| #
ad1c49bc |
| 14-Oct-2024 |
Daniel Stenberg |
lib: remove function pointer typecasts for hmac/sha256/md5
Make sure we use functions with the correct prototype.
Closes #15289
|
| #
e8c024aa |
| 08-Oct-2024 |
Daniel Stenberg |
http_aws_sigv4: avoid local buffer and strcpy
This avoids the buffer, the copy and the previous host name length
limit.
Closes #15200
|
| #
bcec0840 |
| 02-Oct-2024 |
Daniel Stenberg |
lib: use bool/TRUE/FALSE properly
booleans should use the type 'bool' and set the value to TRUE/FALSE
non-booleans should not be 'bool' and should not set the value to
TRUE/FALS
lib: use bool/TRUE/FALSE properly
booleans should use the type 'bool' and set the value to TRUE/FALSE
non-booleans should not be 'bool' and should not set the value to
TRUE/FALSE
Closes #15123
show more ...
|
| #
fbf5d507 |
| 18-Sep-2024 |
Daniel Stenberg |
lib/src: white space edits to comply better with code style
... as checksrc now finds and complains about these.
Closes #14921
|
| #
573e7e82 |
| 23-Aug-2024 |
Viktor Szakats |
lib, src: delete stray `curl_` prefix from printf calls
Also:
- unit1398: delete redundant `curl/mprintf.h` include.
Closes #14664
|
| #
624b20c6 |
| 11-Aug-2024 |
Viktor Szakats |
lib: prefer `CURL_SHA256_DIGEST_LENGTH` over the unprefixed name
Already used in `vtls.h`. Prefer this curl-namespaced name over the
unprefixed `SHA256_DIGEST_LENGTH`. The latter is also
lib: prefer `CURL_SHA256_DIGEST_LENGTH` over the unprefixed name
Already used in `vtls.h`. Prefer this curl-namespaced name over the
unprefixed `SHA256_DIGEST_LENGTH`. The latter is also defined by TLS
backends with a potential to cause issues.
Also stop relying on externel headers setting this constant. It's
already defined in `vtls.h` on curl's behalf, do this also for `lib`.
Cherry-picked from #14495
Closes #14513
show more ...
|
| #
cf3e3d93 |
| 04-Aug-2024 |
Austin Moore |
aws_sigv4: fix canon order for headers with same prefix
If a request containing two headers that have equivalent prefixes (ex.
"x-amz-meta-test:test" and "x-amz-meta-test-two:test2") AWS
aws_sigv4: fix canon order for headers with same prefix
If a request containing two headers that have equivalent prefixes (ex.
"x-amz-meta-test:test" and "x-amz-meta-test-two:test2") AWS expects the
header with the shorter name to come first. The previous implementation
used `strcmp` on the full header. Using the example, this would result
in a comparison between the ':' and '-' chars and sort
"x-amz-meta-test-two" before "x-amz-meta-test", which produces a
different "StringToSign" than the one calculated by AWS.
Test 1976 verifies
Closes #14370
show more ...
|
| #
c074ba64 |
| 01-Jul-2024 |
Daniel Stenberg |
code: language cleanup in comments
Based on the standards and guidelines we use for our documentation.
- expand contractions (they're => they are etc)
- host name = > hostname
code: language cleanup in comments
Based on the standards and guidelines we use for our documentation.
- expand contractions (they're => they are etc)
- host name = > hostname
- file name => filename
- user name = username
- man page => manpage
- run-time => runtime
- set-up => setup
- back-end => backend
- a HTTP => an HTTP
- Two spaces after a period => one space after period
Closes #14073
show more ...
|
| #
3b9569c3 |
| 28-May-2024 |
Viktor Szakats |
lib: prefer `var = time(NULL)` over `time(&var)`
Following up on previous occurrences showing up as gcc warnings, replace
the remaining `time(&var)` calls with `var = time(NULL)`, though
lib: prefer `var = time(NULL)` over `time(&var)`
Following up on previous occurrences showing up as gcc warnings, replace
the remaining `time(&var)` calls with `var = time(NULL)`, though these
aren't specifically causing compiler warnings. These are in the TFTP
client code (`lib/tftp.c`), except one which is in a debug branch in
`lib/http_aws_sigv4.c`.
What's unexplainable is that this patch seems to mitigate TFTP tests
often hanging or going into an infinite loop on GHA windows workflows
with MSYS2, mingw-w64 and MSVC (Cygwin is unaffected):
https://github.com/curl/curl/pull/13599#issuecomment-2119372376
TFTP hangs did not entirely disappear though, so could be unrelated.
`time()` docs:
https://learn.microsoft.com/en-us/cpp/c-runtime-library/reference/time-time32-time64
https://manpages.debian.org/bookworm/manpages-dev/time.2.en.html
Follow-up to 58ca0a2f0743a586716ca357c382b29e3f08db69 #13800
Follow-up to d0728c9109629ee82b855b350a4c3f1f52ee61df #13643
Closes #13815
show more ...
|
| #
768909d8 |
| 27-May-2024 |
Matthias Gatto |
aws-sigv4: url encode the canonical path
Refactors canon_query, so it could use the encoding part of the function
to use it in the path.
As the path doesn't encode '/', but enco
aws-sigv4: url encode the canonical path
Refactors canon_query, so it could use the encoding part of the function
to use it in the path.
As the path doesn't encode '/', but encode '=', I had to add some
conditions to know If I was doing the query or path encoding.
Also, instead of adding a `bool in_path` variable, I use `bool
*found_equals` to know if the function was called for the query or path,
as found_equals is used only in query_encoding.
Test 472 verifies.
Reported-by: Alexander Shtuchkin
Fixes #13754
Closes #13814
Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>
show more ...
|
| #
58ca0a2f |
| 20-May-2024 |
Viktor Szakats |
lib: fix gcc warning in certain debug builds
```
curl/lib/http_aws_sigv4.c:536:10: error: 'clock' may be used uninitialized [-Werror=maybe-uninitialized]
536 | time_t clock;
lib: fix gcc warning in certain debug builds
```
curl/lib/http_aws_sigv4.c:536:10: error: 'clock' may be used uninitialized [-Werror=maybe-uninitialized]
536 | time_t clock;
| ^~~~~
```
Ref: https://github.com/curl/curl/actions/runs/9158755123/job/25177765000#step:13:79
Cherry-picked from #13718
Closes #13800
show more ...
|
| #
ac49152e |
| 19-Apr-2024 |
Daniel Stenberg |
http_aws_sigv4: remove useless assignment
This code assigned the variable the same value it already had
Spotted by CodeSonar
Closes #13426
|
| #
ff74cef5 |
| 11-Dec-2023 |
Daniel Stenberg |
lib: reduce use of strncpy
- bearssl: select cipher without buffer copies
- http_aws_sigv4: avoid strncpy, require exact timestamp length
- http_aws_sigv4: use memcpy isntead of strn
lib: reduce use of strncpy
- bearssl: select cipher without buffer copies
- http_aws_sigv4: avoid strncpy, require exact timestamp length
- http_aws_sigv4: use memcpy isntead of strncpy
- openssl: avoid strncpy calls
- schannel: check for 1.3 algos without buffer copies
- strerror: avoid strncpy calls
- telnet: avoid strncpy, return error on too long inputs
- vtls: avoid strncpy in multissl_version()
Closes #12499
show more ...
|
| #
bbba69da |
| 01-Nov-2023 |
Harry Mallon |
http_aws_sigv4: canonicalise valueless query params
Fixes #8107
Closes #12244
|
| #
91878ebe |
| 29-Sep-2023 |
Daniel Stenberg |
lib: provide and use Curl_hexencode
Generates a lower case ASCII hex output from a binary input.
Closes #11990
|
| #
c8792035 |
| 16-Sep-2023 |
Dan Fandrich |
http_aws_sigv4: fix sorting with empty parts
When comparing with an empty part, the non-empty one is always
considered greater-than. Previously, the two would be considered equal
whi
http_aws_sigv4: fix sorting with empty parts
When comparing with an empty part, the non-empty one is always
considered greater-than. Previously, the two would be considered equal
which would randomly place empty parts amongst non-empty ones. This
showed as a test 439 failure on Solaris as it uses a different
implementation of qsort() that compares parts differently.
Fixes #11855
Closes #11868
show more ...
|
| #
b5c65f8b |
| 12-Aug-2023 |
Jay Satiro |
http_aws_sigv4: handle no-value user header entries
- Handle user headers in format 'name:' and 'name;' with no value.
The former is used when the user wants to remove an internal l
http_aws_sigv4: handle no-value user header entries
- Handle user headers in format 'name:' and 'name;' with no value.
The former is used when the user wants to remove an internal libcurl
header and the latter is used when the user actually wants to send a
no-value header in the format 'name:' (note the semi-colon is converted
by libcurl to a colon).
Prior to this change the AWS header import code did not special case
either of those and the generated AWS SignedHeaders would be incorrect.
Reported-by: apparentorder@users.noreply.github.com
Ref: https://curl.se/docs/manpage.html#-H
Fixes https://github.com/curl/curl/issues/11664
Closes https://github.com/curl/curl/pull/11668
show more ...
|
| #
a1532a33 |
| 10-Sep-2023 |
Daniel Stenberg |
aws_sigv4: the query canon code miscounted URL encoded input
Added some extra ampersands to test 439 to verify "blank" query parts
Follow-up to fc76a24c53b08cdf
Closes #118
aws_sigv4: the query canon code miscounted URL encoded input
Added some extra ampersands to test 439 to verify "blank" query parts
Follow-up to fc76a24c53b08cdf
Closes #11829
show more ...
|
| #
16bdc09e |
| 08-Sep-2023 |
Daniel Stenberg |
http_aws_sigv4: skip the op if the query pair is zero bytes
Follow-up to fc76a24c53b08cdf
Spotted by OSS-Fuzz
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=621
http_aws_sigv4: skip the op if the query pair is zero bytes
Follow-up to fc76a24c53b08cdf
Spotted by OSS-Fuzz
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62175
Closes #11823
show more ...
|
| #
fc76a24c |
| 06-Sep-2023 |
Daniel Stenberg |
http_aws_sigv4: canonicalize the query
Percent encoding needs to be done using uppercase, and most
non-alphanumerical must be percent-encoded.
Fixes #11794
Reported-by: John
http_aws_sigv4: canonicalize the query
Percent encoding needs to be done using uppercase, and most
non-alphanumerical must be percent-encoded.
Fixes #11794
Reported-by: John Walker
Closes #11806
show more ...
|
| #
e92edfbe |
| 20-Jul-2023 |
Wyatt O'Day |
lib: add ability to disable auths individually
Both with configure and cmake
Closes #11490
|
| #
b8dabfb1 |
| 01-Sep-2023 |
Daniel Stenberg |
awssiv4: avoid freeing the date pointer on error
Since it was not allocated, don't free it even if it was wrong syntax
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=619
awssiv4: avoid freeing the date pointer on error
Since it was not allocated, don't free it even if it was wrong syntax
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61908
Follow-up to b137634ba3adb
Closes #11782
show more ...
|
| #
b137634b |
| 28-Aug-2023 |
Matthias Gatto |
lib: fix aws-sigv4 having date header twice in some cases
When the user was providing the header X-XXX-Date, the header was
re-added during signature computation, and we had it twice in
lib: fix aws-sigv4 having date header twice in some cases
When the user was providing the header X-XXX-Date, the header was
re-added during signature computation, and we had it twice in the
request.
Reported-by: apparentorder@users.noreply.github.com
Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>
Fixes: https://github.com/curl/curl/issues/11738
Closes: https://github.com/curl/curl/pull/11754
show more ...
|
| #
d567cca1 |
| 27-Apr-2023 |
Daniel Stenberg |
checksrc: fix SPACEBEFOREPAREN for conditions starting with "*"
The open paren check wants to warn for spaces before open parenthesis
for if/while/for but also for any function call. In
checksrc: fix SPACEBEFOREPAREN for conditions starting with "*"
The open paren check wants to warn for spaces before open parenthesis
for if/while/for but also for any function call. In order to avoid
catching function pointer declarations, the logic allows a space if the
first character after the open parenthesis is an asterisk.
I also spotted what we did not include "switch" in the check but we should.
This check is a little lame, but we reduce this problem by not allowing
that space for if/while/for/switch.
Reported-by: Emanuele Torre
Closes #11044
show more ...
|
| #
18a45a51 |
| 14-Mar-2023 |
Daniel Stenberg |
http_aws_sigv4: fix scan-build "value stored to 'ret' is never read"
Follow-up to 495d09810aa9a
Closes #10766
|
