summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorng0 <ng0@n0.is>2019-08-15 09:52:39 +0000
committerng0 <ng0@n0.is>2019-08-15 09:52:39 +0000
commit36fb08f81b748620e97d7d8e2d4255b77e78c545 (patch)
tree19aa5019c9e9cbf53d74e272fddc8cbc48b39e51
parent765f80c1e27acb585eebef46a97ffc769e452879 (diff)
parentaa73eb47bc8583070734696b25b34ad54c2c1f5e (diff)
downloadgnurl-36fb08f81b748620e97d7d8e2d4255b77e78c545.tar.gz
gnurl-36fb08f81b748620e97d7d8e2d4255b77e78c545.tar.bz2
gnurl-36fb08f81b748620e97d7d8e2d4255b77e78c545.zip
Merge tag 'curl-7_65_3'
7.65.3
-rw-r--r--.travis.yml55
-rw-r--r--CMake/CurlSymbolHiding.cmake4
-rw-r--r--CMake/CurlTests.c2
-rw-r--r--CMake/FindGSS.cmake4
-rw-r--r--CMakeLists.txt2
-rw-r--r--RELEASE-NOTES87
-rw-r--r--SECURITY.md10
-rw-r--r--buildconf.bat2
-rwxr-xr-xconfigure.ac229
-rw-r--r--docs/CIPHERS.md6
-rw-r--r--docs/DEPRECATE.md7
-rw-r--r--docs/INTERNALS.md2
-rw-r--r--docs/KNOWN_BUGS11
-rw-r--r--docs/THANKS26
-rw-r--r--docs/cmdline-opts/data.d2
-rw-r--r--docs/cmdline-opts/doh-url.d1
-rw-r--r--docs/cmdline-opts/key.d2
-rw-r--r--docs/cmdline-opts/pinnedpubkey.d4
-rw-r--r--docs/cmdline-opts/proto-redir.d9
-rw-r--r--docs/cmdline-opts/proto.d2
-rw-r--r--docs/cmdline-opts/quote.d7
-rw-r--r--docs/cmdline-opts/tlsv1.0.d4
-rw-r--r--docs/cmdline-opts/tlsv1.1.d4
-rw-r--r--docs/cmdline-opts/tlsv1.2.d4
-rw-r--r--docs/examples/fopen.c2
-rw-r--r--docs/examples/ftp-wildcard.c4
-rw-r--r--docs/examples/htmltitle.cpp14
-rw-r--r--docs/examples/synctime.c9
-rw-r--r--docs/examples/threaded-ssl.c2
-rw-r--r--docs/libcurl/gnurl_multi_socket_action.376
-rw-r--r--docs/libcurl/gnurl_multi_wait.32
-rw-r--r--docs/libcurl/libgnurl-security.36
-rw-r--r--docs/libcurl/libgnurl-thread.39
-rw-r--r--docs/libcurl/libgnurl-tutorial.36
-rw-r--r--docs/libcurl/opts/GNURLINFO_TLS_SSL_PTR.326
-rw-r--r--docs/libcurl/opts/GNURLMOPT_SOCKETFUNCTION.326
-rw-r--r--docs/libcurl/opts/GNURLOPT_CAINFO.320
-rw-r--r--docs/libcurl/opts/GNURLOPT_FOLLOWLOCATION.33
-rw-r--r--docs/libcurl/opts/GNURLOPT_HEADEROPT.32
-rw-r--r--docs/libcurl/opts/GNURLOPT_HTTP_VERSION.34
-rw-r--r--docs/libcurl/opts/GNURLOPT_MAIL_RCPT.39
-rw-r--r--docs/libcurl/opts/GNURLOPT_PINNEDPUBLICKEY.32
-rw-r--r--docs/libcurl/opts/GNURLOPT_PROXY_SSLVERSION.35
-rw-r--r--docs/libcurl/opts/GNURLOPT_PROXY_SSL_OPTIONS.311
-rw-r--r--docs/libcurl/opts/GNURLOPT_RANGE.38
-rw-r--r--docs/libcurl/opts/GNURLOPT_REDIR_PROTOCOLS.39
-rw-r--r--docs/libcurl/opts/GNURLOPT_RTSP_REQUEST.318
-rw-r--r--docs/libcurl/opts/GNURLOPT_RTSP_STREAM_URI.34
-rw-r--r--docs/libcurl/opts/GNURLOPT_SEEKDATA.32
-rw-r--r--docs/libcurl/opts/GNURLOPT_SSLVERSION.35
-rw-r--r--docs/libcurl/opts/GNURLOPT_SSL_CTX_DATA.36
-rw-r--r--docs/libcurl/opts/GNURLOPT_SSL_CTX_FUNCTION.323
-rw-r--r--docs/libcurl/opts/GNURLOPT_SSL_OPTIONS.310
-rw-r--r--docs/libcurl/symbols-in-versions1
-rw-r--r--include/gnurl/curl.h29
-rw-r--r--include/gnurl/curlver.h6
-rw-r--r--include/gnurl/typecheck-gcc.h8
-rw-r--r--lib/Makefile.inc4
-rw-r--r--lib/asyn-ares.c4
-rw-r--r--lib/config-os400.h6
-rw-r--r--lib/config-symbian.h5
-rw-r--r--lib/config-vxworks.h3
-rw-r--r--lib/connect.c5
-rw-r--r--lib/cookie.c4
-rw-r--r--lib/curl_config.h.cmake3
-rw-r--r--lib/curl_endian.h5
-rw-r--r--lib/curl_ntlm_core.c3
-rw-r--r--lib/curl_setup.h2
-rw-r--r--lib/easy.c5
-rw-r--r--lib/ftp.c18
-rw-r--r--lib/hash.h4
-rw-r--r--lib/hostip.h9
-rw-r--r--lib/http.c23
-rw-r--r--lib/http.h5
-rw-r--r--lib/http2.c19
-rw-r--r--lib/http2.h4
-rw-r--r--lib/imap.c15
-rw-r--r--lib/krb5.c8
-rw-r--r--lib/multi.c186
-rw-r--r--lib/multiif.h2
-rw-r--r--lib/netrc.c2
-rw-r--r--lib/pop3.c15
-rw-r--r--lib/progress.c261
-rw-r--r--lib/rtsp.c2
-rw-r--r--lib/security.c4
-rw-r--r--lib/setopt.c12
-rw-r--r--lib/setopt.h5
-rw-r--r--lib/smb.c6
-rw-r--r--lib/smtp.c15
-rw-r--r--lib/splay.h8
-rw-r--r--lib/ssh-libssh.c3
-rw-r--r--lib/system_win32.c7
-rw-r--r--lib/system_win32.h4
-rw-r--r--lib/transfer.c10
-rw-r--r--lib/transfer.h4
-rw-r--r--lib/url.c66
-rw-r--r--lib/url.h3
-rw-r--r--lib/urlapi-int.h3
-rw-r--r--lib/urldata.h2
-rw-r--r--lib/vauth/digest.c11
-rw-r--r--lib/vtls/mesalink.c2
-rw-r--r--lib/vtls/nss.c26
-rw-r--r--lib/vtls/openssl.c45
-rw-r--r--lib/vtls/vtls.c10
-rw-r--r--lib/vtls/vtls.h2
-rw-r--r--lib/vtls/wolfssl.c (renamed from lib/vtls/cyassl.c)219
-rw-r--r--lib/vtls/wolfssl.h (renamed from lib/vtls/cyassl.h)14
-rw-r--r--lib/x509asn1.c4
-rw-r--r--lib/x509asn1.h6
-rw-r--r--m4/curl-functions.m43
-rw-r--r--packages/OS400/ccsidcurl.c22
-rw-r--r--packages/OS400/os400sys.c19
-rw-r--r--packages/vms/config_h.com13
-rw-r--r--src/tool_cb_prg.c16
-rw-r--r--src/tool_getpass.c2
-rw-r--r--src/tool_operate.c35
-rw-r--r--src/tool_setopt.c73
-rw-r--r--src/tool_setopt.h10
-rw-r--r--tests/Makefile.am2
-rw-r--r--tests/data/Makefile.inc11
-rw-r--r--tests/data/test10011
-rw-r--r--tests/data/test116525
-rw-r--r--tests/data/test117326
-rw-r--r--tests/data/test15192
-rw-r--r--tests/data/test152349
-rw-r--r--tests/data/test1534
-rw-r--r--tests/data/test156351
-rw-r--r--tests/data/test159349
-rw-r--r--tests/data/test1884
-rw-r--r--tests/data/test1894
-rw-r--r--tests/data/test20328
-rw-r--r--tests/data/test6512
-rw-r--r--tests/data/test6534
-rwxr-xr-xtests/dictserver.py.in4
-rwxr-xr-xtests/disable-scan.pl97
-rw-r--r--tests/libtest/Makefile.inc10
-rw-r--r--tests/libtest/lib1523.c82
-rw-r--r--tests/libtest/lib1541.c4
-rw-r--r--tests/libtest/lib1560.c34
-rw-r--r--tests/libtest/lib1593.c79
-rw-r--r--tests/libtest/lib1905.c3
-rw-r--r--tests/libtest/lib541.c2
-rw-r--r--tests/libtest/lib569.c3
-rw-r--r--tests/libtest/lib571.c3
-rwxr-xr-xtests/libtest/mk-lib1521.pl16
-rw-r--r--tests/manpage-syntax.pl63
-rwxr-xr-xtests/runtests.pl464
-rw-r--r--tests/server/Makefile.inc4
-rw-r--r--tests/server/disabled.c79
-rw-r--r--tests/server/socksd.c10
-rw-r--r--tests/server/sws.c25
-rwxr-xr-xtests/smbserver.py.in4
-rw-r--r--tests/unit/unit1651.c2
-rw-r--r--tests/unit/unit1654.c4
-rw-r--r--winbuild/BUILD.WINDOWS.txt1
-rw-r--r--winbuild/Makefile.vc14
-rw-r--r--winbuild/MakefileBuild.vc9
157 files changed, 1926 insertions, 1491 deletions
diff --git a/.travis.yml b/.travis.yml
index 9455b4e56..76bd6114f 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -82,12 +82,7 @@ matrix:
packages:
- *common_packages
- libpsl-dev
- - os: linux
- compiler: gcc
- dist: trusty
- env:
- - T=normal BROTLI=yes
- - OVERRIDE_CC="CC=gcc-8" OVERRIDE_CXX="CXX=g++-8"
+ - libbrotli-dev
- os: linux
compiler: gcc
dist: xenial
@@ -101,6 +96,7 @@ matrix:
packages:
- *common_packages
- libpsl-dev
+ - libbrotli-dev
- os: linux
compiler: gcc
dist: xenial
@@ -114,12 +110,21 @@ matrix:
packages:
- *common_packages
- libpsl-dev
+ - libbrotli-dev
- os: linux
compiler: gcc
dist: xenial
env:
- T=debug-mesalink C="--with-mesalink --without-ssl"
- OVERRIDE_CC="CC=gcc-8" OVERRIDE_CXX="CXX=g++-8"
+ addons:
+ apt:
+ sources:
+ - *common_sources
+ packages:
+ - *common_packages
+ - libpsl-dev
+ - libbrotli-dev
- os: linux
compiler: clang
dist: xenial
@@ -135,6 +140,7 @@ matrix:
- *common_packages
- clang-7
- libpsl-dev
+ - libbrotli-dev
- os: linux
compiler: clang
dist: xenial
@@ -150,6 +156,7 @@ matrix:
- *common_packages
- clang-7
- libpsl-dev
+ - libbrotli-dev
- os: linux
compiler: clang
dist: xenial
@@ -165,6 +172,7 @@ matrix:
- *common_packages
- clang-7
- libpsl-dev
+ - libbrotli-dev
- libmbedtls-dev
- os: linux
compiler: clang
@@ -182,6 +190,7 @@ matrix:
- clang-7
- libgnutls28-dev
- libpsl-dev
+ - libbrotli-dev
- os: linux
compiler: clang
dist: xenial
@@ -197,6 +206,7 @@ matrix:
- *common_packages
- clang-7
- libpsl-dev
+ - libbrotli-dev
- os: linux
compiler: clang
dist: xenial
@@ -213,6 +223,7 @@ matrix:
- clang-7
- libnss3-dev
- libpsl-dev
+ - libbrotli-dev
- os: linux
compiler: gcc
dist: trusty
@@ -257,6 +268,7 @@ matrix:
packages:
- *common_packages
- libpsl-dev
+ - libbrotli-dev
- os: linux
compiler: clang
dist: xenial
@@ -272,6 +284,7 @@ matrix:
- *common_packages
- clang-7
- libpsl-dev
+ - libbrotli-dev
- os: linux
compiler: gcc
dist: xenial
@@ -286,6 +299,8 @@ matrix:
- *common_packages
- lcov
- libpsl-dev
+ - libbrotli-dev
+ - libssh2-1-dev
- os: linux
compiler: gcc
dist: xenial
@@ -299,6 +314,7 @@ matrix:
packages:
- *common_packages
- libpsl-dev
+ - libbrotli-dev
- os: linux
compiler: clang
dist: xenial
@@ -314,6 +330,7 @@ matrix:
- *common_packages
- clang-7
- libpsl-dev
+ - libbrotli-dev
- os: linux
compiler: clang
dist: xenial
@@ -330,9 +347,10 @@ matrix:
- clang-7
- clang-tidy-7
- libpsl-dev
+ - libbrotli-dev
- os: linux
compiler: clang
- dist: trusty
+ dist: xenial
env:
- T=scan-build
- OVERRIDE_CC="CC=clang-7" OVERRIDE_CXX="CXX=clang++-7"
@@ -340,10 +358,12 @@ matrix:
apt:
sources:
- *common_sources
- - llvm-toolchain-trusty-7
+ - llvm-toolchain-xenial-7
packages:
- *common_packages
- clang-7
+ - libpsl-dev
+ - libbrotli-dev
- os: linux
compiler: clang
dist: xenial
@@ -359,6 +379,7 @@ matrix:
- *common_packages
- clang-7
- libpsl-dev
+ - libbrotli-dev
before_install:
- eval "${OVERRIDE_CC}"
@@ -373,20 +394,6 @@ install:
before_script:
- ./buildconf
- |
- # No brotli package available for Trusty. Download & compile from source.
- # Cannot be done in the install script because cmake is needed.
- if [ "$TRAVIS_OS_NAME" = linux -a "$BROTLI" ]; then
- curl -L https://github.com/google/brotli/archive/v1.0.1.tar.gz |
- tar xzf - &&
- (
- cd brotli-1.0.1 &&
- cmake . -DCMAKE_INSTALL_PREFIX=/usr \
- -DCMAKE_INSTALL_LIBDIR=/usr/lib &&
- make &&
- sudo make install
- )
- fi
- - |
if [ "$TRAVIS_OS_NAME" = linux -a "$BORINGSSL" ]; then
(cd $HOME &&
git clone --depth=1 https://boringssl.googlesource.com/boringssl &&
@@ -452,11 +459,11 @@ script:
- |
set -eo pipefail
if [ "$T" = "coverage" ]; then
- ./configure --enable-debug --disable-shared --enable-code-coverage
+ ./configure --enable-debug --disable-shared --disable-threaded-resolver --enable-code-coverage --enable-werror --enable-alt-svc --with-libssh2
make
make TFLAGS=-n test-nonflaky
make "TFLAGS=-n -e" test-nonflaky
- tests="1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 200 201 202 300 301 302 500 501 502 503 504 506 507 508 509 510 511 512 513 514 515 516 517 518 519 600 601 700 701 702 800 801 802 803 900 901 902 903 1000 1001 1002 1004 1100 1101 1200 1201 1302 1303 1304 1305 1306 1308 1400 1401 1402 1404 1450 1451 1452 1502 1507 1508 1600 1602 1603 1605 1650 1651 1652 1653 1654 2001 2100 3000"
+ tests="1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 200 201 202 300 301 302 500 501 502 503 504 506 507 508 509 510 511 512 513 514 515 516 517 518 519 700 701 702 800 801 802 803 900 901 902 903 1000 1001 1002 1004 1100 1101 1200 1201 1302 1303 1304 1305 1306 1308 1400 1401 1402 1404 1450 1451 1452 1502 1507 1508 1600 1602 1603 1605 1650 1651 1652 1653 1654 2001 2100 3000"
make "TFLAGS=-n -t $tests" test-nonflaky
coveralls --gcov /usr/bin/gcov-8 --gcov-options '\-lp' -i src -e lib -e tests -e docs -b $PWD/src
coveralls --gcov /usr/bin/gcov-8 --gcov-options '\-lp' -e src -i lib -e tests -e docs -b $PWD/lib
diff --git a/CMake/CurlSymbolHiding.cmake b/CMake/CurlSymbolHiding.cmake
index 15ba46e46..224755a31 100644
--- a/CMake/CurlSymbolHiding.cmake
+++ b/CMake/CurlSymbolHiding.cmake
@@ -29,7 +29,7 @@ if(CURL_HIDDEN_SYMBOLS)
set(_CFLAG_SYMBOLS_HIDE "-xldscope=hidden")
elseif(CMAKE_C_COMPILER_ID MATCHES "Intel" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 9.0)
# note: this should probably just check for version 9.1.045 but I'm not 100% sure
- # so let's to it the same way autotools do.
+ # so let's do it the same way autotools do.
set(SUPPORTS_SYMBOL_HIDING TRUE)
set(_SYMBOL_EXTERN "__attribute__ ((__visibility__ (\"default\")))")
set(_CFLAG_SYMBOLS_HIDE "-fvisibility=hidden")
@@ -53,7 +53,7 @@ elseif(MSVC)
message(WARNING "Hiding private symbols regardless CURL_HIDDEN_SYMBOLS being disabled.")
set(HIDES_CURL_PRIVATE_SYMBOLS TRUE)
endif()
-elseif()
+else()
set(HIDES_CURL_PRIVATE_SYMBOLS FALSE)
endif()
diff --git a/CMake/CurlTests.c b/CMake/CurlTests.c
index 07b516b4d..2a7632951 100644
--- a/CMake/CurlTests.c
+++ b/CMake/CurlTests.c
@@ -125,6 +125,7 @@ int main(void)
#if defined(HAVE_GETHOSTBYADDR_R_5) || \
defined(HAVE_GETHOSTBYADDR_R_5_REENTRANT)
rc = gethostbyaddr_r(address, length, type, &h, &hdata);
+ (void)rc;
#elif defined(HAVE_GETHOSTBYADDR_R_7) || \
defined(HAVE_GETHOSTBYADDR_R_7_REENTRANT)
hp = gethostbyaddr_r(address, length, type, &h, buffer, 8192, &h_errnop);
@@ -132,6 +133,7 @@ int main(void)
#elif defined(HAVE_GETHOSTBYADDR_R_8) || \
defined(HAVE_GETHOSTBYADDR_R_8_REENTRANT)
rc = gethostbyaddr_r(address, length, type, &h, buffer, 8192, &hp, &h_errnop);
+ (void)rc;
#endif
#if defined(HAVE_GETHOSTBYNAME_R_3) || \
diff --git a/CMake/FindGSS.cmake b/CMake/FindGSS.cmake
index 8a28f2fb6..44bcfd063 100644
--- a/CMake/FindGSS.cmake
+++ b/CMake/FindGSS.cmake
@@ -134,7 +134,7 @@ if(NOT _GSS_FOUND) #not found by pkg-config. Let's take more traditional approac
endif()
endif()
- else() # either there is no config script or we are on platform that doesn't provide one (Windows?)
+ else() # either there is no config script or we are on a platform that doesn't provide one (Windows?)
find_path(_GSS_INCLUDE_DIR
NAMES
@@ -164,7 +164,7 @@ if(NOT _GSS_FOUND) #not found by pkg-config. Let's take more traditional approac
set(CMAKE_REQUIRED_DEFINITIONS "")
endif()
else()
- # I'm not convienced if this is the right way but this is what autotools do at the moment
+ # I'm not convinced if this is the right way but this is what autotools do at the moment
find_path(_GSS_INCLUDE_DIR
NAMES
"gssapi.h"
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 6739b0de6..7525c33d1 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -530,7 +530,7 @@ endif()
option(CURL_BROTLI "Set to ON to enable building curl with brotli support." OFF)
set(HAVE_BROTLI OFF)
if(CURL_BROTLI)
- find_package(BROTLI QUIET)
+ find_package(Brotli QUIET)
if(BROTLI_FOUND)
set(HAVE_BROTLI ON)
list(APPEND CURL_LIBS ${BROTLI_LIBRARIES})
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index fe82389e0..bedfa2c56 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -1,48 +1,14 @@
-curl and libcurl 7.65.1
+curl and libcurl 7.65.3
- Public curl releases: 182
+ Public curl releases: 184
Command line options: 221
curl_easy_setopt() options: 268
Public functions in libcurl: 80
- Contributors: 1965
+ Contributors: 1991
This release includes the following bugfixes:
- o CURLOPT_LOW_SPEED_* repaired [6]
- o NTLM: reset proxy "multipass" state when CONNECT request is done [32]
- o PolarSSL: deprecate support step 1. Removed from configure [3]
- o appveyor: add Visual Studio solution build [25]
- o cmake: check for if_nametoindex() [2]
- o cmake: support CMAKE_OSX_ARCHITECTURES when detecting SIZEOF variables [17]
- o config-win32: add support for if_nametoindex and getsockname [8]
- o conncache: Remove the DEBUGASSERT on length check [27]
- o conncache: make "bundles" per host name when doing proxy tunnels [21]
- o curl-win32.h: Enable Unix Domain Sockets based on the Windows SDK version [16]
- o curl_share_setopt.3: improve wording [34]
- o dump-header.d: spell out that no headers == empty file [30]
- o example/http2-download: fix format specifier [4]
- o examples: cleanups and compiler warning fixes [4]
- o http2: Stop drain from being permanently set [26]
- o http: don't parse body-related headers in bodyless responses [28]
- o md4: build correctly with openssl without MD4 [9]
- o md4: include the mbedtls config.h to get the MD4 info [10]
- o multi: track users of a socket better [15]
- o nss: allow to specify TLS 1.3 ciphers if supported by NSS [20]
- o parse_proxy: make sure portptr is initialized [23]
- o parse_proxy: use the IPv6 zone id if given [1]
- o sectransp: handle errSSLPeerAuthCompleted from SSLRead() [13]
- o singlesocket: use separate variable for inner loop [31]
- o ssl: Update outdated "openssl-only" comments for supported backends [33]
- o tests: add HAProxy keywords [18]
- o tests: add support to test against OpenSSH for Windows [5]
- o tests: make test 1420 and 1406 work with rtsp-disabled libcurl [19]
- o tls13-docs: mention it is only for OpenSSL >= 1.1.1 [29]
- o tool_parse_cfg: Avoid 2 fopen() for WIN32
- o tool_setopt: for builds with disabled-proxy, skip all proxy setopts() [12]
- o url: Load if_nametoindex() dynamically from iphlpapi.dll on Windows [24]
- o url: fix bad feature-disable #ifdef [7]
- o url: use correct port in ConnectionExists() [22]
- o winbuild: Use two space indentation [11]
+ o progress: make the progress meter appear again [1]
This release includes the following known bugs:
@@ -51,50 +17,11 @@ This release includes the following known bugs:
This release would not have looked like this without help, code, reports and
advice from friends like these:
- Benbuck Nason, Carlos ORyan, Daniel Stenberg, Dave Reisner,
- dbrowndan on github, dkwolfe4 on github, Edmond Yu, elsamuko on github,
- Eric Wu, Frank Gevaerts, Gisle Vanem, Hubert Kario, Jonas Vautherin,
- Josie Huddleston, Kunal Ekawde, Maksim Stsepanenka, Marcel Raad,
- Marc Hörsken, Michael Kaufmann, Patrick Monnerat, Ray Satiro,
- Sergey Ogryzkov, smuellerDD on github, Steve Holme, Tom Greenslade,
- Tom van der Woerdt, wesinator on github,
- (27 contributors)
+ Chih-Hsuan Yen, Daniel Stenberg,
+ (2 contributors)
Thanks! (and sorry if I forgot to mention someone)
References to bug reports and discussions on issues:
- [1] = https://curl.haxx.se/bug/?i=3482
- [2] = https://curl.haxx.se/bug/?i=3917
- [3] = https://curl.haxx.se/bug/?i=3888
- [4] = https://curl.haxx.se/bug/?i=3919
- [5] = https://curl.haxx.se/bug/?i=3290
- [6] = https://curl.haxx.se/bug/?i=3927
- [7] = https://curl.haxx.se/bug/?i=3924
- [8] = https://curl.haxx.se/bug/?i=3923
- [9] = https://curl.haxx.se/bug/?i=3921
- [10] = https://curl.haxx.se/bug/?i=3922
- [11] = https://curl.haxx.se/bug/?i=3930
- [12] = https://curl.haxx.se/bug/?i=3926
- [13] = https://curl.haxx.se/bug/?i=3932
- [14] = https://curl.haxx.se/bug/?i=3653
- [15] = https://curl.haxx.se/bug/?i=3952
- [16] = https://curl.haxx.se/bug/?i=3939
- [17] = https://curl.haxx.se/bug/?i=3945
- [18] = https://curl.haxx.se/bug/?i=3949
- [19] = https://curl.haxx.se/bug/?i=3948
- [20] = https://curl.haxx.se/bug/?i=3916
- [21] = https://curl.haxx.se/bug/?i=3951
- [22] = https://curl.haxx.se/bug/?i=3956
- [23] = https://curl.haxx.se/bug/?i=3959
- [24] = https://curl.haxx.se/bug/?i=3960
- [25] = https://curl.haxx.se/bug/?i=3941
- [26] = https://curl.haxx.se/bug/?i=3966
- [27] = https://curl.haxx.se/bug/?i=3962
- [28] = https://curl.haxx.se/bug/?i=3968
- [29] = https://curl.haxx.se/bug/?i=3938
- [30] = https://curl.haxx.se/bug/?i=3964
- [31] = https://curl.haxx.se/bug/?i=3970
- [32] = https://curl.haxx.se/bug/?i=3972
- [33] = https://curl.haxx.se/bug/?i=3985
- [34] = https://curl.haxx.se/mail/lib-2019-06/0009.html
+ [1] = https://curl.haxx.se/bug/?i=4122
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..871c06a50
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,10 @@
+# Security Policy
+
+See [docs/SECURITY-PROCESS.md](docs/SECURITY-PROCESS.md) for full details.
+
+## Reporting a Vulnerability
+
+If you have found or just suspect a security problem somewhere in curl or libcurl,
+report it on [https://hackerone.com/curl](https://hackerone.com/curl).
+
+We treat security issuse with confidentiality until disclosed controlled and responsibly.
diff --git a/buildconf.bat b/buildconf.bat
index a6bded34b..8511a1fcb 100644
--- a/buildconf.bat
+++ b/buildconf.bat
@@ -212,7 +212,7 @@ rem
copy /Y src\tool_hugehelp.c.cvs src\tool_hugehelp.c 1>NUL 2>&1
) else (
echo #include "tool_setup.h"> src\tool_hugehelp.c
- echo #include "tool_hugehelp.hd">> src\tool_hugehelp.c
+ echo #include "tool_hugehelp.h">> src\tool_hugehelp.c
echo.>> src\tool_hugehelp.c
echo void hugehelp(void^)>> src\tool_hugehelp.c
echo {>> src\tool_hugehelp.c
diff --git a/configure.ac b/configure.ac
index 6574d1b02..59ffadfa3 100755
--- a/configure.ac
+++ b/configure.ac
@@ -155,7 +155,7 @@ AC_SUBST(PKGADD_VENDOR)
dnl
dnl initialize all the info variables
- curl_ssl_msg="no (--with-{ssl,gnutls,nss,mbedtls,cyassl,schannel,secure-transport,mesalink,amissl} )"
+ curl_ssl_msg="no (--with-{ssl,gnutls,nss,mbedtls,wolfssl,schannel,secure-transport,mesalink,amissl} )"
curl_ssh_msg="no (--with-libssh2)"
curl_zlib_msg="no (--with-zlib)"
curl_brotli_msg="no (--with-brotli)"
@@ -1913,13 +1913,9 @@ if test -z "$ssl_backends" -o "x$OPT_SSL" != xno &&
if test X"$OPENSSL_ENABLED" = X"1"; then
AC_MSG_ERROR([You must not build gnurl with OpenSSL, use --without-ssl!])
dnl These can only exist if OpenSSL exists
- dnl Older versions of Cyassl (some time before 2.9.4) don't have
- dnl SSL_get_shutdown (but this check won't actually detect it there
- dnl as it's a macro that needs the header files be included)
dnl OpenSSL_version is introduced in 3.0.0
AC_CHECK_FUNCS( RAND_egd \
- SSL_get_shutdown \
SSLv2_client_method \
OpenSSL_version )
@@ -2298,48 +2294,48 @@ if test -z "$ssl_backends" -o "x$OPT_MBEDTLS" != xno; then
fi
dnl ----------------------------------------------------
-dnl check for CyaSSL
+dnl check for wolfSSL
dnl ----------------------------------------------------
-dnl Default to compiler & linker defaults for CyaSSL files & libraries.
-OPT_CYASSL=no
+dnl Default to compiler & linker defaults for wolfSSL files & libraries.
+OPT_WOLFSSL=no
_cppflags=$CPPFLAGS
_ldflags=$LDFLAGS
AC_ARG_WITH(cyassl,dnl
AC_HELP_STRING([--with-cyassl=PATH],[where to look for CyaSSL, PATH points to the installation root (default: system lib default)])
AC_HELP_STRING([--without-cyassl], [disable CyaSSL detection]),
- OPT_CYASSL=$withval)
+ OPT_WOLFSSL=$withval)
dnl provide --with-wolfssl as an alias for --with-cyassl
AC_ARG_WITH(wolfssl,dnl
AC_HELP_STRING([--with-wolfssl=PATH],[where to look for WolfSSL, PATH points to the installation root (default: system lib default)])
AC_HELP_STRING([--without-wolfssl], [disable WolfSSL detection]),
- OPT_CYASSL=$withval)
+ OPT_WOLFSSL=$withval)
-if test -z "$ssl_backends" -o "x$OPT_CYASSL" != xno; then
+if test -z "$ssl_backends" -o "x$OPT_WOLFSSL" != xno; then
ssl_msg=
- if test X"$OPT_CYASSL" != Xno; then
+ if test X"$OPT_WOLFSSL" != Xno; then
- if test "$OPT_CYASSL" = "yes"; then
- OPT_CYASSL=""
+ if test "$OPT_WOLFSSL" = "yes"; then
+ OPT_WOLFSSL=""
fi
dnl This should be reworked to use pkg-config instead
cyassllibname=cyassl
- if test -z "$OPT_CYASSL" ; then
+ if test -z "$OPT_WOLFSSL" ; then
dnl check for lib in system default first
AC_CHECK_LIB(cyassl, CyaSSL_Init,
dnl libcyassl found, set the variable
[
- AC_DEFINE(USE_CYASSL, 1, [if CyaSSL is enabled])
- AC_SUBST(USE_CYASSL, [1])
- CYASSL_ENABLED=1
- USE_CYASSL="yes"
+ AC_DEFINE(USE_WOLFSSL, 1, [if wolfSSL is enabled])
+ AC_SUBST(USE_WOLFSSL, [1])
+ WOLFSSL_ENABLED=1
+ USE_WOLFSSL="yes"
ssl_msg="CyaSSL"
test cyassl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
])
@@ -2350,11 +2346,11 @@ if test -z "$ssl_backends" -o "x$OPT_CYASSL" != xno; then
addcflags=""
cyassllib=""
- if test "x$USE_CYASSL" != "xyes"; then
+ if test "x$USE_WOLFSSL" != "xyes"; then
dnl add the path and test again
- addld=-L$OPT_CYASSL/lib$libsuff
- addcflags=-I$OPT_CYASSL/include
- cyassllib=$OPT_CYASSL/lib$libsuff
+ addld=-L$OPT_WOLFSSL/lib$libsuff
+ addcflags=-I$OPT_WOLFSSL/include
+ cyassllib=$OPT_WOLFSSL/lib$libsuff
LDFLAGS="$LDFLAGS $addld"
if test "$addcflags" != "-I/usr/include"; then
@@ -2363,10 +2359,10 @@ if test -z "$ssl_backends" -o "x$OPT_CYASSL" != xno; then
AC_CHECK_LIB(cyassl, CyaSSL_Init,
[
- AC_DEFINE(USE_CYASSL, 1, [if CyaSSL is enabled])
- AC_SUBST(USE_CYASSL, [1])
- CYASSL_ENABLED=1
- USE_CYASSL="yes"
+ AC_DEFINE(USE_WOLFSSL, 1, [if CyaSSL is enabled])
+ AC_SUBST(USE_WOLFSSL, [1])
+ WOLFSSL_ENABLED=1
+ USE_WOLFSSL="yes"
ssl_msg="CyaSSL"
test cyassl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
],
@@ -2381,11 +2377,11 @@ if test -z "$ssl_backends" -o "x$OPT_CYASSL" != xno; then
addlib=""
addcflags=""
- if test "x$USE_CYASSL" != "xyes"; then
+ if test "x$USE_WOLFSSL" != "xyes"; then
dnl libcyassl renamed to libwolfssl as of 3.4.0
- addld=-L$OPT_CYASSL/lib$libsuff
- addcflags=-I$OPT_CYASSL/include
- cyassllib=$OPT_CYASSL/lib$libsuff
+ addld=-L$OPT_WOLFSSL/lib$libsuff
+ addcflags=-I$OPT_WOLFSSL/include
+ cyassllib=$OPT_WOLFSSL/lib$libsuff
LDFLAGS="$LDFLAGS $addld"
if test "$addcflags" != "-I/usr/include"; then
@@ -2409,10 +2405,10 @@ if test -z "$ssl_backends" -o "x$OPT_CYASSL" != xno; then
]])
],[
AC_MSG_RESULT(yes)
- AC_DEFINE(USE_CYASSL, 1, [if CyaSSL/WolfSSL is enabled])
- AC_SUBST(USE_CYASSL, [1])
- CYASSL_ENABLED=1
- USE_CYASSL="yes"
+ AC_DEFINE(USE_WOLFSSL, 1, [if wolfSSL is enabled])
+ AC_SUBST(USE_WOLFSSL, [1])
+ WOLFSSL_ENABLED=1
+ USE_WOLFSSL="yes"
ssl_msg="WolfSSL"
test cyassl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
],
@@ -2425,32 +2421,20 @@ if test -z "$ssl_backends" -o "x$OPT_CYASSL" != xno; then
LIBS="$my_ac_save_LIBS"
fi
- if test "x$USE_CYASSL" = "xyes"; then
+ if test "x$USE_WOLFSSL" = "xyes"; then
AC_MSG_NOTICE([detected $cyassllibname])
check_for_ca_bundle=1
dnl cyassl/ctaocrypt/types.h needs SIZEOF_LONG_LONG defined!
AX_COMPILE_CHECK_SIZEOF(long long)
- dnl Versions since at least 2.6.0 may have options.h
- AC_CHECK_HEADERS(cyassl/options.h)
-
- dnl Versions since at least 2.9.4 renamed error.h to error-ssl.h
- AC_CHECK_HEADERS(cyassl/error-ssl.h)
-
LIBS="-l$cyassllibname -lm $LIBS"
- if test "x$cyassllibname" = "xwolfssl"; then
- dnl Recent WolfSSL versions build without SSLv3 by default
- dnl WolfSSL needs configure --enable-opensslextra to have *get_peer*
- AC_CHECK_FUNCS(wolfSSLv3_client_method \
- wolfSSL_get_peer_certificate \
- wolfSSL_UseALPN)
- else
- dnl Cyassl needs configure --enable-opensslextra to have *get_peer*
- AC_CHECK_FUNCS(CyaSSL_CTX_UseSupportedCurve \
- CyaSSL_get_peer_certificate)
- fi
+ dnl Recent WolfSSL versions build without SSLv3 by default
+ dnl WolfSSL needs configure --enable-opensslextra to have *get_peer*
+ AC_CHECK_FUNCS(wolfSSLv3_client_method \
+ wolfSSL_get_peer_certificate \
+ wolfSSL_UseALPN)
if test -n "$cyassllib"; then
dnl when shared libs were found in a path that the run-time
@@ -2466,7 +2450,7 @@ if test -z "$ssl_backends" -o "x$OPT_CYASSL" != xno; then
fi
- fi dnl CyaSSL not disabled
+ fi dnl wolfSSL not disabled
test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg"
fi
@@ -2693,10 +2677,10 @@ if test -z "$ssl_backends" -o "x$OPT_NSS" != xno; then
test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg"
fi
-case "x$OPENSSL_ENABLED$GNUTLS_ENABLED$NSS_ENABLED$MBEDTLS_ENABLED$CYASSL_ENABLED$WINSSL_ENABLED$SECURETRANSPORT_ENABLED$MESALINK_ENABLED$AMISSL_ENABLED" in
+case "x$OPENSSL_ENABLED$GNUTLS_ENABLED$NSS_ENABLED$MBEDTLS_ENABLED$WOLFSSL_ENABLED$WINSSL_ENABLED$SECURETRANSPORT_ENABLED$MESALINK_ENABLED$AMISSL_ENABLED" in
x)
AC_MSG_WARN([SSL disabled, you will not be able to use HTTPS, FTPS, NTLM and more.])
- AC_MSG_WARN([Use --with-ssl, --with-gnutls, --with-cyassl, --with-nss, --with-schannel, --with-secure-transport, --with-mesalink or --with-amissl to address this.])
+ AC_MSG_WARN([Use --with-ssl, --with-gnutls, --with-wolfssl, --with-mbedtls, --with-nss, --with-schannel, --with-secure-transport, --with-mesalink or --with-amissl to address this.])
;;
x1)
# one SSL backend is enabled
@@ -3128,8 +3112,8 @@ AC_HELP_STRING([--disable-versioned-symbols], [Disable versioned symbols in shar
versioned_symbols_flavour="GNUTLS_"
elif test "x$NSS_ENABLED" = "x1"; then
versioned_symbols_flavour="NSS_"
- elif test "x$CYASSL_ENABLED" = "x1"; then
- versioned_symbols_flavour="CYASSL_"
+ elif test "x$WOLFSSL_ENABLED" = "x1"; then
+ versioned_symbols_flavour="WOLFSSL_"
elif test "x$WINSSL_ENABLED" = "x1"; then
versioned_symbols_flavour="SCHANNEL_"
elif test "x$SECURETRANSPORT_ENABLED" = "x1"; then
@@ -4073,7 +4057,6 @@ AC_HELP_STRING([--disable-tls-srp],[Disable TLS-SRP authentication]),
[ case "$enableval" in
no)
AC_MSG_RESULT(no)
- AC_DEFINE(CURL_DISABLE_TLS_SRP, 1, [to disable TLS-SRP authentication])
want_tls_srp=no
;;
*) AC_MSG_RESULT(yes)
@@ -4126,7 +4109,7 @@ fi
dnl ************************************************************
dnl disable cookies support
dnl
-AC_MSG_CHECKING([whether to enable support for cookies])
+AC_MSG_CHECKING([whether to support cookies])
AC_ARG_ENABLE(cookies,
AC_HELP_STRING([--enable-cookies],[Enable cookies support])
AC_HELP_STRING([--disable-cookies],[Disable cookies support]),
@@ -4142,6 +4125,132 @@ AC_HELP_STRING([--disable-cookies],[Disable cookies support]),
)
dnl ************************************************************
+dnl disable HTTP authentication support
+dnl
+AC_MSG_CHECKING([whether to support HTTP authentication])
+AC_ARG_ENABLE(http-auth,
+AC_HELP_STRING([--enable-http-auth],[Enable HTTP authentication support])
+AC_HELP_STRING([--disable-http-auth],[Disable HTTP authentication support]),
+[ case "$enableval" in
+ no)
+ AC_MSG_RESULT(no)
+ AC_DEFINE(CURL_DISABLE_HTTP_AUTH, 1, [disable HTTP authentication])
+ ;;
+ *) AC_MSG_RESULT(yes)
+ ;;
+ esac ],
+ AC_MSG_RESULT(yes)
+)
+
+dnl ************************************************************
+dnl disable DoH support
+dnl
+AC_MSG_CHECKING([whether to support DoH])
+AC_ARG_ENABLE(doh,
+AC_HELP_STRING([--enable-doh],[Enable DoH support])
+AC_HELP_STRING([--disable-doh],[Disable DoH support]),
+[ case "$enableval" in
+ no)
+ AC_MSG_RESULT(no)
+ AC_DEFINE(CURL_DISABLE_DOH, 1, [disable DoH])
+ ;;
+ *) AC_MSG_RESULT(yes)
+ ;;
+ esac ],
+ AC_MSG_RESULT(yes)
+)
+
+dnl ************************************************************
+dnl disable mime API support
+dnl
+AC_MSG_CHECKING([whether to support the MIME API])
+AC_ARG_ENABLE(mime,
+AC_HELP_STRING([--enable-mime],[Enable mime API support])
+AC_HELP_STRING([--disable-mime],[Disable mime API support]),
+[ case "$enableval" in
+ no)
+ AC_MSG_RESULT(no)
+ AC_DEFINE(CURL_DISABLE_MIME, 1, [disable mime API])
+ ;;
+ *) AC_MSG_RESULT(yes)
+ ;;
+ esac ],
+ AC_MSG_RESULT(yes)
+)
+
+dnl ************************************************************
+dnl disable date parsing
+dnl
+AC_MSG_CHECKING([whether to support date parsing])
+AC_ARG_ENABLE(dateparse,
+AC_HELP_STRING([--enable-dateparse],[Enable date parsing])
+AC_HELP_STRING([--disable-dateparse],[Disable date parsing]),
+[ case "$enableval" in
+ no)
+ AC_MSG_RESULT(no)
+ AC_DEFINE(CURL_DISABLE_PARSEDATE, 1, [disable date parsing])
+ ;;
+ *) AC_MSG_RESULT(yes)
+ ;;
+ esac ],
+ AC_MSG_RESULT(yes)
+)
+
+dnl ************************************************************
+dnl disable netrc
+dnl
+AC_MSG_CHECKING([whether to support netrc parsing])
+AC_ARG_ENABLE(netrc,
+AC_HELP_STRING([--enable-netrc],[Enable netrc parsing])
+AC_HELP_STRING([--disable-netrc],[Disable netrc parsing]),
+[ case "$enableval" in
+ no)
+ AC_MSG_RESULT(no)
+ AC_DEFINE(CURL_DISABLE_NETRC, 1, [disable netrc parsing])
+ ;;
+ *) AC_MSG_RESULT(yes)
+ ;;
+ esac ],
+ AC_MSG_RESULT(yes)
+)
+
+dnl ************************************************************
+dnl disable progress-meter
+dnl
+AC_MSG_CHECKING([whether to support progress-meter])
+AC_ARG_ENABLE(progress-meter,
+AC_HELP_STRING([--enable-progress-meter],[Enable progress-meter])
+AC_HELP_STRING([--disable-progress-meter],[Disable progress-meter]),
+[ case "$enableval" in
+ no)
+ AC_MSG_RESULT(no)
+ AC_DEFINE(CURL_DISABLE_PROGRESS_METER, 1, [disable progress-meter])
+ ;;
+ *) AC_MSG_RESULT(yes)
+ ;;
+ esac ],
+ AC_MSG_RESULT(yes)
+)
+
+dnl ************************************************************
+dnl disable shuffle DNS support
+dnl
+AC_MSG_CHECKING([whether to support DNS shuffling])
+AC_ARG_ENABLE(dnsshuffle,
+AC_HELP_STRING([--enable-dnsshuffle],[Enable DNS shuffling])
+AC_HELP_STRING([--disable-dnsshuffle],[Disable DNS shufflinf]),
+[ case "$enableval" in
+ no)
+ AC_MSG_RESULT(no)
+ AC_DEFINE(CURL_DISABLE_SHUFFLE_DNS, 1, [disable DNS shuffling])
+ ;;
+ *) AC_MSG_RESULT(yes)
+ ;;
+ esac ],
+ AC_MSG_RESULT(yes)
+)
+
+dnl ************************************************************
dnl switch on/off alt-svc
dnl
curl_altsvc_msg="no (--enable-alt-svc)";
diff --git a/docs/CIPHERS.md b/docs/CIPHERS.md
index 5b2dde189..19aedf36f 100644
--- a/docs/CIPHERS.md
+++ b/docs/CIPHERS.md
@@ -461,6 +461,12 @@ specific ciphersuites. They are
[defined](https://docs.microsoft.com/windows/desktop/SecCrypto/alg-id) by
Microsoft.
+There is also the case that the selected algorithm is not supported by the
+protocol or does not match the ciphers offered by the server during the SSL
+negotiation. In this case curl will return error
+`CURLE_SSL_CONNECT_ERROR (35) SEC_E_ALGORITHM_MISMATCH`
+and the request will fail.
+
`CALG_MD2`,
`CALG_MD4`,
`CALG_MD5`,
diff --git a/docs/DEPRECATE.md b/docs/DEPRECATE.md
index 94a5c6256..f04f0eeaa 100644
--- a/docs/DEPRECATE.md
+++ b/docs/DEPRECATE.md
@@ -25,7 +25,7 @@ in the September 2019 release (possibly called curl 7.68.0).
The polarssl TLS library has not had an update in over three years. The last
release was done on [January 7
2016](https://tls.mbed.org/tech-updates/releases). This library has been
-superceded by the mbedTLS library, which is the current incarnation of
+superseded by the mbedTLS library, which is the current incarnation of
PolarSSL. curl has supported mbedTLS since 2015.
It seems unlikely that this library is a good choice for users to get proper
@@ -38,7 +38,7 @@ should also be able to update their TLS library.
### State
-In the curl 7.66.0 release (July 17, 2019) the ability to build with this TLS
+In the curl 7.65.2 release (July 17, 2019) the ability to build with this TLS
backend is removed from the configure script. The code remains and can be
built and used going forward, but it has to be manually enabled in a build (or
the configure removal reverted).
@@ -47,4 +47,5 @@ the configure removal reverted).
The support for PolarSSL and all code for it will be completely removed from
the curl code base six months after it ships disabled in configure in a
-release. In the release on or near February 27, 2020. (Named 7.70.0?)
+release. In the release on or near February 27, 2020. (possibly called curl
+7.70.0).
diff --git a/docs/INTERNALS.md b/docs/INTERNALS.md
index 1563ec516..cd004e8f4 100644
--- a/docs/INTERNALS.md
+++ b/docs/INTERNALS.md
@@ -90,7 +90,7 @@ Dependencies
- libssh2 0.16
- c-ares 1.6.0
- libidn2 2.0.0
- - cyassl 2.0.0
+ - wolfSSL 2.0.0
- openldap 2.0
- MIT Kerberos 1.2.4
- GSKit V5R3M0
diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS
index 8431baaf5..e385ef597 100644
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -32,6 +32,7 @@ problems may have been fixed or changed somewhat since this was written!
2.5 Client cert handling with Issuer DN differs between backends
2.6 CURL_GLOBAL_SSL
2.7 Client cert (MTLS) issues with Schannel
+ 2.8 Schannel disable CURLOPT_SSL_VERIFYPEER and verify hostname
3. Email protocols
3.1 IMAP SEARCH ALL truncated response
@@ -63,6 +64,7 @@ problems may have been fixed or changed somewhat since this was written!
6.4 Negotiate and Kerberos V5 need a fake user name
6.5 NTLM doesn't support password with § character
6.6 libcurl can fail to try alternatives with --proxy-any
+ 6.7 Don't clear digest for single realm
7. FTP
7.1 FTP without or slow 220 response
@@ -299,6 +301,11 @@ problems may have been fixed or changed somewhat since this was written!
See https://github.com/curl/curl/issues/3145
+2.8 Schannel disable CURLOPT_SSL_VERIFYPEER and verify hostname
+
+ This seems to be a limitation in the underlying Schannel API.
+
+ https://github.com/curl/curl/issues/3284
3. Email protocols
@@ -510,6 +517,10 @@ problems may have been fixed or changed somewhat since this was written!
https://github.com/curl/curl/issues/876
+6.7 Don't clear digest for single realm
+
+ https://github.com/curl/curl/issues/3267
+
7. FTP
7.1 FTP without or slow 220 response
diff --git a/docs/THANKS b/docs/THANKS
index ef4d7a3c6..385ecd851 100644
--- a/docs/THANKS
+++ b/docs/THANKS
@@ -6,11 +6,13 @@
"Captain Basil"
"Spoon Man"
+1ocalhost on github
Aaro Koskinen
Aaron Oneal
Aaron Orenstein
Aaron Scarisbrick
Abram Pousada
+AceCrow on Github
Adam Barclay
Adam Brown
Adam Coyne
@@ -47,6 +49,7 @@ Alex Baines
Alex Bligh
Alex Chan
Alex Fishman
+Alex Grebenschikov
Alex Gruz
Alex Malinovich
Alex McLellan
@@ -182,6 +185,7 @@ Ben Kohler
Ben Madsen
Ben Noordhuis
Ben Van Hof
+Ben Voris
Ben Winslow
Benbuck Nason
Benjamin Gerard
@@ -208,6 +212,7 @@ Bill Hoffman
Bill Middlecamp
Bill Nagel
Bill Pyne
+Bjarni Ingi Gislason
Bjoern Sikora
Bjorn Augustsson
Bjorn Reese
@@ -249,6 +254,7 @@ Bruno de Carvalho
Bryan Henderson
Bryan Kemp
Byrial Jensen
+Caleb Raitto
Cameron Kaiser
Cameron MacMinn
Camille Moncelier
@@ -268,6 +274,7 @@ Charles Romestant
Chen Prog
Chester Liu
Chih-Chung Chang
+Chih-Hsuan Yen
Chris "Bob Bob"
Chris Araman
Chris Carlmar
@@ -305,6 +312,7 @@ Claes Jakobsson
Clarence Gardner
Claudio Neves
Clemens Gruber
+Cliff Crosland
Clifford Wolf
Clint Clayton
Cody Jones
@@ -752,6 +760,7 @@ Jamie Lokier
Jamie Newton
Jamie Wilkinson
Jan Alexander Steffens
+Jan Chren
Jan Ehrhardt
Jan Koen Annot
Jan Kunder
@@ -908,6 +917,7 @@ Juan F. Codagnone
Juan Ignacio Hervás
Juan RP
Judson Bishop
+Juergen Hoetzel
Juergen Wilke
Jukka Pihl
Julian Noble
@@ -974,6 +984,7 @@ Kjetil Jacobsen
Klaus Stein
Klevtsov Vadim
Kobi Gurkan
+Koen Dergent
Konstantin Isakov
Konstantin Kushnir
Kris Kennaway
@@ -985,6 +996,7 @@ Kristiyan Tsaklev
Kristoffer Gleditsch
Kunal Ekawde
Kurt Fankhauser
+Kyle Edwards
Kyle J. McKay
Kyle L. Huff
Kyle Sallee
@@ -1026,6 +1038,7 @@ Lijo Antony
Linas Vepstas
Lindley French
Ling Thio
+Linos Giannopoulos
Linus Lewandowski
Linus Nielsen Feltzing
Linus Nordberg
@@ -1179,6 +1192,7 @@ Mert Yazıcıoğlu
Mettgut Jamalla
Michael Anti
Michael Benedict
+Michael Brehm
Michael Calmer
Michael Cronenworth
Michael Curtis
@@ -1243,6 +1257,7 @@ Mohammad AlSaleh
Mohun Biswas
Mostyn Bramley-Moore
Moti Avrahami
+MrSorcus on github
Muz Dima
Myk Taylor
NTMan on Github
@@ -1279,6 +1294,7 @@ Niels van Tongeren
Nikita Schmidt
Nikitinskit Dmitriy
Niklas Angebrand
+Niklas Hambüchen
Nikolai Kondrashov
Nikos Mavrogiannopoulos
Nikos Tsipinakis
@@ -1381,6 +1397,7 @@ Peter O'Gorman
Peter Pentchev
Peter Piekarski
Peter Silva
+Peter Simonyi
Peter Su
Peter Sylvester
Peter Todd
@@ -1471,6 +1488,7 @@ Ricardo Cadime
Ricardo Gomes
Rich Burridge
Rich Gray
+Rich Mirch
Rich Rauenzahn
Rich Turner
Richard Adams
@@ -1610,6 +1628,7 @@ Seth Mos
Sevan Janiyan
Sh Diao
Shachaf Ben-Kiki
+Shankar Jadhavar
Shao Shuchao
Sharad Gupta
Shard
@@ -1650,11 +1669,13 @@ Stefan Neis
Stefan Teleman
Stefan Tomanek
Stefan Ulrich
+Stefano Simonelli
Steinar H. Gunderson
Stepan Broz
Stephan Bergmann
Stephan Lagerholm
Stephan Mühlstrasser
+Stephan Szabo
Stephen Brokenshire
Stephen Collyer
Stephen Kick
@@ -1705,6 +1726,7 @@ Terry Wu
TheAssassin on github
Theodore Dubois
Thomas Braun
+Thomas Gamper
Thomas Glanzmann
Thomas J. Moore
Thomas Klausner
@@ -1801,6 +1823,7 @@ Ulrich Telle
Ulrich Zadow
Valentin David
Vasiliy Faronov
+Vasily Lobaskin
Vasy Okhin
Venkat Akella
Venkataramana Mokkapati
@@ -1882,6 +1905,7 @@ Zhibiao Wu
Zhouyihai Ding
Zmey Petroff
Zvi Har'El
+aasivov on github
accountantM on github
adnn on github
afrind on github
@@ -1946,9 +1970,11 @@ olesteban on github
omau on github
ovidiu-benea on github
patelvivekv1993 on github
+pendrek at hackerone
pszemus on github
silveja1 on github
smuellerDD on github
+sstruchtrup on github
steelman on github
steini2000 on github
stootill on github
diff --git a/docs/cmdline-opts/data.d b/docs/cmdline-opts/data.d
index 7d499665e..d18312aaa 100644
--- a/docs/cmdline-opts/data.d
+++ b/docs/cmdline-opts/data.d
@@ -24,7 +24,7 @@ chunk that looks like \&'name=daniel&skill=lousy'.
If you start the data with the letter @, the rest should be a file name to
read the data from, or - if you want curl to read the data from
stdin. Multiple files can also be specified. Posting data from a file named
-'foobar' would thus be done with --data @foobar. When --data is told to read
+\&'foobar' would thus be done with --data @foobar. When --data is told to read
from a file like that, carriage returns and newlines will be stripped out. If
you don't want the @ character to have a special interpretation use --data-raw
instead.
diff --git a/docs/cmdline-opts/doh-url.d b/docs/cmdline-opts/doh-url.d
index 8fa42c1b2..c871c4d22 100644
--- a/docs/cmdline-opts/doh-url.d
+++ b/docs/cmdline-opts/doh-url.d
@@ -2,6 +2,7 @@ Long: doh-url
Arg: <URL>
Help: Resolve host names over DOH
Protocols: all
+Added: 7.62.0
---
Specifies which DNS-over-HTTPS (DOH) server to use to resolve hostnames,
instead of using the default name resolver mechanism. The URL must be HTTPS.
diff --git a/docs/cmdline-opts/key.d b/docs/cmdline-opts/key.d
index 4877b4238..855e2f7b6 100644
--- a/docs/cmdline-opts/key.d
+++ b/docs/cmdline-opts/key.d
@@ -5,7 +5,7 @@ Help: Private key file name
---
Private key file name. Allows you to provide your private key in this separate
file. For SSH, if not specified, curl tries the following candidates in order:
-'~/.ssh/id_rsa', '~/.ssh/id_dsa', './id_rsa', './id_dsa'.
+\&'~/.ssh/id_rsa', '~/.ssh/id_dsa', './id_rsa', './id_dsa'.
If curl is built against OpenSSL library, and the engine pkcs11 is available,
then a PKCS#11 URI (RFC 7512) can be used to specify a private key located in a
diff --git a/docs/cmdline-opts/pinnedpubkey.d b/docs/cmdline-opts/pinnedpubkey.d
index b1c7bdef6..cd21911f8 100644
--- a/docs/cmdline-opts/pinnedpubkey.d
+++ b/docs/cmdline-opts/pinnedpubkey.d
@@ -15,10 +15,10 @@ abort the connection before sending or receiving any data.
PEM/DER support:
7.39.0: OpenSSL, GnuTLS and GSKit
- 7.43.0: NSS and wolfSSL/CyaSSL
+ 7.43.0: NSS and wolfSSL
7.47.0: mbedtls
sha256 support:
- 7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL.
+ 7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL
7.47.0: mbedtls
Other SSL backends not supported.
diff --git a/docs/cmdline-opts/proto-redir.d b/docs/cmdline-opts/proto-redir.d
index c9eeeab1d..a1205dd03 100644
--- a/docs/cmdline-opts/proto-redir.d
+++ b/docs/cmdline-opts/proto-redir.d
@@ -11,7 +11,8 @@ Example, allow only HTTP and HTTPS on redirect:
curl --proto-redir -all,http,https http://example.com
-By default curl will allow all protocols on redirect except several disabled
-for security reasons: Since 7.19.4 FILE and SCP are disabled, and since 7.40.0
-SMB and SMBS are also disabled. Specifying \fIall\fP or \fI+all\fP enables all
-protocols on redirect, including those disabled for security.
+By default curl will allow HTTP, HTTPS, FTP and FTPS on redirect (7.65.2).
+Older versions of curl allowed all protocols on redirect except several
+disabled for security reasons: Since 7.19.4 FILE and SCP are disabled, and
+since 7.40.0 SMB and SMBS are also disabled. Specifying \fIall\fP or \fI+all\fP
+enables all protocols on redirect, including those disabled for security.
diff --git a/docs/cmdline-opts/proto.d b/docs/cmdline-opts/proto.d
index 1513fdc05..e1ece1788 100644
--- a/docs/cmdline-opts/proto.d
+++ b/docs/cmdline-opts/proto.d
@@ -6,7 +6,7 @@ Added: 7.20.2
---
Tells curl to limit what protocols it may use in the transfer. Protocols are
evaluated left to right, are comma separated, and are each a protocol name or
-'all', optionally prefixed by zero or more modifiers. Available modifiers are:
+\&'all', optionally prefixed by zero or more modifiers. Available modifiers are:
.RS
.TP 3
.B +
diff --git a/docs/cmdline-opts/quote.d b/docs/cmdline-opts/quote.d
index cdd3ca6bd..59a98eafb 100644
--- a/docs/cmdline-opts/quote.d
+++ b/docs/cmdline-opts/quote.d
@@ -16,9 +16,10 @@ If the server returns failure for one of the commands, the entire operation
will be aborted. You must send syntactically correct FTP commands as RFC 959
defines to FTP servers, or one of the commands listed below to SFTP servers.
-This option can be used multiple times. When speaking to an FTP server, prefix
-the command with an asterisk (*) to make curl continue even if the command
-fails as by default curl will stop at first failure.
+Prefix the command with an asterisk (*) to make curl continue even if the
+command fails as by default curl will stop at first failure.
+
+This option can be used multiple times.
SFTP is a binary protocol. Unlike for FTP, curl interprets SFTP quote commands
itself before sending them to the server. File names may be quoted
diff --git a/docs/cmdline-opts/tlsv1.0.d b/docs/cmdline-opts/tlsv1.0.d
index 312b67b3f..2b1f0156a 100644
--- a/docs/cmdline-opts/tlsv1.0.d
+++ b/docs/cmdline-opts/tlsv1.0.d
@@ -4,3 +4,7 @@ Protocols: TLS
Added: 7.34.0
---
Forces curl to use TLS version 1.0 or later when connecting to a remote TLS server.
+
+In old versions of curl this option was documented to allow _only_ TLS 1.0,
+but behavior was inconsistent depending on the TLS library. Use --tls-max if
+you want to set a maximum TLS version.
diff --git a/docs/cmdline-opts/tlsv1.1.d b/docs/cmdline-opts/tlsv1.1.d
index 8182ac6d5..405d552bb 100644
--- a/docs/cmdline-opts/tlsv1.1.d
+++ b/docs/cmdline-opts/tlsv1.1.d
@@ -4,3 +4,7 @@ Protocols: TLS
Added: 7.34.0
---
Forces curl to use TLS version 1.1 or later when connecting to a remote TLS server.
+
+In old versions of curl this option was documented to allow _only_ TLS 1.1,
+but behavior was inconsistent depending on the TLS library. Use --tls-max if
+you want to set a maximum TLS version.
diff --git a/docs/cmdline-opts/tlsv1.2.d b/docs/cmdline-opts/tlsv1.2.d
index 7ba440225..bdf1fcf62 100644
--- a/docs/cmdline-opts/tlsv1.2.d
+++ b/docs/cmdline-opts/tlsv1.2.d
@@ -4,3 +4,7 @@ Protocols: TLS
Added: 7.34.0
---
Forces curl to use TLS version 1.2 or later when connecting to a remote TLS server.
+
+In old versions of curl this option was documented to allow _only_ TLS 1.2,
+but behavior was inconsistent depending on the TLS library. Use --tls-max if
+you want to set a maximum TLS version.
diff --git a/docs/examples/fopen.c b/docs/examples/fopen.c
index 44be4618d..16aa555fe 100644
--- a/docs/examples/fopen.c
+++ b/docs/examples/fopen.c
@@ -211,7 +211,7 @@ static int fill_buffer(URL_FILE *file, size_t want)
static int use_buffer(URL_FILE *file, size_t want)
{
/* sort out buffer */
- if((file->buffer_pos - want) <= 0) {
+ if(file->buffer_pos <= want) {
/* ditch buffer - write will recreate */
free(file->buffer);
file->buffer = NULL;
diff --git a/docs/examples/ftp-wildcard.c b/docs/examples/ftp-wildcard.c
index b10a0df74..7d98ef98b 100644
--- a/docs/examples/ftp-wildcard.c
+++ b/docs/examples/ftp-wildcard.c
@@ -41,8 +41,6 @@ static size_t write_it(char *buff, size_t size, size_t nmemb,
int main(int argc, char **argv)
{
- int rc = CURLE_OK;
-
/* curl easy handle */
CURL *handle;
@@ -50,7 +48,7 @@ int main(int argc, char **argv)
struct callback_data data = { 0 };
/* global initialization */
- rc = curl_global_init(CURL_GLOBAL_ALL);
+ int rc = curl_global_init(CURL_GLOBAL_ALL);
if(rc)
return rc;
diff --git a/docs/examples/htmltitle.cpp b/docs/examples/htmltitle.cpp
index 33163fcd6..bfa27303e 100644
--- a/docs/examples/htmltitle.cpp
+++ b/docs/examples/htmltitle.cpp
@@ -136,9 +136,9 @@ static void StartElement(void *voidContext,
const xmlChar *name,
const xmlChar **attributes)
{
- Context *context = (Context *)voidContext;
+ Context *context = static_cast<Context *>(voidContext);
- if(COMPARE((char *)name, "TITLE")) {
+ if(COMPARE(reinterpret_cast<char *>(name), "TITLE")) {
context->title = "";
context->addTitle = true;
}
@@ -152,9 +152,9 @@ static void StartElement(void *voidContext,
static void EndElement(void *voidContext,
const xmlChar *name)
{
- Context *context = (Context *)voidContext;
+ Context *context = static_cast<Context *>(voidContext);
- if(COMPARE((char *)name, "TITLE"))
+ if(COMPARE(reinterpret_cast<char *>(name), "TITLE"))
context->addTitle = false;
}
@@ -167,7 +167,7 @@ static void handleCharacters(Context *context,
int length)
{
if(context->addTitle)
- context->title.append((char *)chars, length);
+ context->title.append(reinterpret_cast<char *>(chars), length);
}
//
@@ -178,7 +178,7 @@ static void Characters(void *voidContext,
const xmlChar *chars,
int length)
{
- Context *context = (Context *)voidContext;
+ Context *context = static_cast<Context *>(voidContext);
handleCharacters(context, chars, length);
}
@@ -191,7 +191,7 @@ static void cdata(void *voidContext,
const xmlChar *chars,
int length)
{
- Context *context = (Context *)voidContext;
+ Context *context = static_cast<Context *>(voidContext);
handleCharacters(context, chars, length);
}
diff --git a/docs/examples/synctime.c b/docs/examples/synctime.c
index 9582ce123..f6a318c4a 100644
--- a/docs/examples/synctime.c
+++ b/docs/examples/synctime.c
@@ -137,7 +137,6 @@ size_t SyncTime_CURL_WriteOutput(void *ptr, size_t size, size_t nmemb,
size_t SyncTime_CURL_WriteHeader(void *ptr, size_t size, size_t nmemb,
void *stream)
{
- int i, RetVal;
char TmpStr1[26], TmpStr2[26];
(void)stream;
@@ -156,11 +155,13 @@ size_t SyncTime_CURL_WriteHeader(void *ptr, size_t size, size_t nmemb,
TmpStr1 & 2? */
AutoSyncTime = 0;
else {
- RetVal = sscanf((char *)(ptr), "Date: %s %hu %s %hu %hu:%hu:%hu",
- TmpStr1, &SYSTime.wDay, TmpStr2, &SYSTime.wYear,
- &SYSTime.wHour, &SYSTime.wMinute, &SYSTime.wSecond);
+ int RetVal = sscanf((char *)(ptr), "Date: %s %hu %s %hu %hu:%hu:%hu",
+ TmpStr1, &SYSTime.wDay, TmpStr2, &SYSTime.wYear,
+ &SYSTime.wHour, &SYSTime.wMinute,
+ &SYSTime.wSecond);
if(RetVal == 7) {
+ int i;
SYSTime.wMilliseconds = 500; /* adjust to midpoint, 0.5 sec */
for(i = 0; i<12; i++) {
if(strcmp(MthStr[i], TmpStr2) == 0) {
diff --git a/docs/examples/threaded-ssl.c b/docs/examples/threaded-ssl.c
index fa0252e59..902ea7dc4 100644
--- a/docs/examples/threaded-ssl.c
+++ b/docs/examples/threaded-ssl.c
@@ -29,7 +29,7 @@
* (libgcrypt) so far.
*
* OpenSSL docs for this:
- * https://www.openssl.org/docs/crypto/threads.html
+ * https://www.openssl.org/docs/man1.0.2/man3/CRYPTO_num_locks.html
* gcrypt docs for this:
* https://gnupg.org/documentation/manuals/gcrypt/Multi_002dThreading.html
*/
diff --git a/docs/libcurl/gnurl_multi_socket_action.3 b/docs/libcurl/gnurl_multi_socket_action.3
index 99acbbaaf..35b709231 100644
--- a/docs/libcurl/gnurl_multi_socket_action.3
+++ b/docs/libcurl/gnurl_multi_socket_action.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -43,15 +43,14 @@ libcurl will test the descriptor internally. It is also permissible to pass
CURL_SOCKET_TIMEOUT to the \fBsockfd\fP parameter in order to initiate the
whole process or when a timeout occurs.
-At return, \fBrunning_handles\fP points to the number
-of running easy handles within the multi handle. When this number reaches
-zero, all transfers are complete/done. When you call
-\fIcurl_multi_socket_action(3)\fP on a specific socket and the counter
-decreases by one, it DOES NOT necessarily mean that this exact socket/transfer
-is the one that completed. Use \fIcurl_multi_info_read(3)\fP to figure out
-which easy handle that completed.
+At return, \fBrunning_handles\fP points to the number of running easy handles
+within the multi handle. When this number reaches zero, all transfers are
+complete/done. When you call \fIcurl_multi_socket_action(3)\fP on a specific
+socket and the counter decreases by one, it DOES NOT necessarily mean that
+this exact socket/transfer is the one that completed. Use
+\fIcurl_multi_info_read(3)\fP to figure out which easy handle that completed.
-The \fIcurl_multi_socket_action(3)\fP functions inform the application about
+The \fIcurl_multi_socket_action(3)\fP function informs the application about
updates in the socket (file descriptor) status by doing none, one, or multiple
calls to the socket callback function set with the
\fICURLMOPT_SOCKETFUNCTION(3)\fP option to \fIcurl_multi_setopt(3)\fP. They
@@ -66,65 +65,6 @@ timeout action: call the \fIcurl_multi_socket_action(3)\fP function with the
\fIcurl_multi_timeout(3)\fP function to poll the value at any given time, but
for an event-based system using the callback is far better than relying on
polling the timeout value.
-.SH "CALLBACK DETAILS"
-
-The socket \fBcallback\fP function uses a prototype like this
-.nf
-
- int curl_socket_callback(CURL *easy, /* easy handle */
- curl_socket_t s, /* socket */
- int action, /* see values below */
- void *userp, /* private callback pointer */
- void *socketp); /* private socket pointer,
- \fBNULL\fP if not
- previously assigned with
- \fIcurl_multi_assign(3)\fP */
-
-.fi
-The callback MUST return 0.
-
-The \fIeasy\fP argument is a pointer to the easy handle that deals with this
-particular socket. Note that a single handle may work with several sockets
-simultaneously.
-
-The \fIs\fP argument is the actual socket value as you use it within your
-system.
-
-The \fIaction\fP argument to the callback has one of five values:
-.RS
-.IP "CURL_POLL_NONE (0)"
-register, not interested in readiness (yet)
-.IP "CURL_POLL_IN (1)"
-register, interested in read readiness
-.IP "CURL_POLL_OUT (2)"
-register, interested in write readiness
-.IP "CURL_POLL_INOUT (3)"
-register, interested in both read and write readiness
-.IP "CURL_POLL_REMOVE (4)"
-unregister
-.RE
-
-The \fIsocketp\fP argument is a private pointer you have previously set with
-\fIcurl_multi_assign(3)\fP to be associated with the \fIs\fP socket. If no
-pointer has been set, socketp will be NULL. This argument is of course a
-service to applications that want to keep certain data or structs that are
-strictly associated to the given socket.
-
-The \fIuserp\fP argument is a private pointer you have previously set with
-\fIcurl_multi_setopt(3)\fP and the \fICURLMOPT_SOCKETDATA(3)\fP option.
-.SH "RETURN VALUE"
-CURLMcode type, general libcurl multi interface error code.
-
-Before version 7.20.0: If you receive \fICURLM_CALL_MULTI_PERFORM\fP, this
-basically means that you should call \fIcurl_multi_socket_action(3)\fP again
-before you wait for more actions on libcurl's sockets. You don't have to do it
-immediately, but the return code means that libcurl may have more data
-available to return or that there may be more data to send off before it is
-"satisfied".
-
-The return code from this function is for the whole multi stack. Problems
-still might have occurred on individual transfers even when one of these
-functions return OK.
.SH "TYPICAL USAGE"
1. Create a multi handle
diff --git a/docs/libcurl/gnurl_multi_wait.3 b/docs/libcurl/gnurl_multi_wait.3
index 286bebf68..d91481ab7 100644
--- a/docs/libcurl/gnurl_multi_wait.3
+++ b/docs/libcurl/gnurl_multi_wait.3
@@ -91,7 +91,7 @@ do {
}
if(mc != CURLM_OK) {
- fprintf(stderr, "curl_multi failed, code %d.\n", mc);
+ fprintf(stderr, "curl_multi failed, code %d.\\n", mc);
break;
}
diff --git a/docs/libcurl/libgnurl-security.3 b/docs/libcurl/libgnurl-security.3
index 0cfdddea8..da45ed7f6 100644
--- a/docs/libcurl/libgnurl-security.3
+++ b/docs/libcurl/libgnurl-security.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -97,8 +97,8 @@ Never ever switch off certificate verification.
The \fICURLOPT_FOLLOWLOCATION(3)\fP option automatically follows HTTP
redirects sent by a remote server. These redirects can refer to any kind of
URL, not just HTTP. libcurl restricts the protocols allowed to be used in
-redirects for security reasons: FILE, SCP, SMB and SMBS are disabled by
-default. Applications are encouraged to restrict that set further.
+redirects for security reasons: only HTTP, HTTPS, FTP and FTPS are
+enabled by default. Applications may opt to restrict that set further.
A redirect to a file: URL would cause the libcurl to read (or write) arbitrary
files from the local filesystem. If the application returns the data back to
diff --git a/docs/libcurl/libgnurl-thread.3 b/docs/libcurl/libgnurl-thread.3
index ae1e387be..796a5bb59 100644
--- a/docs/libcurl/libgnurl-thread.3
+++ b/docs/libcurl/libgnurl-thread.3
@@ -41,14 +41,15 @@ then of course using the underlying SSL library multi-threaded and those libs
might have their own requirements on this issue. You may need to provide one
or two functions to allow it to function properly:
.IP OpenSSL
-OpenSSL 1.1.0 "can be safely used in multi-threaded applications provided that
-support for the underlying OS threading API is built-in."
+OpenSSL 1.1.0+ "can be safely used in multi-threaded applications provided that
+support for the underlying OS threading API is built-in." In that case the
+engine is used by libcurl in a way that is fully thread-safe.
-https://www.openssl.org/docs/manmaster/crypto/threads.html#DESCRIPTION
+https://www.openssl.org/docs/man1.1.0/man3/CRYPTO_THREAD_run_once.html#DESCRIPTION
OpenSSL <= 1.0.2 the user must set callbacks.
-https://www.openssl.org/docs/man1.0.2/crypto/threads.html#DESCRIPTION
+https://www.openssl.org/docs/man1.0.2/man3/CRYPTO_set_locking_callback.html#DESCRIPTION
https://curl.haxx.se/libcurl/c/opensslthreadlock.html
diff --git a/docs/libcurl/libgnurl-tutorial.3 b/docs/libcurl/libgnurl-tutorial.3
index aeca76e2e..c06e37760 100644
--- a/docs/libcurl/libgnurl-tutorial.3
+++ b/docs/libcurl/libgnurl-tutorial.3
@@ -496,13 +496,13 @@ and then a file with binary contents and uploads the whole thing.
.nf
curl_mime *multipart = curl_mime_init(easyhandle);
- curl_mimepart *part = curl_mime_addpart(mutipart);
+ curl_mimepart *part = curl_mime_addpart(multipart);
curl_mime_name(part, "name");
curl_mime_data(part, "daniel", CURL_ZERO_TERMINATED);
- part = curl_mime_addpart(mutipart);
+ part = curl_mime_addpart(multipart);
curl_mime_name(part, "project");
curl_mime_data(part, "curl", CURL_ZERO_TERMINATED);
- part = curl_mime_addpart(mutipart);
+ part = curl_mime_addpart(multipart);
curl_mime_name(part, "logotype-image");
curl_mime_filedata(part, "curl.png");
diff --git a/docs/libcurl/opts/GNURLINFO_TLS_SSL_PTR.3 b/docs/libcurl/opts/GNURLINFO_TLS_SSL_PTR.3
index c8c99ab85..0f06b9af6 100644
--- a/docs/libcurl/opts/GNURLINFO_TLS_SSL_PTR.3
+++ b/docs/libcurl/opts/GNURLINFO_TLS_SSL_PTR.3
@@ -54,7 +54,7 @@ struct curl_tlssessioninfo {
The \fIbackend\fP struct member is one of the defines in the CURLSSLBACKEND_*
series: CURLSSLBACKEND_NONE (when built without TLS support),
-CURLSSLBACKEND_CYASSL, CURLSSLBACKEND_DARWINSSL,
+CURLSSLBACKEND_WOLFSSL, CURLSSLBACKEND_DARWINSSL,
CURLSSLBACKEND_GNUTLS, CURLSSLBACKEND_GSKIT, CURLSSLBACKEND_MBEDTLS,
CURLSSLBACKEND_NSS, CURLSSLBACKEND_OPENSSL, CURLSSLBACKEND_POLARSSL,
CURLSSLBACKEND_SCHANNEL or CURLSSLBACKEND_MESALINK. (Note that the OpenSSL
@@ -83,9 +83,9 @@ mbedtls_ssl_context *
ssl_context *
.IP "Secure Channel"
CtxtHandle *
-.IP "Secure Transport (DarwinSSL)"
+.IP "Secure Transport"
SSLContext *
-.IP "WolfSSL (formerly CyaSSL)"
+.IP "wolfSSL"
SSL *
.IP "MesaLink"
SSL *
@@ -95,26 +95,26 @@ If the \fIinternals\fP pointer is NULL then either the SSL backend is not
supported, an SSL session has not yet been established or the connection is no
longer associated with the easy handle (eg curl_easy_perform has returned).
.SH LIMITATIONS
-\fBThis option has some limitations that could make it unsafe when it comes to
-the manual verification of certificates.\fP
+This option has some limitations that could make it unsafe when it comes to
+the manual verification of certificates.
This option only retrieves the first in-use SSL session pointer for your easy
handle, however your easy handle may have more than one in-use SSL session if
using FTP over SSL. That is because the FTP protocol has a control channel and
-a data channel and one or both may be over SSL. \fBCurrently there is no way to
-retrieve a second in-use SSL session associated with an easy handle.\fP
+a data channel and one or both may be over SSL. Currently there is no way to
+retrieve a second in-use SSL session associated with an easy handle.
-This option has not been thoroughly tested with plaintext protocols that can be
-upgraded/downgraded to/from SSL: FTP, SMTP, POP3, IMAP when used with
+This option has not been thoroughly tested with plaintext protocols that can
+be upgraded/downgraded to/from SSL: FTP, SMTP, POP3, IMAP when used with
\fICURLOPT_USE_SSL(3)\fP. Though you will be able to retrieve the SSL pointer,
-it's possible that before you can do that \fBdata (including auth) may have
-already been sent over a connection after it was upgraded.\fP
+it's possible that before you can do that data (including auth) may have
+already been sent over a connection after it was upgraded.
Renegotiation. If unsafe renegotiation or renegotiation in a way that the
certificate is allowed to change is allowed by your SSL library this may occur
-and the certificate may change, and \fBdata may continue to be sent or received
+and the certificate may change, and data may continue to be sent or received
after renegotiation but before you are able to get the (possibly) changed SSL
-pointer,\fP with the (possibly) changed certificate information.
+pointer, with the (possibly) changed certificate information.
If you are using OpenSSL or wolfSSL then \fICURLOPT_SSL_CTX_FUNCTION(3)\fP can
be used to set a certificate verification callback in the CTX. That is safer
diff --git a/docs/libcurl/opts/GNURLMOPT_SOCKETFUNCTION.3 b/docs/libcurl/opts/GNURLMOPT_SOCKETFUNCTION.3
index 108f8eaa6..cd7b49dce 100644
--- a/docs/libcurl/opts/GNURLMOPT_SOCKETFUNCTION.3
+++ b/docs/libcurl/opts/GNURLMOPT_SOCKETFUNCTION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -38,14 +38,24 @@ CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_SOCKETFUNCTION, socket_callb
Pass a pointer to your callback function, which should match the prototype
shown above.
-When the \fIcurl_multi_socket_action(3)\fP function runs, it informs the
+When the \fIcurl_multi_socket_action(3)\fP function is called, it informs the
application about updates in the socket (file descriptor) status by doing
-none, one, or multiple calls to the \fBsocket_callback\fP. The callback gets
-status updates with changes since the previous time the callback was called.
-If the given callback pointer is NULL, no callback will be called. Set the
-callback's \fBuserp\fP argument with \fICURLMOPT_SOCKETDATA(3)\fP. See
-\fIcurl_multi_socket_action(3)\fP for more details on how the callback is used
-and should work.
+none, one, or multiple calls to the \fBsocket_callback\fP. The callback
+function gets status updates with changes since the previous time the callback
+was called. If the given callback pointer is set to NULL, no callback will be
+called.
+.SH "CALLBACK ARGUMENTS"
+\fIeasy\fP identifies the specific transfer for which this update is related.
+
+\fIs\fP is the specific socket this function invocation concerns. If the
+\fBwhat\fP argument is not CURL_POLL_REMOVE then it holds information about
+what activity on this socket the application is supposed to
+monitor. Subsequent calls to this callback might update the \fBwhat\fP bits
+for a socket that is already monitored.
+
+\fBuserp\fP is set with \fICURLMOPT_SOCKETDATA(3)\fP.
+
+\fBsocketp\fP is set with \fIcurl_multi_assign(3)\fP or will be NULL.
The \fBwhat\fP parameter informs the callback on the status of the given
socket. It can hold one of these values:
diff --git a/docs/libcurl/opts/GNURLOPT_CAINFO.3 b/docs/libcurl/opts/GNURLOPT_CAINFO.3
index 175660ef6..1a3ca4319 100644
--- a/docs/libcurl/opts/GNURLOPT_CAINFO.3
+++ b/docs/libcurl/opts/GNURLOPT_CAINFO.3
@@ -46,22 +46,20 @@ libnssckbi.so, which contains a more comprehensive set of trust information
than supported by nss-pem, because libnssckbi.so also includes information
about distrusted certificates.
-(iOS and macOS) If curl is built against Secure Transport, then this
-option is supported for backward compatibility with other SSL engines, but it
-should not be set. If the option is not set, then curl will use the
-certificates in the system and user Keychain to verify the peer, which is the
-preferred method of verifying the peer's certificate chain.
+(iOS and macOS) When curl uses Secure Transport this option is supported. If
+the option is not set, then curl will use the certificates in the system and
+user Keychain to verify the peer.
(Schannel) This option is supported for Schannel in Windows 7 or later but we
recommend not using it until Windows 8 since it works better starting then.
-Added in libcurl 7.60. This option is supported for backward compatibility
-with other SSL engines; instead it is recommended to use Windows' store of
-root certificates (the default for Schannel).
+If the option is not set, then curl will use the certificates in the Windows'
+store of root certificates (the default for Schannel).
The application does not have to keep the string around after setting this
option.
.SH DEFAULT
-Built-in system specific
+Built-in system specific. When curl is built with Secure Transport or
+Schannel, this option is not set by default.
.SH PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
.SH EXAMPLE
@@ -75,8 +73,8 @@ if(curl) {
}
.fi
.SH AVAILABILITY
-For SSL engines that don't support certificate files the CURLOPT_CAINFO option
-is ignored. Refer to https://curl.haxx.se/docs/ssl-compared.html
+For the SSL engines that don't support certificate files the CURLOPT_CAINFO
+option is ignored. Schannel support added in libcurl 7.60.
.SH RETURN VALUE
Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
CURLE_OUT_OF_MEMORY if there was insufficient heap space.
diff --git a/docs/libcurl/opts/GNURLOPT_FOLLOWLOCATION.3 b/docs/libcurl/opts/GNURLOPT_FOLLOWLOCATION.3
index bacba572a..2b6372bd3 100644
--- a/docs/libcurl/opts/GNURLOPT_FOLLOWLOCATION.3
+++ b/docs/libcurl/opts/GNURLOPT_FOLLOWLOCATION.3
@@ -39,7 +39,8 @@ libcurl will follow.
libcurl limits what protocols it automatically follows to. The accepted
protocols are set with \fICURLOPT_REDIR_PROTOCOLS(3)\fP. By default libcurl
-will allow all protocols on redirect except those disabled for security
+will allow HTTP, HTTPS, FTP and FTPS on redirect (7.65.2). Older versions of
+libcurl allowed all protocols on redirect except those disabled for security
reasons: Since 7.19.4 FILE and SCP are disabled, and since 7.40.0 SMB and SMBS
are also disabled.
diff --git a/docs/libcurl/opts/GNURLOPT_HEADEROPT.3 b/docs/libcurl/opts/GNURLOPT_HEADEROPT.3
index 643f92ed5..eaea05dff 100644
--- a/docs/libcurl/opts/GNURLOPT_HEADEROPT.3
+++ b/docs/libcurl/opts/GNURLOPT_HEADEROPT.3
@@ -57,12 +57,14 @@ if(curl) {
list = curl_slist_append(list, "Accept:");
curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
curl_easy_setopt(curl, CURLOPT_PROXY, "http://localhost:8080");
+ curl_easy_setopt(curl, CURLOPT_HTTPHEADER, list);
/* HTTPS over a proxy makes a separate CONNECT to the proxy, so tell
libcurl to not send the custom headers to the proxy. Keep them
separate! */
curl_easy_setopt(curl, CURLOPT_HEADEROPT, CURLHEADER_SEPARATE);
ret = curl_easy_perform(curl);
+ curl_slist_free_all(list);
curl_easy_cleanup(curl);
}
.fi
diff --git a/docs/libcurl/opts/GNURLOPT_HTTP_VERSION.3 b/docs/libcurl/opts/GNURLOPT_HTTP_VERSION.3
index 3d3bc74cc..3716ff933 100644
--- a/docs/libcurl/opts/GNURLOPT_HTTP_VERSION.3
+++ b/docs/libcurl/opts/GNURLOPT_HTTP_VERSION.3
@@ -29,9 +29,7 @@ CURLOPT_HTTP_VERSION \- specify HTTP protocol version to use
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_HTTP_VERSION, long version);
.SH DESCRIPTION
Pass \fIversion\fP a long, set to one of the values described below. They ask
-libcurl to use the specific HTTP versions. This is not sensible to do unless
-you have a good reason. You have to set this option if you want to use
-libcurl's HTTP/2 support.
+libcurl to use the specific HTTP versions.
Note that the HTTP version is just a request. libcurl will still prioritize to
re-use an existing connection so it might then re-use a connection using a
diff --git a/docs/libcurl/opts/GNURLOPT_MAIL_RCPT.3 b/docs/libcurl/opts/GNURLOPT_MAIL_RCPT.3
index 708c742a6..af43f235c 100644
--- a/docs/libcurl/opts/GNURLOPT_MAIL_RCPT.3
+++ b/docs/libcurl/opts/GNURLOPT_MAIL_RCPT.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -31,9 +31,10 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_MAIL_RCPT,
struct curl_slist *rcpts);
.SH DESCRIPTION
Pass a pointer to a linked list of recipients to pass to the server in your
-SMTP mail request. The linked list should be a fully valid list of \fBstruct
-curl_slist\fP structs properly filled in. Use \fIcurl_slist_append(3)\fP to
-create the list and \fIcurl_slist_free_all(3)\fP to clean up an entire list.
+SMTP mail request. The linked list should be a fully valid list of
+\fBstruct curl_slist\fP structs properly filled in. Use
+\fIcurl_slist_append(3)\fP to create the list and \fIcurl_slist_free_all(3)\fP
+to clean up an entire list.
When performing a mail transfer, each recipient should be specified within a
pair of angled brackets (<>), however, should you not use an angled bracket as
diff --git a/docs/libcurl/opts/GNURLOPT_PINNEDPUBLICKEY.3 b/docs/libcurl/opts/GNURLOPT_PINNEDPUBLICKEY.3
index a0e15a686..e056f4b13 100644
--- a/docs/libcurl/opts/GNURLOPT_PINNEDPUBLICKEY.3
+++ b/docs/libcurl/opts/GNURLOPT_PINNEDPUBLICKEY.3
@@ -109,7 +109,7 @@ PEM/DER support:
sha256 support:
- 7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL
+ 7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL
7.47.0: mbedtls
diff --git a/docs/libcurl/opts/GNURLOPT_PROXY_SSLVERSION.3 b/docs/libcurl/opts/GNURLOPT_PROXY_SSLVERSION.3
index fe2f945e8..e09364277 100644
--- a/docs/libcurl/opts/GNURLOPT_PROXY_SSLVERSION.3
+++ b/docs/libcurl/opts/GNURLOPT_PROXY_SSLVERSION.3
@@ -69,6 +69,11 @@ The flag defines maximum supported TLS version as TLSv1.2.
The flag defines maximum supported TLS version as TLSv1.3.
(Added in 7.54.0)
.RE
+
+In versions of curl prior to 7.54 the CURL_SSLVERSION_TLS options were
+documented to allow \fIonly\fP the specified TLS version, but behavior was
+inconsistent depending on the TLS library.
+
.SH DEFAULT
CURL_SSLVERSION_DEFAULT
.SH PROTOCOLS
diff --git a/docs/libcurl/opts/GNURLOPT_PROXY_SSL_OPTIONS.3 b/docs/libcurl/opts/GNURLOPT_PROXY_SSL_OPTIONS.3
index a994619df..7478e52f3 100644
--- a/docs/libcurl/opts/GNURLOPT_PROXY_SSL_OPTIONS.3
+++ b/docs/libcurl/opts/GNURLOPT_PROXY_SSL_OPTIONS.3
@@ -39,13 +39,10 @@ lessens the security, and by setting this option to 1 you ask for exactly
that. This option is only supported for DarwinSSL, NSS and OpenSSL.
\fICURLSSLOPT_NO_REVOKE\fP tells libcurl to disable certificate revocation
-checks for those SSL backends where such behavior is present. \fBCurrently
-this option is only supported for Schannel (the native Windows SSL library),
-with an exception in the case of Windows' Untrusted Publishers blacklist which
-it seems can't be bypassed.\fP This option may have broader support to
-accommodate other SSL backends in the future.
-https://curl.haxx.se/docs/ssl-compared.html
-
+checks for those SSL backends where such behavior is present. This option is
+only supported for Schannel (the native Windows SSL library), with an
+exception in the case of Windows' Untrusted Publishers blacklist which it
+seems can't be bypassed.
.SH DEFAULT
0
.SH PROTOCOLS
diff --git a/docs/libcurl/opts/GNURLOPT_RANGE.3 b/docs/libcurl/opts/GNURLOPT_RANGE.3
index dd393c27d..dcfbd58a8 100644
--- a/docs/libcurl/opts/GNURLOPT_RANGE.3
+++ b/docs/libcurl/opts/GNURLOPT_RANGE.3
@@ -43,6 +43,14 @@ For RTSP, the formatting of a range should follow RFC2326 Section 12.29. For
RTSP, byte ranges are \fBnot\fP permitted. Instead, ranges should be given in
npt, utc, or smpte formats.
+For HTTP PUT uploads this option should not be used, since it may conflict with
+other options. If you need to upload arbitrary parts of a file (like for
+Amazon's web services) support is limited. We suggest set resume position using
+\fICURLOPT_RESUME_FROM(3)\fP, set end (resume+size) position using
+\fICURLOPT_INFILESIZE(3)\fP and seek to the resume position before initiating
+the transfer for each part. For more information refer to
+https://curl.haxx.se/mail/lib-2019-05/0012.html
+
Pass a NULL to this option to disable the use of ranges.
The application does not have to keep the string around after setting this
diff --git a/docs/libcurl/opts/GNURLOPT_REDIR_PROTOCOLS.3 b/docs/libcurl/opts/GNURLOPT_REDIR_PROTOCOLS.3
index cb5010f8f..3606b9379 100644
--- a/docs/libcurl/opts/GNURLOPT_REDIR_PROTOCOLS.3
+++ b/docs/libcurl/opts/GNURLOPT_REDIR_PROTOCOLS.3
@@ -37,10 +37,11 @@ redirections.
Protocols denied by \fICURLOPT_PROTOCOLS(3)\fP are not overridden by this
option.
-By default libcurl will allow all protocols on redirect except several disabled
-for security reasons: Since 7.19.4 FILE and SCP are disabled, and since 7.40.0
-SMB and SMBS are also disabled. \fICURLPROTO_ALL\fP enables all protocols on
-redirect, including those disabled for security.
+By default libcurl will allow HTTP, HTTPS, FTP and FTPS on redirect (7.65.2).
+Older versions of libcurl allowed all protocols on redirect except several
+disabled for security reasons: Since 7.19.4 FILE and SCP are disabled, and
+since 7.40.0 SMB and SMBS are also disabled. \fICURLPROTO_ALL\fP enables all
+protocols on redirect, including those disabled for security.
These are the available protocol defines:
.nf
diff --git a/docs/libcurl/opts/GNURLOPT_RTSP_REQUEST.3 b/docs/libcurl/opts/GNURLOPT_RTSP_REQUEST.3
index f7d293c29..5bd47a309 100644
--- a/docs/libcurl/opts/GNURLOPT_RTSP_REQUEST.3
+++ b/docs/libcurl/opts/GNURLOPT_RTSP_REQUEST.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2014, 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -33,15 +33,15 @@ enum values as a long in the \fIrequest\fP argument. Unless noted otherwise,
commands require the Session ID to be initialized.
.IP CURL_RTSPREQ_OPTIONS
Used to retrieve the available methods of the server. The application is
-responsible for parsing and obeying the response. \fB(The session ID is not
-needed for this method.)\fP
+responsible for parsing and obeying the response. The session ID is not needed
+for this method.
.IP CURL_RTSPREQ_DESCRIBE
Used to get the low level description of a stream. The application should note
what formats it understands in the \fI'Accept:'\fP header. Unless set
-manually, libcurl will automatically fill in \fI'Accept:
-application/sdp'\fP. Time-condition headers will be added to Describe requests
-if the \fICURLOPT_TIMECONDITION(3)\fP option is active. \fB(The session ID is
-not needed for this method)\fP
+manually, libcurl will automatically fill in \fI'Accept: application/sdp'\fP.
+Time-condition headers will be added to Describe requests if the
+\fICURLOPT_TIMECONDITION(3)\fP option is active. \fB(The session ID is not
+needed for this method)\fP
.IP CURL_RTSPREQ_ANNOUNCE
When sent by a client, this method changes the description of the session. For
example, if a client is using the server to record a meeting, the client can
@@ -53,8 +53,8 @@ Setup is used to initialize the transport layer for the session. The
application must set the desired Transport options for a session by using the
\fICURLOPT_RTSP_TRANSPORT(3)\fP option prior to calling setup. If no session
ID is currently set with \fICURLOPT_RTSP_SESSION_ID(3)\fP, libcurl will
-extract and use the session ID in the response to this request. \fB(The
-session ID is not needed for this method).\fP
+extract and use the session ID in the response to this request. The session ID
+is not needed for this method.
.IP CURL_RTSPREQ_PLAY
Send a Play command to the server. Use the \fICURLOPT_RANGE(3)\fP option to
modify the playback time (e.g. 'npt=10-15').
diff --git a/docs/libcurl/opts/GNURLOPT_RTSP_STREAM_URI.3 b/docs/libcurl/opts/GNURLOPT_RTSP_STREAM_URI.3
index 3a8ac803f..9d9a00478 100644
--- a/docs/libcurl/opts/GNURLOPT_RTSP_STREAM_URI.3
+++ b/docs/libcurl/opts/GNURLOPT_RTSP_STREAM_URI.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -42,7 +42,7 @@ examples might be set to \fIrtsp://foo/twister\fP
The application does not have to keep the string around after setting this
option.
.SH DEFAULT
-'*'
+\&'*'
.SH PROTOCOLS
RTSP
.SH EXAMPLE
diff --git a/docs/libcurl/opts/GNURLOPT_SEEKDATA.3 b/docs/libcurl/opts/GNURLOPT_SEEKDATA.3
index b898c7ce4..b864b78ad 100644
--- a/docs/libcurl/opts/GNURLOPT_SEEKDATA.3
+++ b/docs/libcurl/opts/GNURLOPT_SEEKDATA.3
@@ -40,7 +40,7 @@ HTTP, FTP, SFTP
static int seek_cb(void *userp, curl_off_t offset, int origin)
{
struct data *d = (struct data *)userp;
- lseek(our_fd, offset, origin);
+ lseek(d->our_fd, offset, origin);
return CURL_SEEKFUNC_OK;
}
diff --git a/docs/libcurl/opts/GNURLOPT_SSLVERSION.3 b/docs/libcurl/opts/GNURLOPT_SSLVERSION.3
index 61c603610..8e1cc7f54 100644
--- a/docs/libcurl/opts/GNURLOPT_SSLVERSION.3
+++ b/docs/libcurl/opts/GNURLOPT_SSLVERSION.3
@@ -79,6 +79,11 @@ The flag defines maximum supported TLS version as TLS v1.2.
The flag defines maximum supported TLS version as TLS v1.3.
(Added in 7.54.0)
.RE
+
+In versions of curl prior to 7.54 the CURL_SSLVERSION_TLS options were
+documented to allow \fIonly\fP the specified TLS version, but behavior was
+inconsistent depending on the TLS library.
+
.SH DEFAULT
CURL_SSLVERSION_DEFAULT
.SH PROTOCOLS
diff --git a/docs/libcurl/opts/GNURLOPT_SSL_CTX_DATA.3 b/docs/libcurl/opts/GNURLOPT_SSL_CTX_DATA.3
index 7b4a7c702..166bb866e 100644
--- a/docs/libcurl/opts/GNURLOPT_SSL_CTX_DATA.3
+++ b/docs/libcurl/opts/GNURLOPT_SSL_CTX_DATA.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -112,8 +112,8 @@ int main(void)
}
.fi
.SH AVAILABILITY
-Added in 7.11.0 for OpenSSL. Added in 7.42.0 for wolfSSL/CyaSSL. Other SSL
-backends not supported.
+Added in 7.11.0 for OpenSSL, in 7.42.0 for wolfSSL and in 7.54.0 for
+mbedTLS. Other SSL backends are not supported.
.SH RETURN VALUE
CURLE_OK if supported; or an error such as:
diff --git a/docs/libcurl/opts/GNURLOPT_SSL_CTX_FUNCTION.3 b/docs/libcurl/opts/GNURLOPT_SSL_CTX_FUNCTION.3
index e75546ae0..49dd2ecf1 100644
--- a/docs/libcurl/opts/GNURLOPT_SSL_CTX_FUNCTION.3
+++ b/docs/libcurl/opts/GNURLOPT_SSL_CTX_FUNCTION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -22,7 +22,7 @@
.\"
.TH GNURLOPT_SSL_CTX_FUNCTION 3 "19 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options"
.SH NAME
-CURLOPT_SSL_CTX_FUNCTION \- SSL context callback for OpenSSL, wolfSSL/CyaSSL or mbedTLS
+CURLOPT_SSL_CTX_FUNCTION \- SSL context callback for OpenSSL, wolfSSL or mbedTLS
.SH SYNOPSIS
.nf
#include <gnurl/curl.h>
@@ -32,9 +32,8 @@ CURLcode ssl_ctx_callback(CURL *curl, void *ssl_ctx, void *userptr);
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_CTX_FUNCTION,
ssl_ctx_callback);
.SH DESCRIPTION
-This option only works for libcurl powered by OpenSSL, wolfSSL/CyaSSL or
-mbedTLS. If libcurl was built against another SSL library this functionality is
-absent.
+This option only works for libcurl powered by OpenSSL, wolfSSL or mbedTLS. If
+libcurl was built against another SSL library this functionality is absent.
Pass a pointer to your callback function, which should match the prototype
shown above.
@@ -43,11 +42,11 @@ This callback function gets called by libcurl just before the initialization
of an SSL connection after having processed all other SSL related options to
give a last chance to an application to modify the behavior of the SSL
initialization. The \fIssl_ctx\fP parameter is actually a pointer to the SSL
-library's \fISSL_CTX\fP for OpenSSL or wolfSSL/CyaSSL, and a pointer to
-\fImbedtls_ssl_config\fP for mbedTLS. If an error is returned from the callback
-no attempt to establish a connection is made and the perform operation will
-return the callback's error code. Set the \fIuserptr\fP argument with the
-\fICURLOPT_SSL_CTX_DATA(3)\fP option.
+library's \fISSL_CTX\fP for OpenSSL or wolfSSL, and a pointer to
+\fImbedtls_ssl_config\fP for mbedTLS. If an error is returned from the
+callback no attempt to establish a connection is made and the perform
+operation will return the callback's error code. Set the \fIuserptr\fP
+argument with the \fICURLOPT_SSL_CTX_DATA(3)\fP option.
This function will get called on all new connections made to a server, during
the SSL negotiation. The \fIssl_ctx\fP will point to a newly initialized object
@@ -72,8 +71,8 @@ See cacertinmem.c in docs/examples directory for usage example.
https://curl.haxx.se/libcurl/c/cacertinmem.html
.SH AVAILABILITY
-Added in 7.11.0 for OpenSSL. Added in 7.42.0 for wolfSSL/CyaSSL. Added in
-7.54.0 for mbedTLS. Other SSL backends not supported.
+Added in 7.11.0 for OpenSSL, in 7.42.0 for wolfSSL and in 7.54.0 for
+mbedTLS. Other SSL backends are not supported.
.SH RETURN VALUE
CURLE_OK if supported; or an error such as:
diff --git a/docs/libcurl/opts/GNURLOPT_SSL_OPTIONS.3 b/docs/libcurl/opts/GNURLOPT_SSL_OPTIONS.3
index 6964360cb..f3fc74ab3 100644
--- a/docs/libcurl/opts/GNURLOPT_SSL_OPTIONS.3
+++ b/docs/libcurl/opts/GNURLOPT_SSL_OPTIONS.3
@@ -41,12 +41,10 @@ This option is only supported for DarwinSSL, NSS and OpenSSL.
Added in 7.44.0:
\fICURLSSLOPT_NO_REVOKE\fP tells libcurl to disable certificate revocation
-checks for those SSL backends where such behavior is present. \fBCurrently this
-option is only supported for Schannel (the native Windows SSL library), with an
-exception in the case of Windows' Untrusted Publishers blacklist which it seems
-can't be bypassed.\fP This option may have broader support to accommodate other
-SSL backends in the future.
-https://curl.haxx.se/docs/ssl-compared.html
+checks for those SSL backends where such behavior is present. This option is
+only supported for Schannel (the native Windows SSL library), with an
+exception in the case of Windows' Untrusted Publishers blacklist which it
+seems can't be bypassed.
.SH DEFAULT
0
.SH PROTOCOLS
diff --git a/docs/libcurl/symbols-in-versions b/docs/libcurl/symbols-in-versions
index 715badf97..5244a7cdb 100644
--- a/docs/libcurl/symbols-in-versions
+++ b/docs/libcurl/symbols-in-versions
@@ -345,6 +345,7 @@ CURLOPTTYPE_LONG 7.1
CURLOPTTYPE_OBJECTPOINT 7.1
CURLOPTTYPE_OFF_T 7.11.0
CURLOPTTYPE_STRINGPOINT 7.46.0
+CURLOPTTYPE_SLISTPOINT 7.65.2
CURLOPT_ABSTRACT_UNIX_SOCKET 7.53.0
CURLOPT_ACCEPTTIMEOUT_MS 7.24.0
CURLOPT_ACCEPT_ENCODING 7.21.6
diff --git a/include/gnurl/curl.h b/include/gnurl/curl.h
index e7f812dac..19f6c0b5a 100644
--- a/include/gnurl/curl.h
+++ b/include/gnurl/curl.h
@@ -927,7 +927,6 @@ typedef enum {
but 32 */
#define CURLOPTTYPE_LONG 0
#define CURLOPTTYPE_OBJECTPOINT 10000
-#define CURLOPTTYPE_STRINGPOINT 10000
#define CURLOPTTYPE_FUNCTIONPOINT 20000
#define CURLOPTTYPE_OFF_T 30000
@@ -947,12 +946,15 @@ typedef enum {
/* The macro "##" is ISO C, we assume pre-ISO C doesn't support it. */
#define LONG CURLOPTTYPE_LONG
#define OBJECTPOINT CURLOPTTYPE_OBJECTPOINT
-#define STRINGPOINT CURLOPTTYPE_OBJECTPOINT
#define FUNCTIONPOINT CURLOPTTYPE_FUNCTIONPOINT
#define OFF_T CURLOPTTYPE_OFF_T
#define CINIT(name,type,number) CURLOPT_/**/name = type + number
#endif
+/* handy aliases that make no run-time difference */
+#define CURLOPTTYPE_STRINGPOINT CURLOPTTYPE_OBJECTPOINT
+#define CURLOPTTYPE_SLISTPOINT CURLOPTTYPE_OBJECTPOINT
+
/*
* This macro-mania below setups the CURLOPT_[what] enum, to be used with
* curl_easy_setopt(). The first argument in the CINIT() macro is the [what]
@@ -1050,7 +1052,7 @@ typedef enum {
/* This points to a linked list of headers, struct curl_slist kind. This
list is also used for RTSP (in spite of its name) */
- CINIT(HTTPHEADER, OBJECTPOINT, 23),
+ CINIT(HTTPHEADER, SLISTPOINT, 23),
/* This points to a linked list of post entries, struct curl_httppost */
CINIT(HTTPPOST, OBJECTPOINT, 24),
@@ -1065,7 +1067,7 @@ typedef enum {
CINIT(CRLF, LONG, 27),
/* send linked-list of QUOTE commands */
- CINIT(QUOTE, OBJECTPOINT, 28),
+ CINIT(QUOTE, SLISTPOINT, 28),
/* send FILE * or void * to store headers to, if you use a callback it
is simply passed to the callback unmodified */
@@ -1100,7 +1102,7 @@ typedef enum {
/* 38 is not used */
/* send linked-list of post-transfer QUOTE commands */
- CINIT(POSTQUOTE, OBJECTPOINT, 39),
+ CINIT(POSTQUOTE, SLISTPOINT, 39),
CINIT(OBSOLETE40, OBJECTPOINT, 40), /* OBSOLETE, do not use! */
@@ -1176,7 +1178,7 @@ typedef enum {
CINIT(FILETIME, LONG, 69),
/* This points to a linked list of telnet options */
- CINIT(TELNETOPTIONS, OBJECTPOINT, 70),
+ CINIT(TELNETOPTIONS, SLISTPOINT, 70),
/* Max amount of cached alive connections */
CINIT(MAXCONNECTS, LONG, 71),
@@ -1260,7 +1262,7 @@ typedef enum {
CINIT(DNS_CACHE_TIMEOUT, LONG, 92),
/* send linked-list of pre-transfer QUOTE commands */
- CINIT(PREQUOTE, OBJECTPOINT, 93),
+ CINIT(PREQUOTE, SLISTPOINT, 93),
/* set the debug function */
CINIT(DEBUGFUNCTION, FUNCTIONPOINT, 94),
@@ -1300,7 +1302,7 @@ typedef enum {
CINIT(PRIVATE, OBJECTPOINT, 103),
/* Set aliases for HTTP 200 in the HTTP Response header */
- CINIT(HTTP200ALIASES, OBJECTPOINT, 104),
+ CINIT(HTTP200ALIASES, SLISTPOINT, 104),
/* Continue to send authentication (user+password) when following locations,
even when hostname changed. This can potentially send off the name
@@ -1572,8 +1574,7 @@ typedef enum {
/* set the bitmask for the protocols that libcurl is allowed to follow to,
as a subset of the CURLOPT_PROTOCOLS ones. That means the protocol needs
- to be set in both bitmasks to be allowed to get redirected to. Defaults
- to all protocols except FILE and SCP. */
+ to be set in both bitmasks to be allowed to get redirected to. */
CINIT(REDIR_PROTOCOLS, LONG, 182),
/* set the SSH knownhost file name to use */
@@ -1590,7 +1591,7 @@ typedef enum {
CINIT(MAIL_FROM, STRINGPOINT, 186),
/* set the list of SMTP mail receiver(s) */
- CINIT(MAIL_RCPT, OBJECTPOINT, 187),
+ CINIT(MAIL_RCPT, SLISTPOINT, 187),
/* FTP: send PRET before PASV */
CINIT(FTP_USE_PRET, LONG, 188),
@@ -1640,7 +1641,7 @@ typedef enum {
CINIT(FNMATCH_DATA, OBJECTPOINT, 202),
/* send linked-list of name:port:address sets */
- CINIT(RESOLVE, OBJECTPOINT, 203),
+ CINIT(RESOLVE, SLISTPOINT, 203),
/* Set a username for authenticated TLS */
CINIT(TLSAUTH_USERNAME, STRINGPOINT, 204),
@@ -1730,7 +1731,7 @@ typedef enum {
/* This points to a linked list of headers used for proxy requests only,
struct curl_slist kind */
- CINIT(PROXYHEADER, OBJECTPOINT, 228),
+ CINIT(PROXYHEADER, SLISTPOINT, 228),
/* Pass in a bitmask of "header options" */
CINIT(HEADEROPT, LONG, 229),
@@ -1777,7 +1778,7 @@ typedef enum {
/* Linked-list of host:port:connect-to-host:connect-to-port,
overrides the URL's host:port (only for the network layer) */
- CINIT(CONNECT_TO, OBJECTPOINT, 243),
+ CINIT(CONNECT_TO, SLISTPOINT, 243),
/* Set TCP Fast Open */
CINIT(TCP_FASTOPEN, LONG, 244),
diff --git a/include/gnurl/curlver.h b/include/gnurl/curlver.h
index 4afe4a9d1..846b9796e 100644
--- a/include/gnurl/curlver.h
+++ b/include/gnurl/curlver.h
@@ -30,13 +30,13 @@
/* This is the version number of the libcurl package from which this header
file origins: */
-#define LIBCURL_VERSION "7.65.1-DEV"
+#define LIBCURL_VERSION "7.65.3-DEV"
/* The numeric version number is also available "in parts" by using these
defines: */
#define LIBCURL_VERSION_MAJOR 7
#define LIBCURL_VERSION_MINOR 65
-#define LIBCURL_VERSION_PATCH 1
+#define LIBCURL_VERSION_PATCH 3
/* This is the numeric version of the libcurl version number, meant for easier
parsing and comparions by programs. The LIBCURL_VERSION_NUM define will
@@ -57,7 +57,7 @@
CURL_VERSION_BITS() macro since curl's own configure script greps for it
and needs it to contain the full number.
*/
-#define LIBCURL_VERSION_NUM 0x074101
+#define LIBCURL_VERSION_NUM 0x074103
/*
* This is the date and time when the full source package was created. The
diff --git a/include/gnurl/typecheck-gcc.h b/include/gnurl/typecheck-gcc.h
index 2d1de4d43..eeb36abc0 100644
--- a/include/gnurl/typecheck-gcc.h
+++ b/include/gnurl/typecheck-gcc.h
@@ -300,12 +300,14 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_off_t,
(option) == CURLOPT_PROXY_SSLKEY || \
(option) == CURLOPT_PROXY_SSLKEYTYPE || \
(option) == CURLOPT_PROXY_SSL_CIPHER_LIST || \
+ (option) == CURLOPT_PROXY_TLS13_CIPHERS || \
(option) == CURLOPT_PROXY_TLSAUTH_PASSWORD || \
- (option) == CURLOPT_PROXY_TLSAUTH_USERNAME || \
(option) == CURLOPT_PROXY_TLSAUTH_TYPE || \
+ (option) == CURLOPT_PROXY_TLSAUTH_USERNAME || \
(option) == CURLOPT_RANDOM_FILE || \
(option) == CURLOPT_RANGE || \
(option) == CURLOPT_REFERER || \
+ (option) == CURLOPT_REQUEST_TARGET || \
(option) == CURLOPT_RTSP_SESSION_ID || \
(option) == CURLOPT_RTSP_STREAM_URI || \
(option) == CURLOPT_RTSP_TRANSPORT || \
@@ -321,6 +323,7 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_off_t,
(option) == CURLOPT_SSLKEY || \
(option) == CURLOPT_SSLKEYTYPE || \
(option) == CURLOPT_SSL_CIPHER_LIST || \
+ (option) == CURLOPT_TLS13_CIPHERS || \
(option) == CURLOPT_TLSAUTH_PASSWORD || \
(option) == CURLOPT_TLSAUTH_TYPE || \
(option) == CURLOPT_TLSAUTH_USERNAME || \
@@ -362,7 +365,7 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_off_t,
(option) == CURLOPT_SSL_CTX_DATA || \
(option) == CURLOPT_WRITEDATA || \
(option) == CURLOPT_RESOLVER_START_DATA || \
- (option) == CURLOPT_CURLU || \
+ (option) == CURLOPT_TRAILERDATA || \
0)
/* evaluates to true if option takes a POST data argument (void* or char*) */
@@ -382,6 +385,7 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_off_t,
(option) == CURLOPT_QUOTE || \
(option) == CURLOPT_RESOLVE || \
(option) == CURLOPT_TELNETOPTIONS || \
+ (option) == CURLOPT_CONNECT_TO || \
0)
/* groups of curl_easy_getinfo infos that take the same type of argument */
diff --git a/lib/Makefile.inc b/lib/Makefile.inc
index 235b82b0e..37f702681 100644
--- a/lib/Makefile.inc
+++ b/lib/Makefile.inc
@@ -29,12 +29,12 @@ LIB_VAUTH_HFILES = vauth/vauth.h vauth/digest.h vauth/ntlm.h
LIB_VTLS_CFILES = vtls/openssl.c vtls/gtls.c vtls/vtls.c vtls/nss.c \
vtls/polarssl.c vtls/polarssl_threadlock.c \
- vtls/cyassl.c vtls/schannel.c vtls/schannel_verify.c \
+ vtls/wolfssl.c vtls/schannel.c vtls/schannel_verify.c \
vtls/sectransp.c vtls/gskit.c vtls/mbedtls.c vtls/mesalink.c
LIB_VTLS_HFILES = vtls/openssl.h vtls/vtls.h vtls/gtls.h \
vtls/nssg.h vtls/polarssl.h vtls/polarssl_threadlock.h \
- vtls/cyassl.h vtls/schannel.h vtls/sectransp.h vtls/gskit.h \
+ vtls/wolfssl.h vtls/schannel.h vtls/sectransp.h vtls/gskit.h \
vtls/mbedtls.h vtls/mesalink.h
LIB_CFILES = file.c timeval.c base64.c hostip.c progress.c formdata.c \
diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c
index 8561a4724..6b14aa698 100644
--- a/lib/asyn-ares.c
+++ b/lib/asyn-ares.c
@@ -734,7 +734,11 @@ CURLcode Curl_set_dns_servers(struct Curl_easy *data,
return CURLE_OK;
#if (ARES_VERSION >= 0x010704)
+#if (ARES_VERSION >= 0x010b00)
+ ares_result = ares_set_servers_ports_csv(data->state.resolver, servers);
+#else
ares_result = ares_set_servers_csv(data->state.resolver, servers);
+#endif
switch(ares_result) {
case ARES_SUCCESS:
result = CURLE_OK;
diff --git a/lib/config-os400.h b/lib/config-os400.h
index bde4f0b33..a741e9185 100644
--- a/lib/config-os400.h
+++ b/lib/config-os400.h
@@ -127,12 +127,18 @@
/* Define if you have the `getpass_r' function. */
#undef HAVE_GETPASS_R
+/* Define to 1 if you have the getpeername function. */
+#define HAVE_GETPEERNAME 1
+
/* Define if you have the `getpwuid' function. */
#define HAVE_GETPWUID
/* Define if you have the `getservbyname' function. */
#define HAVE_GETSERVBYNAME
+/* Define to 1 if you have the getsockname function. */
+#define HAVE_GETSOCKNAME 1
+
/* Define if you have the `gettimeofday' function. */
#define HAVE_GETTIMEOFDAY
diff --git a/lib/config-symbian.h b/lib/config-symbian.h
index d23de3325..b7b93c6f4 100644
--- a/lib/config-symbian.h
+++ b/lib/config-symbian.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -478,9 +478,6 @@
/* Define to 1 if you have the `socket' function. */
#define HAVE_SOCKET 1
-/* Define to 1 if you have the `SSL_get_shutdown' function. */
-/*#define HAVE_SSL_GET_SHUTDOWN 1*/
-
/* Define to 1 if you have the <ssl.h> header file. */
/* #undef HAVE_SSL_H */
diff --git a/lib/config-vxworks.h b/lib/config-vxworks.h
index 8790f8266..89af3525b 100644
--- a/lib/config-vxworks.h
+++ b/lib/config-vxworks.h
@@ -541,9 +541,6 @@
/* Define to 1 if you have the `socket' function. */
#define HAVE_SOCKET 1
-/* Define to 1 if you have the `SSL_get_shutdown' function. */
-#define HAVE_SSL_GET_SHUTDOWN 1
-
/* Define to 1 if you have the <ssl.h> header file. */
/* #undef HAVE_SSL_H */
diff --git a/lib/connect.c b/lib/connect.c
index 002535b42..4a1f2c640 100644
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -368,6 +368,11 @@ static CURLcode bindlocal(struct connectdata *conn,
infof(data, "Name '%s' family %i resolved to '%s' family %i\n",
dev, af, myhost, h->addr->ai_family);
Curl_resolv_unlock(data, h);
+ if(af != h->addr->ai_family) {
+ /* bad IP version combo, signal the caller to try another address
+ family if available */
+ return CURLE_UNSUPPORTED_PROTOCOL;
+ }
done = 1;
}
else {
diff --git a/lib/cookie.c b/lib/cookie.c
index 05ce62193..9a9e14d01 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -820,7 +820,7 @@ Curl_cookie_add(struct Curl_easy *data,
break;
case 1:
/* This field got its explanation on the 23rd of May 2001 by
- Andrés García:
+ Andrés García:
flag: A TRUE/FALSE value indicating if all machines within a given
domain can access the variable. This value is set automatically by
@@ -834,7 +834,7 @@ Curl_cookie_add(struct Curl_easy *data,
case 2:
/* It turns out, that sometimes the file format allows the path
field to remain not filled in, we try to detect this and work
- around it! Andrés García made us aware of this... */
+ around it! Andrés García made us aware of this... */
if(strcmp("TRUE", ptr) && strcmp("FALSE", ptr)) {
/* only if the path doesn't look like a boolean option! */
co->path = strdup(ptr);
diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake
index 3d96c498c..5458cbaca 100644
--- a/lib/curl_config.h.cmake
+++ b/lib/curl_config.h.cmake
@@ -587,9 +587,6 @@
/* Define to 1 if you have the `socket' function. */
#cmakedefine HAVE_SOCKET 1
-/* Define to 1 if you have the `SSL_get_shutdown' function. */
-#cmakedefine HAVE_SSL_GET_SHUTDOWN 1
-
/* Define to 1 if you have the <ssl.h> header file. */
#cmakedefine HAVE_SSL_H 1
diff --git a/lib/curl_endian.h b/lib/curl_endian.h
index 4f345a6a2..9830e58fd 100644
--- a/lib/curl_endian.h
+++ b/lib/curl_endian.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -31,9 +31,6 @@ unsigned int Curl_read32_le(const unsigned char *buf);
/* Converts a 16-bit integer from big endian */
unsigned short Curl_read16_be(const unsigned char *buf);
-/* Converts a 32-bit integer to little endian */
-void Curl_write32_le(const int value, unsigned char *buffer);
-
#if (CURL_SIZEOF_CURL_OFF_T > 4)
/* Converts a 64-bit integer to little endian */
#if defined(HAVE_LONGLONG)
diff --git a/lib/curl_ntlm_core.c b/lib/curl_ntlm_core.c
index b6df38f71..9e6fdcab2 100644
--- a/lib/curl_ntlm_core.c
+++ b/lib/curl_ntlm_core.c
@@ -218,7 +218,6 @@ static bool encrypt_des(const unsigned char *in, unsigned char *out,
const unsigned char *key_56)
{
const CK_MECHANISM_TYPE mech = CKM_DES_ECB; /* DES cipher in ECB mode */
- PK11SlotInfo *slot = NULL;
char key[8]; /* expanded 64 bit key */
SECItem key_item;
PK11SymKey *symkey = NULL;
@@ -228,7 +227,7 @@ static bool encrypt_des(const unsigned char *in, unsigned char *out,
bool rv = FALSE;
/* use internal slot for DES encryption (requires NSS to be initialized) */
- slot = PK11_GetInternalKeySlot();
+ PK11SlotInfo *slot = PK11_GetInternalKeySlot();
if(!slot)
return FALSE;
diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index 3ce879237..19c7e0b79 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -648,7 +648,7 @@ int netware_init(void);
#if defined(USE_GNUTLS) || defined(USE_OPENSSL) || defined(USE_NSS) || \
defined(USE_MBEDTLS) || \
- defined(USE_CYASSL) || defined(USE_SCHANNEL) || \
+ defined(USE_WOLFSSL) || defined(USE_SCHANNEL) || \
defined(USE_SECTRANSP) || defined(USE_GSKIT) || defined(USE_MESALINK)
#define USE_SSL /* SSL support has been enabled */
#endif
diff --git a/lib/easy.c b/lib/easy.c
index 0cbe8c8da..58aeec2cf 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -1038,8 +1038,11 @@ CURLcode curl_easy_pause(struct Curl_easy *data, int action)
to have this handle checked soon */
if(!result &&
((newstate&(KEEP_RECV_PAUSE|KEEP_SEND_PAUSE)) !=
- (KEEP_RECV_PAUSE|KEEP_SEND_PAUSE)) )
+ (KEEP_RECV_PAUSE|KEEP_SEND_PAUSE)) ) {
Curl_expire(data, 0, EXPIRE_RUN_NOW); /* get this handle going again */
+ if(data->multi)
+ Curl_update_timer(data->multi);
+ }
/* This transfer may have been moved in or out of the bundle, update
the corresponding socket callback, if used */
diff --git a/lib/ftp.c b/lib/ftp.c
index 6d017ad18..a3c69d549 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -565,10 +565,8 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
#ifdef HAVE_GSSAPI
char * const buf = data->state.buffer;
#endif
- CURLcode result = CURLE_OK;
int code;
-
- result = Curl_pp_readresp(sockfd, pp, &code, size);
+ CURLcode result = Curl_pp_readresp(sockfd, pp, &code, size);
#if defined(HAVE_GSSAPI)
/* handle the security-oriented responses 6xx ***/
@@ -1499,24 +1497,14 @@ static CURLcode ftp_state_list(struct connectdata *conn)
static CURLcode ftp_state_retr_prequote(struct connectdata *conn)
{
- CURLcode result = CURLE_OK;
-
/* We've sent the TYPE, now we must send the list of prequote strings */
-
- result = ftp_state_quote(conn, TRUE, FTP_RETR_PREQUOTE);
-
- return result;
+ return ftp_state_quote(conn, TRUE, FTP_RETR_PREQUOTE);
}
static CURLcode ftp_state_stor_prequote(struct connectdata *conn)
{
- CURLcode result = CURLE_OK;
-
/* We've sent the TYPE, now we must send the list of prequote strings */
-
- result = ftp_state_quote(conn, TRUE, FTP_STOR_PREQUOTE);
-
- return result;
+ return ftp_state_quote(conn, TRUE, FTP_STOR_PREQUOTE);
}
static CURLcode ftp_state_type(struct connectdata *conn)
diff --git a/lib/hash.h b/lib/hash.h
index 90a25d1ca..558d0f47c 100644
--- a/lib/hash.h
+++ b/lib/hash.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -80,7 +80,7 @@ int Curl_hash_delete(struct curl_hash *h, void *key, size_t key_len);
void *Curl_hash_pick(struct curl_hash *, void *key, size_t key_len);
void Curl_hash_apply(struct curl_hash *h, void *user,
void (*cb)(void *user, void *ptr));
-int Curl_hash_count(struct curl_hash *h);
+#define Curl_hash_count(h) ((h)->size)
void Curl_hash_destroy(struct curl_hash *h);
void Curl_hash_clean(struct curl_hash *h);
void Curl_hash_clean_with_criterium(struct curl_hash *h, void *user,
diff --git a/lib/hostip.h b/lib/hostip.h
index 9dc0d5a17..1bda524be 100644
--- a/lib/hostip.h
+++ b/lib/hostip.h
@@ -61,7 +61,6 @@ struct connectdata;
* Returns a struct curl_hash pointer on success, NULL on failure.
*/
struct curl_hash *Curl_global_host_cache_init(void);
-void Curl_global_host_cache_dtor(void);
struct Curl_dns_entry {
Curl_addrinfo *addr;
@@ -124,9 +123,6 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn,
void Curl_resolv_unlock(struct Curl_easy *data,
struct Curl_dns_entry *dns);
-/* for debugging purposes only: */
-void Curl_scan_cache_used(void *user, void *ptr);
-
/* init a new dns cache and return success */
int Curl_mk_dnscache(struct curl_hash *hash);
@@ -237,11 +233,6 @@ CURLcode Curl_set_dns_local_ip6(struct Curl_easy *data,
void Curl_hostcache_clean(struct Curl_easy *data, struct curl_hash *hash);
/*
- * Destroy the hostcache of this handle.
- */
-void Curl_hostcache_destroy(struct Curl_easy *data);
-
-/*
* Populate the cache with specified entries from CURLOPT_RESOLVE.
*/
CURLcode Curl_loadhostpairs(struct Curl_easy *data);
diff --git a/lib/http.c b/lib/http.c
index 5a2ed4dec..db5e85b4b 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -383,7 +383,7 @@ static bool pickoneauth(struct auth *pick, unsigned long mask)
}
/*
- * Curl_http_perhapsrewind()
+ * http_perhapsrewind()
*
* If we are doing POST or PUT {
* If we have more data to send {
@@ -1881,9 +1881,10 @@ CURLcode Curl_add_custom_headers(struct connectdata *conn,
}
#ifndef CURL_DISABLE_PARSEDATE
-CURLcode Curl_add_timecondition(struct Curl_easy *data,
+CURLcode Curl_add_timecondition(const struct connectdata *conn,
Curl_send_buffer *req_buffer)
{
+ struct Curl_easy *data = conn->data;
const struct tm *tm;
struct tm keeptime;
CURLcode result;
@@ -1916,6 +1917,11 @@ CURLcode Curl_add_timecondition(struct Curl_easy *data,
break;
}
+ if(Curl_checkheaders(conn, condp)) {
+ /* A custom header was specified; it will be sent instead. */
+ return CURLE_OK;
+ }
+
/* The If-Modified-Since header family should have their times set in
* GMT as RFC2616 defines: "All HTTP date/time stamps MUST be
* represented in Greenwich Mean Time (GMT), without exception. For the
@@ -1941,10 +1947,10 @@ CURLcode Curl_add_timecondition(struct Curl_easy *data,
}
#else
/* disabled */
-CURLcode Curl_add_timecondition(struct Curl_easy *data,
+CURLcode Curl_add_timecondition(const struct connectdata *conn,
Curl_send_buffer *req_buffer)
{
- (void)data;
+ (void)conn;
(void)req_buffer;
return CURLE_OK;
}
@@ -2683,7 +2689,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
}
#endif
- result = Curl_add_timecondition(data, req_buffer);
+ result = Curl_add_timecondition(conn, req_buffer);
if(result)
return result;
@@ -3147,6 +3153,9 @@ static CURLcode header_append(struct Curl_easy *data,
struct SingleRequest *k,
size_t length)
{
+ /* length is at most the size of a full read buffer, for which the upper
+ bound is CURL_MAX_READ_SIZE. There is thus no chance of overflow in this
+ calculation. */
size_t newsize = k->hbuflen + length;
if(newsize > CURL_MAX_HTTP_HEADER) {
/* The reason to have a max limit for this is to avoid the risk of a bad
@@ -3511,8 +3520,10 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data,
else {
infof(data, "HTTP error before end of send, stop sending\n");
streamclose(conn, "Stop sending data before everything sent");
+ result = Curl_done_sending(conn, k);
+ if(result)
+ return result;
k->upload_done = TRUE;
- k->keepon &= ~KEEP_SEND; /* don't send */
if(data->state.expect100header)
k->exp100 = EXP100_FAILED;
}
diff --git a/lib/http.h b/lib/http.h
index 15fe22d37..de3769f1e 100644
--- a/lib/http.h
+++ b/lib/http.h
@@ -69,7 +69,7 @@ CURLcode Curl_add_buffer_send(Curl_send_buffer **inp,
size_t included_body_bytes,
int socketindex);
-CURLcode Curl_add_timecondition(struct Curl_easy *data,
+CURLcode Curl_add_timecondition(const struct connectdata *conn,
Curl_send_buffer *buf);
CURLcode Curl_add_custom_headers(struct connectdata *conn,
bool is_connect,
@@ -82,7 +82,6 @@ CURLcode Curl_http_compile_trailers(struct curl_slist *trailers,
CURLcode Curl_http(struct connectdata *conn, bool *done);
CURLcode Curl_http_done(struct connectdata *, CURLcode, bool premature);
CURLcode Curl_http_connect(struct connectdata *conn, bool *done);
-CURLcode Curl_http_setup_conn(struct connectdata *conn);
/* The following functions are defined in http_chunks.c */
void Curl_httpchunk_init(struct connectdata *conn);
@@ -90,11 +89,9 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn, char *datap,
ssize_t length, ssize_t *wrote);
/* These functions are in http.c */
-void Curl_http_auth_stage(struct Curl_easy *data, int stage);
CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy,
const char *auth);
CURLcode Curl_http_auth_act(struct connectdata *conn);
-CURLcode Curl_http_perhapsrewind(struct connectdata *conn);
/* If only the PICKNONE bit is set, there has been a round-trip and we
selected to use no auth at all. Ie, we actively select no auth, as opposed
diff --git a/lib/http2.c b/lib/http2.c
index aef16370e..c2a45cded 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -269,7 +269,7 @@ static unsigned int http2_conncheck(struct connectdata *check,
return ret_val;
}
-/* called from Curl_http_setup_conn */
+/* called from http_setup_conn */
void Curl_http2_setup_req(struct Curl_easy *data)
{
struct HTTP *http = data->req.protop;
@@ -286,7 +286,7 @@ void Curl_http2_setup_req(struct Curl_easy *data)
http->memlen = 0;
}
-/* called from Curl_http_setup_conn */
+/* called from http_setup_conn */
void Curl_http2_setup_conn(struct connectdata *conn)
{
conn->proto.httpc.settings.max_concurrent_streams =
@@ -1758,11 +1758,10 @@ static ssize_t http2_recv(struct connectdata *conn, int sockindex,
return retlen;
}
- /* If stream is closed, return 0 to signal the http routine to close
+ /* If this stream is closed, return 0 to signal the http routine to close
the connection */
- if(stream->closed) {
- return http2_handle_stream_close(conn, data, stream, err);
- }
+ if(stream->closed)
+ return 0;
*err = CURLE_AGAIN;
H2BUGF(infof(data, "http2_recv returns AGAIN for stream %u\n",
stream->stream_id));
@@ -1881,7 +1880,11 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex,
are going to send or sending request body in DATA frame */
stream->upload_mem = mem;
stream->upload_len = len;
- nghttp2_session_resume_data(h2, stream->stream_id);
+ rv = nghttp2_session_resume_data(h2, stream->stream_id);
+ if(nghttp2_is_fatal(rv)) {
+ *err = CURLE_SEND_ERROR;
+ return -1;
+ }
rv = h2_session_send(conn->data, h2);
if(nghttp2_is_fatal(rv)) {
*err = CURLE_SEND_ERROR;
@@ -2415,8 +2418,6 @@ bool Curl_h2_http_1_1_error(struct connectdata *conn)
#else /* !USE_NGHTTP2 */
/* Satisfy external references even if http2 is not compiled in. */
-
-#define CURL_DISABLE_TYPECHECK
#include <gnurl/curl.h>
char *curl_pushheader_bynum(struct curl_pushheaders *h, size_t num)
diff --git a/lib/http2.h b/lib/http2.h
index db6217b11..93058ccb3 100644
--- a/lib/http2.h
+++ b/lib/http2.h
@@ -42,13 +42,12 @@ const char *Curl_http2_strerror(uint32_t err);
CURLcode Curl_http2_init(struct connectdata *conn);
void Curl_http2_init_state(struct UrlState *state);
void Curl_http2_init_userset(struct UserDefined *set);
-CURLcode Curl_http2_send_request(struct connectdata *conn);
CURLcode Curl_http2_request_upgrade(Curl_send_buffer *req,
struct connectdata *conn);
CURLcode Curl_http2_setup(struct connectdata *conn);
CURLcode Curl_http2_switched(struct connectdata *conn,
const char *data, size_t nread);
-/* called from Curl_http_setup_conn */
+/* called from http_setup_conn */
void Curl_http2_setup_conn(struct connectdata *conn);
void Curl_http2_setup_req(struct Curl_easy *data);
void Curl_http2_done(struct connectdata *conn, bool premature);
@@ -63,7 +62,6 @@ void Curl_http2_cleanup_dependencies(struct Curl_easy *data);
/* returns true if the HTTP/2 stream error was HTTP_1_1_REQUIRED */
bool Curl_h2_http_1_1_error(struct connectdata *conn);
#else /* USE_NGHTTP2 */
-#define Curl_http2_send_request(x) CURLE_UNSUPPORTED_PROTOCOL
#define Curl_http2_request_upgrade(x,y) CURLE_UNSUPPORTED_PROTOCOL
#define Curl_http2_setup(x) CURLE_UNSUPPORTED_PROTOCOL
#define Curl_http2_switched(x,y,z) CURLE_UNSUPPORTED_PROTOCOL
diff --git a/lib/imap.c b/lib/imap.c
index b5236ebe4..14ea9ae57 100644
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -444,10 +444,8 @@ static CURLcode imap_perform_capability(struct connectdata *conn)
*/
static CURLcode imap_perform_starttls(struct connectdata *conn)
{
- CURLcode result = CURLE_OK;
-
/* Send the STARTTLS command */
- result = imap_sendf(conn, "STARTTLS");
+ CURLcode result = imap_sendf(conn, "STARTTLS");
if(!result)
state(conn, IMAP_STARTTLS);
@@ -463,11 +461,10 @@ static CURLcode imap_perform_starttls(struct connectdata *conn)
*/
static CURLcode imap_perform_upgrade_tls(struct connectdata *conn)
{
- CURLcode result = CURLE_OK;
- struct imap_conn *imapc = &conn->proto.imapc;
-
/* Start the SSL connection */
- result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, &imapc->ssldone);
+ struct imap_conn *imapc = &conn->proto.imapc;
+ CURLcode result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET,
+ &imapc->ssldone);
if(!result) {
if(imapc->state != IMAP_UPGRADETLS)
@@ -826,10 +823,8 @@ static CURLcode imap_perform_search(struct connectdata *conn)
*/
static CURLcode imap_perform_logout(struct connectdata *conn)
{
- CURLcode result = CURLE_OK;
-
/* Send the LOGOUT command */
- result = imap_sendf(conn, "LOGOUT");
+ CURLcode result = imap_sendf(conn, "LOGOUT");
if(!result)
state(conn, IMAP_LOGOUT);
diff --git a/lib/krb5.c b/lib/krb5.c
index e51dcd1c6..5a47d481b 100644
--- a/lib/krb5.c
+++ b/lib/krb5.c
@@ -1,6 +1,6 @@
/* GSSAPI/krb5 support for FTP - loosely based on old krb4.c
*
- * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* Copyright (c) 2004 - 2017 Daniel Stenberg
* All rights reserved.
@@ -320,10 +320,8 @@ static void krb5_end(void *app_data)
OM_uint32 min;
gss_ctx_id_t *context = app_data;
if(*context != GSS_C_NO_CONTEXT) {
-#ifdef DEBUGBUILD
- OM_uint32 maj =
-#endif
- gss_delete_sec_context(&min, context, GSS_C_NO_BUFFER);
+ OM_uint32 maj = gss_delete_sec_context(&min, context, GSS_C_NO_BUFFER);
+ (void)maj;
DEBUGASSERT(maj == GSS_S_COMPLETE);
}
}
diff --git a/lib/multi.c b/lib/multi.c
index 9ea4c8278..e5761fb7c 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -71,8 +71,6 @@
static CURLMcode singlesocket(struct Curl_multi *multi,
struct Curl_easy *data);
-static int update_timer(struct Curl_multi *multi);
-
static CURLMcode add_next_timeout(struct curltime now,
struct Curl_multi *multi,
struct Curl_easy *d);
@@ -189,7 +187,7 @@ static void mstate(struct Curl_easy *data, CURLMstate state
*/
struct Curl_sh_entry {
- struct curl_llist list; /* list of easy handles using this socket */
+ struct curl_hash transfers; /* hash of transfers using this socket */
unsigned int action; /* what combined action READ/WRITE this socket waits
for */
void *socketp; /* settable by users with curl_multi_assign() */
@@ -206,12 +204,36 @@ struct Curl_sh_entry {
static struct Curl_sh_entry *sh_getentry(struct curl_hash *sh,
curl_socket_t s)
{
- if(s != CURL_SOCKET_BAD)
+ if(s != CURL_SOCKET_BAD) {
/* only look for proper sockets */
return Curl_hash_pick(sh, (char *)&s, sizeof(curl_socket_t));
+ }
return NULL;
}
+#define TRHASH_SIZE 13
+static size_t trhash(void *key, size_t key_length, size_t slots_num)
+{
+ size_t keyval = (size_t)*(struct Curl_easy **)key;
+ (void) key_length;
+
+ return (keyval % slots_num);
+}
+
+static size_t trhash_compare(void *k1, size_t k1_len, void *k2, size_t k2_len)
+{
+ (void)k1_len;
+ (void)k2_len;
+
+ return *(struct Curl_easy **)k1 == *(struct Curl_easy **)k2;
+}
+
+static void trhash_dtor(void *nada)
+{
+ (void)nada;
+}
+
+
/* make sure this socket is present in the hash for this handle */
static struct Curl_sh_entry *sh_addentry(struct curl_hash *sh,
curl_socket_t s)
@@ -219,16 +241,21 @@ static struct Curl_sh_entry *sh_addentry(struct curl_hash *sh,
struct Curl_sh_entry *there = sh_getentry(sh, s);
struct Curl_sh_entry *check;
- if(there)
+ if(there) {
/* it is present, return fine */
return there;
+ }
/* not present, add it */
check = calloc(1, sizeof(struct Curl_sh_entry));
if(!check)
return NULL; /* major failure */
- Curl_llist_init(&check->list, NULL);
+ if(Curl_hash_init(&check->transfers, TRHASH_SIZE, trhash,
+ trhash_compare, trhash_dtor)) {
+ free(check);
+ return NULL;
+ }
/* make/add new hash entry */
if(!Curl_hash_add(sh, (char *)&s, sizeof(curl_socket_t), check)) {
@@ -244,14 +271,8 @@ static struct Curl_sh_entry *sh_addentry(struct curl_hash *sh,
static void sh_delentry(struct Curl_sh_entry *entry,
struct curl_hash *sh, curl_socket_t s)
{
- struct curl_llist *list = &entry->list;
- struct curl_llist_element *e;
- /* clear the list of transfers first */
- for(e = list->head; e; e = list->head) {
- struct Curl_easy *dta = e->ptr;
- Curl_llist_remove(&entry->list, e, NULL);
- dta->sh_entry = NULL;
- }
+ Curl_hash_destroy(&entry->transfers);
+
/* We remove the hash entry. This will end up in a call to
sh_freeentry(). */
Curl_hash_delete(sh, (char *)&s, sizeof(curl_socket_t));
@@ -320,17 +341,6 @@ static CURLMcode multi_addmsg(struct Curl_multi *multi,
return CURLM_OK;
}
-/*
- * multi_freeamsg()
- *
- * Callback used by the llist system when a single list entry is destroyed.
- */
-static void multi_freeamsg(void *a, void *b)
-{
- (void)a;
- (void)b;
-}
-
struct Curl_multi *Curl_multi_handle(int hashsize, /* socket hash */
int chashsize) /* connection hash */
{
@@ -350,8 +360,10 @@ struct Curl_multi *Curl_multi_handle(int hashsize, /* socket hash */
if(Curl_conncache_init(&multi->conn_cache, chashsize))
goto error;
- Curl_llist_init(&multi->msglist, multi_freeamsg);
- Curl_llist_init(&multi->pending, multi_freeamsg);
+ Curl_llist_init(&multi->msglist, NULL);
+ Curl_llist_init(&multi->pending, NULL);
+
+ multi->multiplexing = CURLPIPE_MULTIPLEX;
/* -1 means it not set by user, use the default value */
multi->maxconnects = -1;
@@ -462,16 +474,16 @@ CURLMcode curl_multi_add_handle(struct Curl_multi *multi,
/* increase the alive-counter */
multi->num_alive++;
- /* A somewhat crude work-around for a little glitch in update_timer() that
- happens if the lastcall time is set to the same time when the handle is
- removed as when the next handle is added, as then the check in
- update_timer() that prevents calling the application multiple times with
- the same timer info will not trigger and then the new handle's timeout
- will not be notified to the app.
+ /* A somewhat crude work-around for a little glitch in Curl_update_timer()
+ that happens if the lastcall time is set to the same time when the handle
+ is removed as when the next handle is added, as then the check in
+ Curl_update_timer() that prevents calling the application multiple times
+ with the same timer info will not trigger and then the new handle's
+ timeout will not be notified to the app.
The work-around is thus simply to clear the 'lastcall' variable to force
- update_timer() to always trigger a callback to the app when a new easy
- handle is added */
+ Curl_update_timer() to always trigger a callback to the app when a new
+ easy handle is added */
memset(&multi->timer_lastcall, 0, sizeof(multi->timer_lastcall));
/* The closure handle only ever has default timeouts set. To improve the
@@ -484,7 +496,7 @@ CURLMcode curl_multi_add_handle(struct Curl_multi *multi,
data->state.conn_cache->closure_handle->set.no_signal =
data->set.no_signal;
- update_timer(multi);
+ Curl_update_timer(multi);
return CURLM_OK;
}
@@ -774,7 +786,7 @@ CURLMcode curl_multi_remove_handle(struct Curl_multi *multi,
We do not touch the easy handle here! */
multi->num_easy--; /* one less to care about now */
- update_timer(multi);
+ Curl_update_timer(multi);
return CURLM_OK;
}
@@ -789,11 +801,6 @@ bool Curl_multiplex_wanted(const struct Curl_multi *multi)
static void detach_connnection(struct Curl_easy *data)
{
struct connectdata *conn = data->conn;
- if(data->sh_entry) {
- /* still listed as a user of a socket hash entry, remove it */
- Curl_llist_remove(&data->sh_entry->list, &data->sh_queue, NULL);
- data->sh_entry = NULL;
- }
if(conn)
Curl_llist_remove(&conn->easyq, &data->conn_queue, NULL);
data->conn = NULL;
@@ -1266,6 +1273,9 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
bool stream_error = FALSE;
rc = CURLM_OK;
+ DEBUGASSERT((data->mstate <= CURLM_STATE_CONNECT) ||
+ (data->mstate >= CURLM_STATE_DONE) ||
+ data->conn);
if(!data->conn &&
data->mstate > CURLM_STATE_CONNECT &&
data->mstate < CURLM_STATE_DONE) {
@@ -2107,7 +2117,7 @@ CURLMcode curl_multi_perform(struct Curl_multi *multi, int *running_handles)
*running_handles = multi->num_alive;
if(CURLM_OK >= returncode)
- update_timer(multi);
+ Curl_update_timer(multi);
return returncode;
}
@@ -2287,30 +2297,22 @@ static CURLMcode singlesocket(struct Curl_multi *multi,
if(action & CURL_POLL_OUT)
entry->writers++;
- /* add 'data' to the list of handles using this socket! */
- Curl_llist_insert_next(&entry->list, entry->list.tail,
- data, &data->sh_queue);
- data->sh_entry = entry;
+ /* add 'data' to the transfer hash on this socket! */
+ if(!Curl_hash_add(&entry->transfers, (char *)&data, /* hash key */
+ sizeof(struct Curl_easy *), data))
+ return CURLM_OUT_OF_MEMORY;
}
comboaction = (entry->writers? CURL_POLL_OUT : 0) |
(entry->readers ? CURL_POLL_IN : 0);
-#if 0
- infof(data, "--- Comboaction: %u readers %u writers\n",
- entry->readers, entry->writers);
-#endif
- /* check if it has the same action set */
- if(entry->action == comboaction)
+ /* socket existed before and has the same action set as before */
+ if(sincebefore && (entry->action == comboaction))
/* same, continue */
continue;
- /* we know (entry != NULL) at this point, see the logic above */
if(multi->socket_cb)
- multi->socket_cb(data,
- s,
- comboaction,
- multi->socket_userp,
+ multi->socket_cb(data, s, comboaction, multi->socket_userp,
entry->socketp);
entry->action = comboaction; /* store the current action state */
@@ -2352,6 +2354,13 @@ static CURLMcode singlesocket(struct Curl_multi *multi,
entry->socketp);
sh_delentry(entry, &multi->sockhash, s);
}
+ else {
+ /* still users, but remove this handle as a user of this socket */
+ if(Curl_hash_delete(&entry->transfers, (char *)&data,
+ sizeof(struct Curl_easy *))) {
+ DEBUGASSERT(NULL);
+ }
+ }
}
} /* for loop over numsocks */
@@ -2495,19 +2504,14 @@ static CURLMcode multi_socket(struct Curl_multi *multi,
and just move on. */
;
else {
- struct curl_llist *list = &entry->list;
- struct curl_llist_element *e;
- struct curl_llist_element *enext;
- SIGPIPE_VARIABLE(pipe_st);
+ struct curl_hash_iterator iter;
+ struct curl_hash_element *he;
/* the socket can be shared by many transfers, iterate */
- for(e = list->head; e; e = enext) {
- data = (struct Curl_easy *)e->ptr;
-
- /* assign 'enext' here since the 'e' struct might be cleared
- further down in the singlesocket() call */
- enext = e->next;
-
+ Curl_hash_start_iterate(&entry->transfers, &iter);
+ for(he = Curl_hash_next_element(&iter); he;
+ he = Curl_hash_next_element(&iter)) {
+ data = (struct Curl_easy *)he->ptr;
DEBUGASSERT(data);
DEBUGASSERT(data->magic == CURLEASY_MAGIC_NUMBER);
@@ -2515,21 +2519,7 @@ static CURLMcode multi_socket(struct Curl_multi *multi,
/* set socket event bitmask if they're not locked */
data->conn->cselect_bits = ev_bitmask;
- sigpipe_ignore(data, &pipe_st);
- result = multi_runsingle(multi, now, data);
- sigpipe_restore(&pipe_st);
-
- if(data->conn && !(data->conn->handler->flags & PROTOPT_DIRLOCK))
- /* clear the bitmask only if not locked */
- data->conn->cselect_bits = 0;
-
- if(CURLM_OK >= result) {
- /* get the socket(s) and check if the state has been changed since
- last */
- result = singlesocket(multi, data);
- if(result)
- return result;
- }
+ Curl_expire(data, 0, EXPIRE_RUN_NOW);
}
/* Now we fall-through and do the timer-based stuff, since we don't want
@@ -2544,9 +2534,10 @@ static CURLMcode multi_socket(struct Curl_multi *multi,
}
else {
/* Asked to run due to time-out. Clear the 'lastcall' variable to force
- update_timer() to trigger a callback to the app again even if the same
- timeout is still the one to run after this call. That handles the case
- when the application asks libcurl to run the timeout prematurely. */
+ Curl_update_timer() to trigger a callback to the app again even if the
+ same timeout is still the one to run after this call. That handles the
+ case when the application asks libcurl to run the timeout
+ prematurely. */
memset(&multi->timer_lastcall, 0, sizeof(multi->timer_lastcall));
}
@@ -2664,7 +2655,7 @@ CURLMcode curl_multi_socket(struct Curl_multi *multi, curl_socket_t s,
return CURLM_RECURSIVE_API_CALL;
result = multi_socket(multi, FALSE, s, 0, running_handles);
if(CURLM_OK >= result)
- update_timer(multi);
+ Curl_update_timer(multi);
return result;
}
@@ -2676,7 +2667,7 @@ CURLMcode curl_multi_socket_action(struct Curl_multi *multi, curl_socket_t s,
return CURLM_RECURSIVE_API_CALL;
result = multi_socket(multi, FALSE, s, ev_bitmask, running_handles);
if(CURLM_OK >= result)
- update_timer(multi);
+ Curl_update_timer(multi);
return result;
}
@@ -2688,7 +2679,7 @@ CURLMcode curl_multi_socket_all(struct Curl_multi *multi, int *running_handles)
return CURLM_RECURSIVE_API_CALL;
result = multi_socket(multi, TRUE, CURL_SOCKET_BAD, 0, running_handles);
if(CURLM_OK >= result)
- update_timer(multi);
+ Curl_update_timer(multi);
return result;
}
@@ -2748,14 +2739,14 @@ CURLMcode curl_multi_timeout(struct Curl_multi *multi,
* Tell the application it should update its timers, if it subscribes to the
* update timer callback.
*/
-static int update_timer(struct Curl_multi *multi)
+void Curl_update_timer(struct Curl_multi *multi)
{
long timeout_ms;
if(!multi->timer_cb)
- return 0;
+ return;
if(multi_timeout(multi, &timeout_ms)) {
- return -1;
+ return;
}
if(timeout_ms < 0) {
static const struct curltime none = {0, 0};
@@ -2763,9 +2754,10 @@ static int update_timer(struct Curl_multi *multi)
multi->timer_lastcall = none;
/* there's no timeout now but there was one previously, tell the app to
disable it */
- return multi->timer_cb(multi, -1, multi->timer_userp);
+ multi->timer_cb(multi, -1, multi->timer_userp);
+ return;
}
- return 0;
+ return;
}
/* When multi_timeout() is done, multi->timetree points to the node with the
@@ -2773,11 +2765,11 @@ static int update_timer(struct Curl_multi *multi)
* if this is the same (fixed) time as we got in a previous call and then
* avoid calling the callback again. */
if(Curl_splaycomparekeys(multi->timetree->key, multi->timer_lastcall) == 0)
- return 0;
+ return;
multi->timer_lastcall = multi->timetree->key;
- return multi->timer_cb(multi, timeout_ms, multi->timer_userp);
+ multi->timer_cb(multi, timeout_ms, multi->timer_userp);
}
/*
diff --git a/lib/multiif.h b/lib/multiif.h
index e8a5e7062..a64455867 100644
--- a/lib/multiif.h
+++ b/lib/multiif.h
@@ -30,7 +30,7 @@ void Curl_updatesocket(struct Curl_easy *data);
void Curl_expire(struct Curl_easy *data, time_t milli, expire_id);
void Curl_expire_clear(struct Curl_easy *data);
void Curl_expire_done(struct Curl_easy *data, expire_id id);
-void Curl_detach_connnection(struct Curl_easy *data);
+void Curl_update_timer(struct Curl_multi *multi);
void Curl_attach_connnection(struct Curl_easy *data,
struct connectdata *conn);
bool Curl_multiplex_wanted(const struct Curl_multi *multi);
diff --git a/lib/netrc.c b/lib/netrc.c
index e32e062d6..a9722df2f 100644
--- a/lib/netrc.c
+++ b/lib/netrc.c
@@ -89,7 +89,7 @@ int Curl_parsenetrc(const char *host,
&& pw_res) {
home = strdup(pw.pw_dir);
if(!home)
- return CURLE_OUT_OF_MEMORY;
+ return -1;
home_alloc = TRUE;
}
#elif defined(HAVE_GETPWUID) && defined(HAVE_GETEUID)
diff --git a/lib/pop3.c b/lib/pop3.c
index ad3087e58..e06cda1ca 100644
--- a/lib/pop3.c
+++ b/lib/pop3.c
@@ -339,10 +339,8 @@ static CURLcode pop3_perform_capa(struct connectdata *conn)
*/
static CURLcode pop3_perform_starttls(struct connectdata *conn)
{
- CURLcode result = CURLE_OK;
-
/* Send the STLS command */
- result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "STLS");
+ CURLcode result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "STLS");
if(!result)
state(conn, POP3_STARTTLS);
@@ -358,11 +356,10 @@ static CURLcode pop3_perform_starttls(struct connectdata *conn)
*/
static CURLcode pop3_perform_upgrade_tls(struct connectdata *conn)
{
- CURLcode result = CURLE_OK;
- struct pop3_conn *pop3c = &conn->proto.pop3c;
-
/* Start the SSL connection */
- result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, &pop3c->ssldone);
+ struct pop3_conn *pop3c = &conn->proto.pop3c;
+ CURLcode result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET,
+ &pop3c->ssldone);
if(!result) {
if(pop3c->state != POP3_UPGRADETLS)
@@ -593,10 +590,8 @@ static CURLcode pop3_perform_command(struct connectdata *conn)
*/
static CURLcode pop3_perform_quit(struct connectdata *conn)
{
- CURLcode result = CURLE_OK;
-
/* Send the QUIT command */
- result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "QUIT");
+ CURLcode result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "QUIT");
if(!result)
state(conn, POP3_QUIT);
diff --git a/lib/progress.c b/lib/progress.c
index fe9929bb9..9f953ef5a 100644
--- a/lib/progress.c
+++ b/lib/progress.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -31,6 +31,7 @@
/* check rate limits within this many recent milliseconds, at minimum. */
#define MIN_RATE_LIMIT_PERIOD 3000
+#ifndef CURL_DISABLE_PROGRESS_METER
/* Provide a string that is 2 + 1 + 2 + 1 + 2 = 8 letters long (plus the zero
byte) */
static void time2str(char *r, curl_off_t seconds)
@@ -119,6 +120,7 @@ static char *max5data(curl_off_t bytes, char *max5)
return max5;
}
+#endif
/*
@@ -362,22 +364,15 @@ void Curl_pgrsSetUploadSize(struct Curl_easy *data, curl_off_t size)
}
}
-/*
- * Curl_pgrsUpdate() returns 0 for success or the value returned by the
- * progress callback!
- */
-int Curl_pgrsUpdate(struct connectdata *conn)
+/* returns TRUE if it's time to show the progress meter */
+static bool progress_calc(struct connectdata *conn, struct curltime now)
{
- struct curltime now;
curl_off_t timespent;
curl_off_t timespent_ms; /* milliseconds */
struct Curl_easy *data = conn->data;
- int nowindex = data->progress.speeder_c% CURR_TIME;
- bool shownow = FALSE;
curl_off_t dl = data->progress.downloaded;
curl_off_t ul = data->progress.uploaded;
-
- now = Curl_now(); /* what time is it */
+ bool timetoshow = FALSE;
/* The time spent so far (from the start) */
data->progress.timespent = Curl_timediff_us(now, data->progress.start);
@@ -399,9 +394,9 @@ int Curl_pgrsUpdate(struct connectdata *conn)
/* Calculations done at most once a second, unless end is reached */
if(data->progress.lastshow != now.tv_sec) {
int countindex; /* amount of seconds stored in the speeder array */
- shownow = TRUE;
-
+ int nowindex = data->progress.speeder_c% CURR_TIME;
data->progress.lastshow = now.tv_sec;
+ timetoshow = TRUE;
/* Let's do the "current speed" thing, with the dl + ul speeds
combined. Store the speed at entry 'nowindex'. */
@@ -434,8 +429,7 @@ int Curl_pgrsUpdate(struct connectdata *conn)
data->progress.speeder_c%CURR_TIME:0;
/* Figure out the exact time for the time span */
- span_ms = Curl_timediff(now,
- data->progress.speeder_time[checkindex]);
+ span_ms = Curl_timediff(now, data->progress.speeder_time[checkindex]);
if(0 == span_ms)
span_ms = 1; /* at least one millisecond MUST have passed */
@@ -461,22 +455,132 @@ int Curl_pgrsUpdate(struct connectdata *conn)
data->progress.ulspeed + data->progress.dlspeed;
} /* Calculations end */
+ return timetoshow;
+}
+
+#ifndef CURL_DISABLE_PROGRESS_METER
+static void progress_meter(struct connectdata *conn)
+{
+ struct Curl_easy *data = conn->data;
+ char max5[6][10];
+ curl_off_t dlpercen = 0;
+ curl_off_t ulpercen = 0;
+ curl_off_t total_percen = 0;
+ curl_off_t total_transfer;
+ curl_off_t total_expected_transfer;
+ char time_left[10];
+ char time_total[10];
+ char time_spent[10];
+ curl_off_t ulestimate = 0;
+ curl_off_t dlestimate = 0;
+ curl_off_t total_estimate;
+ curl_off_t timespent =
+ (curl_off_t)data->progress.timespent/1000000; /* seconds */
+
+ if(!(data->progress.flags & PGRS_HEADERS_OUT)) {
+ if(data->state.resume_from) {
+ fprintf(data->set.err,
+ "** Resuming transfer from byte position %"
+ CURL_FORMAT_CURL_OFF_T "\n", data->state.resume_from);
+ }
+ fprintf(data->set.err,
+ " %% Total %% Received %% Xferd Average Speed "
+ "Time Time Time Current\n"
+ " Dload Upload "
+ "Total Spent Left Speed\n");
+ data->progress.flags |= PGRS_HEADERS_OUT; /* headers are shown */
+ }
+
+ /* Figure out the estimated time of arrival for the upload */
+ if((data->progress.flags & PGRS_UL_SIZE_KNOWN) &&
+ (data->progress.ulspeed > CURL_OFF_T_C(0))) {
+ ulestimate = data->progress.size_ul / data->progress.ulspeed;
+
+ if(data->progress.size_ul > CURL_OFF_T_C(10000))
+ ulpercen = data->progress.uploaded /
+ (data->progress.size_ul/CURL_OFF_T_C(100));
+ else if(data->progress.size_ul > CURL_OFF_T_C(0))
+ ulpercen = (data->progress.uploaded*100) /
+ data->progress.size_ul;
+ }
+
+ /* ... and the download */
+ if((data->progress.flags & PGRS_DL_SIZE_KNOWN) &&
+ (data->progress.dlspeed > CURL_OFF_T_C(0))) {
+ dlestimate = data->progress.size_dl / data->progress.dlspeed;
+
+ if(data->progress.size_dl > CURL_OFF_T_C(10000))
+ dlpercen = data->progress.downloaded /
+ (data->progress.size_dl/CURL_OFF_T_C(100));
+ else if(data->progress.size_dl > CURL_OFF_T_C(0))
+ dlpercen = (data->progress.downloaded*100) /
+ data->progress.size_dl;
+ }
+
+ /* Now figure out which of them is slower and use that one for the
+ total estimate! */
+ total_estimate = ulestimate>dlestimate?ulestimate:dlestimate;
+
+ /* create the three time strings */
+ time2str(time_left, total_estimate > 0?(total_estimate - timespent):0);
+ time2str(time_total, total_estimate);
+ time2str(time_spent, timespent);
+
+ /* Get the total amount of data expected to get transferred */
+ total_expected_transfer =
+ ((data->progress.flags & PGRS_UL_SIZE_KNOWN)?
+ data->progress.size_ul:data->progress.uploaded)+
+ ((data->progress.flags & PGRS_DL_SIZE_KNOWN)?
+ data->progress.size_dl:data->progress.downloaded);
+
+ /* We have transferred this much so far */
+ total_transfer = data->progress.downloaded + data->progress.uploaded;
+
+ /* Get the percentage of data transferred so far */
+ if(total_expected_transfer > CURL_OFF_T_C(10000))
+ total_percen = total_transfer /
+ (total_expected_transfer/CURL_OFF_T_C(100));
+ else if(total_expected_transfer > CURL_OFF_T_C(0))
+ total_percen = (total_transfer*100) / total_expected_transfer;
+
+ fprintf(data->set.err,
+ "\r"
+ "%3" CURL_FORMAT_CURL_OFF_T " %s "
+ "%3" CURL_FORMAT_CURL_OFF_T " %s "
+ "%3" CURL_FORMAT_CURL_OFF_T " %s %s %s %s %s %s %s",
+ total_percen, /* 3 letters */ /* total % */
+ max5data(total_expected_transfer, max5[2]), /* total size */
+ dlpercen, /* 3 letters */ /* rcvd % */
+ max5data(data->progress.downloaded, max5[0]), /* rcvd size */
+ ulpercen, /* 3 letters */ /* xfer % */
+ max5data(data->progress.uploaded, max5[1]), /* xfer size */
+ max5data(data->progress.dlspeed, max5[3]), /* avrg dl speed */
+ max5data(data->progress.ulspeed, max5[4]), /* avrg ul speed */
+ time_total, /* 8 letters */ /* total time */
+ time_spent, /* 8 letters */ /* time spent */
+ time_left, /* 8 letters */ /* time left */
+ max5data(data->progress.current_speed, max5[5])
+ );
+
+ /* we flush the output stream to make it appear as soon as possible */
+ fflush(data->set.err);
+}
+#else
+ /* progress bar disabled */
+#define progress_meter(x) Curl_nop_stmt
+#endif
- if(!(data->progress.flags & PGRS_HIDE)) {
- /* progress meter has not been shut off */
- char max5[6][10];
- curl_off_t dlpercen = 0;
- curl_off_t ulpercen = 0;
- curl_off_t total_percen = 0;
- curl_off_t total_transfer;
- curl_off_t total_expected_transfer;
- char time_left[10];
- char time_total[10];
- char time_spent[10];
- curl_off_t ulestimate = 0;
- curl_off_t dlestimate = 0;
- curl_off_t total_estimate;
+/*
+ * Curl_pgrsUpdate() returns 0 for success or the value returned by the
+ * progress callback!
+ */
+int Curl_pgrsUpdate(struct connectdata *conn)
+{
+ struct Curl_easy *data = conn->data;
+ struct curltime now = Curl_now(); /* what time is it */
+ bool showprogress = progress_calc(conn, now);
+ if(!(data->progress.flags & PGRS_HIDE)) {
if(data->set.fxferinfo) {
int result;
/* There's a callback set, call that */
@@ -506,102 +610,9 @@ int Curl_pgrsUpdate(struct connectdata *conn)
return result;
}
- if(!shownow)
- /* only show the internal progress meter once per second */
- return 0;
-
- /* If there's no external callback set, use internal code to show
- progress */
-
- if(!(data->progress.flags & PGRS_HEADERS_OUT)) {
- if(data->state.resume_from) {
- fprintf(data->set.err,
- "** Resuming transfer from byte position %"
- CURL_FORMAT_CURL_OFF_T "\n", data->state.resume_from);
- }
- fprintf(data->set.err,
- " %% Total %% Received %% Xferd Average Speed "
- "Time Time Time Current\n"
- " Dload Upload "
- "Total Spent Left Speed\n");
- data->progress.flags |= PGRS_HEADERS_OUT; /* headers are shown */
- }
-
- /* Figure out the estimated time of arrival for the upload */
- if((data->progress.flags & PGRS_UL_SIZE_KNOWN) &&
- (data->progress.ulspeed > CURL_OFF_T_C(0))) {
- ulestimate = data->progress.size_ul / data->progress.ulspeed;
-
- if(data->progress.size_ul > CURL_OFF_T_C(10000))
- ulpercen = data->progress.uploaded /
- (data->progress.size_ul/CURL_OFF_T_C(100));
- else if(data->progress.size_ul > CURL_OFF_T_C(0))
- ulpercen = (data->progress.uploaded*100) /
- data->progress.size_ul;
- }
-
- /* ... and the download */
- if((data->progress.flags & PGRS_DL_SIZE_KNOWN) &&
- (data->progress.dlspeed > CURL_OFF_T_C(0))) {
- dlestimate = data->progress.size_dl / data->progress.dlspeed;
-
- if(data->progress.size_dl > CURL_OFF_T_C(10000))
- dlpercen = data->progress.downloaded /
- (data->progress.size_dl/CURL_OFF_T_C(100));
- else if(data->progress.size_dl > CURL_OFF_T_C(0))
- dlpercen = (data->progress.downloaded*100) /
- data->progress.size_dl;
- }
-
- /* Now figure out which of them is slower and use that one for the
- total estimate! */
- total_estimate = ulestimate>dlestimate?ulestimate:dlestimate;
-
- /* create the three time strings */
- time2str(time_left, total_estimate > 0?(total_estimate - timespent):0);
- time2str(time_total, total_estimate);
- time2str(time_spent, timespent);
-
- /* Get the total amount of data expected to get transferred */
- total_expected_transfer =
- ((data->progress.flags & PGRS_UL_SIZE_KNOWN)?
- data->progress.size_ul:data->progress.uploaded)+
- ((data->progress.flags & PGRS_DL_SIZE_KNOWN)?
- data->progress.size_dl:data->progress.downloaded);
-
- /* We have transferred this much so far */
- total_transfer = data->progress.downloaded + data->progress.uploaded;
-
- /* Get the percentage of data transferred so far */
- if(total_expected_transfer > CURL_OFF_T_C(10000))
- total_percen = total_transfer /
- (total_expected_transfer/CURL_OFF_T_C(100));
- else if(total_expected_transfer > CURL_OFF_T_C(0))
- total_percen = (total_transfer*100) / total_expected_transfer;
-
- fprintf(data->set.err,
- "\r"
- "%3" CURL_FORMAT_CURL_OFF_T " %s "
- "%3" CURL_FORMAT_CURL_OFF_T " %s "
- "%3" CURL_FORMAT_CURL_OFF_T " %s %s %s %s %s %s %s",
- total_percen, /* 3 letters */ /* total % */
- max5data(total_expected_transfer, max5[2]), /* total size */
- dlpercen, /* 3 letters */ /* rcvd % */
- max5data(data->progress.downloaded, max5[0]), /* rcvd size */
- ulpercen, /* 3 letters */ /* xfer % */
- max5data(data->progress.uploaded, max5[1]), /* xfer size */
- max5data(data->progress.dlspeed, max5[3]), /* avrg dl speed */
- max5data(data->progress.ulspeed, max5[4]), /* avrg ul speed */
- time_total, /* 8 letters */ /* total time */
- time_spent, /* 8 letters */ /* time spent */
- time_left, /* 8 letters */ /* time left */
- max5data(data->progress.current_speed, max5[5]) /* current speed */
- );
-
- /* we flush the output stream to make it appear as soon as possible */
- fflush(data->set.err);
-
- } /* !(data->progress.flags & PGRS_HIDE) */
+ if(showprogress)
+ progress_meter(conn);
+ }
return 0;
}
diff --git a/lib/rtsp.c b/lib/rtsp.c
index f3f8c6787..abeb61707 100644
--- a/lib/rtsp.c
+++ b/lib/rtsp.c
@@ -491,7 +491,7 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done)
return result;
if((rtspreq == RTSPREQ_SETUP) || (rtspreq == RTSPREQ_DESCRIBE)) {
- result = Curl_add_timecondition(data, req_buffer);
+ result = Curl_add_timecondition(conn, req_buffer);
if(result)
return result;
}
diff --git a/lib/security.c b/lib/security.c
index 82ae5c2cd..550ea2da8 100644
--- a/lib/security.c
+++ b/lib/security.c
@@ -7,7 +7,7 @@
* rewrite to work around the paragraph 2 in the BSD licenses as explained
* below.
*
- * Copyright (c) 1998, 1999, 2017 Kungliga Tekniska Högskolan
+ * Copyright (c) 1998, 1999, 2017 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
*
* Copyright (C) 2001 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
@@ -267,7 +267,7 @@ static ssize_t sec_recv(struct connectdata *conn, int sockindex,
}
/* Send |length| bytes from |from| to the |fd| socket taking care of encoding
- and negociating with the server. |from| can be NULL. */
+ and negotiating with the server. |from| can be NULL. */
static void do_sec_send(struct connectdata *conn, curl_socket_t fd,
const char *from, int length)
{
diff --git a/lib/setopt.c b/lib/setopt.c
index 92cd5b271..1dbf00faf 100644
--- a/lib/setopt.c
+++ b/lib/setopt.c
@@ -119,8 +119,11 @@ static CURLcode setstropt_userpwd(char *option, char **userp, char **passwdp)
#define C_SSLVERSION_VALUE(x) (x & 0xffff)
#define C_SSLVERSION_MAX_VALUE(x) (x & 0xffff0000)
-static CURLcode vsetopt(struct Curl_easy *data, CURLoption option,
- va_list param)
+/*
+ * Do not make Curl_vsetopt() static: it is called from
+ * packages/OS400/ccsidcurl.c.
+ */
+CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
{
char *argptr;
CURLcode result = CURLE_OK;
@@ -2371,8 +2374,7 @@ static CURLcode vsetopt(struct Curl_easy *data, CURLoption option,
case CURLOPT_REDIR_PROTOCOLS:
/* set the bitmask for the protocols that libcurl is allowed to follow to,
as a subset of the CURLOPT_PROTOCOLS ones. That means the protocol needs
- to be set in both bitmasks to be allowed to get redirected to. Defaults
- to all protocols except FILE and SCP. */
+ to be set in both bitmasks to be allowed to get redirected to. */
data->set.redir_protocols = va_arg(param, long);
break;
@@ -2770,7 +2772,7 @@ CURLcode curl_easy_setopt(struct Curl_easy *data, CURLoption tag, ...)
va_start(arg, tag);
- result = vsetopt(data, tag, arg);
+ result = Curl_vsetopt(data, tag, arg);
va_end(arg);
return result;
diff --git a/lib/setopt.h b/lib/setopt.h
index c658e04ae..5e347dd66 100644
--- a/lib/setopt.h
+++ b/lib/setopt.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -23,7 +23,6 @@
***************************************************************************/
CURLcode Curl_setstropt(char **charp, const char *s);
-CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option,
- va_list arg);
+CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list arg);
#endif /* HEADER_CURL_SETOPT_H */
diff --git a/lib/smb.c b/lib/smb.c
index 76c99a230..870244cb7 100644
--- a/lib/smb.c
+++ b/lib/smb.c
@@ -785,6 +785,8 @@ static CURLcode smb_request_state(struct connectdata *conn, bool *done)
case SMB_OPEN:
if(h->status || smbc->got < sizeof(struct smb_nt_create_response)) {
req->result = CURLE_REMOTE_FILE_NOT_FOUND;
+ if(h->status == smb_swap32(SMB_ERR_NOACCESS))
+ req->result = CURLE_REMOTE_ACCESS_DENIED;
next_state = SMB_TREE_DISCONNECT;
break;
}
@@ -957,7 +959,6 @@ static CURLcode smb_do(struct connectdata *conn, bool *done)
static CURLcode smb_parse_url_path(struct connectdata *conn)
{
- CURLcode result = CURLE_OK;
struct Curl_easy *data = conn->data;
struct smb_request *req = data->req.protop;
struct smb_conn *smbc = &conn->proto.smbc;
@@ -965,7 +966,8 @@ static CURLcode smb_parse_url_path(struct connectdata *conn)
char *slash;
/* URL decode the path */
- result = Curl_urldecode(data, data->state.up.path, 0, &path, NULL, TRUE);
+ CURLcode result = Curl_urldecode(data, data->state.up.path, 0, &path, NULL,
+ TRUE);
if(result)
return result;
diff --git a/lib/smtp.c b/lib/smtp.c
index 106bd906f..8ef5a04be 100644
--- a/lib/smtp.c
+++ b/lib/smtp.c
@@ -359,10 +359,8 @@ static CURLcode smtp_perform_helo(struct connectdata *conn)
*/
static CURLcode smtp_perform_starttls(struct connectdata *conn)
{
- CURLcode result = CURLE_OK;
-
/* Send the STARTTLS command */
- result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "STARTTLS");
+ CURLcode result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "STARTTLS");
if(!result)
state(conn, SMTP_STARTTLS);
@@ -378,11 +376,10 @@ static CURLcode smtp_perform_starttls(struct connectdata *conn)
*/
static CURLcode smtp_perform_upgrade_tls(struct connectdata *conn)
{
- CURLcode result = CURLE_OK;
- struct smtp_conn *smtpc = &conn->proto.smtpc;
-
/* Start the SSL connection */
- result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, &smtpc->ssldone);
+ struct smtp_conn *smtpc = &conn->proto.smtpc;
+ CURLcode result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET,
+ &smtpc->ssldone);
if(!result) {
if(smtpc->state != SMTP_UPGRADETLS)
@@ -645,10 +642,8 @@ static CURLcode smtp_perform_rcpt_to(struct connectdata *conn)
*/
static CURLcode smtp_perform_quit(struct connectdata *conn)
{
- CURLcode result = CURLE_OK;
-
/* Send the QUIT command */
- result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "QUIT");
+ CURLcode result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "QUIT");
if(!result)
state(conn, SMTP_QUIT);
diff --git a/lib/splay.h b/lib/splay.h
index 4612ec271..9292f349b 100644
--- a/lib/splay.h
+++ b/lib/splay.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1997 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1997 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -59,10 +59,4 @@ int Curl_splayremovebyaddr(struct Curl_tree *t,
( ((i.tv_usec) < (j.tv_usec)) ? -1 : \
( ((i.tv_usec) > (j.tv_usec)) ? 1 : 0))))
-#ifdef DEBUGBUILD
-void Curl_splayprint(struct Curl_tree * t, int d, char output);
-#else
-#define Curl_splayprint(x,y,z) Curl_nop_stmt
-#endif
-
#endif /* HEADER_CURL_SPLAY_H */
diff --git a/lib/ssh-libssh.c b/lib/ssh-libssh.c
index 42ff56b69..4b6f60491 100644
--- a/lib/ssh-libssh.c
+++ b/lib/ssh-libssh.c
@@ -1968,11 +1968,10 @@ static CURLcode myssh_multi_statemach(struct connectdata *conn,
bool *done)
{
struct ssh_conn *sshc = &conn->proto.sshc;
- CURLcode result = CURLE_OK;
bool block; /* we store the status and use that to provide a ssh_getsock()
implementation */
+ CURLcode result = myssh_statemach_act(conn, &block);
- result = myssh_statemach_act(conn, &block);
*done = (sshc->state == SSH_STOP) ? TRUE : FALSE;
myssh_block2waitfor(conn, block);
diff --git a/lib/system_win32.c b/lib/system_win32.c
index 3804afe55..adc227cfc 100644
--- a/lib/system_win32.c
+++ b/lib/system_win32.c
@@ -367,6 +367,7 @@ bool Curl_verify_windows_version(const unsigned int majorVersion,
*/
HMODULE Curl_load_library(LPCTSTR filename)
{
+#ifndef CURL_WINDOWS_APP
HMODULE hModule = NULL;
LOADLIBRARYEX_FN pLoadLibraryEx = NULL;
@@ -421,8 +422,12 @@ HMODULE Curl_load_library(LPCTSTR filename)
free(path);
}
}
-
return hModule;
+#else
+ /* the Universal Windows Platform (UWP) can't do this */
+ (void)filename;
+ return NULL;
+#endif
}
#endif /* WIN32 */
diff --git a/lib/system_win32.h b/lib/system_win32.h
index c07cf1fb7..d2882fce1 100644
--- a/lib/system_win32.h
+++ b/lib/system_win32.h
@@ -51,8 +51,8 @@ typedef enum {
/* We use our own typedef here since some headers might lack this */
typedef unsigned int(WINAPI *IF_NAMETOINDEX_FN)(const char *);
-/* This is used instread of if_nametoindex if available on Windows */
-IF_NAMETOINDEX_FN Curl_if_nametoindex;
+/* This is used instead of if_nametoindex if available on Windows */
+extern IF_NAMETOINDEX_FN Curl_if_nametoindex;
/* This is used to verify if we are running on a specific windows version */
bool Curl_verify_windows_version(const unsigned int majorVersion,
diff --git a/lib/transfer.c b/lib/transfer.c
index b7c7b9bd1..e10e6c9f9 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -225,7 +225,7 @@ CURLcode Curl_fillreadbuffer(struct connectdata *conn, size_t bytes,
if(data->state.trailers_state == TRAILERS_SENDING) {
/* if we're here then that means that we already sent the last empty chunk
but we didn't send a final CR LF, so we sent 0 CR LF. We then start
- pulling trailing data until we ²have no more at which point we
+ pulling trailing data until we have no more at which point we
simply return to the previous point in the state machine as if
nothing happened.
*/
@@ -937,8 +937,8 @@ static CURLcode readwrite_data(struct Curl_easy *data,
return CURLE_OK;
}
-static CURLcode done_sending(struct connectdata *conn,
- struct SingleRequest *k)
+CURLcode Curl_done_sending(struct connectdata *conn,
+ struct SingleRequest *k)
{
k->keepon &= ~KEEP_SEND; /* we're done writing */
@@ -1046,7 +1046,7 @@ static CURLcode readwrite_upload(struct Curl_easy *data,
break;
}
if(nread <= 0) {
- result = done_sending(conn, k);
+ result = Curl_done_sending(conn, k);
if(result)
return result;
break;
@@ -1164,7 +1164,7 @@ static CURLcode readwrite_upload(struct Curl_easy *data,
k->upload_present = 0; /* no more bytes left */
if(k->upload_done) {
- result = done_sending(conn, k);
+ result = Curl_done_sending(conn, k);
if(result)
return result;
}
diff --git a/lib/transfer.h b/lib/transfer.h
index a9bff6348..da36f19f8 100644
--- a/lib/transfer.h
+++ b/lib/transfer.h
@@ -29,7 +29,6 @@ char *Curl_checkheaders(const struct connectdata *conn,
void Curl_init_CONNECT(struct Curl_easy *data);
CURLcode Curl_pretransfer(struct Curl_easy *data);
-CURLcode Curl_second_connect(struct connectdata *conn);
CURLcode Curl_posttransfer(struct Curl_easy *data);
typedef enum {
@@ -57,6 +56,9 @@ CURLcode Curl_retry_request(struct connectdata *conn, char **url);
bool Curl_meets_timecondition(struct Curl_easy *data, time_t timeofdoc);
CURLcode Curl_get_upload_buffer(struct Curl_easy *data);
+CURLcode Curl_done_sending(struct connectdata *conn,
+ struct SingleRequest *k);
+
/* This sets up a forthcoming transfer */
void
Curl_setup_transfer (struct Curl_easy *data,
diff --git a/lib/url.c b/lib/url.c
index eb22dcc37..2b47b235d 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -488,9 +488,8 @@ CURLcode Curl_init_userdefined(struct Curl_easy *data)
define since we internally only use the lower 16 bits for the passed
in bitmask to not conflict with the private bits */
set->allowed_protocols = CURLPROTO_ALL;
- set->redir_protocols = CURLPROTO_ALL & /* All except FILE, SCP and SMB */
- ~(CURLPROTO_FILE | CURLPROTO_SCP | CURLPROTO_SMB |
- CURLPROTO_SMBS);
+ set->redir_protocols = CURLPROTO_HTTP | CURLPROTO_HTTPS | CURLPROTO_FTP |
+ CURLPROTO_FTPS;
#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
/*
@@ -881,6 +880,26 @@ proxy_info_matches(const struct proxy_info* data,
#define proxy_info_matches(x,y) FALSE
#endif
+/* A connection has to have been idle for a shorter time than 'maxage_conn' to
+ be subject for reuse. The success rate is just too low after this. */
+
+static bool conn_maxage(struct Curl_easy *data,
+ struct connectdata *conn,
+ struct curltime now)
+{
+ if(!conn->data) {
+ timediff_t idletime = Curl_timediff(now, conn->lastused);
+ idletime /= 1000; /* integer seconds is fine */
+
+ if(idletime > data->set.maxage_conn) {
+ infof(data, "Too old connection (%ld seconds), disconnect it\n",
+ idletime);
+ return TRUE;
+ }
+ }
+ return FALSE;
+}
+
/*
* This function checks if the given connection is dead and extracts it from
* the connection cache if so.
@@ -897,7 +916,11 @@ static bool extract_if_dead(struct connectdata *conn,
/* The check for a dead socket makes sense only if the connection isn't in
use */
bool dead;
- if(conn->handler->connection_check) {
+ struct curltime now = Curl_now();
+ if(conn_maxage(data, conn, now)) {
+ dead = TRUE;
+ }
+ else if(conn->handler->connection_check) {
/* The protocol has a special method for checking the state of the
connection. Use it to check if the connection is dead. */
unsigned int state;
@@ -964,25 +987,6 @@ static void prune_dead_connections(struct Curl_easy *data)
}
}
-/* A connection has to have been idle for a shorter time than 'maxage_conn' to
- be subject for reuse. The success rate is just too low after this. */
-
-static bool conn_maxage(struct Curl_easy *data,
- struct connectdata *conn,
- struct curltime now)
-{
- if(!conn->data) {
- timediff_t idletime = Curl_timediff(now, conn->lastused);
- idletime /= 1000; /* integer seconds is fine */
-
- if(idletime/1000 > data->set.maxage_conn) {
- infof(data, "Too old connection (%ld seconds), disconnect it\n",
- idletime);
- return TRUE;
- }
- }
- return FALSE;
-}
/*
* Given one filled in connection struct (named needle), this function should
* detect if there already is one that has all the significant details
@@ -1006,7 +1010,6 @@ ConnectionExists(struct Curl_easy *data,
bool foundPendingCandidate = FALSE;
bool canmultiplex = IsMultiplexingPossible(data, needle);
struct connectbundle *bundle;
- struct curltime now = Curl_now();
const char *hostbundle;
#ifdef USE_NTLM
@@ -1074,12 +1077,6 @@ ConnectionExists(struct Curl_easy *data,
/* connect-only connections will not be reused */
continue;
- if(conn_maxage(data, check, now) || extract_if_dead(check, data)) {
- /* disconnect it */
- (void)Curl_disconnect(data, check, /* dead_connection */TRUE);
- continue;
- }
-
multiplexed = CONN_INUSE(check) &&
(bundle->multiuse == BUNDLE_MULTIPLEX);
@@ -1673,13 +1670,6 @@ static void free_idnconverted_hostname(struct hostname *host)
#endif
}
-static void llist_dtor(void *user, void *element)
-{
- (void)user;
- (void)element;
- /* Do nothing */
-}
-
/*
* Allocate and initialize a new connectdata object.
*/
@@ -1791,7 +1781,7 @@ static struct connectdata *allocate_conn(struct Curl_easy *data)
#endif
/* Initialize the easy handle list */
- Curl_llist_init(&conn->easyq, (curl_llist_dtor) llist_dtor);
+ Curl_llist_init(&conn->easyq, NULL);
#ifdef HAVE_GSSAPI
conn->data_prot = PROT_CLEAR;
diff --git a/lib/url.h b/lib/url.h
index 4db9e8653..7c87432c9 100644
--- a/lib/url.h
+++ b/lib/url.h
@@ -48,8 +48,6 @@ CURLcode Curl_open(struct Curl_easy **curl);
CURLcode Curl_init_userdefined(struct Curl_easy *data);
void Curl_freeset(struct Curl_easy * data);
-/* free the URL pieces */
-void Curl_up_free(struct Curl_easy *data);
CURLcode Curl_uc_to_curlcode(CURLUcode uc);
CURLcode Curl_close(struct Curl_easy *data); /* opposite of curl_open() */
CURLcode Curl_connect(struct Curl_easy *, bool *async, bool *protocol_connect);
@@ -71,7 +69,6 @@ int Curl_doing_getsock(struct connectdata *conn,
CURLcode Curl_parse_login_details(const char *login, const size_t len,
char **userptr, char **passwdptr,
char **optionsptr);
-void Curl_close_connections(struct Curl_easy *data);
CURLcode Curl_upkeep(struct conncache *conn_cache, void *data);
const struct Curl_handler *Curl_builtin_scheme(const char *scheme);
diff --git a/lib/urlapi-int.h b/lib/urlapi-int.h
index 5f059c203..d14d53d97 100644
--- a/lib/urlapi-int.h
+++ b/lib/urlapi-int.h
@@ -26,9 +26,6 @@
#define MAX_SCHEME_LEN 40
bool Curl_is_absolute_url(const char *url, char *scheme, size_t buflen);
-char *Curl_concat_url(const char *base, const char *relurl);
-size_t Curl_strlen_url(const char *url, bool relative);
-void Curl_strcpy_url(char *output, const char *url, bool relative);
#ifdef DEBUGBUILD
CURLUcode Curl_parse_port(struct Curl_URL *u, char *hostname);
diff --git a/lib/urldata.h b/lib/urldata.h
index 7a30134a6..a489ff495 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -1779,8 +1779,6 @@ struct Curl_easy {
struct connectdata *conn;
struct curl_llist_element connect_queue;
- struct curl_llist_element sh_queue; /* list per Curl_sh_entry */
- struct Curl_sh_entry *sh_entry; /* the socket hash this was added to */
struct curl_llist_element conn_queue; /* list per connectdata */
CURLMstate mstate; /* the handle's state */
diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c
index b790e5678..6222a4bcf 100644
--- a/lib/vauth/digest.c
+++ b/lib/vauth/digest.c
@@ -357,7 +357,6 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
const char *service,
char **outptr, size_t *outlen)
{
- CURLcode result = CURLE_OK;
size_t i;
MD5_context *ctxt;
char *response = NULL;
@@ -377,10 +376,12 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
char *spn = NULL;
/* Decode the challenge message */
- result = auth_decode_digest_md5_message(chlg64, nonce, sizeof(nonce),
- realm, sizeof(realm),
- algorithm, sizeof(algorithm),
- qop_options, sizeof(qop_options));
+ CURLcode result = auth_decode_digest_md5_message(chlg64, nonce,
+ sizeof(nonce), realm,
+ sizeof(realm), algorithm,
+ sizeof(algorithm),
+ qop_options,
+ sizeof(qop_options));
if(result)
return result;
diff --git a/lib/vtls/mesalink.c b/lib/vtls/mesalink.c
index 718c282ee..7ca4f0eac 100644
--- a/lib/vtls/mesalink.c
+++ b/lib/vtls/mesalink.c
@@ -265,7 +265,6 @@ mesalink_connect_step2(struct connectdata *conn, int sockindex)
ret = SSL_connect(BACKEND->handle);
if(ret != SSL_SUCCESS) {
- char error_buffer[MESALINK_MAX_ERROR_SZ];
int detail = SSL_get_error(BACKEND->handle, ret);
if(SSL_ERROR_WANT_CONNECT == detail || SSL_ERROR_WANT_READ == detail) {
@@ -273,6 +272,7 @@ mesalink_connect_step2(struct connectdata *conn, int sockindex)
return CURLE_OK;
}
else {
+ char error_buffer[MESALINK_MAX_ERROR_SZ];
failf(data,
"SSL_connect failed with error %d: %s",
detail,
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index 3125f0b70..482fd5e99 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -223,9 +223,12 @@ static const cipher_s cipherlist[] = {
#endif
};
-#ifdef WIN32
+#if defined(WIN32)
static const char *pem_library = "nsspem.dll";
static const char *trust_library = "nssckbi.dll";
+#elif defined(__APPLE__)
+static const char *pem_library = "libnsspem.dylib";
+static const char *trust_library = "libnssckbi.dylib";
#else
static const char *pem_library = "libnsspem.so";
static const char *trust_library = "libnssckbi.so";
@@ -578,17 +581,19 @@ static CURLcode nss_cache_crl(SECItem *crl_der)
/* acquire lock before call of CERT_CacheCRL() and accessing nss_crl_list */
PR_Lock(nss_crllock);
- /* store the CRL item so that we can free it in Curl_nss_cleanup() */
- if(insert_wrapped_ptr(&nss_crl_list, crl_der) != CURLE_OK) {
+ if(SECSuccess != CERT_CacheCRL(db, crl_der)) {
+ /* unable to cache CRL */
SECITEM_FreeItem(crl_der, PR_TRUE);
PR_Unlock(nss_crllock);
- return CURLE_OUT_OF_MEMORY;
+ return CURLE_SSL_CRL_BADFILE;
}
- if(SECSuccess != CERT_CacheCRL(db, crl_der)) {
- /* unable to cache CRL */
+ /* store the CRL item so that we can free it in Curl_nss_cleanup() */
+ if(insert_wrapped_ptr(&nss_crl_list, crl_der) != CURLE_OK) {
+ if(SECSuccess == CERT_UncacheCRL(db, crl_der))
+ SECITEM_FreeItem(crl_der, PR_TRUE);
PR_Unlock(nss_crllock);
- return CURLE_SSL_CRL_BADFILE;
+ return CURLE_OUT_OF_MEMORY;
}
/* we need to clear session cache, so that the CRL could take effect */
@@ -686,7 +691,10 @@ static CURLcode nss_load_key(struct connectdata *conn, int sockindex,
tmp = SECMOD_WaitForAnyTokenEvent(pem_module, 0, 0);
if(tmp)
PK11_FreeSlot(tmp);
- PK11_IsPresent(slot);
+ if(!PK11_IsPresent(slot)) {
+ PK11_FreeSlot(slot);
+ return CURLE_SSL_CERTPROBLEM;
+ }
status = PK11_Authenticate(slot, PR_TRUE, SSL_SET_OPTION(key_passwd));
PK11_FreeSlot(slot);
@@ -1421,7 +1429,7 @@ static int Curl_nss_init(void)
{
/* curl_global_init() is not thread-safe so this test is ok */
if(nss_initlock == NULL) {
- PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 256);
+ PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
nss_initlock = PR_NewLock();
nss_crllock = PR_NewLock();
nss_findslot_lock = PR_NewLock();
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 85e9be616..fb9f27123 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -75,7 +75,7 @@
#endif
#if (OPENSSL_VERSION_NUMBER >= 0x0090700fL) && /* 0.9.7 or later */ \
- !defined(OPENSSL_NO_ENGINE)
+ !defined(OPENSSL_NO_ENGINE) && !defined(OPENSSL_NO_UI_CONSOLE)
#define USE_OPENSSL_ENGINE
#include <openssl/engine.h>
#endif
@@ -156,6 +156,10 @@
#define HAVE_X509_GET0_SIGNATURE 1
#endif
+#if (OPENSSL_VERSION_NUMBER >= 0x1000200fL) /* 1.0.2 or later */
+#define HAVE_SSL_GET_SHUTDOWN 1
+#endif
+
#if OPENSSL_VERSION_NUMBER >= 0x10002003L && \
OPENSSL_VERSION_NUMBER <= 0x10002FFFL && \
!defined(OPENSSL_NO_COMP)
@@ -1022,14 +1026,8 @@ static int Curl_ossl_init(void)
ENGINE_load_builtin_engines();
#endif
- /* OPENSSL_config(NULL); is "strongly recommended" to use but unfortunately
- that function makes an exit() call on wrongly formatted config files
- which makes it hard to use in some situations. OPENSSL_config() itself
- calls CONF_modules_load_file() and we use that instead and we ignore
- its return code! */
-
- /* CONF_MFLAGS_DEFAULT_SECTION introduced some time between 0.9.8b and
- 0.9.8e */
+/* CONF_MFLAGS_DEFAULT_SECTION was introduced some time between 0.9.8b and
+ 0.9.8e */
#ifndef CONF_MFLAGS_DEFAULT_SECTION
#define CONF_MFLAGS_DEFAULT_SECTION 0x0
#endif
@@ -3091,18 +3089,25 @@ static CURLcode get_cert_chain(struct connectdata *conn,
#if defined(HAVE_X509_GET0_SIGNATURE) && defined(HAVE_X509_GET0_EXTENSIONS)
{
- const X509_ALGOR *palg = NULL;
- ASN1_STRING *a = ASN1_STRING_new();
- if(a) {
- X509_get0_signature(&psig, &palg, x);
- X509_signature_print(mem, ARG2_X509_signature_print palg, a);
- ASN1_STRING_free(a);
-
- if(palg) {
- i2a_ASN1_OBJECT(mem, palg->algorithm);
+ const X509_ALGOR *sigalg = NULL;
+ X509_PUBKEY *xpubkey = NULL;
+ ASN1_OBJECT *pubkeyoid = NULL;
+
+ X509_get0_signature(&psig, &sigalg, x);
+ if(sigalg) {
+ i2a_ASN1_OBJECT(mem, sigalg->algorithm);
+ push_certinfo("Signature Algorithm", i);
+ }
+
+ xpubkey = X509_get_X509_PUBKEY(x);
+ if(xpubkey) {
+ X509_PUBKEY_get0_param(&pubkeyoid, NULL, NULL, NULL, xpubkey);
+ if(pubkeyoid) {
+ i2a_ASN1_OBJECT(mem, pubkeyoid);
push_certinfo("Public Key Algorithm", i);
}
}
+
X509V3_ext(data, i, X509_get0_extensions(x));
}
#else
@@ -3154,7 +3159,7 @@ static CURLcode get_cert_chain(struct connectdata *conn,
const BIGNUM *e;
RSA_get0_key(rsa, &n, &e, NULL);
- BN_print(mem, n);
+ BIO_printf(mem, "%d", BN_num_bits(n));
push_certinfo("RSA Public Key", i);
print_pubkey_BN(rsa, n, i);
print_pubkey_BN(rsa, e, i);
@@ -3279,7 +3284,6 @@ static CURLcode pkp_pin_peer_pubkey(struct Curl_easy *data, X509* cert,
if(len1 < 1)
break; /* failed */
- /* https://www.openssl.org/docs/crypto/buffer.html */
buff1 = temp = malloc(len1);
if(!buff1)
break; /* failed */
@@ -3301,7 +3305,6 @@ static CURLcode pkp_pin_peer_pubkey(struct Curl_easy *data, X509* cert,
result = Curl_pin_peer_pubkey(data, pinnedpubkey, buff1, len1);
} while(0);
- /* https://www.openssl.org/docs/crypto/buffer.html */
if(buff1)
free(buff1);
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index a7452dcd5..6a0e60fb6 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -514,7 +514,7 @@ void Curl_ssl_close_all(struct Curl_easy *data)
#if defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \
defined(USE_SECTRANSP) || defined(USE_POLARSSL) || defined(USE_NSS) || \
- defined(USE_MBEDTLS) || defined(USE_CYASSL)
+ defined(USE_MBEDTLS) || defined(USE_WOLFSSL)
int Curl_ssl_getsock(struct connectdata *conn, curl_socket_t *socks,
int numsocks)
{
@@ -1172,8 +1172,8 @@ static const struct Curl_ssl Curl_ssl_multi = {
const struct Curl_ssl *Curl_ssl =
#if defined(CURL_WITH_MULTI_SSL)
&Curl_ssl_multi;
-#elif defined(USE_CYASSL)
- &Curl_ssl_cyassl;
+#elif defined(USE_WOLFSSL)
+ &Curl_ssl_wolfssl;
#elif defined(USE_SECTRANSP)
&Curl_ssl_sectransp;
#elif defined(USE_GNUTLS)
@@ -1197,8 +1197,8 @@ const struct Curl_ssl *Curl_ssl =
#endif
static const struct Curl_ssl *available_backends[] = {
-#if defined(USE_CYASSL)
- &Curl_ssl_cyassl,
+#if defined(USE_WOLFSSL)
+ &Curl_ssl_wolfssl,
#endif
#if defined(USE_SECTRANSP)
&Curl_ssl_sectransp,
diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h
index 2a87ca1f7..173d360de 100644
--- a/lib/vtls/vtls.h
+++ b/lib/vtls/vtls.h
@@ -103,7 +103,7 @@ CURLcode Curl_none_md5sum(unsigned char *input, size_t inputlen,
#include "nssg.h" /* NSS versions */
#include "gskit.h" /* Global Secure ToolKit versions */
#include "polarssl.h" /* PolarSSL versions */
-#include "cyassl.h" /* CyaSSL versions */
+#include "wolfssl.h" /* wolfSSL versions */
#include "schannel.h" /* Schannel SSPI version */
#include "sectransp.h" /* SecureTransport (Darwin) version */
#include "mbedtls.h" /* mbedTLS versions */
diff --git a/lib/vtls/cyassl.c b/lib/vtls/wolfssl.c
index 44a2bdda6..890bcbf79 100644
--- a/lib/vtls/cyassl.c
+++ b/lib/vtls/wolfssl.c
@@ -21,31 +21,21 @@
***************************************************************************/
/*
- * Source file for all CyaSSL-specific code for the TLS/SSL layer. No code
+ * Source file for all wolfSSL specific code for the TLS/SSL layer. No code
* but vtls.c should ever call or use these functions.
*
*/
#include "curl_setup.h"
-#ifdef USE_CYASSL
+#ifdef USE_WOLFSSL
#define WOLFSSL_OPTIONS_IGNORE_SYS
-/* CyaSSL's version.h, which should contain only the version, should come
-before all other CyaSSL includes and be immediately followed by build config
-aka options.h. https://curl.haxx.se/mail/lib-2015-04/0069.html */
-#include <cyassl/version.h>
-#if defined(HAVE_CYASSL_OPTIONS_H) && (LIBCYASSL_VERSION_HEX > 0x03004008)
-#if defined(CYASSL_API) || defined(WOLFSSL_API)
-/* Safety measure. If either is defined some API include was already included
-and that's a problem since options.h hasn't been included yet. */
-#error "CyaSSL API was included before the CyaSSL build options."
-#endif
-#include <cyassl/options.h>
-#endif
+#include <wolfssl/version.h>
+#include <wolfssl/options.h>
/* To determine what functions are available we rely on one or both of:
- - the user's options.h generated by CyaSSL/wolfSSL
+ - the user's options.h generated by wolfSSL
- the symbols detected by curl's configure
Since they are markedly different from one another, and one or the other may
not be available, we do some checking below to bring things in sync. */
@@ -61,8 +51,8 @@ and that's a problem since options.h hasn't been included yet. */
options.h, but is only seen in >= 3.6.6 since that's when they started
disabling SSLv3 by default. */
#ifndef WOLFSSL_ALLOW_SSLV3
-#if (LIBCYASSL_VERSION_HEX < 0x03006006) || \
- defined(HAVE_WOLFSSLV3_CLIENT_METHOD)
+#if (LIBWOLFSSL_VERSION_HEX < 0x03006006) || \
+ defined(HAVE_WOLFSSLV3_CLIENT_METHOD)
#define WOLFSSL_ALLOW_SSLV3
#endif
#endif
@@ -81,33 +71,21 @@ and that's a problem since options.h hasn't been included yet. */
#include "curl_printf.h"
#include "multiif.h"
-#include <cyassl/openssl/ssl.h>
-#include <cyassl/ssl.h>
-#ifdef HAVE_CYASSL_ERROR_SSL_H
-#include <cyassl/error-ssl.h>
-#else
-#include <cyassl/error.h>
-#endif
-#include <cyassl/ctaocrypt/random.h>
-#include <cyassl/ctaocrypt/sha256.h>
-
-#include "cyassl.h"
+#include <wolfssl/openssl/ssl.h>
+#include <wolfssl/ssl.h>
+#include <wolfssl/error-ssl.h>
+#include "wolfssl.h"
/* The last #include files should be: */
#include "curl_memory.h"
#include "memdebug.h"
-#if LIBCYASSL_VERSION_HEX < 0x02007002 /* < 2.7.2 */
-#define CYASSL_MAX_ERROR_SZ 80
-#endif
-
/* KEEP_PEER_CERT is a product of the presence of build time symbol
OPENSSL_EXTRA without NO_CERTS, depending on the version. KEEP_PEER_CERT is
in wolfSSL's settings.h, and the latter two are build time symbols in
options.h. */
#ifndef KEEP_PEER_CERT
-#if defined(HAVE_CYASSL_GET_PEER_CERTIFICATE) || \
- defined(HAVE_WOLFSSL_GET_PEER_CERTIFICATE) || \
+#if defined(HAVE_WOLFSSL_GET_PEER_CERTIFICATE) || \
(defined(OPENSSL_EXTRA) && !defined(NO_CERTS))
#define KEEP_PEER_CERT
#endif
@@ -120,8 +98,8 @@ struct ssl_backend_data {
#define BACKEND connssl->backend
-static Curl_recv cyassl_recv;
-static Curl_send cyassl_send;
+static Curl_recv wolfssl_recv;
+static Curl_send wolfssl_send;
static int do_file_type(const char *type)
@@ -140,7 +118,7 @@ static int do_file_type(const char *type)
* layer and do all necessary magic.
*/
static CURLcode
-cyassl_connect_step1(struct connectdata *conn,
+wolfssl_connect_step1(struct connectdata *conn,
int sockindex)
{
char *ciphers;
@@ -159,7 +137,7 @@ cyassl_connect_step1(struct connectdata *conn,
return CURLE_OK;
if(SSL_CONN_CONFIG(version_max) != CURL_SSLVERSION_MAX_NONE) {
- failf(data, "CyaSSL does not support to set maximum SSL/TLS version");
+ failf(data, "wolfSSL does not support to set maximum SSL/TLS version");
return CURLE_SSL_CONNECT_ERROR;
}
@@ -167,11 +145,11 @@ cyassl_connect_step1(struct connectdata *conn,
switch(SSL_CONN_CONFIG(version)) {
case CURL_SSLVERSION_DEFAULT:
case CURL_SSLVERSION_TLSv1:
-#if LIBCYASSL_VERSION_HEX >= 0x03003000 /* >= 3.3.0 */
+#if LIBWOLFSSL_VERSION_HEX >= 0x03003000 /* >= 3.3.0 */
/* minimum protocol version is set later after the CTX object is created */
req_method = SSLv23_client_method();
#else
- infof(data, "CyaSSL <3.3.0 cannot be configured to use TLS 1.0-1.2, "
+ infof(data, "wolfSSL <3.3.0 cannot be configured to use TLS 1.0-1.2, "
"TLS 1.0 is used exclusively\n");
req_method = TLSv1_client_method();
#endif
@@ -182,7 +160,7 @@ cyassl_connect_step1(struct connectdata *conn,
req_method = TLSv1_client_method();
use_sni(TRUE);
#else
- failf(data, "CyaSSL does not support TLS 1.0");
+ failf(data, "wolfSSL does not support TLS 1.0");
return CURLE_NOT_BUILT_IN;
#endif
break;
@@ -200,7 +178,7 @@ cyassl_connect_step1(struct connectdata *conn,
use_sni(TRUE);
break;
#else
- failf(data, "CyaSSL: TLS 1.3 is not yet supported");
+ failf(data, "wolfSSL: TLS 1.3 is not yet supported");
return CURLE_SSL_CONNECT_ERROR;
#endif
case CURL_SSLVERSION_SSLv3:
@@ -208,12 +186,12 @@ cyassl_connect_step1(struct connectdata *conn,
req_method = SSLv3_client_method();
use_sni(FALSE);
#else
- failf(data, "CyaSSL does not support SSLv3");
+ failf(data, "wolfSSL does not support SSLv3");
return CURLE_NOT_BUILT_IN;
#endif
break;
case CURL_SSLVERSION_SSLv2:
- failf(data, "CyaSSL does not support SSLv2");
+ failf(data, "wolfSSL does not support SSLv2");
return CURLE_SSL_CONNECT_ERROR;
default:
failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
@@ -237,13 +215,12 @@ cyassl_connect_step1(struct connectdata *conn,
switch(SSL_CONN_CONFIG(version)) {
case CURL_SSLVERSION_DEFAULT:
case CURL_SSLVERSION_TLSv1:
-#if LIBCYASSL_VERSION_HEX > 0x03004006 /* > 3.4.6 */
- /* Versions 3.3.0 to 3.4.6 we know the minimum protocol version is whatever
- minimum version of TLS was built in and at least TLS 1.0. For later library
- versions that could change (eg TLS 1.0 built in but defaults to TLS 1.1) so
- we have this short circuit evaluation to find the minimum supported TLS
- version. We use wolfSSL_CTX_SetMinVersion and not CyaSSL_SetMinVersion
- because only the former will work before the user's CTX callback is called.
+#if LIBWOLFSSL_VERSION_HEX > 0x03004006 /* > 3.4.6 */
+ /* Versions 3.3.0 to 3.4.6 we know the minimum protocol version is
+ * whatever minimum version of TLS was built in and at least TLS 1.0. For
+ * later library versions that could change (eg TLS 1.0 built in but
+ * defaults to TLS 1.1) so we have this short circuit evaluation to find
+ * the minimum supported TLS version.
*/
if((wolfSSL_CTX_SetMinVersion(BACKEND->ctx, WOLFSSL_TLSV1) != 1) &&
(wolfSSL_CTX_SetMinVersion(BACKEND->ctx, WOLFSSL_TLSV1_1) != 1) &&
@@ -347,7 +324,7 @@ cyassl_connect_step1(struct connectdata *conn,
#ifdef ENABLE_IPV6
(0 == Curl_inet_pton(AF_INET6, hostname, &addr6)) &&
#endif
- (CyaSSL_CTX_UseSNI(BACKEND->ctx, CYASSL_SNI_HOST_NAME, hostname,
+ (wolfSSL_CTX_UseSNI(BACKEND->ctx, WOLFSSL_SNI_HOST_NAME, hostname,
(unsigned short)hostname_len) != 1)) {
infof(data, "WARNING: failed to configure server name indication (SNI) "
"TLS extension\n");
@@ -357,9 +334,8 @@ cyassl_connect_step1(struct connectdata *conn,
/* give application a chance to interfere with SSL set up. */
if(data->set.ssl.fsslctx) {
- CURLcode result = CURLE_OK;
- result = (*data->set.ssl.fsslctx)(data, BACKEND->ctx,
- data->set.ssl.fsslctxp);
+ CURLcode result = (*data->set.ssl.fsslctx)(data, BACKEND->ctx,
+ data->set.ssl.fsslctxp);
if(result) {
failf(data, "error signaled by ssl ctx callback");
return result;
@@ -367,7 +343,7 @@ cyassl_connect_step1(struct connectdata *conn,
}
#ifdef NO_FILESYSTEM
else if(SSL_CONN_CONFIG(verifypeer)) {
- failf(data, "SSL: Certificates couldn't be loaded because CyaSSL was built"
+ failf(data, "SSL: Certificates can't be loaded because wolfSSL was built"
" with \"no filesystem\". Either disable peer verification"
" (insecure) or if you are building an application with libcurl you"
" can load certificates via CURLOPT_SSL_CTX_FUNCTION.");
@@ -419,11 +395,11 @@ cyassl_connect_step1(struct connectdata *conn,
if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, NULL, sockindex)) {
/* we got a session id, use it! */
if(!SSL_set_session(BACKEND->handle, ssl_sessionid)) {
- char error_buffer[CYASSL_MAX_ERROR_SZ];
+ char error_buffer[WOLFSSL_MAX_ERROR_SZ];
Curl_ssl_sessionid_unlock(conn);
failf(data, "SSL: SSL_set_session failed: %s",
ERR_error_string(SSL_get_error(BACKEND->handle, 0),
- error_buffer));
+ error_buffer));
return CURLE_SSL_CONNECT_ERROR;
}
/* Informational message */
@@ -444,7 +420,7 @@ cyassl_connect_step1(struct connectdata *conn,
static CURLcode
-cyassl_connect_step2(struct connectdata *conn,
+wolfssl_connect_step2(struct connectdata *conn,
int sockindex)
{
int ret = -1;
@@ -458,19 +434,19 @@ cyassl_connect_step2(struct connectdata *conn,
data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] :
data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG];
- conn->recv[sockindex] = cyassl_recv;
- conn->send[sockindex] = cyassl_send;
+ conn->recv[sockindex] = wolfssl_recv;
+ conn->send[sockindex] = wolfssl_send;
/* Enable RFC2818 checks */
if(SSL_CONN_CONFIG(verifyhost)) {
- ret = CyaSSL_check_domain_name(BACKEND->handle, hostname);
+ ret = wolfSSL_check_domain_name(BACKEND->handle, hostname);
if(ret == SSL_FAILURE)
return CURLE_OUT_OF_MEMORY;
}
ret = SSL_connect(BACKEND->handle);
if(ret != 1) {
- char error_buffer[CYASSL_MAX_ERROR_SZ];
+ char error_buffer[WOLFSSL_MAX_ERROR_SZ];
int detail = SSL_get_error(BACKEND->handle, ret);
if(SSL_ERROR_WANT_READ == detail) {
@@ -490,11 +466,12 @@ cyassl_connect_step2(struct connectdata *conn,
dispname);
return CURLE_PEER_FAILED_VERIFICATION;
#else
- /* When the CyaSSL_check_domain_name() is used and you desire to continue
- * on a DOMAIN_NAME_MISMATCH, i.e. 'conn->ssl_config.verifyhost == 0',
- * CyaSSL version 2.4.0 will fail with an INCOMPLETE_DATA error. The only
- * way to do this is currently to switch the CyaSSL_check_domain_name()
- * in and out based on the 'conn->ssl_config.verifyhost' value. */
+ /* When the wolfssl_check_domain_name() is used and you desire to
+ * continue on a DOMAIN_NAME_MISMATCH, i.e. 'conn->ssl_config.verifyhost
+ * == 0', CyaSSL version 2.4.0 will fail with an INCOMPLETE_DATA
+ * error. The only way to do this is currently to switch the
+ * Wolfssl_check_domain_name() in and out based on the
+ * 'conn->ssl_config.verifyhost' value. */
if(SSL_CONN_CONFIG(verifyhost)) {
failf(data,
"\tsubject alt name(s) or common name do not match \"%s\"\n",
@@ -509,7 +486,7 @@ cyassl_connect_step2(struct connectdata *conn,
}
#endif
}
-#if LIBCYASSL_VERSION_HEX >= 0x02007000 /* 2.7.0 */
+#if LIBWOLFSSL_VERSION_HEX >= 0x02007000 /* 2.7.0 */
else if(ASN_NO_SIGNER_E == detail) {
if(SSL_CONN_CONFIG(verifypeer)) {
failf(data, "\tCA signer not available for verification\n");
@@ -545,7 +522,7 @@ cyassl_connect_step2(struct connectdata *conn,
return CURLE_SSL_PINNEDPUBKEYNOTMATCH;
}
- x509_der = (const char *)CyaSSL_X509_get_der(x509, &x509_der_len);
+ x509_der = (const char *)wolfSSL_X509_get_der(x509, &x509_der_len);
if(!x509_der) {
failf(data, "SSL: failed retrieving ASN.1 server certificate");
return CURLE_SSL_PINNEDPUBKEYNOTMATCH;
@@ -613,7 +590,7 @@ cyassl_connect_step2(struct connectdata *conn,
#endif /* HAVE_ALPN */
connssl->connecting_state = ssl_connect_3;
-#if (LIBCYASSL_VERSION_HEX >= 0x03009010)
+#if (LIBWOLFSSL_VERSION_HEX >= 0x03009010)
infof(data, "SSL connection using %s / %s\n",
wolfSSL_get_version(BACKEND->handle),
wolfSSL_get_cipher_name(BACKEND->handle));
@@ -626,7 +603,7 @@ cyassl_connect_step2(struct connectdata *conn,
static CURLcode
-cyassl_connect_step3(struct connectdata *conn,
+wolfssl_connect_step3(struct connectdata *conn,
int sockindex)
{
CURLcode result = CURLE_OK;
@@ -671,14 +648,14 @@ cyassl_connect_step3(struct connectdata *conn,
}
-static ssize_t cyassl_send(struct connectdata *conn,
+static ssize_t wolfssl_send(struct connectdata *conn,
int sockindex,
const void *mem,
size_t len,
CURLcode *curlcode)
{
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
- char error_buffer[CYASSL_MAX_ERROR_SZ];
+ char error_buffer[WOLFSSL_MAX_ERROR_SZ];
int memlen = (len > (size_t)INT_MAX) ? INT_MAX : (int)len;
int rc = SSL_write(BACKEND->handle, mem, memlen);
@@ -702,7 +679,7 @@ static ssize_t cyassl_send(struct connectdata *conn,
return rc;
}
-static void Curl_cyassl_close(struct connectdata *conn, int sockindex)
+static void Curl_wolfssl_close(struct connectdata *conn, int sockindex)
{
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
@@ -717,14 +694,14 @@ static void Curl_cyassl_close(struct connectdata *conn, int sockindex)
}
}
-static ssize_t cyassl_recv(struct connectdata *conn,
+static ssize_t wolfssl_recv(struct connectdata *conn,
int num,
char *buf,
size_t buffersize,
CURLcode *curlcode)
{
struct ssl_connect_data *connssl = &conn->ssl[num];
- char error_buffer[CYASSL_MAX_ERROR_SZ];
+ char error_buffer[WOLFSSL_MAX_ERROR_SZ];
int buffsize = (buffersize > (size_t)INT_MAX) ? INT_MAX : (int)buffersize;
int nread = SSL_read(BACKEND->handle, buf, buffsize);
@@ -751,40 +728,36 @@ static ssize_t cyassl_recv(struct connectdata *conn,
}
-static void Curl_cyassl_session_free(void *ptr)
+static void Curl_wolfssl_session_free(void *ptr)
{
(void)ptr;
- /* CyaSSL reuses sessions on own, no free */
+ /* wolfSSL reuses sessions on own, no free */
}
-static size_t Curl_cyassl_version(char *buffer, size_t size)
+static size_t Curl_wolfssl_version(char *buffer, size_t size)
{
-#if LIBCYASSL_VERSION_HEX >= 0x03006000
+#if LIBWOLFSSL_VERSION_HEX >= 0x03006000
return msnprintf(buffer, size, "wolfSSL/%s", wolfSSL_lib_version());
#elif defined(WOLFSSL_VERSION)
return msnprintf(buffer, size, "wolfSSL/%s", WOLFSSL_VERSION);
-#elif defined(CYASSL_VERSION)
- return msnprintf(buffer, size, "CyaSSL/%s", CYASSL_VERSION);
-#else
- return msnprintf(buffer, size, "CyaSSL/%s", "<1.8.8");
#endif
}
-static int Curl_cyassl_init(void)
+static int Curl_wolfssl_init(void)
{
- return (CyaSSL_Init() == SSL_SUCCESS);
+ return (wolfSSL_Init() == SSL_SUCCESS);
}
-static void Curl_cyassl_cleanup(void)
+static void Curl_wolfssl_cleanup(void)
{
- CyaSSL_Cleanup();
+ wolfSSL_Cleanup();
}
-static bool Curl_cyassl_data_pending(const struct connectdata* conn,
+static bool Curl_wolfssl_data_pending(const struct connectdata* conn,
int connindex)
{
const struct ssl_connect_data *connssl = &conn->ssl[connindex];
@@ -799,7 +772,7 @@ static bool Curl_cyassl_data_pending(const struct connectdata* conn,
* This function is called to shut down the SSL layer but keep the
* socket open (CCC - Clear Command Channel)
*/
-static int Curl_cyassl_shutdown(struct connectdata *conn, int sockindex)
+static int Curl_wolfssl_shutdown(struct connectdata *conn, int sockindex)
{
int retval = 0;
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
@@ -813,7 +786,7 @@ static int Curl_cyassl_shutdown(struct connectdata *conn, int sockindex)
static CURLcode
-cyassl_connect_common(struct connectdata *conn,
+wolfssl_connect_common(struct connectdata *conn,
int sockindex,
bool nonblocking,
bool *done)
@@ -841,7 +814,7 @@ cyassl_connect_common(struct connectdata *conn,
return CURLE_OPERATION_TIMEDOUT;
}
- result = cyassl_connect_step1(conn, sockindex);
+ result = wolfssl_connect_step1(conn, sockindex);
if(result)
return result;
}
@@ -896,7 +869,7 @@ cyassl_connect_common(struct connectdata *conn,
* ensuring that a client using select() or epoll() will always
* have a valid fdset to wait on.
*/
- result = cyassl_connect_step2(conn, sockindex);
+ result = wolfssl_connect_step2(conn, sockindex);
if(result || (nonblocking &&
(ssl_connect_2 == connssl->connecting_state ||
ssl_connect_2_reading == connssl->connecting_state ||
@@ -905,15 +878,15 @@ cyassl_connect_common(struct connectdata *conn,
} /* repeat step2 until all transactions are done. */
if(ssl_connect_3 == connssl->connecting_state) {
- result = cyassl_connect_step3(conn, sockindex);
+ result = wolfssl_connect_step3(conn, sockindex);
if(result)
return result;
}
if(ssl_connect_done == connssl->connecting_state) {
connssl->state = ssl_connection_complete;
- conn->recv[sockindex] = cyassl_recv;
- conn->send[sockindex] = cyassl_send;
+ conn->recv[sockindex] = wolfssl_recv;
+ conn->send[sockindex] = wolfssl_send;
*done = TRUE;
}
else
@@ -926,19 +899,19 @@ cyassl_connect_common(struct connectdata *conn,
}
-static CURLcode Curl_cyassl_connect_nonblocking(struct connectdata *conn,
+static CURLcode Curl_wolfssl_connect_nonblocking(struct connectdata *conn,
int sockindex, bool *done)
{
- return cyassl_connect_common(conn, sockindex, TRUE, done);
+ return wolfssl_connect_common(conn, sockindex, TRUE, done);
}
-static CURLcode Curl_cyassl_connect(struct connectdata *conn, int sockindex)
+static CURLcode Curl_wolfssl_connect(struct connectdata *conn, int sockindex)
{
CURLcode result;
bool done = FALSE;
- result = cyassl_connect_common(conn, sockindex, FALSE, &done);
+ result = wolfssl_connect_common(conn, sockindex, FALSE, &done);
if(result)
return result;
@@ -947,43 +920,43 @@ static CURLcode Curl_cyassl_connect(struct connectdata *conn, int sockindex)
return CURLE_OK;
}
-static CURLcode Curl_cyassl_random(struct Curl_easy *data,
+static CURLcode Curl_wolfssl_random(struct Curl_easy *data,
unsigned char *entropy, size_t length)
{
RNG rng;
(void)data;
- if(InitRng(&rng))
+ if(wc_InitRng(&rng))
return CURLE_FAILED_INIT;
if(length > UINT_MAX)
return CURLE_FAILED_INIT;
- if(RNG_GenerateBlock(&rng, entropy, (unsigned)length))
+ if(wc_RNG_GenerateBlock(&rng, entropy, (unsigned)length))
return CURLE_FAILED_INIT;
- if(FreeRng(&rng))
+ if(wc_FreeRng(&rng))
return CURLE_FAILED_INIT;
return CURLE_OK;
}
-static CURLcode Curl_cyassl_sha256sum(const unsigned char *tmp, /* input */
+static CURLcode Curl_wolfssl_sha256sum(const unsigned char *tmp, /* input */
size_t tmplen,
unsigned char *sha256sum /* output */,
size_t unused)
{
Sha256 SHA256pw;
(void)unused;
- InitSha256(&SHA256pw);
- Sha256Update(&SHA256pw, tmp, (word32)tmplen);
- Sha256Final(&SHA256pw, sha256sum);
+ wc_InitSha256(&SHA256pw);
+ wc_Sha256Update(&SHA256pw, tmp, (word32)tmplen);
+ wc_Sha256Final(&SHA256pw, sha256sum);
return CURLE_OK;
}
-static void *Curl_cyassl_get_internals(struct ssl_connect_data *connssl,
+static void *Curl_wolfssl_get_internals(struct ssl_connect_data *connssl,
CURLINFO info UNUSED_PARAM)
{
(void)info;
return BACKEND->handle;
}
-const struct Curl_ssl Curl_ssl_cyassl = {
+const struct Curl_ssl Curl_ssl_wolfssl = {
{ CURLSSLBACKEND_WOLFSSL, "WolfSSL" }, /* info */
#ifdef KEEP_PEER_CERT
@@ -993,26 +966,26 @@ const struct Curl_ssl Curl_ssl_cyassl = {
sizeof(struct ssl_backend_data),
- Curl_cyassl_init, /* init */
- Curl_cyassl_cleanup, /* cleanup */
- Curl_cyassl_version, /* version */
+ Curl_wolfssl_init, /* init */
+ Curl_wolfssl_cleanup, /* cleanup */
+ Curl_wolfssl_version, /* version */
Curl_none_check_cxn, /* check_cxn */
- Curl_cyassl_shutdown, /* shutdown */
- Curl_cyassl_data_pending, /* data_pending */
- Curl_cyassl_random, /* random */
+ Curl_wolfssl_shutdown, /* shutdown */
+ Curl_wolfssl_data_pending, /* data_pending */
+ Curl_wolfssl_random, /* random */
Curl_none_cert_status_request, /* cert_status_request */
- Curl_cyassl_connect, /* connect */
- Curl_cyassl_connect_nonblocking, /* connect_nonblocking */
- Curl_cyassl_get_internals, /* get_internals */
- Curl_cyassl_close, /* close_one */
+ Curl_wolfssl_connect, /* connect */
+ Curl_wolfssl_connect_nonblocking, /* connect_nonblocking */
+ Curl_wolfssl_get_internals, /* get_internals */
+ Curl_wolfssl_close, /* close_one */
Curl_none_close_all, /* close_all */
- Curl_cyassl_session_free, /* session_free */
+ Curl_wolfssl_session_free, /* session_free */
Curl_none_set_engine, /* set_engine */
Curl_none_set_engine_default, /* set_engine_default */
Curl_none_engines_list, /* engines_list */
Curl_none_false_start, /* false_start */
Curl_none_md5sum, /* md5sum */
- Curl_cyassl_sha256sum /* sha256sum */
+ Curl_wolfssl_sha256sum /* sha256sum */
};
#endif
diff --git a/lib/vtls/cyassl.h b/lib/vtls/wolfssl.h
index 01e11cc23..2b9673c0f 100644
--- a/lib/vtls/cyassl.h
+++ b/lib/vtls/wolfssl.h
@@ -1,5 +1,5 @@
-#ifndef HEADER_CURL_CYASSL_H
-#define HEADER_CURL_CYASSL_H
+#ifndef HEADER_CURL_WOLFSSL_H
+#define HEADER_CURL_WOLFSSL_H
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -23,9 +23,9 @@
***************************************************************************/
#include "curl_setup.h"
-#ifdef USE_CYASSL
+#ifdef USE_WOLFSSL
-extern const struct Curl_ssl Curl_ssl_cyassl;
+extern const struct Curl_ssl Curl_ssl_wolfssl;
-#endif /* USE_CYASSL */
-#endif /* HEADER_CURL_CYASSL_H */
+#endif /* USE_WOLFSSL */
+#endif /* HEADER_CURL_WOLFSSL_H */
diff --git a/lib/x509asn1.c b/lib/x509asn1.c
index 1af312ec6..026a76950 100644
--- a/lib/x509asn1.c
+++ b/lib/x509asn1.c
@@ -23,7 +23,7 @@
#include "curl_setup.h"
#if defined(USE_GSKIT) || defined(USE_NSS) || defined(USE_GNUTLS) || \
- defined(USE_CYASSL) || defined(USE_SCHANNEL)
+ defined(USE_WOLFSSL) || defined(USE_SCHANNEL)
#include <gnurl/curl.h>
#include "urldata.h"
@@ -1104,7 +1104,7 @@ CURLcode Curl_extract_certinfo(struct connectdata *conn,
return CURLE_OK;
}
-#endif /* USE_GSKIT or USE_NSS or USE_GNUTLS or USE_CYASSL or USE_SCHANNEL */
+#endif /* USE_GSKIT or USE_NSS or USE_GNUTLS or USE_WOLFSSL or USE_SCHANNEL */
#if defined(USE_GSKIT)
diff --git a/lib/x509asn1.h b/lib/x509asn1.h
index ce4029792..205fdc0d7 100644
--- a/lib/x509asn1.h
+++ b/lib/x509asn1.h
@@ -8,7 +8,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -26,7 +26,7 @@
#include "curl_setup.h"
#if defined(USE_GSKIT) || defined(USE_NSS) || defined(USE_GNUTLS) || \
- defined(USE_CYASSL) || defined(USE_SCHANNEL)
+ defined(USE_WOLFSSL) || defined(USE_SCHANNEL)
#include "urldata.h"
@@ -130,5 +130,5 @@ CURLcode Curl_extract_certinfo(struct connectdata *conn, int certnum,
const char *beg, const char *end);
CURLcode Curl_verifyhost(struct connectdata *conn,
const char *beg, const char *end);
-#endif /* USE_GSKIT or USE_NSS or USE_GNUTLS or USE_CYASSL or USE_SCHANNEL */
+#endif /* USE_GSKIT or USE_NSS or USE_GNUTLS or USE_WOLFSSL or USE_SCHANNEL */
#endif /* HEADER_CURL_X509ASN1_H */
diff --git a/m4/curl-functions.m4 b/m4/curl-functions.m4
index 84f6ffcb2..9020f3942 100644
--- a/m4/curl-functions.m4
+++ b/m4/curl-functions.m4
@@ -7313,8 +7313,7 @@ AC_DEFUN([CURL_COVERAGE],[
dnl check if enabled by argument
AC_ARG_ENABLE(code-coverage,
AC_HELP_STRING([--enable-code-coverage], [Provide code coverage]),
- coverage="yes",
- coverage="no")
+ coverage="$enableval")
dnl if not gcc switch off again
AS_IF([ test "$GCC" != "yes" ], coverage="no" )
diff --git a/packages/OS400/ccsidcurl.c b/packages/OS400/ccsidcurl.c
index fd3b5f073..4b462a273 100644
--- a/packages/OS400/ccsidcurl.c
+++ b/packages/OS400/ccsidcurl.c
@@ -620,12 +620,7 @@ curl_easy_getinfo_ccsid(CURL *curl, CURLINFO info, ...)
va_list arg;
void *paramp;
CURLcode ret;
- unsigned int ccsid;
- char * * cpp;
struct Curl_easy * data;
- struct curl_slist * * slp;
- struct curl_certinfo * cipf;
- struct curl_certinfo * cipt;
/* WARNING: unlike curl_easy_getinfo(), the strings returned by this
procedure have to be free'ed. */
@@ -635,7 +630,13 @@ curl_easy_getinfo_ccsid(CURL *curl, CURLINFO info, ...)
paramp = va_arg(arg, void *);
ret = Curl_getinfo(data, info, paramp);
- if(ret == CURLE_OK)
+ if(ret == CURLE_OK) {
+ unsigned int ccsid;
+ char **cpp;
+ struct curl_slist **slp;
+ struct curl_certinfo *cipf;
+ struct curl_certinfo *cipt;
+
switch((int) info & CURLINFO_TYPEMASK) {
case CURLINFO_STRING:
@@ -706,6 +707,7 @@ curl_easy_getinfo_ccsid(CURL *curl, CURLINFO info, ...)
break;
}
}
+ }
va_end(arg);
return ret;
@@ -1312,12 +1314,9 @@ curl_easy_setopt_ccsid(CURL *curl, CURLoption tag, ...)
case CURLOPT_ERRORBUFFER: /* This is an output buffer. */
default:
- {
- long val = va_arg(arg, long);
- result = curl_easy_setopt(curl, tag, val);
+ result = Curl_vsetopt(curl, tag, arg);
break;
}
- }
va_end(arg);
return result;
@@ -1355,13 +1354,12 @@ curl_pushheader_byname_ccsid(struct curl_pushheaders *h, const char *header,
{
char *d = (char *) NULL;
- char *s;
if(header) {
header = dynconvert(ASCII_CCSID, header, -1, ccsidin);
if(header) {
- s = curl_pushheader_byname(h, header);
+ char *s = curl_pushheader_byname(h, header);
free((char *) header);
if(s)
diff --git a/packages/OS400/os400sys.c b/packages/OS400/os400sys.c
index 309ff4d94..85dd20e40 100644
--- a/packages/OS400/os400sys.c
+++ b/packages/OS400/os400sys.c
@@ -268,13 +268,9 @@ Curl_getnameinfo_a(const struct sockaddr * sa, curl_socklen_t salen,
int flags)
{
- char * enodename;
- char * eservname;
+ char *enodename = NULL;
+ char *eservname = NULL;
int status;
- int i;
-
- enodename = (char *) NULL;
- eservname = (char *) NULL;
if(nodename && nodenamelen) {
enodename = malloc(nodenamelen);
@@ -294,6 +290,7 @@ Curl_getnameinfo_a(const struct sockaddr * sa, curl_socklen_t salen,
eservname, servnamelen, flags);
if(!status) {
+ int i;
if(enodename) {
i = QadrtConvertE2A(nodename, enodename,
nodenamelen - 1, strlen(enodename));
@@ -766,16 +763,13 @@ static int
Curl_gss_convert_in_place(OM_uint32 * minor_status, gss_buffer_t buf)
{
- unsigned int i;
- char * t;
+ unsigned int i = buf->length;
/* Convert `buf' in place, from EBCDIC to ASCII.
If error, release the buffer and return -1. Else return 0. */
- i = buf->length;
-
if(i) {
- t = malloc(i);
+ char *t = malloc(i);
if(!t) {
gss_release_buffer(minor_status, buf);
@@ -865,7 +859,6 @@ Curl_gss_init_sec_context_a(OM_uint32 * minor_status,
{
int rc;
- unsigned int i;
gss_buffer_desc in;
gss_buffer_t inp;
@@ -874,7 +867,7 @@ Curl_gss_init_sec_context_a(OM_uint32 * minor_status,
if(inp) {
if(inp->length && inp->value) {
- i = inp->length;
+ unsigned int i = inp->length;
in.value = malloc(i + 1);
if(!in.value) {
diff --git a/packages/vms/config_h.com b/packages/vms/config_h.com
index 0f1fa0f62..967eb40de 100644
--- a/packages/vms/config_h.com
+++ b/packages/vms/config_h.com
@@ -825,19 +825,6 @@ $ endif
$ goto cfgh_in_loop1
$ endif
$!
-$ if key2 .eqs. "HAVE_SSL_GET_SHUTDOWN"
-$ then
-$ if f$search("''ssl_header_dir'ssl.h") .nes. ""
-$ then
-$ write tf "#ifndef ''key2'"
-$ write tf "#define ''key2' 1"
-$ write tf "#endif"
-$ else
-$ write tf "/* #undef ''key2' */"
-$ endif
-$ goto cfgh_in_loop1
-$ endif
-$!
$ if key2b .eqs. "RAND" .and. key2c .nes. "" .and. key2d .eqs. ""
$ then
$ if (key2c .eqs. "EGD") .or. -
diff --git a/src/tool_cb_prg.c b/src/tool_cb_prg.c
index e2ee54225..a18827c8b 100644
--- a/src/tool_cb_prg.c
+++ b/src/tool_cb_prg.c
@@ -125,14 +125,19 @@ int tool_progress_cb(void *clientp,
curl_off_t total;
curl_off_t point;
- /* expected transfer size */
- if((CURL_OFF_T_MAX - bar->initial_size) < (dltotal + ultotal))
+ /* Calculate expected transfer size. initial_size can be less than zero
+ when indicating that we are expecting to get the filesize from the
+ remote */
+ if(bar->initial_size < 0 ||
+ ((CURL_OFF_T_MAX - bar->initial_size) < (dltotal + ultotal)))
total = CURL_OFF_T_MAX;
else
total = dltotal + ultotal + bar->initial_size;
- /* we've come this far */
- if((CURL_OFF_T_MAX - bar->initial_size) < (dlnow + ulnow))
+ /* Calculate the current progress. initial_size can be less than zero when
+ indicating that we are expecting to get the filesize from the remote */
+ if(bar->initial_size < 0 ||
+ ((CURL_OFF_T_MAX - bar->initial_size) < (dlnow + ulnow)))
point = CURL_OFF_T_MAX;
else
point = dlnow + ulnow + bar->initial_size;
@@ -205,7 +210,8 @@ void progressbarinit(struct ProgressData *bar,
if(colp) {
char *endptr;
long num = strtol(colp, &endptr, 10);
- if((endptr != colp) && (endptr == colp + strlen(colp)) && (num > 20))
+ if((endptr != colp) && (endptr == colp + strlen(colp)) && (num > 20) &&
+ (num < 10000))
bar->width = (int)num;
curl_free(colp);
}
diff --git a/src/tool_getpass.c b/src/tool_getpass.c
index bf531a537..dfe363b21 100644
--- a/src/tool_getpass.c
+++ b/src/tool_getpass.c
@@ -93,7 +93,7 @@ char *getpass_r(const char *prompt, char *buffer, size_t buflen)
if((sts & 1) && (iosb.iosb$w_status & 1))
buffer[iosb.iosb$w_bcnt] = '\0';
- sts = sys$dassgn(chan);
+ sys$dassgn(chan);
}
return buffer; /* we always return success */
}
diff --git a/src/tool_operate.c b/src/tool_operate.c
index 462119a1c..bf9a9b8d8 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -825,9 +825,8 @@ static CURLcode operate_do(struct GlobalConfig *global,
/* where to store */
my_setopt(curl, CURLOPT_WRITEDATA, &outs);
-#ifndef CURL_DISABLE_RTSP
my_setopt(curl, CURLOPT_INTERLEAVEDATA, &outs);
-#endif
+
if(metalink || !config->use_metalink)
/* what call to write */
my_setopt(curl, CURLOPT_WRITEFUNCTION, tool_write_cb);
@@ -875,7 +874,6 @@ static CURLcode operate_do(struct GlobalConfig *global,
if(config->oauth_bearer)
my_setopt_str(curl, CURLOPT_XOAUTH2_BEARER, config->oauth_bearer);
-#if !defined(CURL_DISABLE_PROXY)
{
my_setopt_str(curl, CURLOPT_PROXY, config->proxy);
/* new in libcurl 7.5 */
@@ -914,7 +912,6 @@ static CURLcode operate_do(struct GlobalConfig *global,
my_setopt(curl, CURLOPT_SUPPRESS_CONNECT_HEADERS,
config->suppress_connect_headers?1L:0L);
}
-#endif /* !CURL_DISABLE_PROXY */
my_setopt(curl, CURLOPT_FAILONERROR, config->failonerror?1L:0L);
my_setopt(curl, CURLOPT_REQUEST_TARGET, config->request_target);
@@ -1017,9 +1014,7 @@ static CURLcode operate_do(struct GlobalConfig *global,
} /* (built_in_protos & CURLPROTO_HTTP) */
-#ifndef CURL_DISABLE_FTP
my_setopt_str(curl, CURLOPT_FTPPORT, config->ftpport);
-#endif
my_setopt(curl, CURLOPT_LOW_SPEED_LIMIT,
config->low_speed_limit);
my_setopt(curl, CURLOPT_LOW_SPEED_TIME, config->low_speed_time);
@@ -1034,9 +1029,8 @@ static CURLcode operate_do(struct GlobalConfig *global,
my_setopt(curl, CURLOPT_RESUME_FROM_LARGE, CURL_OFF_T_C(0));
my_setopt_str(curl, CURLOPT_KEYPASSWD, config->key_passwd);
-#ifndef CURL_DISABLE_PROXY
my_setopt_str(curl, CURLOPT_PROXY_KEYPASSWD, config->proxy_key_passwd);
-#endif
+
if(built_in_protos & (CURLPROTO_SCP|CURLPROTO_SFTP)) {
/* SSH and SSL private key uses same command-line option */
@@ -1072,7 +1066,8 @@ static CURLcode operate_do(struct GlobalConfig *global,
}
/* For the time being if --proxy-capath is not set then we use the
--capath value for it, if any. See #1257 */
- if(config->proxy_capath || config->capath) {
+ if((config->proxy_capath || config->capath) &&
+ !tool_setopt_skip(CURLOPT_PROXY_CAPATH)) {
result = res_setopt_str(curl, CURLOPT_PROXY_CAPATH,
(config->proxy_capath ?
config->proxy_capath :
@@ -1213,7 +1208,6 @@ static CURLcode operate_do(struct GlobalConfig *global,
my_setopt_slist(curl, CURLOPT_POSTQUOTE, config->postquote);
my_setopt_slist(curl, CURLOPT_PREQUOTE, config->prequote);
-#if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_COOKIES)
if(config->cookie)
my_setopt_str(curl, CURLOPT_COOKIE, config->cookie);
@@ -1226,13 +1220,6 @@ static CURLcode operate_do(struct GlobalConfig *global,
/* new in libcurl 7.9.7 */
my_setopt(curl, CURLOPT_COOKIESESSION, config->cookiesession?1L:0L);
-#else
- if(config->cookie || config->cookiefile || config->cookiejar) {
- warnf(config->global, "cookie option(s) used even though cookie "
- "support is disabled!\n");
- return CURLE_NOT_BUILT_IN;
- }
-#endif
my_setopt_enum(curl, CURLOPT_TIMECONDITION, (long)config->timecond);
my_setopt(curl, CURLOPT_TIMEVALUE_LARGE, config->condtime);
@@ -1242,9 +1229,8 @@ static CURLcode operate_do(struct GlobalConfig *global,
/* three new ones in libcurl 7.3: */
my_setopt_str(curl, CURLOPT_INTERFACE, config->iface);
-#ifndef CURL_DISABLE_FTP
my_setopt_str(curl, CURLOPT_KRBLEVEL, config->krblevel);
-#endif
+
progressbarinit(&progressbar, config);
if((global->progressmode == CURL_PROGRESS_BAR) &&
!global->noprogress && !global->mute) {
@@ -1266,10 +1252,9 @@ static CURLcode operate_do(struct GlobalConfig *global,
if(config->dns_ipv6_addr)
my_setopt_str(curl, CURLOPT_DNS_LOCAL_IP6, config->dns_ipv6_addr);
-#ifndef CURL_DISABLE_TELNET
/* new in libcurl 7.6.2: */
my_setopt_slist(curl, CURLOPT_TELNETOPTIONS, config->telnet_options);
-#endif
+
/* new in libcurl 7.7: */
my_setopt_str(curl, CURLOPT_RANDOM_FILE, config->random_file);
my_setopt_str(curl, CURLOPT_EGDSOCKET, config->egd_file);
@@ -1372,30 +1357,26 @@ static CURLcode operate_do(struct GlobalConfig *global,
my_setopt_str(curl, CURLOPT_SERVICE_NAME,
config->service_name);
-#ifndef CURL_DISABLE_FTP
/* curl 7.13.0 */
my_setopt_str(curl, CURLOPT_FTP_ACCOUNT, config->ftp_account);
-#endif
my_setopt(curl, CURLOPT_IGNORE_CONTENT_LENGTH, config->ignorecl?1L:0L);
-#ifndef CURL_DISABLE_FTP
/* curl 7.14.2 */
my_setopt(curl, CURLOPT_FTP_SKIP_PASV_IP, config->ftp_skip_ip?1L:0L);
/* curl 7.15.1 */
my_setopt(curl, CURLOPT_FTP_FILEMETHOD, (long)config->ftp_filemethod);
-#endif
+
/* curl 7.15.2 */
if(config->localport) {
my_setopt(curl, CURLOPT_LOCALPORT, config->localport);
my_setopt_str(curl, CURLOPT_LOCALPORTRANGE, config->localportrange);
}
-#ifndef CURL_DISABLE_FTP
/* curl 7.15.5 */
my_setopt_str(curl, CURLOPT_FTP_ALTERNATIVE_TO_USER,
config->ftp_alternative_to_user);
-#endif
+
/* curl 7.16.0 */
if(config->disable_sessionid)
/* disable it */
diff --git a/src/tool_setopt.c b/src/tool_setopt.c
index ff67c22e7..b5486e6ef 100644
--- a/src/tool_setopt.c
+++ b/src/tool_setopt.c
@@ -720,9 +720,14 @@ CURLcode tool_setopt(CURL *curl, bool str, struct GlobalConfig *config,
#endif /* CURL_DISABLE_LIBCURL_OPTION */
-CURLcode tool_real_error(CURLcode result, CURLoption tag)
+/*
+ * tool_setopt_skip() allows the curl tool code to avoid setopt options that
+ * are explicitly disabled in the build.
+ */
+bool tool_setopt_skip(CURLoption tag)
{
#ifdef CURL_DISABLE_PROXY
+#define USED_TAG
switch(tag) {
case CURLOPT_HAPROXYPROTOCOL:
case CURLOPT_HTTPPROXYTUNNEL:
@@ -756,13 +761,71 @@ CURLcode tool_real_error(CURLcode result, CURLoption tag)
case CURLOPT_PROXYTYPE:
case CURLOPT_PROXYUSERNAME:
case CURLOPT_PROXYUSERPWD:
- return CURLE_OK; /* pretend it worked */
+ return TRUE;
default:
break;
}
-#else
+#endif
+#ifdef CURL_DISABLE_FTP
+#define USED_TAG
+ switch(tag) {
+ case CURLOPT_FTPPORT:
+ case CURLOPT_FTP_ACCOUNT:
+ case CURLOPT_FTP_ALTERNATIVE_TO_USER:
+ case CURLOPT_FTP_FILEMETHOD:
+ case CURLOPT_FTP_SKIP_PASV_IP:
+ case CURLOPT_FTP_USE_EPRT:
+ case CURLOPT_FTP_USE_EPSV:
+ case CURLOPT_FTP_USE_PRET:
+ case CURLOPT_KRBLEVEL:
+ return TRUE;
+ default:
+ break;
+ }
+#endif
+#ifdef CURL_DISABLE_RTSP
+#define USED_TAG
+ switch(tag) {
+ case CURLOPT_INTERLEAVEDATA:
+ return TRUE;
+ default:
+ break;
+ }
+#endif
+#if defined(CURL_DISABLE_HTTP) || defined(CURL_DISABLE_COOKIES)
+#define USED_TAG
+ switch(tag) {
+ case CURLOPT_COOKIE:
+ case CURLOPT_COOKIEFILE:
+ case CURLOPT_COOKIEJAR:
+ case CURLOPT_COOKIESESSION:
+ return TRUE;
+ default:
+ break;
+ }
+#endif
+#if defined(CURL_DISABLE_TELNET)
+#define USED_TAG
+ switch(tag) {
+ case CURLOPT_TELNETOPTIONS:
+ return TRUE;
+ default:
+ break;
+ }
+#endif
+#ifdef CURL_DISABLE_TFTP
+#define USED_TAG
+ switch(tag) {
+ case CURLOPT_TFTP_BLKSIZE:
+ case CURLOPT_TFTP_NO_OPTIONS:
+ return TRUE;
+ default:
+ break;
+ }
+#endif
+
+#ifndef USED_TAG
(void)tag;
#endif
- return result;
+ return FALSE;
}
-
diff --git a/src/tool_setopt.h b/src/tool_setopt.h
index 2266d1c9c..690b2c6f3 100644
--- a/src/tool_setopt.h
+++ b/src/tool_setopt.h
@@ -30,13 +30,15 @@
*/
#define SETOPT_CHECK(v,opt) do { \
- result = tool_real_error((v), opt); \
- if(result) \
- goto show_error; \
+ if(!tool_setopt_skip(opt)) { \
+ result = (v); \
+ if(result) \
+ goto show_error; \
+ } \
} WHILE_FALSE
/* allow removed features to simulate success: */
-CURLcode tool_real_error(CURLcode result, CURLoption tag);
+bool tool_setopt_skip(CURLoption tag);
#ifndef CURL_DISABLE_LIBCURL_OPTION
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 027cc6ea9..cb08088b9 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -36,7 +36,7 @@ EXTRA_DIST = ftpserver.pl httpserver.pl secureserver.pl runtests.pl \
CMakeLists.txt mem-include-scan.pl valgrind.supp extern-scan.pl \
manpage-scan.pl nroff-scan.pl http2-server.pl dictserver.py.in \
negtelnetserver.py.in $(SMBDEPS) objnames-test08.sh objnames-test10.sh \
- objnames.inc
+ objnames.inc disable-scan.pl manpage-syntax.pl
check_SCRIPTS = smbserver.py curl_test_data.py negtelnetserver.py dictserver.py
diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc
index 72db6b148..27d80514f 100644
--- a/tests/data/Makefile.inc
+++ b/tests/data/Makefile.inc
@@ -128,9 +128,8 @@ test1128 test1129 test1130 test1131 test1132 test1133 test1134 test1135 \
test1136 test1137 test1138 test1141 test1142 test1143 \
test1144 test1145 test1146 test1147 test1148 test1149 test1150 test1151 \
test1152 test1153 test1154 test1155 test1156 test1157 test1158 test1159 \
-\
-test1160 test1161 test1162 test1163 test1164 \
-test1170 test1171 test1172 \
+test1160 test1161 test1162 test1163 test1164 test1165 \
+test1170 test1171 test1172 test1173 \
\
test1200 test1201 test1202 test1203 test1204 test1205 test1206 test1207 \
test1208 test1209 test1210 test1211 test1212 test1213 test1214 test1215 \
@@ -170,15 +169,15 @@ test1444 test1445 test1446 test1447 test1448 test1449 test1450 test1451 \
test1452 test1453 test1454 test1455 test1456 test1457 test1458\
test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 \
test1508 test1509 test1510 test1511 test1512 test1513 test1514 test1515 \
-test1516 test1517 test1518 test1519 test1520 test1521 test1522 \
+test1516 test1517 test1518 test1519 test1520 test1521 test1522 test1523 \
\
test1525 test1526 test1527 test1528 test1529 test1530 test1531 test1532 \
test1533 test1534 test1535 test1536 test1537 test1538 \
test1540 test1541 \
test1550 test1551 test1552 test1553 test1554 test1555 test1556 test1557 \
-test1558 test1559 test1560 test1561 test1562 \
+test1558 test1559 test1560 test1561 test1562 test1563 \
\
-test1590 test1591 test1592 \
+test1590 test1591 test1592 test1593 \
\
test1600 test1601 test1602 test1603 test1604 test1605 test1606 test1607 \
test1608 test1609 test1620 test1621 \
diff --git a/tests/data/test1001 b/tests/data/test1001
index 91b13203e..53d7da381 100644
--- a/tests/data/test1001
+++ b/tests/data/test1001
@@ -66,6 +66,7 @@ http
<features>
!SSPI
crypto
+proxy
</features>
<name>
HTTP POST --digest with PUT and resumed upload and modified method
diff --git a/tests/data/test1165 b/tests/data/test1165
new file mode 100644
index 000000000..24c1c3eb1
--- /dev/null
+++ b/tests/data/test1165
@@ -0,0 +1,25 @@
+<testcase>
+<info>
+<keywords>
+source analysis
+CURL_DISABLE
+</keywords>
+</info>
+
+#
+# Client-side
+<client>
+<server>
+none
+</server>
+
+ <name>
+Verify configure.ac and source code CURL_DISABLE_-sync
+ </name>
+
+<command type="perl">
+%SRCDIR/disable-scan.pl %SRCDIR/..
+</command>
+</client>
+
+</testcase>
diff --git a/tests/data/test1173 b/tests/data/test1173
new file mode 100644
index 000000000..dd09f81d8
--- /dev/null
+++ b/tests/data/test1173
@@ -0,0 +1,26 @@
+<testcase>
+<info>
+<keywords>
+source analysis
+documentation
+--manual
+</keywords>
+</info>
+
+#
+# Client-side
+<client>
+<server>
+none
+</server>
+
+ <name>
+Basic man page syntax check
+ </name>
+
+<command type="perl">
+%SRCDIR/manpage-syntax.pl %SRCDIR/../docs/*.1 %SRCDIR/../docs/libcurl/*.3 %SRCDIR/../docs/libcurl/opts/*.3
+</command>
+</client>
+
+</testcase>
diff --git a/tests/data/test1519 b/tests/data/test1519
index ab23dadca..292a49c65 100644
--- a/tests/data/test1519
+++ b/tests/data/test1519
@@ -53,7 +53,7 @@ res: 0
status: 302
redirects: 0
effectiveurl: http://%HOSTIP:%HTTPPORT/1519
-redirecturl: http://127.0.0.1:8990/h%20ttp://1.2.4.5/test
+redirecturl: http://%HOSTIP:%HTTPPORT/h%20ttp://1.2.4.5/test
</stdout>
<errorcode>
0
diff --git a/tests/data/test1523 b/tests/data/test1523
new file mode 100644
index 000000000..015f50518
--- /dev/null
+++ b/tests/data/test1523
@@ -0,0 +1,49 @@
+<testcase>
+<info>
+<keywords>
+CURLINFO_LOW_SPEED_LIMIT
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data nocheck="yes">
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Content-Length: 3
+Connection: close
+Funny-head: yesyes
+
+AA
+</data>
+<servercmd>
+writedelay: 1
+</servercmd>
+</reply>
+#
+# Client-side
+<client>
+<server>
+http
+</server>
+<tool>
+lib1523
+</tool>
+
+<name>
+CURLINFO_LOW_SPEED_LIMIT
+</name>
+
+<command>
+http://%HOSTIP:%HTTPPORT/1523
+</command>
+<killserver>
+http
+</killserver>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+</verify>
+</testcase>
diff --git a/tests/data/test153 b/tests/data/test153
index fc1d812de..f679de4ea 100644
--- a/tests/data/test153
+++ b/tests/data/test153
@@ -40,7 +40,7 @@ HTTP/1.1 401 Authorization re-negotiation please swsbounce
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, nonce="999999", stale=true, qop="auth"
Content-Type: text/html; charset=iso-8859-1
-Content-Length: 25
+Content-Length: 26
This is not the real page
</data1002>
@@ -121,7 +121,7 @@ HTTP/1.1 401 Authorization re-negotiation please swsbounce
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, nonce="999999", stale=true, qop="auth"
Content-Type: text/html; charset=iso-8859-1
-Content-Length: 25
+Content-Length: 26
HTTP/1.1 200 OK
Server: Apache/1.3.27 (Darwin) PHP/4.1.2
diff --git a/tests/data/test1563 b/tests/data/test1563
new file mode 100644
index 000000000..a3597b9b5
--- /dev/null
+++ b/tests/data/test1563
@@ -0,0 +1,51 @@
+<testcase>
+<info>
+<keywords>
+GOPHER
+HTTP GET
+followlocation
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data1>
+HTTP/1.1 302 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 7
+Location: gopher://www.example.co.uk
+
+nomnom
+</data1>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<name>
+Make sure redirects to CURLPROTO_GOPHER are forbidden by default
+</name>
+<command>
+http://%HOSTIP:%HTTPPORT/15630001 -L -H "Host: www.example.com"
+</command>
+</client>
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<errorcode>
+1
+</errorcode>
+<protocol>
+GET /15630001 HTTP/1.1
+Host: www.example.com
+Accept: */*
+
+</protocol>
+
+</verify>
+
+</testcase>
diff --git a/tests/data/test1593 b/tests/data/test1593
new file mode 100644
index 000000000..405aa84e5
--- /dev/null
+++ b/tests/data/test1593
@@ -0,0 +1,49 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP replaced headers
+CURLOPT_TIMECONDITION
+If-Modified-Since
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<data nocheck="yes">
+HTTP/1.1 304 Not Modified
+Date: Thu, 11 Jul 2019 02:26:59 GMT
+Server: test-server/swsclose
+
+</data>
+</reply>
+# Client-side
+<client>
+<server>
+http
+</server>
+<name>
+HTTP custom header overrides CURLOPT_TIMECONDITION
+</name>
+<tool>
+lib1593
+</tool>
+<command>
+http://%HOSTIP:%HTTPPORT/1593
+</command>
+</client>
+
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+# Note here the lack of If-Modified-Since
+<protocol>
+GET /1593 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test188 b/tests/data/test188
index a23a2a11e..d8ca1cd47 100644
--- a/tests/data/test188
+++ b/tests/data/test188
@@ -14,7 +14,7 @@ followlocation
<data>
HTTP/1.1 301 OK swsbounce
Location: /188
-Content-Length: 2
+Content-Length: 3
OK
</data>
@@ -30,7 +30,7 @@ Actual content
<datacheck>
HTTP/1.1 301 OK swsbounce
Location: /188
-Content-Length: 2
+Content-Length: 3
HTTP/1.1 200 OK
Connection: close
diff --git a/tests/data/test189 b/tests/data/test189
index f82b4ad90..65780f804 100644
--- a/tests/data/test189
+++ b/tests/data/test189
@@ -11,7 +11,7 @@ HTTP GET
<data>
HTTP/1.1 301 OK swsbounce
Location: /189
-Content-Length: 2
+Content-Length: 3
OK
</data>
@@ -26,7 +26,7 @@ Actual content
<datacheck>
HTTP/1.1 301 OK swsbounce
Location: /189
-Content-Length: 2
+Content-Length: 3
HTTP/1.1 200 OK
Connection: close
diff --git a/tests/data/test2032 b/tests/data/test2032
index a63e11ef1..ec5771f81 100644
--- a/tests/data/test2032
+++ b/tests/data/test2032
@@ -99,22 +99,22 @@ chkhostname curlhost
</strip>
<protocol>
GET /20320100 HTTP/1.1
-Host: 127.0.0.1:%HTTPPORT
+Host: %HOSTIP:%HTTPPORT
Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
Accept: */*
GET /20320100 HTTP/1.1
-Host: 127.0.0.1:%HTTPPORT
+Host: %HOSTIP:%HTTPPORT
Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
Accept: */*
GET /20320200 HTTP/1.1
-Host: 127.0.0.1:%HTTPPORT
+Host: %HOSTIP:%HTTPPORT
Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
Accept: */*
GET /20320200 HTTP/1.1
-Host: 127.0.0.1:%HTTPPORT
+Host: %HOSTIP:%HTTPPORT
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q=
Accept: */*
diff --git a/tests/data/test651 b/tests/data/test651
index b00ca5d0e..ae6409479 100644
--- a/tests/data/test651
+++ b/tests/data/test651
@@ -57,7 +57,7 @@ s/boundary=------------------------[a-z0-9]*/boundary=--------------------------
# (5*12) == 60 bytes less
<protocol>
POST /651 HTTP/1.1
-Host: 127.0.0.1:8990
+Host: %HOSTIP:%HTTPPORT
Accept: */*
Content-Length: 17139
Content-Type: multipart/form-data; boundary=----------------------------
diff --git a/tests/data/test653 b/tests/data/test653
index d620b5761..d7be05923 100644
--- a/tests/data/test653
+++ b/tests/data/test653
@@ -67,7 +67,7 @@ s/boundary=------------------------[a-z0-9]*/boundary=--------------------------
# (5*12) == 60 bytes less
<protocol>
POST /653 HTTP/1.1
-Host: 127.0.0.1:8990
+Host: %HOSTIP:%HTTPPORT
Accept: */*
Content-Length: 150
Content-Type: multipart/form-data; boundary=----------------------------
@@ -78,7 +78,7 @@ Content-Disposition: form-data; name="name"
short value
--------------------------------
POST /653 HTTP/1.1
-Host: 127.0.0.1:8990
+Host: %HOSTIP:%HTTPPORT
Accept: */*
Content-Length: 167
Content-Type: multipart/form-data; boundary=----------------------------
diff --git a/tests/dictserver.py.in b/tests/dictserver.py.in
index 5a8dc3ed4..9f2cc984b 100755
--- a/tests/dictserver.py.in
+++ b/tests/dictserver.py.in
@@ -33,7 +33,7 @@ def dictserver(options):
with open(options.pidfile, "w") as f:
f.write("{0}".format(pid))
- local_bind = (HOST, options.port)
+ local_bind = (options.host, options.port)
log.info("[DICT] Listening on %s", local_bind)
# Need to set the allow_reuse on the class, not on the instance.
@@ -83,6 +83,8 @@ def get_options():
parser.add_argument("--port", action="store", default=9016,
type=int, help="port to listen on")
+ parser.add_argument("--host", action="store", default=HOST,
+ help="host to listen on")
parser.add_argument("--verbose", action="store", type=int, default=0,
help="verbose output")
parser.add_argument("--pidfile", action="store",
diff --git a/tests/disable-scan.pl b/tests/disable-scan.pl
new file mode 100755
index 000000000..e57fdc697
--- /dev/null
+++ b/tests/disable-scan.pl
@@ -0,0 +1,97 @@
+#!/usr/bin/env perl
+#***************************************************************************
+# _ _ ____ _
+# Project ___| | | | _ \| |
+# / __| | | | |_) | |
+# | (__| |_| | _ <| |___
+# \___|\___/|_| \_\_____|
+#
+# Copyright (C) 2010-2019, Daniel Stenberg, <daniel@haxx.se>, et al.
+#
+# This software is licensed as described in the file COPYING, which
+# you should have received as part of this distribution. The terms
+# are also available at https://curl.haxx.se/docs/copyright.html.
+#
+# You may opt to use, copy, modify, merge, publish, distribute and/or sell
+# copies of the Software, and permit persons to whom the Software is
+# furnished to do so, under the terms of the COPYING file.
+#
+# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+# KIND, either express or implied.
+#
+###########################################################################
+#
+
+use strict;
+use warnings;
+
+# the DISABLE options that can be set by configure
+my %disable;
+# the DISABLE options that are used in C files
+my %file;
+
+# we may get the dir root pointed out
+my $root=$ARGV[0] || ".";
+
+sub scan_configure {
+ open S, "<$root/configure.ac";
+ while(<S>) {
+ if(/(CURL_DISABLE_[A-Z_]+)/g) {
+ my ($sym)=($1);
+ $disable{$sym} = 1;
+ }
+ }
+ close S;
+}
+
+sub scan_file {
+ my ($source)=@_;
+ open F, "<$source";
+ while(<F>) {
+ if(/(CURL_DISABLE_[A-Z_]+)/g) {
+ my ($sym)=($1);
+ $file{$sym} = $source;
+ }
+ }
+ close F;
+}
+
+sub scan_dir {
+ my ($dir)=@_;
+ opendir(my $dh, $dir) || die "Can't opendir $dir: $!";
+ my @cfiles = grep { /\.c\z/ && -f "$dir/$_" } readdir($dh);
+ closedir $dh;
+ for my $f (sort @cfiles) {
+ scan_file("$dir/$f");
+ }
+}
+
+sub scan_sources {
+ scan_dir("$root/src");
+ scan_dir("$root/lib");
+ scan_dir("$root/lib/vtls");
+ scan_dir("$root/lib/vauth");
+}
+
+scan_configure();
+scan_sources();
+
+
+my $error = 0;
+# Check the configure symbols for use in code
+for my $s (sort keys %disable) {
+ if(!$file{$s}) {
+ printf "Present in configure.ac, not used by code: %s\n", $s;
+ $error++;
+ }
+}
+
+# Check the code symbols for use in configure
+for my $s (sort keys %file) {
+ if(!$disable{$s}) {
+ printf "Not set by configure: %s (%s)\n", $s, $file{$s};
+ $error++;
+ }
+}
+
+exit $error;
diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc
index 31467e135..f5effd97d 100644
--- a/tests/libtest/Makefile.inc
+++ b/tests/libtest/Makefile.inc
@@ -26,13 +26,13 @@ noinst_PROGRAMS = chkhostname libauthretry libntlmconnect \
lib1156 \
lib1500 lib1501 lib1502 lib1503 lib1504 lib1505 lib1506 lib1507 lib1508 \
lib1509 lib1510 lib1511 lib1512 lib1513 lib1514 lib1515 lib1517 \
- lib1518 lib1520 lib1521 lib1522 \
+ lib1518 lib1520 lib1521 lib1522 lib1523 \
lib1525 lib1526 lib1527 lib1528 lib1529 lib1530 lib1531 lib1532 lib1533 \
lib1534 lib1535 lib1536 lib1537 lib1538 \
lib1540 lib1541 \
lib1550 lib1551 lib1552 lib1553 lib1554 lib1555 lib1556 lib1557 \
lib1558 lib1559 lib1560 \
- lib1591 lib1592 \
+ lib1591 lib1592 lib1593 \
lib1900 lib1905 lib1906 \
lib2033
@@ -428,6 +428,9 @@ lib1521_CPPFLAGS = $(AM_CPPFLAGS) -I$(srcdir)
lib1522_SOURCES = lib1522.c $(SUPPORTFILES)
lib1522_CPPFLAGS = $(AM_CPPFLAGS)
+lib1523_SOURCES = lib1523.c $(SUPPORTFILES)
+lib1523_CPPFLAGS = $(AM_CPPFLAGS)
+
lib1525_SOURCES = lib1525.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
lib1525_LDADD = $(TESTUTIL_LIBS)
lib1525_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1525
@@ -538,6 +541,9 @@ lib1592_SOURCES = lib1592.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
lib1592_LDADD = $(TESTUTIL_LIBS)
lib1592_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1592
+lib1593_SOURCES = lib1593.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
+lib1593_LDADD = $(TESTUTIL_LIBS)
+
lib1900_SOURCES = lib1900.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
lib1900_LDADD = $(TESTUTIL_LIBS)
lib1900_CPPFLAGS = $(AM_CPPFLAGS)
diff --git a/tests/libtest/lib1523.c b/tests/libtest/lib1523.c
new file mode 100644
index 000000000..170527d84
--- /dev/null
+++ b/tests/libtest/lib1523.c
@@ -0,0 +1,82 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include "test.h"
+
+/* test case and code based on https://github.com/curl/curl/issues/3927 */
+
+#include "testutil.h"
+#include "warnless.h"
+#include "memdebug.h"
+
+static int dload_progress_cb(void *a, curl_off_t b, curl_off_t c,
+ curl_off_t d, curl_off_t e)
+{
+ (void)a;
+ (void)b;
+ (void)c;
+ (void)d;
+ (void)e;
+ return 0;
+}
+
+static size_t write_cb(char *d, size_t n, size_t l, void *p)
+{
+ /* take care of the data here, ignored in this example */
+ (void)d;
+ (void)p;
+ return n*l;
+}
+
+static CURLcode run(CURL *hnd, long limit, long time)
+{
+ curl_easy_setopt(hnd, CURLOPT_LOW_SPEED_LIMIT, limit);
+ curl_easy_setopt(hnd, CURLOPT_LOW_SPEED_TIME, time);
+ return curl_easy_perform(hnd);
+}
+
+int test(char *URL)
+{
+ CURLcode ret;
+ CURL *hnd = curl_easy_init();
+ char buffer[CURL_ERROR_SIZE];
+ curl_easy_setopt(hnd, CURLOPT_URL, URL);
+ curl_easy_setopt(hnd, CURLOPT_WRITEFUNCTION, write_cb);
+ curl_easy_setopt(hnd, CURLOPT_ERRORBUFFER, buffer);
+ curl_easy_setopt(hnd, CURLOPT_NOPROGRESS, 0L);
+ curl_easy_setopt(hnd, CURLOPT_XFERINFOFUNCTION, dload_progress_cb);
+
+ printf("Start: %d\n", time(NULL));
+ ret = run(hnd, 1, 2);
+ if(ret)
+ fprintf(stderr, "error %d: %s\n", ret, buffer);
+
+ ret = run(hnd, 12000, 1);
+ if(ret != CURLE_OPERATION_TIMEDOUT)
+ fprintf(stderr, "error %d: %s\n", ret, buffer);
+ else
+ ret = 0;
+
+ printf("End: %d\n", time(NULL));
+ curl_easy_cleanup(hnd);
+
+ return (int)ret;
+}
diff --git a/tests/libtest/lib1541.c b/tests/libtest/lib1541.c
index 983a47e01..f3b41f5be 100644
--- a/tests/libtest/lib1541.c
+++ b/tests/libtest/lib1541.c
@@ -104,7 +104,6 @@ int test(char *URL)
{
pthread_t tid[NUM_THREADS];
int i;
- int error;
CURLSH *share;
struct initurl url[NUM_THREADS];
@@ -119,6 +118,7 @@ int test(char *URL)
init_locks();
for(i = 0; i< NUM_THREADS; i++) {
+ int error;
url[i].url = URL;
url[i].share = share;
url[i].threadno = i;
@@ -131,7 +131,7 @@ int test(char *URL)
/* now wait for all threads to terminate */
for(i = 0; i< NUM_THREADS; i++) {
- error = pthread_join(tid[i], NULL);
+ pthread_join(tid[i], NULL);
fprintf(stderr, "Thread %d terminated\n", i);
}
diff --git a/tests/libtest/lib1560.c b/tests/libtest/lib1560.c
index 1b72599ec..1185096d8 100644
--- a/tests/libtest/lib1560.c
+++ b/tests/libtest/lib1560.c
@@ -645,13 +645,11 @@ static struct redircase set_url_list[] = {
static int set_url(void)
{
int i;
- CURLUcode rc;
- CURLU *urlp;
int error = 0;
for(i = 0; set_url_list[i].in && !error; i++) {
- char *url = NULL;
- urlp = curl_url();
+ CURLUcode rc;
+ CURLU *urlp = curl_url();
if(!urlp)
break;
rc = curl_url_set(urlp, CURLUPART_URL, set_url_list[i].in,
@@ -666,6 +664,7 @@ static int set_url(void)
error++;
}
else {
+ char *url = NULL;
rc = curl_url_get(urlp, CURLUPART_URL, &url, 0);
if(rc) {
fprintf(stderr, "%s:%d Get URL returned %d\n",
@@ -677,8 +676,8 @@ static int set_url(void)
error++;
}
}
+ curl_free(url);
}
- curl_free(url);
}
else if(rc != set_url_list[i].ucode) {
fprintf(stderr, "Set URL\nin: %s\nreturned %d (expected %d)\n",
@@ -693,11 +692,10 @@ static int set_url(void)
static int set_parts(void)
{
int i;
- CURLUcode rc;
int error = 0;
for(i = 0; set_parts_list[i].set && !error; i++) {
- char *url = NULL;
+ CURLUcode rc;
CURLU *urlp = curl_url();
if(!urlp) {
error++;
@@ -709,6 +707,7 @@ static int set_parts(void)
else
rc = CURLUE_OK;
if(!rc) {
+ char *url = NULL;
CURLUcode uc = updateurl(urlp, set_parts_list[i].set,
set_parts_list[i].setflags);
@@ -728,13 +727,13 @@ static int set_parts(void)
else if(checkurl(url, set_parts_list[i].out)) {
error++;
}
+ curl_free(url);
}
else if(rc != set_parts_list[i].ucode) {
fprintf(stderr, "Set parts\nin: %s\nreturned %d (expected %d)\n",
set_parts_list[i].in, (int)rc, set_parts_list[i].ucode);
error++;
}
- curl_free(url);
curl_url_cleanup(urlp);
}
return error;
@@ -743,10 +742,9 @@ static int set_parts(void)
static int get_url(void)
{
int i;
- CURLUcode rc;
int error = 0;
for(i = 0; get_url_list[i].in && !error; i++) {
- char *url = NULL;
+ CURLUcode rc;
CURLU *urlp = curl_url();
if(!urlp) {
error++;
@@ -755,6 +753,7 @@ static int get_url(void)
rc = curl_url_set(urlp, CURLUPART_URL, get_url_list[i].in,
get_url_list[i].urlflags);
if(!rc) {
+ char *url = NULL;
rc = curl_url_get(urlp, CURLUPART_URL, &url, get_url_list[i].getflags);
if(rc) {
@@ -767,13 +766,13 @@ static int get_url(void)
error++;
}
}
+ curl_free(url);
}
else if(rc != get_url_list[i].ucode) {
fprintf(stderr, "Get URL\nin: %s\nreturned %d (expected %d)\n",
get_url_list[i].in, (int)rc, get_url_list[i].ucode);
error++;
}
- curl_free(url);
curl_url_cleanup(urlp);
}
return error;
@@ -782,11 +781,10 @@ static int get_url(void)
static int get_parts(void)
{
int i;
- CURLUcode rc;
- CURLU *urlp;
int error = 0;
for(i = 0; get_parts_list[i].in && !error; i++) {
- urlp = curl_url();
+ CURLUcode rc;
+ CURLU *urlp = curl_url();
if(!urlp) {
error++;
break;
@@ -831,11 +829,10 @@ static struct querycase append_list[] = {
static int append(void)
{
int i;
- CURLUcode rc;
- CURLU *urlp;
int error = 0;
for(i = 0; append_list[i].in && !error; i++) {
- urlp = curl_url();
+ CURLUcode rc;
+ CURLU *urlp = curl_url();
if(!urlp) {
error++;
break;
@@ -881,12 +878,11 @@ static int append(void)
static int scopeid(void)
{
- CURLU *u;
+ CURLU *u = curl_url();
int error = 0;
CURLUcode rc;
char *url;
- u = curl_url();
rc = curl_url_set(u, CURLUPART_URL,
"https://[fe80::20c:29ff:fe9c:409b%25eth0]/hello.html", 0);
if(rc != CURLUE_OK) {
diff --git a/tests/libtest/lib1593.c b/tests/libtest/lib1593.c
new file mode 100644
index 000000000..5408c724a
--- /dev/null
+++ b/tests/libtest/lib1593.c
@@ -0,0 +1,79 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+/* Test suppressing the If-Modified-Since header */
+
+#include "test.h"
+
+#include "memdebug.h"
+
+int test(char *URL)
+{
+ struct curl_slist *header = NULL;
+ long unmet;
+ CURL *curl = NULL;
+ int res = 0;
+
+ global_init(CURL_GLOBAL_ALL);
+
+ easy_init(curl);
+
+ easy_setopt(curl, CURLOPT_URL, URL);
+ easy_setopt(curl, CURLOPT_TIMECONDITION, (long)CURL_TIMECOND_IFMODSINCE);
+ /* Some TIMEVALUE; it doesn't matter. */
+ easy_setopt(curl, CURLOPT_TIMEVALUE, 1566210680L);
+
+ header = curl_slist_append(NULL, "If-Modified-Since:");
+ if(!header) {
+ res = TEST_ERR_MAJOR_BAD;
+ goto test_cleanup;
+ }
+
+ easy_setopt(curl, CURLOPT_HTTPHEADER, header);
+
+ res = curl_easy_perform(curl);
+ if(res)
+ goto test_cleanup;
+
+ /* Confirm that the condition checking still worked, even though we
+ * suppressed the actual header.
+ * The server returns 304, which means the condition is "unmet".
+ */
+
+ res = curl_easy_getinfo(curl, CURLINFO_CONDITION_UNMET, &unmet);
+ if(res)
+ goto test_cleanup;
+
+ if(unmet != 1L) {
+ res = TEST_ERR_FAILURE;
+ goto test_cleanup;
+ }
+
+test_cleanup:
+
+ /* always cleanup */
+ curl_easy_cleanup(curl);
+ curl_slist_free_all(header);
+ curl_global_cleanup();
+
+ return res;
+}
diff --git a/tests/libtest/lib1905.c b/tests/libtest/lib1905.c
index 79a50a782..7556d45e7 100644
--- a/tests/libtest/lib1905.c
+++ b/tests/libtest/lib1905.c
@@ -27,12 +27,11 @@
int test(char *URL)
{
- CURLM *cm = NULL;
CURLSH *sh = NULL;
CURL *ch = NULL;
int unfinished;
- cm = curl_multi_init();
+ CURLM *cm = curl_multi_init();
if(!cm)
return 1;
sh = curl_share_init();
diff --git a/tests/libtest/lib541.c b/tests/libtest/lib541.c
index 94a26a4b7..2861bfcc1 100644
--- a/tests/libtest/lib541.c
+++ b/tests/libtest/lib541.c
@@ -97,7 +97,7 @@ int test(char *URL)
test_setopt(curl, CURLOPT_READDATA, hd_src);
/* Now run off and do what you've been told! */
- res = curl_easy_perform(curl);
+ curl_easy_perform(curl);
/* and now upload the exact same again, but without rewinding so it already
is at end of file */
diff --git a/tests/libtest/lib569.c b/tests/libtest/lib569.c
index 9c25db45d..3ddc10c4f 100644
--- a/tests/libtest/lib569.c
+++ b/tests/libtest/lib569.c
@@ -39,9 +39,8 @@ int test(char *URL)
char *rtsp_session_id;
int request = 1;
int i;
- FILE *idfile = NULL;
- idfile = fopen(libtest_arg2, "wb");
+ FILE *idfile = fopen(libtest_arg2, "wb");
if(idfile == NULL) {
fprintf(stderr, "couldn't open the Session ID File\n");
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib571.c b/tests/libtest/lib571.c
index c048747d9..f015f6bb2 100644
--- a/tests/libtest/lib571.c
+++ b/tests/libtest/lib571.c
@@ -104,9 +104,8 @@ int test(char *URL)
CURL *curl;
char *stream_uri = NULL;
int request = 1;
- FILE *protofile = NULL;
- protofile = fopen(libtest_arg2, "wb");
+ FILE *protofile = fopen(libtest_arg2, "wb");
if(protofile == NULL) {
fprintf(stderr, "Couldn't open the protocol dump file\n");
return TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/mk-lib1521.pl b/tests/libtest/mk-lib1521.pl
index d2ebd66a9..9f25ce2fb 100755
--- a/tests/libtest/mk-lib1521.pl
+++ b/tests/libtest/mk-lib1521.pl
@@ -6,7 +6,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 2017 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -205,17 +205,6 @@ while(<STDIN>) {
print " (void)curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, 0);\n";
print "${pref} stringpointerextra);\n$check";
}
- elsif(($name eq "HTTPHEADER") ||
- ($name eq "POSTQUOTE") ||
- ($name eq "PREQUOTE") ||
- ($name eq "HTTP200ALIASES") ||
- ($name eq "TELNETOPTIONS") ||
- ($name eq "MAIL_RCPT") ||
- ($name eq "RESOLVE") ||
- ($name eq "PROXYHEADER") ||
- ($name eq "QUOTE")) {
- print "${pref} slist);\n$check";
- }
elsif($name eq "HTTPPOST") {
print "${pref} httppost);\n$check";
}
@@ -230,6 +219,9 @@ while(<STDIN>) {
}
print "${pref} NULL);\n$check";
}
+ elsif($type eq "SLISTPOINT") {
+ print "${pref} slist);\n$check";
+ }
elsif($type eq "FUNCTIONPOINT") {
if($name =~ /([^ ]*)FUNCTION/) {
my $l=lc($1);
diff --git a/tests/manpage-syntax.pl b/tests/manpage-syntax.pl
new file mode 100644
index 000000000..7a7137a70
--- /dev/null
+++ b/tests/manpage-syntax.pl
@@ -0,0 +1,63 @@
+#!/usr/bin/env perl
+#***************************************************************************
+# _ _ ____ _
+# Project ___| | | | _ \| |
+# / __| | | | |_) | |
+# | (__| |_| | _ <| |___
+# \___|\___/|_| \_\_____|
+#
+# Copyright (C) 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
+#
+# This software is licensed as described in the file COPYING, which
+# you should have received as part of this distribution. The terms
+# are also available at https://curl.haxx.se/docs/copyright.html.
+#
+# You may opt to use, copy, modify, merge, publish, distribute and/or sell
+# copies of the Software, and permit persons to whom the Software is
+# furnished to do so, under the terms of the COPYING file.
+#
+# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+# KIND, either express or implied.
+#
+###########################################################################
+#
+# Scan man page(s) and detect some simple and yet common formatting mistakes.
+#
+# Output all deviances to stderr.
+
+use strict;
+use warnings;
+
+# we may get the dir roots pointed out
+my @manpages=@ARGV;
+my $errors = 0;
+
+sub scanmanpage {
+ my ($file) = @_;
+
+ print "Check $file\n";
+ open(M, "<$file") || die "no such file: $file";
+ my $line = 1;
+ while(<M>) {
+ if($_ =~ /^\'/) {
+ print STDERR "$file:$line line starts with single quote!\n";
+ $errors++;
+ }
+ if($_ =~ /\\f([BI])(.*)/) {
+ my ($format, $rest) = ($1, $2);
+ if($rest !~ /\\fP/) {
+ print STDERR "$file:$line missing \\f${format} terminator!\n";
+ $errors++;
+ }
+ }
+ $line++;
+ }
+ close(M);
+}
+
+
+for my $m (@manpages) {
+ scanmanpage($m);
+}
+
+exit $errors;
diff --git a/tests/runtests.pl b/tests/runtests.pl
index 807a8f75d..0bb9605ac 100755
--- a/tests/runtests.pl
+++ b/tests/runtests.pl
@@ -244,7 +244,7 @@ my $h2cver = "h2c";
my $has_openssl; # built with a lib using an OpenSSL-like API
my $has_gnutls; # built with GnuTLS
my $has_nss; # built with NSS
-my $has_yassl; # built with yassl
+my $has_wolfssl; # built with wolfSSL
my $has_polarssl; # built with polarssl
my $has_winssl; # built with WinSSL (Secure Channel aka Schannel)
my $has_darwinssl; # built with DarwinSSL (Secure Transport)
@@ -291,6 +291,7 @@ my %timevrfyend; # timestamp for each test result verification end
my $testnumcheck; # test number, set in singletest sub.
my %oldenv;
+my %feature; # array of enabled features
#######################################################################
# variables that command line options may set
@@ -2202,7 +2203,8 @@ sub rundictserver {
$flags .= "--verbose 1 " if($debugprotocol);
$flags .= "--pidfile \"$pidfile\" --logfile \"$logfile\" ";
$flags .= "--id $idnum " if($idnum > 1);
- $flags .= "--port $port --srcdir \"$srcdir\"";
+ $flags .= "--port $port --srcdir \"$srcdir\" ";
+ $flags .= "--host $HOSTIP";
my $cmd = "$srcdir/dictserver.py $flags";
my ($dictpid, $pid2) = startnew($cmd, $pidfile, 15, 0);
@@ -2278,7 +2280,8 @@ sub runsmbserver {
$flags .= "--verbose 1 " if($debugprotocol);
$flags .= "--pidfile \"$pidfile\" --logfile \"$logfile\" ";
$flags .= "--id $idnum " if($idnum > 1);
- $flags .= "--port $port --srcdir \"$srcdir\"";
+ $flags .= "--port $port --srcdir \"$srcdir\" ";
+ $flags .= "--host $HOSTIP";
my $cmd = "$srcdir/smbserver.py $flags";
my ($smbpid, $pid2) = startnew($cmd, $pidfile, 15, 0);
@@ -2544,7 +2547,7 @@ sub compare {
if($result) {
# timestamp test result verification end
- $timevrfyend{$testnum} = Time::HiRes::time() if($timestats);
+ $timevrfyend{$testnum} = Time::HiRes::time();
if(!$short) {
logmsg "\n $testnum: $subject FAILED:\n";
@@ -2561,6 +2564,65 @@ sub compare {
return $result;
}
+sub setupfeatures {
+ $feature{"SSL"} = $has_ssl;
+ $feature{"MultiSSL"} = $has_multissl;
+ $feature{"SSLpinning"} = $has_sslpinning;
+ $feature{"OpenSSL"} = $has_openssl;
+ $feature{"GnuTLS"} = $has_gnutls;
+ $feature{"NSS"} = $has_nss;
+ $feature{"WinSSL"} = $has_winssl;
+ $feature{"Schannel"} = $has_winssl; # alias
+ $feature{"sectransp"} = $has_darwinssl;
+ $feature{"DarwinSSL"} = $has_darwinssl; # alias
+ $feature{"ld_preload"} = ($has_ldpreload && !$debug_build);
+ $feature{"unittest"} = $debug_build;
+ $feature{"debug"} = $debug_build;
+ $feature{"TrackMemory"} = $has_memory_tracking;
+ $feature{"large_file"} = $has_largefile;
+ $feature{"idn"} = $has_idn;
+ $feature{"ipv6"} = $has_ipv6;
+ $feature{"libz"} = $has_libz;
+ $feature{"brotli"} = $has_brotli;
+ $feature{"NTLM"} = $has_ntlm;
+ $feature{"NTLM_WB"} = $has_ntlm_wb;
+ $feature{"SSPI"} = $has_sspi;
+ $feature{"GSS-API"} = $has_gssapi;
+ $feature{"Kerberos"} = $has_kerberos;
+ $feature{"SPNEGO"} = $has_spnego;
+ $feature{"getrlimit"} = $has_getrlimit;
+ $feature{"crypto"} = $has_crypto;
+ $feature{"TLS-SRP"} = $has_tls_srp;
+ $feature{"Metalink"} = $has_metalink;
+ $feature{"http/2"} = $has_http2;
+ $feature{"threaded-resolver"} = $has_threadedres;
+ $feature{"PSL"} = $has_psl;
+ $feature{"alt-svc"} = $has_altsvc;
+ $feature{"manual"} = $has_manual;
+ $feature{"unix-sockets"} = $has_unix;
+
+ # make each protocol an enabled "feature"
+ for my $p (@protocols) {
+ $feature{$p} = 1;
+ }
+ # 'socks' was once here but is now removed
+
+ #
+ # strings that must match the names used in server/disabled.c
+ #
+ $feature{"cookies"} = 1;
+ $feature{"DoH"} = 1;
+ $feature{"HTTP-auth"} = 1;
+ $feature{"Mime"} = 1;
+ $feature{"netrc"} = 1;
+ $feature{"parsedate"} = 1;
+ $feature{"proxy"} = 1;
+ $feature{"shuffle-dns"} = 1;
+ $feature{"typecheck"} = 1;
+ $feature{"verbose-strings"} = 1;
+
+}
+
#######################################################################
# display information about curl and the host the test suite runs on
#
@@ -2574,6 +2636,8 @@ sub checksystem {
my $versretval;
my $versnoexec;
my @version=();
+ my @disabled;
+ my $dis = "";
my $curlverout="$LOGDIR/curlverout.log";
my $curlvererr="$LOGDIR/curlvererr.log";
@@ -2589,6 +2653,15 @@ sub checksystem {
@version = <VERSOUT>;
close(VERSOUT);
+ open(DISABLED, "server/disabled|");
+ @disabled = <DISABLED>;
+ close(DISABLED);
+
+ if($disabled[0]) {
+ map s/[\r\n]//g, @disabled;
+ $dis = join(", ", @disabled);
+ }
+
$resolver="stock";
for(@version) {
chomp;
@@ -2622,8 +2695,8 @@ sub checksystem {
$has_nss=1;
$has_sslpinning=1;
}
- elsif ($libcurl =~ /(yassl|wolfssl)/i) {
- $has_yassl=1;
+ elsif ($libcurl =~ /wolfssl/i) {
+ $has_wolfssl=1;
$has_sslpinning=1;
}
elsif ($libcurl =~ /polarssl/i) {
@@ -2877,11 +2950,12 @@ sub checksystem {
my $hosttype=join(' ', runclientoutput("uname -a"));
logmsg ("********* System characteristics ******** \n",
- "* $curl\n",
- "* $libcurl\n",
- "* Features: $feat\n",
- "* Host: $hostname",
- "* System: $hosttype");
+ "* $curl\n",
+ "* $libcurl\n",
+ "* Features: $feat\n",
+ "* Disabled: $dis\n",
+ "* Host: $hostname",
+ "* System: $hosttype");
if($has_memory_tracking && $has_threadedres) {
$has_memory_tracking = 0;
@@ -2953,6 +3027,12 @@ sub checksystem {
$has_textaware = ($^O eq 'MSWin32') || ($^O eq 'msys');
logmsg "***************************************** \n";
+
+ setupfeatures();
+ # toggle off the features that were disabled in the build
+ for my $d(@disabled) {
+ $feature{$d} = 0;
+ }
}
#######################################################################
@@ -3121,16 +3201,18 @@ sub singletest {
my @what;
my $why;
- my %feature;
my $cmd;
my $disablevalgrind;
+ # fist, remove all lingering log files
+ cleardir($LOGDIR);
+
# copy test number to a global scope var, this allows
# testnum checking when starting test harness servers.
$testnumcheck = $testnum;
# timestamp test preparation start
- $timeprepini{$testnum} = Time::HiRes::time() if($timestats);
+ $timeprepini{$testnum} = Time::HiRes::time();
if($disttests !~ /test$testnum\W/ ) {
logmsg "Warning: test$testnum not present in tests/data/Makefile.inc\n";
@@ -3157,177 +3239,7 @@ sub singletest {
$f =~ s/\s//g;
if($f =~ /^([^!].*)$/) {
- # Store the feature for later
- $feature{$1} = $1;
-
- if($1 eq "SSL") {
- if($has_ssl) {
- next;
- }
- }
- elsif($1 eq "MultiSSL") {
- if($has_multissl) {
- next;
- }
- }
- elsif($1 eq "SSLpinning") {
- if($has_sslpinning) {
- next;
- }
- }
- elsif($1 eq "OpenSSL") {
- if($has_openssl) {
- next;
- }
- }
- elsif($1 eq "GnuTLS") {
- if($has_gnutls) {
- next;
- }
- }
- elsif($1 eq "NSS") {
- if($has_nss) {
- next;
- }
- }
- elsif(($1 eq "WinSSL") || ($1 eq "Schannel")) {
- if($has_winssl) {
- next;
- }
- }
- elsif($1 eq "DarwinSSL") {
- if($has_darwinssl) {
- next;
- }
- }
- elsif($1 eq "ld_preload") {
- if($has_ldpreload && !$debug_build) {
- next;
- }
- }
- elsif($1 eq "unittest") {
- if($debug_build) {
- next;
- }
- }
- elsif($1 eq "debug") {
- if($debug_build) {
- next;
- }
- }
- elsif($1 eq "TrackMemory") {
- if($has_memory_tracking) {
- next;
- }
- }
- elsif($1 eq "large_file") {
- if($has_largefile) {
- next;
- }
- }
- elsif($1 eq "idn") {
- if($has_idn) {
- next;
- }
- }
- elsif($1 eq "ipv6") {
- if($has_ipv6) {
- next;
- }
- }
- elsif($1 eq "libz") {
- if($has_libz) {
- next;
- }
- }
- elsif($1 eq "brotli") {
- if($has_brotli) {
- next;
- }
- }
- elsif($1 eq "NTLM") {
- if($has_ntlm) {
- next;
- }
- }
- elsif($1 eq "NTLM_WB") {
- if($has_ntlm_wb) {
- next;
- }
- }
- elsif($1 eq "SSPI") {
- if($has_sspi) {
- next;
- }
- }
- elsif($1 eq "GSS-API") {
- if($has_gssapi) {
- next;
- }
- }
- elsif($1 eq "Kerberos") {
- if($has_kerberos) {
- next;
- }
- }
- elsif($1 eq "SPNEGO") {
- if($has_spnego) {
- next;
- }
- }
- elsif($1 eq "getrlimit") {
- if($has_getrlimit) {
- next;
- }
- }
- elsif($1 eq "crypto") {
- if($has_crypto) {
- next;
- }
- }
- elsif($1 eq "TLS-SRP") {
- if($has_tls_srp) {
- next;
- }
- }
- elsif($1 eq "Metalink") {
- if($has_metalink) {
- next;
- }
- }
- elsif($1 eq "http/2") {
- if($has_http2) {
- next;
- }
- }
- elsif($1 eq "threaded-resolver") {
- if($has_threadedres) {
- next;
- }
- }
- elsif($1 eq "PSL") {
- if($has_psl) {
- next;
- }
- }
- elsif($1 eq "alt-svc") {
- if($has_altsvc) {
- next;
- }
- }
- elsif($1 eq "manual") {
- if($has_manual) {
- next;
- }
- }
- elsif($1 eq "socks") {
- next;
- }
- elsif($1 eq "unix-sockets") {
- next if $has_unix;
- }
- # See if this "feature" is in the list of supported protocols
- elsif (grep /^\Q$1\E$/i, @protocols) {
+ if($feature{$1}) {
next;
}
@@ -3343,135 +3255,7 @@ sub singletest {
$f =~ s/\s//g;
if($f =~ /^!(.*)$/) {
- if($1 eq "SSL") {
- if(!$has_ssl) {
- next;
- }
- }
- elsif($1 eq "MultiSSL") {
- if(!$has_multissl) {
- next;
- }
- }
- elsif($1 eq "OpenSSL") {
- if(!$has_openssl) {
- next;
- }
- }
- elsif($1 eq "GnuTLS") {
- if(!$has_gnutls) {
- next;
- }
- }
- elsif($1 eq "NSS") {
- if(!$has_nss) {
- next;
- }
- }
- elsif(($1 eq "WinSSL") || ($1 eq "Schannel")) {
- if(!$has_winssl) {
- next;
- }
- }
- elsif($1 eq "DarwinSSL") {
- if(!$has_darwinssl) {
- next;
- }
- }
- elsif($1 eq "TrackMemory") {
- if(!$has_memory_tracking) {
- next;
- }
- }
- elsif($1 eq "large_file") {
- if(!$has_largefile) {
- next;
- }
- }
- elsif($1 eq "idn") {
- if(!$has_idn) {
- next;
- }
- }
- elsif($1 eq "ipv6") {
- if(!$has_ipv6) {
- next;
- }
- }
- elsif($1 eq "unix-sockets") {
- next if !$has_unix;
- }
- elsif($1 eq "libz") {
- if(!$has_libz) {
- next;
- }
- }
- elsif($1 eq "brotli") {
- if(!$has_brotli) {
- next;
- }
- }
- elsif($1 eq "NTLM") {
- if(!$has_ntlm) {
- next;
- }
- }
- elsif($1 eq "NTLM_WB") {
- if(!$has_ntlm_wb) {
- next;
- }
- }
- elsif($1 eq "SSPI") {
- if(!$has_sspi) {
- next;
- }
- }
- elsif($1 eq "GSS-API") {
- if(!$has_gssapi) {
- next;
- }
- }
- elsif($1 eq "Kerberos") {
- if(!$has_kerberos) {
- next;
- }
- }
- elsif($1 eq "SPNEGO") {
- if(!$has_spnego) {
- next;
- }
- }
- elsif($1 eq "getrlimit") {
- if(!$has_getrlimit) {
- next;
- }
- }
- elsif($1 eq "crypto") {
- if(!$has_crypto) {
- next;
- }
- }
- elsif($1 eq "TLS-SRP") {
- if(!$has_tls_srp) {
- next;
- }
- }
- elsif($1 eq "Metalink") {
- if(!$has_metalink) {
- next;
- }
- }
- elsif($1 eq "PSL") {
- if(!$has_psl) {
- next;
- }
- }
- elsif($1 eq "threaded-resolver") {
- if(!$has_threadedres) {
- next;
- }
- }
- else {
+ if(!$feature{$1}) {
next;
}
}
@@ -3526,14 +3310,14 @@ sub singletest {
unlink($FTPDCMD) if(-f $FTPDCMD);
# timestamp required servers verification start
- $timesrvrini{$testnum} = Time::HiRes::time() if($timestats);
+ $timesrvrini{$testnum} = Time::HiRes::time();
if(!$why) {
$why = serverfortest($testnum);
}
# timestamp required servers verification end
- $timesrvrend{$testnum} = Time::HiRes::time() if($timestats);
+ $timesrvrend{$testnum} = Time::HiRes::time();
my @setenv = getpart("client", "setenv");
if(@setenv) {
@@ -3900,7 +3684,7 @@ sub singletest {
}
# timestamp starting of test command
- $timetoolini{$testnum} = Time::HiRes::time() if($timestats);
+ $timetoolini{$testnum} = Time::HiRes::time();
# run the command line we built
if ($torture) {
@@ -3928,7 +3712,7 @@ sub singletest {
}
# timestamp finishing of test command
- $timetoolend{$testnum} = Time::HiRes::time() if($timestats);
+ $timetoolend{$testnum} = Time::HiRes::time();
if(!$dumped_core) {
if(-r "core") {
@@ -3978,7 +3762,7 @@ sub singletest {
sleep($postcommanddelay) if($postcommanddelay);
# timestamp removal of server logs advisor read lock
- $timesrvrlog{$testnum} = Time::HiRes::time() if($timestats);
+ $timesrvrlog{$testnum} = Time::HiRes::time();
# test definition might instruct to stop some servers
# stop also all servers relative to the given one
@@ -4063,7 +3847,7 @@ sub singletest {
if($rc != 0 && !$torture) {
logmsg " postcheck FAILED\n";
# timestamp test result verification end
- $timevrfyend{$testnum} = Time::HiRes::time() if($timestats);
+ $timevrfyend{$testnum} = Time::HiRes::time();
return 1;
}
}
@@ -4083,11 +3867,8 @@ sub singletest {
# Skip all the verification on torture tests
if ($torture) {
- if(!$cmdres && !$keepoutfiles) {
- cleardir($LOGDIR);
- }
# timestamp test result verification end
- $timevrfyend{$testnum} = Time::HiRes::time() if($timestats);
+ $timevrfyend{$testnum} = Time::HiRes::time();
return $cmdres;
}
@@ -4344,7 +4125,7 @@ sub singletest {
"has no name attribute\n";
stopservers($verbose);
# timestamp test result verification end
- $timevrfyend{$testnum} = Time::HiRes::time() if($timestats);
+ $timevrfyend{$testnum} = Time::HiRes::time();
return -1;
}
my @generated=loadarray($filename);
@@ -4408,7 +4189,7 @@ sub singletest {
}
logmsg " exit FAILED\n";
# timestamp test result verification end
- $timevrfyend{$testnum} = Time::HiRes::time() if($timestats);
+ $timevrfyend{$testnum} = Time::HiRes::time();
return 1;
}
@@ -4431,7 +4212,7 @@ sub singletest {
logmsg "\n** MEMORY FAILURE\n";
logmsg @memdata;
# timestamp test result verification end
- $timevrfyend{$testnum} = Time::HiRes::time() if($timestats);
+ $timevrfyend{$testnum} = Time::HiRes::time();
return 1;
}
else {
@@ -4448,7 +4229,7 @@ sub singletest {
unless(opendir(DIR, "$LOGDIR")) {
logmsg "ERROR: unable to read $LOGDIR\n";
# timestamp test result verification end
- $timevrfyend{$testnum} = Time::HiRes::time() if($timestats);
+ $timevrfyend{$testnum} = Time::HiRes::time();
return 1;
}
my @files = readdir(DIR);
@@ -4463,7 +4244,7 @@ sub singletest {
if(!$vgfile) {
logmsg "ERROR: valgrind log file missing for test $testnum\n";
# timestamp test result verification end
- $timevrfyend{$testnum} = Time::HiRes::time() if($timestats);
+ $timevrfyend{$testnum} = Time::HiRes::time();
return 1;
}
my @e = valgrindparse("$LOGDIR/$vgfile");
@@ -4476,7 +4257,7 @@ sub singletest {
logmsg @e;
}
# timestamp test result verification end
- $timevrfyend{$testnum} = Time::HiRes::time() if($timestats);
+ $timevrfyend{$testnum} = Time::HiRes::time();
return 1;
}
$ok .= "v";
@@ -4496,27 +4277,26 @@ sub singletest {
logmsg "$ok " if(!$short);
+ # timestamp test result verification end
+ $timevrfyend{$testnum} = Time::HiRes::time();
+
my $sofar= time()-$start;
my $esttotal = $sofar/$count * $total;
my $estleft = $esttotal - $sofar;
my $left=sprintf("remaining: %02d:%02d",
$estleft/60,
$estleft%60);
-
+ my $took = $timevrfyend{$testnum} - $timeprepini{$testnum};
+ my $duration = sprintf("duration: %02d:%02d",
+ $sofar/60, $sofar%60);
if(!$automakestyle) {
- logmsg sprintf("OK (%-3d out of %-3d, %s)\n", $count, $total, $left);
+ logmsg sprintf("OK (%-3d out of %-3d, %s, took %.1fs, %s)\n",
+ $count, $total, $left, $took, $duration);
}
else {
logmsg "PASS: $testnum - $testname\n";
}
- # the test succeeded, remove all log files
- if(!$keepoutfiles) {
- cleardir($LOGDIR);
- }
-
- # timestamp test result verification end
- $timevrfyend{$testnum} = Time::HiRes::time() if($timestats);
return 0;
}
@@ -4758,10 +4538,6 @@ sub startservers {
# we can't run ftps tests without stunnel
return "no stunnel";
}
- if(!$has_ssl) {
- # we can't run ftps tests if libcurl is SSL-less
- return "curl lacks SSL support";
- }
if($runcert{'ftps'} && ($runcert{'ftps'} ne $certfile)) {
# stop server when running and using a different cert
stopserver('ftps');
@@ -4796,10 +4572,6 @@ sub startservers {
# we can't run https tests without stunnel
return "no stunnel";
}
- if(!$has_ssl) {
- # we can't run https tests if libcurl is SSL-less
- return "curl lacks SSL support";
- }
if($runcert{'https'} && ($runcert{'https'} ne $certfile)) {
# stop server when running and using a different cert
stopserver('https');
diff --git a/tests/server/Makefile.inc b/tests/server/Makefile.inc
index f14d35d12..6296af7cc 100644
--- a/tests/server/Makefile.inc
+++ b/tests/server/Makefile.inc
@@ -1,4 +1,4 @@
-noinst_PROGRAMS = getpart resolve rtspd sockfilt sws tftpd fake_ntlm socksd
+noinst_PROGRAMS = getpart resolve rtspd sockfilt sws tftpd fake_ntlm socksd disabled
CURLX_SRCS = \
../../lib/mprintf.c \
@@ -74,3 +74,5 @@ fake_ntlm_SOURCES = $(CURLX_SRCS) $(CURLX_HDRS) $(USEFUL) $(UTIL) \
fake_ntlm.c
fake_ntlm_LDADD = @CURL_NETWORK_AND_TIME_LIBS@
fake_ntlm_CFLAGS = $(AM_CFLAGS)
+
+disabled_SOURCES = disabled.c
diff --git a/tests/server/disabled.c b/tests/server/disabled.c
new file mode 100644
index 000000000..c82847d8e
--- /dev/null
+++ b/tests/server/disabled.c
@@ -0,0 +1,79 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+/*
+ * The purpose of this tool is to figure out which, if any, features that are
+ * disabled which should otherwise exist and work. These aren't visible in
+ * regular curl -V output.
+ *
+ * Disabled protocols are visible in curl_version_info() and are not included
+ * in this table.
+ */
+
+#include "curl_setup.h"
+#include <stdio.h>
+
+static const char *disabled[]={
+#ifdef CURL_DISABLE_COOKIES
+ "cookies",
+#endif
+#ifdef CURL_DISABLE_CRYPTO_AUTH
+ "crypto",
+#endif
+#ifdef CURL_DISABLE_DOH
+ "DoH",
+#endif
+#ifdef CURL_DISABLE_HTTP_AUTH
+ "HTTP-auth",
+#endif
+#ifdef CURL_DISABLE_MIME
+ "Mime",
+#endif
+#ifdef CURL_DISABLE_NETRC
+ "netrc",
+#endif
+#ifdef CURL_DISABLE_PARSEDATE
+ "parsedate",
+#endif
+#ifdef CURL_DISABLE_PROXY
+ "proxy",
+#endif
+#ifdef CURL_DISABLE_SHUFFLE_DNS
+ "shuffle-dns",
+#endif
+#ifdef CURL_DISABLE_TYPECHECK
+ "typecheck",
+#endif
+#ifdef CURL_DISABLE_VERBOSE_STRINGS
+ "verbose-strings",
+#endif
+ NULL
+};
+
+int main(void)
+{
+ int i;
+ for(i = 0; disabled[i]; i++)
+ printf("%s\n", disabled[i]);
+
+ return 0;
+}
diff --git a/tests/server/socksd.c b/tests/server/socksd.c
index df32a49a1..5e32bc904 100644
--- a/tests/server/socksd.c
+++ b/tests/server/socksd.c
@@ -749,10 +749,6 @@ static bool incoming(curl_socket_t listenfd)
fd_set fds_read;
fd_set fds_write;
fd_set fds_err;
- curl_socket_t sockfd = CURL_SOCKET_BAD;
- int maxfd = -99;
- ssize_t rc;
- int error = 0;
int clients = 0; /* connected clients */
struct perclient c[2];
@@ -772,15 +768,17 @@ static bool incoming(curl_socket_t listenfd)
do {
int i;
+ ssize_t rc;
+ int error = 0;
+ curl_socket_t sockfd = listenfd;
+ int maxfd = (int)sockfd;
FD_ZERO(&fds_read);
FD_ZERO(&fds_write);
FD_ZERO(&fds_err);
- sockfd = listenfd;
/* there's always a socket to wait for */
FD_SET(sockfd, &fds_read);
- maxfd = (int)sockfd;
for(i = 0; i < 2; i++) {
if(c[i].used) {
diff --git a/tests/server/sws.c b/tests/server/sws.c
index e5806875c..963357799 100644
--- a/tests/server/sws.c
+++ b/tests/server/sws.c
@@ -952,28 +952,19 @@ static int get_request(curl_socket_t sock, struct httprequest *req)
ssize_t got = 0;
int overflow = 0;
- char *pipereq = NULL;
- size_t pipereq_length = 0;
-
if(req->offset >= REQBUFSIZ-1) {
/* buffer is already full; do nothing */
overflow = 1;
}
else {
- if(pipereq_length && pipereq) {
- memmove(reqbuf, pipereq, pipereq_length);
- got = curlx_uztosz(pipereq_length);
- pipereq_length = 0;
- }
- else {
- if(req->skip)
- /* we are instructed to not read the entire thing, so we make sure to
- only read what we're supposed to and NOT read the enire thing the
- client wants to send! */
- got = sread(sock, reqbuf + req->offset, req->cl);
- else
- got = sread(sock, reqbuf + req->offset, REQBUFSIZ-1 - req->offset);
- }
+ if(req->skip)
+ /* we are instructed to not read the entire thing, so we make sure to
+ only read what we're supposed to and NOT read the enire thing the
+ client wants to send! */
+ got = sread(sock, reqbuf + req->offset, req->cl);
+ else
+ got = sread(sock, reqbuf + req->offset, REQBUFSIZ-1 - req->offset);
+
if(got_exit_signal)
return -1;
if(got == 0) {
diff --git a/tests/smbserver.py.in b/tests/smbserver.py.in
index 1d2a1fc3f..8a4fba8a0 100755
--- a/tests/smbserver.py.in
+++ b/tests/smbserver.py.in
@@ -86,7 +86,7 @@ def smbserver(options):
test_data_dir = os.path.join(options.srcdir, "data")
- smb_server = TestSmbServer(("127.0.0.1", options.port),
+ smb_server = TestSmbServer((options.host, options.port),
config_parser=smb_config,
test_data_directory=test_data_dir)
log.info("[SMB] setting up SMB server on port %s", options.port)
@@ -312,6 +312,8 @@ def get_options():
parser.add_argument("--port", action="store", default=9017,
type=int, help="port to listen on")
+ parser.add_argument("--host", action="store", default="127.0.0.1",
+ help="host to listen on")
parser.add_argument("--verbose", action="store", type=int, default=0,
help="verbose output")
parser.add_argument("--pidfile", action="store",
diff --git a/tests/unit/unit1651.c b/tests/unit/unit1651.c
index db3a0f35b..3652601f9 100644
--- a/tests/unit/unit1651.c
+++ b/tests/unit/unit1651.c
@@ -33,7 +33,7 @@ static void unit_stop(void)
}
#if defined(USE_GSKIT) || defined(USE_NSS) || defined(USE_GNUTLS) || \
- defined(USE_CYASSL) || defined(USE_SCHANNEL)
+ defined(USE_WOLFSSL) || defined(USE_SCHANNEL)
/* cert captured from gdb when connecting to curl.haxx.se on October 26
2018 */
diff --git a/tests/unit/unit1654.c b/tests/unit/unit1654.c
index 7532c6d61..9d1a3e211 100644
--- a/tests/unit/unit1654.c
+++ b/tests/unit/unit1654.c
@@ -53,8 +53,10 @@ UNITTEST_START
if(!asi)
return 1;
result = Curl_altsvc_load(asi, arg);
- if(result)
+ if(result) {
+ Curl_altsvc_cleanup(asi);
return result;
+ }
curl = curl_easy_init();
if(!curl)
goto fail;
diff --git a/winbuild/BUILD.WINDOWS.txt b/winbuild/BUILD.WINDOWS.txt
index c75b15c4e..1ede14f01 100644
--- a/winbuild/BUILD.WINDOWS.txt
+++ b/winbuild/BUILD.WINDOWS.txt
@@ -86,6 +86,7 @@ where <options> is one or many of:
WITH_CARES=<dll or static> - Enable c-ares support, DLL or static
WITH_ZLIB=<dll or static> - Enable zlib support, DLL or static
WITH_SSH2=<dll or static> - Enable libSSH2 support, DLL or static
+ WITH_PREFIX=<dir> - Where to install the build
ENABLE_SSPI=<yes or no> - Enable SSPI support, defaults to yes
ENABLE_IPV6=<yes or no> - Enable IPv6, defaults to yes
ENABLE_IDN=<yes or no> - Enable use of Windows IDN APIs, defaults to yes
diff --git a/winbuild/Makefile.vc b/winbuild/Makefile.vc
index 26ab90693..9b3b35513 100644
--- a/winbuild/Makefile.vc
+++ b/winbuild/Makefile.vc
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1999 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1999 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -39,9 +39,13 @@ CFGSET=true
!MESSAGE where <options> is one or many of:
!MESSAGE VC=<6,7,8,9,10,11,12,14,15> - VC versions
!MESSAGE WITH_DEVEL=<path> - Paths for the development files (SSL, zlib, etc.)
-!MESSAGE Defaults to sibbling directory deps: ../deps
+!MESSAGE Defaults to curl's sibling directory deps: ../deps
!MESSAGE Libraries can be fetched at https://windows.php.net/downloads/php-sdk/deps/
!MESSAGE Uncompress them into the deps folder.
+!MESSAGE WITH_PREFIX=<path> - Installation directory path
+!MESSAGE Defaults to a configuration dependent (SSL, zlib, etc.)
+!MESSAGE directory inside curl's subdirectory builds: ./builds
+!MESSAGE Use backslashes as path separator
!MESSAGE WITH_SSL=<dll or static> - Enable OpenSSL support, DLL or static
!MESSAGE WITH_NGHTTP2=<dll or static> - Enable HTTP/2 support, DLL or static
!MESSAGE WITH_CARES=<dll or static> - Enable c-ares support, DLL or static
@@ -134,6 +138,12 @@ USE_WINSSL = false
!IFNDEF ENABLE_OPENSSL_AUTO_LOAD_CONFIG
ENABLE_OPENSSL_AUTO_LOAD_CONFIG = true
+!ELSEIF "$(ENABLE_OPENSSL_AUTO_LOAD_CONFIG)"=="yes"
+!UNDEF ENABLE_OPENSSL_AUTO_LOAD_CONFIG
+ENABLE_OPENSSL_AUTO_LOAD_CONFIG = true
+!ELSEIF "$(ENABLE_OPENSSL_AUTO_LOAD_CONFIG)"=="no"
+!UNDEF ENABLE_OPENSSL_AUTO_LOAD_CONFIG
+ENABLE_OPENSSL_AUTO_LOAD_CONFIG = false
!ENDIF
CONFIG_NAME_LIB = libcurl
diff --git a/winbuild/MakefileBuild.vc b/winbuild/MakefileBuild.vc
index 8d942b759..993ab38bc 100644
--- a/winbuild/MakefileBuild.vc
+++ b/winbuild/MakefileBuild.vc
@@ -486,8 +486,13 @@ CFLAGS = $(CFLAGS) /DCURL_WITH_MULTI_SSL
!ENDIF
LIB_DIROBJ = ..\builds\$(CONFIG_NAME_LIB)-obj-lib
-CURL_DIROBJ = ..\builds\$(CONFIG_NAME_LIB)-obj-curl
-DIRDIST = ..\builds\$(CONFIG_NAME_LIB)\
+CURL_DIROBJ = ..\builds\$(CONFIG_NAME_LIB)-obj-curl
+
+!IFDEF WITH_PREFIX
+DIRDIST = $(WITH_PREFIX)
+!ELSE
+DIRDIST = ..\builds\$(CONFIG_NAME_LIB)\
+!ENDIF
#
# curl.exe