == Curl_inet_pton(AF_INET6, hostname, &addr6)) && #endif - (CyaSSL_CTX_UseSNI(BACKEND->ctx, CYASSL_SNI_HOST_NAME, hostname, + (wolfSSL_CTX_UseSNI(BACKEND->ctx, WOLFSSL_SNI_HOST_NAME, hostname, (unsigned short)hostname_len) != 1)) { infof(data, "WARNING: failed to configure server name indication (SNI) " "TLS extension\n"); @@ -357,9 +334,8 @@ cyassl_connect_step1(struct connectdata *conn, /* give application a chance to interfere with SSL set up. */ if(data->set.ssl.fsslctx) { - CURLcode result = CURLE_OK; - result = (*data->set.ssl.fsslctx)(data, BACKEND->ctx, - data->set.ssl.fsslctxp); + CURLcode result = (*data->set.ssl.fsslctx)(data, BACKEND->ctx, + data->set.ssl.fsslctxp); if(result) { failf(data, "error signaled by ssl ctx callback"); return result; @@ -367,7 +343,7 @@ cyassl_connect_step1(struct connectdata *conn, } #ifdef NO_FILESYSTEM else if(SSL_CONN_CONFIG(verifypeer)) { - failf(data, "SSL: Certificates couldn't be loaded because CyaSSL was built" + failf(data, "SSL: Certificates can't be loaded because wolfSSL was built" " with \"no filesystem\". Either disable peer verification" " (insecure) or if you are building an application with libcurl you" " can load certificates via CURLOPT_SSL_CTX_FUNCTION."); @@ -419,11 +395,11 @@ cyassl_connect_step1(struct connectdata *conn, if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, NULL, sockindex)) { /* we got a session id, use it! */ if(!SSL_set_session(BACKEND->handle, ssl_sessionid)) { - char error_buffer[CYASSL_MAX_ERROR_SZ]; + char error_buffer[WOLFSSL_MAX_ERROR_SZ]; Curl_ssl_sessionid_unlock(conn); failf(data, "SSL: SSL_set_session failed: %s", ERR_error_string(SSL_get_error(BACKEND->handle, 0), - error_buffer)); + error_buffer)); return CURLE_SSL_CONNECT_ERROR; } /* Informational message */ @@ -444,7 +420,7 @@ cyassl_connect_step1(struct connectdata *conn, static CURLcode -cyassl_connect_step2(struct connectdata *conn, +wolfssl_connect_step2(struct connectdata *conn, int sockindex) { int ret = -1; @@ -458,19 +434,19 @@ cyassl_connect_step2(struct connectdata *conn, data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] : data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]; - conn->recv[sockindex] = cyassl_recv; - conn->send[sockindex] = cyassl_send; + conn->recv[sockindex] = wolfssl_recv; + conn->send[sockindex] = wolfssl_send; /* Enable RFC2818 checks */ if(SSL_CONN_CONFIG(verifyhost)) { - ret = CyaSSL_check_domain_name(BACKEND->handle, hostname); + ret = wolfSSL_check_domain_name(BACKEND->handle, hostname); if(ret == SSL_FAILURE) return CURLE_OUT_OF_MEMORY; } ret = SSL_connect(BACKEND->handle); if(ret != 1) { - char error_buffer[CYASSL_MAX_ERROR_SZ]; + char error_buffer[WOLFSSL_MAX_ERROR_SZ]; int detail = SSL_get_error(BACKEND->handle, ret); if(SSL_ERROR_WANT_READ == detail) { @@ -490,11 +466,12 @@ cyassl_connect_step2(struct connectdata *conn, dispname); return CURLE_PEER_FAILED_VERIFICATION; #else - /* When the CyaSSL_check_domain_name() is used and you desire to continue - * on a DOMAIN_NAME_MISMATCH, i.e. 'conn->ssl_config.verifyhost == 0', - * CyaSSL version 2.4.0 will fail with an INCOMPLETE_DATA error. The only - * way to do this is currently to switch the CyaSSL_check_domain_name() - * in and out based on the 'conn->ssl_config.verifyhost' value. */ + /* When the wolfssl_check_domain_name() is used and you desire to + * continue on a DOMAIN_NAME_MISMATCH, i.e. 'conn->ssl_config.verifyhost + * == 0', CyaSSL version 2.4.0 will fail with an INCOMPLETE_DATA + * error. The only way to do this is currently to switch the + * Wolfssl_check_domain_name() in and out based on the + * 'conn->ssl_config.verifyhost' value. */ if(SSL_CONN_CONFIG(verifyhost)) { failf(data, "\tsubject alt name(s) or common name do not match \"%s\"\n", @@ -509,7 +486,7 @@ cyassl_connect_step2(struct connectdata *conn, } #endif } -#if LIBCYASSL_VERSION_HEX >= 0x02007000 /* 2.7.0 */ +#if LIBWOLFSSL_VERSION_HEX >= 0x02007000 /* 2.7.0 */ else if(ASN_NO_SIGNER_E == detail) { if(SSL_CONN_CONFIG(verifypeer)) { failf(data, "\tCA signer not available for verification\n"); @@ -545,7 +522,7 @@ cyassl_connect_step2(struct connectdata *conn, return CURLE_SSL_PINNEDPUBKEYNOTMATCH; } - x509_der = (const char *)CyaSSL_X509_get_der(x509, &x509_der_len); + x509_der = (const char *)wolfSSL_X509_get_der(x509, &x509_der_len); if(!x509_der) { failf(data, "SSL: failed retrieving ASN.1 server certificate"); return CURLE_SSL_PINNEDPUBKEYNOTMATCH; @@ -613,7 +590,7 @@ cyassl_connect_step2(struct connectdata *conn, #endif /* HAVE_ALPN */ connssl->connecting_state = ssl_connect_3; -#if (LIBCYASSL_VERSION_HEX >= 0x03009010) +#if (LIBWOLFSSL_VERSION_HEX >= 0x03009010) infof(data, "SSL connection using %s / %s\n", wolfSSL_get_version(BACKEND->handle), wolfSSL_get_cipher_name(BACKEND->handle)); @@ -626,7 +603,7 @@ cyassl_connect_step2(struct connectdata *conn, static CURLcode -cyassl_connect_step3(struct connectdata *conn, +wolfssl_connect_step3(struct connectdata *conn, int sockindex) { CURLcode result = CURLE_OK; @@ -671,14 +648,14 @@ cyassl_connect_step3(struct connectdata *conn, } -static ssize_t cyassl_send(struct connectdata *conn, +static ssize_t wolfssl_send(struct connectdata *conn, int sockindex, const void *mem, size_t len, CURLcode *curlcode) { struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - char error_buffer[CYASSL_MAX_ERROR_SZ]; + char error_buffer[WOLFSSL_MAX_ERROR_SZ]; int memlen = (len > (size_t)INT_MAX) ? INT_MAX : (int)len; int rc = SSL_write(BACKEND->handle, mem, memlen); @@ -702,7 +679,7 @@ static ssize_t cyassl_send(struct connectdata *conn, return rc; } -static void Curl_cyassl_close(struct connectdata *conn, int sockindex) +static void Curl_wolfssl_close(struct connectdata *conn, int sockindex) { struct ssl_connect_data *connssl = &conn->ssl[sockindex]; @@ -717,14 +694,14 @@ static void Curl_cyassl_close(struct connectdata *conn, int sockindex) } } -static ssize_t cyassl_recv(struct connectdata *conn, +static ssize_t wolfssl_recv(struct connectdata *conn, int num, char *buf, size_t buffersize, CURLcode *curlcode) { struct ssl_connect_data *connssl = &conn->ssl[num]; - char error_buffer[CYASSL_MAX_ERROR_SZ]; + char error_buffer[WOLFSSL_MAX_ERROR_SZ]; int buffsize = (buffersize > (size_t)INT_MAX) ? INT_MAX : (int)buffersize; int nread = SSL_read(BACKEND->handle, buf, buffsize); @@ -751,40 +728,36 @@ static ssize_t cyassl_recv(struct connectdata *conn, } -static void Curl_cyassl_session_free(void *ptr) +static void Curl_wolfssl_session_free(void *ptr) { (void)ptr; - /* CyaSSL reuses sessions on own, no free */ + /* wolfSSL reuses sessions on own, no free */ } -static size_t Curl_cyassl_version(char *buffer, size_t size) +static size_t Curl_wolfssl_version(char *buffer, size_t size) { -#if LIBCYASSL_VERSION_HEX >= 0x03006000 +#if LIBWOLFSSL_VERSION_HEX >= 0x03006000 return msnprintf(buffer, size, "wolfSSL/%s", wolfSSL_lib_version()); #elif defined(WOLFSSL_VERSION) return msnprintf(buffer, size, "wolfSSL/%s", WOLFSSL_VERSION); -#elif defined(CYASSL_VERSION) - return msnprintf(buffer, size, "CyaSSL/%s", CYASSL_VERSION); -#else - return msnprintf(buffer, size, "CyaSSL/%s", "<1.8.8"); #endif } -static int Curl_cyassl_init(void) +static int Curl_wolfssl_init(void) { - return (CyaSSL_Init() == SSL_SUCCESS); + return (wolfSSL_Init() == SSL_SUCCESS); } -static void Curl_cyassl_cleanup(void) +static void Curl_wolfssl_cleanup(void) { - CyaSSL_Cleanup(); + wolfSSL_Cleanup(); } -static bool Curl_cyassl_data_pending(const struct connectdata* conn, +static bool Curl_wolfssl_data_pending(const struct connectdata* conn, int connindex) { const struct ssl_connect_data *connssl = &conn->ssl[connindex]; @@ -799,7 +772,7 @@ static bool Curl_cyassl_data_pending(const struct connectdata* conn, * This function is called to shut down the SSL layer but keep the * socket open (CCC - Clear Command Channel) */ -static int Curl_cyassl_shutdown(struct connectdata *conn, int sockindex) +static int Curl_wolfssl_shutdown(struct connectdata *conn, int sockindex) { int retval = 0; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; @@ -813,7 +786,7 @@ static int Curl_cyassl_shutdown(struct connectdata *conn, int sockindex) static CURLcode -cyassl_connect_common(struct connectdata *conn, +wolfssl_connect_common(struct connectdata *conn, int sockindex, bool nonblocking, bool *done) @@ -841,7 +814,7 @@ cyassl_connect_common(struct connectdata *conn, return CURLE_OPERATION_TIMEDOUT; } - result = cyassl_connect_step1(conn, sockindex); + result = wolfssl_connect_step1(conn, sockindex); if(result) return result; } @@ -896,7 +869,7 @@ cyassl_connect_common(struct connectdata *conn, * ensuring that a client using select() or epoll() will always * have a valid fdset to wait on. */ - result = cyassl_connect_step2(conn, sockindex); + result = wolfssl_connect_step2(conn, sockindex); if(result || (nonblocking && (ssl_connect_2 == connssl->connecting_state || ssl_connect_2_reading == connssl->connecting_state || @@ -905,15 +878,15 @@ cyassl_connect_common(struct connectdata *conn, } /* repeat step2 until all transactions are done. */ if(ssl_connect_3 == connssl->connecting_state) { - result = cyassl_connect_step3(conn, sockindex); + result = wolfssl_connect_step3(conn, sockindex); if(result) return result; } if(ssl_connect_done == connssl->connecting_state) { connssl->state = ssl_connection_complete; - conn->recv[sockindex] = cyassl_recv; - conn->send[sockindex] = cyassl_send; + conn->recv[sockindex] = wolfssl_recv; + conn->send[sockindex] = wolfssl_send; *done = TRUE; } else @@ -926,19 +899,19 @@ cyassl_connect_common(struct connectdata *conn, } -static CURLcode Curl_cyassl_connect_nonblocking(struct connectdata *conn, +static CURLcode Curl_wolfssl_connect_nonblocking(struct connectdata *conn, int sockindex, bool *done) { - return cyassl_connect_common(conn, sockindex, TRUE, done); + return wolfssl_connect_common(conn, sockindex, TRUE, done); } -static CURLcode Curl_cyassl_connect(struct connectdata *conn, int sockindex) +static CURLcode Curl_wolfssl_connect(struct connectdata *conn, int sockindex) { CURLcode result; bool done = FALSE; - result = cyassl_connect_common(conn, sockindex, FALSE, &done); + result = wolfssl_connect_common(conn, sockindex, FALSE, &done); if(result) return result; @@ -947,43 +920,43 @@ static CURLcode Curl_cyassl_connect(struct connectdata *conn, int sockindex) return CURLE_OK; } -static CURLcode Curl_cyassl_random(struct Curl_easy *data, +static CURLcode Curl_wolfssl_random(struct Curl_easy *data, unsigned char *entropy, size_t length) { RNG rng; (void)data; - if(InitRng(&rng)) + if(wc_InitRng(&rng)) return CURLE_FAILED_INIT; if(length > UINT_MAX) return CURLE_FAILED_INIT; - if(RNG_GenerateBlock(&rng, entropy, (unsigned)length)) + if(wc_RNG_GenerateBlock(&rng, entropy, (unsigned)length)) return CURLE_FAILED_INIT; - if(FreeRng(&rng)) + if(wc_FreeRng(&rng)) return CURLE_FAILED_INIT; return CURLE_OK; } -static CURLcode Curl_cyassl_sha256sum(const unsigned char *tmp, /* input */ +static CURLcode Curl_wolfssl_sha256sum(const unsigned char *tmp, /* input */ size_t tmplen, unsigned char *sha256sum /* output */, size_t unused) { Sha256 SHA256pw; (void)unused; - InitSha256(&SHA256pw); - Sha256Update(&SHA256pw, tmp, (word32)tmplen); - Sha256Final(&SHA256pw, sha256sum); + wc_InitSha256(&SHA256pw); + wc_Sha256Update(&SHA256pw, tmp, (word32)tmplen); + wc_Sha256Final(&SHA256pw, sha256sum); return CURLE_OK; } -static void *Curl_cyassl_get_internals(struct ssl_connect_data *connssl, +static void *Curl_wolfssl_get_internals(struct ssl_connect_data *connssl, CURLINFO info UNUSED_PARAM) { (void)info; return BACKEND->handle; } -const struct Curl_ssl Curl_ssl_cyassl = { +const struct Curl_ssl Curl_ssl_wolfssl = { { CURLSSLBACKEND_WOLFSSL, "WolfSSL" }, /* info */ #ifdef KEEP_PEER_CERT @@ -993,26 +966,26 @@ const struct Curl_ssl Curl_ssl_cyassl = { sizeof(struct ssl_backend_data), - Curl_cyassl_init, /* init */ - Curl_cyassl_cleanup, /* cleanup */ - Curl_cyassl_version, /* version */ + Curl_wolfssl_init, /* init */ + Curl_wolfssl_cleanup, /* cleanup */ + Curl_wolfssl_version, /* version */ Curl_none_check_cxn, /* check_cxn */ - Curl_cyassl_shutdown, /* shutdown */ - Curl_cyassl_data_pending, /* data_pending */ - Curl_cyassl_random, /* random */ + Curl_wolfssl_shutdown, /* shutdown */ + Curl_wolfssl_data_pending, /* data_pending */ + Curl_wolfssl_random, /* random */ Curl_none_cert_status_request, /* cert_status_request */ - Curl_cyassl_connect, /* connect */ - Curl_cyassl_connect_nonblocking, /* connect_nonblocking */ - Curl_cyassl_get_internals, /* get_internals */ - Curl_cyassl_close, /* close_one */ + Curl_wolfssl_connect, /* connect */ + Curl_wolfssl_connect_nonblocking, /* connect_nonblocking */ + Curl_wolfssl_get_internals, /* get_internals */ + Curl_wolfssl_close, /* close_one */ Curl_none_close_all, /* close_all */ - Curl_cyassl_session_free, /* session_free */ + Curl_wolfssl_session_free, /* session_free */ Curl_none_set_engine, /* set_engine */ Curl_none_set_engine_default, /* set_engine_default */ Curl_none_engines_list, /* engines_list */ Curl_none_false_start, /* false_start */ Curl_none_md5sum, /* md5sum */ - Curl_cyassl_sha256sum /* sha256sum */ + Curl_wolfssl_sha256sum /* sha256sum */ }; #endif diff --git a/libs/libcurl/src/vtls/cyassl.h b/libs/libcurl/src/vtls/wolfssl.h index 01e11cc23a..2b9673c0fe 100644 --- a/libs/libcurl/src/vtls/cyassl.h +++ b/libs/libcurl/src/vtls/wolfssl.h @@ -1,5 +1,5 @@ -#ifndef HEADER_CURL_CYASSL_H -#define HEADER_CURL_CYASSL_H +#ifndef HEADER_CURL_WOLFSSL_H +#define HEADER_CURL_WOLFSSL_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -23,9 +23,9 @@ ***************************************************************************/ #include "curl_setup.h" -#ifdef USE_CYASSL +#ifdef USE_WOLFSSL -extern const struct Curl_ssl Curl_ssl_cyassl; +extern const struct Curl_ssl Curl_ssl_wolfssl; -#endif /* USE_CYASSL */ -#endif /* HEADER_CURL_CYASSL_H */ +#endif /* USE_WOLFSSL */ +#endif /* HEADER_CURL_WOLFSSL_H */ diff --git a/libs/libcurl/src/x509asn1.c b/libs/libcurl/src/x509asn1.c index 0c1256ba89..ece5364d8a 100644 --- a/libs/libcurl/src/x509asn1.c +++ b/libs/libcurl/src/x509asn1.c @@ -23,7 +23,7 @@ #include "curl_setup.h" #if defined(USE_GSKIT) || defined(USE_NSS) || defined(USE_GNUTLS) || \ - defined(USE_CYASSL) || defined(USE_SCHANNEL) + defined(USE_WOLFSSL) || defined(USE_SCHANNEL) #include <curl/curl.h> #include "urldata.h" @@ -1104,7 +1104,7 @@ CURLcode Curl_extract_certinfo(struct connectdata *conn, return CURLE_OK; } -#endif /* USE_GSKIT or USE_NSS or USE_GNUTLS or USE_CYASSL or USE_SCHANNEL */ +#endif /* USE_GSKIT or USE_NSS or USE_GNUTLS or USE_WOLFSSL or USE_SCHANNEL */ #if defined(USE_GSKIT) diff --git a/libs/libcurl/src/x509asn1.h b/libs/libcurl/src/x509asn1.h index ce40297927..205fdc0d71 100644 --- a/libs/libcurl/src/x509asn1.h +++ b/libs/libcurl/src/x509asn1.h @@ -8,7 +8,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -26,7 +26,7 @@ #include "curl_setup.h" #if defined(USE_GSKIT) || defined(USE_NSS) || defined(USE_GNUTLS) || \ - defined(USE_CYASSL) || defined(USE_SCHANNEL) + defined(USE_WOLFSSL) || defined(USE_SCHANNEL) #include "urldata.h" @@ -130,5 +130,5 @@ CURLcode Curl_extract_certinfo(struct connectdata *conn, int certnum, const char *beg, const char *end); CURLcode Curl_verifyhost(struct connectdata *conn, const char *beg, const char *end); -#endif /* USE_GSKIT or USE_NSS or USE_GNUTLS or USE_CYASSL or USE_SCHANNEL */ +#endif /* USE_GSKIT or USE_NSS or USE_GNUTLS or USE_WOLFSSL or USE_SCHANNEL */ #endif /* HEADER_CURL_X509ASN1_H */ |