Skip to content
Permalink
Branch: master
Commits on Mar 11, 2019
  1. doh: inherit some SSL options from user's easy handle

    jay committed Mar 9, 2019
    - Inherit SSL options for the doh handle but not SSL client certs,
      SSL ALPN/NPN, SSL engine, SSL version, SSL issuer cert,
      SSL pinned public key, SSL ciphers, SSL id cache setting,
      SSL kerberos or SSL gss-api settings.
    
    - Fix inheritance of verbose setting.
    
    - Inherit NOSIGNAL.
    
    There is no way for the user to set options for the doh (DNS-over-HTTPS)
    handles and instead we inherit some options from the user's easy handle.
    
    My thinking for the SSL options not inherited is they are most likely
    not intended by the user for the DOH transfer. I did inherit insecure
    because I think that should still be in control of the user.
    
    Prior to this change doh did not work for me because CAINFO was not
    inherited. Also verbose was set always which AFAICT was a bug (#3660).
    
    Fixes #3660
    Closes #3661
Commits on Mar 5, 2019
  1. multi: support verbose conncache closure handle

    jay committed Feb 26, 2019
    - Change closure handle to receive verbose setting from the easy handle
      most recently added via curl_multi_add_handle.
    
    The closure handle is a special easy handle used for closing cached
    connections. It receives limited settings from the easy handle most
    recently added to the multi handle. Prior to this change that did not
    include verbose which was a problem because on connection shutdown
    verbose mode was not acknowledged.
    
    Ref: #3598
    
    Co-authored-by: Daniel Stenberg
    
    Closes #3618
Commits on Mar 2, 2019
  1. system_win32: move win32_init here from easy.c

    jay committed Feb 28, 2019
    .. since system_win32 is a more appropriate location for the functions
    and to extern the globals.
    
    Ref: ca597ad#r32446578
    Reported-by: Gisle Vanem
    
    Closes #3625
Commits on Feb 22, 2019
  1. url: change conn shutdown order to unlink data as last step

    jay committed Feb 21, 2019
    - Split off connection shutdown procedure from Curl_disconnect into new
      function conn_shutdown.
    
    - Change the shutdown procedure to close the sockets before
      disassociating the transfer.
    
    Prior to this change the sockets were closed after disassociating the
    transfer so SOCKETFUNCTION wasn't called since the transfer was already
    disassociated. That likely came about from recent work started in
    Jan 2019 (#3442) to separate transfers from connections.
    
    Bug: https://curl.haxx.se/mail/lib-2019-02/0101.html
    Reported-by: Pavel Löbl
    
    Closes #3597
    Closes #3598
Commits on Feb 18, 2019
  1. easy: fix win32 init to work without CURL_GLOBAL_WIN32

    jay committed Feb 16, 2019
    - Change the behavior of win32_init so that the required initialization
      procedures are not affected by CURL_GLOBAL_WIN32 flag.
    
    libcurl via curl_global_init supports initializing for win32 with an
    optional flag CURL_GLOBAL_WIN32, which if omitted was meant to stop
    Winsock initialization. It did so internally by skipping win32_init()
    when that flag was set. Since then win32_init() has been expanded to
    include required initialization routines that are separate from
    Winsock and therefore must be called in all cases. This commit fixes
    it so that CURL_GLOBAL_WIN32 only controls the optional win32
    initialization (which is Winsock initialization, according to our doc).
    
    The only users affected by this change are those that don't pass
    CURL_GLOBAL_WIN32 to curl_global_init. For them this commit removes the
    risk of a potential crash.
    
    Ref: #3573
    
    Fixes #3313
    Closes #3575
Commits on Feb 14, 2019
  1. connection_check: restore original conn->data after the check

    jay authored and bagder committed Feb 12, 2019
    - Save the original conn->data before it's changed to the specified
      data transfer for the connection check and then restore it afterwards.
    
    This is a follow-up to 38d8e1b 2019-02-11.
    
    History:
    
    It was discovered a month ago that before checking whether to extract a
    dead connection that that connection should be associated with a "live"
    transfer for the check (ie original conn->data ignored and set to the
    passed in data). A fix was landed in 54b201b which did that and also
    cleared conn->data after the check. The original conn->data was not
    restored, so presumably it was thought that a valid conn->data was no
    longer needed.
    
    Several days later it was discovered that a valid conn->data was needed
    after the check and follow-up fix was landed in bbae24c which partially
    reverted the original fix and attempted to limit the scope of when
    conn->data was changed to only when pruning dead connections. In that
    case conn->data was not cleared and the original conn->data not
    restored.
    
    A month later it was discovered that the original fix was somewhat
    correct; a "live" transfer is needed for the check in all cases
    because original conn->data could be null which could cause a bad deref
    at arbitrary points in the check. A fix was landed in 38d8e1b which
    expanded the scope to all cases. conn->data was not cleared and the
    original conn->data not restored.
    
    A day later it was discovered that not restoring the original conn->data
    may lead to busy loops in applications that use the event interface, and
    given this observation it's a pretty safe assumption that there is some
    code path that still needs the original conn->data. This commit is the
    follow-up fix for that, it restores the original conn->data after the
    connection check.
    
    Assisted-by: tholin@users.noreply.github.com
    Reported-by: tholin@users.noreply.github.com
    
    Fixes #3542
    Closes #3559
Commits on Feb 13, 2019
  1. schannel: restore some debug output but only for debug builds

    jay committed Feb 13, 2019
    Follow-up to 84c10dc from earlier today which wrapped a lot of the noisy
    debug output in DEBUGF but omitted a few lines.
    
    Ref: 84c10dc#r32292900
Commits on Feb 12, 2019
  1. examples/crawler: Fix the Accept-Encoding setting

    jay committed Feb 12, 2019
    - Pass an empty string to CURLOPT_ACCEPT_ENCODING to use the default
      supported encodings.
    
    Prior to this change the specific encodings of gzip and deflate were set
    but there's no guarantee they'd be supported by the user's libcurl.
Commits on Jan 29, 2019
  1. TODO: WinSSL: 'Add option to disable client cert auto-send'

    jay committed Jan 29, 2019
    By default WinSSL selects and send a client certificate automatically,
    but for privacy and consistency we should offer an option to disable the
    default auto-send behavior.
    
    Reported-by: Jeroen Ooms
    
    Closes #2262
Commits on Dec 11, 2018
  1. http: fix HTTP auth to include query in URI

    jay authored and bagder committed Dec 10, 2018
    - Include query in the path passed to generate HTTP auth.
    
    Recent changes to use the URL API internally (46e1640, 7.62.0)
    inadvertently broke authentication URIs by omitting the query.
    
    Fixes #3353
    Closes #3356
Commits on Nov 6, 2018
  1. tool: add undocumented option --dump-module-paths for win32

    jay committed Nov 1, 2018
    - Add an undocumented diagnostic option for Windows to show the full
      paths of all loaded modules regardless of whether or not libcurl
      initialization succeeds.
    
    This is needed so that in the CI we can get a list of all DLL
    dependencies after initialization (when they're most likely to have
    finished loading) and then package them as artifacts so that a
    functioning build can be downloaded. Also I imagine it may have some use
    as a diagnostic for help requests.
    
    Ref: #3103
    
    Closes #3208
  2. curl_multibyte: fix a malloc overcalculation

    jay committed Nov 1, 2018
    Prior to this change twice as many bytes as necessary were malloc'd when
    converting wchar to UTF8. To allay confusion in the future I also
    changed the variable name for the amount of bytes from len to bytes.
    
    Closes #3209
Commits on Oct 23, 2018
  1. CIPHERS.md: Mention the options used to set TLS 1.3 ciphers

    jay committed Oct 23, 2018
    Closes #3159
Commits on Oct 5, 2018
  1. INTERNALS.md: wrap lines longer than 79

    jay committed Oct 5, 2018
Commits on Oct 3, 2018
  1. CURLOPT_HEADER.3: fix typo

    jay committed Oct 3, 2018
  2. nss: fix nssckbi module loading on Windows

    jay committed Oct 3, 2018
    - Use .DLL extension instead of .so to load modules on Windows.
    
    Bug: https://curl.haxx.se/mail/lib-2018-09/0077.html
    Reported-by: Maxime Legros
    
    Ref: #3016
    
    Closes #3086
  3. data-binary.d: clarify default content-type is x-www-form-urlencoded

    jay committed Oct 3, 2018
    - Advise user that --data-binary sends a default content type of
      x-www-form-urlencoded, and to have the data treated as arbitrary
      binary data by the server set the content-type header to octet-stream.
    
    Ref: #2852 (comment)
    
    Closes #3085
Commits on Sep 20, 2018
  1. vtls: fix ssl version "or later" behavior change for many backends

    jay committed Sep 18, 2018
    - Treat CURL_SSLVERSION_MAX_NONE the same as
      CURL_SSLVERSION_MAX_DEFAULT. Prior to this change NONE would mean use
      the minimum version also as the maximum.
    
    This is a follow-up to 6015cef which changed the behavior of setting
    the SSL version so that the requested version would only be the minimum
    and not the maximum. It appears it was (mostly) implemented in OpenSSL
    but not other backends. In other words CURL_SSLVERSION_TLSv1_0 used to
    mean use just TLS v1.0 and now it means use TLS v1.0 *or later*.
    
    - Fix CURL_SSLVERSION_MAX_DEFAULT for OpenSSL.
    
    Prior to this change CURL_SSLVERSION_MAX_DEFAULT with OpenSSL was
    erroneously treated as always TLS 1.3, and would cause an error if
    OpenSSL was built without TLS 1.3 support.
    
    Co-authored-by: Daniel Gustafsson
    
    Fixes #2969
    Closes #3012
Commits on Sep 12, 2018
  1. openssl: fix gcc8 warning

    jay committed Sep 12, 2018
    - Use memcpy instead of strncpy to copy a string without termination,
      since gcc8 warns about using strncpy to copy as many bytes from a
      string as its length.
    
    Suggested-by: Viktor Szakats
    
    Closes #2980
Commits on Sep 3, 2018
  1. tool_operate: Add http code 408 to transient list for --retry

    jay authored and bagder committed Aug 31, 2018
    - Treat 408 request timeout as transient so that curl will retry the
      request if --retry was used.
    
    Closes #2925
  2. openssl: Fix setting TLS 1.3 cipher suites

    jay authored and bagder committed Aug 31, 2018
    The flag indicating TLS 1.3 cipher support in the OpenSSL backend was
    missing.
    
    Bug: #2607 (comment)
    Reported-by: Kamil Dudka
    
    Closes #2926
Commits on Aug 31, 2018
  1. tool_operate: Fix setting proxy TLS 1.3 ciphers

    jay committed Aug 31, 2018
Commits on Aug 29, 2018
  1. CURLOPT_SSL_CTX_FUNCTION.3: clarify connection reuse warning

    jay committed Aug 29, 2018
    Reported-by: Daniel Stenberg
    
    Closes #2916
Commits on Aug 11, 2018
  1. projects: Improve Windows perl detection in batch scripts

    jay committed Aug 11, 2018
    - Determine if perl is in the user's PATH by running perl.exe.
    
    Prior to this change detection was done by checking the PATH for perl/
    but that did not work in all cases (eg git install includes perl but
    not in perl/ path).
    
    Bug: #2865
    Reported-by: Daniel Jeliński
Commits on Jul 29, 2018
  1. examples/ephiperfifo: checksrc compliance

    jay committed Jul 29, 2018
Commits on Jul 9, 2018
  1. lib/curl_setup.h: remove unicode character

    jay committed Jul 9, 2018
Commits on May 16, 2018
  1. rand: fix typo

    jay committed May 16, 2018
  2. schannel: disable manual verify if APIs not available

    jay committed May 16, 2018
    .. because original MinGW and old compilers do not have the Windows API
    definitions needed to support manual verification.
Commits on Apr 21, 2018
  1. tool_help: clarify --max-time unit of time is seconds

    jay committed Apr 21, 2018
    Before:
     -m, --max-time <time> Maximum time allowed for the transfer
    
    After:
     -m, --max-time <seconds> Maximum time allowed for the transfer
Commits on Apr 20, 2018
  1. openssl: Add support for OpenSSL 1.1.1 verbose-mode trace messages

    jay committed Mar 20, 2018
    - Support handling verbose-mode trace messages of type
      SSL3_RT_INNER_CONTENT_TYPE, SSL3_MT_ENCRYPTED_EXTENSIONS,
      SSL3_MT_END_OF_EARLY_DATA, SSL3_MT_KEY_UPDATE, SSL3_MT_NEXT_PROTO,
      SSL3_MT_MESSAGE_HASH
    
    Reported-by: iz8mbw@users.noreply.github.com
    
    Fixes #2403
Commits on Apr 17, 2018
  1. schannel: fix warning

    jay committed Apr 17, 2018
    - Fix warning 'integer from pointer without a cast' on 3rd arg in
      CertOpenStore. The arg type HCRYPTPROV may be a pointer or integer
      type of the same size.
    
    Follow-up to e35b025.
    
    Caught by Marc's CI builds.
Commits on Apr 7, 2018
  1. examples/sftpuploadresmue: Fix Windows large file seek

    jay committed Apr 7, 2018
    - Use _fseeki64 instead of fseek (long) to seek curl_off_t in Windows.
    
    - Use CURL_FORMAT_CURL_OFF_T specifier instead of %ld to print
      curl_off_t.
    
    Caught by Marc's CI builds.
Commits on Apr 6, 2018
  1. build-openssl.bat: Refer to VS2017 as VC14.1 instead of VC15

    jay authored and bagder committed Dec 22, 2017
    .. and do the same for build-wolfssl.bat.
    
    Because MS calls it VC14.1.
    
    Closes #2189
Commits on Mar 31, 2018
  1. docs: fix CURLINFO_*_T examples use of CURL_FORMAT_CURL_OFF_T

    jay committed Mar 31, 2018
    - Put a percent sign before each CURL_FORMAT_CURL_OFF_T in printf.
    
    For example "%" CURL_FORMAT_CURL_OFF_T becomes %lld or similar.
    
    Bug: https://curl.haxx.se/mail/lib-2018-03/0140.html
    Reported-by: David L.
Commits on Mar 26, 2018
  1. travis: enable apt retry on fail

    jay committed Mar 26, 2018
    This is a workaround for an unsolved travis issue that is causing CI
    instances to sporadically fail due to 'unable to connect' issues during
    apt stage.
    
    Ref: travis-ci/travis-ci#8507
    Ref: travis-ci/travis-ci#9112 (comment)
Older
You can’t perform that action at this time.