diff options
| author | nikita <nikita@NetBSD.org> | 2020-09-14 20:51:07 +0200 |
|---|---|---|
| committer | nikita <nikita@NetBSD.org> | 2020-09-14 20:51:07 +0200 |
| commit | 0ab4932bcf864e45dc72e59db0f785c5c6c4f6a4 (patch) | |
| tree | 46b860affbd181a0dbb263aa4cca9955c47ef40c | |
| parent | ea5627408e41592ac8750032de41b97038811d88 (diff) | |
| parent | 9d954e49bce3706a9a2efb119ecd05767f0f2a9e (diff) | |
| download | gnurl-0ab4932bcf864e45dc72e59db0f785c5c6c4f6a4.tar.gz gnurl-0ab4932bcf864e45dc72e59db0f785c5c6c4f6a4.tar.bz2 gnurl-0ab4932bcf864e45dc72e59db0f785c5c6c4f6a4.zip | |
Merge tag 'curl-7_72_0' into master
curl 7.72.0
187 files changed, 3124 insertions, 1036 deletions
diff --git a/.azure-pipelines.yml b/.azure-pipelines.yml index 1435bf1e1..82a590eb6 100644 --- a/.azure-pipelines.yml +++ b/.azure-pipelines.yml @@ -49,7 +49,7 @@ stages: variables: install: '' configure: '' - tflags: '' + tests: '' timeoutInMinutes: 60 pool: vmImage: 'ubuntu-latest' @@ -57,7 +57,7 @@ stages: matrix: default: name: default - configure: --enable-debug --enable-werror + configure: --enable-debug disable_ipv6: name: w/o IPv6 configure: --disable-ipv6 @@ -74,12 +74,12 @@ stages: name: torture install: libnghttp2-dev configure: --enable-debug --disable-shared --disable-threaded-resolver --enable-alt-svc - tflags: -n -t --shallow=40 !FTP + tests: -n -t --shallow=40 !FTP steps: - - script: sudo apt-get update && sudo apt-get install -y stunnel4 python-impacket $(install) + - script: sudo apt-get update && sudo apt-get install -y stunnel4 python-impacket libzstd-dev libbrotli-dev $(install) displayName: 'apt install' - - script: ./buildconf && ./configure $(configure) + - script: ./buildconf && ./configure --enable-warnings --enable-werror $(configure) displayName: 'configure $(name)' - script: make @@ -89,7 +89,7 @@ stages: displayName: 'test' env: AZURE_ACCESS_TOKEN: "$(System.AccessToken)" - TFLAGS: "$(tflags)" + TFLAGS: "-r $(tests)" ########################################## ### Windows jobs below @@ -106,8 +106,8 @@ stages: container_img: '' container_cmd: '' configure: '' - tflags: '' - timeoutInMinutes: 90 + tests: '' + timeoutInMinutes: 120 pool: vmImage: 'windows-2019' strategy: @@ -116,67 +116,75 @@ stages: name: 32-bit OpenSSL and MQTT container_img: mback2k/curl-docker-winbuildenv-msys2-mingw32:ltsc2019 container_cmd: C:\msys64\usr\bin\sh - configure: --host=i686-w64-mingw32 --build=i686-w64-mingw32 --prefix=/mingw32 --enable-debug --enable-werror --enable-mqtt - tflags: ~1056 ~1299 + prepare: pacman -S --needed --noconfirm --noprogressbar libssh2-devel mingw-w64-i686-libssh2 + configure: --host=i686-w64-mingw32 --build=i686-w64-mingw32 --prefix=/mingw32 --enable-debug --enable-werror --enable-mqtt --with-libssh2 + tests: ~612 ~1056 ~1299 !SCP msys2_mingw64_debug_openssl: name: 64-bit OpenSSL and MQTT container_img: mback2k/curl-docker-winbuildenv-msys2-mingw64:ltsc2019 container_cmd: C:\msys64\usr\bin\sh - configure: --host=x86_64-w64-mingw32 --build=x86_64-w64-mingw32 --prefix=/mingw64 --enable-debug --enable-werror --enable-mqtt - tflags: ~1056 ~1299 + prepare: pacman -S --needed --noconfirm --noprogressbar libssh2-devel mingw-w64-x86_64-libssh2 + configure: --host=x86_64-w64-mingw32 --build=x86_64-w64-mingw32 --prefix=/mingw64 --enable-debug --enable-werror --enable-mqtt --with-libssh2 + tests: ~612 ~1056 ~1299 !SCP msys1_mingw_debug_openssl: name: 32-bit OpenSSL (legacy) container_img: mback2k/curl-docker-winbuildenv-msys1-mingw:ltsc2019 container_cmd: C:\MinGW\msys\1.0\bin\sh configure: --host=i686-pc-mingw32 --build=i686-pc-mingw32 --prefix=/mingw --enable-debug - tflags: ~203 ~1056 ~1143 + tests: ~203 ~1056 ~1143 msys1_mingw32_debug_openssl: name: 32-bit OpenSSL w/o zlib container_img: mback2k/curl-docker-winbuildenv-msys1-mingw32:ltsc2019 container_cmd: C:\MinGW\msys\1.0\bin\sh configure: --host=i686-w64-mingw32 --build=i686-w64-mingw32 --prefix=/mingw32 --enable-debug --enable-werror --without-zlib - tflags: ~203 ~1056 ~1143 ~1299 + tests: ~203 ~1056 ~1143 ~1299 msys1_mingw64_debug_openssl: name: 64-bit OpenSSL w/o zlib container_img: mback2k/curl-docker-winbuildenv-msys1-mingw64:ltsc2019 container_cmd: C:\MinGW\msys\1.0\bin\sh configure: --host=x86_64-w64-mingw32 --build=x86_64-w64-mingw32 --prefix=/mingw64 --enable-debug --enable-werror --without-zlib - tflags: ~203 ~1056 ~1143 ~1299 + tests: ~203 ~1056 ~1143 ~1299 msys2_mingw32_debug_schannel: name: 32-bit Schannel/SSPI/WinIDN container_img: mback2k/curl-docker-winbuildenv-msys2-mingw32:ltsc2019 container_cmd: C:\msys64\usr\bin\sh - configure: --host=i686-w64-mingw32 --build=i686-w64-mingw32 --prefix=/mingw32 --enable-debug --enable-werror --enable-sspi --without-ssl --with-schannel --with-winidn - tflags: ~165 ~310 ~1013 ~1056 ~1299 ~1448 ~2034 ~2037 ~2041 ~2046 ~2047 ~3000 ~3001 + prepare: pacman -S --needed --noconfirm --noprogressbar libssh2-devel mingw-w64-i686-libssh2 + configure: --host=i686-w64-mingw32 --build=i686-w64-mingw32 --prefix=/mingw32 --enable-debug --enable-werror --enable-sspi --without-ssl --with-schannel --with-winidn --with-libssh2 + tests: ~165 ~310 ~612 ~1013 ~1056 ~1299 ~1448 ~2034 ~2037 ~2041 ~2046 ~2047 ~3000 ~3001 !SCP msys2_mingw64_debug_schannel: name: 64-bit Schannel/SSPI/WinIDN container_img: mback2k/curl-docker-winbuildenv-msys2-mingw64:ltsc2019 container_cmd: C:\msys64\usr\bin\sh - configure: --host=x86_64-w64-mingw32 --build=x86_64-w64-mingw32 --prefix=/mingw64 --enable-debug --enable-werror --enable-sspi --without-ssl --with-schannel --with-winidn - tflags: ~165 ~310 ~1013 ~1056 ~1299 ~1448 ~2034 ~2037 ~2041 ~2046 ~2047 ~3000 ~3001 + prepare: pacman -S --needed --noconfirm --noprogressbar libssh2-devel mingw-w64-x86_64-libssh2 + configure: --host=x86_64-w64-mingw32 --build=x86_64-w64-mingw32 --prefix=/mingw64 --enable-debug --enable-werror --enable-sspi --without-ssl --with-schannel --with-winidn --with-libssh2 + tests: ~165 ~310 ~612 ~1013 ~1056 ~1299 ~1448 ~2034 ~2037 ~2041 ~2046 ~2047 ~3000 ~3001 !SCP msys1_mingw_debug_schannel: name: 32-bit Schannel/SSPI/WinIDN (legacy) container_img: mback2k/curl-docker-winbuildenv-msys1-mingw:ltsc2019 container_cmd: C:\MinGW\msys\1.0\bin\sh configure: --host=i686-pc-mingw32 --build=i686-pc-mingw32 --prefix=/mingw --enable-debug --enable-sspi --without-ssl --with-schannel --with-winidn - tflags: ~203 ~305 ~310 ~311 ~312 ~313 ~404 ~1013 ~1056 ~1143 ~2034 ~2035 ~2037 ~2038 ~2041 ~2042 ~2048 ~3000 ~3001 + tests: ~203 ~305 ~310 ~311 ~312 ~313 ~404 ~1013 ~1056 ~1143 ~2034 ~2035 ~2037 ~2038 ~2041 ~2042 ~2048 ~3000 ~3001 msys1_mingw32_debug_schannel: name: 32-bit Schannel/SSPI/WinIDN w/o zlib container_img: mback2k/curl-docker-winbuildenv-msys1-mingw32:ltsc2019 container_cmd: C:\MinGW\msys\1.0\bin\sh configure: --host=i686-w64-mingw32 --build=i686-w64-mingw32 --prefix=/mingw32 --enable-debug --enable-werror --enable-sspi --without-ssl --with-schannel --with-winidn --without-zlib - tflags: ~203 ~310 ~1013 ~1056 ~1143 ~1299 ~2034 ~2037 ~2041 ~3000 ~3001 + tests: ~203 ~310 ~1013 ~1056 ~1143 ~1299 ~2034 ~2037 ~2041 ~3000 ~3001 msys1_mingw64_debug_schannel: name: 64-bit Schannel/SSPI/WinIDN w/o zlib container_img: mback2k/curl-docker-winbuildenv-msys1-mingw64:ltsc2019 container_cmd: C:\MinGW\msys\1.0\bin\sh configure: --host=x86_64-w64-mingw32 --build=x86_64-w64-mingw32 --prefix=/mingw64 --enable-debug --enable-werror --enable-sspi --without-ssl --with-schannel --with-winidn --without-zlib - tflags: ~203 ~310 ~1013 ~1056 ~1143 ~1299 ~2034 ~2037 ~2041 ~3000 ~3001 + tests: ~203 ~310 ~1013 ~1056 ~1143 ~1299 ~2034 ~2037 ~2041 ~3000 ~3001 container: image: $(container_img) env: MSYS2_PATH_TYPE: inherit steps: + - script: $(container_cmd) -l -c "cd $(echo '%cd%') && $(prepare)" + displayName: 'prepare' + condition: variables.prepare + - script: $(container_cmd) -l -c "cd $(echo '%cd%') && ./buildconf && ./configure $(configure)" displayName: 'configure $(name)' @@ -187,4 +195,4 @@ stages: displayName: 'test' env: AZURE_ACCESS_TOKEN: "$(System.AccessToken)" - TFLAGS: "$(tflags)" + TFLAGS: "-r $(tests)" diff --git a/.cirrus.yml b/.cirrus.yml index 0cff11b4c..a1cd12a5a 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -29,8 +29,7 @@ task: # A stable 13.0 image likely won't be available before early 2021 # image_family: freebsd-13-0-snap image_family: freebsd-12-1 - # The stable 11.3 image causes "Agent is not responding" so use a snapshot - image_family: freebsd-11-3-snap + image_family: freebsd-11-4 env: CIRRUS_CLONE_DEPTH: 10 @@ -71,7 +70,7 @@ task: - case `uname -r` in 13.0*) SKIP_TESTS='!SFTP !SCP';; 12.1*) SKIP_TESTS='!SFTP !SCP';; - 11.3*) SKIP_TESTS='!SFTP !SCP';; + 11.*) SKIP_TESTS='!SFTP !SCP';; esac - sudo -u nobody make V=1 TFLAGS="-n -a -p !flaky ${SKIP_TESTS}" test-nonflaky install_script: diff --git a/.muse/config.toml b/.muse/config.toml new file mode 100644 index 000000000..4e5b5cc63 --- /dev/null +++ b/.muse/config.toml @@ -0,0 +1,3 @@ +ignore = [ "DEAD_STORE" ] +build = "make" +setup = ".muse/setup.sh" diff --git a/.muse/setup.sh b/.muse/setup.sh new file mode 100755 index 000000000..55872d594 --- /dev/null +++ b/.muse/setup.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env bash +./buildconf +./configure +echo "Ran the setup script for muse including autoconf and executing ./configure" diff --git a/CMake/FindZstd.cmake b/CMake/FindZstd.cmake new file mode 100644 index 000000000..44c741ae8 --- /dev/null +++ b/CMake/FindZstd.cmake @@ -0,0 +1,69 @@ +#*************************************************************************** +# _ _ ____ _ +# Project ___| | | | _ \| | +# / __| | | | |_) | | +# | (__| |_| | _ <| |___ +# \___|\___/|_| \_\_____| +# +# Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. +# +# This software is licensed as described in the file COPYING, which +# you should have received as part of this distribution. The terms +# are also available at https://curl.haxx.se/docs/copyright.html. +# +# You may opt to use, copy, modify, merge, publish, distribute and/or sell +# copies of the Software, and permit persons to whom the Software is +# furnished to do so, under the terms of the COPYING file. +# +# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +# KIND, either express or implied. +# +########################################################################### + +#[=======================================================================[.rst: +FindZstd +---------- + +Find the zstd library + +Result Variables +^^^^^^^^^^^^^^^^ + +``Zstd_FOUND`` + System has zstd +``Zstd_INCLUDE_DIRS`` + The zstd include directories. +``Zstd_LIBRARIES`` + The libraries needed to use zstd +#]=======================================================================] + +if(UNIX) + find_package(PkgConfig QUIET) + pkg_search_module(PC_Zstd libzstd) +endif() + +find_path(Zstd_INCLUDE_DIR zstd.h + HINTS + ${PC_Zstd_INCLUDEDIR} + ${PC_Zstd_INCLUDE_DIRS} +) + +find_library(Zstd_LIBRARY NAMES zstd + HINTS + ${PC_Zstd_LIBDIR} + ${PC_Zstd_LIBRARY_DIRS} +) + +include(FindPackageHandleStandardArgs) +find_package_handle_standard_args(Zstd + REQUIRED_VARS + Zstd_LIBRARY + Zstd_INCLUDE_DIR +) + +if(Zstd_FOUND) + set(Zstd_LIBRARIES ${Zstd_LIBRARY}) + set(Zstd_INCLUDE_DIRS ${Zstd_INCLUDE_DIR}) +endif() + +mark_as_advanced(Zstd_INCLUDE_DIRS Zstd_LIBRARIES) diff --git a/CMakeLists.txt b/CMakeLists.txt index 0eebda4ad..687929a79 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -82,12 +82,15 @@ if(WIN32) set(CURL_TARGET_WINDOWS_VERSION "" CACHE STRING "Minimum target Windows version as hex string") if(CURL_TARGET_WINDOWS_VERSION) add_definitions(-D_WIN32_WINNT=${CURL_TARGET_WINDOWS_VERSION}) + set(CMAKE_REQUIRED_DEFINITIONS "${CMAKE_REQUIRED_DEFINITIONS} -D_WIN32_WINNT=${CURL_TARGET_WINDOWS_VERSION}") elseif(ENABLE_INET_PTON) # _WIN32_WINNT_VISTA (0x0600) add_definitions(-D_WIN32_WINNT=0x0600) + set(CMAKE_REQUIRED_DEFINITIONS "${CMAKE_REQUIRED_DEFINITIONS} -D_WIN32_WINNT=0x0600") else() # _WIN32_WINNT_WINXP (0x0501) add_definitions(-D_WIN32_WINNT=0x0501) + set(CMAKE_REQUIRED_DEFINITIONS "${CMAKE_REQUIRED_DEFINITIONS} -D_WIN32_WINNT=0x0501") endif() endif() option(CURL_LTO "Turn on compiler Link Time Optimizations" OFF) @@ -101,7 +104,7 @@ option(ENABLE_CURLDEBUG "Set to ON to build with TrackMemory feature enabled" OF if(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_CLANG) if(PICKY_COMPILER) - foreach(_CCOPT -pedantic -Wall -W -Wpointer-arith -Wwrite-strings -Wunused -Wshadow -Winline -Wnested-externs -Wmissing-declarations -Wmissing-prototypes -Wno-long-long -Wfloat-equal -Wno-multichar -Wsign-compare -Wundef -Wno-format-nonliteral -Wendif-labels -Wstrict-prototypes -Wdeclaration-after-statement -Wstrict-aliasing=3 -Wcast-align -Wtype-limits -Wold-style-declaration -Wmissing-parameter-type -Wempty-body -Wclobbered -Wignored-qualifiers -Wconversion -Wno-sign-conversion -Wvla -Wdouble-promotion -Wno-system-headers -Wno-pedantic-ms-format) + foreach(_CCOPT -pedantic -Wall -W -Wpointer-arith -Wwrite-strings -Wunused -Wshadow -Winline -Wnested-externs -Wmissing-declarations -Wmissing-prototypes -Wfloat-equal -Wsign-compare -Wundef -Wendif-labels -Wstrict-prototypes -Wdeclaration-after-statement -Wstrict-aliasing=3 -Wcast-align -Wtype-limits -Wold-style-declaration -Wmissing-parameter-type -Wempty-body -Wclobbered -Wignored-qualifiers -Wconversion -Wvla -Wdouble-promotion) # surprisingly, CHECK_C_COMPILER_FLAG needs a new variable to store each new # test result in. string(MAKE_C_IDENTIFIER "OPT${_CCOPT}" _optvarname) @@ -110,6 +113,15 @@ if(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_CLANG) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${_CCOPT}") endif() endforeach() + foreach(_CCOPT long-long multichar format-nonliteral sign-conversion system-headers pedantic-ms-format) + # GCC only warns about unknown -Wno- options if there are also other diagnostic messages, + # so test for the positive form instead + string(MAKE_C_IDENTIFIER "OPT${_CCOPT}" _optvarname) + check_c_compiler_flag("-W${_CCOPT}" ${_optvarname}) + if(${_optvarname}) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-${_CCOPT}") + endif() + endforeach() endif() endif() @@ -228,7 +240,10 @@ if(ENABLE_IPV6 AND NOT WIN32) endif() endif() -# curl_nroff_check() +if(USE_MANUAL) + #nroff is currently only used when USE_MANUAL is set, so we can prevent the warning of no *NROFF if USE_MANUAL is OFF (or not defined), by not even looking for NROFF.. + curl_nroff_check() +endif() find_package(Perl) cmake_dependent_option(ENABLE_MANUAL "to provide the built-in manual" @@ -317,14 +332,17 @@ endif() # check SSL libraries # TODO support GnuTLS +if(CMAKE_USE_WINSSL) + message(FATAL_ERROR "The cmake option CMAKE_USE_WINSSL was renamed to CMAKE_USE_SCHANNEL.") +endif() if(APPLE) option(CMAKE_USE_SECTRANSP "enable Apple OS native SSL/TLS" OFF) endif() if(WIN32) - option(CMAKE_USE_WINSSL "enable Windows native SSL/TLS" OFF) + option(CMAKE_USE_SCHANNEL "enable Windows native SSL/TLS" OFF) cmake_dependent_option(CURL_WINDOWS_SSPI "Use windows libraries to allow NTLM authentication without openssl" ON - CMAKE_USE_WINSSL OFF) + CMAKE_USE_SCHANNEL OFF) endif() option(CMAKE_USE_MBEDTLS "Enable mbedTLS for SSL/TLS" OFF) option(CMAKE_USE_BEARSSL "Enable BearSSL for SSL/TLS" OFF) @@ -332,7 +350,7 @@ option(CMAKE_USE_NSS "Enable NSS for SSL/TLS" OFF) option(CMAKE_USE_WOLFSSL "enable wolfSSL for SSL/TLS" OFF) set(openssl_default OFF) -if(WIN32 OR CMAKE_USE_SECTRANSP OR CMAKE_USE_WINSSL OR CMAKE_USE_MBEDTLS OR CMAKE_USE_NSS OR CMAKE_USE_WOLFSSL) +if(WIN32 OR CMAKE_USE_SECTRANSP OR CMAKE_USE_SCHANNEL OR CMAKE_USE_MBEDTLS OR CMAKE_USE_NSS OR CMAKE_USE_WOLFSSL) set(openssl_default OFF) endif() option(CMAKE_USE_OPENSSL "Use OpenSSL code. Experimental" ${openssl_default}) @@ -341,7 +359,7 @@ option(CMAKE_USE_GNUTLS "Use GnuTLS." ON) count_true(enabled_ssl_options_count CMAKE_USE_GNUTLS - CMAKE_USE_WINSSL + CMAKE_USE_SCHANNEL CMAKE_USE_SECTRANSP CMAKE_USE_OPENSSL CMAKE_USE_MBEDTLS @@ -353,10 +371,10 @@ if(enabled_ssl_options_count GREATER "1") set(CURL_WITH_MULTI_SSL ON) endif() -if(CMAKE_USE_WINSSL) +if(CMAKE_USE_SCHANNEL) set(SSL_ENABLED ON) set(USE_SCHANNEL ON) # Windows native SSL/TLS support - set(USE_WINDOWS_SSPI ON) # CMAKE_USE_WINSSL implies CURL_WINDOWS_SSPI + set(USE_WINDOWS_SSPI ON) # CMAKE_USE_SCHANNEL implies CURL_WINDOWS_SSPI list(APPEND GNURL_LIBS "crypt32") endif() if(CURL_WINDOWS_SSPI) @@ -676,6 +694,22 @@ endif() option(CURL_BROTLI "Set to ON to enable building curl with brotli support." OFF) set(HAVE_BROTLI OFF) +option(CURL_ZSTD "Set to ON to enable building curl with zstd support." OFF) +set(HAVE_ZSTD OFF) +if(CURL_ZSTD) + find_package(Zstd REQUIRED) + cmake_push_check_state() + set(CMAKE_REQUIRED_INCLUDES ${Zstd_INCLUDE_DIRS}) + set(CMAKE_REQUIRED_LIBRARIES ${Zstd_LIBRARIES}) + check_symbol_exists(ZSTD_createDStream "zstd.h" HAVE_ZSTD_CREATEDSTREAM) + cmake_pop_check_state() + if(Zstd_FOUND AND HAVE_ZSTD_CREATEDSTREAM) + set(HAVE_ZSTD ON) + list(APPEND CURL_LIBS ${Zstd_LIBRARIES}) + include_directories(${Zstd_INCLUDE_DIRS}) + endif() +endif() + #libSSH2 option(CMAKE_USE_LIBSSH2 "Use libSSH2" ON) mark_as_advanced(CMAKE_USE_LIBSSH2) @@ -1316,11 +1350,13 @@ _add_if("SSL" SSL_ENABLED) _add_if("IPv6" ENABLE_IPV6) _add_if("unix-sockets" USE_UNIX_SOCKETS) _add_if("libz" HAVE_LIBZ) +_add_if("brotli" HAVE_BROTLI) +_add_if("zstd" HAVE_ZSTD) _add_if("AsynchDNS" USE_ARES OR USE_THREADS_POSIX OR USE_THREADS_WIN32) _add_if("IDN" HAVE_LIBIDN2) _add_if("Largefile" (CURL_SIZEOF_CURL_OFF_T GREATER 4) AND ((SIZEOF_OFF_T GREATER 4) OR USE_WIN32_LARGE_FILES)) -# TODO SSP1 (WinSSL) check is missing +# TODO SSP1 (Schannel) check is missing _add_if("SSPI" USE_WINDOWS_SSPI) _add_if("GSS-API" HAVE_GSSAPI) _add_if("alt-svc" ENABLE_ALT_SVC) @@ -1389,7 +1425,7 @@ message(STATUS "Enabled protocols: ${SUPPORT_PROTOCOLS}") # Clear list and collect SSL backends set(_items) -_add_if("WinSSL" SSL_ENABLED AND USE_WINDOWS_SSPI) +_add_if("Schannel" SSL_ENABLED AND USE_WINDOWS_SSPI) _add_if("OpenSSL" SSL_ENABLED AND USE_OPENSSL) _add_if("Secure Transport" SSL_ENABLED AND USE_SECTRANSP) _add_if("mbedTLS" SSL_ENABLED AND USE_MBEDTLS) diff --git a/MacOSX-Framework b/MacOSX-Framework index fb9983e63..c182fef1f 100755 --- a/MacOSX-Framework +++ b/MacOSX-Framework @@ -103,7 +103,7 @@ MINVER64='-mmacosx-version-min='$MACVER64 if test ! -z $SDK32; then echo "----Configuring libcurl for 32 bit universal framework..." make clean - ./configure --disable-dependency-tracking --disable-static --with-gssapi --with-darwinssl \ + ./configure --disable-dependency-tracking --disable-static --with-gssapi --with-secure-transport \ CFLAGS="-Os -isysroot $SDK32_DIR $ARCHES32" \ LDFLAGS="-Wl,-syslibroot,$SDK32_DIR $ARCHES32 -Wl,-headerpad_max_install_names" \ CC=$CC @@ -132,7 +132,7 @@ if test ! -z $SDK32; then popd make clean echo "----Configuring libcurl for 64 bit universal framework..." - ./configure --disable-dependency-tracking --disable-static --with-gssapi --with-darwinssl \ + ./configure --disable-dependency-tracking --disable-static --with-gssapi --with-secure-transport \ CFLAGS="-Os -isysroot $SDK64_DIR $ARCHES64" \ LDFLAGS="-Wl,-syslibroot,$SDK64_DIR $ARCHES64 -Wl,-headerpad_max_install_names" \ CC=$CC @@ -217,9 +217,9 @@ CONTACT All contributors to the project are listed in the THANKS document. -WEB SITE +WEBSITE - Visit the curl web site for the latest news and downloads: + Visit the curl website for the latest news and downloads: https://curl.haxx.se/ diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 04aa18bb4..363c7c947 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -1,31 +1,119 @@ -curl and libcurl 7.71.1 +curl and libcurl 7.72.0 - Public curl releases: 193 + Public curl releases: 194 Command line options: 232 curl_easy_setopt() options: 277 Public functions in libcurl: 82 - Contributors: 2210 + Contributors: 2239 + +This release includes the following changes: + + o content_encoding: add zstd decoding support [1] + o CURL_PUSH_ERROROUT: allow the push callback to fail the parent stream [31] + o CURLINFO_EFFECTIVE_METHOD: added [34] This release includes the following bugfixes: - o cirrus-ci: disable FreeBSD 13 (again) [14] - o Curl_inet_ntop: always check the return code [12] - o CURLOPT_READFUNCTION.3: provide the upload data size up front [5] - o DYNBUF.md: fix a typo: trail => tail [2] - o escape: make the URL decode able to reject only %00-bytes - o escape: zero length input should return a zero length output [11] - o examples/multithread.c: call curl_global_cleanup() [16] - o http2: set the correct URL in pushed transfers [9] - o http: fix proxy auth with blank password [3] - o mbedtls: fix build with disabled proxy support [7] - o ngtcp2: sync with current master [15] - o openssl: Fix compilation on Windows when ngtcp2 is enabled [10] - o Revert "multi: implement wait using winsock events" [6] - o sendf: improve the message on client write errors [13] - o terminology: call them null-terminated strings [1] - o tool_cb_hdr: Fix etag warning output and return code [4] - o url: allow user + password to contain "control codes" for HTTP(S) [8] - o vtls: compare cert blob when finding a connection to reuse [17] + o CVE-2020-8231: libcurl: wrong connect-only connection [98] + o appveyor: collect libcurl.dll variants with prefix or suffix [38] + o asyn-ares: correct some bad comments [94] + o bearssl: fix build with disabled proxy support [16] + o buildconf: avoid array concatenation in die() [64] + o buildconf: retire ares buildconf invocation + o checksrc: ban gmtime/localtime [40] + o checksrc: invoke script with -D to find .checksrc proper [63] + o CI/azure: install libssh2 for use with msys2-based builds [67] + o CI/azure: unconditionally enable warnings-as-errors with autotools [19] + o CI/macos: enable warnings as errors for CMake builds [4] + o CI/macos: set minimum macOS version [56] + o CI/macos: unconditionally enable warnings-as-errors with autotools [21] + o CI: Add muse CI analyzer [79] + o cirrus-ci: upgrade 11-STABLE to 11.4 [2] + o CMake: don't complain about missing nroff [87] + o CMake: fix test for warning suppressions [17] + o cmake: fix windows xp build [13] + o configure.ac: Sort features name in summary [6] + o configure: allow disabling warnings [26] + o configure: cleanup wolfssl + pkg-config conflicts when cross compiling. [48] + o configure: show zstd "no" in summary when built without it [49] + o connect: remove redundant message about connect failure [66] + o curl-config: ignore REQUIRE_LIB_DEPS in --libs output [96] + o curl.1: add a few missing valid exit codes [76] + o curl: add %{method} to the -w variables + o curl: improve the existing file check with -J [43] + o curl_multi_setopt: fix compiler warning "result is always false" [42] + o curl_version_info.3: CURL_VERSION_KERBEROS4 is deprecated [9] + o CURLINFO_CERTINFO.3: fix typo [3] + o CURLOPT_NOBODY.3: clarify what setting to 0 means [46] + o docs: add date of 7.20 to CURLM_CALL_MULTI_PERFORM mentions [18] + o docs: Add video link to docs/CONTRIBUTE.md [95] + o docs: change "web site" to "website" [86] + o docs: clarify MAX_SEND/RECV_SPEED functionality [92] + o docs: Update a few leftover mentions of DarwinSSL [29] + o doh: remove redundant cast [20] + o file2memory: use a define instead of -1 unsigned value [30] + o ftp: don't do ssl_shutdown instead of ssl_close [85] + o ftpserver: don't verify SMTP MAIL FROM names [8] + o getinfo: reset retry-after value in initinfo [51] + o gnutls: repair the build with `CURL_DISABLE_PROXY` [5] + o gtls: survive not being able to get name/issuer [73] + o h2: repair trailer handling [81] + o http2: close the http2 connection when no more requests may be sent [7] + o http2: fix nghttp2_strerror -> nghttp2_http2_strerror in debug messages [11] + o libssh2: s/ssherr/sftperr/ [78] + o libtest/Makefile.am: add -no-undefined for libstubgss for Cygwin [91] + o md(4|5): don't use deprecated macOS functions [23] + o mprintf: Fix dollar string handling [54] + o mprintf: Fix stack overflows [53] + o multi: Condition 'extrawait' is always true [60] + o multi: Remove 10-year old out-commented code [97] + o multi: remove two checks always true [36] + o multi: update comment to say easyp list is linear [44] + o multi_remove_handle: close unused connect-only connections [62] + o ngtcp2: adapt to error code rename [69] + o ngtcp2: adjust to recent sockaddr updates [27] + o ngtcp2: update to modified qlog callback prototype [14] + o nss: fix build with disabled proxy support [32] + o ntlm: free target_info before (re-)malloc [55] + o openssl: fix build with LibreSSL < 2.9.1 [61] + o page-header: provide protocol details in the curl.1 man page [28] + o quiche: handle calling disconnect twice [50] + o runtests.pl: treat LibreSSL and BoringSSL as OpenSSL [59] + o runtests: move the gnutls-serv tests to a dynamic port [74] + o runtests: move the smbserver to use a dynamic port number [71] + o runtests: move the TELNET server to a dynamic port [68] + o runtests: run the DICT server on a random port number [90] + o runtests: run the http2 tests on a random port number [72] + o runtests: support dynamicly base64 encoded sections in tests [75] + o setopt: unset NOBODY switches to GET if still HEAD [47] + o smtp_parse_address: handle blank input string properly [89] + o socks: use size_t for size variable [39] + o strdup: remove the odd strlen check [24] + o test1119: verify stdout in the test [33] + o test1139: make it display the difference on test failures + o test1140: compare stdout [93] + o test1908: treat file as text [83] + o tests/FILEFORMAT.md: mention %HTTP2PORT + o tests/sshserver.pl: fix compatibility with OpenSSH for Windows + o TLS naming: fix more Winssl and Darwinssl leftovers [88] + o tls-max.d: this option is only for TLS-using connections [45] + o tlsv1.3.d. only for TLS-using connections [37] + o tool_doswin: Simplify Windows version detection [57] + o tool_getparam: make --krb option work again [10] + o TrackMemory tests: ignore realloc and free in getenv.c [84] + o transfer: fix data_pending for builds with both h2 and h3 enabled [41] + o transfer: fix memory-leak with CURLOPT_CURLU in a duped handle [15] + o transfer: move retrycount from connect struct to easy handle [77] + o travis/script.sh: fix use of `-n' with unquoted envvar [80] + o travis: add ppc64le and s390x builds [65] + o travis: update quiche builds for new boringssl layout [25] + o url: fix CURLU and location following [70] + o url: silence MSVC warning [12] + o util: silence conversion warnings [22] + o win32: Add Curl_verify_windows_version() to curlx [58] + o WIN32: stop forcing narrow-character API [52] + o windows: add unicode to feature list [35] + o windows: disable Unix Sockets for old mingw [82] This release includes the following known bugs: @@ -34,30 +122,121 @@ This release includes the following known bugs: This release would not have looked like this without help, code, reports and advice from friends like these: - Alexandre Pion, Baruch Siach, coinhubs on github, Daniel Stenberg, - Denis Baručić, Gergely Nagy, Javier Blazquez, Jonathan Cardoso Machado, - Jon Johnson Jr, Kristoffer Gleditsch, Lucien Zürcher, Nicolas Sterchele, - qiandu2006 on github, Ray Satiro, Siva Sivaraman, tmkk on github, - (16 contributors) + Alessandro Ghedini, Alex Kiernan, Baruch Siach, Bevan Weiss, Brian Inglis, + BrumBrum on hackerone, Cameron Cawley, Carlo Marcelo Arenas Belón, + causal-agent on github, Cherish98 on github, Dan Fandrich, Daniel Gustafsson, + Daniel Stenberg, Denis Goleshchikhin, divinity76 on github, Ehren Bendler, + Emil Engler, Erik Johansson, Filip Salomonsson, Gilles Vollant, Gisle Vanem, + H3RSKO on github, ihsinme on github, Jeremy Maitin-Shepard, + joey-l-us on github, Jonathan Cardoso Machado, Jonathan Nieder, Kamil Dudka, + Ken Brown, Laramie Leavitt, lilongyan-huawei on github, Marc Aldorasi, + Marcel Raad, Marc Hörsken, Masaya Suzuki, Matthias Naegler, + Nicolas Sterchele, NobodyXu on github, Peter Wu, ramsay-jones on github, + Rasmus Melchior Jacobsen, Ray Satiro, sspiri on github, Stefan Yohansson, + Tadej Vengust, Tatsuhiro Tsujikawa, tbugfinder on github, + Thomas M. DuBuisson, Tobias Stoeckmann, Tomas Berger, Viktor Szakats, + xwxbug on github, + (52 contributors) Thanks! (and sorry if I forgot to mention someone) References to bug reports and discussions on issues: - [1] = https://curl.haxx.se/bug/?i=5598 - [2] = https://curl.haxx.se/bug/?i=5599 - [3] = https://curl.haxx.se/bug/?i=5613 - [4] = https://curl.haxx.se/bug/?i=5612 - [5] = https://curl.haxx.se/bug/?i=5607 - [6] = https://curl.haxx.se/bug/?i=5631 - [7] = https://curl.haxx.se/bug/?i=5615 - [8] = https://curl.haxx.se/bug/?i=5582 - [9] = https://curl.haxx.se/bug/?i=5589 - [10] = https://curl.haxx.se/bug/?i=5606 - [11] = https://curl.haxx.se/bug/?i=5601 - [12] = https://curl.haxx.se/bug/?i=5412 - [13] = https://curl.haxx.se/bug/?i=5594 - [14] = https://curl.haxx.se/bug/?i=5628 - [15] = https://curl.haxx.se/bug/?i=5624 - [16] = https://curl.haxx.se/bug/?i=5622 - [17] = https://curl.haxx.se/bug/?i=5617 + [1] = https://curl.haxx.se/bug/?i=5453 + [2] = https://curl.haxx.se/bug/?i=5668 + [3] = https://curl.haxx.se/bug/?i=5655 + [4] = https://curl.haxx.se/bug/?i=5716 + [5] = https://curl.haxx.se/bug/?i=5645 + [6] = https://curl.haxx.se/bug/?i=5656 + [7] = https://curl.haxx.se/bug/?i=5643 + [8] = https://curl.haxx.se/bug/?i=5639 + [9] = https://curl.haxx.se/bug/?i=5642 + [10] = https://bugzilla.redhat.com/1833193 + [11] = https://curl.haxx.se/bug/?i=5641 + [12] = https://curl.haxx.se/bug/?i=5638 + [13] = https://curl.haxx.se/bug/?i=5662 + [14] = https://curl.haxx.se/bug/?i=5675 + [15] = https://curl.haxx.se/bug/?i=5665 + [16] = https://curl.haxx.se/bug/?i=5666 + [17] = https://curl.haxx.se/bug/?i=5714 + [18] = https://curl.haxx.se/bug/?i=5744 + [19] = https://curl.haxx.se/bug/?i=5706 + [20] = https://curl.haxx.se/bug/?i=5704 + [21] = https://curl.haxx.se/bug/?i=5694 + [22] = https://curl.haxx.se/bug/?i=5695 + [23] = https://curl.haxx.se/bug/?i=5695 + [24] = https://curl.haxx.se/bug/?i=5697 + [25] = https://curl.haxx.se/bug/?i=5691 + [26] = https://curl.haxx.se/bug/?i=5689 + [27] = https://curl.haxx.se/bug/?i=5690 + [28] = https://curl.haxx.se/bug/?i=5679 + [29] = https://curl.haxx.se/bug/?i=5688 + [30] = https://curl.haxx.se/bug/?i=5683 + [31] = https://curl.haxx.se/bug/?i=5636 + [32] = https://curl.haxx.se/bug/?i=5667 + [33] = https://curl.haxx.se/bug/?i=5644 + [34] = https://curl.haxx.se/bug/?i=5511 + [35] = https://curl.haxx.se/bug/?i=5491 + [36] = https://curl.haxx.se/bug/?i=5676 + [37] = https://curl.haxx.se/bug/?i=5764 + [38] = https://curl.haxx.se/bug/?i=5659 + [39] = https://curl.haxx.se/bug/?i=5654 + [40] = https://curl.haxx.se/bug/?i=5732 + [41] = https://curl.haxx.se/bug/?i=5734 + [42] = https://github.com/curl/curl/commit/61a08508f6a458fe21bbb18cd2a9bac2f039452b#commitcomment-40941232 + [43] = https://hackerone.com/reports/926638 + [44] = https://curl.haxx.se/bug/?i=5737 + [45] = https://curl.haxx.se/bug/?i=5764 + [46] = https://curl.haxx.se/bug/?i=5729 + [47] = https://curl.haxx.se/bug/?i=5725 + [48] = https://curl.haxx.se/bug/?i=5605 + [49] = https://curl.haxx.se/bug/?i=5720 + [50] = https://curl.haxx.se/bug/?i=5726 + [51] = https://curl.haxx.se/bug/?i=5661 + [52] = https://curl.haxx.se/bug/?i=5658 + [53] = https://curl.haxx.se/bug/?i=5722 + [54] = https://curl.haxx.se/bug/?i=5722 + [55] = https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24379 + [56] = https://curl.haxx.se/bug/?i=5723 + [57] = https://curl.haxx.se/bug/?i=5754 + [58] = https://curl.haxx.se/bug/?i=5754 + [59] = https://curl.haxx.se/bug/?i=5762 + [60] = https://curl.haxx.se/bug/?i=5759 + [61] = https://curl.haxx.se/bug/?i=5757 + [62] = https://curl.haxx.se/bug/?i=5749 + [63] = https://curl.haxx.se/bug/?i=5715 + [64] = https://curl.haxx.se/bug/?i=5701 + [65] = https://curl.haxx.se/bug/?i=5752 + [66] = https://curl.haxx.se/bug/?i=5708 + [67] = https://curl.haxx.se/bug/?i=5721 + [68] = https://curl.haxx.se/bug/?i=5785 + [69] = https://curl.haxx.se/bug/?i=5786 + [70] = https://curl.haxx.se/bug/?i=5709 + [71] = https://curl.haxx.se/bug/?i=5782 + [72] = https://curl.haxx.se/bug/?i=5779 + [73] = https://curl.haxx.se/bug/?i=5778 + [74] = https://curl.haxx.se/bug/?i=5778 + [75] = https://curl.haxx.se/bug/?i=5761 + [76] = https://curl.haxx.se/bug/?i=5777 + [77] = https://curl.haxx.se/bug/?i=5794 + [78] = https://github.com/curl/curl/commit/7370b4e39f1390e701f5b68d910c619151daf72b#r41334700 + [79] = https://curl.haxx.se/bug/?i=5772 + [80] = https://curl.haxx.se/bug/?i=5773 + [81] = https://curl.haxx.se/bug/?i=5663 + [82] = https://curl.haxx.se/bug/?i=5674 + [83] = https://curl.haxx.se/bug/?i=5767 + [84] = https://curl.haxx.se/bug/?i=5767 + [85] = https://curl.haxx.se/bug/?i=5797 + [86] = https://curl.haxx.se/bug/?i=5822 + [87] = https://curl.haxx.se/bug/?i=5817 + [88] = https://curl.haxx.se/bug/?i=5795 + [89] = https://curl.haxx.se/bug/?i=5792 + [90] = https://curl.haxx.se/bug/?i=5783 + [91] = https://curl.haxx.se/bug/?i=5819 + [92] = https://curl.haxx.se/bug/?i=5788 + [93] = https://curl.haxx.se/bug/?i=5814 + [94] = https://curl.haxx.se/bug/?i=5812 + [95] = https://curl.haxx.se/bug/?i=5811 + [96] = https://curl.haxx.se/bug/?i=5793 + [97] = https://curl.haxx.se/bug/?i=5805 + [98] = https://curl.haxx.se/docs/CVE-2020-8231.html diff --git a/appveyor.yml b/appveyor.yml index c810e456a..e34784159 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -30,7 +30,7 @@ environment: PRJ_GEN: "Visual Studio 9 2008" PRJ_CFG: Release OPENSSL: OFF - WINSSL: ON + SCHANNEL: ON HTTP_ONLY: OFF TESTING: OFF SHARED: ON @@ -42,7 +42,7 @@ environment: TARGET: "-A x64" PRJ_CFG: Release OPENSSL: ON - WINSSL: OFF + SCHANNEL: OFF HTTP_ONLY: OFF TESTING: OFF SHARED: ON @@ -54,7 +54,7 @@ environment: TARGET: "-A ARM64" PRJ_CFG: Release OPENSSL: OFF - WINSSL: ON + SCHANNEL: ON HTTP_ONLY: OFF TESTING: OFF SHARED: OFF @@ -66,7 +66,7 @@ environment: PRJ_GEN: "Visual Studio 10 2010 Win64" PRJ_CFG: Debug OPENSSL: OFF - WINSSL: OFF + SCHANNEL: OFF HTTP_ONLY: OFF TESTING: ON SHARED: OFF @@ -78,7 +78,7 @@ environment: TARGET: "-A x64" PRJ_CFG: Debug OPENSSL: OFF - WINSSL: ON + SCHANNEL: ON HTTP_ONLY: OFF TESTING: ON SHARED: OFF @@ -90,7 +90,7 @@ environment: TARGET: "-A x64" PRJ_CFG: Debug OPENSSL: OFF - WINSSL: OFF + SCHANNEL: OFF HTTP_ONLY: OFF TESTING: ON SHARED: OFF @@ -102,7 +102,7 @@ environment: TARGET: "-A x64" PRJ_CFG: Debug OPENSSL: OFF - WINSSL: OFF + SCHANNEL: OFF HTTP_ONLY: ON TESTING: ON SHARED: OFF @@ -114,7 +114,7 @@ environment: PRJ_GEN: "MSYS Makefiles" PRJ_CFG: Debug OPENSSL: OFF - WINSSL: ON + SCHANNEL: ON HTTP_ONLY: OFF TESTING: ON SHARED: OFF @@ -127,7 +127,7 @@ environment: PRJ_GEN: "MSYS Makefiles" PRJ_CFG: Debug OPENSSL: OFF - WINSSL: ON + SCHANNEL: ON HTTP_ONLY: OFF TESTING: ON SHARED: OFF @@ -140,7 +140,7 @@ environment: PRJ_GEN: "MSYS Makefiles" PRJ_CFG: Debug OPENSSL: OFF - WINSSL: ON + SCHANNEL: ON HTTP_ONLY: OFF TESTING: ON SHARED: OFF @@ -153,7 +153,7 @@ environment: PRJ_GEN: "MSYS Makefiles" PRJ_CFG: Debug OPENSSL: OFF - WINSSL: OFF + SCHANNEL: OFF HTTP_ONLY: OFF TESTING: ON SHARED: OFF @@ -244,7 +244,7 @@ build_script: -G"%PRJ_GEN%" %TARGET% -DCMAKE_USE_OPENSSL=%OPENSSL% - -DCMAKE_USE_WINSSL=%WINSSL% + -DCMAKE_USE_SCHANNEL=%SCHANNEL% -DHTTP_ONLY=%HTTP_ONLY% -DBUILD_SHARED_LIBS=%SHARED% -DBUILD_TESTING=%TESTING% @@ -294,5 +294,5 @@ branches: artifacts: - path: '**/curl.exe' name: curl - - path: '**/libcurl.dll' + - path: '**/*curl*.dll' name: libcurl @@ -25,7 +25,7 @@ # die prints argument string to stdout and exits this shell script. # die(){ - echo "buildconf: $@" + echo "buildconf: $*" exit 1 } @@ -353,6 +353,7 @@ if test -f m4/libtool.m4; then fi echo "buildconf: running aclocal" +#shellcheck disable=SC2154 ${ACLOCAL:-aclocal} -I m4 $ACLOCAL_FLAGS || die "aclocal command failed" echo "buildconf: converting all mv to mv -f in local aclocal.m4" @@ -364,13 +365,6 @@ ${AUTOHEADER:-autoheader} || die "autoheader command failed" echo "buildconf: running autoconf" ${AUTOCONF:-autoconf} || die "autoconf command failed" -if test -d ares; then - cd ares - echo "buildconf: running in ares" - ./buildconf - cd .. -fi - echo "buildconf: running automake" ${AUTOMAKE:-automake} --add-missing --copy || die "automake command failed" diff --git a/configure.ac b/configure.ac index cddd3303a..fb8fe15df 100755 --- a/configure.ac +++ b/configure.ac @@ -147,6 +147,7 @@ dnl initialize all the info variables curl_ssh_msg="no (--with-{libssh,libssh2})" curl_zlib_msg="no (--with-zlib)" curl_brotli_msg="no (--with-brotli)" + curl_zstd_msg="no (--with-zstd)" curl_gss_msg="no (--with-gssapi)" curl_tls_srp_msg="no (--enable-tls-srp)" curl_res_msg="default (--enable-ares / --enable-threaded-resolver)" @@ -1197,6 +1198,93 @@ if test X"$OPT_BROTLI" != Xno; then fi dnl ********************************************************************** +dnl Check for libzstd +dnl ********************************************************************** + +dnl Default to compiler & linker defaults for libzstd +OPT_ZSTD=off +AC_ARG_WITH(zstd,dnl +AC_HELP_STRING([--with-zstd=PATH],[Where to look for libzstd, PATH points to the libzstd installation; when possible, set the PKG_CONFIG_PATH environment variable instead of using this option]) +AC_HELP_STRING([--without-zstd], [disable libzstd]), + OPT_ZSTD=$withval) + +if test X"$OPT_ZSTD" != Xno; then + dnl backup the pre-zstd variables + CLEANLDFLAGS="$LDFLAGS" + CLEANCPPFLAGS="$CPPFLAGS" + CLEANLIBS="$LIBS" + + case "$OPT_ZSTD" in + yes) + dnl --with-zstd (without path) used + CURL_CHECK_PKGCONFIG(libzstd) + + if test "$PKGCONFIG" != "no" ; then + LIB_ZSTD=`$PKGCONFIG --libs-only-l libzstd` + LD_ZSTD=`$PKGCONFIG --libs-only-L libzstd` + CPP_ZSTD=`$PKGCONFIG --cflags-only-I libzstd` + version=`$PKGCONFIG --modversion libzstd` + DIR_ZSTD=`echo $LD_ZSTD | $SED -e 's/-L//'` + fi + + ;; + off) + dnl no --with-zstd option given, just check default places + ;; + *) + dnl use the given --with-zstd spot + PREFIX_ZSTD=$OPT_ZSTD + ;; + esac + + dnl if given with a prefix, we set -L and -I based on that + if test -n "$PREFIX_ZSTD"; then + LIB_ZSTD="-lzstd" + LD_ZSTD=-L${PREFIX_ZSTD}/lib$libsuff + CPP_ZSTD=-I${PREFIX_ZSTD}/include + DIR_ZSTD=${PREFIX_ZSTD}/lib$libsuff + fi + + LDFLAGS="$LDFLAGS $LD_ZSTD" + CPPFLAGS="$CPPFLAGS $CPP_ZSTD" + LIBS="$LIB_ZSTD $LIBS" + + AC_CHECK_LIB(zstd, ZSTD_createDStream) + + AC_CHECK_HEADERS(zstd.h, + curl_zstd_msg="enabled (libzstd)" + HAVE_ZSTD=1 + AC_DEFINE(HAVE_ZSTD, 1, [if libzstd is in use]) + AC_SUBST(HAVE_ZSTD, [1]) + ) + + if test X"$OPT_ZSTD" != Xoff && + test "$HAVE_ZSTD" != "1"; then + AC_MSG_ERROR([libzstd was not found where specified!]) + fi + + if test "$HAVE_ZSTD" = "1"; then + if test -n "$DIR_ZSTD"; then + dnl when the zstd shared lib were found in a path that the run-time + dnl linker doesn't search through, we need to add it to + dnl CURL_LIBRARY_PATH to prevent further configure tests to fail due to + dnl this + + if test "x$cross_compiling" != "xyes"; then + CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$DIR_ZSTD" + export CURL_LIBRARY_PATH + AC_MSG_NOTICE([Added $DIR_ZSTD to CURL_LIBRARY_PATH]) + fi + fi + else + dnl no zstd, revert back to clean variables + LDFLAGS=$CLEANLDFLAGS + CPPFLAGS=$CLEANCPPFLAGS + LIBS=$CLEANLIBS + fi +fi + +dnl ********************************************************************** dnl Check for LDAP dnl ********************************************************************** @@ -1606,29 +1694,29 @@ dnl ------------------------------------------------- dnl check winssl option before other SSL libraries dnl ------------------------------------------------- -OPT_WINSSL=no +OPT_SCHANNEL=no AC_ARG_WITH(winssl,dnl AC_HELP_STRING([--with-winssl],[enable Windows native SSL/TLS]) AC_HELP_STRING([--without-winssl], [disable Windows native SSL/TLS]), - OPT_WINSSL=$withval) + OPT_SCHANNEL=$withval) AC_ARG_WITH(schannel,dnl AC_HELP_STRING([--with-schannel],[enable Windows native SSL/TLS]) AC_HELP_STRING([--without-schannel], [disable Windows native SSL/TLS]), - OPT_WINSSL=$withval) + OPT_SCHANNEL=$withval) AC_MSG_CHECKING([whether to enable Windows native SSL/TLS (Windows native builds only)]) -if test -z "$ssl_backends" -o "x$OPT_WINSSL" != xno; then +if test -z "$ssl_backends" -o "x$OPT_SCHANNEL" != xno; then ssl_msg= - if test "x$OPT_WINSSL" != "xno" && + if test "x$OPT_SCHANNEL" != "xno" && test "x$curl_cv_native_windows" = "xyes"; then AC_MSG_RESULT(yes) AC_DEFINE(USE_SCHANNEL, 1, [to enable Windows native SSL/TLS support]) AC_SUBST(USE_SCHANNEL, [1]) ssl_msg="Windows-native" test schannel != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes - WINSSL_ENABLED=1 - # --with-winssl implies --enable-sspi + SCHANNEL_ENABLED=1 + # --with-schannel implies --enable-sspi AC_DEFINE(USE_WINDOWS_SSPI, 1, [to enable SSPI support]) AC_SUBST(USE_WINDOWS_SSPI, [1]) curl_sspi_msg="enabled" @@ -2380,6 +2468,7 @@ if test -z "$ssl_backends" -o "x$OPT_WOLFSSL" != xno; then OPT_WOLFSSL="" fi + dnl try pkg-config magic CURL_CHECK_PKGCONFIG(wolfssl, [$wolfpkg]) AC_MSG_NOTICE([Check dir $wolfpkg]) @@ -2398,9 +2487,12 @@ if test -z "$ssl_backends" -o "x$OPT_WOLFSSL" != xno; then wolfssllibpath=`echo $addld | $SED -e 's/^-L//'` else addlib=-lwolfssl - addld=-L$OPT_WOLFSSL/lib$libsuff - addcflags=-I$OPT_WOLFSSL/include - wolfssllibpath=$OPT_WOLFSSL/lib$libsuff + dnl use system defaults if user does not supply a path + if test -n "$OPT_WOLFSSL"; then + addld=-L$OPT_WOLFSSL/lib$libsuff + addcflags=-I$OPT_WOLFSSL/include + wolfssllibpath=$OPT_WOLFSSL/lib$libsuff + fi fi if test "x$USE_WOLFSSL" != "xyes"; then @@ -2452,7 +2544,7 @@ if test -z "$ssl_backends" -o "x$OPT_WOLFSSL" != xno; then dnl wolfssl/ctaocrypt/types.h needs SIZEOF_LONG_LONG defined! AX_COMPILE_CHECK_SIZEOF(long long) - LIBS="-lwolfssl -lm $LIBS" + LIBS="$addlib -lm $LIBS" dnl Recent WolfSSL versions build without SSLv3 by default dnl WolfSSL needs configure --enable-opensslextra to have *get_peer* @@ -2464,12 +2556,19 @@ if test -z "$ssl_backends" -o "x$OPT_WOLFSSL" != xno; then dnl if this symbol is present, we want the include path to include the dnl OpenSSL API root as well - AC_CHECK_FUNC(wolfSSL_DES_set_odd_parity, + AC_CHECK_FUNC(wolfSSL_DES_ecb_encrypt, [ - AC_DEFINE(HAVE_WOLFSSL_DES_SET_ODD_PARITY, 1, - [if you have wolfSSL_DES_set_odd_parity]) - CPPFLAGS="$addcflags/wolfssl $CPPFLAGS" - AC_MSG_NOTICE([Add $addcflags/wolfssl to CPPFLAGS]) + AC_DEFINE(HAVE_WOLFSSL_DES_ECB_ENCRYPT, 1, + [if you have wolfSSL_DES_ecb_encrypt]) + if test -n "$addcflags"; then + CPPFLAGS="$addcflags/wolfssl $CPPFLAGS" + AC_MSG_NOTICE([Add $addcflags/wolfssl to CPPFLAGS]) + else + dnl user didn't give a path, so guess/hope they installed wolfssl + dnl headers to system default location + CPPFLAGS="-I$includedir/wolfssl $CPPFLAGS" + AC_MSG_NOTICE([Add $includedir/wolfssl to CPPFLAGS]) + fi WOLFSSL_NTLM=1 ] ) @@ -2807,7 +2906,7 @@ if test -z "$ssl_backends" -o "x$OPT_NSS" != xno; then test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg" fi -case "x$OPENSSL_ENABLED$GNUTLS_ENABLED$NSS_ENABLED$MBEDTLS_ENABLED$WOLFSSL_ENABLED$WINSSL_ENABLED$SECURETRANSPORT_ENABLED$MESALINK_ENABLED$BEARSSL_ENABLED$AMISSL_ENABLED" in +case "x$OPENSSL_ENABLED$GNUTLS_ENABLED$NSS_ENABLED$MBEDTLS_ENABLED$WOLFSSL_ENABLED$SCHANNEL_ENABLED$SECURETRANSPORT_ENABLED$MESALINK_ENABLED$BEARSSL_ENABLED$AMISSL_ENABLED" in x) AC_MSG_WARN([SSL disabled, you will not be able to use HTTPS, FTPS, NTLM and more.]) AC_MSG_WARN([Use --with-ssl, --with-gnutls, --with-wolfssl, --with-mbedtls, --with-nss, --with-schannel, --with-secure-transport, --with-mesalink, --with-amissl or --with-bearssl to address this.]) @@ -3278,7 +3377,7 @@ AC_HELP_STRING([--disable-versioned-symbols], [Disable versioned symbols in shar versioned_symbols_flavour="NSS_" elif test "x$WOLFSSL_ENABLED" = "x1"; then versioned_symbols_flavour="WOLFSSL_" - elif test "x$WINSSL_ENABLED" = "x1"; then + elif test "x$SCHANNEL_ENABLED" = "x1"; then versioned_symbols_flavour="SCHANNEL_" elif test "x$SECURETRANSPORT_ENABLED" = "x1"; then versioned_symbols_flavour="SECURE_TRANSPORT_" @@ -4571,16 +4670,16 @@ AC_HELP_STRING([--disable-sspi],[Disable SSPI]), fi ;; *) - if test "x$WINSSL_ENABLED" = "x1"; then - # --with-winssl implies --enable-sspi + if test "x$SCHANNEL_ENABLED" = "x1"; then + # --with-schannel implies --enable-sspi AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) fi ;; esac ], - if test "x$WINSSL_ENABLED" = "x1"; then - # --with-winssl implies --enable-sspi + if test "x$SCHANNEL_ENABLED" = "x1"; then + # --with-schannel implies --enable-sspi AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) @@ -4929,6 +5028,9 @@ fi if test "x$HAVE_BROTLI" = "x1"; then SUPPORT_FEATURES="$SUPPORT_FEATURES brotli" fi +if test "x$HAVE_ZSTD" = "x1"; then + SUPPORT_FEATURES="$SUPPORT_FEATURES zstd" +fi if test "x$USE_ARES" = "x1" -o "x$USE_THREADS_POSIX" = "x1" \ -o "x$USE_THREADS_WIN32" = "x1"; then SUPPORT_FEATURES="$SUPPORT_FEATURES AsynchDNS" @@ -5001,6 +5103,10 @@ if test "x$ESNI_ENABLED" = "x1"; then SUPPORT_FEATURES="$SUPPORT_FEATURES ESNI" fi +dnl replace spaces with newlines +dnl sort the lines +dnl replace the newlines back to spaces +SUPPORT_FEATURES=`echo $SUPPORT_FEATURES | tr ' ' '\012' | sort | tr '\012' ' '` AC_SUBST(SUPPORT_FEATURES) dnl For supported protocols in pkg-config file @@ -5167,6 +5273,7 @@ AC_MSG_NOTICE([Configured to build gnurl/libgnurl: SSH: ${curl_ssh_msg} zlib: ${curl_zlib_msg} brotli: ${curl_brotli_msg} + zstd: ${curl_zstd_msg} GSS-API: ${curl_gss_msg} TLS-SRP: ${curl_tls_srp_msg} resolver: ${curl_res_msg} diff --git a/docs/CONTRIBUTE.md b/docs/CONTRIBUTE.md index 978b87d27..3d4bf49e0 100644 --- a/docs/CONTRIBUTE.md +++ b/docs/CONTRIBUTE.md @@ -108,7 +108,7 @@ submit a small description of your fix or your new features with every contribution so that it can be swiftly added to the package documentation. The documentation is always made in man pages (nroff formatted) or plain -ASCII files. All HTML files on the web site and in the release archives are +ASCII files. All HTML files on the website and in the release archives are generated from the nroff/ASCII versions. ### Test Cases @@ -200,6 +200,16 @@ A short guide to how to write commit messages in the curl project. [whatever-else-by: credit all helpers, finders, doers] ---- stop ---- +The first line is a succinct description of the change: + + - use the imperative, present tense: "change" not "changed" nor "changes" + - don't capitalize first letter + - no dot (.) at the end + +The `[area]` in the first line can be `http2`, `cookies`, `openssl` or +similar. There's no fixed list to select from but using the same "area" as +other related changes could make sense. + Don't forget to use commit --author="" if you commit someone else's work, and make sure that you have your own user and email setup correctly in git before you commit @@ -265,3 +275,6 @@ For Windows: - [https://gnuwin32.sourceforge.io/packages/patch.htm](https://gnuwin32.sourceforge.io/packages/patch.htm) - [https://gnuwin32.sourceforge.io/packages/diffutils.htm](https://gnuwin32.sourceforge.io/packages/diffutils.htm) + +### Useful resources +* [Webinar on getting code into cURL](https://www.youtube.com/watch?v=QmZ3W1d6LQI) @@ -189,7 +189,7 @@ FAQ curl's development, have we intended curl to replace wget or compete on its market. Curl is targeted at single-shot file transfers. - Curl is not a web site mirroring program. If you want to use curl to mirror + Curl is not a website mirroring program. If you want to use curl to mirror something: fine, go ahead and write a script that wraps around curl to make it reality (like curlmirror.pl does). @@ -253,7 +253,7 @@ FAQ up to each company and developer. This is not controlled by nor supervised in any way by the project. - We still get help from companies. Haxx provides web site, bandwidth, mailing + We still get help from companies. Haxx provides website, bandwidth, mailing lists etc, GitHub hosts the primary git repository and other services like the bug tracker at https://github.com/curl/curl. Also again, some companies have sponsored certain parts of the development in the past and I hope some @@ -302,7 +302,7 @@ FAQ curl is fully open source. It means you can hire any skilled engineer to fix your curl-related problems. - We list available alternatives on the curl web site: + We list available alternatives on the curl website: https://curl.haxx.se/support.html 1.10 How many are using curl? @@ -458,7 +458,7 @@ FAQ Curl can be built with OpenSSL to do the SSL stuff. The LIBEAY32.DLL is then what curl needs on a windows machine to do https:// etc. Check out the curl - web site to find accurate and up-to-date pointers to recent OpenSSL DLLs and + website to find accurate and up-to-date pointers to recent OpenSSL DLLs and other binary packages. 2.4 Does curl support SOCKS (RFC 1928) ? @@ -563,7 +563,7 @@ FAQ a language, you may prefer to use one of these interfaces instead. Find out more about which languages that support curl directly, and how to - install and use them, in the libcurl section of the curl web site: + install and use them, in the libcurl section of the curl website: https://curl.haxx.se/libcurl/ All the various bindings to libcurl are made by other projects and people, @@ -724,7 +724,7 @@ FAQ 3.19 How do I get HTTP from a host using a specific IP address? - For example, you may be trying out a web site installation that isn't yet in + For example, you may be trying out a website installation that isn't yet in the DNS. Or you have a site using multiple IP addresses for a given host name and you want to address a specific one out of the set. diff --git a/docs/FEATURES b/docs/FEATURES index 1d23fccbf..35b26e1b2 100644 --- a/docs/FEATURES +++ b/docs/FEATURES @@ -194,7 +194,7 @@ FOOTNOTES currently supported *5 = requires nghttp2 and possibly a recent TLS library *6 = requires c-ares - *7 = requires OpenSSL, NSS, GSKit, WinSSL or Secure Transport; GnuTLS, for + *7 = requires OpenSSL, NSS, GSKit, Schannel or Secure Transport; GnuTLS, for example, only supports SSLv3 and TLSv1 *8 = requires libssh2 *9 = requires OpenSSL, GnuTLS, mbedTLS, NSS, yassl, Secure Transport or SSPI diff --git a/docs/GOVERNANCE.md b/docs/GOVERNANCE.md index 30df155b5..a4c006fbe 100644 --- a/docs/GOVERNANCE.md +++ b/docs/GOVERNANCE.md @@ -50,7 +50,7 @@ services and paying for people to work on curl related code etc. Usually, such donations are services paid for directly by the sponsors. We grade sponsors in a few different levels and if they meet the criteria, -they can be mentioned on the Sponsors page on the curl web site. +they can be mentioned on the Sponsors page on the curl website. ## Commercial Support @@ -103,7 +103,7 @@ Feltzing serve as backup admins for when Daniel is gone or unable. The primary server is paid for by Haxx. The machine is physically located in a server bunker in Stockholm Sweden, operated by the company Portlane. -The web site contents are served to the web via Fastly and Daniel is the +The website contents are served to the web via Fastly and Daniel is the primary curl contact with Fastly. ### BDFL diff --git a/docs/HISTORY.md b/docs/HISTORY.md index a628d0509..4c0499f71 100644 --- a/docs/HISTORY.md +++ b/docs/HISTORY.md @@ -58,7 +58,7 @@ OpenSSL took over and SSLeay was abandoned. May: first Debian package. -August: LDAP:// and FILE:// support added. The curl web site gets 1300 visits +August: LDAP:// and FILE:// support added. The curl website gets 1300 visits weekly. Moved site to curl.haxx.nu. September: Released curl 6.0. 15000 lines of code. @@ -77,7 +77,7 @@ other software and programs to be based on and powered by libcurl. Almost June: the curl site moves to "curl.haxx.se" -August, the curl web site gets 4000 visits weekly. +August, the curl website gets 4000 visits weekly. The PHP guys adopted libcurl already the same month, when the first ever third party libcurl binding showed up. CURL has been a supported module in PHP since @@ -106,7 +106,7 @@ The first experimental ftps:// support was added. August: curl is bundled in Mac OS X, 10.1. It was already becoming more and more of a standard utility of Linux distributions and a regular in the BSD -ports collections. The curl web site gets 8000 visits weekly. Curl Corporation +ports collections. The curl website gets 8000 visits weekly. Curl Corporation contacted Daniel to discuss "the name issue". After Daniel's reply, they have never since got back in touch again. @@ -117,7 +117,7 @@ without many whistles. 2002 ---- -June: the curl web site gets 13000 visits weekly. curl and libcurl is +June: the curl website gets 13000 visits weekly. curl and libcurl is 35000 lines of code. Reported successful compiles on more than 40 combinations of CPUs and operating systems. @@ -162,7 +162,7 @@ August: Curl and libcurl 7.12.1 Available command line options: 96 Available curl_easy_setopt() options: 120 Number of public functions in libcurl: 36 - Amount of public web site mirrors: 12 + Amount of public website mirrors: 12 Number of known libcurl bindings: 26 2005 @@ -175,7 +175,7 @@ April: Added the multi_socket() API September: TFTP support was added. -More than 100,000 unique visitors of the curl web site. 25 mirrors. +More than 100,000 unique visitors of the curl website. 25 mirrors. December: security vulnerability: libcurl URL Buffer Overflow @@ -283,7 +283,7 @@ April: added the cyassl backend (later renamed to WolfSSL) March: first real release supporting HTTP/2 - September: Web site had 245,000 unique visitors and served 236GB data + September: Website had 245,000 unique visitors and served 236GB data SMB and SMBS support @@ -312,7 +312,7 @@ April: added the cyassl backend (later renamed to WolfSSL) September: Added Multi-SSL support - The web site serves 3100 GB/month + The website serves 3100 GB/month Public curl releases: 169 Command line options: 211 diff --git a/docs/HTTP-COOKIES.md b/docs/HTTP-COOKIES.md index 31af9f6d9..de9d1de68 100644 --- a/docs/HTTP-COOKIES.md +++ b/docs/HTTP-COOKIES.md @@ -129,6 +129,6 @@ Since curl and libcurl are plain HTTP clients without any knowledge of or capability to handle javascript, such cookies will not be detected or used. - Often, if you want to mimic what a browser does on such web sites, you can + Often, if you want to mimic what a browser does on such websites, you can record web browser HTTP traffic when using such a site and then repeat the cookie operations using curl or libcurl. diff --git a/docs/HTTP3.md b/docs/HTTP3.md index e54e5d028..44381ae10 100644 --- a/docs/HTTP3.md +++ b/docs/HTTP3.md @@ -117,8 +117,8 @@ Build quiche and BoringSSL: % git clone --recursive https://github.com/cloudflare/quiche % cd quiche % cargo build --release --features pkg-config-meta,qlog - % mkdir deps/boringssl/lib - % ln -vnf $(find target/release -name libcrypto.a -o -name libssl.a) deps/boringssl/lib/ + % mkdir deps/boringssl/src/lib + % ln -vnf $(find target/release -name libcrypto.a -o -name libssl.a) deps/boringssl/src/lib/ Build curl: @@ -126,7 +126,7 @@ Build curl: % git clone https://github.com/curl/curl % cd curl % ./buildconf - % ./configure LDFLAGS="-Wl,-rpath,$PWD/../quiche/target/release" --with-ssl=$PWD/../quiche/deps/boringssl --with-quiche=$PWD/../quiche/target/release --enable-alt-svc + % ./configure LDFLAGS="-Wl,-rpath,$PWD/../quiche/target/release" --with-ssl=$PWD/../quiche/deps/boringssl/src --with-quiche=$PWD/../quiche/target/release --enable-alt-svc % make ## Run diff --git a/docs/INSTALL.cmake b/docs/INSTALL.cmake index c967b0851..828d9b9c5 100644 --- a/docs/INSTALL.cmake +++ b/docs/INSTALL.cmake @@ -24,8 +24,8 @@ Current flaws in the curl CMake build Missing features in the cmake build: - Builds libcurl without large file support - - Does not support all SSL libraries (only OpenSSL, WinSSL, DarwinSSL, and - mbed TLS, NSS, WolfSSL) + - Does not support all SSL libraries (only OpenSSL, Schannel, + Secure Transport, and mbed TLS, NSS, WolfSSL) - Doesn't allow different resolver backends (no c-ares build support) - No RTMP support built - Doesn't allow build curl and libcurl debug enabled diff --git a/docs/INSTALL.md b/docs/INSTALL.md index 63d41421b..33b439ec5 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -258,9 +258,9 @@ Windows you should choose another SSL backend such as OpenSSL. On modern Apple operating systems, curl can be built to use Apple's SSL/TLS implementation, Secure Transport, instead of OpenSSL. To build with Secure -Transport for SSL/TLS, use the configure option `--with-darwinssl`. (It is not -necessary to use the option `--without-ssl`.) This feature requires iOS 5.0 or -later, or OS X 10.5 ("Leopard") or later. +Transport for SSL/TLS, use the configure option `--with-secure-transport`. (It +is not necessary to use the option `--without-ssl`.) This feature requires iOS +5.0 or later, or OS X 10.5 ("Leopard") or later. When Secure Transport is in use, the curl options `--cacert` and `--capath` and their libcurl equivalents, will be ignored, because Secure Transport uses @@ -281,7 +281,7 @@ commands in curl's directory in the shell will build the code such that it will run on cats as old as OS X 10.6 ("Snow Leopard") (using bash): export MACOSX_DEPLOYMENT_TARGET="10.6" - ./configure --with-darwinssl + ./configure --with-secure-transport make # Android diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS index 606983bb8..e35172daf 100644 --- a/docs/KNOWN_BUGS +++ b/docs/KNOWN_BUGS @@ -25,13 +25,14 @@ problems may have been fixed or changed somewhat since this was written! 2. TLS 2.1 CURLINFO_SSL_VERIFYRESULT has limited support 2.2 DER in keychain - 2.4 DarwinSSL won't import PKCS#12 client certificates without a password + 2.4 Secure Transport won't import PKCS#12 client certificates without a password 2.5 Client cert handling with Issuer DN differs between backends 2.6 CURL_GLOBAL_SSL 2.7 Client cert (MTLS) issues with Schannel 2.8 Schannel disable CURLOPT_SSL_VERIFYPEER and verify hostname 2.9 TLS session cache doesn't work with TFO 2.10 Store TLS context per transfer instead of per connection + 2.11 Schannel TLS 1.2 handshake bug in old Windows versions 3. Email protocols 3.1 IMAP SEARCH ALL truncated response @@ -102,6 +103,7 @@ problems may have been fixed or changed somewhat since this was written! 11.8 DoH leaks memory after followlocation 11.9 DoH doesn't inherit all transfer options 11.10 Blocking socket operations in non-blocking API + 11.11 A shared connection cache is not thread-safe 12. LDAP and OpenLDAP 12.1 OpenLDAP hangs after returning results @@ -209,7 +211,7 @@ problems may have been fixed or changed somewhat since this was written! Curl doesn't recognize certificates in DER format in keychain, but it works with PEM. https://curl.haxx.se/bug/view.cgi?id=1065 -2.4 DarwinSSL won't import PKCS#12 client certificates without a password +2.4 Secure Transport won't import PKCS#12 client certificates without a password libcurl calls SecPKCS12Import with the PKCS#12 client certificate, but that function rejects certificates that do not have a password. @@ -275,6 +277,14 @@ problems may have been fixed or changed somewhat since this was written! https://github.com/curl/curl/issues/5102 +2.11 Schannel TLS 1.2 handshake bug in old Windows versions + + In old versions of Windows such as 7 and 8.1 the Schannel TLS 1.2 handshake + implementation likely has a bug that can rarely cause the key exchange to + fail, resulting in error SEC_E_BUFFER_TOO_SMALL or SEC_E_MESSAGE_ALTERED. + + https://github.com/curl/curl/issues/5488 + 3. Email protocols 3.1 IMAP SEARCH ALL truncated response @@ -462,12 +472,12 @@ problems may have been fixed or changed somewhat since this was written! 6.1 NTLM authentication and unicode NTLM authentication involving unicode user name or password only works - properly if built with UNICODE defined together with the WinSSL/Schannel + properly if built with UNICODE defined together with the Schannel backend. The original problem was mentioned in: https://curl.haxx.se/mail/lib-2009-10/0024.html https://curl.haxx.se/bug/view.cgi?id=896 - The WinSSL/Schannel version verified to work as mentioned in + The Schannel version verified to work as mentioned in https://curl.haxx.se/mail/lib-2012-07/0073.html 6.2 MIT Kerberos for Windows build @@ -744,6 +754,14 @@ problems may have been fixed or changed somewhat since this was written! The list of blocking socket operations is in TODO section "More non-blocking". +11.11 A shared connection cache is not thread-safe + + The share interface offers CURL_LOCK_DATA_CONNECT to have multiple easy + handle share a connection cache, but due to how connections are used they are + still not thread-safe when used shared. + + See https://github.com/curl/curl/issues/4915 + 12. LDAP and OpenLDAP 12.1 OpenLDAP hangs after returning results diff --git a/docs/MAIL-ETIQUETTE b/docs/MAIL-ETIQUETTE index 07660a001..9d210a655 100644 --- a/docs/MAIL-ETIQUETTE +++ b/docs/MAIL-ETIQUETTE @@ -170,7 +170,7 @@ MAIL ETIQUETTE send your email to. Your email as sent to a curl mailing list will end up in mail archives, on - the curl web site and elsewhere, for others to see and read. Today and in + the curl website and elsewhere, for others to see and read. Today and in the future. In addition to the archives, the mail is sent out to thousands of individuals. There is no way to undo a sent email. diff --git a/docs/README.md b/docs/README.md index 6ee42aad3..0521937d1 100644 --- a/docs/README.md +++ b/docs/README.md @@ -7,6 +7,6 @@ subdirectories, using several different formats. Some of them are not ideal for reading directly in your browser. If you'd rather see the rendered version of the documentation, check out the -curl web site's [documentation section](https://curl.haxx.se/docs/) for +curl website's [documentation section](https://curl.haxx.se/docs/) for general curl stuff or the [libcurl section](https://curl.haxx.se/libcurl/) for libcurl related documentation. diff --git a/docs/RELEASE-PROCEDURE.md b/docs/RELEASE-PROCEDURE.md index 8ab4e3f13..b53e5a397 100644 --- a/docs/RELEASE-PROCEDURE.md +++ b/docs/RELEASE-PROCEDURE.md @@ -42,7 +42,7 @@ in the curl-www repo - make sure all relevant changes are committed and pushed on the master branch - (the web site then updates its contents automatically) + (the website then updates its contents automatically) on github --------- @@ -95,13 +95,15 @@ Coming dates Based on the description above, here are some planned release dates (at the time of this writing): -- March 4, 2020 (7.69.0) -- April 29, 2020 -- June 24, 2020 -- August 19, 2020 +- August 19, 2020 (7.72.0) - October 14, 2020 - December 9, 2020 - February 3, 2021 +- March 31, 2021 +- May 26, 2021 +- July 21, 2021 +- September 15, 2021 +- November 10, 2021 The above (and more) curl-related dates are published in [iCalendar format](https://calendar.google.com/calendar/ical/c9u5d64odop9js55oltfarjk6g%40group.calendar.google.com/public/basic.ics) diff --git a/docs/SECURITY-PROCESS.md b/docs/SECURITY-PROCESS.md index e844a9a90..d2ac1fd84 100644 --- a/docs/SECURITY-PROCESS.md +++ b/docs/SECURITY-PROCESS.md @@ -8,7 +8,7 @@ Publishing Information ---------------------- All known and public curl or libcurl related vulnerabilities are listed on -[the curl web site security page](https://curl.haxx.se/docs/security.html). +[the curl website security page](https://curl.haxx.se/docs/security.html). Security vulnerabilities **should not** be entered in the project's public bug tracker. @@ -88,7 +88,7 @@ announcement. the same manner we always announce releases. It gets sent to the curl-announce, curl-library and curl-users mailing lists. -- The security web page on the web site should get the new vulnerability +- The security web page on the website should get the new vulnerability mentioned. curl-security (at haxx dot se) diff --git a/docs/SSLCERTS.md b/docs/SSLCERTS.md index fcbc4646e..39170d085 100644 --- a/docs/SSLCERTS.md +++ b/docs/SSLCERTS.md @@ -14,7 +14,7 @@ If libcurl was built with Schannel or Secure Transport support (the native SSL libraries included in Windows and Mac OS X), then this does not apply to you. Scroll down for details on how the OS-native engines handle SSL certificates. If you're not sure, then run "curl -V" and read the results. If -the version string says "WinSSL" in it, then it was built with Schannel +the version string says `Schannel` in it, then it was built with Schannel support. It is about trust diff --git a/docs/THANKS b/docs/THANKS index 76587bddf..ccec12146 100644 --- a/docs/THANKS +++ b/docs/THANKS @@ -59,6 +59,7 @@ Alex Fishman Alex Gaynor Alex Grebenschikov Alex Gruz +Alex Kiernan Alex Konev Alex Malinovich Alex Mayorga @@ -240,6 +241,7 @@ Bernhard Walle Bert Huijben Bertrand Demiddelaer Bertrand Simonnet +Bevan Weiss Bill Doyle Bill Egert Bill Hoffman @@ -281,6 +283,7 @@ Brian Childs Brian Chrisman Brian Dessent Brian E. Gallew +Brian Inglis Brian J. Murrell Brian Prodoehl Brian R Duffy @@ -289,6 +292,7 @@ Brock Noland Bru Rom Bruce Mitchener Bruce Stephens +BrumBrum on hackerone Bruno de Carvalho Bruno Grasselli Bruno Thomsen @@ -301,6 +305,7 @@ Bylon2 on github Byrial Jensen Caleb Raitto Calvin Buckley +Cameron Cawley Cameron Kaiser Cameron MacMinn Camille Moncelier @@ -315,6 +320,7 @@ Carlos ORyan Carsten Lange Casey O'Donnell Catalin Patulea +causal-agent on github cbartl on github cclauss on github Chad Monroe @@ -507,6 +513,7 @@ Dengminwen Denis Baručić Denis Chaplygin Denis Feklushkin +Denis Goleshchikhin Denis Ollier Dennis Clarke Dennis Felsing @@ -532,6 +539,7 @@ Dirk Eddelbuettel Dirk Feytons Dirk Manske Dirkjan Bussink +divinity76 on github dkjjr89 on github dkwolfe4 on github Dmitri Shubin @@ -593,6 +601,7 @@ Edward Thomson Eelco Dolstra Eetu Ojanen Egon Eckert +Ehren Bendler Eldar Zaitov elelel on github elephoenix on github @@ -672,6 +681,7 @@ Felix von Leitner Felix Yan Feng Tu Fernando Muñoz +Filip Salomonsson Flavio Medeiros Florian Pritz Florian Schoppmann @@ -770,6 +780,7 @@ GwanYeong Kim Gwenole Beauchesne Gökhan Şengün Götz Babin-Ebell +H3RSKO on github Hagai Auro Haibo Huang Hamish Mackenzie @@ -831,6 +842,7 @@ Igor Makarov Igor Novoseltsev Igor Polyakov Ihor Karpenko +ihsinme on github Iida Yosiaki Ilguiz Latypov Ilja van Sprundel @@ -940,6 +952,7 @@ Jeremy Friesner Jeremy Huddleston Jeremy Lainé Jeremy Lin +Jeremy Maitin-Shepard Jeremy Pearson Jeremy Tan Jeroen Koekkoek @@ -973,6 +986,7 @@ Joe Malicki Joe Mason Joel Chen Joel Depooter +joey-l-us on github Jofell Gallardo Johan Anderson Johan Lantz @@ -1109,6 +1123,7 @@ Kees Dekker Keith MacDonald Keith McGuigan Keith Mok +Ken Brown Ken Hirsch Ken Rastatter Kenny To @@ -1160,6 +1175,7 @@ l00p3r on Hackerone Lachlan O'Dea Ladar Levison Lance Ware +Laramie Leavitt Larry Campbell Larry Fahnoe Larry Lin @@ -1194,6 +1210,7 @@ Leonardo Taccari Liam Healy lijian996 on github Lijo Antony +lilongyan-huawei on github Linas Vepstas Lindley French Ling Thio @@ -1318,6 +1335,7 @@ Martin V Martin Vejnár Marty Kuhrt Maruko +Masaya Suzuki masbug on github Massimiliano Fantuzzi Massimiliano Ziccardi @@ -1343,6 +1361,7 @@ Matthew Hall Matthew Kerwin Matthew Whitehead Matthias Bolte +Matthias Naegler Mattias Fornander Matus Uzak Maurice Barnum @@ -1507,6 +1526,7 @@ Ning Dong Nir Soffer Nis Jorgensen nk +NobodyXu on github Nobuhiro Ban Nodak Sodak nopjmp on github @@ -1689,11 +1709,13 @@ Ralf S. Engelschall Ralph Beckmann Ralph Mitchell Ram Krushna Mishra +ramsay-jones on github Ran Mozes Randall S. Becker Randy Armstrong Randy McMurchy Raphael Gozzo +Rasmus Melchior Jacobsen Ravi Pratap Ray Dassen Ray Pekowski @@ -1910,6 +1932,7 @@ Spezifant on github Spiridonoff A.V Spoon Man Spork Schivago +sspiri on github sstruchtrup on github Stadler Stephan Stan van de Burgt @@ -1927,6 +1950,7 @@ Stefan Neis Stefan Teleman Stefan Tomanek Stefan Ulrich +Stefan Yohansson Stefano Simonelli Steinar H. Gunderson steini2000 on github @@ -1977,6 +2001,7 @@ Symeon Paraschoudis Sébastien Willemijns T. Bharath T. Yamada +Tadej Vengust Tae Hyoung Ahn Tae Wong Taiyu Len @@ -1984,6 +2009,7 @@ Taneli Vähäkangas Tanguy Fautre tarek112 on github Tatsuhiro Tsujikawa +tbugfinder on github Teemu Yli-Elsila Temprimus Terri Oda @@ -2002,6 +2028,7 @@ Thomas J. Moore Thomas Klausner Thomas L. Shinnick Thomas Lopatic +Thomas M. DuBuisson Thomas Petazzoni Thomas Ruecker Thomas Schwinge @@ -2061,6 +2088,7 @@ Tom Sparrow Tom van der Woerdt Tom Wright Tom Zerucha +Tomas Berger Tomas Hoger Tomas Jakobsson Tomas Mlcoch @@ -2172,6 +2200,7 @@ Xiang Xiao Xiangbin Li Xiaoyin Liu XmiliaH on github +xwxbug on github Yaakov Selkowitz Yang Tse Yarram Sunil @@ -36,7 +36,6 @@ 1.17 Add support for IRIs 1.18 try next proxy if one doesn't work 1.20 SRV and URI DNS records - 1.21 Add return code to CURLMOPT_PUSHFUNCTION to fail the connection 1.22 CURLINFO_PAUSE_STATE 1.23 Offer API to flush the connection pool 1.24 TCP Fast Open for windows @@ -124,6 +123,7 @@ 15.1 Extend support for client certificate authentication 15.2 Extend support for the --ciphers option 15.3 Add option to disable client certificate auto-send + 15.4 Add option to allow abrupt server closure 16. SASL 16.1 Other authentication mechanisms @@ -159,6 +159,8 @@ 18.20 host name sections in config files 18.21 retry on the redirected-to URL 18.22 Add flag to specify download directory + 18.23 Set the modification date on an uploaded file + 18.24 Use multiple parallel transfers for a single download 19. Build 19.1 roffit @@ -358,13 +360,6 @@ Offer support for resolving SRV and URI DNS records for libcurl to know which server to connect to for various protocols (including HTTP!). -1.21 Add return code to CURLMOPT_PUSHFUNCTION to fail the connection - - Allow the callback to return a value that would stop the entire operation, - like it can be done from most other callbacks. - - See https://curl.haxx.se/mail/lib-2020-06/0099.html - 1.22 CURLINFO_PAUSE_STATE Return information about the transfer's current pause state, in both @@ -850,6 +845,15 @@ that doesn't exist on the server, just like --ftp-create-dirs. https://github.com/curl/curl/issues/2262 +15.4 Add option to allow abrupt server closure + + libcurl w/schannel will error without a known termination point from the + server (such as length of transfer, or SSL "close notify" alert) to prevent + against a truncation attack. Really old servers may neglect to send any + termination point. An option could be added to ignore such abrupt closures. + + https://github.com/curl/curl/issues/4427 + 16. SASL 16.1 Other authentication mechanisms @@ -1114,6 +1118,34 @@ that doesn't exist on the server, just like --ftp-create-dirs. user from having to manually "cd" to the directory. Especially useful for command lines with multiple -O and different download directories. +18.23 Set the modification date on an uploaded file + + For SFTP and posssibly FTP, curl could offer an option to set the + modification time for the uploaded file. + + See https://github.com/curl/curl/issues/5768 + +18.24 Use multiple parallel transfers for a single download + + To enhance transfer speed, downloading a single URL can be split up into + multiple separate range downloads that get combined into a single final + result. + + An ideal implementation would not use a specified number of parallel + transfers, but curl could: + - First start getting the full file as transfer A + - If after N seconds have passed and the transfer is expected to continue for + M seconds or more, add a new transfer (B) that asks for the second half of + A's content (and stop A at the middle). + - If splitting up the work improves the transfer rate, it could then be done + again. Then again, etc up to a limit. + + This way, if transfer B fails (because Range: isn't supported) it will let + transfer A remain the single one. N and M could be set to some sensible + defaults. + + See https://github.com/curl/curl/issues/5774 + 19. Build 19.1 roffit diff --git a/docs/TheArtOfHttpScripting b/docs/TheArtOfHttpScripting index c5b67ca1b..65bda6255 100644 --- a/docs/TheArtOfHttpScripting +++ b/docs/TheArtOfHttpScripting @@ -185,7 +185,7 @@ The Art Of Scripting HTTP Requests Using Curl curl -u user:password http://example.org/ You need to pay attention that this kind of HTTP authentication is not what - is usually done and requested by user-oriented web sites these days. They + is usually done and requested by user-oriented websites these days. They tend to use forms and cookies instead. 2.5 Path part @@ -268,7 +268,7 @@ The Art Of Scripting HTTP Requests Using Curl 4.1 Forms explained - Forms are the general way a web site can present a HTML page with fields for + Forms are the general way a website can present a HTML page with fields for the user to enter data in, and then press some kind of 'OK' or 'Submit' button to get that data sent to the server. The server then typically uses the posted data to decide how to act. Like using the entered words to search @@ -457,7 +457,7 @@ The Art Of Scripting HTTP Requests Using Curl options. There are ways to circumvent this. It is worth noting that while this is how HTTP Authentication works, very - many web sites will not use this concept when they provide logins etc. See + many websites will not use this concept when they provide logins etc. See the Web Login chapter further below for more details on that. 7. More HTTP Headers diff --git a/docs/cmdline-opts/page-footer b/docs/cmdline-opts/page-footer index 53fdf2561..de77c4e0c 100644 --- a/docs/cmdline-opts/page-footer +++ b/docs/cmdline-opts/page-footer @@ -262,6 +262,16 @@ SSL public key does not matched pinned public key Invalid SSL certificate status. .IP 92 Stream error in HTTP/2 framing layer. +.IP 93 +An API function was called from inside a callback. +.IP 94 +An authentication function returned an error. +.IP 95 +A problem was detected in the HTTP/3 layer. This is somewhat generic and can +be one out of several problems, see the error message for details. +.IP 96 +QUIC connection error. This error may be caused by an SSL library error. QUIC +is the protocol used for HTTP/3 transfers. .IP XX More error codes will appear here in future releases. The existing ones are meant to never change. diff --git a/docs/cmdline-opts/page-header b/docs/cmdline-opts/page-header index c38698c6b..a51e485ba 100644 --- a/docs/cmdline-opts/page-header +++ b/docs/cmdline-opts/page-header @@ -99,6 +99,55 @@ getting many files from the same server will not do multiple connects / handshakes. This improves speed. Of course this is only done on files specified on a single command line and cannot be used between separate curl invokes. +.SH PROTOCOLS +curl supports numerous protocols, or put in URL terms: schemes. Your +particular build may not support them all. +.IP DICT +Lets you lookup words using online dictionaries. +.IP FILE +Read or write local files. curl does not support accessing file:// URL +remotely, but when running on Microsft Windows using the native UNC approach +will work. +.IP FTP(S) +curl supports the File Transfer Protocol with a lot of tweaks and levers. With +or without using TLS. +.IP GOPHER +Retrieve files. +.IP HTTP(S) +curl supports HTTP with numerous options and variations. It can speak HTTP +version 0.9, 1.0, 1.1, 2 and 3 depending on build options and the correct +command line options. +.IP IMAP(S) +Using the mail reading protocol, curl can "download" emails for you. With or +without using TLS. +.IP LDAP(S) +curl can do directory lookups for you, with or without TLS. +.IP MQTT +curl supports MQTT version 3. Downloading over MQTT equals "subscribe" to a +topic while uploading/posting equals "publish" on a topic. MQTT support is +experimental and TLS based MQTT is not supported (yet). +.IP POP3(S) +Downloading from a pop3 server means getting a mail. With or without using +TLS. +.IP RTMP(S) +The Realtime Messaging Protocol is primarily used to server streaming media +and curl can download it. +.IP RTSP +curl supports RTSP 1.0 downloads. +.IP SCP +curl supports SSH version 2 scp transfers. +.IP SFTP +curl supports SFTP (draft 5) done over SSH version 2. +.IP SMB(S) +curl supports SMB version 1 for upload and download. +.IP SMTP(S) +Uploading contents to an SMTP server means sending an email. With or without +TLS. +.IP TELNET +Telling curl to fetch a telnet URL starts an interactive session where it +sends what it reads on stdin and outputs what the server sends it. +.IP TFTP +curl can do TFTP downloads and uploads. .SH "PROGRESS METER" curl normally displays a progress meter during operations, indicating the amount of transferred data, transfer speeds and estimated time left, etc. The diff --git a/docs/cmdline-opts/tls-max.d b/docs/cmdline-opts/tls-max.d index b5616f124..475c12fe8 100644 --- a/docs/cmdline-opts/tls-max.d +++ b/docs/cmdline-opts/tls-max.d @@ -10,6 +10,9 @@ Help: Set maximum allowed TLS version VERSION defines maximum supported TLS version. The minimum acceptable version is set by tlsv1.0, tlsv1.1, tlsv1.2 or tlsv1.3. +If the connection is done without TLS, this option has no effect. This +includes QUIC-using (HTTP/3) transfers. + .RS .IP "default" Use up to recommended TLS version. diff --git a/docs/cmdline-opts/tlsv1.3.d b/docs/cmdline-opts/tlsv1.3.d index 7061a61b2..19da857b7 100644 --- a/docs/cmdline-opts/tlsv1.3.d +++ b/docs/cmdline-opts/tlsv1.3.d @@ -3,8 +3,10 @@ Help: Use TLSv1.3 or greater Protocols: TLS Added: 7.52.0 --- -Forces curl to use TLS version 1.3 or later when connecting to a remote TLS server. +Forces curl to use TLS version 1.3 or later when connecting to a remote TLS +server. -Note that TLS 1.3 is only supported by a subset of TLS backends. At the time -of this writing, they are BoringSSL, NSS, and Secure Transport (on iOS 11 or -later, and macOS 10.13 or later). +If the connection is done without TLS, this option has no effect. This +includes QUIC-using (HTTP/3) transfers. + +Note that TLS 1.3 is not supported by all TLS backends. diff --git a/docs/cmdline-opts/write-out.d b/docs/cmdline-opts/write-out.d index 9786a9af4..686bda6ea 100644 --- a/docs/cmdline-opts/write-out.d +++ b/docs/cmdline-opts/write-out.d @@ -60,6 +60,9 @@ either IPv4 or IPv6 (Added in 7.29.0) .B local_port The local port number of the most recently done connection (Added in 7.29.0) .TP +.B method +The http method used in the most recent HTTP request (Added in 7.72.0) +.TP .B num_connects Number of new connects made in the recent transfer. (Added in 7.12.3) .TP diff --git a/docs/examples/.checksrc b/docs/examples/.checksrc index c45678aae..dea90aaa1 100644 --- a/docs/examples/.checksrc +++ b/docs/examples/.checksrc @@ -1,2 +1,3 @@ disable TYPEDEFSTRUCT disable SNPRINTF +disable BANNEDFUNC diff --git a/docs/examples/Makefile.am b/docs/examples/Makefile.am index fbafbbf59..dd37a687a 100644 --- a/docs/examples/Makefile.am +++ b/docs/examples/Makefile.am @@ -67,4 +67,4 @@ CS_1 = CS_ = $(CS_0) checksrc: - $(CHECKSRC)(@PERL@ $(top_srcdir)/lib/checksrc.pl $(srcdir)/*.c) + $(CHECKSRC)(@PERL@ $(top_srcdir)/lib/checksrc.pl -D$(srcdir) $(srcdir)/*.c) diff --git a/docs/examples/Makefile.m32 b/docs/examples/Makefile.m32 index d0694cfa3..e8c0d376f 100644 --- a/docs/examples/Makefile.m32 +++ b/docs/examples/Makefile.m32 @@ -24,7 +24,7 @@ # ## Makefile for building curl examples with MingW (GCC-3.2 or later) ## and optionally OpenSSL (1.0.2a), libssh2 (1.5), zlib (1.2.8), librtmp (2.4), -## brotli (1.0.1) +## brotli (1.0.1), zstd (1.4.5) ## ## Usage: mingw32-make -f Makefile.m32 CFG=-feature1[-feature2][-feature3][...] ## Example: mingw32-make -f Makefile.m32 CFG=-zlib-ssl-sspi-winidn @@ -39,6 +39,10 @@ ifndef ZLIB_PATH ZLIB_PATH = ../../../zlib-1.2.8 endif +# Edit the path below to point to the base of your Zstandard sources. +ifndef ZSTD_PATH +ZSTD_PATH = ../../../zstd-1.4.5 +endif # Edit the path below to point to the base of your Brotli sources. ifndef BROTLI_PATH BROTLI_PATH = ../../../brotli-1.0.1 @@ -180,6 +184,9 @@ endif ifeq ($(findstring -zlib,$(CFG)),-zlib) ZLIB = 1 endif +ifeq ($(findstring -zstd,$(CFG)),-zstd) +ZSTD = 1 +endif ifeq ($(findstring -brotli,$(CFG)),-brotli) BROTLI = 1 endif @@ -284,6 +291,11 @@ ifdef ZLIB CFLAGS += -DHAVE_LIBZ -DHAVE_ZLIB_H curl_LDADD += -L"$(ZLIB_PATH)" -lz endif +ifdef ZSTD + INCLUDES += -I"$(ZSTD_PATH)/include" + CFLAGS += -DHAVE_ZSTD + curl_LDADD += -L"$(ZSTD_PATH)/lib" -lzstd +endif ifdef BROTLI INCLUDES += -I"$(BROTLI_PATH)/include" CFLAGS += -DHAVE_BROTLI diff --git a/docs/examples/README b/docs/examples/README index 078cabed0..6336c3733 100644 --- a/docs/examples/README +++ b/docs/examples/README @@ -9,7 +9,7 @@ some simple steps on how you can build your own application to take full advantage of libcurl. If you end up with other small but still useful example sources, please mail -them for submission in future packages and on the web site. +them for submission in future packages and on the website. BUILDING @@ -28,7 +28,7 @@ want you do reorganize them like: *PLEASE* do not use the curl.haxx.se site as a test target for your libcurl applications/experiments. Even if some of the examples use that site as a URL at some places, it doesn't mean that the URLs work or that we expect you to -actually torture our web site with your tests! Thanks. +actually torture our website with your tests! Thanks. EXAMPLES diff --git a/docs/examples/rtsp.c b/docs/examples/rtsp.c index e3fdc905b..6f499162f 100644 --- a/docs/examples/rtsp.c +++ b/docs/examples/rtsp.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011 - 2019, Jim Hollinger + * Copyright (c) 2011 - 2020, Jim Hollinger * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -192,7 +192,7 @@ int main(int argc, char * const argv[]) char *base_name = NULL; printf("\nRTSP request %s\n", VERSION_STR); - printf(" Project web site: " + printf(" Project website: " "https://github.com/BackupGGCode/rtsprequest\n"); printf(" Requires curl V7.20 or greater\n\n"); diff --git a/docs/libcurl/gnurl_easy_getinfo.3 b/docs/libcurl/gnurl_easy_getinfo.3 index 7ffd6b308..c6a338e1c 100644 --- a/docs/libcurl/gnurl_easy_getinfo.3 +++ b/docs/libcurl/gnurl_easy_getinfo.3 @@ -41,6 +41,9 @@ You should not free the memory returned by this function unless it is explicitly mentioned below. .SH AVAILABLE INFORMATION The following information can be extracted: +.IP CURLINFO_EFFECTIVE_METHOD +Last used HTTP method. +See \fICURLINFO_EFFECTIVE_METHOD(3)\fP .IP CURLINFO_EFFECTIVE_URL Last used URL. See \fICURLINFO_EFFECTIVE_URL(3)\fP diff --git a/docs/libcurl/gnurl_global_sslset.3 b/docs/libcurl/gnurl_global_sslset.3 index ee48a6abb..ed9c236d7 100644 --- a/docs/libcurl/gnurl_global_sslset.3 +++ b/docs/libcurl/gnurl_global_sslset.3 @@ -40,7 +40,7 @@ typedef enum { CURLSSLBACKEND_POLARSSL = 6, /* deprecated */ CURLSSLBACKEND_WOLFSSL = 7, CURLSSLBACKEND_SCHANNEL = 8, - CURLSSLBACKEND_DARWINSSL = 9, + CURLSSLBACKEND_SECURETRANSPORT = 9, CURLSSLBACKEND_AXTLS = 10, /* deprecated */ CURLSSLBACKEND_MBEDTLS = 11, CURLSSLBACKEND_MESALINK = 12, diff --git a/docs/libcurl/gnurl_multi_perform.3 b/docs/libcurl/gnurl_multi_perform.3 index f144babb4..f59cc5e53 100644 --- a/docs/libcurl/gnurl_multi_perform.3 +++ b/docs/libcurl/gnurl_multi_perform.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. +.\" * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -103,7 +103,7 @@ default: .SH "RETURN VALUE" CURLMcode type, general libcurl multi interface error code. -Before version 7.20.0: If you receive \fICURLM_CALL_MULTI_PERFORM\fP, this +Before version 7.20.0 (released on February 9 2010): If you receive \fICURLM_CALL_MULTI_PERFORM\fP, this basically means that you should call \fIcurl_multi_perform(3)\fP again, before you select() on more actions. You don't have to do it immediately, but the return code means that libcurl may have more data available to return or that diff --git a/docs/libcurl/gnurl_share_setopt.3 b/docs/libcurl/gnurl_share_setopt.3 index 052308360..a446b6451 100644 --- a/docs/libcurl/gnurl_share_setopt.3 +++ b/docs/libcurl/gnurl_share_setopt.3 @@ -74,10 +74,10 @@ by default. Note this symbol was added in 7.10.3 but was not implemented until 7.23.0. .IP CURL_LOCK_DATA_CONNECT Put the connection cache in the share object and make all easy handles using -this share object share the connection cache. Using this, you can for example -do multi-threaded libcurl use with one handle in each thread, and yet have a -shared pool of unused connections and this way get way better connection -re-use than if you use one separate pool in each thread. +this share object share the connection cache. + +Note that due to a known bug, it is not safe to share connections this way +between multiple concurrent threads. Connections that are used for HTTP/1.1 Pipelining or HTTP/2 multiplexing only get additional transfers added to them if the existing connection is held by diff --git a/docs/libcurl/gnurl_version_info.3 b/docs/libcurl/gnurl_version_info.3 index 8ad92b435..2e8ed2956 100644 --- a/docs/libcurl/gnurl_version_info.3 +++ b/docs/libcurl/gnurl_version_info.3 @@ -92,6 +92,11 @@ typedef struct { be NULL */ const char *capath; /* the built-in default CURLOPT_CAPATH, might be NULL */ + /* when 'age' is CURLVERSION_EIGHTH or higher (>= 7.71.0), the members + below exist */ + unsigned int zstd_ver_num; /* Numeric Zstd version + (MAJOR << 24) | (MINOR << 12) | PATCH */ + const char *zstd_version; /* human readable string. */ } curl_version_info_data; .fi @@ -121,6 +126,8 @@ more exact timeouts (even on Windows) and less blocking when using the multi interface. (added in 7.10.7) .IP CURL_VERSION_BROTLI supports HTTP Brotli content encoding using libbrotlidec (Added in 7.57.0) +.IP CURL_VERSION_ZSTD +supports HTTP zstd content encoding using zstd library (Added in 7.72.0) .IP CURL_VERSION_CONV libcurl was built with support for character conversions, as provided by the CURLOPT_CONV_* callbacks. (Added in 7.15.4) @@ -150,12 +157,15 @@ letters. (Added in 7.12.0) .IP CURL_VERSION_IPV6 supports IPv6 .IP CURL_VERSION_KERBEROS4 -supports Kerberos V4 (when using FTP) +supports Kerberos V4 (when using FTP). Legacy bit. Deprecated since 7.33.0. .IP CURL_VERSION_KERBEROS5 supports Kerberos V5 authentication for FTP, IMAP, POP3, SMTP and SOCKSv5 proxy (Added in 7.40.0) .IP CURL_VERSION_LARGEFILE libcurl was built with support for large files. (Added in 7.11.1) +.IP CURL_VERSION_UNICODE +libcurl was built with Unicode support on Windows. This makes non-ASCII +characters work in filenames and options passed to libcurl. (Added in 7.72.0) .IP CURL_VERSION_LIBZ supports HTTP deflate using libz (Added in 7.10) .IP CURL_VERSION_MULTI_SSL diff --git a/docs/libcurl/libgnurl-errors.3 b/docs/libcurl/libgnurl-errors.3 index 6f7d87d73..c76535d0f 100644 --- a/docs/libcurl/libgnurl-errors.3 +++ b/docs/libcurl/libgnurl-errors.3 @@ -271,7 +271,7 @@ interface. Also consider \fIcurl_multi_strerror(3)\fP. .IP "CURLM_CALL_MULTI_PERFORM (-1)" This is not really an error. It means you should call \fIcurl_multi_perform(3)\fP again without doing select() or similar in -between. Before version 7.20.0 this could be returned by +between. Before version 7.20.0 (released on February 9 2010) this could be returned by \fIcurl_multi_perform(3)\fP, but in later versions this return code is never used. .IP "CURLM_CALL_MULTI_SOCKET (-1)" diff --git a/docs/libcurl/libgnurl-thread.3 b/docs/libcurl/libgnurl-thread.3 index 796a5bb59..a85d0ca0d 100644 --- a/docs/libcurl/libgnurl-thread.3 +++ b/docs/libcurl/libgnurl-thread.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 2015 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. +.\" * Copyright (C) 2015 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -59,7 +59,7 @@ https://gnutls.org/manual/html_node/Thread-safety.html thread-safe already without anything required. .IP Secure-Transport The engine is used by libcurl in a way that is fully thread-safe. -.IP WinSSL +.IP Schannel The engine is used by libcurl in a way that is fully thread-safe. .IP wolfSSL The engine is used by libcurl in a way that is fully thread-safe. diff --git a/docs/libcurl/opts/CURLINFO_EFFECTIVE_METHOD.3 b/docs/libcurl/opts/CURLINFO_EFFECTIVE_METHOD.3 new file mode 100644 index 000000000..deee12546 --- /dev/null +++ b/docs/libcurl/opts/CURLINFO_EFFECTIVE_METHOD.3 @@ -0,0 +1,68 @@ +.\" ************************************************************************** +.\" * _ _ ____ _ +.\" * Project ___| | | | _ \| | +.\" * / __| | | | |_) | | +.\" * | (__| |_| | _ <| |___ +.\" * \___|\___/|_| \_\_____| +.\" * +.\" * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. +.\" * +.\" * This software is licensed as described in the file COPYING, which +.\" * you should have received as part of this distribution. The terms +.\" * are also available at https://curl.haxx.se/docs/copyright.html. +.\" * +.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell +.\" * copies of the Software, and permit persons to whom the Software is +.\" * furnished to do so, under the terms of the COPYING file. +.\" * +.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +.\" * KIND, either express or implied. +.\" * +.\" ************************************************************************** +.\" +.TH CURLINFO_EFFECTIVE_METHOD 3 "28 Aug 2015" "libcurl 7.72.0" "curl_easy_getinfo options" +.SH NAME +CURLINFO_EFFECTIVE_METHOD \- get the last used HTTP method +.SH SYNOPSIS +.nf +#include <curl/curl.h> + +CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_EFFECTIVE_METHOD, + char **methodp); +.fi +.SH DESCRIPTION +Pass in a pointer to a char pointer and get the last used effective HTTP +method. + +In cases when you've asked libcurl to follow redirects, the method may very +well not be the same method the first request would use. + +The \fBmethodp\fP pointer will be NULL or pointing to private memory you MUST +NOT free - it gets freed when you call \fIcurl_easy_cleanup(3)\fP on the +corresponding CURL handle. +.SH PROTOCOLS +HTTP(S) +.SH EXAMPLE +.nf +CURL *curl = curl_easy_init(); +if(curl) { + CURLcode res; + curl_easy_setopt(curl, CURLOPT_URL, "http://example.com"); + curl_easy_setopt(curl, CURLOPT_POSTFIELDS, "data"); + curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L); + res = curl_easy_perform(curl); + if(res == CURLE_OK) { + char *method = NULL; + curl_easy_getinfo(curl, CURLINFO_EFFECTIVE_METHOD, &method); + if(method) + printf("Redirected to method: %s\\n", method); + } + curl_easy_cleanup(curl); +} +.fi +.SH AVAILABILITY +Added in 7.72.0 +.SH RETURN VALUE +Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not. +.SH "SEE ALSO" +.BR curl_easy_getinfo "(3), " curl_easy_setopt "(3), " diff --git a/docs/libcurl/opts/GNURLINFO_CERTINFO.3 b/docs/libcurl/opts/GNURLINFO_CERTINFO.3 index 42482c473..d3782fd39 100644 --- a/docs/libcurl/opts/GNURLINFO_CERTINFO.3 +++ b/docs/libcurl/opts/GNURLINFO_CERTINFO.3 @@ -27,10 +27,10 @@ CURLINFO_CERTINFO \- get the TLS certificate chain #include <gnurl/curl.h> CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_CERTINFO, - struct curl_certinfo *chainp); + struct curl_certinfo **chainp); .SH DESCRIPTION Pass a pointer to a 'struct curl_certinfo *' and you'll get it set to point to -struct that holds a number of linked lists with info about the certificate +a struct that holds a number of linked lists with info about the certificate chain, assuming you had \fICURLOPT_CERTINFO(3)\fP enabled when the request was made. The struct reports how many certs it found and then you can extract info for each of those certs by following the linked lists. The info chain is diff --git a/docs/libcurl/opts/GNURLINFO_TLS_SSL_PTR.3 b/docs/libcurl/opts/GNURLINFO_TLS_SSL_PTR.3 index 820268c4e..c4674e75b 100644 --- a/docs/libcurl/opts/GNURLINFO_TLS_SSL_PTR.3 +++ b/docs/libcurl/opts/GNURLINFO_TLS_SSL_PTR.3 @@ -54,7 +54,7 @@ struct curl_tlssessioninfo { The \fIbackend\fP struct member is one of the defines in the CURLSSLBACKEND_* series: CURLSSLBACKEND_NONE (when built without TLS support), -CURLSSLBACKEND_WOLFSSL, CURLSSLBACKEND_DARWINSSL, CURLSSLBACKEND_GNUTLS, +CURLSSLBACKEND_WOLFSSL, CURLSSLBACKEND_SECURETRANSPORT, CURLSSLBACKEND_GNUTLS, CURLSSLBACKEND_GSKIT, CURLSSLBACKEND_MBEDTLS, CURLSSLBACKEND_NSS, CURLSSLBACKEND_OPENSSL, CURLSSLBACKEND_SCHANNEL or CURLSSLBACKEND_MESALINK. (Note that the OpenSSL forks are all reported as just diff --git a/docs/libcurl/opts/GNURLMOPT_PUSHFUNCTION.3 b/docs/libcurl/opts/GNURLMOPT_PUSHFUNCTION.3 index ee4872336..b9d5efcdc 100644 --- a/docs/libcurl/opts/GNURLMOPT_PUSHFUNCTION.3 +++ b/docs/libcurl/opts/GNURLMOPT_PUSHFUNCTION.3 @@ -86,6 +86,9 @@ the ownership of the CURL handle has been taken over by the application. .IP "CURL_PUSH_DENY (1)" The callback denies the stream and no data for this will reach the application, the easy handle will be destroyed by libcurl. +.IP "CURL_PUSH_ERROROUT (2)" +Returning this will reject the pushed stream and return an error back on the +parent stream making it get closed with an error. (Added in curl 7.72.0) .IP * All other return codes are reserved for future use. .SH DEFAULT diff --git a/docs/libcurl/opts/GNURLOPT_ACCEPT_ENCODING.3 b/docs/libcurl/opts/GNURLOPT_ACCEPT_ENCODING.3 index 772dd1761..2586b013d 100644 --- a/docs/libcurl/opts/GNURLOPT_ACCEPT_ENCODING.3 +++ b/docs/libcurl/opts/GNURLOPT_ACCEPT_ENCODING.3 @@ -45,8 +45,9 @@ Alternatively, you can specify exactly the encoding or list of encodings you want in the response. Four encodings are supported: \fIidentity\fP, meaning non-compressed, \fIdeflate\fP which requests the server to compress its response using the zlib algorithm, \fIgzip\fP which requests the gzip -algorithm and (since curl 7.57.0) \fIbr\fP which is brotli. Provide them in -the string as a comma-separated list of accepted encodings, like: +algorithm, (since curl 7.57.0) \fIbr\fP which is brotli and (since curl +7.72.0) \fIzstd\fP which is zstd. Provide them in the string as a +comma-separated list of accepted encodings, like: "br, gzip, deflate". @@ -94,8 +95,9 @@ if(curl) { This option was called CURLOPT_ENCODING before 7.21.6 The specific libcurl you're using must have been built with zlib to be able to -decompress gzip and deflate responses and with the brotli library to -decompress brotli responses. +decompress gzip and deflate responses, with the brotli library to +decompress brotli responses and with the zstd library to decompress zstd +responses. .SH RETURN VALUE Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space. diff --git a/docs/libcurl/opts/GNURLOPT_MAX_RECV_SPEED_LARGE.3 b/docs/libcurl/opts/GNURLOPT_MAX_RECV_SPEED_LARGE.3 index b016c14f8..3aa78a890 100644 --- a/docs/libcurl/opts/GNURLOPT_MAX_RECV_SPEED_LARGE.3 +++ b/docs/libcurl/opts/GNURLOPT_MAX_RECV_SPEED_LARGE.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. +.\" * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -28,12 +28,18 @@ CURLOPT_MAX_RECV_SPEED_LARGE \- rate limit data download speed #include <gnurl/curl.h> CURLcode curl_easy_setopt(CURL *handle, CURLOPT_MAX_RECV_SPEED_LARGE, - curl_off_t speed); + curl_off_t maxspeed); .SH DESCRIPTION -Pass a curl_off_t as parameter. If a download exceeds this \fIspeed\fP +Pass a curl_off_t as parameter. If a download exceeds this \fImaxspeed\fP (counted in bytes per second) the transfer will pause to keep the speed less than or equal to the parameter value. Defaults to unlimited speed. +This is not an exact science. libcurl attempts to keep the average speed below +the given threshold over a period time. + +If you set \fImaxspeed\fP to a value lower than \fICURLOPT_BUFFERSIZE(3)\fP, +libcurl might download faster than the set limit initially. + This option doesn't affect transfer speeds done with FILE:// URLs. .SH DEFAULT 0, disabled diff --git a/docs/libcurl/opts/GNURLOPT_MAX_SEND_SPEED_LARGE.3 b/docs/libcurl/opts/GNURLOPT_MAX_SEND_SPEED_LARGE.3 index c9ae8ab92..cbdcb52c0 100644 --- a/docs/libcurl/opts/GNURLOPT_MAX_SEND_SPEED_LARGE.3 +++ b/docs/libcurl/opts/GNURLOPT_MAX_SEND_SPEED_LARGE.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. +.\" * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -35,6 +35,13 @@ this speed (counted in bytes per second) the transfer will pause to keep the speed less than or equal to the parameter value. Defaults to unlimited speed. +This is not an exact science. libcurl attempts to keep the average speed below +the given threshold over a period time. + +If you set \fImaxspeed\fP to a value lower than +\fICURLOPT_UPLOAD_BUFFERSIZE(3)\fP, libcurl might "shoot over" the limit on +its first send and still send off a full buffer. + This option doesn't affect transfer speeds done with FILE:// URLs. .SH DEFAULT 0, disabled diff --git a/docs/libcurl/opts/GNURLOPT_NOBODY.3 b/docs/libcurl/opts/GNURLOPT_NOBODY.3 index 9ae2477a9..7a0060e87 100644 --- a/docs/libcurl/opts/GNURLOPT_NOBODY.3 +++ b/docs/libcurl/opts/GNURLOPT_NOBODY.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. +.\" * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -33,7 +33,17 @@ output when doing what would otherwise be a download. For HTTP(S), this makes libcurl do a HEAD request. For most other protocols it means just not asking to transfer the body data. -Enabling this option means asking for a download but without a body. +For HTTP operations when \fICURLOPT_NOBODY(3)\fP has been set, unsetting the +option (with 0) will make it a GET again - only if the method is still set to +be HEAD. The proper way to get back to a GET request is to set +\fICURLOPT_HTTPGET(3)\fP and for other methods, use the POST ur UPLOAD +options. + +Enabling \fICURLOPT_NOBODY(3)\fP means asking for a download without a body. + +If you do a transfer with HTTP that involves a method other than HEAD, you +will get a body (unless the resource and server sends a zero byte body for the +specific URL you request). .SH DEFAULT 0, the body is transferred .SH PROTOCOLS @@ -42,9 +52,9 @@ Most .nf curl = curl_easy_init(); if(curl) { - curl_easy_setopt(curl, CURLOPT_URL, "http://example.com"); + curl_easy_setopt(curl, CURLOPT_URL, "https://example.com"); - /* get us the resource without a body! */ + /* get us the resource without a body - use HEAD! */ curl_easy_setopt(curl, CURLOPT_NOBODY, 1L); /* Perform the request */ @@ -56,5 +66,5 @@ Always .SH RETURN VALUE Returns CURLE_OK .SH "SEE ALSO" -.BR CURLOPT_HTTPGET "(3), " CURLOPT_POST "(3), " -.BR CURLOPT_REQUEST_TARGET "(3), " +.BR CURLOPT_HTTPGET "(3), " CURLOPT_POSTFIELDS "(3), " CURLOPT_UPLOAD "(3), " +.BR CURLOPT_REQUEST_TARGET "(3), " CURLOPT_MIMEPOST "(3), " diff --git a/docs/libcurl/opts/GNURLOPT_PROXY_SSL_OPTIONS.3 b/docs/libcurl/opts/GNURLOPT_PROXY_SSL_OPTIONS.3 index 67161c986..2f40b6bbb 100644 --- a/docs/libcurl/opts/GNURLOPT_PROXY_SSL_OPTIONS.3 +++ b/docs/libcurl/opts/GNURLOPT_PROXY_SSL_OPTIONS.3 @@ -37,7 +37,7 @@ the SSL layer libcurl uses may use a work-around for this flaw although it might cause interoperability problems with some (older) SSL implementations. WARNING: avoiding this work-around lessens the security, and by setting this option to 1 you ask for exactly that. This option is only -supported for DarwinSSL, NSS and OpenSSL. +supported for Secure Transport, NSS and OpenSSL. .IP CURLSSLOPT_NO_REVOKE Tells libcurl to disable certificate revocation checks for those SSL backends where such behavior is present. This option is only supported for Schannel diff --git a/docs/libcurl/opts/GNURLOPT_SSL_OPTIONS.3 b/docs/libcurl/opts/GNURLOPT_SSL_OPTIONS.3 index d7fa241ed..b12405033 100644 --- a/docs/libcurl/opts/GNURLOPT_SSL_OPTIONS.3 +++ b/docs/libcurl/opts/GNURLOPT_SSL_OPTIONS.3 @@ -37,7 +37,7 @@ the SSL layer libcurl uses may use a work-around for this flaw although it might cause interoperability problems with some (older) SSL implementations. WARNING: avoiding this work-around lessens the security, and by setting this option to 1 you ask for exactly that. This option is only -supported for DarwinSSL, NSS and OpenSSL. +supported for Secure Transport, NSS and OpenSSL. .IP CURLSSLOPT_NO_REVOKE Tells libcurl to disable certificate revocation checks for those SSL backends where such behavior is present. This option is only supported for Schannel diff --git a/docs/libcurl/opts/GNURLOPT_SSL_VERIFYHOST.3 b/docs/libcurl/opts/GNURLOPT_SSL_VERIFYHOST.3 index 9513c65b1..810c2a83f 100644 --- a/docs/libcurl/opts/GNURLOPT_SSL_VERIFYHOST.3 +++ b/docs/libcurl/opts/GNURLOPT_SSL_VERIFYHOST.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. +.\" * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -64,8 +64,8 @@ This option controls checking the server's certificate's claimed identity. The server could be lying. To control lying, see \fICURLOPT_SSL_VERIFYPEER(3)\fP. .SH LIMITATIONS -DarwinSSL: If \fIverify\fP value is 0, then SNI is also disabled. SNI is a TLS -extension that sends the hostname to the server. The server may use that +Secure Transport: If \fIverify\fP value is 0, then SNI is also disabled. SNI is +a TLS extension that sends the hostname to the server. The server may use that information to do such things as sending back a specific certificate for the hostname, or forwarding the request to a specific origin server. Some hostnames may be inaccessible if SNI is not sent. diff --git a/docs/libcurl/opts/Makefile.inc b/docs/libcurl/opts/Makefile.inc index c60b486d1..8708f32ed 100644 --- a/docs/libcurl/opts/Makefile.inc +++ b/docs/libcurl/opts/Makefile.inc @@ -35,6 +35,7 @@ man_MANS = \ CURLINFO_CONTENT_LENGTH_UPLOAD_T.3 \ CURLINFO_CONTENT_TYPE.3 \ CURLINFO_COOKIELIST.3 \ + CURLINFO_EFFECTIVE_METHOD.3 \ CURLINFO_EFFECTIVE_URL.3 \ CURLINFO_FILETIME.3 \ CURLINFO_FILETIME_T.3 \ diff --git a/docs/libcurl/symbols-in-versions b/docs/libcurl/symbols-in-versions index 36126db09..c0cdbdc04 100644 --- a/docs/libcurl/symbols-in-versions +++ b/docs/libcurl/symbols-in-versions @@ -229,6 +229,7 @@ CURLINFO_COOKIELIST 7.14.1 CURLINFO_DATA_IN 7.9.6 CURLINFO_DATA_OUT 7.9.6 CURLINFO_DOUBLE 7.4.1 +CURLINFO_EFFECTIVE_METHOD 7.72.0 CURLINFO_EFFECTIVE_URL 7.4 CURLINFO_END 7.9.6 CURLINFO_FILETIME 7.5 @@ -803,6 +804,7 @@ CURLU_NO_DEFAULT_PORT 7.62.0 CURLU_PATH_AS_IS 7.62.0 CURLU_URLDECODE 7.62.0 CURLU_URLENCODE 7.62.0 +CURLVERSION_EIGHTH 7.72.0 CURLVERSION_FIFTH 7.57.0 CURLVERSION_FIRST 7.10 CURLVERSION_FOURTH 7.16.1 @@ -890,6 +892,7 @@ CURL_PROGRESSFUNC_CONTINUE 7.68.0 CURL_PROGRESS_BAR 7.1.1 - 7.4.1 CURL_PROGRESS_STATS 7.1.1 - 7.4.1 CURL_PUSH_DENY 7.44.0 +CURL_PUSH_ERROROUT 7.72.0 CURL_PUSH_OK 7.44.0 CURL_READFUNC_ABORT 7.12.1 CURL_READFUNC_PAUSE 7.18.0 @@ -968,6 +971,8 @@ CURL_VERSION_SSL 7.10 CURL_VERSION_SSPI 7.13.2 CURL_VERSION_TLSAUTH_SRP 7.21.4 CURL_VERSION_UNIX_SOCKETS 7.40.0 +CURL_VERSION_ZSTD 7.72.0 +CURL_VERSION_UNICODE 7.72.0 CURL_WAIT_POLLIN 7.28.0 CURL_WAIT_POLLOUT 7.28.0 CURL_WAIT_POLLPRI 7.28.0 diff --git a/include/gnurl/curl.h b/include/gnurl/curl.h index e3531f5df..5aeaca91d 100644 --- a/include/gnurl/curl.h +++ b/include/gnurl/curl.h @@ -2634,10 +2634,6 @@ typedef enum { CURLINFO_PROXY_SSL_VERIFYRESULT = CURLINFO_LONG + 47, CURLINFO_PROTOCOL = CURLINFO_LONG + 48, CURLINFO_SCHEME = CURLINFO_STRING + 49, - /* Fill in new entries below here! */ - - /* Preferably these would be defined conditionally based on the - sizeof curl_off_t being 64-bits */ CURLINFO_TOTAL_TIME_T = CURLINFO_OFF_T + 50, CURLINFO_NAMELOOKUP_TIME_T = CURLINFO_OFF_T + 51, CURLINFO_CONNECT_TIME_T = CURLINFO_OFF_T + 52, @@ -2646,8 +2642,9 @@ typedef enum { CURLINFO_REDIRECT_TIME_T = CURLINFO_OFF_T + 55, CURLINFO_APPCONNECT_TIME_T = CURLINFO_OFF_T + 56, CURLINFO_RETRY_AFTER = CURLINFO_OFF_T + 57, + CURLINFO_EFFECTIVE_METHOD = CURLINFO_STRING + 58, - CURLINFO_LASTONE = 57 + CURLINFO_LASTONE = 58 } CURLINFO; /* CURLINFO_RESPONSE_CODE is the new name for the option previously known as @@ -2748,6 +2745,7 @@ typedef enum { CURLVERSION_FIFTH, CURLVERSION_SIXTH, CURLVERSION_SEVENTH, + CURLVERSION_EIGHTH, CURLVERSION_LAST /* never actually use this */ } CURLversion; @@ -2756,7 +2754,7 @@ typedef enum { meant to be a built-in version number for what kind of struct the caller expects. If the struct ever changes, we redefine the NOW to another enum from above. */ -#define CURLVERSION_NOW CURLVERSION_SEVENTH +#define CURLVERSION_NOW CURLVERSION_EIGHTH struct curl_version_info_data { CURLversion age; /* age of the returned struct */ @@ -2802,6 +2800,11 @@ struct curl_version_info_data { const char *capath; /* the built-in default CURLOPT_CAPATH, might be NULL */ + /* These fields were added in CURLVERSION_EIGHTH */ + unsigned int zstd_ver_num; /* Numeric Zstd version + (MAJOR << 24) | (MINOR << 12) | PATCH */ + const char *zstd_version; /* human readable string. */ + }; typedef struct curl_version_info_data curl_version_info_data; @@ -2836,6 +2839,8 @@ typedef struct curl_version_info_data curl_version_info_data; #define CURL_VERSION_BROTLI (1<<23) /* Brotli features are present. */ #define CURL_VERSION_ALTSVC (1<<24) /* Alt-Svc handling built-in */ #define CURL_VERSION_HTTP3 (1<<25) /* HTTP3 support built-in */ +#define CURL_VERSION_ZSTD (1<<26) /* zstd features are present */ +#define CURL_VERSION_UNICODE (1<<27) /* Unicode support on Windows */ /* * NAME curl_version_info() diff --git a/include/gnurl/curlver.h b/include/gnurl/curlver.h index fe29f0fff..b9fd7e6d6 100644 --- a/include/gnurl/curlver.h +++ b/include/gnurl/curlver.h @@ -30,13 +30,13 @@ /* This is the version number of the libcurl package from which this header file origins: */ -#define LIBCURL_VERSION "7.71.1-DEV" +#define LIBCURL_VERSION "7.72.0-DEV" /* The numeric version number is also available "in parts" by using these defines: */ #define LIBCURL_VERSION_MAJOR 7 -#define LIBCURL_VERSION_MINOR 71 -#define LIBCURL_VERSION_PATCH 1 +#define LIBCURL_VERSION_MINOR 72 +#define LIBCURL_VERSION_PATCH 0 /* This is the numeric version of the libcurl version number, meant for easier parsing and comparisons by programs. The LIBCURL_VERSION_NUM define will @@ -57,7 +57,7 @@ CURL_VERSION_BITS() macro since curl's own configure script greps for it and needs it to contain the full number. */ -#define LIBCURL_VERSION_NUM 0x074701 +#define LIBCURL_VERSION_NUM 0x074800 /* * This is the date and time when the full source package was created. The diff --git a/include/gnurl/multi.h b/include/gnurl/multi.h index 99dfa96d0..4ea8b267c 100644 --- a/include/gnurl/multi.h +++ b/include/gnurl/multi.h @@ -427,12 +427,14 @@ CURL_EXTERN CURLMcode curl_multi_assign(CURLM *multi_handle, * Name: curl_push_callback * * Desc: This callback gets called when a new stream is being pushed by the - * server. It approves or denies the new stream. + * server. It approves or denies the new stream. It can also decide + * to completely fail the connection. * - * Returns: CURL_PUSH_OK or CURL_PUSH_DENY. + * Returns: CURL_PUSH_OK, CURL_PUSH_DENY or CURL_PUSH_ERROROUT */ -#define CURL_PUSH_OK 0 -#define CURL_PUSH_DENY 1 +#define CURL_PUSH_OK 0 +#define CURL_PUSH_DENY 1 +#define CURL_PUSH_ERROROUT 2 /* added in 7.72.0 */ struct curl_pushheaders; /* forward declaration only */ diff --git a/lib/Makefile.inc b/lib/Makefile.inc index 723b826e9..ae3f961cf 100644 --- a/lib/Makefile.inc +++ b/lib/Makefile.inc @@ -60,7 +60,8 @@ LIB_CFILES = altsvc.c amigaos.c asyn-ares.c asyn-thread.c base64.c \ sendf.c setopt.c sha256.c share.c slist.c smb.c smtp.c socketpair.c socks.c \ socks_gssapi.c socks_sspi.c speedcheck.c splay.c strcase.c strdup.c \ strerror.c strtok.c strtoofft.c system_win32.c telnet.c tftp.c timeval.c \ - transfer.c urlapi.c version.c warnless.c wildcard.c x509asn1.c dynbuf.c + transfer.c urlapi.c version.c warnless.c wildcard.c x509asn1.c dynbuf.c \ + version_win32.c LIB_HFILES = altsvc.h amigaos.h arpa_telnet.h asyn.h conncache.h connect.h \ content_encoding.h cookie.h curl_addrinfo.h curl_base64.h curl_ctype.h \ @@ -79,7 +80,7 @@ LIB_HFILES = altsvc.h amigaos.h arpa_telnet.h asyn.h conncache.h connect.h \ smb.h smtp.h sockaddr.h socketpair.h socks.h speedcheck.h splay.h strcase.h \ strdup.h strerror.h strtok.h strtoofft.h system_win32.h telnet.h tftp.h \ timeval.h transfer.h urlapi-int.h urldata.h warnless.h wildcard.h \ - x509asn1.h dynbuf.h + x509asn1.h dynbuf.h version_win32.h LIB_RCFILES = libcurl.rc diff --git a/lib/Makefile.m32 b/lib/Makefile.m32 index fe8701bdb..02b31106c 100644 --- a/lib/Makefile.m32 +++ b/lib/Makefile.m32 @@ -24,7 +24,7 @@ # ## Makefile for building libcurl.a with MingW (GCC-3.2 or later or LLVM/Clang) ## and optionally OpenSSL (1.0.2a), libssh2 (1.5), zlib (1.2.8), librtmp (2.4), -## brotli (1.0.1) +## brotli (1.0.1), zstd (1.4.5) ## ## Usage: mingw32-make -f Makefile.m32 CFG=-feature1[-feature2][-feature3][...] ## Example: mingw32-make -f Makefile.m32 CFG=-zlib-ssl-sspi-winidn @@ -39,6 +39,10 @@ ifndef ZLIB_PATH ZLIB_PATH = ../../zlib-1.2.8 endif +# Edit the path below to point to the base of your Zstandard sources. +ifndef ZSTD_PATH +ZSTD_PATH = ../../zstd-1.4.5 +endif # Edit the path below to point to the base of your Brotli sources. ifndef BROTLI_PATH BROTLI_PATH = ../../brotli-1.0.1 @@ -180,6 +184,9 @@ endif ifeq ($(findstring -zlib,$(CFG)),-zlib) ZLIB = 1 endif +ifeq ($(findstring -zstd,$(CFG)),-zstd) +ZSTD = 1 +endif ifeq ($(findstring -brotli,$(CFG)),-brotli) BROTLI = 1 endif @@ -288,6 +295,11 @@ ifdef ZLIB CFLAGS += -DHAVE_LIBZ -DHAVE_ZLIB_H DLL_LIBS += -L"$(ZLIB_PATH)" -lz endif +ifdef ZSTD + INCLUDES += -I"$(ZSTD_PATH)/include" + CFLAGS += -DHAVE_ZSTD + DLL_LIBS += -L"$(ZSTD_PATH)/lib" -lzstd +endif ifdef BROTLI INCLUDES += -I"$(BROTLI_PATH)/include" CFLAGS += -DHAVE_BROTLI diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c index ba5160b25..e65150744 100644 --- a/lib/asyn-ares.c +++ b/lib/asyn-ares.c @@ -633,7 +633,7 @@ struct Curl_addrinfo *Curl_resolver_getaddrinfo(struct connectdata *conn, *waitp = 0; /* default to synchronous response */ -#ifdef ENABLE_IPV6 /* CURLRES_IPV6 */ +#ifdef ENABLE_IPV6 switch(conn->ip_version) { default: #if ARES_VERSION >= 0x010601 @@ -649,7 +649,7 @@ struct Curl_addrinfo *Curl_resolver_getaddrinfo(struct connectdata *conn, family = PF_INET6; break; } -#endif /* CURLRES_IPV6 */ +#endif /* ENABLE_IPV6 */ bufp = strdup(hostname); if(bufp) { @@ -670,7 +670,7 @@ struct Curl_addrinfo *Curl_resolver_getaddrinfo(struct connectdata *conn, /* initial status - failed */ res->last_status = ARES_ENOTFOUND; -#ifdef ENABLE_IPV6 /* CURLRES_IPV6 */ +#ifdef ENABLE_IPV6 if(family == PF_UNSPEC) { if(Curl_ipv6works(conn)) { res->num_pending = 2; @@ -690,7 +690,7 @@ struct Curl_addrinfo *Curl_resolver_getaddrinfo(struct connectdata *conn, } } else -#endif /* CURLRES_IPV6 */ +#endif /* ENABLE_IPV6 */ { res->num_pending = 1; diff --git a/lib/asyn.h b/lib/asyn.h index be2796cf0..bd3c3c123 100644 --- a/lib/asyn.h +++ b/lib/asyn.h @@ -164,7 +164,6 @@ struct Curl_addrinfo *Curl_resolver_getaddrinfo(struct connectdata *conn, #define Curl_resolver_kill(x) Curl_nop_stmt #define Curl_resolver_is_resolved(x,y) CURLE_COULDNT_RESOLVE_HOST #define Curl_resolver_wait_resolv(x,y) CURLE_COULDNT_RESOLVE_HOST -#define Curl_resolver_getsock(x,y,z) 0 #define Curl_resolver_duphandle(x,y,z) CURLE_OK #define Curl_resolver_init(x,y) CURLE_OK #define Curl_resolver_global_init() CURLE_OK diff --git a/lib/checksrc.pl b/lib/checksrc.pl index 97b8f9e1d..498da94bb 100755 --- a/lib/checksrc.pl +++ b/lib/checksrc.pl @@ -592,7 +592,8 @@ sub scanfile { # scan for use of banned functions if($l =~ /^(.*\W) - (gets| + (gmtime|localtime| + gets| strtok| v?sprintf| (str|_mbs|_tcs|_wcs)n?cat| diff --git a/lib/config-win32.h b/lib/config-win32.h index 76ee6b1a7..316043d81 100644 --- a/lib/config-win32.h +++ b/lib/config-win32.h @@ -718,18 +718,22 @@ Vista #define USE_WIN32_CRYPTO #endif +/* On MinGW the ADDRESS_FAMILY typedef was committed alongside LUP_SECURE, + so we use it to check for the presence of the typedef. */ +#include <ws2tcpip.h> +#if !defined(__MINGW32__) || defined(LUP_SECURE) /* Define to use Unix sockets. */ #define USE_UNIX_SOCKETS #if !defined(UNIX_PATH_MAX) /* Replicating logic present in afunix.h of newer Windows 10 SDK versions */ # define UNIX_PATH_MAX 108 -# include <ws2tcpip.h> /* !checksrc! disable TYPEDEFSTRUCT 1 */ typedef struct sockaddr_un { ADDRESS_FAMILY sun_family; char sun_path[UNIX_PATH_MAX]; } SOCKADDR_UN, *PSOCKADDR_UN; #endif +#endif /* ---------------------------------------------------------------- */ /* ADDITIONAL DEFINITIONS */ diff --git a/lib/connect.c b/lib/connect.c index 29293f087..b000b1b2c 100644 --- a/lib/connect.c +++ b/lib/connect.c @@ -74,7 +74,7 @@ #include "warnless.h" #include "conncache.h" #include "multihandle.h" -#include "system_win32.h" +#include "version_win32.h" #include "quic.h" #include "socks.h" @@ -934,10 +934,10 @@ CURLcode Curl_is_connected(struct connectdata *conn, return CURLE_OK; } - infof(data, "Connection failed\n"); } - else if(rc & CURL_CSELECT_ERR) + else if(rc & CURL_CSELECT_ERR) { (void)verifyconnect(conn->tempsock[i], &error); + } /* * The connection failed here, we should attempt to connect to the "next @@ -1085,8 +1085,8 @@ void Curl_sndbufset(curl_socket_t sockfd) static int detectOsState = DETECT_OS_NONE; if(detectOsState == DETECT_OS_NONE) { - if(Curl_verify_windows_version(6, 0, PLATFORM_WINNT, - VERSION_GREATER_THAN_EQUAL)) + if(curlx_verify_windows_version(6, 0, PLATFORM_WINNT, + VERSION_GREATER_THAN_EQUAL)) detectOsState = DETECT_OS_VISTA_OR_LATER; else detectOsState = DETECT_OS_PREVISTA; @@ -1363,15 +1363,15 @@ CURLcode Curl_connecthost(struct connectdata *conn, /* context */ } struct connfind { - struct connectdata *tofind; - bool found; + long id_tofind; + struct connectdata *found; }; static int conn_is_conn(struct connectdata *conn, void *param) { struct connfind *f = (struct connfind *)param; - if(conn == f->tofind) { - f->found = TRUE; + if(conn->connection_id == f->id_tofind) { + f->found = conn; return 1; } return 0; @@ -1393,21 +1393,22 @@ curl_socket_t Curl_getconnectinfo(struct Curl_easy *data, * - that is associated with a multi handle, and whose connection * was detached with CURLOPT_CONNECT_ONLY */ - if(data->state.lastconnect && (data->multi_easy || data->multi)) { - struct connectdata *c = data->state.lastconnect; + if((data->state.lastconnect_id != -1) && (data->multi_easy || data->multi)) { + struct connectdata *c; struct connfind find; - find.tofind = data->state.lastconnect; - find.found = FALSE; + find.id_tofind = data->state.lastconnect_id; + find.found = NULL; Curl_conncache_foreach(data, data->multi_easy? &data->multi_easy->conn_cache: &data->multi->conn_cache, &find, conn_is_conn); if(!find.found) { - data->state.lastconnect = NULL; + data->state.lastconnect_id = -1; return CURL_SOCKET_BAD; } + c = find.found; if(connp) { /* only store this if the caller cares for it */ *connp = c; diff --git a/lib/content_encoding.c b/lib/content_encoding.c index 19a55b7cd..9b0d2aa09 100644 --- a/lib/content_encoding.c +++ b/lib/content_encoding.c @@ -38,6 +38,10 @@ #include <brotli/decode.h> #endif +#ifdef HAVE_ZSTD +#include <zstd.h> +#endif + #include "sendf.h" #include "http.h" #include "content_encoding.h" @@ -710,6 +714,95 @@ static const struct content_encoding brotli_encoding = { #endif +#ifdef HAVE_ZSTD +/* Writer parameters. */ +struct zstd_params { + ZSTD_DStream *zds; /* State structure for zstd. */ + void *decomp; +}; + +static CURLcode zstd_init_writer(struct connectdata *conn, + struct contenc_writer *writer) +{ + struct zstd_params *zp = (struct zstd_params *)&writer->params; + (void)conn; + + if(!writer->downstream) + return CURLE_WRITE_ERROR; + + zp->zds = ZSTD_createDStream(); + zp->decomp = NULL; + return zp->zds ? CURLE_OK : CURLE_OUT_OF_MEMORY; +} + +static CURLcode zstd_unencode_write(struct connectdata *conn, + struct contenc_writer *writer, + const char *buf, size_t nbytes) +{ + CURLcode result = CURLE_OK; + struct zstd_params *zp = (struct zstd_params *)&writer->params; + ZSTD_inBuffer in; + ZSTD_outBuffer out; + size_t errorCode; + + if(!zp->decomp) { + zp->decomp = malloc(DSIZ); + if(!zp->decomp) + return CURLE_OUT_OF_MEMORY; + } + in.pos = 0; + in.src = buf; + in.size = nbytes; + + for(;;) { + out.pos = 0; + out.dst = zp->decomp; + out.size = DSIZ; + + errorCode = ZSTD_decompressStream(zp->zds, &out, &in); + if(ZSTD_isError(errorCode)) { + return CURLE_BAD_CONTENT_ENCODING; + } + if(out.pos > 0) { + result = Curl_unencode_write(conn, writer->downstream, + zp->decomp, out.pos); + if(result) + break; + } + if((in.pos == nbytes) && (out.pos < out.size)) + break; + } + + return result; +} + +static void zstd_close_writer(struct connectdata *conn, + struct contenc_writer *writer) +{ + struct zstd_params *zp = (struct zstd_params *)&writer->params; + (void)conn; + + if(zp->decomp) { + free(zp->decomp); + zp->decomp = NULL; + } + if(zp->zds) { + ZSTD_freeDStream(zp->zds); + zp->zds = NULL; + } +} + +static const struct content_encoding zstd_encoding = { + "zstd", + NULL, + zstd_init_writer, + zstd_unencode_write, + zstd_close_writer, + sizeof(struct zstd_params) +}; +#endif + + /* Identity handler. */ static CURLcode identity_init_writer(struct connectdata *conn, struct contenc_writer *writer) @@ -752,6 +845,9 @@ static const struct content_encoding * const encodings[] = { #ifdef HAVE_BROTLI &brotli_encoding, #endif +#ifdef HAVE_ZSTD + &zstd_encoding, +#endif NULL }; diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake index 05a5acb03..dd870789e 100644 --- a/lib/curl_config.h.cmake +++ b/lib/curl_config.h.cmake @@ -437,6 +437,9 @@ /* if brotli is available */ #cmakedefine HAVE_BROTLI 1 +/* if zstd is available */ +#cmakedefine HAVE_ZSTD 1 + /* if your compiler supports LL */ #cmakedefine HAVE_LL 1 diff --git a/lib/curl_setup.h b/lib/curl_setup.h index e3b33b5c0..5c5c130f6 100644 --- a/lib/curl_setup.h +++ b/lib/curl_setup.h @@ -641,7 +641,7 @@ int netware_init(void); defined(USE_GNUTLS) || defined(USE_NSS) || defined(USE_SECTRANSP) || \ defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO) || \ defined(USE_MBEDTLS) || \ - (defined(USE_WOLFSSL) && defined(HAVE_WOLFSSL_DES_SET_ODD_PARITY)) + (defined(USE_WOLFSSL) && defined(HAVE_WOLFSSL_DES_ECB_ENCRYPT)) #define USE_NTLM diff --git a/lib/curl_sspi.c b/lib/curl_sspi.c index d5fcfa0e1..4b93e1ad3 100644 --- a/lib/curl_sspi.c +++ b/lib/curl_sspi.c @@ -28,6 +28,7 @@ #include "curl_sspi.h" #include "curl_multibyte.h" #include "system_win32.h" +#include "version_win32.h" #include "warnless.h" /* The last #include files should be: */ @@ -82,7 +83,7 @@ CURLcode Curl_sspi_global_init(void) * have both these DLLs (security.dll forwards calls to secur32.dll) */ /* Load SSPI dll into the address space of the calling process */ - if(Curl_verify_windows_version(4, 0, PLATFORM_WINNT, VERSION_EQUAL)) + if(curlx_verify_windows_version(4, 0, PLATFORM_WINNT, VERSION_EQUAL)) s_hSecDll = Curl_load_library(TEXT("security.dll")); else s_hSecDll = Curl_load_library(TEXT("secur32.dll")); diff --git a/lib/curlx.h b/lib/curlx.h index 4c42a6b05..beff535c0 100644 --- a/lib/curlx.h +++ b/lib/curlx.h @@ -63,6 +63,9 @@ curlx_unicodefree() */ +#include "version_win32.h" +/* "version_win32.h" provides curlx_verify_windows_version() */ + /* Now setup curlx_ * names for the functions that are to become curlx_ and be removed from a future libcurl official API: curlx_getenv @@ -858,7 +858,7 @@ doh2ai(const struct dohentry *de, const char *hostname, int port) addr = (void *)ai->ai_addr; /* storage area for this info */ DEBUGASSERT(sizeof(struct in_addr) == sizeof(de->addr[i].ip.v4)); memcpy(&addr->sin_addr, &de->addr[i].ip.v4, sizeof(struct in_addr)); - addr->sin_family = (CURL_SA_FAMILY_T)addrtype; + addr->sin_family = addrtype; addr->sin_port = htons((unsigned short)port); break; @@ -867,7 +867,7 @@ doh2ai(const struct dohentry *de, const char *hostname, int port) addr6 = (void *)ai->ai_addr; /* storage area for this info */ DEBUGASSERT(sizeof(struct in6_addr) == sizeof(de->addr[i].ip.v6)); memcpy(&addr6->sin6_addr, &de->addr[i].ip.v6, sizeof(struct in6_addr)); - addr6->sin6_family = (CURL_SA_FAMILY_T)addrtype; + addr6->sin6_family = addrtype; addr6->sin6_port = htons((unsigned short)port); break; #endif diff --git a/lib/dynbuf.h b/lib/dynbuf.h index c80239e29..ecc995755 100644 --- a/lib/dynbuf.h +++ b/lib/dynbuf.h @@ -53,11 +53,11 @@ size_t Curl_dyn_len(const struct dynbuf *s); #define DYN_HAXPROXY 2048 #define DYN_HTTP_REQUEST (128*1024) #define DYN_H2_HEADERS (128*1024) -#define DYN_H2_TRAILER 4096 +#define DYN_H2_TRAILERS (128*1024) #define DYN_APRINTF 8000000 #define DYN_RTSP_REQ_HEADER (64*1024) #define DYN_TRAILERS (64*1024) #define DYN_PROXY_CONNECT_HEADERS 16384 #define DYN_QLOG_NAME 1024 -#define DYN_H1_TRAILER DYN_H2_TRAILER +#define DYN_H1_TRAILER 4096 #endif diff --git a/lib/easy.c b/lib/easy.c index e46e9c893..bed0de259 100644 --- a/lib/easy.c +++ b/lib/easy.c @@ -838,8 +838,7 @@ struct Curl_easy *curl_easy_duphandle(struct Curl_easy *data) /* the connection cache is setup on demand */ outcurl->state.conn_cache = NULL; - - outcurl->state.lastconnect = NULL; + outcurl->state.lastconnect_id = -1; outcurl->progress.flags = data->progress.flags; outcurl->progress.callback = data->progress.callback; @@ -3251,9 +3251,9 @@ static CURLcode ftp_done(struct connectdata *conn, CURLcode status, } if(conn->ssl[SECONDARYSOCKET].use) { - /* The secondary socket used SSL so we must close down that part first - before we close the socket for real */ - result = Curl_ssl_shutdown(conn, SECONDARYSOCKET); + /* The secondary socket is using SSL so we must close down that part + first before we close the socket for real */ + Curl_ssl_close(conn, SECONDARYSOCKET); /* Note that we keep "use" set to TRUE since that (next) connection is still requested to use SSL */ diff --git a/lib/getinfo.c b/lib/getinfo.c index c4444f589..ddbd635ec 100644 --- a/lib/getinfo.c +++ b/lib/getinfo.c @@ -78,6 +78,7 @@ CURLcode Curl_initinfo(struct Curl_easy *data) info->conn_local_ip[0] = '\0'; info->conn_primary_port = 0; info->conn_local_port = 0; + info->retry_after = 0; info->conn_scheme = 0; info->conn_protocol = 0; @@ -95,6 +96,34 @@ static CURLcode getinfo_char(struct Curl_easy *data, CURLINFO info, case CURLINFO_EFFECTIVE_URL: *param_charp = data->change.url?data->change.url:(char *)""; break; + case CURLINFO_EFFECTIVE_METHOD: { + const char *m = data->set.str[STRING_CUSTOMREQUEST]; + if(!m) { + if(data->set.opt_no_body) + m = "HEAD"; + else { + switch(data->state.httpreq) { + case HTTPREQ_POST: + case HTTPREQ_POST_FORM: + case HTTPREQ_POST_MIME: + m = "POST"; + break; + case HTTPREQ_PUT: + m = "PUT"; + break; + default: /* this should never happen */ + case HTTPREQ_GET: + m = "GET"; + break; + case HTTPREQ_HEAD: + m = "HEAD"; + break; + } + } + } + *param_charp = m; + } + break; case CURLINFO_CONTENT_TYPE: *param_charp = data->info.contenttype; break; diff --git a/lib/http.c b/lib/http.c index 3601015da..b8db35acc 100644 --- a/lib/http.c +++ b/lib/http.c @@ -2014,9 +2014,6 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) case HTTPREQ_PUT: request = "PUT"; break; - case HTTPREQ_OPTIONS: - request = "OPTIONS"; - break; default: /* this should never happen */ case HTTPREQ_GET: request = "GET"; diff --git a/lib/http.h b/lib/http.h index 005f85092..a522de30c 100644 --- a/lib/http.h +++ b/lib/http.h @@ -148,6 +148,7 @@ struct HTTP { struct dynbuf header_recvbuf; size_t nread_header_recvbuf; /* number of bytes in header_recvbuf fed into upper layer */ + struct dynbuf trailer_recvbuf; int status_code; /* HTTP status code */ const uint8_t *pausedata; /* pointer to data received in on_data_chunk */ size_t pauselen; /* the number of bytes left in data */ diff --git a/lib/http2.c b/lib/http2.c index 08fba6764..222ff1bb7 100644 --- a/lib/http2.c +++ b/lib/http2.c @@ -514,7 +514,7 @@ static int push_promise(struct Curl_easy *data, struct connectdata *conn, const nghttp2_push_promise *frame) { - int rv; + int rv; /* one of the CURL_PUSH_* defines */ H2BUGF(infof(data, "PUSH_PROMISE received, stream %u!\n", frame->promised_stream_id)); if(data->multi->push_cb) { @@ -528,7 +528,7 @@ static int push_promise(struct Curl_easy *data, struct Curl_easy *newhandle = duphandle(data); if(!newhandle) { infof(data, "failed to duplicate handle\n"); - rv = 1; /* FAIL HARD */ + rv = CURL_PUSH_DENY; /* FAIL HARD */ goto fail; } @@ -541,13 +541,15 @@ static int push_promise(struct Curl_easy *data, if(!stream) { failf(data, "Internal NULL stream!\n"); (void)Curl_close(&newhandle); - rv = 1; + rv = CURL_PUSH_DENY; goto fail; } rv = set_transfer_url(newhandle, &heads); - if(rv) + if(rv) { + rv = CURL_PUSH_DENY; goto fail; + } Curl_set_in_callback(data, true); rv = data->multi->push_cb(data, newhandle, @@ -563,6 +565,7 @@ static int push_promise(struct Curl_easy *data, stream->push_headers_used = 0; if(rv) { + DEBUGASSERT((rv > CURL_PUSH_OK) && (rv <= CURL_PUSH_ERROROUT)); /* denied, kill off the new handle again */ http2_stream_free(newhandle->req.protop); newhandle->req.protop = NULL; @@ -583,7 +586,7 @@ static int push_promise(struct Curl_easy *data, http2_stream_free(newhandle->req.protop); newhandle->req.protop = NULL; Curl_close(&newhandle); - rv = 1; + rv = CURL_PUSH_DENY; goto fail; } @@ -595,12 +598,13 @@ static int push_promise(struct Curl_easy *data, infof(data, "failed to set user_data for stream %d\n", frame->promised_stream_id); DEBUGASSERT(0); + rv = CURL_PUSH_DENY; goto fail; } } else { H2BUGF(infof(data, "Got PUSH_PROMISE, ignore it!\n")); - rv = 1; + rv = CURL_PUSH_DENY; } fail: return rv; @@ -737,11 +741,16 @@ static int on_frame_recv(nghttp2_session *session, const nghttp2_frame *frame, case NGHTTP2_PUSH_PROMISE: rv = push_promise(data_s, conn, &frame->push_promise); if(rv) { /* deny! */ - rv = nghttp2_submit_rst_stream(session, NGHTTP2_FLAG_NONE, + int h2; + DEBUGASSERT((rv > CURL_PUSH_OK) && (rv <= CURL_PUSH_ERROROUT)); + h2 = nghttp2_submit_rst_stream(session, NGHTTP2_FLAG_NONE, frame->push_promise.promised_stream_id, NGHTTP2_CANCEL); - if(nghttp2_is_fatal(rv)) { - return rv; + if(nghttp2_is_fatal(h2)) + return NGHTTP2_ERR_CALLBACK_FAILURE; + else if(rv == CURL_PUSH_ERROROUT) { + DEBUGF(infof(data_s, "Fail the parent stream (too)\n")); + return NGHTTP2_ERR_CALLBACK_FAILURE; } } break; @@ -839,7 +848,7 @@ static int on_stream_close(nghttp2_session *session, int32_t stream_id, return 0; } H2BUGF(infof(data_s, "on_stream_close(), %s (err %d), stream %u\n", - nghttp2_strerror(error_code), error_code, stream_id)); + nghttp2_http2_strerror(error_code), error_code, stream_id)); stream = data_s->req.protop; if(!stream) return NGHTTP2_ERR_CALLBACK_FAILURE; @@ -1006,18 +1015,11 @@ static int on_header(nghttp2_session *session, const nghttp2_frame *frame, if(stream->bodystarted) { /* This is a trailer */ - struct dynbuf trail; H2BUGF(infof(data_s, "h2 trailer: %.*s: %.*s\n", namelen, name, valuelen, value)); - Curl_dyn_init(&trail, DYN_H2_TRAILER); - result = Curl_dyn_addf(&trail, + result = Curl_dyn_addf(&stream->trailer_recvbuf, "%.*s: %.*s\r\n", namelen, name, valuelen, value); - if(!result) - result = Curl_client_write(conn, CLIENTWRITE_HEADER, - Curl_dyn_ptr(&trail), - Curl_dyn_len(&trail)); - Curl_dyn_free(&trail); if(result) return NGHTTP2_ERR_CALLBACK_FAILURE; @@ -1165,6 +1167,7 @@ void Curl_http2_done(struct Curl_easy *data, bool premature) /* there might be allocated resources done before this got the 'h2' pointer setup */ Curl_dyn_free(&http->header_recvbuf); + Curl_dyn_free(&http->trailer_recvbuf); if(http->push_headers) { /* if they weren't used and then freed before */ for(; http->push_headers_used > 0; --http->push_headers_used) { @@ -1174,7 +1177,8 @@ void Curl_http2_done(struct Curl_easy *data, bool premature) http->push_headers = NULL; } - if(!httpc->h2) /* not HTTP/2 ? */ + if(!(data->conn->handler->protocol&PROTO_FAMILY_HTTP) || + !httpc->h2) /* not HTTP/2 ? */ return; if(premature) { @@ -1203,6 +1207,13 @@ void Curl_http2_done(struct Curl_easy *data, bool premature) } http->stream_id = 0; } + + if(0 == nghttp2_session_check_request_allowed(httpc->h2)) { + /* No more requests are allowed in the current session, so the connection + may not be reused. This is set when a GOAWAY frame has been received or + when the limit of stream identifiers has been reached. */ + connclose(data->conn, "http/2: No new requests allowed"); + } } /* @@ -1456,7 +1467,7 @@ static ssize_t http2_handle_stream_close(struct connectdata *conn, } else if(httpc->error_code != NGHTTP2_NO_ERROR) { failf(data, "HTTP/2 stream %d was not closed cleanly: %s (err %u)", - stream->stream_id, nghttp2_strerror(httpc->error_code), + stream->stream_id, nghttp2_http2_strerror(httpc->error_code), httpc->error_code); *err = CURLE_HTTP2_STREAM; return -1; @@ -1470,6 +1481,31 @@ static ssize_t http2_handle_stream_close(struct connectdata *conn, return -1; } + if(Curl_dyn_len(&stream->trailer_recvbuf)) { + char *trailp = Curl_dyn_ptr(&stream->trailer_recvbuf); + char *lf; + + do { + size_t len = 0; + CURLcode result; + /* each trailer line ends with a newline */ + lf = strchr(trailp, '\n'); + if(!lf) + break; + len = lf + 1 - trailp; + + if(data->set.verbose) + Curl_debug(data, CURLINFO_HEADER_IN, trailp, len); + /* pass the trailers one by one to the callback */ + result = Curl_client_write(conn, CLIENTWRITE_HEADER, trailp, len); + if(result) { + *err = result; + return -1; + } + trailp = ++lf; + } while(lf); + } + stream->close_handled = TRUE; H2BUGF(infof(data, "http2_recv returns 0, http2_handle_stream_close\n")); @@ -2075,6 +2111,9 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex, h2_pri_spec(conn->data, &pri_spec); + H2BUGF(infof(conn->data, "http2_send request allowed %d (easy handle %p)\n", + nghttp2_session_check_request_allowed(h2), (void *)conn->data)); + switch(conn->data->state.httpreq) { case HTTPREQ_POST: case HTTPREQ_POST_FORM: @@ -2151,6 +2190,7 @@ CURLcode Curl_http2_setup(struct connectdata *conn) stream->stream_id = -1; Curl_dyn_init(&stream->header_recvbuf, DYN_H2_HEADERS); + Curl_dyn_init(&stream->trailer_recvbuf, DYN_H2_TRAILERS); if((conn->handler == &Curl_handler_http2_ssl) || (conn->handler == &Curl_handler_http2)) @@ -102,7 +102,9 @@ static void MD4_Final(unsigned char *result, MD4_CTX *ctx) #include <openssl/md4.h> #elif (defined(__MAC_OS_X_VERSION_MAX_ALLOWED) && \ - (__MAC_OS_X_VERSION_MAX_ALLOWED >= 1040)) || \ + (__MAC_OS_X_VERSION_MAX_ALLOWED >= 1040) && \ + defined(__MAC_OS_X_VERSION_MIN_ALLOWED) && \ + (__MAC_OS_X_VERSION_MIN_ALLOWED < 101500)) || \ (defined(__IPHONE_OS_VERSION_MAX_ALLOWED) && \ (__IPHONE_OS_VERSION_MAX_ALLOWED >= 20000)) @@ -139,7 +139,9 @@ static void MD5_Final(unsigned char *digest, MD5_CTX *ctx) } #elif (defined(__MAC_OS_X_VERSION_MAX_ALLOWED) && \ - (__MAC_OS_X_VERSION_MAX_ALLOWED >= 1040)) || \ + (__MAC_OS_X_VERSION_MAX_ALLOWED >= 1040) && \ + defined(__MAC_OS_X_VERSION_MIN_ALLOWED) && \ + (__MAC_OS_X_VERSION_MIN_ALLOWED < 101500)) || \ (defined(__IPHONE_OS_VERSION_MAX_ALLOWED) && \ (__IPHONE_OS_VERSION_MAX_ALLOWED >= 20000)) diff --git a/lib/memdebug.c b/lib/memdebug.c index 6cc2d1f6c..f7ed88539 100644 --- a/lib/memdebug.c +++ b/lib/memdebug.c @@ -456,6 +456,16 @@ FILE *curl_dbg_fopen(const char *file, const char *mode, return res; } +FILE *curl_dbg_fdopen(int filedes, const char *mode, + int line, const char *source) +{ + FILE *res = fdopen(filedes, mode); + if(source) + curl_dbg_log("FILE %s:%d fdopen(\"%d\",\"%s\") = %p\n", + source, line, filedes, mode, (void *)res); + return res; +} + int curl_dbg_fclose(FILE *file, int line, const char *source) { int res; diff --git a/lib/memdebug.h b/lib/memdebug.h index 7ca442626..4edafdfb5 100644 --- a/lib/memdebug.h +++ b/lib/memdebug.h @@ -8,7 +8,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -79,6 +79,9 @@ CURL_EXTERN RECV_TYPE_RETV curl_dbg_recv(RECV_TYPE_ARG1 sockfd, /* FILE functions */ CURL_EXTERN FILE *curl_dbg_fopen(const char *file, const char *mode, int line, const char *source); +CURL_EXTERN FILE *curl_dbg_fdopen(int filedes, const char *mode, + int line, const char *source); + CURL_EXTERN int curl_dbg_fclose(FILE *file, int line, const char *source); #ifndef MEMDEBUG_NODEFINES diff --git a/lib/mprintf.c b/lib/mprintf.c index 9458a9d1a..1989bc084 100644 --- a/lib/mprintf.c +++ b/lib/mprintf.c @@ -178,12 +178,14 @@ static long dprintf_DollarString(char *input, char **end) { int number = 0; while(ISDIGIT(*input)) { - number *= 10; - number += *input-'0'; + if(number < MAX_PARAMETERS) { + number *= 10; + number += *input - '0'; + } input++; } - if(number && ('$'==*input++)) { - *end = input; + if(number <= MAX_PARAMETERS && ('$' == *input)) { + *end = ++input; return number; } return 0; @@ -377,6 +379,8 @@ static int dprintf_Pass1(const char *format, struct va_stack *vto, if(width > max_param) max_param = width; break; + case '\0': + fmt--; default: break; } @@ -458,6 +462,9 @@ static int dprintf_Pass1(const char *format, struct va_stack *vto, /* we have the width specified from a parameter, so we make that parameter's info setup properly */ long k = width - 1; + if((k < 0) || (k >= MAX_PARAMETERS)) + /* out of allowed range */ + return 1; vto[i].width = k; vto[k].type = FORMAT_WIDTH; vto[k].flags = FLAGS_NEW; @@ -469,6 +476,9 @@ static int dprintf_Pass1(const char *format, struct va_stack *vto, /* we have the precision specified from a parameter, so we make that parameter's info setup properly */ long k = precision - 1; + if((k < 0) || (k >= MAX_PARAMETERS)) + /* out of allowed range */ + return 1; vto[i].precision = k; vto[k].type = FORMAT_WIDTH; vto[k].flags = FLAGS_NEW; @@ -476,7 +486,7 @@ static int dprintf_Pass1(const char *format, struct va_stack *vto, vto[k].width = 0; vto[k].precision = 0; } - *endpos++ = fmt + 1; /* end of this sequence */ + *endpos++ = fmt + ((*fmt == '\0') ? 0 : 1); /* end of this sequence */ } } @@ -754,7 +764,7 @@ static int dprintf_formatf( if(prec > 0) { width -= prec; - while(prec-- > 0) + while(prec-- > 0 && w >= work) *w-- = '0'; } @@ -918,6 +928,8 @@ static int dprintf_formatf( precision */ size_t maxprec = sizeof(work) - 2; double val = p->data.dnum; + if(width > 0 && prec <= width) + maxprec -= width; while(val >= 10.0) { val /= 10; maxprec--; @@ -925,6 +937,8 @@ static int dprintf_formatf( if(prec > (long)maxprec) prec = (long)maxprec-1; + if(prec < 0) + prec = 0; /* RECURSIVE USAGE */ len = curl_msnprintf(fptr, left, ".%ld", prec); fptr += len; diff --git a/lib/multi.c b/lib/multi.c index e1d193d78..581168f62 100644 --- a/lib/multi.c +++ b/lib/multi.c @@ -455,6 +455,7 @@ CURLMcode curl_multi_add_handle(struct Curl_multi *multi, data->state.conn_cache = &data->share->conn_cache; else data->state.conn_cache = &multi->conn_cache; + data->state.lastconnect_id = -1; #ifdef USE_LIBPSL /* Do the same for PSL. */ @@ -677,11 +678,11 @@ static CURLcode multi_done(struct Curl_easy *data, CONNCACHE_UNLOCK(data); if(Curl_conncache_return_conn(data, conn)) { /* remember the most recently used connection */ - data->state.lastconnect = conn; + data->state.lastconnect_id = conn->connection_id; infof(data, "%s\n", buffer); } else - data->state.lastconnect = NULL; + data->state.lastconnect_id = -1; } Curl_safefree(data->state.buffer); @@ -689,6 +690,26 @@ static CURLcode multi_done(struct Curl_easy *data, return result; } +static int close_connect_only(struct connectdata *conn, void *param) +{ + struct Curl_easy *data = param; + + if(data->state.lastconnect_id != conn->connection_id) + return 0; + + if(conn->data != data) + return 1; + conn->data = NULL; + + if(!conn->bits.connect_only) + return 1; + + connclose(conn, "Removing connect-only easy handle"); + conn->bits.connect_only = FALSE; + + return 1; +} + CURLMcode curl_multi_remove_handle(struct Curl_multi *multi, struct Curl_easy *data) { @@ -776,10 +797,6 @@ CURLMcode curl_multi_remove_handle(struct Curl_multi *multi, multi_done() as that may actually call Curl_expire that uses this */ Curl_llist_destroy(&data->state.timeoutlist, NULL); - /* as this was using a shared connection cache we clear the pointer to that - since we're not part of that multi handle anymore */ - data->state.conn_cache = NULL; - /* change state without using multistate(), only to make singlesocket() do what we want */ data->mstate = CURLM_STATE_COMPLETED; @@ -789,12 +806,22 @@ CURLMcode curl_multi_remove_handle(struct Curl_multi *multi, /* Remove the association between the connection and the handle */ Curl_detach_connnection(data); + if(data->state.lastconnect_id != -1) { + /* Mark any connect-only connection for closure */ + Curl_conncache_foreach(data, data->state.conn_cache, + data, &close_connect_only); + } + #ifdef USE_LIBPSL /* Remove the PSL association. */ if(data->psl == &multi->psl) data->psl = NULL; #endif + /* as this was using a shared connection cache we clear the pointer to that + since we're not part of that multi handle anymore */ + data->state.conn_cache = NULL; + data->multi = NULL; /* clear the association to this multi handle */ /* make sure there's no pending message in the queue sent from this easy @@ -958,19 +985,6 @@ static int multi_getsock(struct Curl_easy *data, switch(data->mstate) { default: -#if 0 /* switch back on these cases to get the compiler to check for all enums - to be present */ - case CURLM_STATE_TOOFAST: /* returns 0, so will not select. */ - case CURLM_STATE_COMPLETED: - case CURLM_STATE_MSGSENT: - case CURLM_STATE_INIT: - case CURLM_STATE_CONNECT: - case CURLM_STATE_WAITDO: - case CURLM_STATE_DONE: - case CURLM_STATE_LAST: - /* this will get called with CURLM_STATE_COMPLETED when a handle is - removed */ -#endif return 0; case CURLM_STATE_WAITRESOLVE: @@ -1255,7 +1269,7 @@ static CURLMcode Curl_multi_wait(struct Curl_multi *multi, sleep_ms = timeout_ms; /* when there are no easy handles in the multi, this holds a -1 timeout */ - else if((sleep_ms < 0) && extrawait) + else if(sleep_ms < 0) sleep_ms = timeout_ms; Curl_wait_ms(sleep_ms); } @@ -1808,7 +1822,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, multistate(data, CURLM_STATE_SENDPROTOCONNECT); } } - else if(result) + else stream_error = TRUE; break; #endif @@ -1858,7 +1872,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, multistate(data, CURLM_STATE_DO); rc = CURLM_CALL_MULTI_PERFORM; } - else if(result) { + else { /* failure detected */ Curl_posttransfer(data); multi_done(data, result, TRUE); @@ -2962,9 +2976,7 @@ CURLMcode curl_multi_setopt(struct Curl_multi *multi, long streams = va_arg(param, long); if(streams < 1) streams = 100; - multi->max_concurrent_streams = - (streams > (long)INITIAL_MAX_CONCURRENT_STREAMS)? - INITIAL_MAX_CONCURRENT_STREAMS : (unsigned int)streams; + multi->max_concurrent_streams = curlx_sltoui(streams); } break; default: diff --git a/lib/multihandle.h b/lib/multihandle.h index 91eca16c4..9d73df081 100644 --- a/lib/multihandle.h +++ b/lib/multihandle.h @@ -81,7 +81,7 @@ struct Curl_multi { this multi handle with an easy handle. Set this to CURL_MULTI_HANDLE. */ long type; - /* We have a doubly-linked circular list with easy handles */ + /* We have a doubly-linked list with easy handles */ struct Curl_easy *easyp; struct Curl_easy *easylp; /* last node */ diff --git a/lib/parsedate.c b/lib/parsedate.c index a06a60f64..e233550e7 100644 --- a/lib/parsedate.c +++ b/lib/parsedate.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -624,6 +624,7 @@ CURLcode Curl_gmtime(time_t intime, struct tm *store) /* thread-safe version */ tm = (struct tm *)gmtime_r(&intime, store); #else + /* !checksrc! disable BANNEDFUNC 1 */ tm = gmtime(&intime); if(tm) *store = *tm; /* copy the pointed struct to the local copy */ diff --git a/lib/rename.c b/lib/rename.c index bb170d3cc..fe5f95d0d 100644 --- a/lib/rename.c +++ b/lib/rename.c @@ -27,6 +27,7 @@ #if (!defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_COOKIES)) || \ defined(USE_ALTSVC) +#include "curl_multibyte.h" #include "timeval.h" /* The last 3 #include files should be in this order */ @@ -39,17 +40,25 @@ int Curl_rename(const char *oldpath, const char *newpath) { #ifdef WIN32 /* rename() on Windows doesn't overwrite, so we can't use it here. - MoveFileExA() will overwrite and is usually atomic, however it fails + MoveFileEx() will overwrite and is usually atomic, however it fails when there are open handles to the file. */ const int max_wait_ms = 1000; struct curltime start = Curl_now(); + TCHAR *tchar_oldpath = curlx_convert_UTF8_to_tchar((char *)oldpath); + TCHAR *tchar_newpath = curlx_convert_UTF8_to_tchar((char *)newpath); for(;;) { timediff_t diff; - if(MoveFileExA(oldpath, newpath, MOVEFILE_REPLACE_EXISTING)) + if(MoveFileEx(tchar_oldpath, tchar_newpath, MOVEFILE_REPLACE_EXISTING)) { + curlx_unicodefree(tchar_oldpath); + curlx_unicodefree(tchar_newpath); break; + } diff = Curl_timediff(Curl_now(), start); - if(diff < 0 || diff > max_wait_ms) + if(diff < 0 || diff > max_wait_ms) { + curlx_unicodefree(tchar_oldpath); + curlx_unicodefree(tchar_newpath); return 1; + } Sleep(1); } #else diff --git a/lib/setopt.c b/lib/setopt.c index b8fb98ef6..c044de3c3 100644 --- a/lib/setopt.c +++ b/lib/setopt.c @@ -274,6 +274,8 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param) if(data->set.opt_no_body) /* in HTTP lingo, no body means using the HEAD request... */ data->set.method = HTTPREQ_HEAD; + else if(data->set.method == HTTPREQ_HEAD) + data->set.method = HTTPREQ_GET; break; case CURLOPT_FAILONERROR: /* diff --git a/lib/smtp.c b/lib/smtp.c index 231e6c79b..7d8ef8406 100644 --- a/lib/smtp.c +++ b/lib/smtp.c @@ -1760,8 +1760,10 @@ static CURLcode smtp_parse_address(struct connectdata *conn, const char *fqma, return CURLE_OUT_OF_MEMORY; length = strlen(dup); - if(dup[length - 1] == '>') - dup[length - 1] = '\0'; + if(length) { + if(dup[length - 1] == '>') + dup[length - 1] = '\0'; + } /* Extract the host name from the address (if we can) */ host->name = strpbrk(dup, "@"); diff --git a/lib/socks.c b/lib/socks.c index b2215fef3..44783d015 100644 --- a/lib/socks.c +++ b/lib/socks.c @@ -327,18 +327,18 @@ CURLcode Curl_SOCKS4(const char *proxy_user, * Make connection */ { - ssize_t packetsize = 9 + + size_t packetsize = 9 + strlen((char *)socksreq + 8); /* size including NUL */ /* If SOCKS4a, set special invalid IP address 0.0.0.x */ if(protocol4a) { - ssize_t hostnamelen = 0; + size_t hostnamelen = 0; socksreq[4] = 0; socksreq[5] = 0; socksreq[6] = 0; socksreq[7] = 1; /* append hostname */ - hostnamelen = (ssize_t)strlen(hostname) + 1; /* length including NUL */ + hostnamelen = strlen(hostname) + 1; /* length including NUL */ if(hostnamelen <= 255) strcpy((char *)socksreq + packetsize, hostname); else { diff --git a/lib/strdup.c b/lib/strdup.c index cca97f3c6..8444357a7 100644 --- a/lib/strdup.c +++ b/lib/strdup.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -39,19 +39,14 @@ char *curlx_strdup(const char *str) if(!str) return (char *)NULL; - len = strlen(str); + len = strlen(str) + 1; - if(len >= ((size_t)-1) / sizeof(char)) - return (char *)NULL; - - newstr = malloc((len + 1)*sizeof(char)); + newstr = malloc(len); if(!newstr) return (char *)NULL; - memcpy(newstr, str, (len + 1)*sizeof(char)); - + memcpy(newstr, str, len); return newstr; - } #endif diff --git a/lib/system_win32.c b/lib/system_win32.c index eef33b5e8..55a6ebfeb 100644 --- a/lib/system_win32.c +++ b/lib/system_win32.c @@ -26,6 +26,7 @@ #include <gnurl/curl.h> #include "system_win32.h" +#include "version_win32.h" #include "curl_sspi.h" #include "warnless.h" @@ -106,8 +107,8 @@ CURLcode Curl_win32_init(long flags) Curl_if_nametoindex = pIfNameToIndex; } - if(Curl_verify_windows_version(6, 0, PLATFORM_WINNT, - VERSION_GREATER_THAN_EQUAL)) { + if(curlx_verify_windows_version(6, 0, PLATFORM_WINNT, + VERSION_GREATER_THAN_EQUAL)) { Curl_isVistaOrGreater = TRUE; } else @@ -160,198 +161,6 @@ typedef HMODULE (APIENTRY *LOADLIBRARYEX_FN)(LPCTSTR, HANDLE, DWORD); #endif /* - * Curl_verify_windows_version() - * - * This is used to verify if we are running on a specific windows version. - * - * Parameters: - * - * majorVersion [in] - The major version number. - * minorVersion [in] - The minor version number. - * platform [in] - The optional platform identifier. - * condition [in] - The test condition used to specifier whether we are - * checking a version less then, equal to or greater than - * what is specified in the major and minor version - * numbers. - * - * Returns TRUE if matched; otherwise FALSE. - */ -bool Curl_verify_windows_version(const unsigned int majorVersion, - const unsigned int minorVersion, - const PlatformIdentifier platform, - const VersionCondition condition) -{ - bool matched = FALSE; - -#if defined(CURL_WINDOWS_APP) - /* We have no way to determine the Windows version from Windows apps, - so let's assume we're running on the target Windows version. */ - const WORD fullVersion = MAKEWORD(minorVersion, majorVersion); - const WORD targetVersion = (WORD)_WIN32_WINNT; - - switch(condition) { - case VERSION_LESS_THAN: - matched = targetVersion < fullVersion; - break; - - case VERSION_LESS_THAN_EQUAL: - matched = targetVersion <= fullVersion; - break; - - case VERSION_EQUAL: - matched = targetVersion == fullVersion; - break; - - case VERSION_GREATER_THAN_EQUAL: - matched = targetVersion >= fullVersion; - break; - - case VERSION_GREATER_THAN: - matched = targetVersion > fullVersion; - break; - } - - if(matched && (platform == PLATFORM_WINDOWS)) { - /* we're always running on PLATFORM_WINNT */ - matched = FALSE; - } -#elif !defined(_WIN32_WINNT) || !defined(_WIN32_WINNT_WIN2K) || \ - (_WIN32_WINNT < _WIN32_WINNT_WIN2K) - OSVERSIONINFO osver; - - memset(&osver, 0, sizeof(osver)); - osver.dwOSVersionInfoSize = sizeof(osver); - - /* Find out Windows version */ - if(GetVersionEx(&osver)) { - /* Verify the Operating System version number */ - switch(condition) { - case VERSION_LESS_THAN: - if(osver.dwMajorVersion < majorVersion || - (osver.dwMajorVersion == majorVersion && - osver.dwMinorVersion < minorVersion)) - matched = TRUE; - break; - - case VERSION_LESS_THAN_EQUAL: - if(osver.dwMajorVersion < majorVersion || - (osver.dwMajorVersion == majorVersion && - osver.dwMinorVersion <= minorVersion)) - matched = TRUE; - break; - - case VERSION_EQUAL: - if(osver.dwMajorVersion == majorVersion && - osver.dwMinorVersion == minorVersion) - matched = TRUE; - break; - - case VERSION_GREATER_THAN_EQUAL: - if(osver.dwMajorVersion > majorVersion || - (osver.dwMajorVersion == majorVersion && - osver.dwMinorVersion >= minorVersion)) - matched = TRUE; - break; - - case VERSION_GREATER_THAN: - if(osver.dwMajorVersion > majorVersion || - (osver.dwMajorVersion == majorVersion && - osver.dwMinorVersion > minorVersion)) - matched = TRUE; - break; - } - - /* Verify the platform identifier (if necessary) */ - if(matched) { - switch(platform) { - case PLATFORM_WINDOWS: - if(osver.dwPlatformId != VER_PLATFORM_WIN32_WINDOWS) - matched = FALSE; - break; - - case PLATFORM_WINNT: - if(osver.dwPlatformId != VER_PLATFORM_WIN32_NT) - matched = FALSE; - - default: /* like platform == PLATFORM_DONT_CARE */ - break; - } - } - } -#else - ULONGLONG cm = 0; - OSVERSIONINFOEX osver; - BYTE majorCondition; - BYTE minorCondition; - BYTE spMajorCondition; - BYTE spMinorCondition; - - switch(condition) { - case VERSION_LESS_THAN: - majorCondition = VER_LESS; - minorCondition = VER_LESS; - spMajorCondition = VER_LESS_EQUAL; - spMinorCondition = VER_LESS_EQUAL; - break; - - case VERSION_LESS_THAN_EQUAL: - majorCondition = VER_LESS_EQUAL; - minorCondition = VER_LESS_EQUAL; - spMajorCondition = VER_LESS_EQUAL; - spMinorCondition = VER_LESS_EQUAL; - break; - - case VERSION_EQUAL: - majorCondition = VER_EQUAL; - minorCondition = VER_EQUAL; - spMajorCondition = VER_GREATER_EQUAL; - spMinorCondition = VER_GREATER_EQUAL; - break; - - case VERSION_GREATER_THAN_EQUAL: - majorCondition = VER_GREATER_EQUAL; - minorCondition = VER_GREATER_EQUAL; - spMajorCondition = VER_GREATER_EQUAL; - spMinorCondition = VER_GREATER_EQUAL; - break; - - case VERSION_GREATER_THAN: - majorCondition = VER_GREATER; - minorCondition = VER_GREATER; - spMajorCondition = VER_GREATER_EQUAL; - spMinorCondition = VER_GREATER_EQUAL; - break; - - default: - return FALSE; - } - - memset(&osver, 0, sizeof(osver)); - osver.dwOSVersionInfoSize = sizeof(osver); - osver.dwMajorVersion = majorVersion; - osver.dwMinorVersion = minorVersion; - if(platform == PLATFORM_WINDOWS) - osver.dwPlatformId = VER_PLATFORM_WIN32_WINDOWS; - else if(platform == PLATFORM_WINNT) - osver.dwPlatformId = VER_PLATFORM_WIN32_NT; - - cm = VerSetConditionMask(cm, VER_MAJORVERSION, majorCondition); - cm = VerSetConditionMask(cm, VER_MINORVERSION, minorCondition); - cm = VerSetConditionMask(cm, VER_SERVICEPACKMAJOR, spMajorCondition); - cm = VerSetConditionMask(cm, VER_SERVICEPACKMINOR, spMinorCondition); - if(platform != PLATFORM_DONT_CARE) - cm = VerSetConditionMask(cm, VER_PLATFORMID, VER_EQUAL); - - if(VerifyVersionInfo(&osver, (VER_MAJORVERSION | VER_MINORVERSION | - VER_SERVICEPACKMAJOR | VER_SERVICEPACKMINOR), - cm)) - matched = TRUE; -#endif - - return matched; -} - -/* * Curl_load_library() * * This is used to dynamically load DLLs using the most secure method available diff --git a/lib/system_win32.h b/lib/system_win32.h index d2882fce1..2547bda95 100644 --- a/lib/system_win32.h +++ b/lib/system_win32.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 2016 - 2019, Steve Holme, <steve_holme@hotmail.com>. + * Copyright (C) 2016 - 2020, Steve Holme, <steve_holme@hotmail.com>. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -32,34 +32,12 @@ extern bool Curl_isVistaOrGreater; CURLcode Curl_win32_init(long flags); void Curl_win32_cleanup(long init_flags); -/* Version condition */ -typedef enum { - VERSION_LESS_THAN, - VERSION_LESS_THAN_EQUAL, - VERSION_EQUAL, - VERSION_GREATER_THAN_EQUAL, - VERSION_GREATER_THAN -} VersionCondition; - -/* Platform identifier */ -typedef enum { - PLATFORM_DONT_CARE, - PLATFORM_WINDOWS, - PLATFORM_WINNT -} PlatformIdentifier; - /* We use our own typedef here since some headers might lack this */ typedef unsigned int(WINAPI *IF_NAMETOINDEX_FN)(const char *); /* This is used instead of if_nametoindex if available on Windows */ extern IF_NAMETOINDEX_FN Curl_if_nametoindex; -/* This is used to verify if we are running on a specific windows version */ -bool Curl_verify_windows_version(const unsigned int majorVersion, - const unsigned int minorVersion, - const PlatformIdentifier platform, - const VersionCondition condition); - /* This is used to dynamically load DLLs */ HMODULE Curl_load_library(LPCTSTR filename); diff --git a/lib/transfer.c b/lib/transfer.c index 9fe47ab1f..8c48bde69 100644 --- a/lib/transfer.c +++ b/lib/transfer.c @@ -487,6 +487,12 @@ CURLcode Curl_readrewind(struct connectdata *conn) static int data_pending(const struct Curl_easy *data) { struct connectdata *conn = data->conn; + +#ifdef ENABLE_QUIC + if(conn->transport == TRNSPRT_QUIC) + return Curl_quic_data_pending(data); +#endif + /* in the case of libssh2, we can never be really sure that we have emptied its internal buffers so we MUST always try until we get EAGAIN back */ return conn->handler->protocol&(CURLPROTO_SCP|CURLPROTO_SFTP) || @@ -500,8 +506,6 @@ static int data_pending(const struct Curl_easy *data) be called and we cannot signal the HTTP/2 stream has closed. As a workaround, we return nonzero here to call http2_recv. */ ((conn->handler->protocol&PROTO_FAMILY_HTTP) && conn->httpversion >= 20); -#elif defined(ENABLE_QUIC) - Curl_ssl_data_pending(conn, FIRSTSOCKET) || Curl_quic_data_pending(data); #else Curl_ssl_data_pending(conn, FIRSTSOCKET); #endif @@ -1441,8 +1445,9 @@ CURLcode Curl_pretransfer(struct Curl_easy *data) if(!data->change.url && data->set.uh) { CURLUcode uc; + free(data->set.str[STRING_SET_URL]); uc = curl_url_get(data->set.uh, - CURLUPART_URL, &data->set.str[STRING_SET_URL], 0); + CURLUPART_URL, &data->set.str[STRING_SET_URL], 0); if(uc) { failf(data, "No URL set!"); return CURLE_URL_MALFORMAT; @@ -1799,12 +1804,14 @@ CURLcode Curl_retry_request(struct connectdata *conn, } if(retry) { #define CONN_MAX_RETRIES 5 - if(conn->retrycount++ >= CONN_MAX_RETRIES) { + if(data->state.retrycount++ >= CONN_MAX_RETRIES) { failf(data, "Connection died, tried %d times before giving up", CONN_MAX_RETRIES); + data->state.retrycount = 0; return CURLE_SEND_ERROR; } - infof(conn->data, "Connection died, retrying a fresh connect\n"); + infof(conn->data, "Connection died, retrying a fresh connect\ +(retry count: %d)\n", data->state.retrycount); *url = strdup(conn->data->change.url); if(!*url) return CURLE_OUT_OF_MEMORY; @@ -630,7 +630,7 @@ CURLcode Curl_open(struct Curl_easy **curl) Curl_initinfo(data); /* most recent connection is not yet defined */ - data->state.lastconnect = NULL; + data->state.lastconnect_id = -1; data->progress.flags |= PGRS_HIDE; data->state.current_speed = -1; /* init to negative == impossible */ @@ -1836,11 +1836,12 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data, CURLU *uh; CURLUcode uc; char *hostname; + bool use_set_uh = (data->set.uh && !data->state.this_is_a_follow); up_free(data); /* cleanup previous leftovers first */ /* parse the URL */ - if(data->set.uh) { + if(use_set_uh) { uh = data->state.uh = curl_url_dup(data->set.uh); } else { @@ -1863,7 +1864,7 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data, data->change.url_alloc = TRUE; } - if(!data->set.uh) { + if(!use_set_uh) { char *newurl; uc = curl_url_set(uh, CURLUPART_URL, data->change.url, CURLU_GUESS_SCHEME | @@ -3170,7 +3171,7 @@ static CURLcode resolve_server(struct Curl_easy *data, else { /* this is a fresh connect */ int rc; - struct Curl_dns_entry *hostaddr; + struct Curl_dns_entry *hostaddr = NULL; #ifdef USE_UNIX_SOCKETS if(conn->unix_domain_socket) { diff --git a/lib/urldata.h b/lib/urldata.h index 5c5be331e..5bfa412a2 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -1091,7 +1091,6 @@ struct connectdata { struct http_connect_state *connect_state; /* for HTTP CONNECT */ struct connectbundle *bundle; /* The bundle we are member of */ int negnpn; /* APLN or NPN TLS negotiated protocol, CURL_HTTP_VERSION* */ - int retrycount; /* number of retries on a new connection */ #ifdef USE_UNIX_SOCKETS char *unix_domain_socket; #endif @@ -1196,7 +1195,6 @@ typedef enum { HTTPREQ_POST_MIME, /* we make a difference internally */ HTTPREQ_PUT, HTTPREQ_HEAD, - HTTPREQ_OPTIONS, HTTPREQ_LAST /* last in list */ } Curl_HttpReq; @@ -1298,10 +1296,12 @@ struct UrlState { /* Points to the connection cache */ struct conncache *conn_cache; + int retrycount; /* number of retries on a new connection */ + /* buffers to store authentication data in, as parsed from input options */ struct curltime keeps_speed; /* for the progress meter really */ - struct connectdata *lastconnect; /* The last connection, NULL if undefined */ + long lastconnect_id; /* The last connection, -1 if undefined */ struct dynbuf headerb; /* buffer to store headers in */ char *buffer; /* download buffer */ diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c index 3b46e1a46..ecfeacb9a 100644 --- a/lib/vauth/ntlm.c +++ b/lib/vauth/ntlm.c @@ -191,6 +191,7 @@ static CURLcode ntlm_decode_type2_target(struct Curl_easy *data, return CURLE_BAD_CONTENT_ENCODING; } + free(ntlm->target_info); /* replace any previous data */ ntlm->target_info = malloc(target_info_len); if(!ntlm->target_info) return CURLE_OUT_OF_MEMORY; diff --git a/lib/version.c b/lib/version.c index 3724c3392..120176500 100644 --- a/lib/version.c +++ b/lib/version.c @@ -66,6 +66,10 @@ #include <brotli/decode.h> #endif +#ifdef HAVE_ZSTD +#include <zstd.h> +#endif + #ifdef HAVE_BROTLI static size_t brotli_version(char *buf, size_t bufsz) { @@ -78,6 +82,20 @@ static size_t brotli_version(char *buf, size_t bufsz) } #endif +#ifdef HAVE_ZSTD +static size_t zstd_version(char *buf, size_t bufsz) +{ + unsigned long zstd_version = (unsigned long)ZSTD_versionNumber(); + unsigned int major = (unsigned int)(zstd_version / (100 * 100)); + unsigned int minor = (unsigned int)((zstd_version - + (major * 100 * 100)) / 100); + unsigned int patch = (unsigned int)(zstd_version - + (major * 100 * 100) - (minor * 100)); + + return msnprintf(buf, bufsz, "%u.%u.%u", major, minor, patch); +} +#endif + /* * curl_version() returns a pointer to a static buffer. * @@ -103,6 +121,9 @@ char *curl_version(void) #ifdef HAVE_BROTLI char br_version[40] = "brotli/"; #endif +#ifdef HAVE_ZSTD + char zst_version[40] = "zstd/"; +#endif #ifdef USE_ARES char cares_version[40]; #endif @@ -153,6 +174,10 @@ char *curl_version(void) brotli_version(&br_version[7], sizeof(br_version) - 7); src[i++] = br_version; #endif +#ifdef HAVE_ZSTD + zstd_version(&zst_version[5], sizeof(zst_version) - 5); + src[i++] = zst_version; +#endif #ifdef USE_ARES msnprintf(cares_version, sizeof(cares_version), "c-ares/%s", ares_version(NULL)); @@ -365,6 +390,9 @@ static curl_version_info_data version_info = { ( (SIZEOF_OFF_T > 4) || defined(USE_WIN32_LARGE_FILES) ) | CURL_VERSION_LARGEFILE #endif +#if defined(WIN32) && defined(UNICODE) && defined(_UNICODE) + | CURL_VERSION_UNICODE +#endif #if defined(CURL_DOES_CONVERSIONS) | CURL_VERSION_CONV #endif @@ -389,6 +417,9 @@ static curl_version_info_data version_info = { #if defined(HAVE_BROTLI) | CURL_VERSION_BROTLI #endif +#if defined(HAVE_ZSTD) + | CURL_VERSION_ZSTD +#endif #if defined(USE_ALTSVC) | CURL_VERSION_ALTSVC #endif @@ -413,10 +444,12 @@ static curl_version_info_data version_info = { NULL, #endif #ifdef CURL_CA_PATH - CURL_CA_PATH /* capath */ + CURL_CA_PATH, /* capath */ #else - NULL + NULL, #endif + 0, /* zstd_ver_num */ + NULL /* zstd version */ }; curl_version_info_data *curl_version_info(CURLversion stamp) @@ -434,6 +467,10 @@ curl_version_info_data *curl_version_info(CURLversion stamp) #ifdef HAVE_BROTLI static char brotli_buffer[80]; #endif +#ifdef HAVE_ZSTD + static char zstd_buffer[80]; +#endif + #ifdef USE_SSL Curl_ssl_version(ssl_buffer, sizeof(ssl_buffer)); @@ -485,6 +522,12 @@ curl_version_info_data *curl_version_info(CURLversion stamp) version_info.brotli_version = brotli_buffer; #endif +#ifdef HAVE_ZSTD + version_info.zstd_ver_num = (unsigned int)ZSTD_versionNumber(); + zstd_version(zstd_buffer, sizeof(zstd_buffer)); + version_info.zstd_version = zstd_buffer; +#endif + #ifdef USE_NGHTTP2 { nghttp2_info *h2 = nghttp2_version(0); diff --git a/lib/version_win32.c b/lib/version_win32.c new file mode 100644 index 000000000..6561d36be --- /dev/null +++ b/lib/version_win32.c @@ -0,0 +1,226 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 2016 - 2020, Steve Holme, <steve_holme@hotmail.com>. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if defined(WIN32) + +#include <curl/curl.h> +#include "version_win32.h" + +/* The last #include files should be: */ +#include "curl_memory.h" +#include "memdebug.h" + +/* + * curlx_verify_windows_version() + * + * This is used to verify if we are running on a specific windows version. + * + * Parameters: + * + * majorVersion [in] - The major version number. + * minorVersion [in] - The minor version number. + * platform [in] - The optional platform identifier. + * condition [in] - The test condition used to specifier whether we are + * checking a version less then, equal to or greater than + * what is specified in the major and minor version + * numbers. + * + * Returns TRUE if matched; otherwise FALSE. + */ +bool curlx_verify_windows_version(const unsigned int majorVersion, + const unsigned int minorVersion, + const PlatformIdentifier platform, + const VersionCondition condition) +{ + bool matched = FALSE; + +#if defined(CURL_WINDOWS_APP) + /* We have no way to determine the Windows version from Windows apps, + so let's assume we're running on the target Windows version. */ + const WORD fullVersion = MAKEWORD(minorVersion, majorVersion); + const WORD targetVersion = (WORD)_WIN32_WINNT; + + switch(condition) { + case VERSION_LESS_THAN: + matched = targetVersion < fullVersion; + break; + + case VERSION_LESS_THAN_EQUAL: + matched = targetVersion <= fullVersion; + break; + + case VERSION_EQUAL: + matched = targetVersion == fullVersion; + break; + + case VERSION_GREATER_THAN_EQUAL: + matched = targetVersion >= fullVersion; + break; + + case VERSION_GREATER_THAN: + matched = targetVersion > fullVersion; + break; + } + + if(matched && (platform == PLATFORM_WINDOWS)) { + /* we're always running on PLATFORM_WINNT */ + matched = FALSE; + } +#elif !defined(_WIN32_WINNT) || !defined(_WIN32_WINNT_WIN2K) || \ + (_WIN32_WINNT < _WIN32_WINNT_WIN2K) + OSVERSIONINFO osver; + + memset(&osver, 0, sizeof(osver)); + osver.dwOSVersionInfoSize = sizeof(osver); + + /* Find out Windows version */ + if(GetVersionEx(&osver)) { + /* Verify the Operating System version number */ + switch(condition) { + case VERSION_LESS_THAN: + if(osver.dwMajorVersion < majorVersion || + (osver.dwMajorVersion == majorVersion && + osver.dwMinorVersion < minorVersion)) + matched = TRUE; + break; + + case VERSION_LESS_THAN_EQUAL: + if(osver.dwMajorVersion < majorVersion || + (osver.dwMajorVersion == majorVersion && + osver.dwMinorVersion <= minorVersion)) + matched = TRUE; + break; + + case VERSION_EQUAL: + if(osver.dwMajorVersion == majorVersion && + osver.dwMinorVersion == minorVersion) + matched = TRUE; + break; + + case VERSION_GREATER_THAN_EQUAL: + if(osver.dwMajorVersion > majorVersion || + (osver.dwMajorVersion == majorVersion && + osver.dwMinorVersion >= minorVersion)) + matched = TRUE; + break; + + case VERSION_GREATER_THAN: + if(osver.dwMajorVersion > majorVersion || + (osver.dwMajorVersion == majorVersion && + osver.dwMinorVersion > minorVersion)) + matched = TRUE; + break; + } + + /* Verify the platform identifier (if necessary) */ + if(matched) { + switch(platform) { + case PLATFORM_WINDOWS: + if(osver.dwPlatformId != VER_PLATFORM_WIN32_WINDOWS) + matched = FALSE; + break; + + case PLATFORM_WINNT: + if(osver.dwPlatformId != VER_PLATFORM_WIN32_NT) + matched = FALSE; + + default: /* like platform == PLATFORM_DONT_CARE */ + break; + } + } + } +#else + ULONGLONG cm = 0; + OSVERSIONINFOEX osver; + BYTE majorCondition; + BYTE minorCondition; + BYTE spMajorCondition; + BYTE spMinorCondition; + + switch(condition) { + case VERSION_LESS_THAN: + majorCondition = VER_LESS; + minorCondition = VER_LESS; + spMajorCondition = VER_LESS_EQUAL; + spMinorCondition = VER_LESS_EQUAL; + break; + + case VERSION_LESS_THAN_EQUAL: + majorCondition = VER_LESS_EQUAL; + minorCondition = VER_LESS_EQUAL; + spMajorCondition = VER_LESS_EQUAL; + spMinorCondition = VER_LESS_EQUAL; + break; + + case VERSION_EQUAL: + majorCondition = VER_EQUAL; + minorCondition = VER_EQUAL; + spMajorCondition = VER_GREATER_EQUAL; + spMinorCondition = VER_GREATER_EQUAL; + break; + + case VERSION_GREATER_THAN_EQUAL: + majorCondition = VER_GREATER_EQUAL; + minorCondition = VER_GREATER_EQUAL; + spMajorCondition = VER_GREATER_EQUAL; + spMinorCondition = VER_GREATER_EQUAL; + break; + + case VERSION_GREATER_THAN: + majorCondition = VER_GREATER; + minorCondition = VER_GREATER; + spMajorCondition = VER_GREATER_EQUAL; + spMinorCondition = VER_GREATER_EQUAL; + break; + + default: + return FALSE; + } + + memset(&osver, 0, sizeof(osver)); + osver.dwOSVersionInfoSize = sizeof(osver); + osver.dwMajorVersion = majorVersion; + osver.dwMinorVersion = minorVersion; + if(platform == PLATFORM_WINDOWS) + osver.dwPlatformId = VER_PLATFORM_WIN32_WINDOWS; + else if(platform == PLATFORM_WINNT) + osver.dwPlatformId = VER_PLATFORM_WIN32_NT; + + cm = VerSetConditionMask(cm, VER_MAJORVERSION, majorCondition); + cm = VerSetConditionMask(cm, VER_MINORVERSION, minorCondition); + cm = VerSetConditionMask(cm, VER_SERVICEPACKMAJOR, spMajorCondition); + cm = VerSetConditionMask(cm, VER_SERVICEPACKMINOR, spMinorCondition); + if(platform != PLATFORM_DONT_CARE) + cm = VerSetConditionMask(cm, VER_PLATFORMID, VER_EQUAL); + + if(VerifyVersionInfo(&osver, (VER_MAJORVERSION | VER_MINORVERSION | + VER_SERVICEPACKMAJOR | VER_SERVICEPACKMINOR), + cm)) + matched = TRUE; +#endif + + return matched; +} + +#endif /* WIN32 */ diff --git a/lib/version_win32.h b/lib/version_win32.h new file mode 100644 index 000000000..94cc62667 --- /dev/null +++ b/lib/version_win32.h @@ -0,0 +1,53 @@ +#ifndef HEADER_CURL_VERSION_WIN32_H +#define HEADER_CURL_VERSION_WIN32_H +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 2016 - 2020, Steve Holme, <steve_holme@hotmail.com>. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if defined(WIN32) + +/* Version condition */ +typedef enum { + VERSION_LESS_THAN, + VERSION_LESS_THAN_EQUAL, + VERSION_EQUAL, + VERSION_GREATER_THAN_EQUAL, + VERSION_GREATER_THAN +} VersionCondition; + +/* Platform identifier */ +typedef enum { + PLATFORM_DONT_CARE, + PLATFORM_WINDOWS, + PLATFORM_WINNT +} PlatformIdentifier; + +/* This is used to verify if we are running on a specific windows version */ +bool curlx_verify_windows_version(const unsigned int majorVersion, + const unsigned int minorVersion, + const PlatformIdentifier platform, + const VersionCondition condition); + +#endif /* WIN32 */ + +#endif /* HEADER_CURL_VERSION_WIN32_H */ diff --git a/lib/vquic/ngtcp2.c b/lib/vquic/ngtcp2.c index d29cb378d..20ee08dd6 100644 --- a/lib/vquic/ngtcp2.c +++ b/lib/vquic/ngtcp2.c @@ -150,9 +150,11 @@ quic_from_gtls_level(gnutls_record_encryption_level_t gtls_level) } #endif -static void qlog_callback(void *user_data, const void *data, size_t datalen) +static void qlog_callback(void *user_data, uint32_t flags, + const void *data, size_t datalen) { struct quicsocket *qs = (struct quicsocket *)user_data; + (void)flags; if(qs->qlogfd != -1) { ssize_t rc = write(qs->qlogfd, data, datalen); if(rc == -1) { @@ -826,9 +828,8 @@ CURLcode Curl_quic_connect(struct connectdata *conn, if(rv == -1) return CURLE_QUIC_CONNECT_ERROR; - ngtcp2_addr_init(&path.local, (uint8_t *)&qs->local_addr, qs->local_addrlen, - NULL); - ngtcp2_addr_init(&path.remote, (uint8_t*)addr, addrlen, NULL); + ngtcp2_addr_init(&path.local, &qs->local_addr, qs->local_addrlen, NULL); + ngtcp2_addr_init(&path.remote, addr, addrlen, NULL); #ifdef NGTCP2_PROTO_VER #define QUICVER NGTCP2_PROTO_VER @@ -1744,10 +1745,10 @@ static CURLcode ng_process_ingress(struct connectdata *conn, int sockfd, return CURLE_RECV_ERROR; } - ngtcp2_addr_init(&path.local, (uint8_t *)&qs->local_addr, + ngtcp2_addr_init(&path.local, &qs->local_addr, qs->local_addrlen, NULL); - ngtcp2_addr_init(&path.remote, (uint8_t *)&remote_addr, remote_addrlen, - NULL); + ngtcp2_addr_init(&path.remote, (struct sockaddr *)&remote_addr, + remote_addrlen, NULL); rv = ngtcp2_conn_read_pkt(qs->qconn, &path, buf, recvd, ts); if(rv != 0) { @@ -1778,7 +1779,7 @@ static CURLcode ng_flush_egress(struct connectdata *conn, int sockfd, nghttp3_vec vec[16]; ssize_t ndatalen; - switch(qs->local_addr.ss_family) { + switch(qs->local_addr.sa_family) { case AF_INET: pktlen = NGTCP2_MAX_PKTLEN_IPV4; break; @@ -1834,7 +1835,7 @@ static CURLcode ng_flush_egress(struct connectdata *conn, int sockfd, } continue; } - else if(outlen == NGTCP2_ERR_WRITE_STREAM_MORE) { + else if(outlen == NGTCP2_ERR_WRITE_MORE) { assert(ndatalen > 0); rv = nghttp3_conn_add_write_offset(qs->h3conn, stream_id, ndatalen); diff --git a/lib/vquic/ngtcp2.h b/lib/vquic/ngtcp2.h index e2f8b5600..afdd01b7c 100644 --- a/lib/vquic/ngtcp2.h +++ b/lib/vquic/ngtcp2.h @@ -58,7 +58,7 @@ struct quicsocket { struct quic_handshake crypto_data[3]; /* the last TLS alert description generated by the local endpoint */ uint8_t tls_alert; - struct sockaddr_storage local_addr; + struct sockaddr local_addr; socklen_t local_addrlen; nghttp3_conn *h3conn; diff --git a/lib/vquic/quiche.c b/lib/vquic/quiche.c index be6f15c19..fd9cb8bd3 100644 --- a/lib/vquic/quiche.c +++ b/lib/vquic/quiche.c @@ -95,8 +95,14 @@ static CURLcode qs_disconnect(struct quicsocket *qs) quiche_h3_config_free(qs->h3config); if(qs->h3c) quiche_h3_conn_free(qs->h3c); - quiche_config_free(qs->cfg); - quiche_conn_free(qs->conn); + if(qs->cfg) { + quiche_config_free(qs->cfg); + qs->cfg = NULL; + } + if(qs->conn) { + quiche_conn_free(qs->conn); + qs->conn = NULL; + } return CURLE_OK; } diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index 8c3944d8b..87cbe916e 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -1256,7 +1256,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block) result = CURLE_SSH; sshc->actualcode = result; DEBUGF(infof(data, "error = %d makes libcurl = %d\n", - ssherr, (int)result)); + sftperr, (int)result)); state(conn, SSH_STOP); break; } diff --git a/lib/vtls/bearssl.c b/lib/vtls/bearssl.c index 628e16a12..44e7406e8 100644 --- a/lib/vtls/bearssl.c +++ b/lib/vtls/bearssl.c @@ -300,8 +300,12 @@ static CURLcode bearssl_connect_step1(struct connectdata *conn, int sockindex) struct ssl_connect_data *connssl = &conn->ssl[sockindex]; struct ssl_backend_data *backend = connssl->backend; const char * const ssl_cafile = SSL_CONN_CONFIG(CAfile); +#ifndef CURL_DISABLE_PROXY const char *hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name : conn->host.name; +#else + const char *hostname = conn->host.name; +#endif const bool verifypeer = SSL_CONN_CONFIG(verifypeer); const bool verifyhost = SSL_CONN_CONFIG(verifyhost); CURLcode ret; @@ -386,8 +390,11 @@ static CURLcode bearssl_connect_step1(struct connectdata *conn, int sockindex) */ #ifdef USE_NGHTTP2 - if(data->set.httpversion >= CURL_HTTP_VERSION_2 && - (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy)) { + if(data->set.httpversion >= CURL_HTTP_VERSION_2 +#ifndef CURL_DISABLE_PROXY + && (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy) +#endif + ) { backend->protocols[cur++] = NGHTTP2_PROTO_VERSION_ID; infof(data, "ALPN, offering %s\n", NGHTTP2_PROTO_VERSION_ID); } diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 9b4c3659a..16b0bd6cb 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -399,10 +399,15 @@ gtls_connect_step1(struct connectdata *conn, #endif const char *prioritylist; const char *err = NULL; +#ifndef CURL_DISABLE_PROXY const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name : conn->host.name; long * const certverifyresult = SSL_IS_PROXY() ? &data->set.proxy_ssl.certverifyresult : &data->set.ssl.certverifyresult; +#else + const char * const hostname = conn->host.name; + long * const certverifyresult = &data->set.ssl.certverifyresult; +#endif if(connssl->state == ssl_connection_complete) /* to make us tolerant against being called more than once for the @@ -620,8 +625,11 @@ gtls_connect_step1(struct connectdata *conn, gnutls_datum_t protocols[2]; #ifdef USE_NGHTTP2 - if(data->set.httpversion >= CURL_HTTP_VERSION_2 && - (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy)) { + if(data->set.httpversion >= CURL_HTTP_VERSION_2 +#ifndef CURL_DISABLE_PROXY + && (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy) +#endif + ) { protocols[cur].data = (unsigned char *)NGHTTP2_PROTO_VERSION_ID; protocols[cur].size = NGHTTP2_PROTO_VERSION_ID_LEN; cur++; @@ -694,12 +702,15 @@ gtls_connect_step1(struct connectdata *conn, } } +#ifndef CURL_DISABLE_PROXY if(conn->proxy_ssl[sockindex].use) { transport_ptr = conn->proxy_ssl[sockindex].backend->session; gnutls_transport_push = Curl_gtls_push_ssl; gnutls_transport_pull = Curl_gtls_pull_ssl; } - else { + else +#endif + { /* file descriptor for the socket */ transport_ptr = &conn->sock[sockindex]; gnutls_transport_push = Curl_gtls_push; @@ -828,10 +839,15 @@ gtls_connect_step3(struct connectdata *conn, unsigned int bits; gnutls_protocol_t version = gnutls_protocol_get_version(session); #endif +#ifndef CURL_DISABLE_PROXY const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name : conn->host.name; long * const certverifyresult = SSL_IS_PROXY() ? &data->set.proxy_ssl.certverifyresult : &data->set.ssl.certverifyresult; +#else + const char * const hostname = conn->host.name; + long * const certverifyresult = &data->set.ssl.certverifyresult; +#endif /* the name of the cipher suite used, e.g. ECDHE_RSA_AES_256_GCM_SHA384. */ ptr = gnutls_cipher_suite_get_name(gnutls_kx_get(session), @@ -1112,8 +1128,12 @@ gtls_connect_step3(struct connectdata *conn, } #endif if(!rc) { +#ifndef CURL_DISABLE_PROXY const char * const dispname = SSL_IS_PROXY() ? conn->http_proxy.host.dispname : conn->host.dispname; +#else + const char * const dispname = conn->host.dispname; +#endif if(SSL_CONN_CONFIG(verifyhost)) { failf(data, "SSL: certificate subject name (%s) does not match " @@ -1216,20 +1236,23 @@ gtls_connect_step3(struct connectdata *conn, rc = gnutls_x509_crt_get_dn2(x509_cert, &certfields); - if(rc != 0) - return CURLE_OUT_OF_MEMORY; - infof(data, "\t subject: %s\n", certfields.data); + if(rc) + infof(data, "Failed to get certificate name\n"); + else { + infof(data, "\t subject: %s\n", certfields.data); - certclock = gnutls_x509_crt_get_activation_time(x509_cert); - showtime(data, "start date", certclock); + certclock = gnutls_x509_crt_get_activation_time(x509_cert); + showtime(data, "start date", certclock); - certclock = gnutls_x509_crt_get_expiration_time(x509_cert); - showtime(data, "expire date", certclock); + certclock = gnutls_x509_crt_get_expiration_time(x509_cert); + showtime(data, "expire date", certclock); + } rc = gnutls_x509_crt_get_issuer_dn2(x509_cert, &certfields); - if(rc != 0) - return CURLE_OUT_OF_MEMORY; - infof(data, "\t issuer: %s\n", certfields.data); + if(rc) + infof(data, "Failed to get certificate issuer\n"); + else + infof(data, "\t issuer: %s\n", certfields.data); #endif gnutls_x509_crt_deinit(x509_cert); @@ -1381,10 +1404,13 @@ static bool Curl_gtls_data_pending(const struct connectdata *conn, 0 != gnutls_record_check_pending(backend->session)) res = TRUE; +#ifndef CURL_DISABLE_PROXY connssl = &conn->proxy_ssl[connindex]; + backend = connssl->backend; if(backend->session && 0 != gnutls_record_check_pending(backend->session)) res = TRUE; +#endif return res; } @@ -1433,7 +1459,9 @@ static void close_one(struct ssl_connect_data *connssl) static void Curl_gtls_close(struct connectdata *conn, int sockindex) { close_one(&conn->ssl[sockindex]); +#ifndef CURL_DISABLE_PROXY close_one(&conn->proxy_ssl[sockindex]); +#endif } /* diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c index fca292613..0f0d1ee6c 100644 --- a/lib/vtls/nss.c +++ b/lib/vtls/nss.c @@ -1027,9 +1027,11 @@ static SECStatus BadCertHandler(void *arg, PRFileDesc *sock) CERTCertificate *cert; /* remember the cert verification result */ +#ifndef CURL_DISABLE_PROXY if(SSL_IS_PROXY()) data->set.proxy_ssl.certverifyresult = err; else +#endif data->set.ssl.certverifyresult = err; if(err == SSL_ERROR_BAD_CERT_DOMAIN && !SSL_CONN_CONFIG(verifyhost)) @@ -1553,24 +1555,32 @@ static void nss_close(struct ssl_connect_data *connssl) static void Curl_nss_close(struct connectdata *conn, int sockindex) { struct ssl_connect_data *connssl = &conn->ssl[sockindex]; +#ifndef CURL_DISABLE_PROXY struct ssl_connect_data *connssl_proxy = &conn->proxy_ssl[sockindex]; +#endif struct ssl_backend_data *backend = connssl->backend; - if(backend->handle || connssl_proxy->backend->handle) { + if(backend->handle +#ifndef CURL_DISABLE_PROXY + || connssl_proxy->backend->handle +#endif + ) { /* NSS closes the socket we previously handed to it, so we must mark it as closed to avoid double close */ fake_sclose(conn->sock[sockindex]); conn->sock[sockindex] = CURL_SOCKET_BAD; } +#ifndef CURL_DISABLE_PROXY if(backend->handle) /* nss_close(connssl) will transitively close also connssl_proxy->backend->handle if both are used. Clear it to avoid a double close leading to crash. */ connssl_proxy->backend->handle = NULL; - nss_close(connssl); nss_close(connssl_proxy); +#endif + nss_close(connssl); } /* return true if NSS can provide error code (and possibly msg) for the @@ -1828,6 +1838,12 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex) CURLcode result; bool second_layer = FALSE; SSLVersionRange sslver_supported; +#ifndef CURL_DISABLE_PROXY + const char *hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name : + conn->host.name; +#else + const char *hostname = conn->host.name; +#endif SSLVersionRange sslver = { SSL_LIBRARY_VERSION_TLS_1_0, /* min */ @@ -1932,9 +1948,11 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex) goto error; /* not checked yet */ +#ifndef CURL_DISABLE_PROXY if(SSL_IS_PROXY()) data->set.proxy_ssl.certverifyresult = 0; else +#endif data->set.ssl.certverifyresult = 0; if(SSL_BadCertHook(model, BadCertHandler, conn) != SECSuccess) @@ -1991,12 +2009,14 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex) goto error; } +#ifndef CURL_DISABLE_PROXY if(conn->proxy_ssl[sockindex].use) { DEBUGASSERT(ssl_connection_complete == conn->proxy_ssl[sockindex].state); DEBUGASSERT(conn->proxy_ssl[sockindex].backend->handle != NULL); nspr_io = conn->proxy_ssl[sockindex].backend->handle; second_layer = TRUE; } +#endif else { /* wrap OS file descriptor by NSPR's file descriptor abstraction */ nspr_io = PR_ImportTCPSocket(sockfd); @@ -2077,8 +2097,11 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex) unsigned char protocols[128]; #ifdef USE_NGHTTP2 - if(data->set.httpversion >= CURL_HTTP_VERSION_2 && - (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy)) { + if(data->set.httpversion >= CURL_HTTP_VERSION_2 +#ifndef CURL_DISABLE_PROXY + && (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy) +#endif + ) { protocols[cur++] = NGHTTP2_PROTO_VERSION_ID_LEN; memcpy(&protocols[cur], NGHTTP2_PROTO_VERSION_ID, NGHTTP2_PROTO_VERSION_ID_LEN); @@ -2101,14 +2124,11 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex) goto error; /* propagate hostname to the TLS layer */ - if(SSL_SetURL(backend->handle, SSL_IS_PROXY() ? conn->http_proxy.host.name : - conn->host.name) != SECSuccess) + if(SSL_SetURL(backend->handle, hostname) != SECSuccess) goto error; /* prevent NSS from re-using the session for a different hostname */ - if(SSL_SetSockPeerID(backend->handle, SSL_IS_PROXY() ? - conn->http_proxy.host.name : conn->host.name) - != SECSuccess) + if(SSL_SetSockPeerID(backend->handle, hostname) != SECSuccess) goto error; return CURLE_OK; @@ -2127,11 +2147,17 @@ static CURLcode nss_do_connect(struct connectdata *conn, int sockindex) struct Curl_easy *data = conn->data; CURLcode result = CURLE_SSL_CONNECT_ERROR; PRUint32 timeout; +#ifndef CURL_DISABLE_PROXY long * const certverifyresult = SSL_IS_PROXY() ? &data->set.proxy_ssl.certverifyresult : &data->set.ssl.certverifyresult; const char * const pinnedpubkey = SSL_IS_PROXY() ? data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] : data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]; +#else + long * const certverifyresult = &data->set.ssl.certverifyresult; + const char * const pinnedpubkey = + data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]; +#endif /* check timeout situation */ diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 2e9f900da..1685a4aa4 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -619,7 +619,9 @@ SSL_CTX_use_certificate_chain_bio(SSL_CTX *ctx, BIO* in, const char *key_passwd) { /* SSL_CTX_add1_chain_cert introduced in OpenSSL 1.0.2 */ -#if (OPENSSL_VERSION_NUMBER >= 0x1000200fL) /* 1.0.2 or later */ +#if (OPENSSL_VERSION_NUMBER >= 0x1000200fL) && /* OpenSSL 1.0.2 or later */ \ + !(defined(LIBRESSL_VERSION_NUMBER) && \ + (LIBRESSL_VERSION_NUMBER < 0x2090100fL)) /* LibreSSL 2.9.1 or later */ int ret = 0; X509 *x = NULL; void *passwd_callback_userdata = (void *)key_passwd; @@ -2825,7 +2827,8 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) if((SSL_CONN_CONFIG(verifypeer) || SSL_CONN_CONFIG(verifyhost)) && (SSL_SET_OPTION(native_ca_store))) { X509_STORE *store = SSL_CTX_get_cert_store(backend->ctx); - HCERTSTORE hStore = CertOpenSystemStoreA((HCRYPTPROV_LEGACY)NULL, "ROOT"); + HCERTSTORE hStore = CertOpenSystemStore((HCRYPTPROV_LEGACY)NULL, + TEXT("ROOT")); if(hStore) { PCCERT_CONTEXT pContext = NULL; diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 199652606..1c1432d75 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -50,7 +50,7 @@ #include "x509asn1.h" #include "curl_printf.h" #include "multiif.h" -#include "system_win32.h" +#include "version_win32.h" /* The last #include file should be: */ #include "curl_memory.h" @@ -436,8 +436,8 @@ schannel_connect_step1(struct connectdata *conn, int sockindex) "schannel: SSL/TLS connection with %s port %hu (step 1/3)\n", hostname, conn->remote_port)); - if(Curl_verify_windows_version(5, 1, PLATFORM_WINNT, - VERSION_LESS_THAN_EQUAL)) { + if(curlx_verify_windows_version(5, 1, PLATFORM_WINNT, + VERSION_LESS_THAN_EQUAL)) { /* Schannel in Windows XP (OS version 5.1) uses legacy handshakes and algorithms that may not be supported by all servers. */ infof(data, "schannel: Windows version is old and may not be able to " @@ -448,10 +448,10 @@ schannel_connect_step1(struct connectdata *conn, int sockindex) /* ALPN is only supported on Windows 8.1 / Server 2012 R2 and above. Also it doesn't seem to be supported for Wine, see curl bug #983. */ BACKEND->use_alpn = conn->bits.tls_enable_alpn && - !GetProcAddress(GetModuleHandleA("ntdll"), + !GetProcAddress(GetModuleHandle(TEXT("ntdll")), "wine_get_version") && - Curl_verify_windows_version(6, 3, PLATFORM_WINNT, - VERSION_GREATER_THAN_EQUAL); + curlx_verify_windows_version(6, 3, PLATFORM_WINNT, + VERSION_GREATER_THAN_EQUAL); #else BACKEND->use_alpn = false; #endif @@ -467,8 +467,8 @@ schannel_connect_step1(struct connectdata *conn, int sockindex) #else #ifdef HAS_MANUAL_VERIFY_API if(SSL_CONN_CONFIG(CAfile)) { - if(Curl_verify_windows_version(6, 1, PLATFORM_WINNT, - VERSION_GREATER_THAN_EQUAL)) { + if(curlx_verify_windows_version(6, 1, PLATFORM_WINNT, + VERSION_GREATER_THAN_EQUAL)) { BACKEND->use_manual_cred_validation = true; } else { @@ -2015,8 +2015,8 @@ schannel_recv(struct connectdata *conn, int sockindex, */ if(len && !BACKEND->decdata_offset && BACKEND->recv_connection_closed && !BACKEND->recv_sspi_close_notify) { - bool isWin2k = Curl_verify_windows_version(5, 0, PLATFORM_WINNT, - VERSION_EQUAL); + bool isWin2k = curlx_verify_windows_version(5, 0, PLATFORM_WINNT, + VERSION_EQUAL); if(isWin2k && sspi_status == SEC_E_OK) BACKEND->recv_sspi_close_notify = true; diff --git a/lib/vtls/schannel_verify.c b/lib/vtls/schannel_verify.c index bdd7199e4..ab7be3950 100644 --- a/lib/vtls/schannel_verify.c +++ b/lib/vtls/schannel_verify.c @@ -45,7 +45,7 @@ #include "curl_multibyte.h" #include "curl_printf.h" #include "hostcheck.h" -#include "system_win32.h" +#include "version_win32.h" /* The last #include file should be: */ #include "curl_memory.h" @@ -317,8 +317,8 @@ static DWORD cert_get_name_string(struct Curl_easy *data, DWORD i; /* CERT_NAME_SEARCH_ALL_NAMES_FLAG is available from Windows 8 onwards. */ - if(Curl_verify_windows_version(6, 2, PLATFORM_WINNT, - VERSION_GREATER_THAN_EQUAL)) { + if(curlx_verify_windows_version(6, 2, PLATFORM_WINNT, + VERSION_GREATER_THAN_EQUAL)) { #ifdef CERT_NAME_SEARCH_ALL_NAMES_FLAG /* CertGetNameString will provide the 8-bit character string without * any decoding */ @@ -564,7 +564,7 @@ CURLcode Curl_verify_certificate(struct connectdata *conn, int sockindex) * trusted certificates. This is only supported on Windows 7+. */ - if(Curl_verify_windows_version(6, 1, PLATFORM_WINNT, VERSION_LESS_THAN)) { + if(curlx_verify_windows_version(6, 1, PLATFORM_WINNT, VERSION_LESS_THAN)) { failf(data, "schannel: this version of Windows is too old to support " "certificate verification via CA bundle file."); result = CURLE_SSL_CACERT_BADFILE; diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index c3a55fb1c..281043aa6 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -621,6 +621,7 @@ void Curl_ssl_close(struct connectdata *conn, int sockindex) { DEBUGASSERT((sockindex <= 1) && (sockindex >= -1)); Curl_ssl->close_one(conn, sockindex); + conn->ssl[sockindex].state = ssl_connection_none; } CURLcode Curl_ssl_shutdown(struct connectdata *conn, int sockindex) diff --git a/m4/curl-compilers.m4 b/m4/curl-compilers.m4 index e732a8722..107dc6ab9 100644 --- a/m4/curl-compilers.m4 +++ b/m4/curl-compilers.m4 @@ -886,36 +886,36 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [ # if test "$want_warnings" = "yes"; then tmp_CFLAGS="$tmp_CFLAGS -pedantic" - tmp_CFLAGS="$tmp_CFLAGS -Wall -Wextra" - tmp_CFLAGS="$tmp_CFLAGS -Wpointer-arith -Wwrite-strings" - tmp_CFLAGS="$tmp_CFLAGS -Wshadow" - tmp_CFLAGS="$tmp_CFLAGS -Winline -Wnested-externs" - tmp_CFLAGS="$tmp_CFLAGS -Wmissing-declarations" - tmp_CFLAGS="$tmp_CFLAGS -Wmissing-prototypes" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [all extra]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [pointer-arith write-strings]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [shadow]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [inline nested-externs]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-declarations]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-prototypes]) tmp_CFLAGS="$tmp_CFLAGS -Wno-long-long" - tmp_CFLAGS="$tmp_CFLAGS -Wfloat-equal" - tmp_CFLAGS="$tmp_CFLAGS -Wno-multichar -Wsign-compare" - tmp_CFLAGS="$tmp_CFLAGS -Wundef" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [float-equal]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [no-multichar sign-compare]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [undef]) tmp_CFLAGS="$tmp_CFLAGS -Wno-format-nonliteral" - tmp_CFLAGS="$tmp_CFLAGS -Wendif-labels -Wstrict-prototypes" - tmp_CFLAGS="$tmp_CFLAGS -Wdeclaration-after-statement" - tmp_CFLAGS="$tmp_CFLAGS -Wcast-align" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [endif-labels strict-prototypes]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [declaration-after-statement]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [cast-align]) tmp_CFLAGS="$tmp_CFLAGS -Wno-system-headers" - tmp_CFLAGS="$tmp_CFLAGS -Wshorten-64-to-32" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [shorten-64-to-32]) # dnl Only clang 1.1 or later if test "$compiler_num" -ge "101"; then - tmp_CFLAGS="$tmp_CFLAGS -Wunused" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [unused]) fi # dnl Only clang 2.8 or later if test "$compiler_num" -ge "208"; then - tmp_CFLAGS="$tmp_CFLAGS -Wvla" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [vla]) fi # dnl Only clang 2.9 or later if test "$compiler_num" -ge "209"; then - tmp_CFLAGS="$tmp_CFLAGS -Wshift-sign-overflow" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [shift-sign-overflow]) fi # dnl Only clang 3.2 or later @@ -926,19 +926,19 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [ dnl mingw because the libtool wrapper executable causes them ;; *) - tmp_CFLAGS="$tmp_CFLAGS -Wmissing-variable-declarations" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-variable-declarations]) ;; esac fi # dnl Only clang 3.6 or later if test "$compiler_num" -ge "306"; then - tmp_CFLAGS="$tmp_CFLAGS -Wdouble-promotion" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [double-promotion]) fi # dnl Only clang 3.9 or later if test "$compiler_num" -ge "309"; then - tmp_CFLAGS="$tmp_CFLAGS -Wcomma" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [comma]) # avoid the varargs warning, fixed in 4.0 # https://bugs.llvm.org/show_bug.cgi?id=29140 if test "$compiler_num" -lt "400"; then @@ -968,43 +968,45 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [ fi # dnl Set of options we believe *ALL* gcc versions support: - tmp_CFLAGS="$tmp_CFLAGS -Wall -W" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [all]) + tmp_CFLAGS="$tmp_CFLAGS -W" # dnl Only gcc 1.4 or later if test "$compiler_num" -ge "104"; then - tmp_CFLAGS="$tmp_CFLAGS -Wpointer-arith -Wwrite-strings" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [pointer-arith write-strings]) dnl If not cross-compiling with a gcc older than 3.0 if test "x$cross_compiling" != "xyes" || test "$compiler_num" -ge "300"; then - tmp_CFLAGS="$tmp_CFLAGS -Wunused -Wshadow" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [unused shadow]) fi fi # dnl Only gcc 2.7 or later if test "$compiler_num" -ge "207"; then - tmp_CFLAGS="$tmp_CFLAGS -Winline -Wnested-externs" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [inline nested-externs]) dnl If not cross-compiling with a gcc older than 3.0 if test "x$cross_compiling" != "xyes" || test "$compiler_num" -ge "300"; then - tmp_CFLAGS="$tmp_CFLAGS -Wmissing-declarations" - tmp_CFLAGS="$tmp_CFLAGS -Wmissing-prototypes" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-declarations]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-prototypes]) fi fi # dnl Only gcc 2.95 or later if test "$compiler_num" -ge "295"; then tmp_CFLAGS="$tmp_CFLAGS -Wno-long-long" - tmp_CFLAGS="$tmp_CFLAGS -Wbad-function-cast" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [bad-function-cast]) fi # dnl Only gcc 2.96 or later if test "$compiler_num" -ge "296"; then - tmp_CFLAGS="$tmp_CFLAGS -Wfloat-equal" - tmp_CFLAGS="$tmp_CFLAGS -Wno-multichar -Wsign-compare" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [float-equal]) + tmp_CFLAGS="$tmp_CFLAGS -Wno-multichar" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [sign-compare]) dnl -Wundef used only if gcc is 2.96 or later since we get dnl lots of "`_POSIX_C_SOURCE' is not defined" in system dnl headers with gcc 2.95.4 on FreeBSD 4.9 - tmp_CFLAGS="$tmp_CFLAGS -Wundef" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [undef]) fi # dnl Only gcc 2.97 or later @@ -1023,13 +1025,13 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [ # dnl Only gcc 3.3 or later if test "$compiler_num" -ge "303"; then - tmp_CFLAGS="$tmp_CFLAGS -Wendif-labels -Wstrict-prototypes" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [endif-labels strict-prototypes]) fi # dnl Only gcc 3.4 or later if test "$compiler_num" -ge "304"; then - tmp_CFLAGS="$tmp_CFLAGS -Wdeclaration-after-statement" - tmp_CFLAGS="$tmp_CFLAGS -Wold-style-definition" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [declaration-after-statement]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [old-style-definition]) fi # dnl Only gcc 4.0 or later @@ -1039,15 +1041,17 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [ # dnl Only gcc 4.2 or later if test "$compiler_num" -ge "402"; then - tmp_CFLAGS="$tmp_CFLAGS -Wcast-align" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [cast-align]) fi # dnl Only gcc 4.3 or later if test "$compiler_num" -ge "403"; then - tmp_CFLAGS="$tmp_CFLAGS -Wtype-limits -Wold-style-declaration" - tmp_CFLAGS="$tmp_CFLAGS -Wmissing-parameter-type -Wempty-body" - tmp_CFLAGS="$tmp_CFLAGS -Wclobbered -Wignored-qualifiers" - tmp_CFLAGS="$tmp_CFLAGS -Wconversion -Wno-sign-conversion -Wvla" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [type-limits old-style-declaration]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-parameter-type empty-body]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [clobbered ignored-qualifiers]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [conversion]) + tmp_CFLAGS="$tmp_CFLAGS -Wno-sign-conversion" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [vla]) dnl required for -Warray-bounds, included in -Wall tmp_CFLAGS="$tmp_CFLAGS -ftree-vrp" fi @@ -1062,7 +1066,7 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [ # dnl Only gcc 4.6 or later if test "$compiler_num" -ge "406"; then - tmp_CFLAGS="$tmp_CFLAGS -Wdouble-promotion" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [double-promotion]) fi # dnl only gcc 4.8 or later @@ -1077,18 +1081,19 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [ # dnl Only gcc 6 or later if test "$compiler_num" -ge "600"; then - tmp_CFLAGS="$tmp_CFLAGS -Wshift-negative-value" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [shift-negative-value]) tmp_CFLAGS="$tmp_CFLAGS -Wshift-overflow=2" - tmp_CFLAGS="$tmp_CFLAGS -Wnull-dereference -fdelete-null-pointer-checks" - tmp_CFLAGS="$tmp_CFLAGS -Wduplicated-cond" - tmp_CFLAGS="$tmp_CFLAGS -Wunused-const-variable" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [null-dereference]) + tmp_CFLAGS="$tmp_CFLAGS -fdelete-null-pointer-checks" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [duplicated-cond]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [unused-const-variable]) fi # dnl Only gcc 7 or later if test "$compiler_num" -ge "700"; then - tmp_CFLAGS="$tmp_CFLAGS -Wduplicated-branches" - tmp_CFLAGS="$tmp_CFLAGS -Wrestrict" - tmp_CFLAGS="$tmp_CFLAGS -Walloc-zero" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [duplicated-branches]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [restrict]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [alloc-zero]) tmp_CFLAGS="$tmp_CFLAGS -Wformat-overflow=2" tmp_CFLAGS="$tmp_CFLAGS -Wformat-truncation=2" tmp_CFLAGS="$tmp_CFLAGS -Wimplicit-fallthrough=4" @@ -1214,11 +1219,11 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [ # if test "$want_warnings" = "yes"; then dnl Activate all warnings - tmp_CFLAGS="$tmp_CFLAGS -Wall" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [all]) dnl Make string constants be of type const char * - tmp_CFLAGS="$tmp_CFLAGS -Wwrite-strings" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [write-strings]) dnl Warn use of unsupported GCC features ignored by TCC - tmp_CFLAGS="$tmp_CFLAGS -Wunsupported" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [unsupported]) fi ;; # @@ -1645,3 +1650,24 @@ AC_DEFUN([CURL_VAR_STRIP], [ [$1]="$ac_var_stripped" squeeze [$1] ]) + +dnl CURL_ADD_COMPILER_WARNINGS (WARNING-LIST, NEW-WARNINGS) +dnl ------------------------------------------------------- +dnl Contents of variable WARNING-LIST and NEW-WARNINGS are +dnl handled as whitespace separated lists of words. +dnl Add each compiler warning from NEW-WARNINGS that has not +dnl been disabled via CFLAGS to WARNING-LIST. + +AC_DEFUN([CURL_ADD_COMPILER_WARNINGS], [ + AC_REQUIRE([CURL_SHFUNC_SQUEEZE])dnl + ac_var_added_warnings="" + for warning in [$2]; do + CURL_VAR_MATCH(CFLAGS, [-Wno-$warning -W$warning]) + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + dnl squeeze whitespace out of result + [$1]="$[$1] $ac_var_added_warnings" + squeeze [$1] +]) diff --git a/packages/OS400/curl.inc.in b/packages/OS400/curl.inc.in index 5b3b2c059..33ac8b34b 100644 --- a/packages/OS400/curl.inc.in +++ b/packages/OS400/curl.inc.in @@ -140,6 +140,8 @@ d c X'01000000' d CURL_VERSION_HTTP3... d c X'02000000' + d CURL_VERSION_UNICODE... + d c X'04000000' * d CURL_HTTPPOST_FILENAME... d c X'00000001' diff --git a/packages/Symbian/group/libcurl.mmp b/packages/Symbian/group/libcurl.mmp index 20e383fbc..c52056afb 100644 --- a/packages/Symbian/group/libcurl.mmp +++ b/packages/Symbian/group/libcurl.mmp @@ -38,7 +38,7 @@ SOURCE \ idn_win32.c vtls/cyassl.c http_proxy.c non-ascii.c \ asyn-ares.c asyn-thread.c curl_gssapi.c http_ntlm.c curl_ntlm_wb.c \ curl_ntlm_core.c curl_sasl.c vtls/schannel.c curl_multibyte.c \ - vtls/darwinssl.c conncache.c curl_sasl_sspi.c smb.c curl_endian.c \ + conncache.c curl_sasl_sspi.c smb.c curl_endian.c \ curl_des.c curl_range.c system_win32.c sha256.c \ vauth/vauth.c vauth/cleartext.c vauth/cram.c vauth/digest.c \ vauth/digest_sspi.c vauth/krb5_gssapi.c vauth/krb5_sspi.c \ diff --git a/scripts/copyright.pl b/scripts/copyright.pl index 7c3296fa3..5649cad4f 100755 --- a/scripts/copyright.pl +++ b/scripts/copyright.pl @@ -48,6 +48,7 @@ my @skiplist=( '\/readme', '^.github/', # github instruction files '^.dcignore', # deepcode.ai instruction file + '^.muse/', # muse-CI control files # docs/ files we're okay with without copyright 'INSTALL.cmake', diff --git a/scripts/travis/script.sh b/scripts/travis/script.sh index d1088838b..7f9e56adc 100755 --- a/scripts/travis/script.sh +++ b/scripts/travis/script.sh @@ -84,7 +84,7 @@ if [ "$T" = "normal" ]; then if [ -z $NOTESTS ]; then make test-nonflaky fi - if [ -n $CHECKSRC ]; then + if [ -n "$CHECKSRC" ]; then make checksrc fi fi diff --git a/src/Makefile.inc b/src/Makefile.inc index 559b9983c..b5a3fb2e3 100644 --- a/src/Makefile.inc +++ b/src/Makefile.inc @@ -35,7 +35,8 @@ GNURLX_CFILES = \ ../lib/nonblock.c \ ../lib/warnless.c \ ../lib/curl_ctype.c \ - ../lib/curl_multibyte.c + ../lib/curl_multibyte.c \ + ../lib/version_win32.c GNURLX_HFILES = \ ../lib/curl_setup.h \ @@ -43,7 +44,8 @@ GNURLX_HFILES = \ ../lib/nonblock.h \ ../lib/warnless.h \ ../lib/curl_ctype.h \ - ../lib/curl_multibyte.h + ../lib/curl_multibyte.h \ + ../lib/version_win32.h GNURL_CFILES = \ slist_wc.c \ diff --git a/src/Makefile.m32 b/src/Makefile.m32 index 0c811a4d2..f5864ebe3 100644 --- a/src/Makefile.m32 +++ b/src/Makefile.m32 @@ -24,7 +24,7 @@ # ## Makefile for building curl.exe with MingW (GCC-3.2 or later or LLVM/Clang) ## and optionally OpenSSL (1.0.2a), libssh2 (1.5), zlib (1.2.8), librtmp (2.4), -## brotli (1.0.1) +## brotli (1.0.1), zstd (1.4.5) ## ## Usage: mingw32-make -f Makefile.m32 CFG=-feature1[-feature2][-feature3][...] ## Example: mingw32-make -f Makefile.m32 CFG=-zlib-ssl-sspi-winidn @@ -39,6 +39,10 @@ ifndef ZLIB_PATH ZLIB_PATH = ../../zlib-1.2.8 endif +# Edit the path below to point to the base of your Zstandard sources. +ifndef ZSTD_PATH +ZSTD_PATH = ../../zstd-1.4.5 +endif # Edit the path below to point to the base of your Brotli sources. ifndef BROTLI_PATH BROTLI_PATH = ../../brotli-1.0.1 @@ -189,6 +193,9 @@ endif ifeq ($(findstring -zlib,$(CFG)),-zlib) ZLIB = 1 endif +ifeq ($(findstring -zstd,$(CFG)),-zstd) +ZSTD = 1 +endif ifeq ($(findstring -brotli,$(CFG)),-brotli) BROTLI = 1 endif @@ -302,6 +309,11 @@ ifdef ZLIB CFLAGS += -DHAVE_LIBZ -DHAVE_ZLIB_H curl_LDADD += -L"$(ZLIB_PATH)" -lz endif +ifdef ZSTD + INCLUDES += -I"$(ZSTD_PATH)/include" + CFLAGS += -DHAVE_ZSTD + curl_LDADD += -L"$(ZSTD_PATH)/lib" -lzstd +endif ifdef BROTLI INCLUDES += -I"$(BROTLI_PATH)/include" CFLAGS += -DHAVE_BROTLI diff --git a/src/tool_cb_dbg.c b/src/tool_cb_dbg.c index bb8c2635b..1c42db8a5 100644 --- a/src/tool_cb_dbg.c +++ b/src/tool_cb_dbg.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -65,6 +65,7 @@ int tool_debug_cb(CURL *handle, curl_infotype type, known_offset = 1; } secs = epoch_offset + tv.tv_sec; + /* !checksrc! disable BANNEDFUNC 1 */ now = localtime(&secs); /* not thread safe but we don't care */ msnprintf(timebuf, sizeof(timebuf), "%02d:%02d:%02d.%06ld ", now->tm_hour, now->tm_min, now->tm_sec, (long)tv.tv_usec); diff --git a/src/tool_cb_wrt.c b/src/tool_cb_wrt.c index ed108911e..64b62fefd 100644 --- a/src/tool_cb_wrt.c +++ b/src/tool_cb_wrt.c @@ -21,6 +21,13 @@ ***************************************************************************/ #include "tool_setup.h" +#ifdef HAVE_FCNTL_H +/* for open() */ +#include <fcntl.h> +#endif + +#include <sys/stat.h> + #define ENABLE_CURLX_PRINTF /* use our own printf() functions */ #include "curlx.h" @@ -37,7 +44,7 @@ bool tool_create_output_file(struct OutStruct *outs, struct OperationConfig *config) { struct GlobalConfig *global; - FILE *file; + FILE *file = NULL; DEBUGASSERT(outs); DEBUGASSERT(config); global = config->global; @@ -48,17 +55,26 @@ bool tool_create_output_file(struct OutStruct *outs, if(outs->is_cd_filename) { /* don't overwrite existing files */ - file = fopen(outs->filename, "rb"); - if(file) { - fclose(file); - warnf(global, "Refusing to overwrite %s: %s\n", outs->filename, - strerror(EEXIST)); - return FALSE; +#ifndef O_BINARY +#define O_BINARY 0 +#endif + int fd = open(outs->filename, O_CREAT | O_WRONLY | O_EXCL | O_BINARY, +#ifdef WIN32 + S_IREAD | S_IWRITE +#else + S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH +#endif + ); + if(fd != -1) { + file = fdopen(fd, "wb"); + if(!file) + close(fd); } } + else + /* open file for writing */ + file = fopen(outs->filename, "wb"); - /* open file for writing */ - file = fopen(outs->filename, "wb"); if(!file) { warnf(global, "Failed to create the file %s: %s\n", outs->filename, strerror(errno)); diff --git a/src/tool_doswin.c b/src/tool_doswin.c index b7df3e615..dd8341ae3 100644 --- a/src/tool_doswin.c +++ b/src/tool_doswin.c @@ -36,6 +36,7 @@ #include "tool_bname.h" #include "tool_doswin.h" +#include "curlx.h" #include "memdebug.h" /* keep this as LAST include */ #ifdef WIN32 @@ -612,7 +613,7 @@ char **__crt0_glob_function(char *arg) CURLcode FindWin32CACert(struct OperationConfig *config, curl_sslbackend backend, - const char *bundle_file) + const TCHAR *bundle_file) { CURLcode result = CURLE_OK; @@ -626,15 +627,19 @@ CURLcode FindWin32CACert(struct OperationConfig *config, backend != CURLSSLBACKEND_SCHANNEL) { DWORD res_len; - char buf[PATH_MAX]; - char *ptr = NULL; + TCHAR buf[PATH_MAX]; + TCHAR *ptr = NULL; - buf[0] = '\0'; + buf[0] = TEXT('\0'); - res_len = SearchPathA(NULL, bundle_file, NULL, PATH_MAX, buf, &ptr); + res_len = SearchPath(NULL, bundle_file, NULL, PATH_MAX, buf, &ptr); if(res_len > 0) { Curl_safefree(config->cacert); +#ifdef UNICODE + config->cacert = curlx_convert_wchar_to_UTF8(buf); +#else config->cacert = strdup(buf); +#endif if(!config->cacert) result = CURLE_OUT_OF_MEMORY; } @@ -702,22 +707,11 @@ bool tool_isVistaOrGreater; CURLcode win32_init(void) { - OSVERSIONINFOEXA osvi; - unsigned __int64 mask = 0; - unsigned char op = VER_GREATER_EQUAL; - - memset(&osvi, 0, sizeof(osvi)); - osvi.dwOSVersionInfoSize = sizeof(osvi); - osvi.dwMajorVersion = 6; - VER_SET_CONDITION(mask, VER_MAJORVERSION, op); - VER_SET_CONDITION(mask, VER_MINORVERSION, op); - - if(VerifyVersionInfoA(&osvi, (VER_MAJORVERSION | VER_MINORVERSION), mask)) + if(curlx_verify_windows_version(6, 0, PLATFORM_WINNT, + VERSION_GREATER_THAN_EQUAL)) tool_isVistaOrGreater = true; - else if(GetLastError() == ERROR_OLD_WIN_VERSION) - tool_isVistaOrGreater = false; else - return CURLE_FAILED_INIT; + tool_isVistaOrGreater = false; QueryPerformanceFrequency(&tool_freq); return CURLE_OK; diff --git a/src/tool_doswin.h b/src/tool_doswin.h index d1649d1f3..ab23f8d65 100644 --- a/src/tool_doswin.h +++ b/src/tool_doswin.h @@ -59,7 +59,7 @@ char **__crt0_glob_function(char *arg); CURLcode FindWin32CACert(struct OperationConfig *config, curl_sslbackend backend, - const char *bundle_file); + const TCHAR *bundle_file); struct curl_slist *GetLoadedModulePaths(void); CURLcode win32_init(void); diff --git a/src/tool_filetime.c b/src/tool_filetime.c index 6071e44d2..1ffc981fe 100644 --- a/src/tool_filetime.c +++ b/src/tool_filetime.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -21,6 +21,8 @@ ***************************************************************************/ #include "tool_filetime.h" +#include "curlx.h" + #ifdef HAVE_UTIME_H # include <utime.h> #elif defined(HAVE_SYS_UTIME_H) @@ -36,11 +38,13 @@ curl_off_t getfiletime(const char *filename, FILE *error_stream) access to a 64-bit type we can bypass stat and get the times directly. */ #if defined(WIN32) && (SIZEOF_CURL_OFF_T >= 8) HANDLE hfile; + TCHAR *tchar_filename = curlx_convert_UTF8_to_tchar((char *)filename); - hfile = CreateFileA(filename, FILE_READ_ATTRIBUTES, + hfile = CreateFile(tchar_filename, FILE_READ_ATTRIBUTES, (FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE), NULL, OPEN_EXISTING, 0, NULL); + curlx_unicodefree(tchar_filename); if(hfile != INVALID_HANDLE_VALUE) { FILETIME ft; if(GetFileTime(hfile, NULL, NULL, &ft)) { @@ -93,6 +97,7 @@ void setfiletime(curl_off_t filetime, const char *filename, access to a 64-bit type we can bypass utime and set the times directly. */ #if defined(WIN32) && (SIZEOF_CURL_OFF_T >= 8) HANDLE hfile; + TCHAR *tchar_filename = curlx_convert_UTF8_to_tchar((char *)filename); /* 910670515199 is the maximum unix filetime that can be used as a Windows FILETIME without overflow: 30827-12-31T23:59:59. */ @@ -100,13 +105,15 @@ void setfiletime(curl_off_t filetime, const char *filename, fprintf(error_stream, "Failed to set filetime %" CURL_FORMAT_CURL_OFF_T " on outfile: overflow\n", filetime); + curlx_unicodefree(tchar_filename); return; } - hfile = CreateFileA(filename, FILE_WRITE_ATTRIBUTES, + hfile = CreateFile(tchar_filename, FILE_WRITE_ATTRIBUTES, (FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE), NULL, OPEN_EXISTING, 0, NULL); + curlx_unicodefree(tchar_filename); if(hfile != INVALID_HANDLE_VALUE) { curl_off_t converted = ((curl_off_t)filetime * 10000000) + CURL_OFF_T_C(116444736000000000); diff --git a/src/tool_getparam.c b/src/tool_getparam.c index 340962145..0648c29b9 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -695,7 +695,8 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */ case 'j': /* --compressed */ if(toggle && - !(curlinfo->features & (CURL_VERSION_LIBZ | CURL_VERSION_BROTLI))) + !(curlinfo->features & (CURL_VERSION_LIBZ | + CURL_VERSION_BROTLI | CURL_VERSION_ZSTD))) return PARAM_LIBCURL_DOESNT_SUPPORT; config->encoding = toggle; break; @@ -813,7 +814,7 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */ break; case 'x': /* --krb */ /* kerberos level string */ - if(curlinfo->features & CURL_VERSION_KERBEROS4) + if(curlinfo->features & CURL_VERSION_SPNEGO) GetStr(&config->krblevel, nextarg); else return PARAM_LIBCURL_DOESNT_SUPPORT; diff --git a/src/tool_help.c b/src/tool_help.c index ae319271c..0fc818d3c 100644 --- a/src/tool_help.c +++ b/src/tool_help.c @@ -537,6 +537,7 @@ static const struct feat feats[] = { {"IDN", CURL_VERSION_IDN}, {"IPv6", CURL_VERSION_IPV6}, {"Largefile", CURL_VERSION_LARGEFILE}, + {"Unicode", CURL_VERSION_UNICODE}, {"SSPI", CURL_VERSION_SSPI}, {"GSS-API", CURL_VERSION_GSSAPI}, {"Kerberos", CURL_VERSION_KERBEROS5}, @@ -546,6 +547,7 @@ static const struct feat feats[] = { {"SSL", CURL_VERSION_SSL}, {"libz", CURL_VERSION_LIBZ}, {"brotli", CURL_VERSION_BROTLI}, + {"zstd", CURL_VERSION_ZSTD}, {"CharConv", CURL_VERSION_CONV}, {"TLS-SRP", CURL_VERSION_TLSAUTH_SRP}, {"HTTP2", CURL_VERSION_HTTP2}, diff --git a/src/tool_operate.c b/src/tool_operate.c index 922d81e4d..97508e874 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -2415,7 +2415,7 @@ static CURLcode transfer_per_config(struct GlobalConfig *global, #ifdef WIN32 else { result = FindWin32CACert(config, tls_backend_info->backend, - "curl-ca-bundle.crt"); + TEXT("curl-ca-bundle.crt")); } #endif } diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c index c375bcc82..e57daa2e1 100644 --- a/src/tool_paramhlp.c +++ b/src/tool_paramhlp.c @@ -115,8 +115,8 @@ ParameterError file2memory(char **bufp, size_t *size, FILE *file) size_t alloc = 512; do { if(!buffer || (alloc == nused)) { - /* size_t overflow detection for huge files */ - if(alloc + 1 > ((size_t)-1)/2) { + /* size_t overflow detection and avoiding huge files */ + if(alloc >= (SIZE_T_MAX/4)) { Curl_safefree(buffer); return PARAM_NO_MEM; } diff --git a/src/tool_strdup.c b/src/tool_strdup.c index e6e151bd6..c8e938d16 100644 --- a/src/tool_strdup.c +++ b/src/tool_strdup.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, 2017, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -30,18 +30,13 @@ char *strdup(const char *str) if(!str) return (char *)NULL; - len = strlen(str); + len = strlen(str) + 1; - if(len >= ((size_t)-1) / sizeof(char)) - return (char *)NULL; - - newstr = malloc((len + 1)*sizeof(char)); + newstr = malloc(len); if(!newstr) return (char *)NULL; - memcpy(newstr, str, (len + 1)*sizeof(char)); - + memcpy(newstr, str, len); return newstr; - } #endif diff --git a/src/tool_util.c b/src/tool_util.c index 3ca13e7cb..de98b8282 100644 --- a/src/tool_util.c +++ b/src/tool_util.c @@ -74,7 +74,7 @@ struct timeval tvnow(void) struct timespec tsnow; if(0 == clock_gettime(CLOCK_MONOTONIC, &tsnow)) { now.tv_sec = tsnow.tv_sec; - now.tv_usec = tsnow.tv_nsec / 1000; + now.tv_usec = (int)(tsnow.tv_nsec / 1000); } /* ** Even when the configure process has truly detected monotonic clock diff --git a/src/tool_writeout.c b/src/tool_writeout.c index d8ccbcbda..41441ff30 100644 --- a/src/tool_writeout.c +++ b/src/tool_writeout.c @@ -32,6 +32,8 @@ static const struct writeoutvar variables[] = { {"url_effective", VAR_EFFECTIVE_URL, 0, CURLINFO_EFFECTIVE_URL, JSON_STRING}, + {"method", VAR_EFFECTIVE_METHOD, 0, + CURLINFO_EFFECTIVE_METHOD, JSON_STRING}, {"http_code", VAR_HTTP_CODE, 0, CURLINFO_RESPONSE_CODE, JSON_LONG}, {"response_code", VAR_HTTP_CODE, 0, @@ -142,6 +144,13 @@ void ourWriteOut(CURL *curl, struct OutStruct *outs, const char *writeinfo) && stringp) fputs(stringp, stream); break; + case VAR_EFFECTIVE_METHOD: + if((CURLE_OK == curl_easy_getinfo(curl, + CURLINFO_EFFECTIVE_METHOD, + &stringp)) + && stringp) + fputs(stringp, stream); + break; case VAR_HTTP_CODE: if(CURLE_OK == curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &longinfo)) diff --git a/src/tool_writeout.h b/src/tool_writeout.h index a21787ab9..68bacb9d4 100644 --- a/src/tool_writeout.h +++ b/src/tool_writeout.h @@ -39,6 +39,7 @@ typedef enum { VAR_HTTP_CODE_PROXY, VAR_HEADER_SIZE, VAR_REQUEST_SIZE, + VAR_EFFECTIVE_METHOD, VAR_EFFECTIVE_URL, VAR_CONTENT_TYPE, VAR_NUM_CONNECTS, diff --git a/tests/FILEFORMAT.md b/tests/FILEFORMAT.md index 62cddd1a7..c280c852d 100644 --- a/tests/FILEFORMAT.md +++ b/tests/FILEFORMAT.md @@ -21,6 +21,25 @@ variables are substituted by the their respective contents and the output version of the test file is stored as `log/testNUM`. That version is what will be read and used by the test servers. +## Base64 Encoding + +In the preprocess stage, a special instruction can be used to have runtests.pl +base64 encode a certain section and insert in the generated output file. This +is in particular good for test cases where the test tool is expected to pass +in base64 encoded content that might use dynamic information that is unique +for this particular test invocation, like the server port number. + +To insert a base64 encoded string into the output, use this syntax: + + %b64[ data to encode ]b64% + +The data to encode can then use any of the existing variables mentioned below, +or even percent-encoded individual bytes. As an example, insert the HTTP +server's port number (in ASCII) followed by a space and the hexadecimal byte +9a: + + %b64[%HTTPPORT %9a]b64% + # Variables When the test is preprocessed, a range of "variables" in the test file will be @@ -44,6 +63,7 @@ Available substitute variables include: - `%HOSTIP` - IPv4 address of the host running this test - `%HTTP6PORT` - IPv6 port number of the HTTP server - `%HTTPPORT` - Port number of the HTTP server +- `%HTTP2PORT` - Port number of the HTTP/2 server - `%HTTPSPORT` - Port number of the HTTPS server - `%HTTPSPROXYPORT` - Port number of the HTTPS-proxy - `%HTTPTLS6PORT` - IPv6 port number of the HTTP TLS server @@ -52,7 +72,7 @@ Available substitute variables include: - `%IMAP6PORT` - IPv6 port number of the IMAP server - `%IMAPPORT` - Port number of the IMAP server - `%MQTTPORT` - Port number of the MQTT server -- `%NEGTELNETPORT` - Port number of the telnet server +- `%TELNETPORT` - Port number of the telnet server - `%NOLISTENPORT` - Port number where no service is listening - `%POP36PORT` - IPv6 port number of the POP3 server - `%POP3PORT` - Port number of the POP3 server @@ -308,6 +328,7 @@ Features testable here are: - `parsedate` - `proxy` - `PSL` +- `Schannel` - `shuffle-dns` - `socks` - `SPNEGO` @@ -322,7 +343,6 @@ Features testable here are: - `unix-sockets` - `verbose-strings` - `win32` -- `WinSSL` as well as each protocol that curl supports. A protocol only needs to be specified if it is different from the server (useful when the server diff --git a/tests/azure.pm b/tests/azure.pm index 9dcb56c78..004c3d309 100644 --- a/tests/azure.pm +++ b/tests/azure.pm @@ -48,7 +48,7 @@ sub azure_create_test_run { 'build': {'id': '$ENV{'BUILD_BUILDID'}'} } " \\ - "$azure_baseurl/_apis/test/runs?api-version=5.0"`; + "$azure_baseurl/_apis/test/runs?api-version=5.1"`; if($azure_run =~ /"id":(\d+)/) { return $1; } @@ -75,7 +75,7 @@ sub azure_create_test_result { } ] " \\ - "$azure_baseurl/_apis/test/runs/$azure_run_id/results?api-version=5.0"`; + "$azure_baseurl/_apis/test/runs/$azure_run_id/results?api-version=5.1"`; if($azure_result =~ /\[\{"id":(\d+)/) { return $1; } @@ -92,10 +92,10 @@ sub azure_update_test_result { my $azure_duration = sprintf("%.0f", ($stop-$start)*1000); my $azure_outcome; if($error == 2) { - $azure_outcome = 'Not applicable'; + $azure_outcome = 'NotApplicable'; } elsif($error < 0) { - $azure_outcome = 'Not executed'; + $azure_outcome = 'NotExecuted'; } elsif(!$error) { $azure_outcome = 'Passed'; @@ -118,7 +118,7 @@ sub azure_update_test_result { } ] " \\ - "$azure_baseurl/_apis/test/runs/$azure_run_id/results?api-version=5.0"`; + "$azure_baseurl/_apis/test/runs/$azure_run_id/results?api-version=5.1"`; if($azure_result =~ /\[\{"id":(\d+)/) { return $1; } @@ -136,7 +136,7 @@ sub azure_update_test_run { 'state': 'Completed' } " \\ - "$azure_baseurl/_apis/test/runs/$azure_run_id?api-version=5.0"`; + "$azure_baseurl/_apis/test/runs/$azure_run_id?api-version=5.1"`; if($azure_run =~ /"id":(\d+)/) { return $1; } diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc index 6319d78f2..b92cd2df6 100644 --- a/tests/data/Makefile.inc +++ b/tests/data/Makefile.inc @@ -61,7 +61,7 @@ test334 test335 test336 test337 test338 test339 test340 test341 test342 \ test343 test344 test345 test346 \ test350 test351 test352 test353 test354 test355 test356 test357 test358 \ test359 \ -test393 test394 test395 \ +test393 test394 test395 test396 test397 \ \ test400 test401 test402 test403 test404 test405 test406 test407 test408 \ test409 \ @@ -89,7 +89,7 @@ test635 test636 test637 test638 test639 test640 test641 test642 \ test643 test644 test645 test646 test647 test648 test649 test650 test651 \ test652 test653 test654 test655 test656 test658 test659 test660 test661 \ test662 test663 test664 test665 test666 test667 test668 test669 \ -test670 test671 test672 test673 \ +test670 test671 test672 test673 test674 \ \ test700 test701 test702 test703 test704 test705 test706 test707 test708 \ test709 test710 test711 test712 test713 test714 test715 test716 test717 \ @@ -141,7 +141,7 @@ test1168 \ test1170 test1171 test1172 test1173 test1174 test1175 test1176 test1177 \ test1178 test1179 \ \ -test1190 test1191 test1192 test1193 test1194 test1195 test1196 \ +test1190 test1191 test1192 test1193 test1194 test1195 test1196 test1197 \ \ test1200 test1201 test1202 test1203 test1204 test1205 test1206 test1207 \ test1208 test1209 test1210 test1211 test1212 test1213 test1214 test1215 \ @@ -189,7 +189,7 @@ test1540 test1541 \ \ test1550 test1551 test1552 test1553 test1554 test1555 test1556 test1557 \ test1558 test1559 test1560 test1561 test1562 test1563 test1564 test1565 \ -test1566 \ +test1566 test1567 \ \ test1590 test1591 test1592 test1593 test1594 test1595 test1596 \ \ @@ -225,4 +225,4 @@ test2080 \ test2100 \ \ test3000 test3001 \ -test3002 test3003 test3004 test3005 test3006 test3007 +test3002 test3003 test3004 test3005 test3006 test3007 test3010 diff --git a/tests/data/test1119 b/tests/data/test1119 index 7406521c4..f948976b2 100644 --- a/tests/data/test1119 +++ b/tests/data/test1119 @@ -22,4 +22,10 @@ Verify that symbols-in-versions and headers are in sync </command> </client> +<verify> +<stdout> +OK +</stdout> +</verify> + </testcase> diff --git a/tests/data/test1139.skip b/tests/data/test1139.skip index 470682e11..52ebeaef7 100644 --- a/tests/data/test1139.skip +++ b/tests/data/test1139.skip @@ -24,4 +24,10 @@ Verify that all libgnurl options have man pages </command> </client> +<verify> +<stderr> +0 +</stderr> +</verify> + </testcase> diff --git a/tests/data/test1140.skip b/tests/data/test1140.skip index b9458be9f..f083eec39 100644 --- a/tests/data/test1140.skip +++ b/tests/data/test1140.skip @@ -23,4 +23,10 @@ Verify the nroff of man pages </command> </client> +<verify> +<stdout> +OK +</stdout> +</verify> + </testcase> diff --git a/tests/data/test1197 b/tests/data/test1197 new file mode 100644 index 000000000..96d368f8b --- /dev/null +++ b/tests/data/test1197 @@ -0,0 +1,88 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP GET +followlocation +--write-out +</keywords> +</info> + +# +# Server-side +<reply> +<data nocheck="yes"> +HTTP/1.1 302 OK swsbounce swsclose
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 8
+Connection: close
+Content-Type: text/plain
+Location: ./11970001
+
+monster +</data> +<data1 nocheck="yes"> +HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 15
+Connection: close
+Content-Type: text/plain; charset=us-ascii
+
+bigger monster +</data1> + +</reply> + +# +# Client-side +<client> +<server> +http +</server> + <name> +HTTP POST redirected to GET and --write-out method + </name> + <command> +http://%HOSTIP:%HTTPPORT/1197 -w "%{method}\n" -L -d "twinkle twinkle little star" +</command> +</client> + +# +# Verify data after the test has been "shot" +<verify> +<strip> +^User-Agent:.* +</strip> +<protocol> +POST /1197 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+Content-Length: 27
+Content-Type: application/x-www-form-urlencoded
+
+twinkle twinkle little starGET /11970001 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol> + +<stdout> +HTTP/1.1 302 OK swsbounce swsclose
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 8
+Connection: close
+Content-Type: text/plain
+Location: ./11970001
+
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 15
+Connection: close
+Content-Type: text/plain; charset=us-ascii
+
+bigger monster +GET +</stdout> + +</verify> +</testcase> diff --git a/tests/data/test1330 b/tests/data/test1330 index ce04e3331..f7ac9b0dd 100644 --- a/tests/data/test1330 +++ b/tests/data/test1330 @@ -41,6 +41,8 @@ s/\(.*\)/()/ s/:\d+/:/ s:^(MEM )(.*/)(.*):$1$3: s/\r\n/\n/ +s/^MEM getenv.c: realloc\(\)[\n]$// +s/^MEM getenv.c: free\(\)[\n]$// </stripfile> </verify> </testcase> diff --git a/tests/data/test1452 b/tests/data/test1452 index 0a84cf8ce..6c76ef84a 100644 --- a/tests/data/test1452 +++ b/tests/data/test1452 @@ -29,7 +29,7 @@ Basic TELNET negotiation test1452 </stdin> <command> -telnet://%HOSTIP:%NEGTELNETPORT --upload-file - +telnet://%HOSTIP:%TELNETPORT --upload-file - </command> </client> diff --git a/tests/data/test1554 b/tests/data/test1554 index d3926d916..fffa6adb5 100644 --- a/tests/data/test1554 +++ b/tests/data/test1554 @@ -50,6 +50,8 @@ run 1: foobar and so on fun! <- Mutex unlock -> Mutex lock <- Mutex unlock +-> Mutex lock +<- Mutex unlock run 1: foobar and so on fun! -> Mutex lock <- Mutex unlock @@ -65,6 +67,8 @@ run 1: foobar and so on fun! <- Mutex unlock -> Mutex lock <- Mutex unlock +-> Mutex lock +<- Mutex unlock run 1: foobar and so on fun! -> Mutex lock <- Mutex unlock @@ -74,6 +78,8 @@ run 1: foobar and so on fun! <- Mutex unlock -> Mutex lock <- Mutex unlock +-> Mutex lock +<- Mutex unlock </datacheck> </reply> diff --git a/tests/data/test1567 b/tests/data/test1567 new file mode 100644 index 000000000..088ebf497 --- /dev/null +++ b/tests/data/test1567 @@ -0,0 +1,73 @@ +<testcase> +<info> +<keywords> +HTTP +URL API +CURLOPT_CURLU +CURLOPT_FOLLOWLOCATION +</keywords> +</info> + +# Server-side +<reply> +<data> +HTTP/1.1 302 OK +Content-Length: 6 +Location: /15670002 + +-foo- +</data> +<data2> +HTTP/1.1 200 OK +Content-Length: 11 + +redirected +</data2> +<datacheck> +redirected +redirected +</datacheck> +</reply> + +# Client-side +<client> +<server> +http +</server> +# tool is what to use instead of 'curl' +<tool> +lib1567 +</tool> + + <name> +re-run redirected transfer without setting CURLU URL again + </name> + <command> +http://%HOSTIP:%HTTPPORT/1567 +</command> +</client> + +<verify> +<strip> +^User-Agent:.* +</strip> +<protocol> +GET /1567 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /15670002 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /1567 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /15670002 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol> +</verify> +</testcase> diff --git a/tests/data/test1908 b/tests/data/test1908 index 236bd4af0..bf23ef9fc 100644 --- a/tests/data/test1908 +++ b/tests/data/test1908 @@ -62,7 +62,7 @@ Accept: */* # matches s/\"([^\"]*)\"/TIMESTAMP/ </stripfile> -<file name="log/altsvc-1908"> +<file name="log/altsvc-1908" mode="text"> # Your alt-svc cache. https://curl.haxx.se/docs/alt-svc.html # This file was generated by libcurl! Edit at your own risk. h1 127.0.0.1 %HTTPPORT h2 3dbbdetxoyw4nsp6c3cc456oj2ays6s43ezxzsfxxri3h5xqd.example 443 TIMESTAMP 1 0 diff --git a/tests/data/test2043 b/tests/data/test2043 index 34f53b72e..754a9b92e 100644 --- a/tests/data/test2043 +++ b/tests/data/test2043 @@ -10,7 +10,7 @@ HTTP GET # Client-side <client> <features> -WinSSL +Schannel </features> <server> none diff --git a/tests/data/test2070 b/tests/data/test2070 index 4a21512ba..f03c87b49 100644 --- a/tests/data/test2070 +++ b/tests/data/test2070 @@ -24,7 +24,7 @@ MooMoo # Client-side <client> <features> -WinSSL +Schannel !MinGW </features> <server> diff --git a/tests/data/test3010 b/tests/data/test3010 new file mode 100644 index 000000000..1372a79d2 --- /dev/null +++ b/tests/data/test3010 @@ -0,0 +1,57 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP Basic +RETRY-AFTER +</keywords> +</info> + +# Server-side +<reply> +<data nocheck="yes"> +HTTP/1.1 301 Moved Permanently +Date: Thu, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Content-Length: 0 +Retry-After: 2 +Location: /30100002 + +</data> +<data2> +HTTP/1.1 200 OK +Date: Thu, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Content-Length: 0 + +</data2> +</reply> + +# Client-side +<client> +<server> +http +</server> + +<name> +HTTP retry-after reset +</name> +<tool> +lib3010 +</tool> + +<command> +%HOSTIP:%HTTPPORT/3010 +</command> +</client> + +# Verify data after the test has been "shot" +<verify> +<stdout> +Retry-After: 2 +Retry-After: 0 +</stdout> +</verify> +</testcase> diff --git a/tests/data/test396 b/tests/data/test396 new file mode 100644 index 000000000..1dd03421f --- /dev/null +++ b/tests/data/test396 @@ -0,0 +1,202 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP GET +compressed +</keywords> +</info> +# +# Server-side +<reply> +<data base64="yes"> +SFRUUC8xLjEgMjAwIE9LDQpEYXRlOiBNb24sIDI5IE5vdiAyMDA0IDIxOjU2OjUzIEdNVA0KU2Vy +dmVyOiBBcGFjaGUvMS4zLjMxIChEZWJpYW4gR05VL0xpbnV4KSBtb2RfZ3ppcC8xLjMuMjYuMWEg +UEhQLzQuMy45LTEgbW9kX3NzbC8yLjguMjAgT3BlblNTTC8wLjkuN2QgbW9kX3BlcmwvMS4yOQ0K +VmFyeTogQWNjZXB0LUVuY29kaW5nDQpDb250ZW50LVR5cGU6IHRleHQvaHRtbDsgY2hhcnNldD1J +U08tODg1OS0xDQpDb250ZW50LUVuY29kaW5nOiB6c3RkDQpDb250ZW50LUxlbmd0aDogMTMwOQ0K +DQootS/9ZLESfSgAhj+9KODQugGwA7ZypiefqCCMWuEChf2B/kAy8O+aCN/J85sQo2WYoY3AzAu3 +ALMArADzIbf2pNpzu3kaHt3a+7pumz3QvrNJn6zxUdptGFLvNOy67bymt1gZRqqBqhqopndRkImC +WNNUYZLrGFaqAWoasKZHVZBrglyVCoXJljJq+kbJsKImFCan5j0IgxD2kFdKljRBHrJtWNa+0GLG +t6t0Y2+db98wD3D3dh7PwZLBVGAep877k0Ku1hbWuWeJqMgcQCAAQAgreFCQiuS6IBAYhgcBp05p +tdrvMUnUg6Da+d6eR7eMAhjTU/ubEztOjRRyTNXz9lh739eZvfb42ruTgRxSd+6LNDLIIdsbw3Lv +5/fMsM699c68G27U5mZebw1yXDCYbOvqdSvdYvxH7kWyt+7bIUcko6Vc977nhbXai24X3bccJD5K +GwNyfHyRhGUhAkIhslwYEl4UYYBweVHG8nCxZF6UOWBASIAcUUQm4UWYKCKTWXh/3XJc9+8yPCkj +3qrx30GObzo3Ht/Px1B6783X6PddJCZey7W1Se0G2a373CC/5z3vYYj1x47mHWT5WcbbjLdZy6zl +xvnGOWSOpc2psaNx88PNT/XJqk/24dwP50Jmn7K9N9thyPxYcyKnod4xvLSLm0bANB2tRs8i2Fc7 +Lzdd+6x7hpGLIVVht3ZW0zCcJNIVnaFkYkhdUoRiaEkkqyKZeKQdZzmGlQmFXdToDCeUFMFubc2b +Y0iRSNZFkWDtVnuNxp003ulhCDmkv7W3aj0MIYzht0eIVkUklkWj3GYvUKypimSTfihJpKIi1kSj +ZSgQ8C4YTG3uzsvQmlgUTE6G00Num9XaHwTNadyn0VOrLWtzLSHDiISaKlfFmlDTNFXUdVGRSVUx +rDzW7411btMZMkPvigGBNbXOkL0lJ2Yb1DuGHO+s9sU82rPGd9u5XWSIZVvXuZprO1+7XXvIckqu +aUJhWEkVJVEwTdN2zWV4eVs3r9uv9uBRcIbBAesPgOiggZVzaGZABgAggEEBQELCICNKAyHz5wz5 +Gr+3SMoKzoiT4JcFlMRJ8E0BVdBikl8WJGONBZ5ErsE5h2Oju5HWDnZ50LZofbucqKR8qlj/gvM2 +pP8JtMX1f4XHv4sy+T9yUDCHs9YmJmw5hnGWowLZWgC0/j7rTMyJRnY3KrwRdj/wXTFmjnFucfZu +/94DmfjeEDOFz0C0f3YgYWUsI+2YO9YVXGtiM3AJTNsy5j6K9jkAKLew5bRCRJqMYqloGVw2M0JH +f4ZlSeeJaBsx6A24uIythC24JsTWGU7cNBP0NL3qbNPMIllkjj1n95If2W0cQobpYDaGF2ja1bjg +5MAexBa5GWSJY2kGTsRGwkEd3Ad5qiG3zWSmXQGb7VwHzPvskUlDyLuenXPmlGEajIyyvcZ1Dns9 +S2Ru2G3YO5OHEHZNu4aZS8MuG5GPrZkBNbsTDMDQBg0rr/EM2GW5AKf9gZiRlINAzPQ5ltqgBSFC +GNOIHYGDMjg5MNphi1sImR3WcGKBiIA8sM64mdAQ0sxEb84XSBFzplx8N2jz0O5guS/GeNfaqg7r +yLrOzSoJKq2aJUadLQgFtLV6UcfzOw296pBr0/ms+rHmnTs5jnmC0eqLUKV72l4Ym3HYkknmcEsY +QP51NUQZGktcjt2485yobNJeXv/S9pzH3nguOoYl36mAbjiMjYXDkIwI+7N0JMiHzrs7y3WvSOFZ +</data> + +<datacheck> +HTTP/1.1 200 OK
+Date: Mon, 29 Nov 2004 21:56:53 GMT
+Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29
+Vary: Accept-Encoding
+Content-Type: text/html; charset=ISO-8859-1
+Content-Encoding: zstd
+Content-Length: 1309
+
+<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE project-listing SYSTEM "http://freshmeat.net/backend/fm-projects-0.4.dtd"> +<project-listing> + <project> + <project_id>1612</project_id> + <date_added>1998-08-21 04:01:29</date_added> + <date_updated>2004-10-18 02:22:23</date_updated> + <projectname_short>curl</projectname_short> + <projectname_full>curl and libcurl</projectname_full> + <desc_short>Command line tool and library for client-side URL transfers.</desc_short> + <desc_full>curl and libcurl is a tool for transferring files
+using URL syntax. It supports HTTP, HTTPS, FTP,
+FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as
+well as HTTP-post, HTTP-put, cookies, FTP upload,
+resumed transfers, passwords, portnumbers, SSL
+certificates, Kerberos, and proxies. It is powered
+by libcurl, the client-side URL transfer library.
+There are bindings to libcurl for over 20
+languages and environments.
+</desc_full> + <vitality_score>5784.57</vitality_score> + <vitality_percent>3.16</vitality_percent> + <vitality_rank>169</vitality_rank> + <popularity_score>6594.54</popularity_score> + <popularity_percent>13.81</popularity_percent> + <popularity_rank>105</popularity_rank> + <rating>8.50</rating> + <rating_count>21</rating_count> + <rating_rank>183</rating_rank> + <subscriptions>323</subscriptions> + <branch_name>Default</branch_name> + <url_project_page>http://freshmeat.net/projects/curl/</url_project_page> + <url_homepage>http://freshmeat.net/redir/curl/1612/url_homepage/</url_homepage> + <url_tgz>http://freshmeat.net/redir/curl/1612/url_tgz/</url_tgz> + <url_bz2>http://freshmeat.net/redir/curl/1612/url_bz2/</url_bz2> + <url_zip>http://freshmeat.net/redir/curl/1612/url_zip/</url_zip> + <url_changelog>http://freshmeat.net/redir/curl/1612/url_changelog/</url_changelog> + <url_rpm>http://freshmeat.net/redir/curl/1612/url_rpm/</url_rpm> + <url_deb>http://freshmeat.net/redir/curl/1612/url_deb/</url_deb> + <url_osx>http://freshmeat.net/redir/curl/1612/url_osx/</url_osx> + <url_bsdport>http://freshmeat.net/redir/curl/1612/url_bsdport/</url_bsdport> + <url_purchase></url_purchase> + <url_cvs>http://freshmeat.net/redir/curl/1612/url_cvs/</url_cvs> + <url_list>http://freshmeat.net/redir/curl/1612/url_list/</url_list> + <url_mirror>http://freshmeat.net/redir/curl/1612/url_mirror/</url_mirror> + <url_demo></url_demo> + <license>MIT/X Consortium License</license> + <latest_release> + <latest_release_version>7.12.2</latest_release_version> + <latest_release_id>176085</latest_release_id> + <latest_release_date>2004-10-18 02:22:23</latest_release_date> + </latest_release> + <screenshot_thumb></screenshot_thumb> + <authors> + <author> + <author_name>Daniel Stenberg</author_name> + <author_url>http://freshmeat.net/~bagder/</author_url> + <author_role>Owner</author_role> + </author> + </authors> + <descriminators> + <trove_id>12</trove_id> + <trove_id>226</trove_id> + <trove_id>3</trove_id> + <trove_id>2</trove_id> + <trove_id>188</trove_id> + <trove_id>216</trove_id> + <trove_id>200</trove_id> + <trove_id>220</trove_id> + <trove_id>164</trove_id> + <trove_id>90</trove_id> + <trove_id>89</trove_id> + <trove_id>809</trove_id> + <trove_id>150</trove_id> + <trove_id>224</trove_id> + <trove_id>900</trove_id> + <trove_id>839</trove_id> + </descriminators> + <dependencies> + <dependency type="recommended"> + <dependency_release_id>0</dependency_release_id> + <dependency_branch_id>7464</dependency_branch_id> + <dependency_project_id>7464</dependency_project_id> + <dependency_project_title>OpenSSL (Default)</dependency_project_title> + </dependency> + <dependency type="optional"> + <dependency_release_id>0</dependency_release_id> + <dependency_branch_id>0</dependency_branch_id> + <dependency_project_id>7443</dependency_project_id> + <dependency_project_title>OpenLDAP</dependency_project_title> + </dependency> + <dependency type="optional"> + <dependency_release_id>0</dependency_release_id> + <dependency_branch_id>0</dependency_branch_id> + <dependency_project_id>12351</dependency_project_id> + <dependency_project_title>zlib</dependency_project_title> + </dependency> + <dependency type="optional"> + <dependency_release_id>0</dependency_release_id> + <dependency_branch_id>0</dependency_branch_id> + <dependency_project_id>32047</dependency_project_id> + <dependency_project_title>Heimdal</dependency_project_title> + </dependency> + <dependency type="optional"> + <dependency_release_id>0</dependency_release_id> + <dependency_branch_id>0</dependency_branch_id> + <dependency_project_id>44532</dependency_project_id> + <dependency_project_title>c-ares</dependency_project_title> + </dependency> + </dependencies> + </project> +</project-listing> +</datacheck> + +</reply> + +# +# Client-side +<client> +<features> +zstd +</features> +<server> +http +</server> + <name> +HTTP GET zstd compressed content + </name> + <command> +http://%HOSTIP:%HTTPPORT/396 --compressed +</command> +</client> + +# +# Verify data after the test has been "shot" +<verify> +<strip> +^User-Agent:.* +</strip> +<strippart> +s/^Accept-Encoding: .*/Accept-Encoding: xxx/ +</strippart> +<protocol> +GET /396 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+Accept-Encoding: xxx +
+</protocol> +</verify> +</testcase> diff --git a/tests/data/test397 b/tests/data/test397 new file mode 100644 index 000000000..6f872e2ac --- /dev/null +++ b/tests/data/test397 @@ -0,0 +1,198 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP GET +compressed +</keywords> +</info> +# +# Server-side +<reply> +# Length of not-encoded content is 16512 what is greater than default value of +# CURL_MAX_WRITE_SIZE (16384) +<data base64="yes"> +SFRUUC8xLjEgMjAwIE9LDQpEYXRlOiBNb24sIDI5IE5vdiAyMDA0IDIxOjU2OjUzIEdNVA0KU2Vy +dmVyOiBBcGFjaGUvMS4zLjMxIChEZWJpYW4gR05VL0xpbnV4KSBtb2RfZ3ppcC8xLjMuMjYuMWEg +UEhQLzQuMy45LTEgbW9kX3NzbC8yLjguMjAgT3BlblNTTC8wLjkuN2QgbW9kX3BlcmwvMS4yOQ0K +VmFyeTogQWNjZXB0LUVuY29kaW5nDQpDb250ZW50LVR5cGU6IHRleHQvaHRtbDsgY2hhcnNldD1J +U08tODg1OS0xDQpDb250ZW50LUVuY29kaW5nOiB6c3RkDQpDb250ZW50LUxlbmd0aDogNDcNCg0K +KLUv/WSAPw0BAIgwMTIzNDU2Nzg5QUJDREVGCgQAfJ9geAAEGh3Sq006l4KvuZw= +</data> + +<datacheck> +HTTP/1.1 200 OK
+Date: Mon, 29 Nov 2004 21:56:53 GMT
+Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29
+Vary: Accept-Encoding
+Content-Type: text/html; charset=ISO-8859-1
+Content-Encoding: zstd
+Content-Length: 47
+
+0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +</datacheck> + +</reply> + +# +# Client-side +<client> +<features> +zstd +</features> +<server> +http +</server> + <name> +HTTP GET zstd compressed content of size more than CURL_MAX_WRITE_SIZE + </name> + <command> +http://%HOSTIP:%HTTPPORT/397 --compressed +</command> +</client> + +# +# Verify data after the test has been "shot" +<verify> +<strip> +^User-Agent:.* +</strip> +<strippart> +s/^Accept-Encoding: .*/Accept-Encoding: xxx/ +</strippart> +<protocol> +GET /397 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+Accept-Encoding: xxx +
+</protocol> +</verify> +</testcase> diff --git a/tests/data/test558 b/tests/data/test558 index 946979677..d5aa0e087 100644 --- a/tests/data/test558 +++ b/tests/data/test558 @@ -49,6 +49,8 @@ s/\(.*\)/()/ s/:\d+/:/ s:^(MEM |FD )(.*/)(.*):$1$3: s/\r\n/\n/ +s/^MEM getenv.c: realloc\(\)[\n]$// +s/^MEM getenv.c: free\(\)[\n]$// </stripfile> </verify> diff --git a/tests/data/test674 b/tests/data/test674 new file mode 100644 index 000000000..d1f1a8654 --- /dev/null +++ b/tests/data/test674 @@ -0,0 +1,57 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP GET +CURLOPT_CURLU +curl_easy_duphandle +</keywords> +</info> +<reply> +<data nocheck="yes"> +HTTP/1.1 200 OK +Date: Thu, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + +-foo- +</data> +</reply> +<client> +<server> +http +</server> +<tool> +lib674 +</tool> +<name> +Set CURLOPT_CURLU and dupe the handle + </name> + <command> +http://%HOSTIP:%HTTPPORT/674 +</command> +</client> + +<verify> +<strip> +^User-Agent:.* +</strip> +<protocol> +GET /674 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+GET /674 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol> +</verify> + +</testcase> diff --git a/tests/data/test842 b/tests/data/test842 index 1d9181e17..2b5ae1c18 100644 --- a/tests/data/test842 +++ b/tests/data/test842 @@ -15,7 +15,7 @@ RFC7628 <servercmd> AUTH OAUTHBEARER REPLY AUTHENTICATE + -REPLY bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMwFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== A002 OK AUTHENTICATE completed +REPLY %b64[n,a=user,%01host=127.0.0.1%01port=%IMAPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% A002 OK AUTHENTICATE completed </servercmd> <data> From: me@somewhere
@@ -42,9 +42,6 @@ IMAP OAuth 2.0 (OAUTHBEARER) authentication </command> # The protocol section doesn't support ways of specifying the raw data in the # base64 encoded message so we must assert this -<precheck> -perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' ne '127.0.0.1' || '%IMAPPORT' ne '9003' );" -</precheck> </client> # @@ -53,7 +50,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' <protocol> A001 CAPABILITY
A002 AUTHENTICATE OAUTHBEARER
-bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMwFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ==
+%b64[n,a=user,%01host=127.0.0.1%01port=%IMAPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64%
A003 SELECT 842
A004 FETCH 1 BODY[]
A005 LOGOUT
diff --git a/tests/data/test843 b/tests/data/test843 index bd39dd907..131188933 100644 --- a/tests/data/test843 +++ b/tests/data/test843 @@ -41,11 +41,6 @@ IMAP OAuth 2.0 (OAUTHBEARER) authentication with initial response <command> 'imap://%HOSTIP:%IMAPPORT/843/;MAILINDEX=1' -u user --oauth2-bearer mF_9.B5f-4.1JqM </command> -# The protocol section doesn't support ways of specifying the raw data in the -# base64 encoded message so we must assert this -<precheck> -perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' ne '127.0.0.1' || '%IMAPPORT' ne '9003' );" -</precheck> </client> # @@ -53,7 +48,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' <verify> <protocol> A001 CAPABILITY
-A002 AUTHENTICATE OAUTHBEARER bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMwFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ==
+A002 AUTHENTICATE OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%IMAPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64%
A003 SELECT 843
A004 FETCH 1 BODY[]
A005 LOGOUT
diff --git a/tests/data/test844 b/tests/data/test844 index c5093d2b8..8573bc2fd 100644 --- a/tests/data/test844 +++ b/tests/data/test844 @@ -15,9 +15,7 @@ RFC7628 <servercmd> AUTH OAUTHBEARER REPLY AUTHENTICATE + -REPLY bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMwFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== + -eyJzdGF0dXMiOiJpbnZhbGlkX3Rva2VuIiwic2NvcGUiOiJleGFtcGxlX3Njb3BlIiwib3BlbmlkLWNvbmZpZ3VyYXRpb24iOiJodHRwczovL2V4YW1wbGUuY29tLy53ZWxsLWtub3duL29wZW5pZC1jb25maWd1cmF0aW9uIn0= -REPLY AQ== A002 NO Authentication failed +REPLY %b64[n,a=user,%01host=127.0.0.1%01port=%IMAPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% A002 NO Authentication failed </servercmd> </reply> @@ -33,11 +31,6 @@ IMAP OAuth 2.0 (OAUTHBEARER) failure as continuation <command> 'imap://%HOSTIP:%IMAPPORT/844/;MAILINDEX=1' -u user --oauth2-bearer mF_9.B5f-4.1JqM </command> -# The protocol section doesn't support ways of specifying the raw data in the -# base64 encoded message so we must assert this -<precheck> -perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' ne '127.0.0.1' || '%IMAPPORT' ne '9003' );" -</precheck> </client> # @@ -53,8 +46,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' <protocol> A001 CAPABILITY
A002 AUTHENTICATE OAUTHBEARER
-bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMwFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ==
-AQ==
+%b64[n,a=user,%01host=127.0.0.1%01port=%IMAPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64%
</protocol> </verify> </testcase> diff --git a/tests/data/test845 b/tests/data/test845 index 70562c7ab..449eef353 100644 --- a/tests/data/test845 +++ b/tests/data/test845 @@ -33,11 +33,6 @@ IMAP OAuth 2.0 (OAUTHBEARER) failure as continuation with initial response <command> 'imap://%HOSTIP:%IMAPPORT/845/;MAILINDEX=1' -u user --oauth2-bearer mF_9.B5f-4.1JqM </command> -# The protocol section doesn't support ways of specifying the raw data in the -# base64 encoded message so we must assert this -<precheck> -perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' ne '127.0.0.1' || '%IMAPPORT' ne '9003' );" -</precheck> </client> # @@ -52,8 +47,8 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' # transfer and such a connection will not get a "LOGOUT" <protocol> A001 CAPABILITY
-A002 AUTHENTICATE OAUTHBEARER bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMwFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ==
-AQ==
+A002 AUTHENTICATE OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%IMAPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64%
+%b64[%01]b64%
</protocol> </verify> </testcase> diff --git a/tests/data/test887 b/tests/data/test887 index 35419b502..ccf364955 100644 --- a/tests/data/test887 +++ b/tests/data/test887 @@ -17,7 +17,7 @@ RFC7628 <servercmd> AUTH OAUTHBEARER REPLY AUTH + -REPLY bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== +OK Login successful +REPLY %b64[n,a=user,%01host=127.0.0.1%01port=%POP3PORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% +OK Login successful </servercmd> <data> From: me@somewhere
@@ -42,11 +42,6 @@ POP3 OAuth 2.0 (OAUTHBEARER) authentication <command> pop3://%HOSTIP:%POP3PORT/887 -u user --oauth2-bearer mF_9.B5f-4.1JqM </command> -# The protocol section doesn't support ways of specifying the raw data in the -# base64 encoded message so we must assert this -<precheck> -perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' ne '127.0.0.1' || '%POP3PORT' ne '9001' );" -</precheck> </client> # @@ -55,7 +50,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' <protocol> CAPA
AUTH OAUTHBEARER
-bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ==
+%b64[n,a=user,%01host=127.0.0.1%01port=%POP3PORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64%
RETR 887
QUIT
</protocol> diff --git a/tests/data/test888 b/tests/data/test888 index 78463feaa..465a2d0ce 100644 --- a/tests/data/test888 +++ b/tests/data/test888 @@ -42,11 +42,6 @@ POP3 OAuth 2.0 (OAUTHBEARER) authentication with initial response <command> pop3://%HOSTIP:%POP3PORT/888 -u user --oauth2-bearer mF_9.B5f-4.1JqM --sasl-ir </command> -# The protocol section doesn't support ways of specifying the raw data in the -# base64 encoded message so we must assert this -<precheck> -perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' ne '127.0.0.1' || '%POP3PORT' ne '9001' );" -</precheck> </client> # @@ -54,7 +49,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' <verify> <protocol> CAPA
-AUTH OAUTHBEARER bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ==
+AUTH OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%POP3PORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64%
RETR 888
QUIT
</protocol> diff --git a/tests/data/test889 b/tests/data/test889 index 2edb371e9..9658d386c 100644 --- a/tests/data/test889 +++ b/tests/data/test889 @@ -17,7 +17,7 @@ RFC7628 <servercmd> AUTH OAUTHBEARER REPLY AUTH + -REPLY bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== + eyJzdGF0dXMiOiJpbnZhbGlkX3Rva2VuIiwic2NvcGUiOiJleGFtcGxlX3Njb3BlIiwib3BlbmlkLWNvbmZpZ3VyYXRpb24iOiJodHRwczovL2V4YW1wbGUuY29tLy53ZWxsLWtub3duL29wZW5pZC1jb25maWd1cmF0aW9uIn0 +REPLY %b64[n,a=user,%01host=127.0.0.1%01port=%POP3PORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% + eyJzdGF0dXMiOiJpbnZhbGlkX3Rva2VuIiwic2NvcGUiOiJleGFtcGxlX3Njb3BlIiwib3BlbmlkLWNvbmZpZ3VyYXRpb24iOiJodHRwczovL2V4YW1wbGUuY29tLy53ZWxsLWtub3duL29wZW5pZC1jb25maWd1cmF0aW9uIn0 REPLY AQ== -ERR Authentication failed </servercmd> </reply> @@ -34,11 +34,6 @@ POP3 OAuth 2.0 (OAUTHBEARER) failure as continuation <command> pop3://%HOSTIP:%POP3PORT/889 -u user --oauth2-bearer mF_9.B5f-4.1JqM </command> -# The protocol section doesn't support ways of specifying the raw data in the -# base64 encoded message so we must assert this -<precheck> -perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' ne '127.0.0.1' || '%POP3PORT' ne '9001' );" -</precheck> </client> # @@ -54,7 +49,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' <protocol> CAPA
AUTH OAUTHBEARER
-bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ==
+%b64[n,a=user,%01host=127.0.0.1%01port=%POP3PORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64%
AQ==
</protocol> </verify> diff --git a/tests/data/test890 b/tests/data/test890 index ca0ccc7b5..4d6701ab0 100644 --- a/tests/data/test890 +++ b/tests/data/test890 @@ -34,11 +34,6 @@ POP3 OAuth 2.0 (OAUTHBEARER) failure as continuation with initial response <command> pop3://%HOSTIP:%POP3PORT/890 -u user --oauth2-bearer mF_9.B5f-4.1JqM --sasl-ir </command> -# The protocol section doesn't support ways of specifying the raw data in the -# base64 encoded message so we must assert this -<precheck> -perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' ne '127.0.0.1' || '%POP3PORT' ne '9001' );" -</precheck> </client> # @@ -53,7 +48,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' # transfer and such a connection will not get a "QUIT" <protocol> CAPA
-AUTH OAUTHBEARER bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ==
+AUTH OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%POP3PORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64%
AQ==
</protocol> </verify> diff --git a/tests/data/test914 b/tests/data/test914 index d1532c806..0124b7671 100644 --- a/tests/data/test914 +++ b/tests/data/test914 @@ -8,6 +8,9 @@ SMTP # # Server-side <reply> +<servercmd> +REPLY MAIL 501 not fine enough +</servercmd> </reply> # diff --git a/tests/data/test946 b/tests/data/test946 index c6753dc1e..aa88364fa 100644 --- a/tests/data/test946 +++ b/tests/data/test946 @@ -16,7 +16,7 @@ RFC7628 <servercmd> AUTH OAUTHBEARER REPLY AUTH 334 OAUTHBEARER supported -REPLY bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwNQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== 235 Authenticated +REPLY %b64[n,a=user,%01host=127.0.0.1%01port=%SMTPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% 235 Authenticated </servercmd> </reply> @@ -35,11 +35,6 @@ mail body <command> smtp://%HOSTIP:%SMTPPORT/946 --mail-rcpt recipient@example.com --mail-from sender@example.com -u user --oauth2-bearer mF_9.B5f-4.1JqM -T - </command> -# The protocol section doesn't support ways of specifying the raw data in the -# base64 encoded message so we must assert this -<precheck> -perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' ne '127.0.0.1' || '%SMTPPORT' ne '9005' );" -</precheck> </client> # @@ -48,7 +43,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' <protocol> EHLO 946
AUTH OAUTHBEARER
-bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwNQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ==
+%b64[n,a=user,%01host=127.0.0.1%01port=%SMTPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64%
MAIL FROM:<sender@example.com>
RCPT TO:<recipient@example.com>
DATA
diff --git a/tests/data/test947 b/tests/data/test947 index 03c3fbe37..d2622be8d 100644 --- a/tests/data/test947 +++ b/tests/data/test947 @@ -35,11 +35,6 @@ mail body <command> smtp://%HOSTIP:%SMTPPORT/947 --mail-rcpt recipient@example.com --mail-from sender@example.com -u user --oauth2-bearer mF_9.B5f-4.1JqM --sasl-ir -T - </command> -# The protocol section doesn't support ways of specifying the raw data in the -# base64 encoded message so we must assert this -<precheck> -perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' ne '127.0.0.1' || '%SMTPPORT' ne '9005' );" -</precheck> </client> # @@ -47,7 +42,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' <verify> <protocol> EHLO 947
-AUTH OAUTHBEARER bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwNQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ==
+AUTH OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%SMTPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64%
MAIL FROM:<sender@example.com>
RCPT TO:<recipient@example.com>
DATA
diff --git a/tests/data/test948 b/tests/data/test948 index 8385f0cd2..a6eadf5fa 100644 --- a/tests/data/test948 +++ b/tests/data/test948 @@ -16,7 +16,7 @@ RFC7628 <servercmd> AUTH OAUTHBEARER REPLY AUTH 334 OAUTHBEARER supported -REPLY bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwNQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== 334 eyJzdGF0dXMiOiJpbnZhbGlkX3Rva2VuIiwic2NvcGUiOiJleGFtcGxlX3Njb3BlIiwib3BlbmlkLWNvbmZpZ3VyYXRpb24iOiJodHRwczovL2V4YW1wbGUuY29tLy53ZWxsLWtub3duL29wZW5pZC1jb25maWd1cmF0aW9uIn0 +REPLY %b64[n,a=user,%01host=127.0.0.1%01port=%SMTPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% 334 eyJzdGF0dXMiOiJpbnZhbGlkX3Rva2VuIiwic2NvcGUiOiJleGFtcGxlX3Njb3BlIiwib3BlbmlkLWNvbmZpZ3VyYXRpb24iOiJodHRwczovL2V4YW1wbGUuY29tLy53ZWxsLWtub3duL29wZW5pZC1jb25maWd1cmF0aW9uIn0 REPLY AQ== 535 Username and Password not accepted. Learn more at\r\n535 http://support.example.com/mail/oauth </servercmd> </reply> @@ -36,11 +36,6 @@ mail body <command> smtp://%HOSTIP:%SMTPPORT/948 --mail-rcpt recipient@example.com --mail-from sender@example.com -u user --oauth2-bearer mF_9.B5f-4.1JqM -T - </command> -# The protocol section doesn't support ways of specifying the raw data in the -# base64 encoded message so we must assert this -<precheck> -perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' ne '127.0.0.1' || '%SMTPPORT' ne '9005' );" -</precheck> </client> # @@ -56,7 +51,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' <protocol> EHLO 948
AUTH OAUTHBEARER
-bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwNQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ==
+%b64[n,a=user,%01host=127.0.0.1%01port=%SMTPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64%
AQ==
</protocol> </verify> diff --git a/tests/data/test949 b/tests/data/test949 index 345940077..82064f19a 100644 --- a/tests/data/test949 +++ b/tests/data/test949 @@ -36,11 +36,6 @@ mail body <command> smtp://%HOSTIP:%SMTPPORT/949 --mail-rcpt recipient@example.com --mail-from sender@example.com -u user --oauth2-bearer mF_9.B5f-4.1JqM --sasl-ir -T - </command> -# The protocol section doesn't support ways of specifying the raw data in the -# base64 encoded message so we must assert this -<precheck> -perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' ne '127.0.0.1' || '%SMTPPORT' ne '9005' );" -</precheck> </client> # @@ -55,7 +50,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' # transfer and such a connection will not get a "QUIT" <protocol> EHLO 949
-AUTH OAUTHBEARER bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwNQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ==
+AUTH OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%SMTPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64%
AQ==
</protocol> </verify> diff --git a/tests/data/test955 b/tests/data/test955 index 57d618c7d..97ef29561 100644 --- a/tests/data/test955 +++ b/tests/data/test955 @@ -8,6 +8,9 @@ SMTP # # Server-side <reply> +<servercmd> +REPLY MAIL 501 not fine enough +</servercmd> </reply> # diff --git a/tests/data/test959 b/tests/data/test959 index a61c3d142..1b2d65842 100644 --- a/tests/data/test959 +++ b/tests/data/test959 @@ -8,6 +8,9 @@ SMTP # # Server-side <reply> +<servercmd> +REPLY MAIL 501 not fine enough +</servercmd> </reply> # diff --git a/tests/data/test970 b/tests/data/test970 index e6d138f49..c0a88a798 100644 --- a/tests/data/test970 +++ b/tests/data/test970 @@ -61,7 +61,7 @@ Accept: */* </protocol> <stdout nonewline="yes"> -{"url_effective":"http://%HOSTIP:%HTTPPORT/970","http_code":200,"response_code":200,"http_connect":0,"time_total":0.000013,"time_namelookup":0.000013,"time_connect":0.000013,"time_appconnect":0.000013,"time_pretransfer":0.000013,"time_starttransfer":0.000013,"size_header":4019,"size_request":4019,"size_download":445,"size_upload":0,"speed_download":13,"speed_upload":13,"content_type":"text/html","num_connects":1,"time_redirect":0.000013,"num_redirects":0,"ssl_verify_result":0,"proxy_ssl_verify_result":0,"filename_effective":"log/out970","remote_ip":"%HOSTIP","remote_port":%HTTPPORT,"local_ip":"127.0.0.1","local_port":13,"http_version":"1.1","scheme":"HTTP","curl_version":"curl-unit-test-fake-version"} +{"url_effective":"http://%HOSTIP:%HTTPPORT/970","method":"GET","http_code":200,"response_code":200,"http_connect":0,"time_total":0.000013,"time_namelookup":0.000013,"time_connect":0.000013,"time_appconnect":0.000013,"time_pretransfer":0.000013,"time_starttransfer":0.000013,"size_header":4019,"size_request":4019,"size_download":445,"size_upload":0,"speed_download":13,"speed_upload":13,"content_type":"text/html","num_connects":1,"time_redirect":0.000013,"num_redirects":0,"ssl_verify_result":0,"proxy_ssl_verify_result":0,"filename_effective":"log/out970","remote_ip":"%HOSTIP","remote_port":%HTTPPORT,"local_ip":"127.0.0.1","local_port":13,"http_version":"1.1","scheme":"HTTP","curl_version":"curl-unit-test-fake-version"} </stdout> </verify> </testcase> diff --git a/tests/ftpserver.pl.in b/tests/ftpserver.pl.in index a70aac9cf..ae9ac05f4 100755 --- a/tests/ftpserver.pl.in +++ b/tests/ftpserver.pl.in @@ -83,6 +83,7 @@ my $proto = 'ftp'; # default server protocol my $srcdir; # directory where ftpserver.pl is located my $srvrname; # server name for presentation purposes my $cwd_testno; # test case numbers extracted from CWD command +my $testno = 0; # test case number (read from ftpserver.cmd) my $path = '.'; my $logdir = $path .'/log'; @@ -449,17 +450,14 @@ sub startsf { # Returns the given test's reply data # sub getreplydata { - my ($testno) = @_; + my ($num) = @_; my $testpart = ""; - $testno =~ s/^([^0-9]*)//; - if($testno > 10000) { - $testpart = $testno % 10000; - $testno = int($testno / 10000); + $num =~ s/^([^0-9]*)//; + if($num > 10000) { + $testpart = $num % 10000; } - loadtest("$srcdir/data/test$testno"); - my @data = getpart("reply", "data$testpart"); if((!@data) && ($testpart ne "")) { @data = getpart("reply", "data"); @@ -835,13 +833,8 @@ sub MAIL_smtp { } } - # Validate the from address (only <> and a valid email address inside - # <> are allowed, such as <user@example.com>) - if (($from eq "<>") || - (!$smtputf8 && $from =~ - /^<([a-zA-Z0-9._%+-]+)\@(([a-zA-Z0-9-]+)\.)+([a-zA-Z]{2,4})>$/) || - ($smtputf8 && $from =~ - /^<([a-zA-Z0-9\x{80}-\x{ff}._%+-]+)\@(([a-zA-Z0-9\x{80}-\x{ff}-]+)\.)+([a-zA-Z]{2,4})>$/)) { + # this server doesn't "validate" MAIL FROM addresses + if (length($from)) { my @found; my $valid = 1; @@ -2098,7 +2091,8 @@ my @ftpdir=("total 20\r\n", logmsg "pass LIST data on data connection\n"; if($cwd_testno) { - loadtest("$srcdir/data/test$cwd_testno"); + loadtest("$logdir/test$cwd_testno") || + loadtest("$srcdir/data/test$cwd_testno"); my @data = getpart("reply", "data"); for(@data) { @@ -2161,7 +2155,8 @@ sub MDTM_ftp { $testno = int($testno / 10000); } - loadtest("$srcdir/data/test$testno"); + loadtest("$logdir/test$testno") || + loadtest("$srcdir/data/test$testno"); my @data = getpart("reply", "mdtm"); @@ -2214,7 +2209,8 @@ sub SIZE_ftp { $testno = int($testno / 10000); } - loadtest("$srcdir/data/test$testno"); + loadtest("$logdir/test$testno") || + loadtest("$srcdir/data/test$testno"); my @data = getpart("reply", "size"); @@ -2303,7 +2299,8 @@ sub RETR_ftp { $testno = int($testno / 10000); } - loadtest("$srcdir/data/test$testno"); + loadtest("$logdir/test$testno") || + loadtest("$srcdir/data/test$testno"); my @data = getpart("reply", "data$testpart"); @@ -2886,6 +2883,10 @@ sub customize { $nosave = 1; logmsg "FTPD: NOSAVE prevents saving of uploaded data\n"; } + elsif($_ =~ /^Testnum (\d+)/){ + $testno = $1; + logmsg "FTPD: run test case number: $testno\n"; + } } close(CUSTOM); } @@ -3074,6 +3075,8 @@ while(1) { $| = 1; &customize(); # read test control instructions + loadtest("$logdir/test$testno") || + loadtest("$srcdir/data/test$testno"); my $welcome = $commandreply{"welcome"}; if(!$welcome) { diff --git a/tests/libtest/.checksrc b/tests/libtest/.checksrc index 24677d53e..37f790952 100644 --- a/tests/libtest/.checksrc +++ b/tests/libtest/.checksrc @@ -1 +1,2 @@ disable TYPEDEFSTRUCT +disable BANNEDFUNC diff --git a/tests/libtest/Makefile.am b/tests/libtest/Makefile.am index eea1ff3ce..590c77a7e 100644 --- a/tests/libtest/Makefile.am +++ b/tests/libtest/Makefile.am @@ -85,8 +85,11 @@ libhostname_la_CPPFLAGS_EXTRA = libhostname_la_LDFLAGS_EXTRA = -module -avoid-version -rpath /nowhere libhostname_la_CFLAGS_EXTRA = +libstubgss_la_LDFLAGS_EXTRA = + if CURL_LT_SHLIB_USE_NO_UNDEFINED libhostname_la_LDFLAGS_EXTRA += -no-undefined +libstubgss_la_LDFLAGS_EXTRA += -no-undefined endif if CURL_LT_SHLIB_USE_MIMPURE_TEXT @@ -112,7 +115,7 @@ if BUILD_STUB_GSS noinst_LTLIBRARIES += libstubgss.la libstubgss_la_CPPFLAGS = $(AM_CPPFLAGS) -libstubgss_la_LDFLAGS = $(AM_LDFLAGS) -avoid-version -rpath /nowhere +libstubgss_la_LDFLAGS = $(AM_LDFLAGS) $(libstubgss_la_LDFLAGS_EXTRA) -avoid-version -rpath /nowhere libstubgss_la_CFLAGS = $(AM_CFLAGS) -g libstubgss_la_SOURCES = stub_gssapi.c stub_gssapi.h @@ -131,7 +134,7 @@ CS_1 = CS_ = $(CS_0) checksrc: - $(CHECKSRC)@PERL@ $(top_srcdir)/lib/checksrc.pl $(srcdir)/*.[ch] + $(CHECKSRC)@PERL@ $(top_srcdir)/lib/checksrc.pl -D$(srcdir) $(srcdir)/*.[ch] if CURLDEBUG # for debug builds, we scan the sources on all regular make invokes diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc index f29bf6aee..2c9c66539 100644 --- a/tests/libtest/Makefile.inc +++ b/tests/libtest/Makefile.inc @@ -47,7 +47,7 @@ noinst_PROGRAMS = chkhostname libauthretry libntlmconnect \ lib583 lib585 lib586 lib587 lib589 lib590 lib591 lib597 lib598 lib599 \ lib643 lib644 lib645 lib650 lib651 lib652 lib653 lib654 lib655 lib658 \ lib659 lib661 lib666 lib667 lib668 \ - lib670 lib671 lib672 lib673 \ + lib670 lib671 lib672 lib673 lib674 \ lib1156 \ lib1500 lib1501 lib1502 lib1503 lib1504 lib1505 lib1506 lib1507 lib1508 \ lib1509 lib1510 lib1511 lib1512 lib1513 lib1514 lib1515 lib1517 \ @@ -56,10 +56,10 @@ noinst_PROGRAMS = chkhostname libauthretry libntlmconnect \ lib1534 lib1535 lib1536 lib1537 lib1538 lib1539 \ lib1540 lib1541 \ lib1550 lib1551 lib1552 lib1553 lib1554 lib1555 lib1556 lib1557 \ - lib1558 lib1559 lib1560 lib1564 lib1565 \ + lib1558 lib1559 lib1560 lib1564 lib1565 lib1567 \ lib1591 lib1592 lib1593 lib1594 lib1596 \ lib1900 lib1905 lib1906 lib1907 lib1908 lib1910 \ - lib2033 + lib2033 lib3010 chkdecimalpoint_SOURCES = chkdecimalpoint.c ../../lib/mprintf.c \ ../../lib/curl_ctype.c ../../lib/dynbuf.c ../../lib/strdup.c @@ -400,6 +400,10 @@ lib673_SOURCES = lib670.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) lib673_LDADD = $(TESTUTIL_LIBS) lib673_CPPFLAGS = $(AM_CPPFLAGS) -DLIB673 +lib674_SOURCES = lib674.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) +lib674_LDADD = $(TESTUTIL_LIBS) +lib674_CPPFLAGS = $(AM_CPPFLAGS) + lib1500_SOURCES = lib1500.c $(SUPPORTFILES) $(TESTUTIL) lib1500_LDADD = $(TESTUTIL_LIBS) lib1500_CPPFLAGS = $(AM_CPPFLAGS) @@ -600,6 +604,9 @@ lib1565_SOURCES = lib1565.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) lib1565_LDADD = $(TESTUTIL_LIBS) lib1565_CPPFLAGS = $(AM_CPPFLAGS) +lib1567_SOURCES = lib1567.c $(SUPPORTFILES) +lib1567_CPPFLAGS = $(AM_CPPFLAGS) + lib1591_SOURCES = lib1591.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) lib1591_LDADD = $(TESTUTIL_LIBS) lib1591_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1591 @@ -645,3 +652,7 @@ lib1910_CPPFLAGS = $(AM_CPPFLAGS) lib2033_SOURCES = libntlmconnect.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) lib2033_LDADD = $(TESTUTIL_LIBS) lib2033_CPPFLAGS = $(AM_CPPFLAGS) -DUSE_PIPELINING + +lib3010_SOURCES = lib3010.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) +lib3010_LDADD = $(TESTUTIL_LIBS) +lib3010_CPPFLAGS = $(AM_CPPFLAGS) diff --git a/tests/libtest/lib1567.c b/tests/libtest/lib1567.c new file mode 100644 index 000000000..48e6ea96c --- /dev/null +++ b/tests/libtest/lib1567.c @@ -0,0 +1,52 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ +#include "test.h" + +#include "memdebug.h" + +#include <curl/multi.h> + +int test(char *URL) +{ + CURL *curl; + CURLcode res = CURLE_OK; + + global_init(CURL_GLOBAL_ALL); + curl = curl_easy_init(); + if(curl) { + CURLU *u = curl_url(); + if(u) { + curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); + curl_url_set(u, CURLUPART_URL, URL, 0); + curl_easy_setopt(curl, CURLOPT_CURLU, u); + res = curl_easy_perform(curl); + + fprintf(stderr, "****************************** Do it again\n"); + res = curl_easy_perform(curl); + curl_url_cleanup(u); + } + curl_easy_cleanup(curl); + } + curl_global_cleanup(); + return (int)res; +} diff --git a/tests/libtest/lib3010.c b/tests/libtest/lib3010.c new file mode 100644 index 000000000..9c24b2f52 --- /dev/null +++ b/tests/libtest/lib3010.c @@ -0,0 +1,66 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 2020 - 2020, Nicolas Sterchele, <nicolas@sterchelen.net> + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ +#include "test.h" + +#include "memdebug.h" + +int test(char *URL) +{ + CURLcode ret = CURLE_OK; + CURL *curl = NULL; + curl_off_t retry_after; + char *follow_url = NULL; + + curl_global_init(CURL_GLOBAL_ALL); + curl = curl_easy_init(); + + if(curl) { + curl_easy_setopt(curl, CURLOPT_URL, URL); + ret = curl_easy_perform(curl); + if(ret) { + fprintf(stderr, "%s:%d curl_easy_perform() failed with code %d (%s)\n", + __FILE__, __LINE__, ret, curl_easy_strerror(ret)); + goto test_cleanup; + } + curl_easy_getinfo(curl, CURLINFO_REDIRECT_URL, &follow_url); + curl_easy_getinfo(curl, CURLINFO_RETRY_AFTER, &retry_after); + printf("Retry-After: %" CURL_FORMAT_CURL_OFF_T "\n", retry_after); + curl_easy_setopt(curl, CURLOPT_URL, follow_url); + ret = curl_easy_perform(curl); + if(ret) { + fprintf(stderr, "%s:%d curl_easy_perform() failed with code %d (%s)\n", + __FILE__, __LINE__, ret, curl_easy_strerror(ret)); + goto test_cleanup; + } + + curl_easy_reset(curl); + curl_easy_getinfo(curl, CURLINFO_RETRY_AFTER, &retry_after); + printf("Retry-After: %" CURL_FORMAT_CURL_OFF_T "\n", retry_after); + } + +test_cleanup: + curl_easy_cleanup(curl); + curl_global_cleanup(); + + return ret; +} + diff --git a/tests/libtest/lib557.c b/tests/libtest/lib557.c index 2e51b99c1..b34a0c2f0 100644 --- a/tests/libtest/lib557.c +++ b/tests/libtest/lib557.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -1537,6 +1537,17 @@ static int test_weird_arguments(void) errors += string_check(buf, ""); + /* Do not skip sanity checks with parameters! */ + buf[0] = 0; + rc = curl_msnprintf(buf, sizeof(buf), "%d, %.*1$d", 500, 1); + + if(rc != 256) { + printf("curl_mprintf() returned %d and not 256!\n", rc); + errors++; + } + + errors += strlen_check(buf, 255); + if(errors) printf("Some curl_mprintf() weird arguments tests failed!\n"); diff --git a/tests/libtest/lib674.c b/tests/libtest/lib674.c new file mode 100644 index 000000000..828e52cd5 --- /dev/null +++ b/tests/libtest/lib674.c @@ -0,0 +1,81 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ +#include "test.h" + +#include "testutil.h" +#include "warnless.h" +#include "memdebug.h" + +/* + * Get a single URL without select(). + */ + +int test(char *URL) +{ + CURL *handle = NULL; + CURL *handle2; + CURLcode res = 0; + CURLU *urlp = NULL; + CURLUcode uc = 0; + + global_init(CURL_GLOBAL_ALL); + easy_init(handle); + + urlp = curl_url(); + + if(!urlp) { + fprintf(stderr, "problem init URL api."); + goto test_cleanup; + } + + uc = curl_url_set(urlp, CURLUPART_URL, URL, 0); + if(uc) { + fprintf(stderr, "problem setting CURLUPART_URL."); + goto test_cleanup; + } + + /* demonstrate override behavior */ + + + easy_setopt(handle, CURLOPT_CURLU, urlp); + easy_setopt(handle, CURLOPT_VERBOSE, 1L); + + res = curl_easy_perform(handle); + + if(res) { + fprintf(stderr, "%s:%d curl_easy_perform() failed with code %d (%s)\n", + __FILE__, __LINE__, res, curl_easy_strerror(res)); + goto test_cleanup; + } + + handle2 = curl_easy_duphandle(handle); + res = curl_easy_perform(handle2); + curl_easy_cleanup(handle2); + +test_cleanup: + + curl_url_cleanup(urlp); + curl_easy_cleanup(handle); + curl_global_cleanup(); + + return res; +} diff --git a/tests/libtest/testutil.c b/tests/libtest/testutil.c index b33a2f4be..504b15324 100644 --- a/tests/libtest/testutil.c +++ b/tests/libtest/testutil.c @@ -55,7 +55,7 @@ struct timeval tutil_tvnow(void) struct timespec tsnow; if(0 == clock_gettime(CLOCK_MONOTONIC, &tsnow)) { now.tv_sec = tsnow.tv_sec; - now.tv_usec = tsnow.tv_nsec / 1000; + now.tv_usec = (int)(tsnow.tv_nsec / 1000); } /* ** Even when the configure process has truly detected monotonic clock diff --git a/tests/manpage-scan.pl.in b/tests/manpage-scan.pl.in index cb8301528..59d6ce817 100755 --- a/tests/manpage-scan.pl.in +++ b/tests/manpage-scan.pl.in @@ -288,4 +288,4 @@ foreach my $o (keys %opts) { } } -exit $errors; +print STDERR "$errors\n"; diff --git a/tests/nroff-scan.pl.in b/tests/nroff-scan.pl.in index 348934089..8f4f2a24c 100755 --- a/tests/nroff-scan.pl.in +++ b/tests/nroff-scan.pl.in @@ -63,23 +63,23 @@ sub file { while($l =~ s/\\f(.)([^ ]*)\\f(.)//) { my ($pre, $str, $post)=($1, $2, $3); if($post ne "P") { - print STDERR "error: $f:$line: missing \\fP after $str\n"; + print "error: $f:$line: missing \\fP after $str\n"; $errors++; } if($str =~ /((libcurl|gnurl)([^ ]*))\(3\)/i) { my $man = "$1.3"; if(!manpresent($man)) { - print STDERR "error: $f:$line: referring to non-existing man page $man\n"; + print "error: $f:$line: referring to non-existing man page $man\n"; $errors++; } if($pre ne "I") { - print STDERR "error: $f:$line: use \\fI before $str\n"; + print "error: $f:$line: use \\fI before $str\n"; $errors++; } } } if($l =~ /(gnurl([^ ]*)\(3\))/i) { - print STDERR "error: $f:$line: non-referencing $1\n"; + print "error: $f:$line: non-referencing $1\n"; $errors++; } if($l =~ /^\.BR (.*)/) { @@ -87,7 +87,7 @@ sub file { while($i =~ s/((lib|)gnurl([^ ]*)) *\"\(3\)(,|) *\" *//i ) { my $man = "$1.3"; if(!manpresent($man)) { - print STDERR "error: $f:$line: referring to non-existing man page $man\n"; + print "error: $f:$line: referring to non-existing man page $man\n"; $errors++; } } @@ -101,4 +101,6 @@ foreach my $f (@f) { file($f); } +print "OK\n" if(!$errors); + exit $errors?1:0; diff --git a/tests/runtests.1 b/tests/runtests.1 index 46ebd6275..30a0bc29c 100644 --- a/tests/runtests.1 +++ b/tests/runtests.1 @@ -55,8 +55,6 @@ Prefix a keyword with a tilde (~) to still run it, but ignore the results. .IP "-a" Continue running the rest of the test cases even if one test fails. By default, the test script stops as soon as an error is detected. -.IP "-bN" -Use N as the base TCP/UDP port number on which to start the test servers. .IP "-c <curl>" Provide a path to a custom curl binary to run the tests with. Default is the curl executable in the build tree. diff --git a/tests/runtests.pl.in b/tests/runtests.pl.in index 72113e895..a8bfe16c4 100755 --- a/tests/runtests.pl.in +++ b/tests/runtests.pl.in @@ -76,6 +76,7 @@ use strict; use warnings; use Cwd; use Digest::MD5 qw(md5); +use MIME::Base64; # Subs imported from serverhelp module use serverhelp qw( @@ -126,10 +127,6 @@ my $HOST6IP="[::1]"; # address on which the test server listens my $CLIENTIP="127.0.0.1"; # address which curl uses for incoming connections my $CLIENT6IP="[::1]"; # address which curl uses for incoming connections -my $base = 8990; # base port number -my $minport; # minimum used port number -my $maxport; # maximum used port number - my $noport="[not running]"; my $NOLISTENPORT=47; # port number we use for a local non-listening service @@ -162,7 +159,7 @@ my $HTTP2PORT=$noport; # HTTP/2 server port my $DICTPORT=$noport; # DICT server port my $SMBPORT=$noport; # SMB server port my $SMBSPORT=$noport; # SMBS server port -my $NEGTELNETPORT=$noport; # TELNET server port with negotiation +my $TELNETPORT=$noport; # TELNET server port with negotiation my $HTTPUNIXPATH; # HTTP server Unix domain socket path my $SSHSRVMD5 = "[uninitialized]"; # MD5 of ssh server public key @@ -240,6 +237,7 @@ my $has_ipv6; # set if libcurl is built with IPv6 support my $has_unix; # set if libcurl is built with Unix sockets support my $has_libz; # set if libcurl is built with libz support my $has_brotli; # set if libcurl is built with brotli support +my $has_zstd; # set if libcurl is built with zstd support my $has_getrlimit; # set if system has getrlimit() my $has_ntlm; # set if libcurl is built with NTLM support my $has_ntlm_wb; # set if libcurl is built with NTLM delegation to winbind @@ -270,8 +268,8 @@ my $has_openssl; # built with a lib using an OpenSSL-like API my $has_gnutls; # built with GnuTLS my $has_nss; # built with NSS my $has_wolfssl; # built with wolfSSL -my $has_winssl; # built with WinSSL (Secure Channel aka Schannel) -my $has_darwinssl; # built with DarwinSSL (Secure Transport) +my $has_schannel; # built with Schannel +my $has_sectransp; # built with Secure Transport my $has_boringssl; # built with BoringSSL my $has_libressl; # built with libressl my $has_mbedtls; # built with mbedTLS @@ -1432,7 +1430,7 @@ sub responsiveserver { # start the http2 server # sub runhttp2server { - my ($verbose, $port) = @_; + my ($verbose) = @_; my $server; my $srvrname; my $pidfile; @@ -1464,26 +1462,34 @@ sub runhttp2server { $logfile = server_logfilename($LOGDIR, $proto, $ipvnum, $idnum); $flags .= "--pidfile \"$pidfile\" --logfile \"$logfile\" "; - $flags .= "--port $HTTP2PORT "; $flags .= "--connect $HOSTIP:$HTTPPORT "; $flags .= $verbose_flag if($debugprotocol); - my $cmd = "$exe $flags"; - my ($http2pid, $pid2) = startnew($cmd, $pidfile, 15, 0); + my ($http2pid, $pid2); + my $port = 23113; + for(1 .. 10) { + $port += int(rand(900)); + my $aflags = "--port $port $flags"; - if($http2pid <= 0 || !pidexists($http2pid)) { - # it is NOT alive - logmsg "RUN: failed to start the $srvrname server\n"; - stopserver($server, "$pid2"); - $doesntrun{$pidfile} = 1; - return (0,0); - } + my $cmd = "$exe $aflags"; + ($http2pid, $pid2) = startnew($cmd, $pidfile, 15, 0); - if($verbose) { - logmsg "RUN: $srvrname server is now running PID $http2pid\n"; + if($http2pid <= 0 || !pidexists($http2pid)) { + # it is NOT alive + logmsg "RUN: failed to start the $srvrname server\n"; + stopserver($server, "$pid2"); + $doesntrun{$pidfile} = 1; + next; + } + $doesntrun{$pidfile} = 0; + + if($verbose) { + logmsg "RUN: $srvrname server PID $http2pid port $port\n"; + } + last; } - return ($http2pid, $pid2); + return ($http2pid, $pid2, $port); } ####################################################################### @@ -1695,7 +1701,6 @@ sub runhttpsserver { sub runhttptlsserver { my ($verbose, $ipv6) = @_; my $proto = "httptls"; - my $port = ($ipv6 && ($ipv6 =~ /6$/)) ? $HTTPTLS6PORT : $HTTPTLSPORT; my $ip = ($ipv6 && ($ipv6 =~ /6$/)) ? "$HOST6IP" : "$HOSTIP"; my $ipvnum = ($ipv6 && ($ipv6 =~ /6$/)) ? 6 : 4; my $idnum = 1; @@ -1730,40 +1735,36 @@ sub runhttptlsserver { $flags .= "--http "; $flags .= "--debug 1 " if($debugprotocol); - $flags .= "--port $port "; $flags .= "--priority NORMAL:+SRP "; $flags .= "--srppasswd $srcdir/certs/srp-verifier-db "; $flags .= "--srppasswdconf $srcdir/certs/srp-verifier-conf"; - my $cmd = "$httptlssrv $flags > $logfile 2>&1"; - my ($httptlspid, $pid2) = startnew($cmd, $pidfile, 10, 1); # fake pidfile + my $port = 24367; + my ($httptlspid, $pid2); + for (1 .. 10) { + $port += int(rand(800)); + my $allflags = "--port $port $flags"; - if($httptlspid <= 0 || !pidexists($httptlspid)) { - # it is NOT alive - logmsg "RUN: failed to start the $srvrname server\n"; - stopserver($server, "$pid2"); - displaylogs($testnumcheck); - $doesntrun{$pidfile} = 1; - return (0,0); - } + my $cmd = "$httptlssrv $allflags > $logfile 2>&1"; + ($httptlspid, $pid2) = startnew($cmd, $pidfile, 10, 1); - # Server is up. Verify that we can speak to it. PID is from fake pidfile - my $pid3 = verifyserver($proto, $ipvnum, $idnum, $ip, $port); - if(!$pid3) { - logmsg "RUN: $srvrname server failed verification\n"; - # failed to talk to it properly. Kill the server and return failure - stopserver($server, "$httptlspid $pid2"); - displaylogs($testnumcheck); - $doesntrun{$pidfile} = 1; - return (0,0); - } - $pid2 = $pid3; + if($httptlspid <= 0 || !pidexists($httptlspid)) { + # it is NOT alive + logmsg "RUN: failed to start the $srvrname server\n"; + stopserver($server, "$pid2"); + displaylogs($testnumcheck); + $doesntrun{$pidfile} = 1; + $httptlspid = $pid2 = 0; + next; + } + $doesntrun{$pidfile} = 0; - if($verbose) { - logmsg "RUN: $srvrname server is now running PID $httptlspid\n"; + if($verbose) { + logmsg "RUN: $srvrname server PID $httptlspid port $port\n"; + } + last; } - - return ($httptlspid, $pid2); + return ($httptlspid, $pid2, $port); } ####################################################################### @@ -2400,7 +2401,7 @@ sub runsocksserver { # start the dict server # sub rundictserver { - my ($verbose, $alt, $port) = @_; + my ($verbose, $alt) = @_; my $proto = "dict"; my $ip = $HOSTIP; my $ipvnum = 4; @@ -2437,45 +2438,42 @@ sub rundictserver { $flags .= "--verbose 1 " if($debugprotocol); $flags .= "--pidfile \"$pidfile\" --logfile \"$logfile\" "; $flags .= "--id $idnum " if($idnum > 1); - $flags .= "--port $port --srcdir \"$srcdir\" "; + $flags .= "--srcdir \"$srcdir\" "; $flags .= "--host $HOSTIP"; - my $cmd = "$srcdir/dictserver.py $flags"; - my ($dictpid, $pid2) = startnew($cmd, $pidfile, 15, 0); - - if($dictpid <= 0 || !pidexists($dictpid)) { - # it is NOT alive - logmsg "RUN: failed to start the $srvrname server\n"; - stopserver($server, "$pid2"); - displaylogs($testnumcheck); - $doesntrun{$pidfile} = 1; - return (0,0); - } + my $port = 29000; + my ($dictpid, $pid2); + for(1 .. 10) { + $port += int(rand(900)); + my $aflags = "--port $port $flags"; + my $cmd = "$srcdir/dictserver.py $aflags"; + ($dictpid, $pid2) = startnew($cmd, $pidfile, 15, 0); - # Server is up. Verify that we can speak to it. - my $pid3 = verifyserver($proto, $ipvnum, $idnum, $ip, $port); - if(!$pid3) { - logmsg "RUN: $srvrname server failed verification\n"; - # failed to talk to it properly. Kill the server and return failure - stopserver($server, "$dictpid $pid2"); - displaylogs($testnumcheck); - $doesntrun{$pidfile} = 1; - return (0,0); - } - $pid2 = $pid3; + if($dictpid <= 0 || !pidexists($dictpid)) { + # it is NOT alive + logmsg "RUN: failed to start the $srvrname server\n"; + stopserver($server, "$pid2"); + displaylogs($testnumcheck); + $doesntrun{$pidfile} = 1; + $dictpid = $pid2 = 0; + next; + } + $doesntrun{$pidfile} = 0; - if($verbose) { - logmsg "RUN: $srvrname server is now running PID $dictpid\n"; + if($verbose) { + logmsg "RUN: $srvrname server PID $dictpid port $port\n"; + } + last; } - return ($dictpid, $pid2); + return ($dictpid, $pid2, $port); } ####################################################################### # start the SMB server # sub runsmbserver { - my ($verbose, $alt, $port) = @_; + my ($verbose, $alt) = @_; my $proto = "smb"; my $ip = $HOSTIP; my $ipvnum = 4; @@ -2512,45 +2510,42 @@ sub runsmbserver { $flags .= "--verbose 1 " if($debugprotocol); $flags .= "--pidfile \"$pidfile\" --logfile \"$logfile\" "; $flags .= "--id $idnum " if($idnum > 1); - $flags .= "--port $port --srcdir \"$srcdir\" "; + $flags .= "--srcdir \"$srcdir\" "; $flags .= "--host $HOSTIP"; - my $cmd = "$srcdir/smbserver.py $flags"; - my ($smbpid, $pid2) = startnew($cmd, $pidfile, 15, 0); - - if($smbpid <= 0 || !pidexists($smbpid)) { - # it is NOT alive - logmsg "RUN: failed to start the $srvrname server\n"; - stopserver($server, "$pid2"); - displaylogs($testnumcheck); - $doesntrun{$pidfile} = 1; - return (0,0); - } + my ($smbpid, $pid2); + my $port = 31923; + for(1 .. 10) { + $port += int(rand(760)); + my $aflags = "--port $port $flags"; + my $cmd = "$srcdir/smbserver.py $aflags"; + ($smbpid, $pid2) = startnew($cmd, $pidfile, 15, 0); - # Server is up. Verify that we can speak to it. - my $pid3 = verifyserver($proto, $ipvnum, $idnum, $ip, $port); - if(!$pid3) { - logmsg "RUN: $srvrname server failed verification\n"; - # failed to talk to it properly. Kill the server and return failure - stopserver($server, "$smbpid $pid2"); - displaylogs($testnumcheck); - $doesntrun{$pidfile} = 1; - return (0,0); - } - $pid2 = $pid3; + if($smbpid <= 0 || !pidexists($smbpid)) { + # it is NOT alive + logmsg "RUN: failed to start the $srvrname server\n"; + stopserver($server, "$pid2"); + displaylogs($testnumcheck); + $doesntrun{$pidfile} = 1; + $smbpid = $pid2 = 0; + next; + } + $doesntrun{$pidfile} = 0; - if($verbose) { - logmsg "RUN: $srvrname server is now running PID $smbpid\n"; + if($verbose) { + logmsg "RUN: $srvrname server PID $smbpid port $port\n"; + } + last; } - return ($smbpid, $pid2); + return ($smbpid, $pid2, $port); } ####################################################################### # start the telnet server # sub runnegtelnetserver { - my ($verbose, $alt, $port) = @_; + my ($verbose, $alt) = @_; my $proto = "telnet"; my $ip = $HOSTIP; my $ipvnum = 4; @@ -2587,37 +2582,34 @@ sub runnegtelnetserver { $flags .= "--verbose 1 " if($debugprotocol); $flags .= "--pidfile \"$pidfile\" --logfile \"$logfile\" "; $flags .= "--id $idnum " if($idnum > 1); - $flags .= "--port $port --srcdir \"$srcdir\""; - - my $cmd = "$srcdir/negtelnetserver.py $flags"; - my ($ntelpid, $pid2) = startnew($cmd, $pidfile, 15, 0); + $flags .= "--srcdir \"$srcdir\""; - if($ntelpid <= 0 || !pidexists($ntelpid)) { - # it is NOT alive - logmsg "RUN: failed to start the $srvrname server\n"; - stopserver($server, "$pid2"); - displaylogs($testnumcheck); - $doesntrun{$pidfile} = 1; - return (0,0); - } + my ($ntelpid, $pid2); + my $port = 32000; + for(1 .. 10) { + $port += int(rand(800)); + my $aflags = "--port $port $flags"; + my $cmd = "$srcdir/negtelnetserver.py $aflags"; + ($ntelpid, $pid2) = startnew($cmd, $pidfile, 15, 0); - # Server is up. Verify that we can speak to it. - my $pid3 = verifyserver($proto, $ipvnum, $idnum, $ip, $port); - if(!$pid3) { - logmsg "RUN: $srvrname server failed verification\n"; - # failed to talk to it properly. Kill the server and return failure - stopserver($server, "$ntelpid $pid2"); - displaylogs($testnumcheck); - $doesntrun{$pidfile} = 1; - return (0,0); - } - $pid2 = $pid3; + if($ntelpid <= 0 || !pidexists($ntelpid)) { + # it is NOT alive + logmsg "RUN: failed to start the $srvrname server\n"; + stopserver($server, "$pid2"); + displaylogs($testnumcheck); + $doesntrun{$pidfile} = 1; + $ntelpid = $pid2 = 0; + next; + } + $doesntrun{$pidfile} = 0; - if($verbose) { - logmsg "RUN: $srvrname server is now running PID $ntelpid\n"; + if($verbose) { + logmsg "RUN: $srvrname server PID $ntelpid port $port\n"; + } + last; } - return ($ntelpid, $pid2); + return ($ntelpid, $pid2, $port); } @@ -2796,7 +2788,6 @@ sub setupfeatures { $feature{"alt-svc"} = $has_altsvc; $feature{"brotli"} = $has_brotli; $feature{"crypto"} = $has_crypto; - $feature{"DarwinSSL"} = $has_darwinssl; # alias $feature{"debug"} = $debug_build; $feature{"getrlimit"} = $has_getrlimit; $feature{"GnuTLS"} = $has_gnutls; @@ -2816,10 +2807,10 @@ sub setupfeatures { $feature{"NSS"} = $has_nss; $feature{"NTLM"} = $has_ntlm; $feature{"NTLM_WB"} = $has_ntlm_wb; - $feature{"OpenSSL"} = $has_openssl; + $feature{"OpenSSL"} = $has_openssl || $has_libressl || $has_boringssl; $feature{"PSL"} = $has_psl; - $feature{"Schannel"} = $has_winssl; # alias - $feature{"sectransp"} = $has_darwinssl; + $feature{"Schannel"} = $has_schannel; + $feature{"sectransp"} = $has_sectransp; $feature{"SPNEGO"} = $has_spnego; $feature{"SSL"} = $has_ssl; $feature{"SSLpinning"} = $has_sslpinning; @@ -2830,7 +2821,7 @@ sub setupfeatures { $feature{"unittest"} = $debug_build; $feature{"unix-sockets"} = $has_unix; $feature{"win32"} = $has_win32; - $feature{"WinSSL"} = $has_winssl; + $feature{"zstd"} = $has_zstd; # make each protocol an enabled "feature" for my $p (@protocols) { @@ -2914,7 +2905,7 @@ sub checksystem { $has_mingw = 1 if ($curl =~ /-pc-mingw32/); } if ($libcurl =~ /(winssl|schannel)/i) { - $has_winssl=1; + $has_schannel=1; $has_sslpinning=1; } elsif ($libcurl =~ /openssl/i) { @@ -2934,7 +2925,7 @@ sub checksystem { $has_sslpinning=1; } elsif ($libcurl =~ /securetransport/i) { - $has_darwinssl=1; + $has_sectransp=1; $has_sslpinning=1; } elsif ($libcurl =~ /BoringSSL/i) { @@ -3011,6 +3002,9 @@ sub checksystem { if($feat =~ /brotli/i) { $has_brotli = 1; } + if($feat =~ /zstd/i) { + $has_zstd = 1; + } if($feat =~ /NTLM/i) { # NTLM enabled $has_ntlm=1; @@ -3214,18 +3208,8 @@ sub checksystem { $run_event_based?"event-based ":""); logmsg sprintf("%s\n", $libtool?"Libtool ":""); logmsg ("* Seed: $randseed\n"); - logmsg ("* Port range: $minport-$maxport\n"); if($verbose) { - logmsg "* Ports: "; - if($httptlssrv) { - logmsg sprintf("HTTPTLS/%d ", $HTTPTLSPORT); - if($has_ipv6) { - logmsg sprintf("HTTPTLS-IPv6/%d ", $HTTPTLS6PORT); - } - logmsg "\n"; - } - if($has_unix) { logmsg "* Unix socket paths:\n"; if($http_unix) { @@ -3284,7 +3268,7 @@ sub subVariables { $$thing =~ s/${prefix}DICTPORT/$DICTPORT/g; $$thing =~ s/${prefix}SMBPORT/$SMBPORT/g; $$thing =~ s/${prefix}SMBSPORT/$SMBSPORT/g; - $$thing =~ s/${prefix}NEGTELNETPORT/$NEGTELNETPORT/g; + $$thing =~ s/${prefix}TELNETPORT/$TELNETPORT/g; $$thing =~ s/${prefix}NOLISTENPORT/$NOLISTENPORT/g; # server Unix domain socket paths @@ -3333,6 +3317,20 @@ sub subVariables { $$thing =~ s/${prefix}H2CVER/$h2cver/g; } +sub subBase64 { + my ($thing) = @_; + + # cut out the base64 piece + if($$thing =~ s/%b64\[(.*)\]b64%/%%B64%%/i) { + my $d = $1; + # encode %NN characters + $d =~ s/%([0-9A-Fa-f]{2})/chr(hex($1))/eg; + my $enc = encode_base64($d, ""); + # put the result into there + $$thing =~ s/%%B64%%/$enc/; + } +} + sub fixarray { my @in = @_; @@ -3555,16 +3553,21 @@ sub singletest { for my $s (@entiretest) { my $f = $s; subVariables(\$s, "%"); + subBase64(\$s); if($f ne $s) { $diff++; } print D $s; } close(D); + # remove the separate test file again if nothing was updated to keep # things simpler unlink($otest) if(!$diff); + # in case the process changed the file, reload it + loadtest("log/test${testnum}") if($diff); + # timestamp required servers verification end $timesrvrend{$testnum} = Time::HiRes::time(); @@ -4644,7 +4647,7 @@ sub startservers { } elsif($what eq "http/2") { if(!$run{'http/2'}) { - ($pid, $pid2) = runhttp2server($verbose, $HTTP2PORT); + ($pid, $pid2, $HTTP2PORT) = runhttp2server($verbose); if($pid <= 0) { return "failed starting HTTP/2 server"; } @@ -4838,7 +4841,8 @@ sub startservers { stopserver('httptls'); } if(!$run{'httptls'}) { - ($pid, $pid2) = runhttptlsserver($verbose, "IPv4"); + ($pid, $pid2, $HTTPTLSPORT) = + runhttptlsserver($verbose, "IPv4"); if($pid <= 0) { return "failed starting HTTPTLS server (gnutls-serv)"; } @@ -4857,7 +4861,8 @@ sub startservers { stopserver('httptls-ipv6'); } if(!$run{'httptls-ipv6'}) { - ($pid, $pid2) = runhttptlsserver($verbose, "ipv6"); + ($pid, $pid2, $HTTPTLS6PORT) = + runhttptlsserver($verbose, "ipv6"); if($pid <= 0) { return "failed starting HTTPTLS-IPv6 server (gnutls-serv)"; } @@ -4945,7 +4950,7 @@ sub startservers { } elsif($what eq "dict") { if(!$run{'dict'}) { - ($pid, $pid2) = rundictserver($verbose, "", $DICTPORT); + ($pid, $pid2, $DICTPORT) = rundictserver($verbose, ""); if($pid <= 0) { return "failed starting DICT server"; } @@ -4956,7 +4961,7 @@ sub startservers { } elsif($what eq "smb") { if(!$run{'smb'}) { - ($pid, $pid2) = runsmbserver($verbose, "", $SMBPORT); + ($pid, $pid2, $SMBPORT) = runsmbserver($verbose, ""); if($pid <= 0) { return "failed starting SMB server"; } @@ -4967,9 +4972,8 @@ sub startservers { } elsif($what eq "telnet") { if(!$run{'telnet'}) { - ($pid, $pid2) = runnegtelnetserver($verbose, - "", - $NEGTELNETPORT); + ($pid, $pid2, $TELNETPORT) = + runnegtelnetserver($verbose, ""); if($pid <= 0) { return "failed starting neg TELNET server"; } @@ -5195,12 +5199,6 @@ while(@ARGV) { # verbose output $verbose=1; } - elsif($ARGV[0] =~ /^-b(.*)/) { - my $portno=$1; - if($portno =~ s/(\d+)$//) { - $base = int $1; - } - } elsif ($ARGV[0] eq "-c") { # use this path to curl instead of default $DBGCURL=$CURL="\"$ARGV[1]\""; @@ -5322,7 +5320,6 @@ while(@ARGV) { Usage: runtests.pl [options] [test selection(s)] -a continue even if a test fails -am automake style output PASS/FAIL: [number] [name] - -bN use base port number N for test servers (default $base) -c path use this curl executable -d display server debug info -e event-based execution @@ -5470,18 +5467,8 @@ if ($gdbthis) { } } -$minport = $base; # original base port number -$HTTPTLSPORT = $base++; # HTTP TLS (non-stunnel) server port -$HTTPTLS6PORT = $base++; # HTTP TLS (non-stunnel) IPv6 server port -$HTTP2PORT = $base++; # HTTP/2 port -$DICTPORT = $base++; # DICT port -$SMBPORT = $base++; # SMB port -$SMBSPORT = $base++; # SMBS port -$NEGTELNETPORT = $base++; # TELNET port with negotiation $HTTPUNIXPATH = "http$$.sock"; # HTTP server Unix domain socket path -$maxport = $base-1; # updated base port number - ####################################################################### # clear and create logging directory: # diff --git a/tests/server/util.c b/tests/server/util.c index 577a56cb2..dccce596b 100644 --- a/tests/server/util.c +++ b/tests/server/util.c @@ -119,6 +119,7 @@ void logmsg(const char *msg, ...) known_offset = 1; } sec = epoch_offset + tv.tv_sec; + /* !checksrc! disable BANNEDFUNC 1 */ now = localtime(&sec); /* not thread safe but we don't care */ msnprintf(timebuf, sizeof(timebuf), "%02d:%02d:%02d.%06ld", @@ -475,7 +476,7 @@ static struct timeval tvnow(void) struct timespec tsnow; if(0 == clock_gettime(CLOCK_MONOTONIC, &tsnow)) { now.tv_sec = tsnow.tv_sec; - now.tv_usec = tsnow.tv_nsec / 1000; + now.tv_usec = (int)(tsnow.tv_nsec / 1000); } /* ** Even when the configure process has truly detected monotonic clock diff --git a/tests/sshserver.pl.in b/tests/sshserver.pl.in index a976bb4b6..fd98d48cc 100644 --- a/tests/sshserver.pl.in +++ b/tests/sshserver.pl.in @@ -522,6 +522,11 @@ push @cfgarr, '#'; # and do not support quotes around values for some unknown reason. if ($sshdid =~ /OpenSSH-Windows/) { my $username_lc = lc $username; + if (exists $ENV{USERDOMAIN}) { + my $userdomain_lc = lc $ENV{USERDOMAIN}; + $username_lc = "$userdomain_lc\\$username_lc"; + } + $username_lc =~ s/ /\?/g; # replace space with ? push @cfgarr, "DenyUsers !$username_lc"; push @cfgarr, "AllowUsers $username_lc"; } else { diff --git a/tests/symbol-scan.pl.in b/tests/symbol-scan.pl.in index 2d2c5e20e..a9853c2c4 100755 --- a/tests/symbol-scan.pl.in +++ b/tests/symbol-scan.pl.in @@ -178,3 +178,6 @@ if($summary) { if($misses) { exit 2; # there are stuff to attend to! } +else { + print "OK\n"; +} |