Age | Commit message (Collapse) | Author |
|
OpenSSL passes out and outlen variable uninitialized to
select_next_proto_cb callback function. If the callback function
returns SSL_TLSEXT_ERR_OK, the caller assumes the callback filled
values in out and outlen and processes as such. Previously, if there
is no overlap in protocol lists, curl code does not fill any values in
these variables and returns SSL_TLSEXT_ERR_OK, which means we are
triggering undefined behavior. valgrind warns this.
This patch fixes this issue by fallback to HTTP/1.1 if there is no
overlap.
|
|
|
|
|
|
|
|
There is an implicit conversion from "unsigned long" to "long"
|
|
|
|
|
|
Fixed a copy / paste error from my 2011 project files.
|
|
|
|
Security Framework on OS X makes it possible to supply extra anchor (CA)
certificates via the Certificate, Key, and Trust Services API. This
commit makes the '--cacert' option work using this API.
More information:
https://developer.apple.com/library/mac/documentation/security/Reference/certifkeytrustservices/Reference/reference.html
The HTTPS tests now pass on OS X except 314, which requires the '--crl'
option to work.
|
|
warning: suggest braces around empty body in an 'else' statement
|
|
warning: implicit declaration of function 'connclose'
|
|
Make all code use connclose() and connkeep() when changing the "close
state" for a connection. These two macros take a string argument with an
explanation, and debug builds of curl will include that in the debug
output. Helps tracking connection re-use/close issues.
|
|
|
|
Renamed the CURLX_ONES file list definition in order to a) try and be
consistent with other file lists and b) to allow for the addition of
the curlx header files, which will assist with Visual Studio project
files generation rather than hard coding those files.
|
|
|
|
|
|
Possibly the final update before release...
|
|
Added a couple of outstanding tasks to the TODO section that we didn't
get time to do before the release.
|
|
Http2 connections would wrongly get closed after each individual
request.
Co-authored-by: Tatsuhiro Tsujikawa
Bug: http://curl.haxx.se/bug/view.cgi?id=1374
|
|
According to https://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-05
it is "http/1.1" and not "http/1.0".
|
|
|
|
Added a default source directory so the user doesn't have to specify
one - the same as that, which the Visual Studio project files expect
the OpenSSL dependencies to be in.
|
|
|
|
To use an up to date download link as well as remove duplicate
information.
|
|
|
|
In order to try and be consistent between curl and libcurl renamed the
recently introduced LIB_* makefile file variables.
|
|
|
|
grrr, missed them in my previous fix
|
|
Follow-up to commit 121bcfee5d1. curl-config --features now lists
GSS-API but it is not a listed feature in curl -V. This should probably
be synchronized.
|
|
Verifies that the change in 68f0166a92 works as intended and that
different HTTP auth credentials to the same host still re-uses the
connection properly.
|
|
|
|
|
|
|
|
|
|
To get the VC project files generated before packaging!
|
|
|
|
|
|
|
|
|
|
|
|
Bug: http://curl.haxx.se/bug/view.cgi?id=1344
Reported-by: Michael Osipov
|
|
Bug: http://curl.haxx.se/bug/view.cgi?id=1343
Reported-by: Michael Osipov
|
|
|
|
It counts "body" data only, no meta data, no headers.
|
|
|
|
Commit 517b06d657ace (in 7.36.0) that brought the CREDSPERREQUEST flag
only set it for HTTPS, making HTTP less good at doing connection re-use
than it should be. Now set it for HTTP as well.
Simple test case
"curl -v -u foo:bar localhost --next -u bar:foo localhos"
Bug: http://curl.haxx.se/mail/lib-2014-05/0127.html
Reported-by: Kamil Dudka
|
|
|
|
The variable wasn't assigned at all until step3 which would lead to a
failed connect never assigning the variable and thus returning a bad
value.
Reported-by: Larry Lin
Bug: http://curl.haxx.se/mail/lib-2014-04/0203.html
|
|
In commit 0b3750b5c23c25f (released in 7.36.0) we fixed a timeout issue
but instead broke the timings.
To fix this, I introduce a new timestamp to use for the timeouts and
restored the previous timestamp and timestamp position so that the old
timer functionality is restored.
In addition to that, that change also broke connection timeouts for when
more than one connect was used (as it would then count the total time
from the first connect and not for the most recent one). Now
Curl_timeleft() has been modified so that it checks against different
start times depending on which timeout it checks.
Test 1303 is updated accordingly.
Bug: http://curl.haxx.se/mail/lib-2014-05/0147.html
Reported-by: Ryan Braud
|