diff --git a/.eslintrc.json b/.eslintrc.json deleted file mode 100644 index 9053717..0000000 --- a/.eslintrc.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "root":true, - "env": { - "browser": true, - "es2021": true, - "node": true, - "jest/globals": true - }, - "extends": [ - "eslint:recommended", - "plugin:react/recommended", - "plugin:prettier/recommended" - ], - "parser": "babel-eslint", - "parserOptions": { - "ecmaFeatures": { - "jsx": true - }, - "ecmaVersion": 12, - "sourceType": "module" - }, - "plugins": [ - "prettier", - "react", - "jest" - ], - "rules": { - "prettier/prettier": "warn" - } -} diff --git a/.nvimrc b/.nvimrc deleted file mode 120000 index 1490f7a..0000000 --- a/.nvimrc +++ /dev/null @@ -1 +0,0 @@ -.vimrc \ No newline at end of file diff --git a/.prettierrc.json b/.prettierrc.json deleted file mode 100644 index 1bdf446..0000000 --- a/.prettierrc.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "trailingComma": "es5", - "tabWidth": 2, - "semi": true, - "singleQuote": true, - "jsxBracketSameLine": true, - "printWidth": 100 -} diff --git a/.vimrc b/.vimrc deleted file mode 100644 index b8dd2cb..0000000 --- a/.vimrc +++ /dev/null @@ -1,7 +0,0 @@ -set autoread -set path+=.,public/**,src/**,test/** -if has('win32') || has('win64') - let &makeprg="create_dist.cmd" -else - let &makeprg="./create_dist.sh" -endif diff --git a/CHANGELOG.md b/CHANGELOG.md deleted file mode 100644 index 4a367af..0000000 --- a/CHANGELOG.md +++ /dev/null @@ -1,178 +0,0 @@ -# Changelog - -## 1.3.4 -- \#55: Enable 'Activate' release instead of 'Install' in notification pop-up -- \#58: Add authentication support for Skynet premium portals -- \#59: Add agent string / API key support for Skynet portals -- Ability to export Skylink's to json file -- Ability to import Skylink's from json file - -## 1.3.3 - -- \#49: Download progress is not visible if dependencies are missing -- \#51: javascript error -- \#52: Mount location is not set error on new install -- \#53: Busy notification is still visible when 'Install' button is available -- \#54: Unable to download UI update while dependencies are being checked -- Disabled 'Install' button in new release notification - -## 1.3.2 - -- \#48: Support pinning files to cache -- Fixed Skynet export display -- Properly detect existing remote -- Reduced number of Linux binaries to: - - CentOS 7 - - Solus -- S3 mount support [disabled] - -## 1.3.1 - -- \#45: Skynet mount support - -## 1.3.0 - -- \#38: Enhance new repertory release available notification -- \#46: Fix Mount Manager unmount and mount detection -- Skynet support -- Synchronize UI major/minor version with `repertory` major/minor version -- Added `Password` component -- Reduced number of Linux binaries to: - - CentOS 7 - - Debian 9 - - Debian 10 - - Solus -- Added `FocusTrap` to modals - -## 1.1.4 - -- \#39: Cleanup old releases and UI upgrades - -## 1.1.3 - -- CentOS 8 support -- Support remote send and receive timeouts -- Support WinFSP mount manager -- Fix `spawn()` failure on Windows when paths contain spaces - -## 1.1.2 - -- Style changes - -## 1.1.1 - -- \#43: Support for remote UNIX mounts -- Improved mount state detection - -## 1.1.0 - -- \#40: Support for remote Windows mounts -- \#42: Failing to unmount on OS X -- Allow enabling dev tools (Ctrl-Shift-I or F12) -- ScPrime re-brand -- Ubuntu 19.10 support -- Linux Mint 19.2 support -- Fedora 31 support - -## 1.0.11 (Linux only) - -- Fix Ubuntu 19.10 detection - -## 1.0.10 - -- Fix VC runtime detection (detect additional GUID's) - -## 1.0.9 (Alpha Testing Release) - -- \#40: Support for remote Windows mounts -- ScPrime re-brand -- Fix VC runtime detection (detect additional GUID's) - -## 1.0.8 - -- \#8: Add tooltips to settings -- \#36: Add ability to select Linux distribution type if OS is unsupported -- \#37: Version check fails with incorrect message when VC runtime is missing -- Added additional WinFsp uninstall strings - -## 1.0.7 - -- \#31: New installation displays 'Mount location is not set' on Windows -- \#33: Add 'Microsoft Visual C++ Redistributable' as dependency installation on Windows -- \#32: Don't display network error message when check for UI updates fails -- \#30: Add uninstall feature with reboot to handle WinFSP upgrades/downgrades -- \#34: Allow cancelling/closing dependency installation if version count > 1 -- Handle incorrect download sizes for dependencies and releases - -## 1.0.6 - -- Additional Linux distribution support: - - Antergos - - Manjaro -- Download latest `detect_linux.sh` if bundled script returns `unknown` -- Display error message if OS is detected as `unknown` - -## 1.0.5 - -- \#29: Mounts aren't being detected properly when switching releases -- Display window when dependencies are missing -- Display window when UI upgrade is available -- Display window and unmount all drives if release is no longer available - - Will primarily affect pre-release versions (Alpha, Beta, and RC) - -## 1.0.4 - -- \#27: Implement Bitbucket backup download location -- \#28: Fix Linux upgrade -- Additional Linux distribution support: - - Debian 10 - - OpenSUSE Leap 15.0 - - OpenSUSE Leap 15.1 - - OpenSUSE Tumbleweed - -## 1.0.3 - -- Linux distribution support - - Arch Linux - - Bodhi 5.0.0 - - CentOS 7 - - Debian 9 - - Elementary OS 5.0 - - Fedora 28 - - Fedora 29 - - Fedora 30 - - Linux Mint 19 - - Linux Mint 19.1 - - Solus - - Ubuntu 18.04 - - Ubuntu 18.10 - - Ubuntu 19.04 -- Removed `react-css-modules` dependency -- Removed Hyperspace (no active development/insufficient host network) -- Restore main window on error message - -## 1.0.2 - -- Option to launch application hidden (notification icon only) -- Close window to notification area -- Unmount on application exit -- Ability to cancel mount retry on unexpected failure -- OS X support -- SiaPrime support -- Partial Linux support -- Electron to v4 -- Prevent mount if dependencies are missing - -## 1.0.1 - -- Added configuration settings for Repertory 1.0.0-alpha.2 and above -- Fixed memory leak on component unmount -- Added error display -- Lighter tray icon on Windows -- Tray icon indicates mount status on Windows -- Various fixes/layout changes - -## 1.0.0 - -- Initial release -- Windows support diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md deleted file mode 100644 index ba1a274..0000000 --- a/CONTRIBUTORS.md +++ /dev/null @@ -1,5 +0,0 @@ -# Repertory UI - -- Lars Floe -- Oleg Nypadymka -- Scott E. Graves diff --git a/LICENSE.md b/LICENSE.md deleted file mode 100644 index 07e9c8b..0000000 --- a/LICENSE.md +++ /dev/null @@ -1,8 +0,0 @@ -# Repertory UI MIT License -### Copyright <2018-2020> - -Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/README.md b/README.md index e48c91f..547305e 100644 --- a/README.md +++ b/README.md @@ -1,83 +1,2 @@ -# Repertory UI -![alt text](https://i.ibb.co/jMvpQj8/repertory-ui-1-3-1.png) - -## GUI for [Repertory](https://bitbucket.org/blockstorage/repertory) -Repertory allows you to mount Sia, Skynet and/or ScPrime blockchain storage solutions via FUSE on Linux/OS X or via WinFSP on Windows. - -# IMPORTANT -Skynet support is considered EXPERIMENTAL. Files added to Skynet should not be considered permanent. For a better understanding of how Skynet currently functions, please visit [siasky.net](https://siasky.net/). - -## Requirements -* Sia >=1.4.1 -* ScPrime >=1.4.1.2 - -## Downloads -* **Repertory UI v1.3.4 Linux - 64-bit** [](https://bitbucket.org/blockstorage/repertory-ui/downloads/repertory-ui_1.3.4_linux_x86_64.AppImage) - * NOTE: Linux distributions require `fuse` and `libfuse` to be installed. -* **Repertory UI v1.3.4 OS X - 64-bit** [](https://bitbucket.org/blockstorage/repertory-ui/downloads/repertory-ui_1.3.4_mac.dmg) -* **Repertory UI v1.3.4 Windows - 64-bit** [](https://bitbucket.org/blockstorage/repertory-ui/downloads/repertory-ui_1.3.4_win.exe) - -## Supported Platforms -* OS X 64-bit -* Windows 64-bit -* Linux 64-bit Distributions: - * Antergos - * Arch Linux - * Bodhi 5.0.0 - * CentOS 7, 8 - * Debian 9, 10 - * Elementary OS 5.0, 5.1 - * Fedora 28, 29, 30, 31, 32, 33 - * Linux Mint 19, 19.1, 19.2, 19.3, 20, 20.1 - * Manjaro - * OpenSUSE Leap 15.0, 15.1 - * OpenSUSE Tumbleweed - * Solus - * Ubuntu 18.04, 18.10, 19.04, 19.10, 20.04 - -## Issues / Suggestions -* [**Bitbucket Issues**](https://bitbucket.org/blockstorage/repertory-ui/issues?status=new&status=open) -* [**Repertory Discord**](https://discord.gg/f2rCfqRgrJ) - -## Remote Mount -This feature allows you to share your mounts with other PC's and mount them remotely. -### Enabling Remote Mount for Sharing -[Watch Demo](src/assets/images/Enable_Remote_Mount.gif) -### Connecting to a Remote Mount -[Watch Demo](src/assets/images/Connect_To_Remote.gif) - -## Tips -* BTC: 1CMvhGaJfH95VS4CTS6dJYDs8kwYXTUCEA -* SC: c5510db5c2e85794b9cb81851daa57d6dfd5b4e42cd02789442e8789cd6492b07c754b2056ed - -## Developer Public Key -``` ------BEGIN PUBLIC KEY----- -MIIEIjANBgkqhkiG9w0BAQEFAAOCBA8AMIIECgKCBAEKfZmq5mMAtD4kSt2Gc/5J -H+HHTYtUZE6YYvsvz8TNG/bNL67ZtNRyaoMyhLTfIN4rPBNLUfD+owNS+u5Yk+lS -ZLYyOuhoCZIFefayYqKLr42G8EeuRbx0IMzXmJtN0a4rqxlWhkYufJubpdQ+V4DF -oeupcPdIATaadCKVeZC7A0G0uaSwoiAVMG5dZqjQW7F2LoQm3PhNkPvAybIJ6vBy -LqdBegS1JrDn43x/pvQHzLO+l+FIG23D1F7iF+yZm3DkzBdcmi/mOMYs/rXZpBym -2/kTuSGh5buuJCeyOwR8N3WdvXw6+KHMU/wWU8qTCTT87mYbzH4YR8HgkjkLHxAO -5waHK6vMu0TxugCdJmVV6BSbiarJsh66VRosn7+6hlq6AdgksxqCeNELZBS+LBki -tb5hKyL+jNZnaHiR0U7USWtmnqZG6FVVRzlCnxP7tZo5O5Ex9AAFGz5JzOzsFNbv -xwQ0zqaTQOze+MJbkda7JfRoC6TncD0+3hoXsiaF4mCn8PqUCn0DwhglcRucZlST -ZvDNDo1WAtxPJebb3aS6uymNhBIquQbVAWxVO4eTrOYEgutxwkHE3yO3is+ogp8d -xot7f/+vzlbsbIDyuZBDe0fFkbTIMTU48QuUUVZpRKmKZTHQloz4EHqminbfX1sh -M7wvDkpJEtqbc0VnG/BukUzP6e7Skvgc7eF1sI3+8jH8du2rivZeZAl7Q2f+L9JA -BY9pjaxttxsud7V5jeFi4tKuDHi21/XhSjlJK2c2C4AiUEK5/WhtGbQ5JjmcOjRq -yXFRqLlerzOcop2kbtU3Ar230wOx3Dj23Wg8++lV3LU4U9vMR/t0qnSbCSGJys7m -ax2JpFlTwj/0wYuTlVFoNQHZJ1cdfyRiRBY4Ou7XO0W5hcBBKiYsC+neEeMMHdCe -iTDIW/ojcVTdFovl+sq3n1u4SBknE90JC/3H+TPE1s2iB+fwORVg0KPosQSNDS0A -7iK6AZCDC3YooFo+OzHkYMt9uLkXiXMSLx70az+qlIwOzVHKxCo7W/QpeKCXUCRZ -MMdlYEUs1PC8x2qIRUEVHuJ0XMTKNyOHmzVLuLK93wUWbToh+rdDxnbhX+emuESn -XH6aKiUwX4olEVKSylRUQw8nVckZGVWXzLDlgpzDrLHC8J8qHzFt7eCqOdiqsxhZ -x1U5LtugxwSWncTZ7vlKl0DuC/AWB7SuDi7bGRMSVp2n+MnD1VLKlsCclHXjIciE -W29n3G3lJ/sOta2sxqLd0j1XBQddrFXl5b609sIY81ocHqu8P2hRu5CpqJ/sGZC5 -mMH3segHBkRj0xJcfOxceRLj1a+ULIIR3xL/3f8s5Id25TDo/nqBoCvu5PeCpo6L -9wIDAQAB ------END PUBLIC KEY----- -``` +# Repertory UI development is dead. +Repository has been archived. 1.3.x_branch has the final release. diff --git a/bin/7za.dll b/bin/7za.dll deleted file mode 100644 index bc2b47a..0000000 Binary files a/bin/7za.dll and /dev/null differ diff --git a/bin/7za.exe b/bin/7za.exe deleted file mode 100644 index 9f27b20..0000000 Binary files a/bin/7za.exe and /dev/null differ diff --git a/bin/7zxa.dll b/bin/7zxa.dll deleted file mode 100644 index d51e3f0..0000000 Binary files a/bin/7zxa.dll and /dev/null differ diff --git a/bin/b64.exe b/bin/b64.exe deleted file mode 100644 index 712798d..0000000 Binary files a/bin/b64.exe and /dev/null differ diff --git a/bin/curl/BUILD-HOMEPAGE.url b/bin/curl/BUILD-HOMEPAGE.url deleted file mode 100644 index 36278f8..0000000 --- a/bin/curl/BUILD-HOMEPAGE.url +++ /dev/null @@ -1,2 +0,0 @@ -[InternetShortcut] -URL=https://github.com/curl/curl-for-win diff --git a/bin/curl/BUILD-README.txt b/bin/curl/BUILD-README.txt deleted file mode 100644 index de1f20a..0000000 --- a/bin/curl/BUILD-README.txt +++ /dev/null @@ -1,3 +0,0 @@ -Visit the project page for details about these builds and the list of changes: - - https://github.com/curl/curl-for-win diff --git a/bin/curl/CHANGES.txt b/bin/curl/CHANGES.txt deleted file mode 100644 index 0715ca0..0000000 --- a/bin/curl/CHANGES.txt +++ /dev/null @@ -1,7904 +0,0 @@ - _ _ ____ _ - ___| | | | _ \| | - / __| | | | |_) | | - | (__| |_| | _ <| |___ - \___|\___/|_| \_\_____| - - Changelog - -Version 7.65.0 (22 May 2019) - -Daniel Stenberg (22 May 2019) -- RELEASE-NOTES: 7.65.0 release - -- THANKS: from the 7.65.0 release-notes - -- url: convert the zone id from a IPv6 URL to correct scope id - - Reported-by: GitYuanQu on github - Fixes #3902 - Closes #3914 - -- configure: detect getsockname and getpeername on windows too - - Made detection macros for these two functions in the same style as other - functions possibly in winsock in the hope this will work better to - detect these functions when cross-compiling for Windows. - - Follow-up to e91e4816123 - - Fixes #3913 - Closes #3915 - -Marcel Raad (21 May 2019) -- examples: remove unused variables - - Fixes Codacy/CppCheck warnings. - - Closes - -Daniel Gustafsson (21 May 2019) -- udpateconninfo: mark variable unused - - When compiling without getpeername() or getsockname(), the sockfd - paramter to Curl_udpateconninfo() became unused after commit e91e481612 - added ifdef guards. - - Closes #3910 - Fixes https://curl.haxx.se/dev/log.cgi?id=20190520172441-32196 - Reviewed-by: Marcel Raad, Daniel Stenberg - -- ftp: move ftp_ccc in under featureflag - - Commit e91e48161235272ff485ff32bd048c53af731f43 moved ftp_ccc in under - the FTP featureflag in the UserDefined struct, but vtls callsites were - still using it unprotected. - - Closes #3912 - Fixes: https://curl.haxx.se/dev/log.cgi?id=20190520044705-29865 - Reviewed-by: Daniel Stenberg, Marcel Raad - -Daniel Stenberg (20 May 2019) -- curl: report error for "--no-" on non-boolean options - - Reported-by: Olen Andoni - Fixes #3906 - Closes #3907 - -- [Guy Poizat brought this change] - - mbedtls: enable use of EC keys - - Closes #3892 - -- lib1560: add tests for parsing URL with too long scheme - - Ref: #3905 - -- [Omar Ramadan brought this change] - - urlapi: increase supported scheme length to 40 bytes - - The longest currently registered URI scheme at IANA is 36 bytes long. - - Closes #3905 - Closes #3900 - -Marcel Raad (20 May 2019) -- lib: reduce variable scopes - - Fixes Codacy/CppCheck warnings. - - Closes https://github.com/curl/curl/pull/3872 - -- tool_formparse: remove redundant assignment - - Just initialize word_begin with the correct value. - - Closes https://github.com/curl/curl/pull/3873 - -- ssh: move variable declaration to where it's used - - This way, we need only one call to free. - - Closes https://github.com/curl/curl/pull/3873 - -- ssh-libssh: remove unused variable - - sock was only used to be assigned to fd_read. - - Closes https://github.com/curl/curl/pull/3873 - -Daniel Stenberg (20 May 2019) -- test332: verify the blksize fix - -- tftp: use the current blksize for recvfrom() - - bug: https://curl.haxx.se/docs/CVE-2019-5436.html - Reported-by: l00p3r on hackerone - CVE-2019-5436 - -Daniel Gustafsson (19 May 2019) -- version: make ssl_version buffer match for multi_ssl - - When running a multi TLS backend build the version string needs more - buffer space. Make the internal ssl_buffer stack buffer match the one - in Curl_multissl_version() to allow for the longer string. For single - TLS backend builds there is no use in extended to buffer. This is a - fallout from #3863 which fixes up the multi_ssl string generation to - avoid a buffer overflow when the buffer is too small. - - Closes #3875 - Reviewed-by: Daniel Stenberg - -Steve Holme (18 May 2019) -- http_ntlm_wb: Handle auth for only a single request - - Currently when the server responds with 401 on NTLM authenticated - connection (re-used) we consider it to have failed. However this is - legitimate and may happen when for example IIS is set configured to - 'authPersistSingleRequest' or when the request goes thru a proxy (with - 'via' header). - - Implemented by imploying an additional state once a connection is - re-used to indicate that if we receive 401 we need to restart - authentication. - - Missed in fe6049f0. - -- http_ntlm_wb: Cleanup handshake after clean NTLM failure - - Missed in 50b87c4e. - -- http_ntlm_wb: Return the correct error on receiving an empty auth message - - Missed in fe20826b as it wasn't implemented in http.c in b4d6db83. - - Closes #3894 - -Daniel Stenberg (18 May 2019) -- curl: make code work with protocol-disabled libcurl - - Closes #3844 - -- libcurl: #ifdef away more code for disabled features/protocols - -- progress: CURL_DISABLE_PROGRESS_METER - -- hostip: CURL_DISABLE_SHUFFLE_DNS - -- netrc: CURL_DISABLE_NETRC - -Viktor Szakats (16 May 2019) -- docs: Markdown and misc improvements [ci skip] - - Approved-by: Daniel Stenberg - Closes #3896 - -- docs/RELEASE-PROCEDURE: link to live iCalendar [ci skip] - - Ref: https://github.com/curl/curl/commit/0af41b40b2c7bd379b2251cbe7cd618e21fa0ea1#commitcomment-33563135 - Approved-by: Daniel Stenberg - Closes #3895 - -Daniel Stenberg (16 May 2019) -- travis: add an osx http-only build - - Closes #3887 - -- cleanup: remove FIXME and TODO comments - - They serve very little purpose and mostly just add noise. Most of them - have been around for a very long time. I read them all before removing - or rephrasing them. - - Ref: #3876 - Closes #3883 - -- curl: don't set FTP options for FTP-disabled builds - - ... since libcurl has started to be totally unaware of options for - disabled protocols they now return error. - - Bug: https://github.com/curl/curl/commit/c9c5304dd4747cbe75d2f24be85920d572fcb5b8#commitcomment-33533937 - - Reported-by: Marcel Raad - Closes #3886 - -Steve Holme (16 May 2019) -- http_ntlm_wb: Move the type-2 message processing into a dedicated function - - This brings the code inline with the other HTTP authentication mechanisms. - - Closes #3890 - -Daniel Stenberg (15 May 2019) -- RELEASE-NOTES: synced - -- docs/RELEASE-PROCEDURE: updated coming releases dates [ci skip] - -- CURLOPT_READFUNCTION.3: see also CURLOPT_UPLOAD_BUFFERSIZE [ci skip] - - Reported-by: Roy Bellingan - Bug: #3885 - -- parse_proxy: use the URL parser API - - As we treat a given proxy as a URL we should use the unified URL parser - to extract the parts out of it. - - Closes #3878 - -Steve Holme (15 May 2019) -- http_negotiate: Move the Negotiate state out of the negotiatedata structure - - Given that this member variable is not used by the SASL based protocols - there is no need to have it here. - - Closes #3882 - -- http_ntlm: Move the NTLM state out of the ntlmdata structure - - Given that this member variable is not used by the SASL based protocols - there is no need to have it here. - -- url: Move the negotiate state type into a dedicated enum - -- url: Remove duplicate clean up of the winbind variables in conn_shutdown() - - Given that Curl_disconnect() calls Curl_http_auth_cleanup_ntlm() prior - to calling conn_shutdown() and it in turn performs this, there is no - need to perform the same action in conn_shutdown(). - - Closes #3881 - -Daniel Stenberg (14 May 2019) -- urlapi: require a non-zero host name length when parsing URL - - Updated test 1560 to verify. - - Closes #3880 - -- configure: error out if OpenSSL wasn't detected when asked for - - If --with-ssl is used and configure still couldn't enable SSL this - creates an error instead of just silently ignoring the fact. - - Suggested-by: Isaiah Norton - Fixes #3824 - Closes #3830 - -Daniel Gustafsson (14 May 2019) -- imap: Fix typo in comment - -Steve Holme (14 May 2019) -- url: Remove unnecessary initialisation from allocate_conn() - - No need to set variables to zero as calloc() does this for us. - - Closes #3879 - -Daniel Stenberg (14 May 2019) -- CURLOPT_CAINFO.3: with Schannel, you want Windows 8 or later [ci skip] - - Clues-provided-by: Jay Satiro - Clues-provided-by: Jeroen Ooms - Fixes #3711 - Closes #3874 - -Daniel Gustafsson (13 May 2019) -- vtls: fix potential ssl_buffer stack overflow - - In Curl_multissl_version() it was possible to overflow the passed in - buffer if the generated version string exceeded the size of the buffer. - Fix by inverting the logic, and also make sure to not exceed the local - buffer during the string generation. - - Closes #3863 - Reported-by: nevv on HackerOne/curl - Reviewed-by: Jay Satiro - Reviewed-by: Daniel Stenberg - -Daniel Stenberg (13 May 2019) -- RELEASE-NOTES: synced - -- appveyor: also build "/ci" branches like travis - -- pingpong: disable more when no pingpong enabled - -- proxy: acknowledge DISABLE_PROXY more - -- parsedate: CURL_DISABLE_PARSEDATE - -- sasl: only enable if there's a protocol enabled using it - -- mime: acknowledge CURL_DISABLE_MIME - -- wildcard: disable from build when FTP isn't present - -- http: CURL_DISABLE_HTTP_AUTH - -- base64: build conditionally if there are users - -- doh: CURL_DISABLE_DOH - -Steve Holme (12 May 2019) -- auth: Rename the various authentication clean up functions - - For consistency and to a avoid confusion. - - Closes #3869 - -Daniel Stenberg (12 May 2019) -- [Jay Satiro brought this change] - - docs/INSTALL: fix broken link [ci skip] - - Reported-by: Joombalaya on github - Fixes #3818 - -Marcel Raad (12 May 2019) -- easy: fix another "clarify calculation precedence" warning - - I missed this one in commit 6b3dde7fe62ea5a557fd1fd323fac2bcd0c2e9be. - -- build: fix "clarify calculation precedence" warnings - - Codacy/CppCheck warns about this. Consistently use parentheses as we - already do in some places to silence the warning. - - Closes https://github.com/curl/curl/pull/3866 - -- cmake: restore C89 compatibility of CurlTests.c - - I broke it in d1b5cf830bfe169745721b21245d2217d2c2453e and - 97de97daefc2ed084c91eff34af2426f2e55e134. - - Reported-by: Viktor Szakats - Ref: https://github.com/curl/curl/commit/97de97daefc2ed084c91eff34af2426f2e55e134#commitcomment-33499044 - Closes https://github.com/curl/curl/pull/3868 - -Steve Holme (11 May 2019) -- http_ntlm: Corrected the name of the include guard - - Missed in f0bdd72c. - - Closes #3867 - -- http_digest: Don't expose functions when HTTP and Crypto Auth are disabled - - Closes #3861 - -- http_negotiate: Don't expose functions when HTTP is disabled - -Daniel Stenberg (11 May 2019) -- SECURITY-PROCESS: fix links [ci skip] - -Marcel Raad (11 May 2019) -- CMake: suppress unused variable warnings - - I missed these in commit d1b5cf830bfe169745721b21245d2217d2c2453e. - -Daniel Stenberg (11 May 2019) -- doh: disable DOH for the cases it doesn't work - - Due to limitations in Curl_resolver_wait_resolv(), it doesn't work for - DOH resolves. This fix disables DOH for those. - - Limitation added to KNOWN_BUGS. - - Fixes #3850 - Closes #3857 - -Jay Satiro (11 May 2019) -- checksrc.bat: Ignore snprintf warnings in docs/examples - - .. because we allow snprintf use in docs/examples. - - Closes https://github.com/curl/curl/pull/3862 - -Steve Holme (10 May 2019) -- vauth: Fix incorrect function description for Curl_auth_user_contains_domain() - - ...and misalignment of these comments. From a78c61a4. - - Closes #3860 - -Jay Satiro (10 May 2019) -- Revert "multi: support verbose conncache closure handle" - - This reverts commit b0972bc. - - - No longer show verbose output for the conncache closure handle. - - The offending commit was added so that the conncache closure handle - would inherit verbose mode from the user's easy handle. (Note there is - no way for the user to set options for the closure handle which is why - that was necessary.) Other debug settings such as the debug function - were not also inherited since we determined that could lead to crashes - if the user's per-handle private data was used on an unexpected handle. - - The reporter here says he has a debug function to capture the verbose - output, and does not expect or want any output to stderr; however - because the conncache closure handle does not inherit the debug function - the verbose output for that handle does go to stderr. - - There are other plausible scenarios as well such as the user redirects - stderr on their handle, which is also not inherited since it could lead - to crashes when used on an unexpected handle. - - Short of allowing the user to set options for the conncache closure - handle I don't think there's much we can safely do except no longer - inherit the verbose setting. - - Bug: https://curl.haxx.se/mail/lib-2019-05/0021.html - Reported-by: Kristoffer Gleditsch - - Ref: https://github.com/curl/curl/pull/3598 - Ref: https://github.com/curl/curl/pull/3618 - - Closes https://github.com/curl/curl/pull/3856 - -Steve Holme (10 May 2019) -- ntlm: Fix misaligned function comments for Curl_auth_ntlm_cleanup() - - From 6012fa5a. - - Closes #3858 - -Daniel Stenberg (9 May 2019) -- BUG-BOUNTY: minor formatting fixes [ci skip] - -- RELEASE-NOTES: synced - -- BUG-BOUNTY.md: add the Dropbox "bonus" extra payout ability [ci skip] - - Closes #3839 - -Kamil Dudka (9 May 2019) -- http_negotiate: do not treat failure of gss_init_sec_context() as fatal - - Fixes #3726 - Closes #3849 - -- spnego_gssapi: fix return code on gss_init_sec_context() failure - - Fixes #3726 - Closes #3849 - -Steve Holme (9 May 2019) -- gen_resp_file.bat: Removed unnecessary @ from all but the first command - - There is need to use @ on every command once echo has been turned off. - - Closes #3854 - -Jay Satiro (8 May 2019) -- http: Ignore HTTP/2 prior knowledge setting for HTTP proxies - - - Do not switch to HTTP/2 for an HTTP proxy that is not tunnelling to - the destination host. - - We already do something similar for HTTPS proxies by not sending h2. [1] - - Prior to this change setting CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE would - incorrectly use HTTP/2 to talk to the proxy, which is not something we - support (yet?). Also it's debatable whether or not that setting should - apply to HTTP/2 proxies. - - [1]: https://github.com/curl/curl/commit/17c5d05 - - Bug: https://github.com/curl/curl/issues/3570 - Bug: https://github.com/curl/curl/issues/3832 - - Closes https://github.com/curl/curl/pull/3853 - -Marcel Raad (8 May 2019) -- travis: update mesalink build to xenial - - Closes https://github.com/curl/curl/pull/3842 - -Daniel Stenberg (8 May 2019) -- [Ricky Leverence brought this change] - - OpenSSL: Report -fips in version if OpenSSL is built with FIPS - - Older versions of OpenSSL report FIPS availabilty via an OPENSSL_FIPS - define. It uses this define to determine whether to publish -fips at - the end of the version displayed. Applications that utilize the version - reported by OpenSSL will see a mismatch if they compare it to what curl - reports, as curl is not modifying the version in the same way. This - change simply adds a check to see if OPENSSL_FIPS is defined, and will - alter the reported version to match what OpenSSL itself provides. This - only appears to be applicable in versions of OpenSSL <1.1.1 - - Closes #3771 - -Kamil Dudka (7 May 2019) -- [Frank Gevaerts brought this change] - - nss: allow fifos and character devices for certificates. - - Currently you can do things like --cert <(cat ./cert.crt) with (at least) the - openssl backend, but that doesn't work for nss because is_file rejects fifos. - - I don't actually know if this is sufficient, nss might do things internally - (like seeking back) that make this not work, so actual testing is needed. - - Closes #3807 - -Daniel Gustafsson (6 May 2019) -- test2100: Fix typos in test description - -Daniel Stenberg (6 May 2019) -- ssh: define USE_SSH if SSH is enabled (any backend) - - Closes #3846 - -Steve Holme (5 May 2019) -- winbuild: Add our standard copyright header to the winbuild batch files - -- makedebug: Fix ERRORLEVEL detection after running where.exe - - Closes #3838 - -Daniel Stenberg (5 May 2019) -- urlapi: add CURLUPART_ZONEID to set and get - - The zoneid can be used with IPv6 numerical addresses. - - Updated test 1560 to verify. - - Closes #3834 - -- [Taiyu Len brought this change] - - WRITEFUNCTION: add missing set_in_callback around callback - - Closes #3837 - -- RELEASE-NOTES: synced - -- CURLMOPT_TIMERFUNCTION.3: warn about the recursive risk [ci skip] - - Reported-by: Ricardo Gomes - - Bug: #3537 - Closes #3836 - -- CURLOPT_CHUNK_BGN_FUNCTION.3: document the struct and time value - - The time field in the curl_fileinfo struct will always be zero. No code - was ever implemented to actually convert the date string to a time_t. - - Fixes #3829 - Closes #3835 - -- OS400/ccsidcurl.c: code style fixes - -- OS400/ccsidcurl: replace use of Curl_vsetopt - - (and make the code style comply) - - Fixes #3833 - -- urlapi: strip off scope id from numerical IPv6 addresses - - ... to make the host name "usable". Store the scope id and put it back - when extracting a URL out of it. - - Also makes curl_url_set() syntax check CURLUPART_HOST. - - Fixes #3817 - Closes #3822 - -- RELEASE-NOTES: synced - -- multiif.h: remove unused protos - - ... for functions related to pipelining. Those functions were removed in - 2f44e94efb3df. - - Closes #3828 - -- [Yiming Jing brought this change] - - travis: mesalink: temporarily disable test 3001 - - ... due to SHA-1 signatures in test certs - -- [Yiming Jing brought this change] - - travis: upgrade the MesaLink TLS backend to v1.0.0 - - Closes #3823 - Closes #3776 - -- ConnectionExists: improve non-multiplexing use case - - - better log output - - - make sure multiplex is enabled for it to be used - -- multi: provide Curl_multiuse_state to update information - - As soon as a TLS backend gets ALPN conformation about the specific HTTP - version it can now set the multiplex situation for the "bundle" and - trigger moving potentially queued up transfers to the CONNECT state. - -- process_pending_handles: mark queued transfers as previously pending - - With transfers being queued up, we only move one at a a time back to the - CONNECT state but now we mark moved transfers so that when a moved - transfer is confirmed "successful" (it connected) it will trigger the - move of another pending transfer. Previously, it would otherwise wait - until the transfer was done before doing this. This makes queued up - pending transfers get processed (much) faster. - -- http: mark bundle as not for multiuse on < HTTP/2 response - - Fixes #3813 - Closes #3815 - -Daniel Gustafsson (1 May 2019) -- cookie: Guard against possible NULL ptr deref - - In case the name pointer isn't set (due to memory pressure most likely) - we need to skip the prefix matching and reject with a badcookie to avoid - a possible NULL pointer dereference. - - Closes #3820 #3821 - Reported-by: Jonathan Moerman - Reviewed-by: Daniel Stenberg - -Patrick Monnerat (30 Apr 2019) -- os400: Add CURLOPT_MAXAGE_CONN to ILE/RPG bindings - -Kamil Dudka (29 Apr 2019) -- nss: provide more specific error messages on failed init - - Closes #3808 - -Daniel Stenberg (29 Apr 2019) -- [Reed Loden brought this change] - - docs: minor polish to the bug bounty / security docs - - Closes #3811 - -- CURL_MAX_INPUT_LENGTH: largest acceptable string input size - - This limits all accepted input strings passed to libcurl to be less than - CURL_MAX_INPUT_LENGTH (8000000) bytes, for these API calls: - curl_easy_setopt() and curl_url_set(). - - The 8000000 number is arbitrary picked and is meant to detect mistakes - or abuse, not to limit actual practical use cases. By limiting the - acceptable string lengths we also reduce the risk of integer overflows - all over. - - NOTE: This does not apply to `CURLOPT_POSTFIELDS`. - - Test 1559 verifies. - - Closes #3805 - -- [Tseng Jun brought this change] - - curlver.h: use parenthesis in CURL_VERSION_BITS macro - - Closes #3809 - -Marcel Raad (27 Apr 2019) -- [Simon Warta brought this change] - - cmake: rename CMAKE_USE_DARWINSSL to CMAKE_USE_SECTRANSP - - Closes https://github.com/curl/curl/pull/3769 - -Steve Holme (23 Apr 2019) -- ntlm: Missed pre-processor || (or) during rebase for cd15acd0 - -- ntlm: Support the NT response in the type-3 when OpenSSL doesn't include MD4 - - Just like we do for mbed TLS, use our local implementation of MD4 when - OpenSSL doesn't support it. This allows a type-3 message to include the - NT response. - -Daniel Gustafsson (23 Apr 2019) -- INTERNALS: fix misindentation of ToC item - - Kerberos was incorrectly indented as a subsection under FTP, which is - incorrect as they are both top level sections. A fix for this was first - attempted in commit fef38a0898322f285401c5ff2f5e7c90dbf3be63 but that - was a few paddles short of being complete. - -- [Aron Bergman brought this change] - - INTERNALS: Add structs to ToC - - Add the subsections under "Structs in libcurl" to the table of contents. - - Reviewed-by: Daniel Stenberg - Reviewed-by: Daniel Gustafsson - -- [Aron Bergman brought this change] - - INTERNALS: Add code highlighting - - Make all struct members under the Curl_handler section - print in monospace font. - - Closes #3801 - Reviewed-by: Daniel Stenberg - Reviewed-by: Daniel Gustafsson - -Daniel Stenberg (22 Apr 2019) -- docs/BUG-BOUNTY: bug bounty time [skip ci] - - Introducing the curl bug bounty program on hackerone. We now recommend - filing security issues directly in the hackerone ticket system which - only is readable to curl security team members. - - Assisted-by: Daniel Gustafsson - - Closes #3488 - -Steve Holme (22 Apr 2019) -- sasl: Don't send authcid as authzid for the PLAIN mechanism as per RFC 4616 - - RFC 4616 specifies the authzid is optional in the client authentication - message and that the server will derive the authorisation identity - (authzid) from the authentication identity (authcid) when not specified - by the client. - -Jay Satiro (22 Apr 2019) -- [Gisle Vanem brought this change] - - memdebug: fix variable name - - Follow-up to 76b6348 which renamed logfile as curl_dbg_logfile. - - Ref: https://github.com/curl/curl/commit/76b6348#r33259088 - -Steve Holme (21 Apr 2019) -- vauth/cleartext: Don't send the authzid if it is empty - - Follow up to 762a292f. - -Daniel Stenberg (21 Apr 2019) -- test 196,197,198: add 'retry' keyword [skip ci] - -- RELEASE-NOTES: synced - -- CURLOPT_MAXAGE_CONN: set the maximum allowed age for conn reuse - - ... and disconnect too old ones instead of trying to reuse. - - Default max age is set to 118 seconds. - - Ref: #3722 - Closes #3782 - -Daniel Gustafsson (20 Apr 2019) -- [Po-Chuan Hsieh brought this change] - - altsvc: Fix building with cookies disables - - ALTSVC requires Curl_get_line which is defined in lib/cookie.c inside a #if - check of HTTP and COOKIES. That makes Curl_get_line undefined if COOKIES is - disabled. Fix by splitting out the function into a separate file which can - be included where needed. - - Closes #3717 - Reviewed-by: Daniel Gustafsson - Reviewed-by: Marcel Raad - -Daniel Stenberg (20 Apr 2019) -- test1002: correct the name [skip ci] - -- test660: verify CONNECT_ONLY with IMAP - - which basically just makes sure LOGOUT is *not* issued on disconnect - -- Curl_disconnect: treat all CONNECT_ONLY connections as "dead" - - Since the connection has been used by the "outside" we don't know the - state of it anymore and curl should not use it anymore. - - Bug: https://curl.haxx.se/mail/lib-2019-04/0052.html - - Closes #3795 - -- multi: fix the statenames (follow-up fix from 2f44e94efb3df8e) - - The list of names must be in sync with the defined states in the header - file! - -Steve Holme (16 Apr 2019) -- openvms: Remove pre-processors for Windows as VMS cannot support them - -- openvms: Remove pre-processor for SecureTransport as VMS cannot support it - - Fixes #3768 - Closes #3785 - -Jay Satiro (16 Apr 2019) -- TODO: Add issue link to an existing entry - -Daniel Stenberg (16 Apr 2019) -- RELEASE-NOTES: synced - -Jay Satiro (16 Apr 2019) -- tool_help: Warn if curl and libcurl versions do not match - - .. because functionality may be affected if the versions differ. - - This commit implements TODO 18.7 "warning if curl version is not in sync - with libcurl version". - - Ref: https://github.com/curl/curl/blob/curl-7_64_1/docs/TODO#L1028-L1033 - - Closes https://github.com/curl/curl/pull/3774 - -Steve Holme (16 Apr 2019) -- md5: Update the function signature following d84da52d - -- md5: Forgot to update the code alignment in d84da52d - -- md5: Return CURLcode from the internally accessible functions - - Following 28f826b3 to return CURLE_OK instead of numeric 0. - -Daniel Gustafsson (15 Apr 2019) -- tests: Run global cleanup at end of tests - - Make sure to run curl_global_cleanup() when shutting down the test - suite to release any resources allocated in the SSL setup. This is - clearly visible when running tests with PolarSSL where the thread - lock calloc() memory which isn't released when not running cleanup. - Below is an excerpt from the autobuild logs: - - ==12368== 96 bytes in 1 blocks are possibly lost in loss record 1 of 2 - ==12368== at 0x4837B65: calloc (vg_replace_malloc.c:752) - ==12368== by 0x11A76E: curl_dbg_calloc (memdebug.c:205) - ==12368== by 0x145CDF: Curl_polarsslthreadlock_thread_setup - (polarssl_threadlock.c:54) - ==12368== by 0x145B37: Curl_polarssl_init (polarssl.c:865) - ==12368== by 0x14129D: Curl_ssl_init (vtls.c:171) - ==12368== by 0x118B4C: global_init (easy.c:158) - ==12368== by 0x118BF5: curl_global_init (easy.c:221) - ==12368== by 0x118D0B: curl_easy_init (easy.c:299) - ==12368== by 0x114E96: test (lib1906.c:32) - ==12368== by 0x115495: main (first.c:174) - - Closes #3783 - Reviewed-by: Marcel Raad - Reviewed-by: Daniel Stenberg - -Marcel Raad (15 Apr 2019) -- travis: use mbedtls from Xenial - - No need to build it from source anymore. - - Closes https://github.com/curl/curl/pull/3779 - -- travis: use libpsl from Xenial - - This makes building libpsl and libidn2 from source unnecessary and - removes the need for the autopoint and libunistring-dev packages. - - Closes https://github.com/curl/curl/pull/3779 - -Daniel Stenberg (15 Apr 2019) -- runtests: start socksd like other servers - - ... without a $srcdir prefix. Triggered by the failures in several - autobuilds. - - Closes #3781 - -Daniel Gustafsson (14 Apr 2019) -- socksd: Fix typos - - Reviewed-by: Daniel Stenberg - -- socksd: Properly decorate static variables - - Mark global variables static to avoid compiler warning in Clang when - using -Wmissing-variable-declarations. - - Closes #3778 - Reviewed-by: Daniel Stenberg - -Steve Holme (14 Apr 2019) -- md(4|5): Fixed indentation oddities with the importation of replacement code - - The indentation from 211d5329 and 57d6d253 was a little strange as - parts didn't align correctly, uses 4 spaces rather than 2. Checked - the indentation of the original source so it aligns, albeit, using - curl style. - -- md5: Code style to return CURLE_OK rather than numeric 0 - -- md5: Corrected code style for some pointer arguments - -Marcel Raad (13 Apr 2019) -- travis: update some builds to xenial - - Xenial comes with more up-to-date software versions and more available - packages, some of which we currently build from source. Unfortunately, - some builds would fail with Xenial because of assertion failures in - Valgrind when using OpenSSL, so leave these at Trusty. - - Closes https://github.com/curl/curl/pull/3777 - -Daniel Stenberg (13 Apr 2019) -- test: make tests and test scripts use socksd for SOCKS - - Make all SOCKS tests use socksd instead of ssh. - -- socksd: new SOCKS 4+5 server for tests - - Closes #3752 - -- singleipconnect: show port in the verbose "Trying ..." message - - To aid debugging better. - -- [tmilburn brought this change] - - CURLOPT_ADDRESS_SCOPE: fix range check and more - - Commit 9081014 fixed most of the confusing issues between scope id and - scope however 844896d added bad limits checking assuming that the scope - is being set and not the scope id. - - I have fixed the documentation so it all refers to scope ids. - - In addition Curl_if2ip refered to the scope id as remote_scope_id which - is incorrect, so I renamed it to local_scope_id. - - Adjusted-by: Daniel Stenberg - - Closes #3655 - Closes #3765 - Fixes #3713 - -- urlapi: stricter CURLUPART_PORT parsing - - Only allow well formed decimal numbers in the input. - - Document that the number MUST be between 1 and 65535. - - Add tests to test 1560 to verify the above. - - Ref: https://github.com/curl/curl/issues/3753 - Closes #3762 - -Jay Satiro (13 Apr 2019) -- [Jan Ehrhardt brought this change] - - winbuild: Support MultiSSL builds - - - Remove the lines in winbuild/Makefile.vc that generate an error with - multiple SSL backends. - - - Add /DCURL_WITH_MULTI_SSL in winbuild/MakefileBuild.vc if multiple SSL - backends are set. - - Closes https://github.com/curl/curl/pull/3772 - -Daniel Stenberg (12 Apr 2019) -- travis: remove mesalink builds (temporarily?) - - Since the mesalink build started to fail on travis, even though we build - a fixed release version, we disable it to prevent it from blocking - progress. - - Closes #3767 - -- openssl: mark connection for close on TLS close_notify - - Without this, detecting and avoid reusing a closed TLS connection - (without a previous GOAWAY) when doing HTTP/2 is tricky. - - Reported-by: Tom van der Woerdt - Fixes #3750 - Closes #3763 - -- RELEASE-NOTES: synced - -Steve Holme (11 Apr 2019) -- vauth/cleartext: Update the PLAIN login function signature to match RFC 4616 - - Functionally this doesn't change anything as we still use the username - for both the authorisation identity and the authentication identity. - - Closes #3757 - -Daniel Stenberg (11 Apr 2019) -- test1906: verify CURLOPT_CURLU + CURLOPT_PORT usage - - Based-on-code-by: Poul T Lomholt - -- url: always clone the CUROPT_CURLU handle - - Since a few code paths actually update that data. - - Fixes #3753 - Closes #3761 - - Reported-by: Poul T Lomholt - -- CURLOPT_DNS_USE_GLOBAL_CACHE: remove - - Remove the code too. The functionality has been disabled in code since - 7.62.0. Setting this option will from now on simply be ignored and have - no function. - - Closes #3654 - -Marcel Raad (11 Apr 2019) -- travis: install libgnutls28-dev only for --with-gnutls build - - Reduces the time needed for the other jobs a little. - - Closes https://github.com/curl/curl/pull/3721 - -- travis: install libnss3-dev only for --with-nss build - - Reduces the time needed for the other jobs a little. - - Closes https://github.com/curl/curl/pull/3721 - -- travis: install libssh2-dev only for --with-libssh2 build - - Reduces the time needed for the other jobs a little. - - Closes https://github.com/curl/curl/pull/3721 - -- travis: install libssh-dev only for --with-libssh build - - Reduces the time needed for the other jobs a little. - - Closes https://github.com/curl/curl/pull/3721 - -- travis: install krb5-user only for --with-gssapi build - - Reduces the time needed for the other jobs a little. - - Closes https://github.com/curl/curl/pull/3721 - -- travis: install lcov only for the coverage job - - Reduces the time needed for the other jobs a little. - - Closes https://github.com/curl/curl/pull/3721 - -- travis: install clang only when needed - - This reduces the GCC job runtimes a little and it's needed to - selectively update clang builds to xenial. - - Closes https://github.com/curl/curl/pull/3721 - -- AppVeyor: enable testing for WinSSL build - - Closes https://github.com/curl/curl/pull/3725 - -- build: fix Codacy/CppCheck warnings - - - remove unused variables - - declare conditionally used variables conditionally - - suppress unused variable warnings in the CMake tests - - remove dead variable stores - - consistently use WIN32 macro to detect Windows - - Closes https://github.com/curl/curl/pull/3739 - -- polarssl_threadlock: remove conditionally unused code - - Make functions no-ops if neither both USE_THREADS_POSIX and - HAVE_PTHREAD_H nor both USE_THREADS_WIN32 and HAVE_PROCESS_H are - defined. Previously, if only one of them was defined, there was either - code compiled that did nothing useful or the wrong header included for - the functions used. - - Also, move POLARSSL_MUTEX_T define to implementation file as it's not - used externally. - - Closes https://github.com/curl/curl/pull/3739 - -- lib557: initialize variables - - These variables are only conditionally initialized. - - Closes https://github.com/curl/curl/pull/3739 - -- lib509: add missing include for strdup - - Closes https://github.com/curl/curl/pull/3739 - -- README.md: fix no-consecutive-blank-lines Codacy warning - - Consistently use one blank line between blocks. - - Closes https://github.com/curl/curl/pull/3739 - -- tests/server/util: fix Windows Unicode build - - Always use the ANSI version of FormatMessage as we don't have the - curl_multibyte gear available here. - - Closes https://github.com/curl/curl/pull/3758 - -Daniel Stenberg (11 Apr 2019) -- curl_easy_getinfo.3: fix minor formatting mistake - -Daniel Gustafsson (11 Apr 2019) -- xattr: skip unittest on unsupported platforms - - The stripcredentials unittest fails to compile on platforms without - xattr support, for example the Solaris member in the buildfarm which - fails with the following: - - CC unit1621-unit1621.o - CC ../libtest/unit1621-first.o - CCLD unit1621 - Undefined first referenced - symbol in file - stripcredentials unit1621-unit1621.o - goto problem 2 - ld: fatal: symbol referencing errors. No output written to .libs/unit1621 - collect2: error: ld returned 1 exit status - gmake[2]: *** [Makefile:996: unit1621] Error 1 - - Fix by excluding the test on such platforms by using the reverse - logic from where stripcredentials() is defined. - - Closes #3759 - Reviewed-by: Daniel Stenberg - -Steve Holme (11 Apr 2019) -- emailL Added reference to RFC8314 for implicit TLS - -- README: Schannel, stop calling it "winssl" - - Stick to "Schannel" everywhere - follow up to 180501cb. - -Jakub Zakrzewski (10 Apr 2019) -- cmake: clear CMAKE_REQUIRED_LIBRARIES after each use - - This fixes GSSAPI builds with the libraries in a non-standard location. - The testing for recv() were failing because it failed to link - the Kerberos libraries, which are not needed for this or subsequent - tests. - - fixes #3743 - closes #3744 - -- cmake: avoid linking executable for some tests with cmake 3.6+ - - With CMAKE_TRY_COMPILE_TARGET_TYPE set to STATIC_LIBRARY, the try_compile() - (which is used by check_c_source_compiles()) will build static library - instead of executable. This avoids linking additional libraries in and thus - speeds up those checks a little. - - This commit also avoids #3743 (GSSAPI build errors) on itself with cmake - 3.6 or above. That issue was fixed separately for all versions. - - Ref: #3744 - -- cmake: minor cleanup - - - Remove nneeded include_regular_expression. - It was setting what is already a default. - - - Remove duplicated include. - - - Don't check for pre-3.0.0 CMake version. - We already require at least 3.0.0, so it's just clutter. - - Ref: #3744 - -Steve Holme (8 Apr 2019) -- build-openssl.bat: Fixed support for OpenSSL v1.1.0+ - -- build-openssl.bat: Perfer the use of if statements rather than goto (where possible) - -- build-openssl.bat: Perform the install for each build type directly after the build - -- build-openssl.bat: Split the install of static and shared build types - -- build-openssl.bat: Split the building of static and shared build types - -- build-openssl.bat: Move the installation into a separate function - -- build-openssl.bat: Move the build step into a separate function - -- build-openssl.bat: Move the OpenSSL configuration into a separate function - -- build-openssl.bat: Fixed the BUILD_CONFIG variable not being initialised - - Should the parent environment set this variable then the build might - not be performed as the user intended. - -Daniel Stenberg (8 Apr 2019) -- socks: fix error message - -- config.d: clarify that initial : and = might need quoting [skip ci] - - Fixes #3738 - Closes #3749 - -- RELEASE-NOTES: synced - - bumped to 7.65.0 for next release - -- socks5: user name and passwords must be shorter than 256 - - bytes... since the protocol needs to store the length in a single byte field. - - Reported-by: XmiliaH on github - Fixes #3737 - Closes #3740 - -- [Jakub Zakrzewski brought this change] - - test: urlapi: urlencode characters above 0x7f correctly - -- [Jakub Zakrzewski brought this change] - - urlapi: urlencode characters above 0x7f correctly - - fixes #3741 - Closes #3742 - -- [Even Rouault brought this change] - - multi_runsingle(): fix use-after-free - - Fixes #3745 - Closes #3746 - - The following snippet - ``` - - int main() - { - CURL* hCurlHandle = curl_easy_init(); - curl_easy_setopt(hCurlHandle, CURLOPT_URL, "http://example.com"); - curl_easy_setopt(hCurlHandle, CURLOPT_PROXY, "1"); - curl_easy_perform(hCurlHandle); - curl_easy_cleanup(hCurlHandle); - return 0; - } - ``` - triggers the following Valgrind warning - - ``` - ==4125== Invalid read of size 8 - ==4125== at 0x4E7D1EE: Curl_llist_remove (llist.c:97) - ==4125== by 0x4E7EF5C: detach_connnection (multi.c:798) - ==4125== by 0x4E80545: multi_runsingle (multi.c:1451) - ==4125== by 0x4E8197C: curl_multi_perform (multi.c:2072) - ==4125== by 0x4E766A0: easy_transfer (easy.c:625) - ==4125== by 0x4E76915: easy_perform (easy.c:719) - ==4125== by 0x4E7697C: curl_easy_perform (easy.c:738) - ==4125== by 0x4008BE: main (in /home/even/curl/test) - ==4125== Address 0x9b3d1d0 is 1,120 bytes inside a block of size 1,600 free'd - ==4125== at 0x4C2ECF0: free (vg_replace_malloc.c:530) - ==4125== by 0x4E62C36: conn_free (url.c:756) - ==4125== by 0x4E62D34: Curl_disconnect (url.c:818) - ==4125== by 0x4E48DF9: Curl_once_resolved (hostip.c:1097) - ==4125== by 0x4E8052D: multi_runsingle (multi.c:1446) - ==4125== by 0x4E8197C: curl_multi_perform (multi.c:2072) - ==4125== by 0x4E766A0: easy_transfer (easy.c:625) - ==4125== by 0x4E76915: easy_perform (easy.c:719) - ==4125== by 0x4E7697C: curl_easy_perform (easy.c:738) - ==4125== by 0x4008BE: main (in /home/even/curl/test) - ==4125== Block was alloc'd at - ==4125== at 0x4C2F988: calloc (vg_replace_malloc.c:711) - ==4125== by 0x4E6438E: allocate_conn (url.c:1654) - ==4125== by 0x4E685B4: create_conn (url.c:3496) - ==4125== by 0x4E6968F: Curl_connect (url.c:4023) - ==4125== by 0x4E802E7: multi_runsingle (multi.c:1368) - ==4125== by 0x4E8197C: curl_multi_perform (multi.c:2072) - ==4125== by 0x4E766A0: easy_transfer (easy.c:625) - ==4125== by 0x4E76915: easy_perform (easy.c:719) - ==4125== by 0x4E7697C: curl_easy_perform (easy.c:738) - ==4125== by 0x4008BE: main (in /home/even/curl/test) - ``` - - This has been bisected to commit 2f44e94 - - Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14109 - Credit to OSS Fuzz - -- pipelining: removed - - As previously planned and documented in DEPRECATE.md, all pipelining - code is removed. - - Closes #3651 - -- [cclauss brought this change] - - tests: make Impacket (SMB server) Python 3 compatible - - Closes #3731 - Fixes #3289 - -Marcel Raad (6 Apr 2019) -- [Simon Warta brought this change] - - cmake: set SSL_BACKENDS - - This groups all SSL backends into the feature "SSL" and sets the - SSL_BACKENDS analogue to configure.ac - - Closes https://github.com/curl/curl/pull/3736 - -- [Simon Warta brought this change] - - cmake: don't run SORT on empty list - - In case of an empty list, SORTing leads to the cmake error "list - sub-command SORT requires list to be present." - - Closes https://github.com/curl/curl/pull/3736 - -Daniel Gustafsson (5 Apr 2019) -- [Eli Schwartz brought this change] - - configure: fix default location for fish completions - - Fish defines a vendor completions directory for completions that are not - installed as part of the fish project itself, and the vendor completions - are preferred if they exist. This prevents trying to overwrite the - builtin curl.fish completion (or creating file conflicts in distro - packaging). - - Prefer the pkg-config defined location exported by fish, if it can be - found, and fall back to the correct directory defined by most systems. - - Closes #3723 - Reviewed-by: Daniel Gustafsson - -Marcel Raad (5 Apr 2019) -- ftplistparser: fix LGTM alert "Empty block without comment" - - Removing the block is consistent with line 954/957. - - Closes https://github.com/curl/curl/pull/3732 - -- transfer: fix LGTM alert "Comparison is always true" - - Just remove the redundant condition, which also makes it clear that - k->buf is always 0-terminated if this break is not hit. - - Closes https://github.com/curl/curl/pull/3732 - -Jay Satiro (4 Apr 2019) -- [Rikard Falkeborn brought this change] - - smtp: fix compiler warning - - - Fix clang string-plus-int warning. - - Clang 8 warns about adding a string to an int does not append to the - string. Indeed it doesn't, but that was not the intention either. Use - array indexing as suggested to silence the warning. There should be no - functional changes. - - (In other words clang warns about "foo"+2 but not &"foo"[2] so use the - latter.) - - smtp.c:1221:29: warning: adding 'int' to a string does not append to the - string [-Wstring-plus-int] - eob = strdup(SMTP_EOB + 2); - ~~~~~~~~~~~~~~~~^~~~ - - Closes https://github.com/curl/curl/pull/3729 - -Marcel Raad (4 Apr 2019) -- VS projects: use Unicode for VC10+ - - All Windows APIs have been natively UTF-16 since Windows 2000 and the - non-Unicode variants are just wrappers around them. Only Windows 9x - doesn't understand Unicode without the UnicoWS DLL. As later Visual - Studio versions cannot target Windows 9x anyway, using the ANSI API - doesn't really have any benefit there. - - This avoids issues like KNOWN_BUGS 6.5. - - Ref: https://github.com/curl/curl/issues/2120 - Closes https://github.com/curl/curl/pull/3720 - -Daniel Gustafsson (3 Apr 2019) -- RELEASE-NOTES: synced - - Bump the version in progress to 7.64.2, if we merge any "change" - before the cut-off date we can update the version. - -- [Tim Rühsen brought this change] - - documentation: Fix several typos - - Closes #3724 - Reviewed-by: Jakub Zakrzewski - Reviewed-by: Daniel Gustafsson - -Jay Satiro (2 Apr 2019) -- [Mert Yazıcıoğlu brought this change] - - vauth/oauth2: Fix OAUTHBEARER token generation - - OAUTHBEARER tokens were incorrectly generated in a format similar to - XOAUTH2 tokens. These changes make OAUTHBEARER tokens conform to the - RFC7628. - - Fixes: #2487 - Reported-by: Paolo Mossino - - Closes https://github.com/curl/curl/pull/3377 - -Marcel Raad (2 Apr 2019) -- tool_cb_wrt: fix bad-function-cast warning - - Commit f5bc578f4cdfdc6c708211dfc2962a0e9d79352d reintroduced the - warning fixed in commit 2f5f31bb57d68b54e03bffcd9648aece1fe564f8. - Extend fhnd's scope and reuse that variable instead of calling - _get_osfhandle a second time to fix the warning again. - - Closes https://github.com/curl/curl/pull/3718 - -- VC15 project: remove MinimalRebuild - - Already done in commit d5cfefd0ea8e331b884186bff484210fad36e345 for the - library project, but I forgot the tool project template. Now also - removed for that. - -Dan Fandrich (1 Apr 2019) -- cirrus: Customize the disabled tests per FreeBSD version - - Try to run as many test cases as possible on each OS version. - 12.0 passes 13 more tests than the older versions, so we might as well - run them. - -Daniel Stenberg (1 Apr 2019) -- tool_help: include for strcasecmp - - Reported-by: Wyatt O'Day - Fixes #3715 - Closes #3716 - -Daniel Gustafsson (31 Mar 2019) -- scripts: fix typos - -Dan Fandrich (28 Mar 2019) -- travis: allow builds on branches named "ci" - - This allows a way to test changes other than through PRs. - -Daniel Stenberg (27 Mar 2019) -- [Brad Spencer brought this change] - - resolve: apply Happy Eyeballs philosophy to parallel c-ares queries - - Closes #3699 - -- multi: improved HTTP_1_1_REQUIRED handling - - Make sure to downgrade to 1.1 even when we get this HTTP/2 stream error - on first flight. - - Reported-by: niner on github - Fixes #3696 - Closes #3707 - -- [Leonardo Taccari brought this change] - - configure: avoid unportable `==' test(1) operator - - Closes #3709 - -Version 7.64.1 (27 Mar 2019) - -Daniel Stenberg (27 Mar 2019) -- RELEASE: 7.64.1 - -- Revert "ntlm: remove USE_WIN32_CRYPTO check to get USE_NTLM2SESSION set" - - This reverts commit 9130ead9fcabdb6b8fbdb37c0b38be2d326adb00. - - Fixes #3708 - -- [Christian Schmitz brought this change] - - ntlm: remove USE_WIN32_CRYPTO check to get USE_NTLM2SESSION set - - Closes #3704 - -Jay Satiro (26 Mar 2019) -- tool_cb_wrt: fix writing to Windows null device NUL - - - Improve console detection. - - Prior to this change WriteConsole could be called to write to a handle - that may not be a console, which would cause an error. This issue is - limited to character devices that are not also consoles such as the null - device NUL. - - Bug: https://github.com/curl/curl/issues/3175#issuecomment-439068724 - Reported-by: Gisle Vanem - -- CURLMOPT_PIPELINING.3: fix typo - -Daniel Stenberg (25 Mar 2019) -- TODO: config file parsing - - Closes #3698 - -Jay Satiro (24 Mar 2019) -- os400: Disable Alt-Svc by default since it's experimental - - Follow-up to 520f0b4 which added Alt-Svc support and enabled it by - default for OS400. Since the feature is experimental, it should be - disabled by default. - - Ref: https://github.com/curl/curl/commit/520f0b4#commitcomment-32792332 - Ref: https://curl.haxx.se/mail/lib-2019-02/0008.html - - Closes https://github.com/curl/curl/pull/3688 - -Dan Fandrich (24 Mar 2019) -- tests: Fixed XML validation errors in some test files. - -- tests: Fix some incorrect precheck error messages. - - [ci skip] - -Daniel Stenberg (22 Mar 2019) -- curl_url.3: this is not experimental anymore - -- travis: bump the used wolfSSL version to 4.0.0 - - Test 311 is now fine, leaving only 313 (CRL) disabled. - - Test 313 details can be found here: - https://github.com/wolfSSL/wolfssl/issues/1546 - - Closes #3697 - -Daniel Gustafsson (22 Mar 2019) -- lib: Fix typos in comments - -David Woodhouse (20 Mar 2019) -- openssl: if cert type is ENG and no key specified, key is ENG too - - Fixes #3692 - Closes #3692 - -Daniel Stenberg (20 Mar 2019) -- sectransp: tvOS 11 is required for ALPN support - - Reported-by: nianxuejie on github - Assisted-by: Nick Zitzmann - Assisted-by: Jay Satiro - Fixes #3689 - Closes #3690 - -- test1541: threaded connection sharing - - The threaded-shared-conn.c example turned into test case. Only works if - pthread was detected. - - An attempt to detect future regressions such as e3a53e3efb942a5 - - Closes #3687 - -Patrick Monnerat (17 Mar 2019) -- os400: alt-svc support. - - Although experimental, enable it in the platform config file. - Upgrade ILE/RPG binding. - -Daniel Stenberg (17 Mar 2019) -- conncache: use conn->data to know if a transfer owns it - - - make sure an already "owned" connection isn't returned unless - multiplexed. - - - clear ->data when returning the connection to the cache again - - Regression since 7.62.0 (probably in commit 1b76c38904f0) - - Bug: https://curl.haxx.se/mail/lib-2019-03/0064.html - - Closes #3686 - -- RELEASE-NOTES: synced - -- [Chris Young brought this change] - - configure: add --with-amissl - - AmiSSL is an Amiga native library which provides a wrapper over OpenSSL. - It also requires all programs using it to use bsdsocket.library - directly, rather than accessing socket functions through clib, which - libcurl was not necessarily doing previously. Configure will now check - for the headers and ensure they are included if found. - - Closes #3677 - -- [Chris Young brought this change] - - vtls: rename some of the SSL functions - - ... in the SSL structure as AmiSSL is using macros for the socket API - functions. - -- [Chris Young brought this change] - - tool_getpass: termios.h is present on AmigaOS 3, but no tcgetattr/tcsetattr - -- [Chris Young brought this change] - - tool_operate: build on AmigaOS - -- makefile: make checksrc and hugefile commands "silent" - - ... to match the style already used for compiling, linking - etc. Acknowledges 'make V=1' to enable verbose. - - Closes #3681 - -- curl.1: --user and --proxy-user are hidden from ps output - - Suggested-by: Eric Curtin - Improved-by: Dan Fandrich - Ref: #3680 - - Closes #3683 - -- curl.1: mark the argument to --cookie as - - From a discussion in #3676 - - Suggested-by: Tim Rühsen - - Closes #3682 - -Dan Fandrich (14 Mar 2019) -- fuzzer: Only clone the latest fuzzer code, for speed. - -Daniel Stenberg (14 Mar 2019) -- [Dominik Hölzl brought this change] - - Negotiate: fix for HTTP POST with Negotiate - - * Adjusted unit tests 2056, 2057 - * do not generally close connections with CURLAUTH_NEGOTIATE after every request - * moved negotiatedata from UrlState to connectdata - * Added stream rewind logic for CURLAUTH_NEGOTIATE - * introduced negotiatedata::GSS_AUTHDONE and negotiatedata::GSS_AUTHSUCC - * Consider authproblem state for CURLAUTH_NEGOTIATE - * Consider reuse_forbid for CURLAUTH_NEGOTIATE - * moved and adjusted negotiate authentication state handling from - output_auth_headers into Curl_output_negotiate - * Curl_output_negotiate: ensure auth done is always set - * Curl_output_negotiate: Set auth done also if result code is - GSS_S_CONTINUE_NEEDED/SEC_I_CONTINUE_NEEDED as this result code may - also indicate the last challenge request (only works with disabled - Expect: 100-continue and CURLOPT_KEEP_SENDING_ON_ERROR -> 1) - * Consider "Persistent-Auth" header, detect if not present; - Reset/Cleanup negotiate after authentication if no persistent - authentication - * apply changes introduced with #2546 for negotiate rewind logic - - Fixes #1261 - Closes #1975 - -- [Marc Schlatter brought this change] - - http: send payload when (proxy) authentication is done - - The check that prevents payload from sending in case of authentication - doesn't check properly if the authentication is done or not. - - They're cases where the proxy respond "200 OK" before sending - authentication challenge. This change takes care of that. - - Fixes #2431 - Closes #3669 - -- file: fix "Checking if unsigned variable 'readcount' is less than zero." - - Pointed out by codacy - - Closes #3672 - -- memdebug: log pointer before freeing its data - - Coverity warned for two potentional "Use after free" cases. Both are false - positives because the memory wasn't used, it was only the actual pointer - value that was logged. - - The fix still changes the order of execution to avoid the warnings. - - Coverity CID 1443033 and 1443034 - - Closes #3671 - -- RELEASE-NOTES: synced - -Marcel Raad (12 Mar 2019) -- travis: actually use updated compiler versions - - For the Linux builds, GCC 8 and 7 and clang 7 were installed, but the - new GCC versions were only used for the coverage build and for building - nghttp2, while the new clang version was not used at all. - - BoringSSL needs to use the default GCC as it respects CC, but not CXX, - so it would otherwise pass gcc 8 options to g++ 4.8 and fail. - - Also remove GCC 7, it's not needed anymore. - - Ref: https://docs.travis-ci.com/user/languages/c/#c11c11-and-beyond-and-toolchain-versioning - - Closes https://github.com/curl/curl/pull/3670 - -- travis: update clang to version 7 - - Closes https://github.com/curl/curl/pull/3670 - -Jay Satiro (11 Mar 2019) -- [Andre Guibert de Bruet brought this change] - - examples/externalsocket: add missing close socket calls - - .. and for Windows also call WSACleanup since we call WSAStartup. - - The example is to demonstrate handling the socket independently of - libcurl. In this case libcurl is not responsible for creating, opening - or closing the socket, it is handled by the application (our example). - - Fixes https://github.com/curl/curl/pull/3663 - -Daniel Stenberg (11 Mar 2019) -- multi: removed unused code for request retries - - This code was once used for the non multi-interface using code path, but - ever since easy_perform was turned into a wrapper around the multi - interface, this code path never runs. - - Closes #3666 - -Jay Satiro (11 Mar 2019) -- doh: inherit some SSL options from user's easy handle - - - Inherit SSL options for the doh handle but not SSL client certs, - SSL ALPN/NPN, SSL engine, SSL version, SSL issuer cert, - SSL pinned public key, SSL ciphers, SSL id cache setting, - SSL kerberos or SSL gss-api settings. - - - Fix inheritance of verbose setting. - - - Inherit NOSIGNAL. - - There is no way for the user to set options for the doh (DNS-over-HTTPS) - handles and instead we inherit some options from the user's easy handle. - - My thinking for the SSL options not inherited is they are most likely - not intended by the user for the DOH transfer. I did inherit insecure - because I think that should still be in control of the user. - - Prior to this change doh did not work for me because CAINFO was not - inherited. Also verbose was set always which AFAICT was a bug (#3660). - - Fixes https://github.com/curl/curl/issues/3660 - Closes https://github.com/curl/curl/pull/3661 - -Daniel Stenberg (9 Mar 2019) -- test331: verify set-cookie for dotless host name - - Reproduced bug #3649 - Closes #3659 - -- Revert "cookies: extend domain checks to non psl builds" - - This reverts commit 3773de378d48b06c09931e44dca4d274d0bfdce0. - - Regression shipped in 7.64.0 - Fixes #3649 - -- memdebug: make debug-specific functions use curl_dbg_ prefix - - To not "collide" or use up the regular curl_ name space. Also makes them - easier to detect in helper scripts. - - Closes #3656 - -- cmdline-opts/proxytunnel.d: the option tunnnels all protocols - - Clarify the language and simplify. - - Reported-by: Daniel Lublin - Closes #3658 - -- KNOWN_BUGS: Client cert (MTLS) issues with Schannel - - Closes #3145 - -- ROADMAP: updated to some more current things to work on - -- tests: fix multiple may be used uninitialized warnings - -- RELEASE-NOTES: synced - -- source: fix two 'nread' may be used uninitialized warnings - - Both seem to be false positives but we don't like warnings. - - Closes #3646 - -- gopher: remove check for path == NULL - - Since it can't be NULL and it makes Coverity believe we lack proper NULL - checks. Verified by test 659, landed in commit 15401fa886b. - - Pointed out by Coverity CID 1442746. - - Assisted-by: Dan Fandrich - Fixes #3617 - Closes #3642 - -- examples: only include - - That's the only public curl header we should encourage use of. - - Reviewed-by: Marcel Raad - Closes #3645 - -- ssh: loop the state machine if not done and not blocking - - If the state machine isn't complete, didn't fail and it didn't return - due to blocking it can just as well loop again. - - This addresses the problem with SFTP directory listings where we would - otherwise return back to the parent and as the multi state machine - doesn't have any code for using CURLM_CALL_MULTI_PERFORM for as long the - doing phase isn't complete, it would return out when in reality there - was more data to deal with. - - Fixes #3506 - Closes #3644 - -Jay Satiro (5 Mar 2019) -- multi: support verbose conncache closure handle - - - Change closure handle to receive verbose setting from the easy handle - most recently added via curl_multi_add_handle. - - The closure handle is a special easy handle used for closing cached - connections. It receives limited settings from the easy handle most - recently added to the multi handle. Prior to this change that did not - include verbose which was a problem because on connection shutdown - verbose mode was not acknowledged. - - Ref: https://github.com/curl/curl/pull/3598 - - Co-authored-by: Daniel Stenberg - - Closes https://github.com/curl/curl/pull/3618 - -Daniel Stenberg (4 Mar 2019) -- CURLU: fix NULL dereference when used over proxy - - Test 659 verifies - - Also fixed the test 658 name - - Closes #3641 - -- altsvc_out: check the return code from Curl_gmtime - - Pointed out by Coverity, CID 1442956. - - Closes #3640 - -- docs/ALTSVC.md: docs describing the approach - - Closes #3498 - -- alt-svc: add a travis build - -- alt-svc: add test 355 and 356 to verify with command line curl - -- alt-svc: the curl command line bits - -- alt-svc: the libcurl bits - -- travis: add build using gnutls - - Closes #3637 - -- RELEASE-NOTES: synced - -- [Simon Legner brought this change] - - scripts/completion.pl: also generate fish completion file - - This is the renamed script formerly known as zsh.pl - - Closes #3545 - -- gnutls: remove call to deprecated gnutls_compression_get_name - - It has been deprecated by GnuTLS since a year ago and now causes build - warnings. - - Ref: https://gitlab.com/gnutls/gnutls/commit/b0041897d2846737f5fb0f - Docs: https://www.gnutls.org/manual/html_node/Compatibility-API.html - - Closes #3636 - -Jay Satiro (2 Mar 2019) -- system_win32: move win32_init here from easy.c - - .. since system_win32 is a more appropriate location for the functions - and to extern the globals. - - Ref: https://github.com/curl/curl/commit/ca597ad#r32446578 - Reported-by: Gisle Vanem - - Closes https://github.com/curl/curl/pull/3625 - -Daniel Stenberg (1 Mar 2019) -- curl_easy_duphandle.3: clarify that a duped handle has no shares - - Reported-by: Sara Golemon - - Fixes #3592 - Closes #3634 - -- 10-at-a-time.c: fix too long line - -- [Arnaud Rebillout brought this change] - - examples: various fixes in ephiperfifo.c - - The main change here is the timer value that was wrong, it was given in - usecs (ms * 1000), while the itimerspec struct wants nsecs (ms * 1000 * - 1000). This resulted in the callback being invoked WAY TOO OFTEN. - - As a quick check you can run this command before and after applying this - commit: - - # shell 1 - ./ephiperfifo 2>&1 | tee ephiperfifo.log - # shell 2 - echo http://hacking.elboulangero.com > hiper.fifo - - Then just compare the size of the logs files. - - Closes #3633 - Fixes #3632 - Signed-off-by: Arnaud Rebillout - -- urldata: simplify bytecounters - - - no need to have them protocol specific - - - no need to set pointers to them with the Curl_setup_transfer() call - - - make Curl_setup_transfer() operate on a transfer pointer, not - connection - - - switch some counters from long to the more proper curl_off_t type - - Closes #3627 - -- examples/10-at-a-time.c: improve readability and simplify - - - use better variable names to explain their purposes - - convert logic to curl_multi_wait() - -- threaded-resolver: shutdown the resolver thread without error message - - When a transfer is done, the resolver thread will be brought down. That - could accidentally generate an error message in the error buffer even - though this is not an error situationand the transfer would still return - OK. An application that still reads the error buffer could find a - "Could not resolve host: [host name]" message there and get confused. - - Reported-by: Michael Schmid - Fixes #3629 - Closes #3630 - -- [Ԝеѕ brought this change] - - docs: update max-redirs.d phrasing - - clarify redir - "in absurdum" doesn't seem to make sense in this context - - Closes #3631 - -- ssh: fix Condition '!status' is always true - - in the same sftp_done function in both SSH backends. Simplify them - somewhat. - - Pointed out by Codacy. - - Closes #3628 - -- test578: make it read data from the correct test - -- Curl_easy: remove req.maxfd - never used! - - Introduced in 8b6314ccfb, but not used anymore in current code. Unclear - since when. - - Closes #3626 - -- http: set state.infilesize when sending formposts - - Without it set, we would unwillingly triger the "HTTP error before end - of send, stop sending" condition even if the entire POST body had been - sent (since it wouldn't know the expected size) which would - unnecessarily log that message and close the connection when it didn't - have to. - - Reported-by: Matt McClure - Bug: https://curl.haxx.se/mail/archive-2019-02/0023.html - Closes #3624 - -- INSTALL: refer to the current TLS library names and configure options - -- FAQ: minor updates and spelling fixes - -- GOVERNANCE.md: minor spelling fixes - -- Secure Transport: no more "darwinssl" - - Everyone calls it Secure Transport, now we do too. - - Reviewed-by: Nick Zitzmann - - Closes #3619 - -Marcel Raad (27 Feb 2019) -- AppVeyor: add classic MinGW build - - But use the MSYS2 shell rather than the default MSYS shell because of - POSIX path conversion issues. Classic MinGW is only available on the - Visual Studio 2015 image. - - Closes https://github.com/curl/curl/pull/3623 - -- AppVeyor: add MinGW-w64 build - - Add a MinGW-w64 build using CMake's MSYS Makefiles generator. - Use the Visual Studio 2015 image as it has GCC 8, while the - Visual Studio 2017 image only has GCC 7.2. - - Closes https://github.com/curl/curl/pull/3623 - -Daniel Stenberg (27 Feb 2019) -- cookies: only save the cookie file if the engine is enabled - - Follow-up to 8eddb8f4259. - - If the cookieinfo pointer is NULL there really is nothing to save. - - Without this fix, we got a problem when a handle was using shared object - with cookies and is told to "FLUSH" it to file (which worked) and then - the share object was removed and when the easy handle was closed just - afterwards it has no cookieinfo and no cookies so it decided to save an - empty jar (overwriting the file just flushed). - - Test 1905 now verifies that this works. - - Assisted-by: Michael Wallner - Assisted-by: Marcel Raad - - Closes #3621 - -- [DaVieS brought this change] - - cacertinmem.c: use multiple certificates for loading CA-chain - - Closes #3421 - -- urldata: convert bools to bitfields and move to end - - This allows the compiler to pack and align the structs better in - memory. For a rather feature-complete build on x86_64 Linux, gcc 8.1.2 - makes the Curl_easy struct 4.9% smaller. From 6312 bytes to 6000. - - Removed an unused struct field. - - No functionality changes. - - Closes #3610 - -- [Don J Olmstead brought this change] - - curl.h: use __has_declspec_attribute for shared builds - - Closes #3616 - -- curl: display --version features sorted alphabetically - - Closes #3611 - -- runtests: detect "schannel" as an alias for "winssl" - - Follow-up to 180501cb02 - - Reported-by: Marcel Raad - Fixes #3609 - Closes #3620 - -Marcel Raad (26 Feb 2019) -- AppVeyor: update to Visual Studio 2017 - - Switch all Visual Studio 2015 builds to Visual Studio 2017. It's not a - moving target anymore as the last update, Update 9, has been released. - - Closes https://github.com/curl/curl/pull/3606 - -- AppVeyor: switch VS 2015 builds to VS 2017 image - - The Visual Studio 2017 image has Visual Studio 2015 and 2017 installed. - - Closes https://github.com/curl/curl/pull/3606 - -- AppVeyor: explicitly select worker image - - Currently, we're using the default Visual Studio 2015 image for - everything. - - Closes https://github.com/curl/curl/pull/3606 - -Daniel Stenberg (26 Feb 2019) -- strerror: make the strerror function use local buffers - - Instead of using a fixed 256 byte buffer in the connectdata struct. - - In my build, this reduces the size of the connectdata struct by 11.8%, - from 2160 to 1904 bytes with no functionality or performance loss. - - This also fixes a bug in schannel's Curl_verify_certificate where it - called Curl_sspi_strerror when it should have called Curl_strerror for - string from GetLastError. the only effect would have been no text or the - wrong text being shown for the error. - - Co-authored-by: Jay Satiro - - Closes #3612 - -- [Michael Wallner brought this change] - - cookies: fix NULL dereference if flushing cookies with no CookieInfo set - - Regression brought by a52e46f3900fb0 (shipped in 7.63.0) - - Closes #3613 - -Marcel Raad (26 Feb 2019) -- AppVeyor: re-enable test 500 - - It's passing now. - - Closes https://github.com/curl/curl/pull/3615 - -- AppVeyor: remove redundant builds - - Remove the Visual Studio 2012 and 2013 builds as they add little value. - - Ref: https://github.com/curl/curl/pull/3606 - Closes https://github.com/curl/curl/pull/3614 - -Daniel Stenberg (25 Feb 2019) -- RELEASE-NOTES: synced - -- [Bernd Mueller brought this change] - - OpenSSL: add support for TLS ASYNC state - - Closes #3591 - -Jay Satiro (25 Feb 2019) -- [Michael Felt brought this change] - - acinclude: add additional libraries to check for LDAP support - - - Add an additional check for LDAP that also checks for OpenSSL since - on AIX those libraries may be required to link LDAP properly. - - Fixes https://github.com/curl/curl/issues/3595 - Closes https://github.com/curl/curl/pull/3596 - -- [georgeok brought this change] - - schannel: support CALG_ECDH_EPHEM algorithm - - Add support for Ephemeral elliptic curve Diffie-Hellman key exchange - algorithm option when selecting ciphers. This became available on the - Win10 SDK. - - Closes https://github.com/curl/curl/pull/3608 - -Daniel Stenberg (24 Feb 2019) -- multi: call multi_done on connect timeouts - - Failing to do so would make the CURLINFO_TOTAL_TIME timeout to not get - updated correctly and could end up getting reported to the application - completely wrong (way too small). - - Reported-by: accountantM on github - Fixes #3602 - Closes #3605 - -- examples: remove recursive calls to curl_multi_socket_action - - From within the timer callbacks. Recursive is problematic for several - reasons. They should still work, but this way the examples and the - documentation becomes simpler. I don't think we need to encourage - recursive calls. - - Discussed in #3537 - Closes #3601 - -Marcel Raad (23 Feb 2019) -- configure: remove CURL_CHECK_FUNC_FDOPEN call - - The macro itself has been removed in commit - 11974ac859c5d82def59e837e0db56fef7f6794e. - - Closes https://github.com/curl/curl/pull/3604 - -Daniel Stenberg (23 Feb 2019) -- wolfssl: stop custom-adding curves - - since wolfSSL PR https://github.com/wolfSSL/wolfssl/pull/717 (shipped in - wolfSSL 3.10.2 and later) it sends these curves by default already. - - Pointed-out-by: David Garske - - Closes #3599 - -- configure: remove the unused fdopen macro - - and the two remaining #ifdefs for it - - Closes #3600 - -Jay Satiro (22 Feb 2019) -- url: change conn shutdown order to unlink data as last step - - - Split off connection shutdown procedure from Curl_disconnect into new - function conn_shutdown. - - - Change the shutdown procedure to close the sockets before - disassociating the transfer. - - Prior to this change the sockets were closed after disassociating the - transfer so SOCKETFUNCTION wasn't called since the transfer was already - disassociated. That likely came about from recent work started in - Jan 2019 (#3442) to separate transfers from connections. - - Bug: https://curl.haxx.se/mail/lib-2019-02/0101.html - Reported-by: Pavel Löbl - - Closes https://github.com/curl/curl/issues/3597 - Closes https://github.com/curl/curl/pull/3598 - -Marcel Raad (22 Feb 2019) -- Fix strict-prototypes GCC warning - - As seen in the MinGW autobuilds. Caused by commit - f26bc29cfec0be84c67cf74065cf8e5e78fd68b7. - -Dan Fandrich (21 Feb 2019) -- tests: Fixed XML validation errors in some test files. - -Daniel Stenberg (20 Feb 2019) -- TODO: Allow SAN names in HTTP/2 server push - - Suggested-by: Nicolas Grekas - -- RELEASE-NOTES: synced - -- curl: remove MANUAL from -M output - - ... and remove it from the dist tarball. It has served its time, it - barely gets updated anymore and "everything curl" is now convering all - this document once tried to include, and does it more and better. - - In the compressed scenario, this removes ~15K data from the binary, - which is 25% of the -M output. - - It remains in the git repo for now for as long as the web site builds a - page using that as source. It renders poorly on the site (especially for - mobile users) so its not even good there. - - Closes #3587 - -- http2: verify :athority in push promise requests - - RFC 7540 says we should verify that the push is for an "authoritative" - server. We make sure of this by only allowing push with an :athority - header that matches the host that was asked for in the URL. - - Fixes #3577 - Reported-by: Nicolas Grekas - Bug: https://curl.haxx.se/mail/lib-2019-02/0057.html - Closes #3581 - -- singlesocket: fix the 'sincebefore' placement - - The variable wasn't properly reset within the loop and thus could remain - set for sockets that hadn't been set before and miss notifying the app. - - This is a follow-up to 4c35574 (shipped in curl 7.64.0) - - Reported-by: buzo-ffm on github - Detected-by: Jan Alexander Steffens - Fixes #3585 - Closes #3589 - -- connection: never reuse CONNECT_ONLY conections - - and make CONNECT_ONLY conections never reuse any existing ones either. - - Reported-by: Pavel Löbl - Bug: https://curl.haxx.se/mail/lib-2019-02/0064.html - Closes #3586 - -Patrick Monnerat (19 Feb 2019) -- cli tool: fix mime post with --disable-libcurl-option configure option - - Reported-by: Marcel Raad - Fixes #3576 - Closes #3583 - -Daniel Stenberg (19 Feb 2019) -- x509asn1: cleanup and unify code layout - - - rename 'n' to buflen in functions, and use size_t for them. Don't pass - in negative buffer lengths. - - - move most function comments to above the function starts like we use - to - - - remove several unnecessary typecasts (especially of NULL) - - Reviewed-by: Patrick Monnerat - Closes #3582 - -- curl_multi_remove_handle.3: use at any time, just not from within callbacks - - [ci skip] - -- http: make adding a blank header thread-safe - - Previously the function would edit the provided header in-place when a - semicolon is used to signify an empty header. This made it impossible to - use the same set of custom headers in multiple threads simultaneously. - - This approach now makes a local copy when it needs to edit the string. - - Reported-by: d912e3 on github - Fixes #3578 - Closes #3579 - -- unit1651: survive curl_easy_init() fails - -- [Frank Gevaerts brought this change] - - rand: Fix a mismatch between comments in source and header. - - Reported-by: Björn Stenberg - Closes #3584 - -Patrick Monnerat (18 Feb 2019) -- x509asn1: replace single char with an array - - Although safe in this context, using a single char as an array may - cause invalid accesses to adjacent memory locations. - - Detected by Coverity. - -Daniel Stenberg (18 Feb 2019) -- examples/http2-serverpush: add some sensible error checks - - To avoid NULL pointer dereferences etc in the case of problems. - - Closes #3580 - -Jay Satiro (18 Feb 2019) -- easy: fix win32 init to work without CURL_GLOBAL_WIN32 - - - Change the behavior of win32_init so that the required initialization - procedures are not affected by CURL_GLOBAL_WIN32 flag. - - libcurl via curl_global_init supports initializing for win32 with an - optional flag CURL_GLOBAL_WIN32, which if omitted was meant to stop - Winsock initialization. It did so internally by skipping win32_init() - when that flag was set. Since then win32_init() has been expanded to - include required initialization routines that are separate from - Winsock and therefore must be called in all cases. This commit fixes - it so that CURL_GLOBAL_WIN32 only controls the optional win32 - initialization (which is Winsock initialization, according to our doc). - - The only users affected by this change are those that don't pass - CURL_GLOBAL_WIN32 to curl_global_init. For them this commit removes the - risk of a potential crash. - - Ref: https://github.com/curl/curl/pull/3573 - - Fixes https://github.com/curl/curl/issues/3313 - Closes https://github.com/curl/curl/pull/3575 - -Daniel Gustafsson (17 Feb 2019) -- cookie: Add support for cookie prefixes - - The draft-ietf-httpbis-rfc6265bis-02 draft, specify a set of prefixes - and how they should affect cookie initialization, which has been - adopted by the major browsers. This adds support for the two prefixes - defined, __Host- and __Secure, and updates the testcase with the - supplied examples from the draft. - - Closes #3554 - Reviewed-by: Daniel Stenberg - -- mbedtls: release sessionid resources on error - - If mbedtls_ssl_get_session() fails, it may still have allocated - memory that needs to be freed to avoid leaking. Call the library - API function to release session resources on this errorpath as - well as on Curl_ssl_addsessionid() errors. - - Closes: #3574 - Reported-by: Michał Antoniak - Reviewed-by: Daniel Stenberg - -Patrick Monnerat (16 Feb 2019) -- cli tool: refactor encoding conversion sequence for switch case fallthrough. - -- version.c: silent scan-build even when librtmp is not enabled - -Daniel Stenberg (15 Feb 2019) -- RELEASE-NOTES: synced - -- Curl_now: figure out windows version in win32_init - - ... and avoid use of static variables that aren't thread safe. - - Fixes regression from e9ababd4f5a (present in the 7.64.0 release) - - Reported-by: Paul Groke - Fixes #3572 - Closes #3573 - -Marcel Raad (15 Feb 2019) -- unit1307: just fail without FTP support - - I missed to check this in with commit - 71786c0505926aaf7e9b2477b2fb7ee16a915ec6, which only disabled the test. - This fixes the actual linker error. - - Closes https://github.com/curl/curl/pull/3568 - -Daniel Stenberg (15 Feb 2019) -- travis: enable valgrind for the iconv tests too - - Closes #3571 - -- travis: add scan-build - - Closes #3564 - -- examples/sftpuploadresume: Value stored to 'result' is never read - - Detected by scan-build - -- examples/http2-upload: cleaned up - - Fix scan-build warnings, no globals, no silly handle scan. Also remove - handles from the multi before cleaning up. - -- examples/http2-download: cleaned up - - To avoid scan-build warnings and global variables. - -- examples/postinmemory: Potential leak of memory pointed to by 'chunk.memory' - - Detected by scan-build - -- examples/httpcustomheader: Value stored to 'res' is never read - - Detected by scan-build - -- examples: remove superfluous null-pointer checks - - in ftpget, ftpsget and sftpget, so that scan-build stops warning for - potential NULL pointer dereference below! - - Detected by scan-build - -- strip_trailing_dot: make sure NULL is never used for strlen - - scan-build warning: Null pointer passed as an argument to a 'nonnull' - parameter - -- [Jay Satiro brought this change] - - connection_check: restore original conn->data after the check - - - Save the original conn->data before it's changed to the specified - data transfer for the connection check and then restore it afterwards. - - This is a follow-up to 38d8e1b 2019-02-11. - - History: - - It was discovered a month ago that before checking whether to extract a - dead connection that that connection should be associated with a "live" - transfer for the check (ie original conn->data ignored and set to the - passed in data). A fix was landed in 54b201b which did that and also - cleared conn->data after the check. The original conn->data was not - restored, so presumably it was thought that a valid conn->data was no - longer needed. - - Several days later it was discovered that a valid conn->data was needed - after the check and follow-up fix was landed in bbae24c which partially - reverted the original fix and attempted to limit the scope of when - conn->data was changed to only when pruning dead connections. In that - case conn->data was not cleared and the original conn->data not - restored. - - A month later it was discovered that the original fix was somewhat - correct; a "live" transfer is needed for the check in all cases - because original conn->data could be null which could cause a bad deref - at arbitrary points in the check. A fix was landed in 38d8e1b which - expanded the scope to all cases. conn->data was not cleared and the - original conn->data not restored. - - A day later it was discovered that not restoring the original conn->data - may lead to busy loops in applications that use the event interface, and - given this observation it's a pretty safe assumption that there is some - code path that still needs the original conn->data. This commit is the - follow-up fix for that, it restores the original conn->data after the - connection check. - - Assisted-by: tholin@users.noreply.github.com - Reported-by: tholin@users.noreply.github.com - - Fixes https://github.com/curl/curl/issues/3542 - Closes #3559 - -- memdebug: bring back curl_mark_sclose - - Used by debug builds with NSS. - - Reverted from 05b100aee247bb - -Patrick Monnerat (14 Feb 2019) -- transfer.c: do not compute length of undefined hex buffer. - - On non-ascii platforms, the chunked hex header was measured for char code - conversion length, even for chunked trailers that do not have an hex header. - In addition, the efective length is already known: use it. - Since the hex length can be zero, only convert if needed. - - Reported by valgrind. - -Daniel Stenberg (14 Feb 2019) -- KNOWN_BUGS: Cannot compile against a static build of OpenLDAP - - Closes #2367 - -Patrick Monnerat (14 Feb 2019) -- x509asn1: "Dereference of null pointer" - - Detected by scan-build (false positive). - -Daniel Stenberg (14 Feb 2019) -- configure: show features as well in the final summary - - Closes #3569 - -- KNOWN_BUGS: curl compiled on OSX 10.13 failed to run on OSX 10.10 - - Closes #2905 - -- KNOWN_BUGS: Deflate error after all content was received - - Closes #2719 - -- gssapi: fix deprecated header warnings - - Heimdal includes on FreeBSD spewed out lots of them. Less so now. - - Closes #3566 - -- TODO: Upgrade to websockets - - Closes #3523 - -- TODO: cmake test suite improvements - - Closes #3109 - -Patrick Monnerat (13 Feb 2019) -- curl: "Dereference of null pointer" - - Rephrase to satisfy scan-build. - -Marcel Raad (13 Feb 2019) -- unit1307: require FTP support - - This test doesn't link without FTP support after - fc7ab4835b5fd09d0a6f57000633bb6bb6edfda1, which made Curl_fnmatch - unavailable without FTP support. - - Closes https://github.com/curl/curl/pull/3565 - -Daniel Stenberg (13 Feb 2019) -- TODO: TFO support on Windows - - Nobody works on this now. - - Closes #3378 - -- multi: Dereference of null pointer - - Mostly a false positive, but this makes the code easier to read anyway. - - Detected by scan-build. - - Closes #3563 - -- urlglob: Argument with 'nonnull' attribute passed null - - Detected by scan-build. - -Jay Satiro (12 Feb 2019) -- schannel: restore some debug output but only for debug builds - - Follow-up to 84c10dc from earlier today which wrapped a lot of the noisy - debug output in DEBUGF but omitted a few lines. - - Ref: https://github.com/curl/curl/commit/84c10dc#r32292900 - -- examples/crawler: Fix the Accept-Encoding setting - - - Pass an empty string to CURLOPT_ACCEPT_ENCODING to use the default - supported encodings. - - Prior to this change the specific encodings of gzip and deflate were set - but there's no guarantee they'd be supported by the user's libcurl. - -Daniel Stenberg (12 Feb 2019) -- mime: put the boundary buffer into the curl_mime struct - - ... instead of allocating it separately and point to it. It is - fixed-size and always used for each part. - - Closes #3561 - -- schannel: be quiet - - Convert numerous infof() calls into debug-build only messages since they - are annoyingly verbose for regular applications. Removed a few. - - Bug: https://curl.haxx.se/mail/lib-2019-02/0027.html - Reported-by: Volker Schmid - Closes #3552 - -- [Romain Geissler brought this change] - - Curl_resolv: fix a gcc -Werror=maybe-uninitialized warning - - Closes #3562 - -- http2: multi_connchanged() moved from multi.c, only used for h2 - - Closes #3557 - -- curl: "Function call argument is an uninitialized value" - - Follow-up to cac0e4a6ad14b42471eb - - Detected by scan-build - Closes #3560 - -- pretransfer: don't strlen() POSTFIELDS set for GET requests - - ... since that data won't be used in the request anyway. - - Fixes #3548 - Reported-by: Renaud Allard - Close #3549 - -- multi: remove verbose "Expire in" ... messages - - Reported-by: James Brown - Bug: https://curl.haxx.se/mail/archive-2019-02/0013.html - Closes #3558 - -- mbedtls: make it build even if MBEDTLS_VERSION_C isn't set - - Reported-by: MAntoniak on github - Fixes #3553 - Closes #3556 - -Daniel Gustafsson (12 Feb 2019) -- non-ascii.c: fix typos in comments - - Fix two occurrences of s/convers/converts/ spotted while reading code. - -Daniel Stenberg (12 Feb 2019) -- fnmatch: disable if FTP is disabled - - Closes #3551 - -- curl_path: only enabled for SSH builds - -- [Frank Gevaerts brought this change] - - tests: add stderr comparison to the test suite - - The code is more or less copied from the stdout comparison code, maybe - some better reuse is possible. - - test 1457 is adjusted to make the output actually match (by using --silent) - test 506 used without actually needing it, so that block is removed - - Closes #3536 - -Patrick Monnerat (11 Feb 2019) -- cli tool: do not use mime.h private structures. - - Option -F generates an intermediate representation of the mime structure - that is used later to create the libcurl mime structure and generate - the --libcurl statements. - - Reported-by: Daniel Stenberg - Fixes #3532 - Closes #3546 - -Daniel Stenberg (11 Feb 2019) -- curlver: bump to 7.64.1-dev - -- RELEASE-NOTES: synced - - and bump the version in progress to 7.64.1. If we merge any "change" - before the cut-off date, we update again. - -Daniel Gustafsson (11 Feb 2019) -- curl: follow-up to 3f16990ec84 - - Commit 3f16990ec84cc4b followed-up a bug in b49652ac66cc0 but was - inadvertently introducing a new bug in the ternary expression. - - Close #3555 - Reviewed-by: Daniel Stenberg - -- dns: release sharelock as soon as possible - - There is no benefit to holding the data sharelock when freeing the - addrinfo in case it fails, so ensure releaseing it as soon as we can - rather than holding on to it. This also aligns the code with other - consumers of sharelocks. - - Closes #3516 - Reviewed-by: Daniel Stenberg - -Daniel Stenberg (11 Feb 2019) -- curl: follow-up to b49652ac66cc0 - - On FreeBSD, return non-zero on error otherwise zero. - - Reported-by: Marcel Raad - -- multi: (void)-prefix when ignoring return values - - ... and added braces to two function calls which fixes warnings if they - are replace by empty macros at build-time. - -- curl: fix FreeBSD compiler warning in the --xattr code - - Closes #3550 - -- connection_check: set ->data to the transfer doing the check - - The http2 code for connection checking needs a transfer to use. Make - sure a working one is set before handler->connection_check() is called. - - Reported-by: jnbr on github - Fixes #3541 - Closes #3547 - -- hostip: make create_hostcache_id avoid alloc + free - - Closes #3544 - -- scripts/singleuse: script to use to track single-use functions - - That is functions that are declared global but are not used from outside - of the file in which it is declared. Such functions should be made - static or even at times be removed. - - It also verifies that all used curl_ prefixed functions are "blessed" - - Closes #3538 - -- cleanup: make local functions static - - urlapi: turn three local-only functions into statics - - conncache: make conncache_find_first_connection static - - multi: make detach_connnection static - - connect: make getaddressinfo static - - curl_ntlm_core: make hmac_md5 static - - http2: make two functions static - - http: make http_setup_conn static - - connect: make tcpnodelay static - - tests: make UNITTEST a thing to mark functions with, so they can be static for - normal builds and non-static for unit test builds - - ... and mark Curl_shuffle_addr accordingly. - - url: make up_free static - - setopt: make vsetopt static - - curl_endian: make write32_le static - - rtsp: make rtsp_connisdead static - - warnless: remove unused functions - - memdebug: remove one unused function, made another static - -Dan Fandrich (10 Feb 2019) -- cirrus: Added FreeBSD builds using Cirrus CI. - - The build logs will be at https://cirrus-ci.com/github/curl/curl - - Some tests are currently failing and so disabled for now. The SSH server - isn't starting for the SSH tests due to unsupported options used in its - config file. The DICT server also is failing on startup. - -Daniel Stenberg (9 Feb 2019) -- url/idnconvert: remove scan for <= 32 ascii values - - The check was added back in fa939220df before the URL parser would catch - these problems and therefore these will never trigger now. - - Closes #3539 - -- urlapi: reduce variable scope, remove unreachable 'break' - - Both nits pointed out by codacy.com - - Closes #3540 - -Alessandro Ghedini (7 Feb 2019) -- zsh.pl: escape ':' character - - ':' is interpreted as separator by zsh, so if used as part of the argument - or option's description it needs to be escaped. - - The problem can be reproduced as follows: - - % curl --reso - % curl -E - - Bug: https://bugs.debian.org/921452 - -- zsh.pl: update regex to better match curl -h output - - The current regex fails to match '<...>' arguments properly (e.g. those - with spaces in them), which causes an completion script with wrong - descriptions for some options. - - Here's a diff of the generated completion script, comparing the previous - version to the one with this fix: - - --- /usr/share/zsh/vendor-completions/_curl 2019-01-15 20:47:40.000000000 +0000 - +++ _curl 2019-02-05 20:57:29.453349040 +0000 - @@ -9,48 +9,48 @@ - - _arguments -C -S \ - --happy-eyeballs-timeout-ms'[How long to wait in milliseconds for IPv6 before trying IPv4]':'' \ - + --resolve'[Resolve the host+port to this address]':'' \ - {-c,--cookie-jar}'[Write cookies to after operation]':'':_files \ - {-D,--dump-header}'[Write the received headers to ]':'':_files \ - {-y,--speed-time}'[Trigger '\''speed-limit'\'' abort after this time]':'' \ - --proxy-cacert'[CA certificate to verify peer against for proxy]':'':_files \ - - --tls13-ciphers'[of TLS 1.3 ciphersuites> TLS 1.3 cipher suites to use]':'' \ - {-E,--cert}'[Client certificate file and password]':'' \ - --libcurl'[Dump libcurl equivalent code of this command line]':'':_files \ - --proxy-capath'[CA directory to verify peer against for proxy]':'':_files \ - - --proxy-negotiate'[HTTP Negotiate (SPNEGO) authentication on the proxy]':'Use' \ - --proxy-pinnedpubkey'[FILE/HASHES public key to verify proxy with]':'' \ - --crlfile'[Get a CRL list in PEM format from the given file]':'':_files \ - - --proxy-insecure'[HTTPS proxy connections without verifying the proxy]':'Do' \ - - --proxy-ssl-allow-beast'[security flaw for interop for HTTPS proxy]':'Allow' \ - + --proxy-negotiate'[Use HTTP Negotiate (SPNEGO) authentication on the proxy]' \ - --abstract-unix-socket'[Connect via abstract Unix domain socket]':'' \ - --pinnedpubkey'[FILE/HASHES Public key to verify peer against]':'' \ - + --proxy-insecure'[Do HTTPS proxy connections without verifying the proxy]' \ - --proxy-pass'[Pass phrase for the private key for HTTPS proxy]':'' \ - + --proxy-ssl-allow-beast'[Allow security flaw for interop for HTTPS proxy]' \ - {-p,--proxytunnel}'[Operate through an HTTP proxy tunnel (using CONNECT)]' \ - --socks5-hostname'[SOCKS5 proxy, pass host name to proxy]':'' \ - --proto-default'[Use PROTOCOL for any URL missing a scheme]':'' \ - - --proxy-tls13-ciphers'[list> TLS 1.3 proxy cipher suites]':'' \ - --socks5-gssapi-service'[SOCKS5 proxy service name for GSS-API]':'' \ - --ftp-alternative-to-user'[String to replace USER \[name\]]':'' \ - - --ftp-ssl-control'[SSL/TLS for FTP login, clear for transfer]':'Require' \ - {-T,--upload-file}'[Transfer local FILE to destination]':'':_files \ - --local-port'[Force use of RANGE for local port numbers]':'' \ - --proxy-tlsauthtype'[TLS authentication type for HTTPS proxy]':'' \ - {-R,--remote-time}'[Set the remote file'\''s time on the local output]' \ - - --retry-connrefused'[on connection refused (use with --retry)]':'Retry' \ - - --suppress-connect-headers'[proxy CONNECT response headers]':'Suppress' \ - - {-j,--junk-session-cookies}'[session cookies read from file]':'Ignore' \ - - --location-trusted'[--location, and send auth to other hosts]':'Like' \ - + --ftp-ssl-control'[Require SSL/TLS for FTP login, clear for transfer]' \ - --proxy-cert-type'[Client certificate type for HTTPS proxy]':'' \ - {-O,--remote-name}'[Write output to a file named as the remote file]' \ - + --retry-connrefused'[Retry on connection refused (use with --retry)]' \ - + --suppress-connect-headers'[Suppress proxy CONNECT response headers]' \ - --trace-ascii'[Like --trace, but without hex output]':'':_files \ - --connect-timeout'[Maximum time allowed for connection]':'' \ - --expect100-timeout'[How long to wait for 100-continue]':'' \ - {-g,--globoff}'[Disable URL sequences and ranges using {} and \[\]]' \ - + {-j,--junk-session-cookies}'[Ignore session cookies read from file]' \ - {-m,--max-time}'[Maximum time allowed for the transfer]':'' \ - --dns-ipv4-addr'[IPv4 address to use for DNS requests]':'
' \ - --dns-ipv6-addr'[IPv6 address to use for DNS requests]':'
' \ - - --ignore-content-length'[the size of the remote resource]':'Ignore' \ - {-k,--insecure}'[Allow insecure server connections when using SSL]' \ - + --location-trusted'[Like --location, and send auth to other hosts]' \ - --mail-auth'[Originator address of the original email]':'
' \ - --noproxy'[List of hosts which do not use proxy]':'' \ - --proto-redir'[Enable/disable PROTOCOLS on redirect]':'' \ - @@ -62,18 +62,19 @@ - --socks5-basic'[Enable username/password auth for SOCKS5 proxies]' \ - --cacert'[CA certificate to verify peer against]':'':_files \ - {-H,--header}'[Pass custom header(s) to server]':'
' \ - + --ignore-content-length'[Ignore the size of the remote resource]' \ - {-i,--include}'[Include protocol response headers in the output]' \ - --proxy-header'[Pass custom header(s) to proxy]':'
' \ - --unix-socket'[Connect through this Unix domain socket]':'' \ - {-w,--write-out}'[Use output FORMAT after completion]':'' \ - - --http2-prior-knowledge'[HTTP 2 without HTTP/1.1 Upgrade]':'Use' \ - {-o,--output}'[Write to file instead of stdout]':'':_files \ - - {-J,--remote-header-name}'[the header-provided filename]':'Use' \ - + --preproxy'[\[protocol://\]host\[:port\] Use this proxy first]' \ - --socks4a'[SOCKS4a proxy on given host + port]':'' \ - {-Y,--speed-limit}'[Stop transfers slower than this]':'' \ - {-z,--time-cond}'[Transfer based on a time condition]':'