| #
76172511 |
| 04-Jul-2022 |
Viktor Szakats |
windows: improve random source
- Use the Windows API to seed the fallback random generator.
This ensures to always have a random seed, even when libcurl is built
with a vtls
windows: improve random source
- Use the Windows API to seed the fallback random generator.
This ensures to always have a random seed, even when libcurl is built
with a vtls backend lacking a random generator API, such as rustls
(experimental), GSKit and certain mbedTLS builds, or, when libcurl is
built without a TLS backend. We reuse the Windows-specific random
function from the Schannel backend.
- Implement support for `BCryptGenRandom()` [1] on Windows, as a
replacement for the deprecated `CryptGenRandom()` [2] function.
It is used as the secure random generator for Schannel, and also to
provide entropy for libcurl's fallback random generator. The new
function is supported on Vista and newer via its `bcrypt.dll`. It is
used automatically when building for supported versions. It also works
in UWP apps (the old function did not).
- Clear entropy buffer before calling the Windows random generator.
This avoids using arbitrary application memory as entropy (with
`CryptGenRandom()`) and makes sure to return in a predictable state
when an API call fails.
[1] https://docs.microsoft.com/windows/win32/api/bcrypt/nf-bcrypt-bcryptgenrandom
[2] https://docs.microsoft.com/windows/win32/api/wincrypt/nf-wincrypt-cryptgenrandom
Closes #9027
show more ...
|
| #
70adb81c |
| 22-Jun-2022 |
Viktor Szakats |
rand: stop detecting /dev/urandom in cross-builds
- Prevent CMake to auto-detect /dev/urandom when cross-building.
Before this patch, it would detect it in a cross-build scenario on *n
rand: stop detecting /dev/urandom in cross-builds
- Prevent CMake to auto-detect /dev/urandom when cross-building.
Before this patch, it would detect it in a cross-build scenario on *nix
hosts with this device present. This was a problem for example with
Windows builds, but it could affect any target system with this device
missing. This also syncs detection behaviour with autotools, which also
skips it for cross-builds.
- Also, make sure to never use the file RANDOM_FILE as entropy for libcurl's
fallback random number generator on Windows. Windows does not have the
concept of reading a random stream from a filename, nor any guaranteed
non-world-writable path on disk. With this, a manual misconfiguration or
an overeager auto-detection can no longer result in a user-controllable
seed source.
Reviewed-by: Daniel Stenberg
Closes #9038
show more ...
|
| #
ad9bc597 |
| 17-May-2022 |
max.mehl |
copyright: make repository REUSE compliant
Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the
copyright: make repository REUSE compliant
Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the file
`.reuse/dep5`.
This commit also adds a Github workflow to check pull requests and adapts
copyright.pl to the changes.
Closes #8869
show more ...
|
| #
4ec0549c |
| 25-Apr-2022 |
Daniel Stenberg |
misc: update copyright year ranges
|
| #
34bbf964 |
| 14-Apr-2022 |
Daniel Gustafsson |
infof: consistent capitalization of warning messages
Ensure that all infof calls with a warning message are capitalized
in the same way. At some point we should probably set up a style-
infof: consistent capitalization of warning messages
Ensure that all infof calls with a warning message are capitalized
in the same way. At some point we should probably set up a style-
guide for infof but until then let's aim for a little consistenncy
where we can.
Closes: #8711
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
show more ...
|
| #
e7416cfd |
| 06-Jul-2021 |
Daniel Stenberg |
infof: remove newline from format strings, always append it
- the data needs to be "line-based" anyway since it's also passed to the
debug callback/application
- it makes info
infof: remove newline from format strings, always append it
- the data needs to be "line-based" anyway since it's also passed to the
debug callback/application
- it makes infof() work like failf() and consistency is good
- there's an assert that triggers on newlines in the format string
- Also removes a few instances of "..."
- Removes the code that would append "..." to the end of the data *iff*
it was truncated in infof()
Closes #7357
show more ...
|
|
Revision tags: curl-7_76_1, curl-7_76_0, curl-7_75_0, curl-7_74_0 |
|
| #
ac0a88fd |
| 05-Nov-2020 |
Daniel Stenberg |
copyright: fix year ranges
Follow-up from 4d2f8006777
|
| #
4d2f8006 |
| 04-Nov-2020 |
Daniel Stenberg |
curl.se: new home
Closes #6172
|
|
Revision tags: curl-7_73_0, tiny-curl-7_72_0, curl-7_72_0, curl-7_71_1, curl-7_71_0, curl-7_70_0, curl-7_69_1, curl-7_69_0, curl-7_68_0, curl-7_67_0, curl-7_66_0, curl-7_65_3, curl-7_65_2, curl-7_65_1, curl-7_65_0 |
|
| #
269f7df0 |
| 15-May-2019 |
Daniel Stenberg |
PolarSSL: deprecate support step 1. Removed from configure.
Also removed mentions from most docs.
Discussed: https://curl.haxx.se/mail/lib-2019-05/0045.html
Closes #3888
|
|
Revision tags: curl-7_64_1, curl-7_64_0, curl-7_63_0, curl-7_62_0 |
|
| #
75b94d77 |
| 27-Oct-2018 |
Daniel Stenberg |
rand: add comment to skip a clang-tidy false positive
|
|
Revision tags: curl-7_61_1, curl-7_61_0 |
|
| #
4f9bbd3a |
| 16-May-2018 |
Jay Satiro |
rand: fix typo
|
|
Revision tags: curl-7_60_0, curl-7_59_0, curl-7_58_0 |
|
| #
02f207a7 |
| 12-Dec-2017 |
Daniel Stenberg |
rand: add a clang-analyzer work-around
scan-build would warn on a potential access of an uninitialized
buffer. I deem it a false positive and had to add this somewhat ugly
work-aroun
rand: add a clang-analyzer work-around
scan-build would warn on a potential access of an uninitialized
buffer. I deem it a false positive and had to add this somewhat ugly
work-around to silence it.
show more ...
|
|
Revision tags: curl-7_57_0 |
|
| #
5d543fe9 |
| 25-Oct-2017 |
Daniel Stenberg |
time: rename Curl_tvnow to Curl_now
... since the 'tv' stood for timeval and this function does not return a
timeval struct anymore.
Also, cleaned up the Curl_timediff*() functi
time: rename Curl_tvnow to Curl_now
... since the 'tv' stood for timeval and this function does not return a
timeval struct anymore.
Also, cleaned up the Curl_timediff*() functions to avoid typecasts and
clean up the descriptive comments.
Closes #2011
show more ...
|
| #
b9d25f9a |
| 23-Oct-2017 |
Daniel Stenberg |
timediff: return timediff_t from the time diff functions
... to cater for systems with unsigned time_t variables.
- Renamed the functions to curlx_timediff and Curl_timediff_us.
timediff: return timediff_t from the time diff functions
... to cater for systems with unsigned time_t variables.
- Renamed the functions to curlx_timediff and Curl_timediff_us.
- Added overflow protection for both of them in either direction for
both 32 bit and 64 bit time_ts
- Reprefixed the curlx_time functions to use Curl_*
Reported-by: Peter Piekarski
Fixes #2004
Closes #2005
show more ...
|
|
Revision tags: curl-7_56_1, curl-7_56_0, curl-7_55_1, curl-7_55_0 |
|
| #
4dee50b9 |
| 28-Jul-2017 |
Daniel Stenberg |
timeval: struct curltime is a struct timeval replacement
... to make all libcurl internals able to use the same data types for
the struct members. The timeval struct differs subtly on se
timeval: struct curltime is a struct timeval replacement
... to make all libcurl internals able to use the same data types for
the struct members. The timeval struct differs subtly on several
platforms so it makes it cumbersome to use everywhere.
Ref: #1652
Closes #1693
show more ...
|
|
Revision tags: curl-7_54_1 |
|
| #
8589e1fe |
| 22-May-2017 |
Daniel Stenberg |
assert: avoid, use DEBUGASSERT instead!
... as it does extra checks to actually work.
Reported-by: jonrumsey at github
Fixes #1504
|
| #
1cafede9 |
| 08-May-2017 |
Jay Satiro |
rand: treat fake entropy the same regardless of endianness
When the random seed is purposely made predictable for testing purposes
by using the CURL_ENTROPY environment variable, process
rand: treat fake entropy the same regardless of endianness
When the random seed is purposely made predictable for testing purposes
by using the CURL_ENTROPY environment variable, process that data in an
endian agnostic way so the the initial random seed is the same
regardless of endianness.
- Change Curl_rand to write to a char array instead of int array.
- Add Curl_rand_hex to write random hex characters to a buffer.
Fixes #1315
Closes #1468
Co-authored-by: Daniel Stenberg
Reported-by: Michael Kaufmann
show more ...
|
|
Revision tags: curl-7_54_0 |
|
| #
f7df67cf |
| 26-Mar-2017 |
klemens |
spelling fixes
Closes #1356
|
|
Revision tags: curl-7_53_1 |
|
| #
53ab183c |
| 23-Feb-2017 |
Sergii Pylypenko |
rand: added missing #ifdef HAVE_FCNTL_H around fcntl.h header
Closes #1285
|
|
Revision tags: curl-7_53_0, curl-7_52_1 |
|
| #
f81b2277 |
| 21-Dec-2016 |
Kamil Dudka |
randit: store the value in the buffer
|
|
Revision tags: curl-7_52_0 |
|
| #
f18f7bf9 |
| 21-Nov-2016 |
Daniel Stenberg |
rand: pass in number of randoms as an unsigned argument
|
| #
8626632f |
| 21-Nov-2016 |
Jay Satiro |
rand: Fix potentially uninitialized result warning
|
| #
f682156a |
| 11-Nov-2016 |
Daniel Stenberg |
Curl_rand: fixed and moved to rand.c
Now Curl_rand() is made to fail if it cannot get the necessary random
level.
Changed the proto of Curl_rand() slightly to provide a number o
Curl_rand: fixed and moved to rand.c
Now Curl_rand() is made to fail if it cannot get the necessary random
level.
Changed the proto of Curl_rand() slightly to provide a number of ints at
once.
Moved out from vtls, since it isn't a TLS function and vtls provides
Curl_ssl_random() for this to use.
Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
show more ...
|
