Patrick Monnerat
0bd50335fe
mime: some more strlen() call removals.
...
Closes #8423
2022-02-13 11:40:40 +01:00
Daniel Stenberg
c3331a029c
url: exclude zonefrom_url when no ipv6 is available
...
Closes #8439
2022-02-11 23:27:47 +01:00
Daniel Stenberg
7e65d91071
if2ip: make Curl_ipv6_scope a blank macro when IPv6-disabled
...
Closes #8439
2022-02-11 23:27:37 +01:00
Henrik Holst
186340c9cd
mprintf: remove strlen calls on empty strings in dprintf_formatf
...
Turns out that in dprintf_formatf we did a strlen on empty strings, a
bit strange is how common this actually is, 24 alone when doing a simple
GET from https://curl.se
Closes #8427
2022-02-11 23:07:34 +01:00
Daniel Stenberg
e1667a61ea
wolfssl: return CURLE_AGAIN for the SSL_ERROR_NONE case
...
Closes #8431
2022-02-11 12:36:52 +01:00
Daniel Stenberg
327ef30530
wolfssl: when SSL_read() returns zero, check the error
...
Returning zero indicates end of connection, so if there's no data read
but the connection is alive, it needs to return -1 with CURLE_AGAIN.
Closes #8431
2022-02-11 10:48:52 +01:00
Daniel Stenberg
96f85a0fef
quiche: after leaving h3_recving state, poll again
...
This could otherwise easily leave libcurl "hanging" after the entire
transfer is done but without noticing the end-of-transfer signal.
Assisted-by: Lucas Pardue
Closes #8436
2022-02-11 10:07:24 +01:00
Daniel Stenberg
6883180fa5
quiche: when *recv_body() returns data, drain it before polling again
...
Assisted-by: Lucas Pardue
Closes #8429
2022-02-11 08:48:30 +01:00
Daniel Stenberg
836d3ccfe4
lib/h2h3: #ifdef on ENABLE_QUIC, not the wrong define
...
Otherwise the build fails when H3 is enabled but the build doesn't
include nghttp2.
Closes #8424
2022-02-10 15:12:02 +01:00
Daniel Stenberg
d15692ebba
hostcheck: pass in pattern length too, to avoid a strlen call
...
Removes one strlen() call per SAN name in a cert-check.
Closes #8418
2022-02-10 08:53:34 +01:00
HenrikHolst
9bc3cebc92
misc: remove strlen for Curl_checkheaders + Curl_checkProxyheaders
...
Closes #8409
2022-02-10 08:51:06 +01:00
Daniel Stenberg
f9d1b25011
mqtt: free 'sendleftovers' in disconnect
...
Fix a memory-leak
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43646
Closes #8415
2022-02-09 14:43:32 +01:00
Patrick Monnerat
d9c61a9792
openldap: pass string length arguments to client_write()
...
This uses the new STRCONST() macro and saves 2 strlen() calls on short
string constants per LDIF output line.
Closes #8404
2022-02-09 13:57:35 +01:00
HenrikHolst
b807219292
misc: reduce strlen() calls with Curl_dyn_add()
...
Use STRCONST() to switch from Curl_dyn_add() to Curl_dyn_addn() for
string literals.
Closes #8398
2022-02-09 13:52:47 +01:00
Daniel Stenberg
2a1951519e
http2: fix the array copy to nghttp2_nv
...
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44517
Follow-up to 9f985a11e7Closes #8414
2022-02-09 12:18:50 +01:00
Daniel Stenberg
5c55fe6df6
h2h3: pass correct argument types to infof()
...
Detected by Coverity. CID 1497993
Closes #8401
2022-02-08 10:15:22 +01:00
Daniel Stenberg
93767237c4
lib/Makefile: remove config-tpf.h from the dist
...
Follow-up from da15443dddhttps://curl.se/mail/lib-2022-02/0070.html
Closes #8403
2022-02-08 10:03:06 +01:00
Daniel Stenberg
ff4bf6bfb5
configure: remove support for "embedded ares"
...
In March 2010 (commit 4259d2df7dCloses #8397
2022-02-07 23:27:57 +01:00
HenrikHolst
4028892f14
http: make Curl_compareheader() take string length arguments too
...
Also add STRCONST, a macro that returns a string literal and it's length
for functions that take "string,len"
Removes unnecesary calls to strlen().
Closes #8391
2022-02-07 14:37:58 +01:00
Daniel Stenberg
a42677f0d8
vquic/vquic.h: removed the unused H3 psuedo defines
2022-02-07 13:56:06 +01:00
Daniel Stenberg
4ab3ed0729
ngtcp2: use Curl_pseudo_headers
2022-02-07 13:56:06 +01:00
Daniel Stenberg
3fa405bb58
quiche: use Curl_pseudo_headers
2022-02-07 13:56:06 +01:00
Daniel Stenberg
9f985a11e7
http2: use Curl_pseudo_headers
2022-02-07 13:56:06 +01:00
Daniel Stenberg
f8c3724aa9
h2h3: added Curl_pseudo_headers()
...
For use with both http2 and http3 requests.
2022-02-07 13:56:06 +01:00
Daniel Stenberg
79731d1a6c
ngtcp2/quiche: make :scheme possible to set
2022-02-07 13:56:06 +01:00
Daniel Stenberg
c85178a94c
http2: allow CURLOPT_HTTPHEADER change ":scheme"
...
The only h2 psuedo header that wasn't previously possible to change by a
user. This change also makes it impossible to send a HTTP/1 header that
starts with a colon, which I don't think anyone does anyway.
The other pseudo headers are possible to change indirectly by doing the
rightly crafted request.
Reported-by: siddharthchhabrap on github
Fixes #8381
Closes #8393
2022-02-07 13:55:57 +01:00
Daniel Stenberg
136f3e9d68
h2/h3: provide and refer to pseudo headers as defines
...
... and do sizeof() on the defines to use constants better.
Closes #8389
2022-02-05 11:08:43 +01:00
MAntoniak
793614b589
smb: passing a socket for writing and reading data instead of FIRSTSOCKET
...
Closes #8383
2022-02-05 00:15:22 +01:00
Daniel Stenberg
27614355bf
x509asn1: toggle off functions not needed for diff tls backends
...
... and clean the header file from private defines/structs (move to C
file) and unused function prototypes.
Closes #8386
2022-02-05 00:11:34 +01:00
Daniel Stenberg
9478a97035
lib: move hostcheck and x509sn1 sources to vtls/
...
... since they are used strictly by TLS code.
Closes #8386
2022-02-05 00:11:33 +01:00
Marcel Raad
9f1d29ecac
version_win32: fix warning for CURL_WINDOWS_APP
...
The build version is not supported by the UWP code.
Closes https://github.com/curl/curl/pull/8385
2022-02-04 17:34:27 +01:00
Daniel Stenberg
2610142139
lib: remove support for CURL_DOES_CONVERSIONS
...
TPF was the only user and support for that was dropped.
Closes #8378
2022-02-04 08:05:35 +01:00
Daniel Stenberg
da15443ddd
TPF: drop support
...
There has been no TPF related changes done since September 2010 (commit
7e1a45e224Closes #8378
2022-02-04 08:05:35 +01:00
HenrikHolst
a121e8dac6
setopt: do bounds-check before strdup
...
Curl_setstropt() allocated memory for the string before checking if the
string was within bounds. The bounds check should be done first.
Closes #8377
2022-02-03 09:40:03 +01:00
MAntoniak
2cd6d7e462
mbedtls: enable use of mbedtls without filesystem functions support
...
Closes #8376
2022-02-03 09:39:11 +01:00
HenrikHolst
9fe2a20b1c
urlapi: remove an unnecessary call to strlen
...
- Use strcpy instead of strlen+memcpy to copy the url path.
Ref: https://curl.se/mail/lib-2022-02/0006.html
Closes https://github.com/curl/curl/pull/8370
2022-02-01 15:43:45 -05:00
Daniel Stenberg
1bf3643f7b
vxworks: drop support
...
No changes or fixes in vxworks related code since 2009 leads me to
believe that this doesn't work anymore.
Closes #8362
2022-02-01 16:18:39 +01:00
Henrik Holst
0d370ecbfe
base64: remove an unnecessary call to strlen
...
Closes #8369
2022-02-01 16:09:49 +01:00
Sebastian Sterk
c6218f3723
multi: grammar fix in comment
...
After 'must', the verb is used without 'to'. Correct: "must" or "have
to"
Closes #8368
2022-02-01 09:37:26 +01:00
Daniel Stenberg
5236ed0e42
openldap: fix compiler warning when built without SSL support
...
openldap.c:841:52: error: unused parameter ‘data’ [-Werror=unused-parameter]
Closes #8367
2022-02-01 09:14:35 +01:00
Daniel Stenberg
3b16575ae9
netware: remove support
...
There are no current users and no Netware related changes done in the
code for over 13 years is a clear sign this is abandoned.
Closes #8358
2022-01-31 13:40:26 +01:00
luminixinc on github
3c798b1db3
multi: remember connection_id before returning connection to pool
...
Fix a bug that does not require a new CVE as discussed on hackerone.com.
Previously `connection_id` was accessed after returning connection to
the shared pool.
Bug: https://hackerone.com/reports/1463013
Closes #8355
2022-01-31 08:55:22 +01:00
Daniel Stenberg
91e3996aa7
urldata: CONN_IS_PROXIED replaces bits.close when proxy can be disabled
...
To remove run-time checks for such builds.
Closes #8350
2022-01-30 12:01:25 +01:00
Daniel Stenberg
96629ba2c2
setopt: fix the TLSAUTH #ifdefs for proxy-disabled builds
...
Closes #8350
2022-01-30 12:01:16 +01:00
Daniel Stenberg
79cca04da8
conncache: make conncache_add_bundle return the pointer
...
Simplifies the logic a little and avoids a ternary operator.
Ref: #8346
Closes #8349
2022-01-30 11:59:43 +01:00
Daniel Stenberg
3267ac40da
nss: handshake callback during shutdown has no conn->bundle
...
The callback gets called because of the call to PR_Recv() done to
attempt to avoid RST on the TCP connection. The conn->bundle pointer is
already cleared at this point so avoid dereferencing it.
Reported-by: Eric Musser
Fixes #8341
Closes #8342
2022-01-28 16:02:38 +01:00
MAntoniak
df66c7c5ba
mbedtls: remove #include <mbedtls/certs.h>
...
mbedtls/certs.h file contains only certificates example (all definitions
is beginning by mbedtls_test_*). None of them is used so we can avoid
include the file.
Closes #8343
2022-01-28 16:01:28 +01:00
MAntoniak
16c01bc5a5
mbedtls: enable use of mbedtls without CRL support
...
Closes #8344
2022-01-28 16:00:23 +01:00
Jay Satiro
598b142f6d
schannel: restore debug message in schannel_connect_step2
...
This is a follow-up to recent commit 2218c3ahttps://github.com/curl/curl/pull/8320#issuecomment-1022957904
Closes https://github.com/curl/curl/pull/8336
2022-01-28 02:42:57 -05:00
Marcel Raad
610bd89315
openssl: fix ctx_option_t for OpenSSL v3+
...
The options have been changed to `uint64_t` in
56bd17830fhttps://github.com/curl/curl/pull/8331
2022-01-27 12:22:18 +01:00
