diff options
Diffstat (limited to 'libs')
26 files changed, 780 insertions, 670 deletions
diff --git a/libs/libcurl/docs/CHANGES b/libs/libcurl/docs/CHANGES index 0715ca0d36..945a790b24 100644 --- a/libs/libcurl/docs/CHANGES +++ b/libs/libcurl/docs/CHANGES @@ -6,6 +6,472 @@ Changelog +Version 7.65.1 (4 Jun 2019) + +Daniel Stenberg (4 Jun 2019) +- RELEASE-NOTES: 7.65.1 + +- THANKS: new contributors from 7.65.1 + +Steve Holme (4 Jun 2019) +- [Frank Gevaerts brought this change] + + ssl: Update outdated "openssl-only" comments for supported backends + + These are for features that used to be openssl-only but were expanded + over time to support other SSL backends. + + Closes #3985 + +Daniel Stenberg (4 Jun 2019) +- curl_share_setopt.3: improve wording [ci ship] + + Reported-by: Carlos ORyan + +Steve Holme (4 Jun 2019) +- tool_parsecfg: Use correct return type for GetModuleFileName() + + GetModuleFileName() returns a DWORD which is a typedef of an unsigned + long and not an int. + + Closes #3980 + +Daniel Stenberg (3 Jun 2019) +- TODO: "at least N milliseconds between requests" [ci skip] + + Suggested-by: dkwolfe4 on github + Closes #3920 + +Steve Holme (2 Jun 2019) +- tests/server/.gitignore: Add socksd to the ignore list + + Missed in 04fd6755. + + Closes #3978 + +- tool_parsecfg: Fix control flow issue (DEADCODE) + + Follow-up to 8144ba38. + + Detected by Coverity CID 1445663 + Closes #3976 + +Daniel Stenberg (2 Jun 2019) +- [Sergey Ogryzkov brought this change] + + NTLM: reset proxy "multipass" state when CONNECT request is done + + Closes #3972 + +- test334: verify HTTP 204 response with chunked coding header + + Verifies that a bodyless response don't parse this content-related + header. + +- [Michael Kaufmann brought this change] + + http: don't parse body-related headers bodyless responses + + Responses with status codes 1xx, 204 or 304 don't have a response body. For + these, don't parse these headers: + + - Content-Encoding + - Content-Length + - Content-Range + - Last-Modified + - Transfer-Encoding + + This change ensures that HTTP/2 upgrades work even if a + "Content-Length: 0" or a "Transfer-Encoding: chunked" header is present. + + Co-authored-by: Daniel Stenberg + Closes #3702 + Fixes #3968 + Closes #3977 + +- tls13-docs: mention it is only for OpenSSL >= 1.1.1 + + Reported-by: Jay Satiro + Co-authored-by: Jay Satiro + Fixes #3938 + Closes #3946 + +- dump-header.d: spell out that no headers == empty file [ci skip] + + Reported-by: wesinator at github + Fixes #3964 + Closes #3974 + +- singlesocket: use separate variable for inner loop + + An inner loop within the singlesocket() function wrongly re-used the + variable for the outer loop which then could cause an infinite + loop. Change to using a separate variable! + + Reported-by: Eric Wu + Fixes #3970 + Closes #3973 + +- RELEASE-NOTES: synced + +- [Josie Huddleston brought this change] + + http2: Stop drain from being permanently set on + + Various functions called within Curl_http2_done() can have the + side-effect of setting the Easy connection into drain mode (by calling + drain_this()). However, the last time we unset this for a transfer (by + calling drained_transfer()) is at the beginning of Curl_http2_done(). + If the Curl_easy is reused for another transfer, it is then stuck in + drain mode permanently, which in practice makes it unable to write any + data in the new transfer. + + This fix moves the last call to drained_transfer() to later in + Curl_http2_done(), after the functions that could potentially call for a + drain. + + Fixes #3966 + Closes #3967 + Reported-by: Josie-H + +Steve Holme (29 May 2019) +- conncache: Remove the DEBUGASSERT on length check + + We trust the calling code as this is an internal function. + + Closes #3962 + +Jay Satiro (29 May 2019) +- [Gisle Vanem brought this change] + + system_win32: fix function prototype + + - Change if_nametoindex parameter type from char * to const char *. + + Follow-up to 09eef8af from this morning. + + Bug: https://github.com/curl/curl/commit/09eef8af#r33716067 + +Marcel Raad (29 May 2019) +- appveyor: add Visual Studio solution build + + Closes https://github.com/curl/curl/pull/3941 + +- appveyor: add support for other build systems + + Introduce BUILD_SYSTEM variable, which is currently always CMake. + + Closes https://github.com/curl/curl/pull/3941 + +Steve Holme (29 May 2019) +- url: Load if_nametoindex() dynamically from iphlpapi.dll on Windows + + This fixes the static dependency on iphlpapi.lib and allows curl to + build for targets prior to Windows Vista. + + This partially reverts 170bd047. + + Fixes #3960 + Closes #3958 + +Daniel Stenberg (29 May 2019) +- http: fix "error: equality comparison with extraneous parentheses" + +- parse_proxy: make sure portptr is initialized + + Reported-by: Benbuck Nason + + fixes #3959 + +- url: default conn->port to the same as conn->remote_port + + ... so that it has a sensible value when ConnectionExists() is called which + needs it set to differentiate host "bundles" correctly on port number! + + Also, make conncache:hashkey() use correct port for bundles that are proxy vs + host connections. + + Probably a regression from 7.62.0 + + Reported-by: Tom van der Woerdt + Fixes #3956 + Closes #3957 + +- conncache: make "bundles" per host name when doing proxy tunnels + + Only HTTP proxy use where multiple host names can be used over the same + connection should use the proxy host name for bundles. + + Reported-by: Tom van der Woerdt + Fixes #3951 + Closes #3955 + +- multi: track users of a socket better + + They need to be removed from the socket hash linked list with more care. + + When sh_delentry() is called to remove a sockethash entry, remove all + individual transfers from the list first. To enable this, each Curl_easy struct + now stores a pointer to the sockethash entry to know how to remove itself. + + Reported-by: Tom van der Woerdt and Kunal Ekawde + + Fixes #3952 + Fixes #3904 + Closes #3953 + +Steve Holme (28 May 2019) +- curl-win32.h: Enable Unix Domain Sockets based on the Windows SDK version + + Microsoft added support for Unix Domain Sockets in Windows 10 1803 + (RS4). Rather than expect the user to enable Unix Domain Sockets by + uncommenting the #define that was added in 0fd6221f we use the RS4 + pre-processor variable that is present in newer versions of the + Windows SDK. + + Closes #3939 + +Daniel Stenberg (28 May 2019) +- [Jonas Vautherin brought this change] + + cmake: support CMAKE_OSX_ARCHITECTURES when detecting SIZEOF variables + + Closes #3945 + +Marcel Raad (27 May 2019) +- HAProxy tests: add keywords + + Add the proxy and haproxy keywords in order to be able to exclude or + run these specific tests. + + Closes https://github.com/curl/curl/pull/3949 + +Daniel Stenberg (27 May 2019) +- [Maksim Stsepanenka brought this change] + + tests: make test 1420 and 1406 work with rtsp-disabled libcurl + + Closes #3948 + +Kamil Dudka (27 May 2019) +- [Hubert Kario brought this change] + + nss: allow to specify TLS 1.3 ciphers if supported by NSS + + Closes #3916 + +Daniel Stenberg (26 May 2019) +- RELEASE-NOTES: synced + +- [Jay Satiro brought this change] + + Revert all SASL authzid (new feature) commits + + - Revert all commits related to the SASL authzid feature since the next + release will be a patch release, 7.65.1. + + Prior to this change CURLOPT_SASL_AUTHZID / --sasl-authzid was destined + for the next release, assuming it would be a feature release 7.66.0. + However instead the next release will be a patch release, 7.65.1 and + will not contain any new features. + + After the patch release after the reverted commits can be restored by + using cherry-pick: + + git cherry-pick a14d72c a9499ff 8c1cc36 c2a8d52 0edf690 + + Details for all reverted commits: + + Revert "os400: take care of CURLOPT_SASL_AUTHZID in curl_easy_setopt_ccsid()." + + This reverts commit 0edf6907ae37e2020722e6f61229d8ec64095b0a. + + Revert "tests: Fix the line endings for the SASL alt-auth tests" + + This reverts commit c2a8d52a1356a722ff9f4aeb983cd4eaf80ef221. + + Revert "examples: Added SASL PLAIN authorisation identity (authzid) examples" + + This reverts commit 8c1cc369d0c7163c6dcc91fd38edfea1f509ae75. + + Revert "curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool" + + This reverts commit a9499ff136d89987af885e2d7dff0a066a3e5817. + + Revert "sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID" + + This reverts commit a14d72ca2fec5d4eb5a043936e4f7ce08015c177. + +- [dbrowndan brought this change] + + FAQ: more minor updates and spelling fixes + + Closes #3937 + +- RELEASE-NOTES: synced + +- sectransp: handle errSSLPeerAuthCompleted from SSLRead() + + Reported-by: smuellerDD on github + Fixes #3932 + Closes #3933 + +GitHub (24 May 2019) +- [Gisle Vanem brought this change] + + Fix typo. + +Daniel Stenberg (23 May 2019) +- tool_setopt: for builds with disabled-proxy, skip all proxy setopts() + + Reported-by: Marcel Raad + Fixes #3926 + Closes #3929 + +Steve Holme (23 May 2019) +- winbuild: Use two space indentation + + Closes #3930 + +GitHub (23 May 2019) +- [Gisle Vanem brought this change] + + tool_parse_cfg: Avoid 2 fopen() for WIN32 + + Using the memdebug.h mem-leak feature, I noticed 2 calls like: + FILE tool_parsecfg.c:70 fopen("c:\Users\Gisle\AppData\Roaming\_curlrc","rt") + FILE tool_parsecfg.c:114 fopen("c:\Users\Gisle\AppData\Roaming\_curlrc","rt") + + No need for 'fopen(), 'fclose()' and a 'fopen()' yet again. + +Daniel Stenberg (23 May 2019) +- md4: include the mbedtls config.h to get the MD4 info + +- md4: build correctly with openssl without MD4 + + Reported-by: elsamuko at github + Fixes #3921 + Closes #3922 + +Patrick Monnerat (23 May 2019) +- os400: take care of CURLOPT_SASL_AUTHZID in curl_easy_setopt_ccsid(). + +Daniel Stenberg (23 May 2019) +- .github/FUNDING: mention our opencollective "home" [ci skip] + +Marcel Raad (23 May 2019) +- [Zenju brought this change] + + config-win32: add support for if_nametoindex and getsockname + + Closes https://github.com/curl/curl/pull/3923 + +Jay Satiro (23 May 2019) +- tests: Fix the line endings for the SASL alt-auth tests + + - Change data and protocol sections to CRLF line endings. + + Prior to this change the tests would fail or hang, which is because + certain sections such as protocol require CRLF line endings. + + Follow-up to a9499ff from today which added the tests. + + Ref: https://github.com/curl/curl/pull/3790 + +Daniel Stenberg (23 May 2019) +- url: fix bad #ifdef + + Regression since e91e48161235272ff485. + + Reported-by: Tom Greenslade + Fixes #3924 + Closes #3925 + +- Revert "progress: CURL_DISABLE_PROGRESS_METER" + + This reverts commit 3b06e68b7734cb10a555f9d7e804dd5d808236a4. + + Clearly this change wasn't good enough as it broke CURLOPT_LOW_SPEED_LIMIT + + CURLOPT_LOW_SPEED_TIME + + Reported-by: Dave Reisner + + Fixes #3927 + Closes #3928 + +Steve Holme (22 May 2019) +- examples: Added SASL PLAIN authorisation identity (authzid) examples + +- curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool + +- sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID + + Added the ability for the calling program to specify the authorisation + identity (authzid), the identity to act as, in addition to the + authentication identity (authcid) and password when using SASL PLAIN + authentication. + + Fixed #3653 + Closes #3790 + +Marc Hoersken (22 May 2019) +- tests: add support to test against OpenSSH for Windows + + Testing against OpenSSH for Windows requires v7.7.0.0 or newer + due to the use of AllowUsers and DenyUsers. For more info see: + https://github.com/PowerShell/Win32-OpenSSH/wiki/sshd_config + +Daniel Stenberg (22 May 2019) +- bump: start on the next release + +Marcel Raad (22 May 2019) +- examples: fix "clarify calculation precedence" warnings + + Closes https://github.com/curl/curl/pull/3919 + +- hiperfifo: remove unused variable + + Closes https://github.com/curl/curl/pull/3919 + +- examples: remove dead variable stores + + Closes https://github.com/curl/curl/pull/3919 + +- examples: reduce variable scopes + + Closes https://github.com/curl/curl/pull/3919 + +- http2-download: fix format specifier + + Closes https://github.com/curl/curl/pull/3919 + +Daniel Stenberg (22 May 2019) +- PolarSSL: deprecate support step 1. Removed from configure. + + Also removed mentions from most docs. + + Discussed: https://curl.haxx.se/mail/lib-2019-05/0045.html + + Closes #3888 + +- configure/cmake: check for if_nametoindex() + + - adds the check to cmake + + - fixes the configure check to work for cross-compiled windows builds + + Closes #3917 + +- parse_proxy: use the IPv6 zone id if given + + If the proxy string is given as an IPv6 numerical address with a zone + id, make sure to use that for the connect to the proxy. + + Reported-by: Edmond Yu + + Fixes #3482 + Closes #3918 + Version 7.65.0 (22 May 2019) Daniel Stenberg (22 May 2019) @@ -7444,461 +7910,3 @@ Daniel Stenberg (21 Aug 2018) Fixes #2882 Closes #2887 Researched-by: Michael Kaufmann - -- test1268: check the stderr output as "text" - - Follow-up to 099f37e9c57 - - Pointed-out-by: Marcel Raad - -- urldata: remove unused pipe_broke struct field - - This struct field is never set TRUE in any existing code path. This - change removes the field completely. - - Closes #2871 - -- curl: warn the user if a given file name looks like an option - - ... simply because this is usually a sign of the user having omitted the - file name and the next option is instead "eaten" by the parser as a file - name. - - Add test1268 to verify - - Closes #2885 - -- http2: check nghttp2_session_set_stream_user_data return code - - Might help bug #2688 debugging - - Closes #2880 - -- travis: revert back to gcc-7 for coverage builds - - ... since the gcc-8 ones seem to fail frequently. - - Follow-up from b85207199544ca - - Closes #2886 - -- RELEASE-NOTES: synced - - ... and now listed in alphabetical order! - -- [Adrien brought this change] - - CMake: CMake config files are defining CURL_STATICLIB for static builds - - This change allows to use the CMake config files generated by Curl's - CMake scripts for static builds of the library. - The symbol CURL_STATIC lib must be defined to compile downstream, - thus the config package is the perfect place to do so. - - Fixes #2817 - Closes #2823 - Reported-by: adnn on github - Reviewed-by: Sergei Nikulov - -- TODO: host name sections in config files - -Kamil Dudka (14 Aug 2018) -- ssh-libssh: fix infinite connect loop on invalid private key - - Added test 656 (based on test 604) to verify the fix. - - Bug: https://bugzilla.redhat.com/1595135 - - Closes #2879 - -- ssh-libssh: reduce excessive verbose output about pubkey auth - - The verbose message "Authentication using SSH public key file" was - printed each time the ssh_userauth_publickey_auto() was called, which - meant each time a packet was transferred over network because the API - operates in non-blocking mode. - - This patch makes sure that the verbose message is printed just once - (when the authentication state is entered by the SSH state machine). - -Daniel Stenberg (14 Aug 2018) -- travis: disable h2 torture tests for "coverage" - - Since they started to fail almost 100% since a few days. - - Closes #2876 - -Marcel Raad (14 Aug 2018) -- travis: update to GCC 8 - - Closes https://github.com/curl/curl/pull/2869 - -Daniel Stenberg (13 Aug 2018) -- http: fix for tiny "HTTP/0.9" response - - Deal with tiny "HTTP/0.9" (header-less) responses by checking the - status-line early, even before a full "HTTP/" is received to allow - detecting 0.9 properly. - - Test 1266 and 1267 added to verify. - - Fixes #2420 - Closes #2872 - -Kamil Dudka (13 Aug 2018) -- docs: add disallow-username-in-url.d and haproxy-protocol.d on the list - - ... to make make the files appear in distribution tarballs - - Closes #2856 - -- .travis.yml: verify that man pages can be regenerated - - ... when curl is built from distribution tarball - - Closes #2856 - -Marcel Raad (11 Aug 2018) -- Split non-portable part off test 1133 - - Split off testing file names with double quotes into new test 1158. - Disable it for MSYS using a precheck as it doesn't support file names - with double quotes (but Cygwin does, for example). - - Fixes https://github.com/curl/curl/issues/2796 - Closes https://github.com/curl/curl/pull/2854 - -Jay Satiro (11 Aug 2018) -- projects: Improve Windows perl detection in batch scripts - - - Determine if perl is in the user's PATH by running perl.exe. - - Prior to this change detection was done by checking the PATH for perl/ - but that did not work in all cases (eg git install includes perl but - not in perl/ path). - - Bug: https://github.com/curl/curl/pull/2865 - Reported-by: Daniel Jeliński - -- [Michael Kaufmann brought this change] - - docs: Improve the manual pages of some callbacks - - - CURLOPT_HEADERFUNCTION: add newlines - - CURLOPT_INTERLEAVEFUNCTION: fix the description of 'userdata' - - CURLOPT_READDATA: mention crashes, same as in CURLOPT_WRITEDATA - - CURLOPT_READFUNCTION: rename 'instream' to 'userdata' and explain - how to set it - - Closes https://github.com/curl/curl/pull/2868 - -Marcel Raad (11 Aug 2018) -- GCC: silence -Wcast-function-type uniformly - - Pointed-out-by: Rikard Falkeborn - Closes https://github.com/curl/curl/pull/2860 - -- Silence GCC 8 cast-function-type warnings - - On Windows, casting between unrelated function types is fine and - sometimes even necessary, so just use an intermediate cast to - (void (*) (void)) to silence the warning as described in [0]. - - [0] https://gcc.gnu.org/onlinedocs/gcc-8.1.0/gcc/Warning-Options.html - - Closes https://github.com/curl/curl/pull/2860 - -Daniel Stenberg (11 Aug 2018) -- CURLINFO_SIZE_UPLOAD: fix missing counter update - - Adds test 1522 for verification. - - Reported-by: cjmsoregan - Fixes #2847 - Closes #2864 - -- [Daniel Jelinski brought this change] - - Documentation: fix CURLOPT_SSH_COMPRESSION copy/paste bug - - Closes #2867 - -- RELEASE-NOTES: synced - -- openssl: fix potential NULL pointer deref in is_pkcs11_uri - - Follow-up to 298d2565e - Coverity CID 1438387 - -Marcel Raad (10 Aug 2018) -- travis: execute "set -eo pipefail" for coverage build - - Follow-up to 2de63ab179eb78630ee039ad94fb2a5423df522d and - 0b87c963252d3504552ee0c8cf4402bd65a80af5. - - Closes https://github.com/curl/curl/pull/2862 - -Daniel Stenberg (10 Aug 2018) -- lib1502: fix memory leak in torture test - - Reported-by: Marcel Raad - Fixes #2861 - Closes #2863 - -- docs: mention NULL is fine input to several functions - - Fixes #2837 - Closes #2858 - Reported-by: Markus Elfring - -- [Bas van Schaik brought this change] - - README.md: add LGTM.com code quality grade for C/C++ - - Closes #2857 - -- [Rikard Falkeborn brought this change] - - test1531: Add timeout - - Previously, the macro TEST_HANG_TIMEOUT was unused, but since there is - looping going on, we might as well add timing instead of removing it. - - Closes #2853 - -- [Rikard Falkeborn brought this change] - - test1540: Remove unused macro TEST_HANG_TIMEOUT - - The macro has never been used, and it there is not really any place - where it would make sense to add timing checks. - - Closes #2852 - -- [Rikard Falkeborn brought this change] - - asyn-thread: Remove unused macro - - The macro seems to never have been used. - - Closes #2852 - -- [Rikard Falkeborn brought this change] - - http_proxy: Remove unused macro SELECT_TIMEOUT - - Usage was removed in 5113ad0424044458ac497fa1458ebe0101356b22. - - Closes #2852 - -- [Rikard Falkeborn brought this change] - - formdata: Remove unused macro HTTPPOST_CONTENTTYPE_DEFAULT - - Its usage was removed in - 84ad1fd3047815f9c6e78728bb351b828eac10b1. - - Closes #2852 - -- [Rikard Falkeborn brought this change] - - telnet: Remove unused macros TELOPTS and TELCMDS - - Their usage was removed in 3a145180cc754a5959ca971ef3cd243c5c83fc51. - - Closes #2852 - -- [Daniel Jelinski brought this change] - - openssl: fix debug messages - - Fixes #2806 - Closes #2843 - -- configure: fix for -lpthread detection with OpenSSL and pkg-config - - ... by making sure it uses the -I provided by pkg-config! - - Reported-by: pszemus on github - Fixes #2848 - Closes #2850 - -- RELEASE-NOTES: synced - -- windows: follow up to the buffer-tuning 1ba1dba7 - - Somehow I didn't include the amended version of the previous fix. This - is the missing piece. - - Pointed-out-by: Viktor Szakats - -- [Daniel Jelinski brought this change] - - windows: implement send buffer tuning - - Significantly enhances upload performance on modern Windows versions. - - Bug: https://curl.haxx.se/mail/lib-2018-07/0080.html - Closes #2762 - Fixes #2224 - -- [Anderson Toshiyuki Sasaki brought this change] - - ssl: set engine implicitly when a PKCS#11 URI is provided - - This allows the use of PKCS#11 URI for certificates and keys without - setting the corresponding type as "ENG" and the engine as "pkcs11" - explicitly. If a PKCS#11 URI is provided for certificate, key, - proxy_certificate or proxy_key, the corresponding type is set as "ENG" - if not provided and the engine is set to "pkcs11" if not provided. - - Acked-by: Nikos Mavrogiannopoulos - Closes #2333 - -- [Ruslan Baratov brought this change] - - CMake: Respect BUILD_SHARED_LIBS - - Use standard CMake variable BUILD_SHARED_LIBS instead of introducing - custom option CURL_STATICLIB. - - Use '-DBUILD_SHARED_LIBS=%SHARED%' in appveyor.yml. - - Reviewed-by: Sergei Nikulov - Closes #2755 - -- [John Butterfield brought this change] - - cmake: bumped minimum version to 3.4 - - Closes #2753 - -- [John Butterfield brought this change] - - cmake: link curl to the OpenSSL targets instead of lib absolute paths - - Reviewed-by: Jakub Zakrzewski - Reviewed-by: Sergei Nikulov - Closes #2753 - -- travis: build darwinssl on macos 10.12 - - ... as building on 10.13.x before 10.13.4 leads to link errors. - - Assisted-by: Nick Zitzmann - Fixes #2835 - Closes #2845 - -- DEPRECATE: remove release date from 7.62.0 - - Since it will slip and the version is the important part there, not the - date. - -- lib/Makefile: only do symbol hiding if told to - - This restores the ability to build a static lib with - --disable-symbol-hiding to keep non-curl_ symbols. - - Researched-by: Dan Fandrich - Reported-by: Ran Mozes - Fixes #2830 - Closes #2831 - -Marcel Raad (2 Aug 2018) -- hostip: fix unused variable warning - - addresses is only used in an infof call, which is a macro expanding to - nothing if CURL_DISABLE_VERBOSE_STRINGS is set. - -Daniel Stenberg (2 Aug 2018) -- test1307: disabled - - Turns out that since we're using the native fnmatch function now when - available, and they simply disagree on a huge number of test patterns - that make it hard to test this function like this... - - Fixes #2825 - -- smb: don't mark it done in smb_do - - Follow-up to 09e401e01bf9. The SMB protocol handler needs to use its - doing function too, which requires smb_do() to not mark itself as - done... - - Closes #2822 - -- [Rikard Falkeborn brought this change] - - general: fix printf specifiers - - Closes #2818 - -- RELEASE-NOTES: synced - -- mailmap: Daniel Jelinski - -- [Harry Sintonen brought this change] - - HTTP: Don't attempt to needlessly decompress redirect body - - This change fixes a regression where redirect body would needlessly be - decompressed even though it was to be ignored anyway. As it happens this - causes secondary issues since there appears to be a bug in apache2 that - it in certain conditions generates a corrupt zlib response. The - regression was created by commit: - dbcced8e32b50c068ac297106f0502ee200a1ebd - - Discovered-by: Harry Sintonen - Closes #2798 - -- curl: use Content-Disposition before the "URL end" for -OJ - - Regression introduced in 7.61.0 - - Reported-by: Thomas Klausner - Fixes #2783 - Closes #2813 - -- [Daniel Jelinski brought this change] - - retry: return error if rewind was necessary but didn't happen - - Fixes #2801 - Closes #2812 - -- http2: clear the drain counter in Curl_http2_done - - Reported-by: Andrei Virtosu - Fixes #2800 - Closes #2809 - -- smb: fix memory leak on early failure - - ... by making sure connection related data (->share) is stored in the - connection and not in the easy handle. - - Detected by OSS-fuzz - Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9369 - Fixes #2769 - Closes #2810 - -- travis: run a 'make checksrc' too - - ... to make sure the examples are all checked. - - Closes #2811 - -Jay Satiro (29 Jul 2018) -- examples/ephiperfifo: checksrc compliance - -- [Michael Kaufmann brought this change] - - sws: handle EINTR when calling select() - - Closes https://github.com/curl/curl/pull/2808 - -Daniel Stenberg (29 Jul 2018) -- test1157: follow-up to 35ecffb9 - - Ignore the user-agent line. - Pointed-out-by: Marcel Raad diff --git a/libs/libcurl/docs/THANKS b/libs/libcurl/docs/THANKS index abad9619f3..ef4d7a3c65 100644 --- a/libs/libcurl/docs/THANKS +++ b/libs/libcurl/docs/THANKS @@ -257,6 +257,7 @@ Carie Pointer Carlo Cannas Carlo Teubner Carlo Wood +Carlos ORyan Carsten Lange Casey O'Donnell Catalin Patulea @@ -489,6 +490,7 @@ Eason-Yu on github Ebenezer Ikonne Ed Morley Edin Kadribasic +Edmond Yu Eduard Bloch Edward Kimmel Edward Rudd @@ -528,6 +530,7 @@ Eric S. Raymond Eric Thelin Eric Vergnaud Eric Wong +Eric Wu Eric Young Erick Nuwendam Erik Jacobsen @@ -880,6 +883,7 @@ Jon Turner Jonas Forsman Jonas Minnberg Jonas Schnelli +Jonas Vautherin Jonatan Lander Jonatan Vela Jonathan Cardoso Machado @@ -896,6 +900,7 @@ Josh Bialkowski Josh Kapell Joshua Kwan Joshua Swink +Josie Huddleston Josue Andrade Gomes Jozef Kralik Juan Barreto @@ -978,6 +983,7 @@ Kristian Gunstone Kristian Köhntopp Kristiyan Tsaklev Kristoffer Gleditsch +Kunal Ekawde Kurt Fankhauser Kyle J. McKay Kyle L. Huff @@ -1591,6 +1597,7 @@ Sebastian Rasmussen Senthil Raja Velu Sergei Kuzmin Sergei Nikulov +Sergey Ogryzkov Sergey Tatarincev Sergii Kavunenko Sergii Pylypenko @@ -1746,6 +1753,7 @@ Todd Vierling Tom Benoist Tom Donovan Tom Grace +Tom Greenslade Tom Lee Tom Mattison Tom Moers @@ -1892,14 +1900,17 @@ cmfrolick on github d912e3 on github daboul on github dasimx on github +dbrowndan on github destman on github dkjjr89 on github +dkwolfe4 on github dnivras on github dpull on github dtmsecurity on github eXeC64 on github elelel on github elephoenix on github +elsamuko on github guitared on github hsiao yi imilli on github @@ -1937,6 +1948,7 @@ ovidiu-benea on github patelvivekv1993 on github pszemus on github silveja1 on github +smuellerDD on github steelman on github steini2000 on github stootill on github diff --git a/libs/libcurl/include/curl/curl.h b/libs/libcurl/include/curl/curl.h index d83b217989..e7f812daca 100644 --- a/libs/libcurl/include/curl/curl.h +++ b/libs/libcurl/include/curl/curl.h @@ -209,16 +209,17 @@ struct curl_httppost { set. Added in 7.46.0 */ }; -/* This is the CURLOPT_PROGRESSFUNCTION callback proto. It is now considered - deprecated but was the only choice up until 7.31.0 */ +/* This is the CURLOPT_PROGRESSFUNCTION callback prototype. It is now + considered deprecated but was the only choice up until 7.31.0 */ typedef int (*curl_progress_callback)(void *clientp, double dltotal, double dlnow, double ultotal, double ulnow); -/* This is the CURLOPT_XFERINFOFUNCTION callback proto. It was introduced in - 7.32.0, it avoids floating point and provides more detailed information. */ +/* This is the CURLOPT_XFERINFOFUNCTION callback prototype. It was introduced + in 7.32.0, avoids the use of floating point numbers and provides more + detailed information. */ typedef int (*curl_xferinfo_callback)(void *clientp, curl_off_t dltotal, curl_off_t dlnow, @@ -685,8 +686,10 @@ typedef enum { typedef CURLcode (*curl_conv_callback)(char *buffer, size_t length); typedef CURLcode (*curl_ssl_ctx_callback)(CURL *curl, /* easy handle */ - void *ssl_ctx, /* actually an - OpenSSL SSL_CTX */ + void *ssl_ctx, /* actually an OpenSSL + or WolfSSL SSL_CTX, + or an mbedTLS + mbedtls_ssl_config */ void *userptr); typedef enum { @@ -1314,9 +1317,9 @@ typedef enum { Note that setting multiple bits may cause extra network round-trips. */ CINIT(HTTPAUTH, LONG, 107), - /* Set the ssl context callback function, currently only for OpenSSL ssl_ctx - in second argument. The function must be matching the - curl_ssl_ctx_callback proto. */ + /* Set the ssl context callback function, currently only for OpenSSL or + WolfSSL ssl_ctx, or mbedTLS mbedtls_ssl_config in the second argument. + The function must match the curl_ssl_ctx_callback prototype. */ CINIT(SSL_CTX_FUNCTION, FUNCTIONPOINT, 108), /* Set the userdata for the ssl context callback function's third @@ -2514,8 +2517,8 @@ CURL_EXTERN void curl_slist_free_all(struct curl_slist *); */ CURL_EXTERN time_t curl_getdate(const char *p, const time_t *unused); -/* info about the certificate chain, only for OpenSSL builds. Asked - for with CURLOPT_CERTINFO / CURLINFO_CERTINFO */ +/* info about the certificate chain, only for OpenSSL, GnuTLS, Schannel, NSS + and GSKit builds. Asked for with CURLOPT_CERTINFO / CURLINFO_CERTINFO */ struct curl_certinfo { int num_of_certs; /* number of certificates with information */ struct curl_slist **certinfo; /* for each index in this array, there's a diff --git a/libs/libcurl/include/curl/curlver.h b/libs/libcurl/include/curl/curlver.h index dd58bbc4a8..0f588741c9 100644 --- a/libs/libcurl/include/curl/curlver.h +++ b/libs/libcurl/include/curl/curlver.h @@ -30,13 +30,13 @@ /* This is the version number of the libcurl package from which this header file origins: */ -#define LIBCURL_VERSION "7.65.0" +#define LIBCURL_VERSION "7.65.1" /* The numeric version number is also available "in parts" by using these defines: */ #define LIBCURL_VERSION_MAJOR 7 #define LIBCURL_VERSION_MINOR 65 -#define LIBCURL_VERSION_PATCH 0 +#define LIBCURL_VERSION_PATCH 1 /* This is the numeric version of the libcurl version number, meant for easier parsing and comparions by programs. The LIBCURL_VERSION_NUM define will @@ -57,7 +57,7 @@ CURL_VERSION_BITS() macro since curl's own configure script greps for it and needs it to contain the full number. */ -#define LIBCURL_VERSION_NUM 0x074100 +#define LIBCURL_VERSION_NUM 0x074101 /* * This is the date and time when the full source package was created. The @@ -68,7 +68,7 @@ * * "2007-11-23" */ -#define LIBCURL_TIMESTAMP "2019-05-22" +#define LIBCURL_TIMESTAMP "2019-06-05" #define CURL_VERSION_BITS(x,y,z) ((x)<<16|(y)<<8|(z)) #define CURL_AT_LEAST_VERSION(x,y,z) \ diff --git a/libs/libcurl/src/Makefile.in b/libs/libcurl/src/Makefile.in index ec936cb519..f6504437cf 100644 --- a/libs/libcurl/src/Makefile.in +++ b/libs/libcurl/src/Makefile.in @@ -811,7 +811,6 @@ USE_MESALINK = @USE_MESALINK@ USE_NGHTTP2 = @USE_NGHTTP2@ USE_NSS = @USE_NSS@ USE_OPENLDAP = @USE_OPENLDAP@ -USE_POLARSSL = @USE_POLARSSL@ USE_SCHANNEL = @USE_SCHANNEL@ USE_SECTRANSP = @USE_SECTRANSP@ USE_UNIX_SOCKETS = @USE_UNIX_SOCKETS@ diff --git a/libs/libcurl/src/config-win32.h b/libs/libcurl/src/config-win32.h index d3dcaa5b00..90c1054765 100644 --- a/libs/libcurl/src/config-win32.h +++ b/libs/libcurl/src/config-win32.h @@ -188,6 +188,9 @@ /* Define to 1 if you have the `getpeername' function. */ #define HAVE_GETPEERNAME 1 +/* Define to 1 if you have the getsockname function. */ +#define HAVE_GETSOCKNAME 1 + /* Define if you have the gethostbyaddr function. */ #define HAVE_GETHOSTBYADDR 1 @@ -243,10 +246,6 @@ /* Define if you have the socket function. */ #define HAVE_SOCKET 1 -/* Define if libSSH2 is in use */ -#define USE_LIBSSH2 1 -#define HAVE_LIBSSH2_H 1 - /* Define if you have the strcasecmp function. */ /* #define HAVE_STRCASECMP 1 */ @@ -586,8 +585,9 @@ Vista # endif #endif -/* Availability of freeaddrinfo, getaddrinfo and getnameinfo functions is - quite convoluted, compiler dependent and even build target dependent. */ +/* Availability of freeaddrinfo, getaddrinfo, getnameinfo and if_nametoindex + functions is quite convoluted, compiler dependent and even build target + dependent. */ #if defined(HAVE_WS2TCPIP_H) # if defined(__POCC__) # define HAVE_FREEADDRINFO 1 @@ -717,8 +717,12 @@ Vista #define USE_WIN32_CRYPTO /* Define to use Unix sockets. */ -#if defined(_MSC_VER) && _MSC_VER >= 1900 -/* #define USE_UNIX_SOCKETS */ +#if defined(_MSC_VER) && (_MSC_VER >= 1500) +/* sdkddkver.h first shipped with Platform SDK v6.0A included with VS2008 */ +#include <sdkddkver.h> +#if defined(NTDDI_WIN10_RS4) +#define USE_UNIX_SOCKETS +#endif #endif /* ---------------------------------------------------------------- */ diff --git a/libs/libcurl/src/conncache.c b/libs/libcurl/src/conncache.c index 5350919965..2f4dd4bc3e 100644 --- a/libs/libcurl/src/conncache.c +++ b/libs/libcurl/src/conncache.c @@ -61,6 +61,8 @@ Curl_share_unlock((x), CURL_LOCK_DATA_CONNECT) #endif +#define HASHKEY_SIZE 128 + static void conn_llist_dtor(void *user, void *element) { struct connectdata *conn = element; @@ -159,23 +161,27 @@ void Curl_conncache_destroy(struct conncache *connc) /* creates a key to find a bundle for this connection */ static void hashkey(struct connectdata *conn, char *buf, - size_t len) /* something like 128 is fine */ + size_t len, /* something like 128 is fine */ + const char **hostp) { const char *hostname; + long port = conn->remote_port; - if(conn->bits.socksproxy) - hostname = conn->socks_proxy.host.name; - else if(conn->bits.httpproxy) + if(conn->bits.httpproxy && !conn->bits.tunnel_proxy) { hostname = conn->http_proxy.host.name; + port = conn->port; + } else if(conn->bits.conn_to_host) hostname = conn->conn_to_host.name; else hostname = conn->host.name; - DEBUGASSERT(len > 32); + if(hostp) + /* report back which name we used */ + *hostp = hostname; /* put the number first so that the hostname gets cut off if too long */ - msnprintf(buf, len, "%ld%s", conn->port, hostname); + msnprintf(buf, len, "%ld%s", port, hostname); } void Curl_conncache_unlock(struct Curl_easy *data) @@ -212,13 +218,14 @@ size_t Curl_conncache_bundle_size(struct connectdata *conn) **NOTE**: When it returns, it holds the connection cache lock! */ struct connectbundle *Curl_conncache_find_bundle(struct connectdata *conn, - struct conncache *connc) + struct conncache *connc, + const char **hostp) { struct connectbundle *bundle = NULL; CONN_LOCK(conn->data); if(connc) { - char key[128]; - hashkey(conn, key, sizeof(key)); + char key[HASHKEY_SIZE]; + hashkey(conn, key, sizeof(key), hostp); bundle = Curl_hash_pick(&connc->hash, key, strlen(key)); } @@ -267,17 +274,17 @@ CURLcode Curl_conncache_add_conn(struct conncache *connc, struct Curl_easy *data = conn->data; /* *find_bundle() locks the connection cache */ - bundle = Curl_conncache_find_bundle(conn, data->state.conn_cache); + bundle = Curl_conncache_find_bundle(conn, data->state.conn_cache, NULL); if(!bundle) { int rc; - char key[128]; + char key[HASHKEY_SIZE]; result = bundle_create(data, &new_bundle); if(result) { goto unlock; } - hashkey(conn, key, sizeof(key)); + hashkey(conn, key, sizeof(key), NULL); rc = conncache_add_bundle(data->state.conn_cache, key, new_bundle); if(!rc) { diff --git a/libs/libcurl/src/conncache.h b/libs/libcurl/src/conncache.h index 35be9e0aa1..58f9024093 100644 --- a/libs/libcurl/src/conncache.h +++ b/libs/libcurl/src/conncache.h @@ -54,7 +54,8 @@ void Curl_conncache_destroy(struct conncache *connc); /* return the correct bundle, to a host or a proxy */ struct connectbundle *Curl_conncache_find_bundle(struct connectdata *conn, - struct conncache *connc); + struct conncache *connc, + const char **hostp); void Curl_conncache_unlock(struct Curl_easy *data); /* returns number of connections currently held in the connection cache */ size_t Curl_conncache_size(struct Curl_easy *data); diff --git a/libs/libcurl/src/curl_config.h.cmake b/libs/libcurl/src/curl_config.h.cmake index 9ac64f651b..3d96c498c7 100644 --- a/libs/libcurl/src/curl_config.h.cmake +++ b/libs/libcurl/src/curl_config.h.cmake @@ -241,6 +241,9 @@ /* Define to 1 if you have the `getsockname' function. */ #cmakedefine HAVE_GETSOCKNAME 1 +/* Define to 1 if you have the `if_nametoindex' function. */ +#cmakedefine HAVE_IF_NAMETOINDEX 1 + /* Define to 1 if you have the `getpwuid' function. */ #cmakedefine HAVE_GETPWUID 1 @@ -888,26 +891,35 @@ /* Define to the function return type for send. */ #cmakedefine SEND_TYPE_RETV ${SEND_TYPE_RETV} +/* + Note: SIZEOF_* variables are fetched with CMake through check_type_size(). + As per CMake documentation on CheckTypeSize, C preprocessor code is + generated by CMake into SIZEOF_*_CODE. This is what we use in the + following statements. + + Reference: https://cmake.org/cmake/help/latest/module/CheckTypeSize.html +*/ + /* The size of `int', as computed by sizeof. */ -#cmakedefine SIZEOF_INT ${SIZEOF_INT} +${SIZEOF_INT_CODE} /* The size of `short', as computed by sizeof. */ -#cmakedefine SIZEOF_SHORT ${SIZEOF_SHORT} +${SIZEOF_SHORT_CODE} /* The size of `long', as computed by sizeof. */ -#cmakedefine SIZEOF_LONG ${SIZEOF_LONG} +${SIZEOF_LONG_CODE} /* The size of `off_t', as computed by sizeof. */ -#cmakedefine SIZEOF_OFF_T ${SIZEOF_OFF_T} +${SIZEOF_OFF_T_CODE} /* The size of `curl_off_t', as computed by sizeof. */ -#cmakedefine SIZEOF_CURL_OFF_T ${SIZEOF_CURL_OFF_T} +${SIZEOF_CURL_OFF_T_CODE} /* The size of `size_t', as computed by sizeof. */ -#cmakedefine SIZEOF_SIZE_T ${SIZEOF_SIZE_T} +${SIZEOF_SIZE_T_CODE} /* The size of `time_t', as computed by sizeof. */ -#cmakedefine SIZEOF_TIME_T ${SIZEOF_TIME_T} +${SIZEOF_TIME_T_CODE} /* Define to 1 if you have the ANSI C header files. */ #cmakedefine STDC_HEADERS 1 diff --git a/libs/libcurl/src/curl_config.h.in b/libs/libcurl/src/curl_config.h.in index 2be4755f8c..778991ca67 100644 --- a/libs/libcurl/src/curl_config.h.in +++ b/libs/libcurl/src/curl_config.h.in @@ -979,9 +979,6 @@ /* if OpenSSL is in use */ #undef USE_OPENSSL -/* if PolarSSL is enabled */ -#undef USE_POLARSSL - /* to enable Windows native SSL/TLS support */ #undef USE_SCHANNEL diff --git a/libs/libcurl/src/curl_setup.h b/libs/libcurl/src/curl_setup.h index e5b5c863bc..a4601c49e8 100644 --- a/libs/libcurl/src/curl_setup.h +++ b/libs/libcurl/src/curl_setup.h @@ -647,7 +647,7 @@ int netware_init(void); #define LIBIDN_REQUIRED_VERSION "0.4.1" #if defined(USE_GNUTLS) || defined(USE_OPENSSL) || defined(USE_NSS) || \ - defined(USE_POLARSSL) || defined(USE_MBEDTLS) || \ + defined(USE_MBEDTLS) || \ defined(USE_CYASSL) || defined(USE_SCHANNEL) || \ defined(USE_SECTRANSP) || defined(USE_GSKIT) || defined(USE_MESALINK) #define USE_SSL /* SSL support has been enabled */ diff --git a/libs/libcurl/src/http.c b/libs/libcurl/src/http.c index 338c59a22c..a80e801575 100644 --- a/libs/libcurl/src/http.c +++ b/libs/libcurl/src/http.c @@ -644,7 +644,7 @@ output_auth_headers(struct connectdata *conn, #endif #ifdef USE_SPNEGO - if((authstatus->picked == CURLAUTH_NEGOTIATE)) { + if(authstatus->picked == CURLAUTH_NEGOTIATE) { auth = "Negotiate"; result = Curl_output_negotiate(conn, proxy); if(result) @@ -3769,6 +3769,7 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, "HTTP 1.1 or later with persistent connection\n")); } + k->http_bodyless = k->httpcode >= 100 && k->httpcode < 200; switch(k->httpcode) { case 304: /* (quote from RFC2616, section 10.3.5): The 304 response @@ -3786,10 +3787,9 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, * empty line after the header fields. */ k->size = 0; k->maxdownload = 0; - k->ignorecl = TRUE; /* ignore Content-Length headers */ + k->http_bodyless = TRUE; break; default: - /* nothing */ break; } } @@ -3805,8 +3805,8 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, return result; /* Check for Content-Length: header lines to get size */ - if(!k->ignorecl && !data->set.ignorecl && - checkprefix("Content-Length:", k->p)) { + if(!k->http_bodyless && + !data->set.ignorecl && checkprefix("Content-Length:", k->p)) { curl_off_t contentlength; CURLofft offt = curlx_strtoofft(k->p + 15, NULL, 10, &contentlength); @@ -3895,7 +3895,7 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, */ streamclose(conn, "Connection: close used"); } - else if(checkprefix("Transfer-Encoding:", k->p)) { + else if(!k->http_bodyless && checkprefix("Transfer-Encoding:", k->p)) { /* One or more encodings. We check for chunked and/or a compression algorithm. */ /* @@ -3911,7 +3911,7 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, if(result) return result; } - else if(checkprefix("Content-Encoding:", k->p) && + else if(!k->http_bodyless && checkprefix("Content-Encoding:", k->p) && data->set.str[STRING_ENCODING]) { /* * Process Content-Encoding. Look for the values: identity, @@ -3924,7 +3924,7 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, if(result) return result; } - else if(checkprefix("Content-Range:", k->p)) { + else if(!k->http_bodyless && checkprefix("Content-Range:", k->p)) { /* Content-Range: bytes [num]- Content-Range: bytes: [num]- Content-Range: [num]- @@ -3970,7 +3970,7 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE); } #endif - else if(checkprefix("Last-Modified:", k->p) && + else if(!k->http_bodyless && checkprefix("Last-Modified:", k->p) && (data->set.timecondition || data->set.get_filetime) ) { time_t secs = time(NULL); k->timeofdoc = curl_getdate(k->p + strlen("Last-Modified:"), diff --git a/libs/libcurl/src/http2.c b/libs/libcurl/src/http2.c index 8e7bc217e6..a535d14bbe 100644 --- a/libs/libcurl/src/http2.c +++ b/libs/libcurl/src/http2.c @@ -1199,9 +1199,6 @@ void Curl_http2_done(struct connectdata *conn, bool premature) if(!httpc->h2) /* not HTTP/2 ? */ return; - if(data->state.drain) - drained_transfer(data, httpc); - if(premature) { /* RST_STREAM */ if(!nghttp2_submit_rst_stream(httpc->h2, NGHTTP2_FLAG_NONE, @@ -1213,6 +1210,10 @@ void Curl_http2_done(struct connectdata *conn, bool premature) httpc->pause_stream_id = 0; } } + + if(data->state.drain) + drained_transfer(data, httpc); + /* -1 means unassigned and 0 means cleared */ if(http->stream_id > 0) { int rv = nghttp2_session_set_stream_user_data(httpc->h2, diff --git a/libs/libcurl/src/http_proxy.c b/libs/libcurl/src/http_proxy.c index d7ed11761f..ba67b861bd 100644 --- a/libs/libcurl/src/http_proxy.c +++ b/libs/libcurl/src/http_proxy.c @@ -632,6 +632,7 @@ static CURLcode CONNECT(struct connectdata *conn, conn->allocptr.proxyuserpwd = NULL; data->state.authproxy.done = TRUE; + data->state.authproxy.multipass = FALSE; infof(data, "Proxy replied %d to CONNECT request\n", data->info.httpproxycode); diff --git a/libs/libcurl/src/libcurl.plist b/libs/libcurl/src/libcurl.plist index 8e7624a1c2..760130c9ce 100644 --- a/libs/libcurl/src/libcurl.plist +++ b/libs/libcurl/src/libcurl.plist @@ -15,7 +15,7 @@ <string>se.haxx.curl.libcurl</string> <key>CFBundleVersion</key> - <string>7.65.0</string> + <string>7.65.1</string> <key>CFBundleName</key> <string>libcurl</string> @@ -27,9 +27,9 @@ <string>????</string> <key>CFBundleShortVersionString</key> - <string>libcurl 7.65.0</string> + <string>libcurl 7.65.1</string> <key>CFBundleGetInfoString</key> - <string>libcurl.plist 7.65.0</string> + <string>libcurl.plist 7.65.1</string> </dict> </plist> diff --git a/libs/libcurl/src/md4.c b/libs/libcurl/src/md4.c index e7c77bc36e..0b4ea9a3c3 100644 --- a/libs/libcurl/src/md4.c +++ b/libs/libcurl/src/md4.c @@ -38,6 +38,13 @@ #include "curl_setup.h" +#ifdef USE_OPENSSL +#include <openssl/opensslconf.h> +#endif +#ifdef USE_MBEDTLS +#include <mbedtls/config.h> +#endif + /* The NSS, OS/400, and when not included, OpenSSL and mbed TLS crypto * libraries do not provide the MD4 hash algorithm, so we use this * implementation of it */ diff --git a/libs/libcurl/src/multi.c b/libs/libcurl/src/multi.c index c7c46eefc9..02f846033b 100644 --- a/libs/libcurl/src/multi.c +++ b/libs/libcurl/src/multi.c @@ -241,8 +241,17 @@ static struct Curl_sh_entry *sh_addentry(struct curl_hash *sh, /* delete the given socket + handle from the hash */ -static void sh_delentry(struct curl_hash *sh, curl_socket_t s) +static void sh_delentry(struct Curl_sh_entry *entry, + struct curl_hash *sh, curl_socket_t s) { + struct curl_llist *list = &entry->list; + struct curl_llist_element *e; + /* clear the list of transfers first */ + for(e = list->head; e; e = list->head) { + struct Curl_easy *dta = e->ptr; + Curl_llist_remove(&entry->list, e, NULL); + dta->sh_entry = NULL; + } /* We remove the hash entry. This will end up in a call to sh_freeentry(). */ Curl_hash_delete(sh, (char *)&s, sizeof(curl_socket_t)); @@ -780,6 +789,11 @@ bool Curl_multiplex_wanted(const struct Curl_multi *multi) static void detach_connnection(struct Curl_easy *data) { struct connectdata *conn = data->conn; + if(data->sh_entry) { + /* still listed as a user of a socket hash entry, remove it */ + Curl_llist_remove(&data->sh_entry->list, &data->sh_queue, NULL); + data->sh_entry = NULL; + } if(conn) Curl_llist_remove(&conn->easyq, &data->conn_queue, NULL); data->conn = NULL; @@ -2238,14 +2252,14 @@ static CURLMcode singlesocket(struct Curl_multi *multi, actions[i] = action; if(entry) { /* check if new for this transfer */ - for(i = 0; i< data->numsocks; i++) { - if(s == data->sockets[i]) { - prevaction = data->actions[i]; + int j; + for(j = 0; j< data->numsocks; j++) { + if(s == data->sockets[j]) { + prevaction = data->actions[j]; sincebefore = TRUE; break; } } - } else { /* this is a socket we didn't have before, add it to the hash! */ @@ -2276,6 +2290,7 @@ static CURLMcode singlesocket(struct Curl_multi *multi, /* add 'data' to the list of handles using this socket! */ Curl_llist_insert_next(&entry->list, entry->list.tail, data, &data->sh_queue); + data->sh_entry = entry; } comboaction = (entry->writers? CURL_POLL_OUT : 0) | @@ -2335,11 +2350,7 @@ static CURLMcode singlesocket(struct Curl_multi *multi, multi->socket_cb(data, s, CURL_POLL_REMOVE, multi->socket_userp, entry->socketp); - sh_delentry(&multi->sockhash, s); - } - else { - /* remove this transfer as a user of this socket */ - Curl_llist_remove(&entry->list, &data->sh_queue, NULL); + sh_delentry(entry, &multi->sockhash, s); } } } /* for loop over numsocks */ @@ -2383,7 +2394,7 @@ void Curl_multi_closed(struct Curl_easy *data, curl_socket_t s) entry->socketp); /* now remove it from the socket hash */ - sh_delentry(&multi->sockhash, s); + sh_delentry(entry, &multi->sockhash, s); } } } @@ -2474,7 +2485,6 @@ static CURLMcode multi_socket(struct Curl_multi *multi, return result; } if(s != CURL_SOCKET_TIMEOUT) { - struct Curl_sh_entry *entry = sh_getentry(&multi->sockhash, s); if(!entry) @@ -2487,15 +2497,19 @@ static CURLMcode multi_socket(struct Curl_multi *multi, else { struct curl_llist *list = &entry->list; struct curl_llist_element *e; + struct curl_llist_element *enext; SIGPIPE_VARIABLE(pipe_st); /* the socket can be shared by many transfers, iterate */ - for(e = list->head; e; e = e->next) { + for(e = list->head; e; e = enext) { data = (struct Curl_easy *)e->ptr; - if(data->magic != CURLEASY_MAGIC_NUMBER) - /* bad bad bad bad bad bad bad */ - return CURLM_INTERNAL_ERROR; + /* assign 'enext' here since the 'e' struct might be cleared + further down in the singlesocket() call */ + enext = e->next; + + DEBUGASSERT(data); + DEBUGASSERT(data->magic == CURLEASY_MAGIC_NUMBER); if(data->conn && !(data->conn->handler->flags & PROTOPT_DIRLOCK)) /* set socket event bitmask if they're not locked */ diff --git a/libs/libcurl/src/progress.c b/libs/libcurl/src/progress.c index f586d59b4c..fe9929bb90 100644 --- a/libs/libcurl/src/progress.c +++ b/libs/libcurl/src/progress.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -31,7 +31,6 @@ /* check rate limits within this many recent milliseconds, at minimum. */ #define MIN_RATE_LIMIT_PERIOD 3000 -#ifndef CURL_DISABLE_PROGRESS_METER /* Provide a string that is 2 + 1 + 2 + 1 + 2 = 8 letters long (plus the zero byte) */ static void time2str(char *r, curl_off_t seconds) @@ -120,7 +119,6 @@ static char *max5data(curl_off_t bytes, char *max5) return max5; } -#endif /* @@ -364,13 +362,17 @@ void Curl_pgrsSetUploadSize(struct Curl_easy *data, curl_off_t size) } } -#ifndef CURL_DISABLE_PROGRESS_METER -static void progress_meter(struct connectdata *conn) +/* + * Curl_pgrsUpdate() returns 0 for success or the value returned by the + * progress callback! + */ +int Curl_pgrsUpdate(struct connectdata *conn) { struct curltime now; curl_off_t timespent; curl_off_t timespent_ms; /* milliseconds */ struct Curl_easy *data = conn->data; + int nowindex = data->progress.speeder_c% CURR_TIME; bool shownow = FALSE; curl_off_t dl = data->progress.downloaded; curl_off_t ul = data->progress.uploaded; @@ -397,9 +399,7 @@ static void progress_meter(struct connectdata *conn) /* Calculations done at most once a second, unless end is reached */ if(data->progress.lastshow != now.tv_sec) { int countindex; /* amount of seconds stored in the speeder array */ - int nowindex = data->progress.speeder_c% CURR_TIME; - if(!(data->progress.flags & PGRS_HIDE)) - shownow = TRUE; + shownow = TRUE; data->progress.lastshow = now.tv_sec; @@ -461,12 +461,8 @@ static void progress_meter(struct connectdata *conn) data->progress.ulspeed + data->progress.dlspeed; } /* Calculations end */ - if(!shownow) - /* only show the internal progress meter once per second */ - return; - else { - /* If there's no external callback set, use internal code to show - progress */ + + if(!(data->progress.flags & PGRS_HIDE)) { /* progress meter has not been shut off */ char max5[6][10]; curl_off_t dlpercen = 0; @@ -481,6 +477,42 @@ static void progress_meter(struct connectdata *conn) curl_off_t dlestimate = 0; curl_off_t total_estimate; + if(data->set.fxferinfo) { + int result; + /* There's a callback set, call that */ + Curl_set_in_callback(data, true); + result = data->set.fxferinfo(data->set.progress_client, + data->progress.size_dl, + data->progress.downloaded, + data->progress.size_ul, + data->progress.uploaded); + Curl_set_in_callback(data, false); + if(result) + failf(data, "Callback aborted"); + return result; + } + if(data->set.fprogress) { + int result; + /* The older deprecated callback is set, call that */ + Curl_set_in_callback(data, true); + result = data->set.fprogress(data->set.progress_client, + (double)data->progress.size_dl, + (double)data->progress.downloaded, + (double)data->progress.size_ul, + (double)data->progress.uploaded); + Curl_set_in_callback(data, false); + if(result) + failf(data, "Callback aborted"); + return result; + } + + if(!shownow) + /* only show the internal progress meter once per second */ + return 0; + + /* If there's no external callback set, use internal code to show + progress */ + if(!(data->progress.flags & PGRS_HEADERS_OUT)) { if(data->state.resume_from) { fprintf(data->set.err, @@ -563,57 +595,13 @@ static void progress_meter(struct connectdata *conn) time_total, /* 8 letters */ /* total time */ time_spent, /* 8 letters */ /* time spent */ time_left, /* 8 letters */ /* time left */ - max5data(data->progress.current_speed, max5[5]) - ); + max5data(data->progress.current_speed, max5[5]) /* current speed */ + ); /* we flush the output stream to make it appear as soon as possible */ fflush(data->set.err); - } /* don't show now */ -} -#else - /* progress bar disabled */ -#define progress_meter(x) -#endif - -/* - * Curl_pgrsUpdate() returns 0 for success or the value returned by the - * progress callback! - */ -int Curl_pgrsUpdate(struct connectdata *conn) -{ - struct Curl_easy *data = conn->data; - if(!(data->progress.flags & PGRS_HIDE)) { - if(data->set.fxferinfo) { - int result; - /* There's a callback set, call that */ - Curl_set_in_callback(data, true); - result = data->set.fxferinfo(data->set.progress_client, - data->progress.size_dl, - data->progress.downloaded, - data->progress.size_ul, - data->progress.uploaded); - Curl_set_in_callback(data, false); - if(result) - failf(data, "Callback aborted"); - return result; - } - if(data->set.fprogress) { - int result; - /* The older deprecated callback is set, call that */ - Curl_set_in_callback(data, true); - result = data->set.fprogress(data->set.progress_client, - (double)data->progress.size_dl, - (double)data->progress.downloaded, - (double)data->progress.size_ul, - (double)data->progress.uploaded); - Curl_set_in_callback(data, false); - if(result) - failf(data, "Callback aborted"); - return result; - } - } - progress_meter(conn); + } /* !(data->progress.flags & PGRS_HIDE) */ return 0; } diff --git a/libs/libcurl/src/rand.c b/libs/libcurl/src/rand.c index 6ee45feb12..c415048ec5 100644 --- a/libs/libcurl/src/rand.c +++ b/libs/libcurl/src/rand.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -106,8 +106,7 @@ static CURLcode randit(struct Curl_easy *data, unsigned int *rnd) * 'rndptr' points to. * * If libcurl is built without TLS support or with a TLS backend that lacks a - * proper random API (Gskit, PolarSSL or mbedTLS), this function will use - * "weak" random. + * proper random API (Gskit or mbedTLS), this function will use "weak" random. * * When built *with* TLS support and a backend that offers strong random, it * will return error if it cannot provide strong random values. diff --git a/libs/libcurl/src/rand.h b/libs/libcurl/src/rand.h index 5deb041613..3c8e2b81dc 100644 --- a/libs/libcurl/src/rand.h +++ b/libs/libcurl/src/rand.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -27,8 +27,7 @@ * 'rnd' points to. * * If libcurl is built without TLS support or with a TLS backend that lacks a - * proper random API (Gskit, PolarSSL or mbedTLS), this function will use - * "weak" random. + * proper random API (Gskit or mbedTLS), this function will use "weak" random. * * When built *with* TLS support and a backend that offers strong random, it * will return error if it cannot provide strong random values. diff --git a/libs/libcurl/src/system_win32.c b/libs/libcurl/src/system_win32.c index f7f817dd45..1143fa6aae 100644 --- a/libs/libcurl/src/system_win32.c +++ b/libs/libcurl/src/system_win32.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 2016 - 2017, Steve Holme, <steve_holme@hotmail.com>. + * Copyright (C) 2016 - 2019, Steve Holme, <steve_holme@hotmail.com>. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -36,6 +36,12 @@ LARGE_INTEGER Curl_freq; bool Curl_isVistaOrGreater; +/* Handle of iphlpapp.dll */ +static HMODULE s_hIpHlpApiDll = NULL; + +/* Pointer to the if_nametoindex function */ +IF_NAMETOINDEX_FN Curl_if_nametoindex = NULL; + /* Curl_win32_init() performs win32 global initialization */ CURLcode Curl_win32_init(long flags) { @@ -89,6 +95,17 @@ CURLcode Curl_win32_init(long flags) } #endif + s_hIpHlpApiDll = Curl_load_library(TEXT("iphlpapi.dll")); + if(s_hIpHlpApiDll) { + /* Get the address of the if_nametoindex function */ + IF_NAMETOINDEX_FN pIfNameToIndex = + CURLX_FUNCTION_CAST(IF_NAMETOINDEX_FN, + (GetProcAddress(s_hIpHlpApiDll, "if_nametoindex"))); + + if(pIfNameToIndex) + Curl_if_nametoindex = pIfNameToIndex; + } + if(Curl_verify_windows_version(6, 0, PLATFORM_WINNT, VERSION_GREATER_THAN_EQUAL)) { Curl_isVistaOrGreater = TRUE; @@ -103,6 +120,12 @@ CURLcode Curl_win32_init(long flags) /* Curl_win32_cleanup() is the opposite of Curl_win32_init() */ void Curl_win32_cleanup(long init_flags) { + if(s_hIpHlpApiDll) { + FreeLibrary(s_hIpHlpApiDll); + s_hIpHlpApiDll = NULL; + Curl_if_nametoindex = NULL; + } + #ifdef USE_WINDOWS_SSPI Curl_sspi_global_cleanup(); #endif @@ -114,10 +137,6 @@ void Curl_win32_cleanup(long init_flags) } } -#if defined(USE_WINDOWS_SSPI) || (!defined(CURL_DISABLE_TELNET) && \ - defined(USE_WINSOCK)) - - #if !defined(LOAD_WITH_ALTERED_SEARCH_PATH) #define LOAD_WITH_ALTERED_SEARCH_PATH 0x00000008 #endif @@ -140,8 +159,6 @@ typedef HMODULE (APIENTRY *LOADLIBRARYEX_FN)(LPCTSTR, HANDLE, DWORD); # define LOADLIBARYEX "LoadLibraryExA" #endif -#endif /* USE_WINDOWS_SSPI || (!CURL_DISABLE_TELNET && USE_WINSOCK) */ - /* * Curl_verify_windows_version() * @@ -334,9 +351,6 @@ bool Curl_verify_windows_version(const unsigned int majorVersion, return matched; } -#if defined(USE_WINDOWS_SSPI) || (!defined(CURL_DISABLE_TELNET) && \ - defined(USE_WINSOCK)) - /* * Curl_load_library() * @@ -411,6 +425,4 @@ HMODULE Curl_load_library(LPCTSTR filename) return hModule; } -#endif /* USE_WINDOWS_SSPI || (!CURL_DISABLE_TELNET && USE_WINSOCK) */ - #endif /* WIN32 */ diff --git a/libs/libcurl/src/system_win32.h b/libs/libcurl/src/system_win32.h index 926328a9aa..c07cf1fb72 100644 --- a/libs/libcurl/src/system_win32.h +++ b/libs/libcurl/src/system_win32.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 2016, Steve Holme, <steve_holme@hotmail.com>. + * Copyright (C) 2016 - 2019, Steve Holme, <steve_holme@hotmail.com>. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -48,20 +48,21 @@ typedef enum { PLATFORM_WINNT } PlatformIdentifier; +/* We use our own typedef here since some headers might lack this */ +typedef unsigned int(WINAPI *IF_NAMETOINDEX_FN)(const char *); + +/* This is used instread of if_nametoindex if available on Windows */ +IF_NAMETOINDEX_FN Curl_if_nametoindex; + /* This is used to verify if we are running on a specific windows version */ bool Curl_verify_windows_version(const unsigned int majorVersion, const unsigned int minorVersion, const PlatformIdentifier platform, const VersionCondition condition); -#if defined(USE_WINDOWS_SSPI) || (!defined(CURL_DISABLE_TELNET) && \ - defined(USE_WINSOCK)) - /* This is used to dynamically load DLLs */ HMODULE Curl_load_library(LPCTSTR filename); -#endif /* USE_WINDOWS_SSPI || (!CURL_DISABLE_TELNET && USE_WINSOCK) */ - #endif /* WIN32 */ #endif /* HEADER_CURL_SYSTEM_WIN32_H */ diff --git a/libs/libcurl/src/url.c b/libs/libcurl/src/url.c index c441ae7165..eb22dcc374 100644 --- a/libs/libcurl/src/url.c +++ b/libs/libcurl/src/url.c @@ -34,10 +34,12 @@ #ifdef HAVE_NET_IF_H #include <net/if.h> #endif +#ifdef HAVE_IPHLPAPI_H +#include <Iphlpapi.h> +#endif #ifdef HAVE_SYS_IOCTL_H #include <sys/ioctl.h> #endif - #ifdef HAVE_SYS_PARAM_H #include <sys/param.h> #endif @@ -93,6 +95,7 @@ bool curl_win32_idn_to_ascii(const char *in, char **out); #include "inet_pton.h" #include "getinfo.h" #include "urlapi-int.h" +#include "system_win32.h" /* And now for the protocols */ #include "ftp.h" @@ -439,7 +442,7 @@ CURLcode Curl_init_userdefined(struct Curl_easy *data) set->httpreq = HTTPREQ_GET; /* Default HTTP request */ set->rtspreq = RTSPREQ_OPTIONS; /* Default RTSP request */ -#ifndef CURL_DISABLE_FILE +#ifndef CURL_DISABLE_FTP set->ftp_use_epsv = TRUE; /* FTP defaults to EPSV operations */ set->ftp_use_eprt = TRUE; /* FTP defaults to EPRT operations */ set->ftp_use_pret = FALSE; /* mainly useful for drftpd servers */ @@ -1004,6 +1007,7 @@ ConnectionExists(struct Curl_easy *data, bool canmultiplex = IsMultiplexingPossible(data, needle); struct connectbundle *bundle; struct curltime now = Curl_now(); + const char *hostbundle; #ifdef USE_NTLM bool wantNTLMhttp = ((data->state.authhost.want & @@ -1020,16 +1024,15 @@ ConnectionExists(struct Curl_easy *data, /* Look up the bundle with all the connections to this particular host. Locks the connection cache, beware of early returns! */ - bundle = Curl_conncache_find_bundle(needle, data->state.conn_cache); + bundle = Curl_conncache_find_bundle(needle, data->state.conn_cache, + &hostbundle); if(bundle) { /* Max pipe length is zero (unlimited) for multiplexed connections */ struct curl_llist_element *curr; infof(data, "Found bundle for host %s: %p [%s]\n", - (needle->bits.conn_to_host ? needle->conn_to_host.name : - needle->host.name), (void *)bundle, - (bundle->multiuse == BUNDLE_MULTIPLEX ? - "can multiplex" : "serially")); + hostbundle, (void *)bundle, (bundle->multiuse == BUNDLE_MULTIPLEX ? + "can multiplex" : "serially")); /* We can't multiplex if we don't know anything about the server */ if(canmultiplex) { @@ -1884,6 +1887,50 @@ CURLcode Curl_uc_to_curlcode(CURLUcode uc) } /* + * If the URL was set with an IPv6 numerical address with a zone id part, set + * the scope_id based on that! + */ + +static void zonefrom_url(CURLU *uh, struct connectdata *conn) +{ + char *zoneid; + CURLUcode uc; + + uc = curl_url_get(uh, CURLUPART_ZONEID, &zoneid, 0); + + if(!uc && zoneid) { + char *endp; + unsigned long scope = strtoul(zoneid, &endp, 10); + if(!*endp && (scope < UINT_MAX)) + /* A plain number, use it directly as a scope id. */ + conn->scope_id = (unsigned int)scope; +#if defined(HAVE_IF_NAMETOINDEX) + else { +#elif defined(WIN32) + else if(Curl_if_nametoindex) { +#endif + +#if defined(HAVE_IF_NAMETOINDEX) || defined(WIN32) + /* Zone identifier is not numeric */ + unsigned int scopeidx = 0; +#if defined(WIN32) + scopeidx = Curl_if_nametoindex(zoneid); +#else + scopeidx = if_nametoindex(zoneid); +#endif + if(!scopeidx) + infof(conn->data, "Invalid zoneid: %s; %s\n", zoneid, + strerror(errno)); + else + conn->scope_id = scopeidx; + } +#endif /* HAVE_IF_NAMETOINDEX || WIN32 */ + + free(zoneid); + } +} + +/* * Parse URL and fill in the relevant members of the connection struct. */ static CURLcode parseurlandfillconn(struct Curl_easy *data, @@ -1991,7 +2038,7 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data, } else { unsigned long port = strtoul(data->state.up.port, NULL, 10); - conn->remote_port = curlx_ultous(port); + conn->port = conn->remote_port = curlx_ultous(port); } (void)curl_url_get(uh, CURLUPART_QUERY, &data->state.up.query, 0); @@ -2004,38 +2051,14 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data, if(hostname[0] == '[') { /* This looks like an IPv6 address literal. See if there is an address scope. */ - char *zoneid; size_t hlen; - uc = curl_url_get(uh, CURLUPART_ZONEID, &zoneid, 0); conn->bits.ipv6_ip = TRUE; - /* cut off the brackets! */ hostname++; hlen = strlen(hostname); hostname[hlen - 1] = 0; - if(!uc && zoneid) { - char *endp; - unsigned long scope; - scope = strtoul(zoneid, &endp, 10); - if(!*endp && (scope < UINT_MAX)) { - /* A plain number, use it direcly as a scope id. */ - conn->scope_id = (unsigned int)scope; - } -#ifdef HAVE_IF_NAMETOINDEX - else { - /* Zone identifier is not numeric */ - unsigned int scopeidx = 0; - scopeidx = if_nametoindex(zoneid); - if(!scopeidx) - infof(data, "Invalid zoneid id: %s; %s\n", zoneid, - strerror(errno)); - else - conn->scope_id = scopeidx; - } -#endif /* HAVE_IF_NAMETOINDEX */ - free(zoneid); - } + zonefrom_url(uh, conn); } /* make sure the connect struct gets its own copy of the host name */ @@ -2298,7 +2321,7 @@ static CURLcode parse_proxy(struct Curl_easy *data, struct connectdata *conn, char *proxy, curl_proxytype proxytype) { - char *portptr; + char *portptr = NULL; long port = -1; char *proxyuser = NULL; char *proxypasswd = NULL; @@ -2422,6 +2445,7 @@ static CURLcode parse_proxy(struct Curl_easy *data, size_t len = strlen(host); host[len-1] = 0; /* clear the trailing bracket */ host++; + zonefrom_url(uhp, conn); } proxyinfo->host.name = host; @@ -3749,8 +3773,9 @@ static CURLcode create_conn(struct Curl_easy *data, connections_available = FALSE; else { /* this gets a lock on the conncache */ + const char *bundlehost; struct connectbundle *bundle = - Curl_conncache_find_bundle(conn, data->state.conn_cache); + Curl_conncache_find_bundle(conn, data->state.conn_cache, &bundlehost); if(max_host_connections > 0 && bundle && (bundle->num_connections >= max_host_connections)) { @@ -3764,8 +3789,8 @@ static CURLcode create_conn(struct Curl_easy *data, (void)Curl_disconnect(data, conn_candidate, /* dead_connection */ FALSE); else { - infof(data, "No more connections allowed to host: %zu\n", - max_host_connections); + infof(data, "No more connections allowed to host %s: %zu\n", + bundlehost, max_host_connections); connections_available = FALSE; } } diff --git a/libs/libcurl/src/urldata.h b/libs/libcurl/src/urldata.h index d759592d9d..f8ba591dde 100644 --- a/libs/libcurl/src/urldata.h +++ b/libs/libcurl/src/urldata.h @@ -617,8 +617,8 @@ struct SingleRequest { bit upload_done:1; /* set to TRUE when doing chunked transfer-encoding upload and we're uploading the last chunk */ bit ignorebody:1; /* we read a response-body but we ignore it! */ - bit ignorecl:1; /* This HTTP response has no body so we ignore the - Content-Length: header */ + bit http_bodyless:1; /* HTTP response status code is between 100 and 199, + 204 or 304 */ bit chunk:1; /* if set, this is a chunked transfer-encoding */ bit upload_chunky:1; /* set TRUE if we are doing chunked transfer-encoding on upload */ @@ -1081,8 +1081,9 @@ struct PureInfo { const char *conn_scheme; unsigned int conn_protocol; struct curl_certinfo certs; /* info about the certs, only populated in - OpenSSL builds. Asked for with - CURLOPT_CERTINFO / CURLINFO_CERTINFO */ + OpenSSL, GnuTLS, Schannel, NSS and GSKit + builds. Asked for with CURLOPT_CERTINFO + / CURLINFO_CERTINFO */ bit timecond:1; /* set to TRUE if the time condition didn't match, which thus made the document NOT get fetched */ @@ -1778,6 +1779,7 @@ struct Curl_easy { struct connectdata *conn; struct curl_llist_element connect_queue; struct curl_llist_element sh_queue; /* list per Curl_sh_entry */ + struct Curl_sh_entry *sh_entry; /* the socket hash this was added to */ struct curl_llist_element conn_queue; /* list per connectdata */ CURLMstate mstate; /* the handle's state */ diff --git a/libs/libcurl/src/vtls/nss.c b/libs/libcurl/src/vtls/nss.c index 491def106d..3125f0b709 100644 --- a/libs/libcurl/src/vtls/nss.c +++ b/libs/libcurl/src/vtls/nss.c @@ -216,6 +216,11 @@ static const cipher_s cipherlist[] = { {"dhe_rsa_chacha20_poly1305_sha_256", TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256}, #endif +#ifdef TLS_AES_256_GCM_SHA384 + {"aes_128_gcm_sha_256", TLS_AES_128_GCM_SHA256}, + {"aes_256_gcm_sha_384", TLS_AES_256_GCM_SHA384}, + {"chacha20_poly1305_sha_256", TLS_CHACHA20_POLY1305_SHA256}, +#endif }; #ifdef WIN32 diff --git a/libs/libcurl/src/vtls/sectransp.c b/libs/libcurl/src/vtls/sectransp.c index 2fdf662a1d..3fb125ab56 100644 --- a/libs/libcurl/src/vtls/sectransp.c +++ b/libs/libcurl/src/vtls/sectransp.c @@ -2111,8 +2111,8 @@ static int append_cert_to_array(struct Curl_easy *data, return CURLE_OK; } -static int verify_cert(const char *cafile, struct Curl_easy *data, - SSLContextRef ctx) +static CURLcode verify_cert(const char *cafile, struct Curl_easy *data, + SSLContextRef ctx) { int n = 0, rc; long res; @@ -2370,10 +2370,10 @@ sectransp_connect_step2(struct connectdata *conn, int sockindex) Leopard's headers */ case -9841: if(SSL_CONN_CONFIG(CAfile) && SSL_CONN_CONFIG(verifypeer)) { - int res = verify_cert(SSL_CONN_CONFIG(CAfile), data, - BACKEND->ssl_ctx); - if(res != CURLE_OK) - return res; + CURLcode result = verify_cert(SSL_CONN_CONFIG(CAfile), data, + BACKEND->ssl_ctx); + if(result) + return result; } /* the documentation says we need to call SSLHandshake() again */ return sectransp_connect_step2(conn, sockindex); @@ -3186,7 +3186,10 @@ static ssize_t sectransp_recv(struct connectdata *conn, /*struct Curl_easy *data = conn->data;*/ struct ssl_connect_data *connssl = &conn->ssl[num]; size_t processed = 0UL; - OSStatus err = SSLRead(BACKEND->ssl_ctx, buf, buffersize, &processed); + OSStatus err; + + again: + err = SSLRead(BACKEND->ssl_ctx, buf, buffersize, &processed); if(err != noErr) { switch(err) { @@ -3207,6 +3210,16 @@ static ssize_t sectransp_recv(struct connectdata *conn, return -1L; break; + /* The below is errSSLPeerAuthCompleted; it's not defined in + Leopard's headers */ + case -9841: + if(SSL_CONN_CONFIG(CAfile) && SSL_CONN_CONFIG(verifypeer)) { + CURLcode result = verify_cert(SSL_CONN_CONFIG(CAfile), conn->data, + BACKEND->ssl_ctx); + if(result) + return result; + } + goto again; default: failf(conn->data, "SSLRead() return error %d", err); *curlcode = CURLE_RECV_ERROR; |