| #
dafdb20a |
| 11-Nov-2022 |
Stefan Eissing |
lib: connection filters (cfilter) addition to curl:
- general construct/destroy in connectdata
- default implementations of callback functions
- connect: cfilters for connect and
lib: connection filters (cfilter) addition to curl:
- general construct/destroy in connectdata
- default implementations of callback functions
- connect: cfilters for connect and accept
- socks: cfilter for socks proxying
- http_proxy: cfilter for http proxy tunneling
- vtls: cfilters for primary and proxy ssl
- change in general handling of data/conn
- Curl_cfilter_setup() sets up filter chain based on data settings,
if none are installed by the protocol handler setup
- Curl_cfilter_connect() boot straps filters into `connected` status,
used by handlers and multi to reach further stages
- Curl_cfilter_is_connected() to check if a conn is connected,
e.g. all filters have done their work
- Curl_cfilter_get_select_socks() gets the sockets and READ/WRITE
indicators for multi select to work
- Curl_cfilter_data_pending() asks filters if the have incoming
data pending for recv
- Curl_cfilter_recv()/Curl_cfilter_send are the general callbacks
installed in conn->recv/conn->send for io handling
- Curl_cfilter_attach_data()/Curl_cfilter_detach_data() inform filters
and addition/removal of a `data` from their connection
- adding vtl functions to prevent use of Curl_ssl globals directly
in other parts of the code.
Reviewed-by: Daniel Stenberg
Closes #9855
show more ...
|
| #
1e9a538e |
| 20-Oct-2022 |
Daniel Stenberg |
noproxy: support proxies specified using cidr notation
For both IPv4 and IPv6 addresses. Now also checks IPv6 addresses "correctly"
and not with string comparisons.
Split out th
noproxy: support proxies specified using cidr notation
For both IPv4 and IPv6 addresses. Now also checks IPv6 addresses "correctly"
and not with string comparisons.
Split out the noproxy checks and functionality into noproxy.c
Added unit test 1614 to verify checking functions.
Reported-by: Mathieu Carbonneaux
Fixes #9773
Fixes #5745
Closes #9775
show more ...
|
| #
eb33ccd5 |
| 26-Sep-2022 |
Daniel Stenberg |
functypes: provide the recv and send arg and return types
This header is for providing the argument types for recv() and send()
when built to not use a dedicated config-[platfor].h file.
functypes: provide the recv and send arg and return types
This header is for providing the argument types for recv() and send()
when built to not use a dedicated config-[platfor].h file.
Remove the slow brute-force checks from configure and cmake.
This change also removes the use of the types for select, as they were
not used in code.
Closes #9592
show more ...
|
| #
664249d0 |
| 09-Sep-2022 |
Daniel Stenberg |
ws: initial websockets support
Closes #8995
|
| #
f703cf97 |
| 01-Sep-2022 |
Daniel Stenberg |
urlapi: leaner with fewer allocs
Slightly faster with more robust code. Uses fewer and smaller mallocs.
- remove two fields from the URL handle struct
- reduce copies and allocs
urlapi: leaner with fewer allocs
Slightly faster with more robust code. Uses fewer and smaller mallocs.
- remove two fields from the URL handle struct
- reduce copies and allocs
- use dynbuf buffers more instead of custom malloc + copies
- uses dynbuf to build the host name in reduces serial alloc+free within
the same function.
- move dedotdotify into urlapi.c and make it static, not strdup the input
and optimize it by checking for . and / before using strncmp
- remove a few strlen() calls
- add Curl_dyn_setlen() that can "trim" an existing dynbuf
Closes #9408
show more ...
|
| #
f65f7507 |
| 05-Sep-2022 |
Daniel Stenberg |
curl_ctype: convert to macros-only
This no longer provide functions, only macros. Runs faster and produces
smaller output.
The biggest precaution this change brings:
DO
curl_ctype: convert to macros-only
This no longer provide functions, only macros. Runs faster and produces
smaller output.
The biggest precaution this change brings:
DO NOT use post/pre-increments when passing arguments to the macros.
Closes #9429
show more ...
|
| #
20f9dd6b |
| 25-May-2022 |
Daniel Stenberg |
fopen: add Curl_fopen() for better overwriting of files
Bug: https://curl.se/docs/CVE-2022-32207.html
CVE-2022-32207
Reported-by: Harry Sintonen
Closes #9050
|
| #
ad9bc597 |
| 17-May-2022 |
max.mehl |
copyright: make repository REUSE compliant
Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the
copyright: make repository REUSE compliant
Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the file
`.reuse/dep5`.
This commit also adds a Github workflow to check pull requests and adapts
copyright.pl to the changes.
Closes #8869
show more ...
|
| #
23af112f |
| 05-Apr-2022 |
Thomas Guillem |
lib: make curl_global_init() threadsafe when possible
Use a posix pthread or a Windows SRWLOCK to lock curl_global_init*() and
curl_global_cleanup().
Closes #8680
|
|
Revision tags: curl-7_76_1, curl-7_76_0, curl-7_75_0, curl-7_74_0, curl-7_73_0 |
|
| #
68035af2 |
| 29-Aug-2020 |
Marc Hoersken |
timediff.[ch]: add curlx helper functions for timeval conversions
Also move timediff_t definitions from timeval.h to timediff.h and
then make timeval.h include the new standalone-capable
timediff.[ch]: add curlx helper functions for timeval conversions
Also move timediff_t definitions from timeval.h to timediff.h and
then make timeval.h include the new standalone-capable timediff.h.
Reviewed-by: Jay Satiro
Reviewed-by: Daniel Stenberg
Supersedes #5888
Closes #8595
show more ...
|
| #
37492ebb |
| 10-Apr-2022 |
Nick Banks |
msh3: add support for QUIC and HTTP/3 using msh3
Considered experimental, as the other HTTP/3 backends.
Closes #8517
|
| #
d1e4a677 |
| 17-Mar-2022 |
Daniel Stenberg |
header api: add curl_easy_header and curl_easy_nextheader
Add test 1940 to 1946 to verify.
Closes #8593
|
| #
f8c3724a |
| 06-Feb-2022 |
Daniel Stenberg |
h2h3: added Curl_pseudo_headers()
For use with both http2 and http3 requests.
|
| #
9478a970 |
| 04-Feb-2022 |
Daniel Stenberg |
lib: move hostcheck and x509sn1 sources to vtls/
... since they are used strictly by TLS code.
Closes #8386
|
| #
26101421 |
| 03-Feb-2022 |
Daniel Stenberg |
lib: remove support for CURL_DOES_CONVERSIONS
TPF was the only user and support for that was dropped.
Closes #8378
|
| #
223f26c2 |
| 09-Jan-2022 |
Daniel Stenberg |
mesalink: remove support
Mesalink has ceased development. We can no longer encourage use of it.
It seems to be continued under the name TabbySSL, but no attempts have
(yet) been to m
mesalink: remove support
Mesalink has ceased development. We can no longer encourage use of it.
It seems to be continued under the name TabbySSL, but no attempts have
(yet) been to make curl support it.
Fixes #8188
Closes #8191
show more ...
|
| #
34cf4032 |
| 23-Mar-2021 |
Patrick Monnerat |
bufref: buffer reference support
A struct bufref holds a buffer pointer, a data size and a destructor.
When freed or its contents are changed, the previous buffer is implicitly
relea
bufref: buffer reference support
A struct bufref holds a buffer pointer, a data size and a destructor.
When freed or its contents are changed, the previous buffer is implicitly
released by the associated destructor. The data size, although not used
internally, allows binary data support.
A unit test checks its handling methods: test 1661
Closes #6654
show more ...
|
| #
246399a8 |
| 13-Dec-2020 |
Jacob Hoffman-Andrews |
vtls: initial implementation of rustls backend
This adds a new TLS backend, rustls. It uses the C-to-rustls bindings
from https://github.com/abetterinternet/crustls.
Rustls is a
vtls: initial implementation of rustls backend
This adds a new TLS backend, rustls. It uses the C-to-rustls bindings
from https://github.com/abetterinternet/crustls.
Rustls is at https://github.com/ctz/rustls/.
There is still a fair bit to be done, like sending CloseNotify on
connection shutdown, respecting CAPATH, and properly indicating features
like "supports TLS 1.3 ciphersuites." But it works well enough to make
requests and receive responses.
Blog post for context:
https://www.abetterinternet.org/post/memory-safe-curl/
Closes #6350
show more ...
|
| #
3eebbfe8 |
| 24-Dec-2020 |
Simon Josefsson |
sasl: support SCRAM-SHA-1 and SCRAM-SHA-256 via libgsasl
Closes #6372
|
| #
7542ec5b |
| 14-Jan-2021 |
Daniel Stenberg |
lib/Makefile.inc: convert to listing each file on its own line
... to make it diff friendlier and easier to read.
Closes #6448
|
|
Revision tags: tiny-curl-7_72_0, curl-7_72_0 |
|
| #
08e8455d |
| 09-Jul-2020 |
Matthias Gatto |
http: introduce AWS HTTP v4 Signature
It is a security process for HTTP.
It doesn't seems to be standard, but it is used by some cloud providers.
Aws:
https://docs.aws.
http: introduce AWS HTTP v4 Signature
It is a security process for HTTP.
It doesn't seems to be standard, but it is used by some cloud providers.
Aws:
https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
Outscale:
https://wiki.outscale.net/display/EN/Creating+a+Canonical+Request
GCP (I didn't test that this code work with GCP though):
https://cloud.google.com/storage/docs/access-control/signing-urls-manually
most of the code is in lib/http_v4_signature.c
Information require by the algorithm:
- The URL
- Current time
- some prefix that are append to some of the signature parameters.
The data extracted from the URL are: the URI, the region,
the host and the API type
example:
https://api.eu-west-2.outscale.com/api/latest/ReadNets
~~~ ~~~~~~~~ ~~~~~~~~~~~~~~~~~~~
^ ^ ^
/ \ URI
API type region
Small description of the algorithm:
- make canonical header using content type, the host, and the date
- hash the post data
- make canonical_request using custom request, the URI,
the get data, the canonical header, the signed header
and post data hash
- hash canonical_request
- make str_to_sign using one of the prefix pass in parameter,
the date, the credential scope and the canonical_request hash
- compute hmac from date, using secret key as key.
- compute hmac from region, using above hmac as key
- compute hmac from api_type, using above hmac as key
- compute hmac from request_type, using above hmac as key
- compute hmac from str_to_sign using above hmac as key
- create Authorization header using above hmac, prefix pass in parameter,
the date, and above hash
Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>
Closes #5703
show more ...
|
| #
58974d25 |
| 14-Dec-2020 |
Daniel Stenberg |
lib: introduce c-hyper for using Hyper
... as an alternative HTTP backend within libcurl.
|
| #
4d2f8006 |
| 04-Nov-2020 |
Daniel Stenberg |
curl.se: new home
Closes #6172
|
| #
7385610d |
| 02-Nov-2020 |
Daniel Stenberg |
hsts: add support for Strict-Transport-Security
- enable in the build (configure)
- header parsing
- host name lookup
- unit tests for the above
- CI build
- CURL_VERSION
hsts: add support for Strict-Transport-Security
- enable in the build (configure)
- header parsing
- host name lookup
- unit tests for the above
- CI build
- CURL_VERSION_HSTS bit
- curl_version_info support
- curl -V output
- curl-config --features
- CURLOPT_HSTS_CTRL
- man page for CURLOPT_HSTS_CTRL
- curl --hsts (sets CURLOPT_HSTS_CTRL and works with --libcurl)
- man page for --hsts
- save cache to disk
- load cache from disk
- CURLOPT_HSTS
- man page for CURLOPT_HSTS
- added docs/HSTS.md
- fixed --version docs
- adjusted curl_easy_duphandle
Closes #5896
show more ...
|
| #
1ee289f7 |
| 22-Sep-2020 |
Daniel Stenberg |
curl_krb5.h: rename from krb5.h
Follow-up from f4873ebd0be32cf
Turns out some older openssl installations go bananas otherwise.
Reported-by: Tom van der Woerdt
Fixes #5995
curl_krb5.h: rename from krb5.h
Follow-up from f4873ebd0be32cf
Turns out some older openssl installations go bananas otherwise.
Reported-by: Tom van der Woerdt
Fixes #5995
Closes #5996
show more ...
|
