From 59432503c0501f8d1522370704c3d5269d221f5a Mon Sep 17 00:00:00 2001 From: Jay Satiro Date: Tue, 2 Jun 2015 14:04:00 -0400 Subject: [PATCH 01/11] curl_setup: Change fopen text macros to use 't' for MSDOS Bug: https://github.com/bagder/curl/pull/258#issuecomment-107915198 Reported-by: Gisle Vanem --- lib/curl_setup.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/curl_setup.h b/lib/curl_setup.h index cbec34f26..ab0c13940 100644 --- a/lib/curl_setup.h +++ b/lib/curl_setup.h @@ -710,7 +710,7 @@ int netware_init(void); /* In Windows the default file mode is text but an application can override it. Therefore we specify it explicitly. https://github.com/bagder/curl/pull/258 */ -#if defined(WIN32) +#if defined(WIN32) || defined(MSDOS) #define FOPEN_READTEXT "rt" #define FOPEN_WRITETEXT "wt" #elif defined(__CYGWIN__) From 001ab7d86092f715088a8611a675f8b2537f45b3 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 3 Jun 2015 13:53:26 +0200 Subject: [PATCH 02/11] RELEASE-PROCEDURE: refreshed 'coming dates' --- docs/RELEASE-PROCEDURE | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/RELEASE-PROCEDURE b/docs/RELEASE-PROCEDURE index 164e1e98a..cf074dcc6 100644 --- a/docs/RELEASE-PROCEDURE +++ b/docs/RELEASE-PROCEDURE @@ -84,12 +84,12 @@ Coming dates Based on the description above, here are some planned release dates (at the time of this writing): -- February 25, 2015 (version 7.41.0) -- April 22, 2015 -- June 17, 2015 +- June 17, 2015 (version 7.43.0) - August 12, 2015 - October 7, 2015 - December 2, 2015 - January 27, 2016 - March 23, 2016 - May 18, 2016 +- July 13, 2016 +- September 7, 2016 From 3013bb6b1c8e63e46ed0324eddffa6c54228acd7 Mon Sep 17 00:00:00 2001 From: Jay Satiro Date: Wed, 3 Jun 2015 21:48:47 -0400 Subject: [PATCH 03/11] cookie: Stop exporting any-domain cookies Prior to this change any-domain cookies (cookies without a domain that are sent to any domain) were exported with domain name "unknown". Bug: https://github.com/bagder/curl/issues/292 --- docs/examples/cookie_interface.c | 7 ++++++- docs/libcurl/opts/CURLOPT_COOKIELIST.3 | 3 +++ lib/cookie.c | 5 ++++- 3 files changed, 13 insertions(+), 2 deletions(-) diff --git a/docs/examples/cookie_interface.c b/docs/examples/cookie_interface.c index 2e7c66db2..28ee7817c 100644 --- a/docs/examples/cookie_interface.c +++ b/docs/examples/cookie_interface.c @@ -96,7 +96,12 @@ main(void) return 1; } - /* HTTP-header style cookie */ + /* HTTP-header style cookie. If you use the Set-Cookie format and don't + specify a domain then the cookie is sent for any domain and will not be + modified, likely not what you intended. Starting in 7.43.0 any-domain + cookies will not be exported either. For more information refer to the + CURLOPT_COOKIELIST documentation. + */ snprintf(nline, sizeof(nline), "Set-Cookie: OLD_PREF=3d141414bf4209321; " "expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.google.com"); diff --git a/docs/libcurl/opts/CURLOPT_COOKIELIST.3 b/docs/libcurl/opts/CURLOPT_COOKIELIST.3 index 1058936c7..937c79db8 100644 --- a/docs/libcurl/opts/CURLOPT_COOKIELIST.3 +++ b/docs/libcurl/opts/CURLOPT_COOKIELIST.3 @@ -43,6 +43,9 @@ transfer to that server, likely not what you intended. Either set a domain in Set-Cookie (doing that will include sub domains) or use the Netscape format as shown in EXAMPLE. +Starting in 7.43.0 the aforementioned any-domain cookies will not appear in the +lists exported by \fICURLINFO_COOKIELIST(3)\fP and \fICURLOPT_COOKIEJAR(3)\fP. + Additionally, there are commands available that perform actions if you pass in these exact strings: .IP ALL diff --git a/lib/cookie.c b/lib/cookie.c index fd7ed4168..94f2a8b85 100644 --- a/lib/cookie.c +++ b/lib/cookie.c @@ -1277,6 +1277,8 @@ static int cookie_output(struct CookieInfo *c, const char *dumphere) co = c->cookies; while(co) { + if(!co->domain) + continue; format_ptr = get_netscape_format(co); if(format_ptr == NULL) { fprintf(out, "#\n# Fatal libcurl error\n"); @@ -1310,7 +1312,8 @@ struct curl_slist *Curl_cookie_list(struct SessionHandle *data) c = data->cookies->cookies; while(c) { - /* fill the list with _all_ the cookies we know */ + if(!c->domain) + continue; line = get_netscape_format(c); if(!line) { curl_slist_free_all(list); From 7c17b58eec102b8a97908cc8a62432a8adcb5db2 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 4 Jun 2015 22:43:36 +0200 Subject: [PATCH 04/11] LIBCURL-STRUCTS: clarify for multiplexing --- docs/LIBCURL-STRUCTS | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docs/LIBCURL-STRUCTS b/docs/LIBCURL-STRUCTS index 136d17ce7..11dee8539 100644 --- a/docs/LIBCURL-STRUCTS +++ b/docs/LIBCURL-STRUCTS @@ -52,6 +52,9 @@ for older and later versions as things don't change drastically that often. The libcurl source code generally use the name 'data' for the variable that points to the SessionHandle. + When doing multiplexed HTTP/2 transfers, each SessionHandle is associated + with an individual stream, sharing the same connectdata struct. Multiplexing + makes it even more important to keep things associated with the right thing! 1.2 connectdata @@ -70,7 +73,7 @@ for older and later versions as things don't change drastically that often. connection or the SessionHandle. Functions in libcurl will assume that connectdata->data points to the - SessionHandle that uses this connection. + SessionHandle that uses this connection (for the moment). As a special complexity, some protocols supported by libcurl require a special disconnect procedure that is more than just shutting down the From fc16d9cec8b013a5f1a6fbe69abe781b1dd8c0e5 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 5 Jun 2015 00:02:17 +0200 Subject: [PATCH 05/11] openssl: remove dummy callback use from SSL_CTX_set_verify() The existing callback served no purpose. --- lib/vtls/openssl.c | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index eb2cf5bf5..240295b6f 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -716,17 +716,6 @@ static int x509_name_oneline(X509_NAME *a, char *buf, size_t size) #endif } -static -int cert_verify_callback(int ok, X509_STORE_CTX *ctx) -{ - X509 *err_cert; - char buf[256]; - - err_cert=X509_STORE_CTX_get_current_cert(ctx); - (void)x509_name_oneline(X509_get_subject_name(err_cert), buf, sizeof(buf)); - return ok; -} - /* Return error string for last OpenSSL error */ static char *SSL_strerror(unsigned long error, char *buf, size_t size) @@ -2079,7 +2068,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) * SSL_get_verify_result() below. */ SSL_CTX_set_verify(connssl->ctx, data->set.ssl.verifypeer?SSL_VERIFY_PEER:SSL_VERIFY_NONE, - cert_verify_callback); + NULL); /* give application a chance to interfere with SSL set up. */ if(data->set.ssl.fsslctx) { From ccfdd5986c4ac3f5532f8505b27b492b135e1216 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 5 Jun 2015 00:09:25 +0200 Subject: [PATCH 06/11] openssl: remove SSL_get_session()-using code It was present for OpenSSL 0.9.5 code but we only support 0.9.7 or later. --- lib/vtls/openssl.c | 28 +++------------------------- 1 file changed, 3 insertions(+), 25 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 240295b6f..511efcc75 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -83,12 +83,6 @@ #error "OPENSSL_VERSION_NUMBER not defined" #endif -#if OPENSSL_VERSION_NUMBER >= 0x0090581fL -#define HAVE_SSL_GET1_SESSION 1 -#else -#undef HAVE_SSL_GET1_SESSION -#endif - #if OPENSSL_VERSION_NUMBER >= 0x00904100L #define HAVE_USERDATA_IN_PWD_CALLBACK 1 #else @@ -2814,25 +2808,11 @@ static CURLcode ossl_connect_step3(struct connectdata *conn, int sockindex) DEBUGASSERT(ssl_connect_3 == connssl->connecting_state); -#ifdef HAVE_SSL_GET1_SESSION our_ssl_sessionid = SSL_get1_session(connssl->handle); - /* SSL_get1_session() will increment the reference - count and the session will stay in memory until explicitly freed with - SSL_SESSION_free(3), regardless of its state. - This function was introduced in openssl 0.9.5a. */ -#else - our_ssl_sessionid = SSL_get_session(connssl->handle); - - /* if SSL_get1_session() is unavailable, use SSL_get_session(). - This is an inferior option because the session can be flushed - at any time by openssl. It is included only so curl compiles - under versions of openssl < 0.9.5a. - - WARNING: How curl behaves if it's session is flushed is - untested. - */ -#endif + /* SSL_get1_session() will increment the reference count and the session + will stay in memory until explicitly freed with SSL_SESSION_free(3), + regardless of its state. */ incache = !(Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL)); if(incache) { @@ -2851,7 +2831,6 @@ static CURLcode ossl_connect_step3(struct connectdata *conn, int sockindex) return result; } } -#ifdef HAVE_SSL_GET1_SESSION else { /* Session was incache, so refcount already incremented earlier. * Avoid further increments with each SSL_get1_session() call. @@ -2859,7 +2838,6 @@ static CURLcode ossl_connect_step3(struct connectdata *conn, int sockindex) */ SSL_SESSION_free(our_ssl_sessionid); } -#endif /* * We check certificates to authenticate the server; otherwise we risk From 30bd59ba6ef86487c3a5e2d6d96a811622730eae Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 5 Jun 2015 00:11:32 +0200 Subject: [PATCH 07/11] openssl: removed USERDATA_IN_PWD_CALLBACK kludge Code for OpenSSL 0.9.4 serves no purpose anymore! --- lib/vtls/openssl.c | 40 +++------------------------------------- 1 file changed, 3 insertions(+), 37 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 511efcc75..0525942d8 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -83,12 +83,6 @@ #error "OPENSSL_VERSION_NUMBER not defined" #endif -#if OPENSSL_VERSION_NUMBER >= 0x00904100L -#define HAVE_USERDATA_IN_PWD_CALLBACK 1 -#else -#undef HAVE_USERDATA_IN_PWD_CALLBACK -#endif - #if OPENSSL_VERSION_NUMBER >= 0x00907001L && !defined(OPENSSL_IS_BORINGSSL) /* ENGINE_load_private_key() takes four arguments */ #define HAVE_ENGINE_LOAD_FOUR_ARGS @@ -154,18 +148,8 @@ */ #define RAND_LOAD_LENGTH 1024 -#ifndef HAVE_USERDATA_IN_PWD_CALLBACK -static char global_passwd[64]; -#endif - -static int passwd_callback(char *buf, int num, int encrypting -#ifdef HAVE_USERDATA_IN_PWD_CALLBACK - /* This was introduced in 0.9.4, we can set this - using SSL_CTX_set_default_passwd_cb_userdata() - */ - , void *global_passwd -#endif - ) +static int passwd_callback(char *buf, int num, int encrypting, + void *global_passwd) { DEBUGASSERT(0 == encrypting); @@ -370,23 +354,9 @@ int cert_stuff(struct connectdata *conn, int cert_done = 0; if(data->set.str[STRING_KEY_PASSWD]) { -#ifndef HAVE_USERDATA_IN_PWD_CALLBACK - /* - * If password has been given, we store that in the global - * area (*shudder*) for a while: - */ - size_t len = strlen(data->set.str[STRING_KEY_PASSWD]); - if(len < sizeof(global_passwd)) - memcpy(global_passwd, data->set.str[STRING_KEY_PASSWD], len+1); - else - global_passwd[0] = '\0'; -#else - /* - * We set the password in the callback userdata - */ + /* set the password in the callback userdata */ SSL_CTX_set_default_passwd_cb_userdata(ctx, data->set.str[STRING_KEY_PASSWD]); -#endif /* Set passwd callback: */ SSL_CTX_set_default_passwd_cb(ctx, passwd_callback); } @@ -672,10 +642,6 @@ int cert_stuff(struct connectdata *conn, failf(data, "Private key does not match the certificate public key"); return 0; } -#ifndef HAVE_USERDATA_IN_PWD_CALLBACK - /* erase it now */ - memset(global_passwd, 0, sizeof(global_passwd)); -#endif } return 1; } From 1ce14037c0c4f7448422ba2d4c7f12ceb1289811 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 5 Jun 2015 00:12:56 +0200 Subject: [PATCH 08/11] openssl: removed error string #ifdef ERR_error_string_n() was introduced in 0.9.6, no need to #ifdef anymore --- lib/vtls/openssl.c | 9 --------- 1 file changed, 9 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 0525942d8..6378e10ff 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -102,10 +102,6 @@ #undef HAVE_PKCS12_SUPPORT #endif -#if OPENSSL_VERSION_NUMBER >= 0x00906001L -#define HAVE_ERR_ERROR_STRING_N 1 -#endif - #if OPENSSL_VERSION_NUMBER >= 0x00909000L #define SSL_METHOD_QUAL const #else @@ -680,15 +676,10 @@ static int x509_name_oneline(X509_NAME *a, char *buf, size_t size) */ static char *SSL_strerror(unsigned long error, char *buf, size_t size) { -#ifdef HAVE_ERR_ERROR_STRING_N /* OpenSSL 0.9.6 and later has a function named ERR_error_string_n() that takes the size of the buffer as a third argument */ ERR_error_string_n(error, buf, size); -#else - (void) size; - ERR_error_string(error, buf); -#endif return buf; } From 3587da9e7c92a486349f4f59a895b69c7000cb00 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 5 Jun 2015 08:26:47 +0200 Subject: [PATCH 09/11] curl.h: add CURL_HTTP_VERSION_2 The protocol is named "HTTP/2" after all. It is an alias for the existing CURL_HTTP_VERSION_2_0 enum. --- docs/libcurl/symbols-in-versions | 1 + include/curl/curl.h | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/docs/libcurl/symbols-in-versions b/docs/libcurl/symbols-in-versions index 1a9dc3697..8299a5179 100644 --- a/docs/libcurl/symbols-in-versions +++ b/docs/libcurl/symbols-in-versions @@ -671,6 +671,7 @@ CURL_GLOBAL_WIN32 7.8.1 CURL_HTTP_VERSION_1_0 7.9.1 CURL_HTTP_VERSION_1_1 7.9.1 CURL_HTTP_VERSION_2_0 7.33.0 +CURL_HTTP_VERSION_2 7.43.0 CURL_HTTP_VERSION_NONE 7.9.1 CURL_IPRESOLVE_V4 7.10.8 CURL_IPRESOLVE_V6 7.10.8 diff --git a/include/curl/curl.h b/include/curl/curl.h index 727f19a4f..eab2f6e99 100644 --- a/include/curl/curl.h +++ b/include/curl/curl.h @@ -1695,6 +1695,11 @@ enum { CURL_HTTP_VERSION_LAST /* *ILLEGAL* http version */ }; +/* Convenience definition simple because the name of the version is HTTP/2 and + not 2.0. The 2_0 version of the enum name was set while the version was + still planned to be 2.0 and we stick to it for compatibility. */ +#define CURL_HTTP_VERSION_2 CURL_HTTP_VERSION_2_0 + /* * Public API enums for RTSP requests */ From 6befade68f1867172346beddf4da5095583bca14 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 5 Jun 2015 08:55:19 +0200 Subject: [PATCH 10/11] BINDINGS: the curl-rust binding --- docs/BINDINGS | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/BINDINGS b/docs/BINDINGS index ef4505435..00f565dfd 100644 --- a/docs/BINDINGS +++ b/docs/BINDINGS @@ -197,6 +197,11 @@ Ruby ruby-curl-multi - written by Kristjan Petursson and Keith Rarick http://curl-multi.rubyforge.org/ +Rust + + curl-rust - by Carl Lerche + https://github.com/carllerche/curl-rust + Scheme Bigloo binding by Kirill Lisovsky From 8f4791440a940cbc7bd5a911ae5344b117669dcc Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 5 Jun 2015 09:15:40 +0200 Subject: [PATCH 11/11] BINDINGS: update several URLs Stop linking to the curl.haxx.se anchor pages, they are usually only themselves pointers to the real page so better point there directly instead. --- docs/BINDINGS | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/docs/BINDINGS b/docs/BINDINGS index 00f565dfd..c4722ebfc 100644 --- a/docs/BINDINGS +++ b/docs/BINDINGS @@ -50,7 +50,7 @@ Cocoa D Written by Kenneth Bogert - http://curl.haxx.se/libcurl/d/ + http://dlang.org/library/std/net/curl.html Dylan @@ -60,7 +60,7 @@ Dylan Eiffel Written by Eiffel Software - http://curl.haxx.se/libcurl/eiffel/ + https://room.eiffel.com/library/curl Euphoria @@ -102,8 +102,7 @@ Haskell Java - Maintained by [blank] - http://curl.haxx.se/libcurl/java/ + https://github.com/pjlegato/curl-java Julia @@ -155,13 +154,13 @@ Pascal Perl - Maintained by Cris Bailiff - http://curl.haxx.se/libcurl/perl/ + Maintained by Cris Bailiff and Bálint Szilakszi + https://github.com/szbalint/WWW--Curl PHP Written by Sterling Hughes - http://curl.haxx.se/libcurl/php/ + http://php.net/curl PostgreSQL @@ -205,7 +204,7 @@ Rust Scheme Bigloo binding by Kirill Lisovsky - http://curl.haxx.se/libcurl/scheme/ + http://www.metapaper.net/lisovsky/web/curl/ S-Lang