c96462ad | 11-Oct-2022 |
Martin Ågren |
docs: fix grammar around needing pass phrase "You never needed a pass phrase" reads like it's about to be followed by something like "until version so-and-so", but that is not what is
docs: fix grammar around needing pass phrase "You never needed a pass phrase" reads like it's about to be followed by something like "until version so-and-so", but that is not what is intended. Change to "You never need a pass phrase". There are two instances of this text, so make sure to update both.
show more ...
|
d91c736f | 09-Oct-2022 |
Xiang Xiao |
cmake: add the check of HAVE_SOCKETPAIR which is used by Curl_socketpair Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com> Closes #9686 |
d24a2ffe | 10-Oct-2022 |
Daniel Stenberg |
curl/add_file_name_to_url: use the libcurl URL parser instead of the custom error-prone parser, to extract and update the path of the given URL Closes #9683 |
b82eb72d | 10-Oct-2022 |
Daniel Stenberg |
single_transfer: use the libcurl URL parser when appending query parts Instead of doing "manual" error-prone parsing in another place. Used when --data contents is added to the URL
single_transfer: use the libcurl URL parser when appending query parts Instead of doing "manual" error-prone parsing in another place. Used when --data contents is added to the URL query when -G is provided. Closes #9681
show more ...
|
0554de58 | 09-Oct-2022 |
Daniel Stenberg |
ws: fix buffer pointer use in the callback loop Closes #9678 |
8af6b087 | 10-Oct-2022 |
Petr Štetiar |
curl-wolfssl.m4: error out if wolfSSL is not usable When I explicitly declare, that I would like to have curl built with wolfSSL support using `--with-wolfssl` configure option, then I w
curl-wolfssl.m4: error out if wolfSSL is not usable When I explicitly declare, that I would like to have curl built with wolfSSL support using `--with-wolfssl` configure option, then I would expect, that either I endup with curl having that support, for example in form of https support or it wouldn't be available at all. Downstream projects like for example OpenWrt build curl wolfSSL variant with `--with-wolfssl` already, but in certain corner cases it does fail: configure:25299: checking for wolfSSL_Init in -lwolfssl configure:25321: x86_64-openwrt-linux-musl-gcc -o conftest [snip] In file included from target-x86_64_musl/usr/include/wolfssl/wolfcrypt/dsa.h:33, from target-x86_64_musl/usr/include/wolfssl/wolfcrypt/asn_public.h:35, from target-x86_64_musl/usr/include/wolfssl/ssl.h:35, from conftest.c:47: target-x86_64_musl/usr/include/wolfssl/wolfcrypt/integer.h:37:14: fatal error: wolfssl/wolfcrypt/sp_int.h: No such file or directory #include <wolfssl/wolfcrypt/sp_int.h> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ compilation terminated. and in the end thus produces curl without https support: curl: (1) Protocol "https" not supported or disabled in libcurl So fix it, by making the working wolfSSL mandatory and error out in configure step when that's not the case: checking for wolfSSL_Init in -lwolfssl... no configure: error: --with-wolfssl but wolfSSL was not found or doesn't work References: https://github.com/openwrt/packages/issues/19005 References: https://github.com/openwrt/packages/issues/19547 Signed-off-by: Petr Štetiar <ynezz@true.cz> Closes #9682
show more ...
|
1527dd07 | 09-Oct-2022 |
Daniel Stenberg |
tool_getparam: pass in the snprintf("%.*s") string length as 'int' Reported by Coverity CID 1515928 Closes #9679 |
b261389d | 07-Oct-2022 |
Paul Seligman |
ws: minor fixes for web sockets without the CONNECT_ONLY flag - Fixed an issue where is_in_callback was getting cleared when using web sockets with debug logging enabled - Ensure t
ws: minor fixes for web sockets without the CONNECT_ONLY flag - Fixed an issue where is_in_callback was getting cleared when using web sockets with debug logging enabled - Ensure the handle is is_in_callback when calling out to fwrite_func - Change the write vs. send_data decision to whether or not the handle is in CONNECT_ONLY mode. - Account for buflen not including the header length in curl_ws_send Closes #9665
show more ...
|
d905de27 | 07-Oct-2022 |
Marc Hoersken |
CI/cirrus: merge existing macOS jobs into a job matrix Ref: #9627 Reviewed-by: Philip H. Closes #9672 |
ed5095ed | 05-Oct-2022 |
Daniel Stenberg |
strcase: add and use Curl_timestrcmp This is a strcmp() alternative function for comparing "secrets", designed to take the same time no matter the content to not leak match/non-match
strcase: add and use Curl_timestrcmp This is a strcmp() alternative function for comparing "secrets", designed to take the same time no matter the content to not leak match/non-match info to observers based on how fast it is. The time this function takes is only a function of the shortest input string. Reported-by: Trail of Bits Closes #9658
show more ...
|
b90f857f | 07-Oct-2022 |
Daniel Stenberg |
tool_getparam: split out data_urlencode() into its own function Closes #9673 |
4232e1ac | 07-Oct-2022 |
Daniel Stenberg |
connect: fix Curl_updateconninfo for TRNSPRT_UNIX Reported-by: Vasiliy Ulyanov Fixes #9664 Closes #9670 |
c02291fd | 07-Oct-2022 |
Daniel Stenberg |
ws: fix Coverity complaints Coverity pointed out several flaws where variables remained uninitialized after forks. Follow-up to e3f335148adc6742728f Closes #9666 |
187f152a | 04-Oct-2022 |
Marc Hoersken |
CI/GHA: merge msh3 and openssl3 builds into linux workflow Continue work on merging all Linux workflows into one file. Follow up to #9501 Closes #9646 |
64240471 | 07-Oct-2022 |
Daniel Stenberg |
curl_ws_send.3: call the argument 'fragsize' Since WebSocket works with "fragments" not "frames" Closes #9668 |
00452e6a | 07-Oct-2022 |
Daniel Stenberg |
easy: avoid Intel error #2312: pointer cast involving 64-bit pointed-to type Follow-up to e3f335148adc6742728ff8 Closes #9669 |
41e1b30e | 05-Oct-2022 |
Daniel Stenberg |
tool_main: exit at once if out of file descriptors If the main_checkfds function cannot create new file descriptors in an attempt to detect of stdin, stdout or stderr are closed.
tool_main: exit at once if out of file descriptors If the main_checkfds function cannot create new file descriptors in an attempt to detect of stdin, stdout or stderr are closed. Also changed the check to use fcntl() to check if the descriptors are open, which avoids superfluously calling pipe() if they all already are. Follow-up to facfa19cdd4d0094 Reported-by: Trail of Bits Closes #9663
show more ...
|
e3f33514 | 03-Oct-2022 |
Daniel Stenberg |
websockets: remodeled API to support 63 bit frame sizes curl_ws_recv() now receives data to fill up the provided buffer, but can return a partial fragment. The function now also get a po
websockets: remodeled API to support 63 bit frame sizes curl_ws_recv() now receives data to fill up the provided buffer, but can return a partial fragment. The function now also get a pointer to a curl_ws_frame struct with metadata that also mentions the offset and total size of the fragment (of which you might be receiving a smaller piece). This way, large incoming fragments will be "streamed" to the application. When the curl_ws_frame struct field 'bytesleft' is 0, the final fragment piece has been delivered. curl_ws_recv() was also adjusted to work with a buffer size smaller than the fragment size. (Possibly needless to say as the fragment size can now be 63 bit large). curl_ws_send() now supports sending a piece of a fragment, in a streaming manner, in addition to sending the entire fragment in a single call if it is small enough. To send a huge fragment, curl_ws_send() can be used to send it in many small calls by first telling libcurl about the total expected fragment size, and then send the payload in N number of separate invokes and libcurl will stream those over the wire. The struct curl_ws_meta() returns is now called 'curl_ws_frame' and it has been extended with two new fields: *offset* and *bytesleft*. To help describe the passed on data chunk when a fragment is delivered in many smaller pieces. The documentation has been updated accordingly. Closes #9636
show more ...
|
83de62ba | 06-Oct-2022 |
Patrick Monnerat |
docs/examples: avoid deprecated options in examples where possible Example programs targeting a deprecated feature/option are commented with a warning about it. Other examples are ad
docs/examples: avoid deprecated options in examples where possible Example programs targeting a deprecated feature/option are commented with a warning about it. Other examples are adapted to not use deprecated options. Closes #9661
show more ...
|
28687ae2 | 06-Oct-2022 |
Viktor Szakats |
cmake: fix enabling websocket support Follow-up from 664249d095275ec532f55dd1752d80c8c1093a77 Closes #9660 |
0c327464 | 06-Oct-2022 |
Viktor Szakats |
tidy-up: delete parallel/unused feature flags Detecting headers and lib separately makes sense when headers come in variations or with extra ones, but this wasn't the case here. These we
tidy-up: delete parallel/unused feature flags Detecting headers and lib separately makes sense when headers come in variations or with extra ones, but this wasn't the case here. These were duplicate/parallel macros that we had to keep in sync with each other for a working build. This patch leaves a single macro for each of these dependencies: - Rely on `HAVE_LIBZ`, delete parallel `HAVE_ZLIB_H`. Also delete CMake logic making sure these two were in sync, along with a toggle to turn off that logic, called `CURL_SPECIAL_LIBZ`. Also delete stray `HAVE_ZLIB` defines. There is also a `USE_ZLIB` variant in `lib/config-dos.h`. This patch retains it for compatibility and deprecates it. - Rely on `USE_LIBSSH2`, delete parallel `HAVE_LIBSSH2_H`. Also delete `LIBSSH2_WIN32`, `LIBSSH2_LIBRARY` from `winbuild/MakefileBuild.vc`, these have a role when building libssh2 itself. And `CURL_USE_LIBSSH`, which had no use at all. Also delete stray `HAVE_LIBSSH2` defines. - Rely on `USE_LIBSSH`, delete parallel `HAVE_LIBSSH_LIBSSH_H`. Also delete `LIBSSH_WIN32`, `LIBSSH_LIBRARY` and `HAVE_LIBSSH` from `winbuild/MakefileBuild.vc`, these were the result of copy-pasting the libssh2 line, and were not having any use. - Delete unused `HAVE_LIBPSL_H` and `HAVE_LIBPSL`. Reviewed-by: Daniel Stenberg Closes #9652
show more ...
|
6d90308a | 06-Oct-2022 |
Daniel Stenberg |
netrc: compare user name case sensitively User name comparisions in netrc need to match the case. Closes #9657 |
ea3ce80f | 05-Oct-2022 |
Daniel Stenberg |
CURLOPT_COOKIEFILE: insist on "" for enable-without-file The former way that also suggested using a non-existing file to just enable the cookie engine could lead to developers maybe a bi
CURLOPT_COOKIEFILE: insist on "" for enable-without-file The former way that also suggested using a non-existing file to just enable the cookie engine could lead to developers maybe a bit carelessly guessing a file name that will not exist, and then in a future due to circumstances, such a file could be made to exist and then accidentally libcurl would read cookies not actually meant to. Reported-by: Trail of bits Closes #9654
show more ...
|
3f44eb81 | 06-Oct-2022 |
Daniel Stenberg |
tests/Makefile: remove run time stats from ci-test The ci-test is the normal makefile target invoked in CI jobs. This has been using the -r option to runtests.pl since a long time, but I
tests/Makefile: remove run time stats from ci-test The ci-test is the normal makefile target invoked in CI jobs. This has been using the -r option to runtests.pl since a long time, but I find that it mostly just adds many lines to the test output report without anyone caring much about those stats. Remove it. Closes #9656
show more ...
|
2e475deb | 05-Oct-2022 |
Patrick Monnerat |
tool: reorganize function c_escape around a dynbuf This is a bit shorter and a lot safer. Substrings of unescaped characters are added by a single call to reduce overhead.
tool: reorganize function c_escape around a dynbuf This is a bit shorter and a lot safer. Substrings of unescaped characters are added by a single call to reduce overhead. Extend test 1465 to handle more kind of escapes. Closes #9653
show more ...
|