aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-04-02vauth/oauth2: Fix OAUTHBEARER token generationMert Yazıcıoğlu
OAUTHBEARER tokens were incorrectly generated in a format similar to XOAUTH2 tokens. These changes make OAUTHBEARER tokens conform to the RFC7628. Fixes: #2487 Reported-by: Paolo Mossino Closes https://github.com/curl/curl/pull/3377
2019-04-02tool_cb_wrt: fix bad-function-cast warningMarcel Raad
Commit f5bc578f4cdfdc6c708211dfc2962a0e9d79352d reintroduced the warning fixed in commit 2f5f31bb57d68b54e03bffcd9648aece1fe564f8. Extend fhnd's scope and reuse that variable instead of calling _get_osfhandle a second time to fix the warning again. Closes https://github.com/curl/curl/pull/3718
2019-04-01VC15 project: remove MinimalRebuildMarcel Raad
Already done in commit d5cfefd0ea8e331b884186bff484210fad36e345 for the library project, but I forgot the tool project template. Now also removed for that.
2019-04-01cirrus: Customize the disabled tests per FreeBSD versionDan Fandrich
Try to run as many test cases as possible on each OS version. 12.0 passes 13 more tests than the older versions, so we might as well run them.
2019-04-01tool_help: include <strings.h> for strcasecmpDaniel Stenberg
Reported-by: Wyatt O'Day Fixes #3715 Closes #3716
2019-03-31scripts: fix typosDaniel Gustafsson
2019-03-28travis: allow builds on branches named "ci"Dan Fandrich
This allows a way to test changes other than through PRs.
2019-03-27resolve: apply Happy Eyeballs philosophy to parallel c-ares queriesBrad Spencer
Closes #3699
2019-03-27multi: improved HTTP_1_1_REQUIRED handlingDaniel Stenberg
Make sure to downgrade to 1.1 even when we get this HTTP/2 stream error on first flight. Reported-by: niner on github Fixes #3696 Closes #3707
2019-03-27configure: avoid unportable `==' test(1) operatorLeonardo Taccari
Closes #3709
2019-03-27RELEASE: 7.64.1Daniel Stenberg
2019-03-27Revert "ntlm: remove USE_WIN32_CRYPTO check to get USE_NTLM2SESSION set"Daniel Stenberg
This reverts commit 9130ead9fcabdb6b8fbdb37c0b38be2d326adb00. Fixes #3708
2019-03-26ntlm: remove USE_WIN32_CRYPTO check to get USE_NTLM2SESSION setChristian Schmitz
Closes #3704
2019-03-26tool_cb_wrt: fix writing to Windows null device NULJay Satiro
- Improve console detection. Prior to this change WriteConsole could be called to write to a handle that may not be a console, which would cause an error. This issue is limited to character devices that are not also consoles such as the null device NUL. Bug: https://github.com/curl/curl/issues/3175#issuecomment-439068724 Reported-by: Gisle Vanem
2019-03-25CURLMOPT_PIPELINING.3: fix typoJay Satiro
2019-03-25TODO: config file parsingDaniel Stenberg
Closes #3698
2019-03-24os400: Disable Alt-Svc by default since it's experimentalJay Satiro
Follow-up to 520f0b4 which added Alt-Svc support and enabled it by default for OS400. Since the feature is experimental, it should be disabled by default. Ref: https://github.com/curl/curl/commit/520f0b4#commitcomment-32792332 Ref: https://curl.haxx.se/mail/lib-2019-02/0008.html Closes https://github.com/curl/curl/pull/3688
2019-03-24tests: Fixed XML validation errors in some test files.Dan Fandrich
2019-03-24tests: Fix some incorrect precheck error messages.Dan Fandrich
[ci skip]
2019-03-22curl_url.3: this is not experimental anymoreDaniel Stenberg
2019-03-22travis: bump the used wolfSSL version to 4.0.0Daniel Stenberg
Test 311 is now fine, leaving only 313 (CRL) disabled. Test 313 details can be found here: https://github.com/wolfSSL/wolfssl/issues/1546 Closes #3697
2019-03-22lib: Fix typos in commentsDaniel Gustafsson
2019-03-20openssl: if cert type is ENG and no key specified, key is ENG tooDavid Woodhouse
Fixes #3692 Closes #3692
2019-03-20sectransp: tvOS 11 is required for ALPN supportDaniel Stenberg
Reported-by: nianxuejie on github Assisted-by: Nick Zitzmann Assisted-by: Jay Satiro Fixes #3689 Closes #3690
2019-03-18test1541: threaded connection sharingDaniel Stenberg
The threaded-shared-conn.c example turned into test case. Only works if pthread was detected. An attempt to detect future regressions such as e3a53e3efb942a5 Closes #3687
2019-03-17os400: alt-svc support.Patrick Monnerat
Although experimental, enable it in the platform config file. Upgrade ILE/RPG binding.
2019-03-17conncache: use conn->data to know if a transfer owns itDaniel Stenberg
- make sure an already "owned" connection isn't returned unless multiplexed. - clear ->data when returning the connection to the cache again Regression since 7.62.0 (probably in commit 1b76c38904f0) Bug: https://curl.haxx.se/mail/lib-2019-03/0064.html Closes #3686
2019-03-15RELEASE-NOTES: syncedDaniel Stenberg
2019-03-15configure: add --with-amisslChris Young
AmiSSL is an Amiga native library which provides a wrapper over OpenSSL. It also requires all programs using it to use bsdsocket.library directly, rather than accessing socket functions through clib, which libcurl was not necessarily doing previously. Configure will now check for the headers and ensure they are included if found. Closes #3677
2019-03-15vtls: rename some of the SSL functionsChris Young
... in the SSL structure as AmiSSL is using macros for the socket API functions.
2019-03-15tool_getpass: termios.h is present on AmigaOS 3, but no tcgetattr/tcsetattrChris Young
2019-03-15tool_operate: build on AmigaOSChris Young
2019-03-14makefile: make checksrc and hugefile commands "silent"Daniel Stenberg
... to match the style already used for compiling, linking etc. Acknowledges 'make V=1' to enable verbose. Closes #3681
2019-03-14curl.1: --user and --proxy-user are hidden from ps outputDaniel Stenberg
Suggested-by: Eric Curtin Improved-by: Dan Fandrich Ref: #3680 Closes #3683
2019-03-14curl.1: mark the argument to --cookie as <data|filename>Daniel Stenberg
From a discussion in #3676 Suggested-by: Tim Rühsen Closes #3682
2019-03-14fuzzer: Only clone the latest fuzzer code, for speed.Dan Fandrich
2019-03-14Negotiate: fix for HTTP POST with NegotiateDominik Hölzl
* Adjusted unit tests 2056, 2057 * do not generally close connections with CURLAUTH_NEGOTIATE after every request * moved negotiatedata from UrlState to connectdata * Added stream rewind logic for CURLAUTH_NEGOTIATE * introduced negotiatedata::GSS_AUTHDONE and negotiatedata::GSS_AUTHSUCC * Consider authproblem state for CURLAUTH_NEGOTIATE * Consider reuse_forbid for CURLAUTH_NEGOTIATE * moved and adjusted negotiate authentication state handling from output_auth_headers into Curl_output_negotiate * Curl_output_negotiate: ensure auth done is always set * Curl_output_negotiate: Set auth done also if result code is GSS_S_CONTINUE_NEEDED/SEC_I_CONTINUE_NEEDED as this result code may also indicate the last challenge request (only works with disabled Expect: 100-continue and CURLOPT_KEEP_SENDING_ON_ERROR -> 1) * Consider "Persistent-Auth" header, detect if not present; Reset/Cleanup negotiate after authentication if no persistent authentication * apply changes introduced with #2546 for negotiate rewind logic Fixes #1261 Closes #1975
2019-03-13http: send payload when (proxy) authentication is doneMarc Schlatter
The check that prevents payload from sending in case of authentication doesn't check properly if the authentication is done or not. They're cases where the proxy respond "200 OK" before sending authentication challenge. This change takes care of that. Fixes #2431 Closes #3669
2019-03-12file: fix "Checking if unsigned variable 'readcount' is less than zero."Daniel Stenberg
Pointed out by codacy Closes #3672
2019-03-12memdebug: log pointer before freeing its dataDaniel Stenberg
Coverity warned for two potentional "Use after free" cases. Both are false positives because the memory wasn't used, it was only the actual pointer value that was logged. The fix still changes the order of execution to avoid the warnings. Coverity CID 1443033 and 1443034 Closes #3671
2019-03-12RELEASE-NOTES: syncedDaniel Stenberg
2019-03-12travis: actually use updated compiler versionsMarcel Raad
For the Linux builds, GCC 8 and 7 and clang 7 were installed, but the new GCC versions were only used for the coverage build and for building nghttp2, while the new clang version was not used at all. BoringSSL needs to use the default GCC as it respects CC, but not CXX, so it would otherwise pass gcc 8 options to g++ 4.8 and fail. Also remove GCC 7, it's not needed anymore. Ref: https://docs.travis-ci.com/user/languages/c/#c11c11-and-beyond-and-toolchain-versioning Closes https://github.com/curl/curl/pull/3670
2019-03-12travis: update clang to version 7Marcel Raad
Closes https://github.com/curl/curl/pull/3670
2019-03-11examples/externalsocket: add missing close socket callsAndre Guibert de Bruet
.. and for Windows also call WSACleanup since we call WSAStartup. The example is to demonstrate handling the socket independently of libcurl. In this case libcurl is not responsible for creating, opening or closing the socket, it is handled by the application (our example). Fixes https://github.com/curl/curl/pull/3663
2019-03-11multi: removed unused code for request retriesDaniel Stenberg
This code was once used for the non multi-interface using code path, but ever since easy_perform was turned into a wrapper around the multi interface, this code path never runs. Closes #3666
2019-03-11doh: inherit some SSL options from user's easy handleJay Satiro
- Inherit SSL options for the doh handle but not SSL client certs, SSL ALPN/NPN, SSL engine, SSL version, SSL issuer cert, SSL pinned public key, SSL ciphers, SSL id cache setting, SSL kerberos or SSL gss-api settings. - Fix inheritance of verbose setting. - Inherit NOSIGNAL. There is no way for the user to set options for the doh (DNS-over-HTTPS) handles and instead we inherit some options from the user's easy handle. My thinking for the SSL options not inherited is they are most likely not intended by the user for the DOH transfer. I did inherit insecure because I think that should still be in control of the user. Prior to this change doh did not work for me because CAINFO was not inherited. Also verbose was set always which AFAICT was a bug (#3660). Fixes https://github.com/curl/curl/issues/3660 Closes https://github.com/curl/curl/pull/3661
2019-03-09test331: verify set-cookie for dotless host nameDaniel Stenberg
Reproduced bug #3649 Closes #3659
2019-03-09Revert "cookies: extend domain checks to non psl builds"Daniel Stenberg
This reverts commit 3773de378d48b06c09931e44dca4d274d0bfdce0. Regression shipped in 7.64.0 Fixes #3649
2019-03-08memdebug: make debug-specific functions use curl_dbg_ prefixDaniel Stenberg
To not "collide" or use up the regular curl_ name space. Also makes them easier to detect in helper scripts. Closes #3656
2019-03-08cmdline-opts/proxytunnel.d: the option tunnnels all protocolsDaniel Stenberg
Clarify the language and simplify. Reported-by: Daniel Lublin Closes #3658