aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-10-28auth: add support for RFC7616 - HTTP Digest access authenticationFlorin
Signed-off-by: Florin <petriuc.florin@gmail.com>
2017-10-28TODO: support multiple Content-EncodingsDaniel Bankhead
Closes #2002
2017-10-28ROADMAP: cleanupDaniel Stenberg
Removed done stuff. Removed entries no longer considered for the near term.
2017-10-28ROADMAP.md: spelling fixesMagicansk
Closes #2028
2017-10-28Curl_timeleft: change return type to timediff_tDaniel Stenberg
returning 'time_t' is problematic when that type is unsigned and we return values less than zero to signal "already expired", used in several places in the code. Closes #2021
2017-10-27appveyor: add a win32 buildDaniel Stenberg
2017-10-27setopt: fix CURLOPT_SSH_AUTH_TYPES option readDaniel Stenberg
Regression since f121575c0b5f Reported-by: Rob Cotrone
2017-10-27resolvers: only include anything if neededMarcel Raad
This avoids warnings about unused stuff. Closes https://github.com/curl/curl/pull/2023
2017-10-27HELP-US: rename the subtitle too since the label is changedDaniel Stenberg
"PR-welcome" was the former name.
2017-10-27curl_setup.h: oops, shorten the too long lineDaniel Stenberg
2017-10-27curl_setup: Improve detection of CURL_WINDOWS_APPMartin Storsjo
If WINAPI_FAMILY is defined, it should be safe to try to include winapifamily.h to check what the define evaluates to. This should fix detection of CURL_WINDOWS_APP if building with _WIN32_WINNT set to 0x0600. Closes #2025
2017-10-26transfer: Fix chunked-encoding upload bugJay Satiro
- When uploading via chunked-encoding don't compare file size to bytes sent to determine whether the upload has finished. Chunked-encoding adds its own overhead which why the bytes sent is not equal to the file size. Prior to this change if a file was uploaded in chunked-encoding and its size was known it was possible that the upload could end prematurely without sending the final few chunks. That would result in a server hang waiting for the remaining data, likely followed by a disconnect. The scope of this bug is limited to some arbitrary file sizes which have not been determined. One size that triggers the bug is 475020. Bug: https://github.com/curl/curl/issues/2001 Reported-by: moohoorama@users.noreply.github.com Closes https://github.com/curl/curl/pull/2010
2017-10-26timeval: make timediff_t also work on 32bit windowsDaniel Stenberg
... by using curl_off_t for the typedef if time_t is larger than 4 bytes. Reported-by: Gisle Vanem Bug: https://github.com/curl/curl/commit/b9d25f9a6b3ca791385b80a6a3c3fa5ae113e1e0#co mmitcomment-25205058 Closes #2019
2017-10-26curl_fnmatch: return error on illegal wildcard patternDaniel Stenberg
... instead of doing an infinite loop! Added test 1162 to verify. Reported-by: Max Dymond Fixes #2015 Closes #2017
2017-10-26wildcards: don't use with non-supported protocolsMax Dymond
Fixes timeouts in the fuzzing tests for non-FTP protocols. Closes #2016
2017-10-25multi: allow table handle sizes to be overriddenMax Dymond
Allow users to specify their own hash define for CURL_CONNECTION_HASH_SIZE so that both values can be overridden. Closes #1982
2017-10-25time: rename Curl_tvnow to Curl_nowDaniel Stenberg
... since the 'tv' stood for timeval and this function does not return a timeval struct anymore. Also, cleaned up the Curl_timediff*() functions to avoid typecasts and clean up the descriptive comments. Closes #2011
2017-10-25ftplistparser: follow-up cleanup to remove PL_ERROR()Daniel Stenberg
2017-10-25ftplistparser: free off temporary memory alwaysMax Dymond
When using the FTP list parser, ensure that the memory that's allocated is always freed. Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3682 Closes #2013
2017-10-25timediff: return timediff_t from the time diff functionsDaniel Stenberg
... to cater for systems with unsigned time_t variables. - Renamed the functions to curlx_timediff and Curl_timediff_us. - Added overflow protection for both of them in either direction for both 32 bit and 64 bit time_ts - Reprefixed the curlx_time functions to use Curl_* Reported-by: Peter Piekarski Fixes #2004 Closes #2005
2017-10-24libtest: Add required test libraries for lib1552 and lib1553Paul Howarth
They use $(TESTUTIL) and thus should use $(TESTUTIL_LIBS) too. This fixes build failures on Fedora 13. Closes #2006
2017-10-24libcurl-tutorial.3: fix typoAlessandro Ghedini
closes #2008
2017-10-23curl_mime_filedata.3: fix typosAlessandro Ghedini
2017-10-23RELEASE-NOTES: clean slate towards 7.57.0Daniel Stenberg
2017-10-23travis: exit if any steps failMax Dymond
We don't expect any steps to fail in travis. Exit the script if they do. Closes #1966
2017-10-23RELEASE-NOTES: 7.56.1Daniel Stenberg
2017-10-23THANKS: update at 7.56.1 release timeDaniel Stenberg
2017-10-22mk-ca-bundle: Remove URL for auroraJon DeVree
Aurora is no longer used by Mozilla https://hacks.mozilla.org/2017/04/simplifying-firefox-release-channels/
2017-10-22mk-ca-bundle: Fix URL for NSSJon DeVree
The 'tip' is the most recent branch committed to, this should be 'default' like the URLs for the browser are. Closes #1998
2017-10-22imap: if a FETCH response has no size, don't call write callbackDaniel Stenberg
CVE-2017-1000257 Reported-by: Brian Carpenter and 0xd34db347 Also detected by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3586
2017-10-20ftp: reject illegal IP/port in PASV 227 responseDaniel Stenberg
... by using range checks. Among other things, this avoids an undefined behavior for a left shift that could happen on negative or very large values. Closes #1997 Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3694
2017-10-20test653: check reuse of easy handle after mime data changePatrick Monnerat
See issue #1999
2017-10-20mime: do not reuse previously computed multipart sizePatrick Monnerat
The contents might have changed: size must be recomputed. Reported-by: moteus on github Fixes #1999
2017-10-19test308: disable if MultiSSL feature enabledPatrick Monnerat
Even if OpenSSL is enabled, it might not be the default backend when multi-ssl is enabled, causing the test to fail.
2017-10-19runtests: support MultiSSL client featurePatrick Monnerat
2017-10-19vtls: change struct Curl_ssl `close' field name to `close_one'.Patrick Monnerat
On OS/400, `close' is an ASCII system macro that corrupts the code if not used in a context not targetting the close() system API.
2017-10-19os400: add missing symbols in config file.Patrick Monnerat
Also adjust makefile to renamed files and warn about installation dirs mix-up.
2017-10-19test652: curl_mime_data + base64 encoder with large contentsPatrick Monnerat
2017-10-19mime: limit bas64-encoded lines length to 76 charactersPatrick Monnerat
2017-10-16RELEASE-NOTES: synced with f121575c0Daniel Stenberg
2017-10-16setopt: range check most long optionsDaniel Stenberg
... filter early instead of risking "funny values" having to be dealt with elsewhere.
2017-10-16setopt: avoid integer overflows when setting millsecond valuesDaniel Stenberg
... that are multiplied by 1000 when stored. For 32 bit long systems, the max value accepted (2147483 seconds) is > 596 hours which is unlikely to ever be set by a legitimate application - and previously it didn't work either, it just caused undefined behavior. Also updated the man pages for these timeout options to mention the return code. Closes #1938
2017-10-15makefile.m32: allow to override gcc, ar and ranlibViktor Szakats
Allow to ovverride certain build tools, making it possible to use LLVM/Clang to build curl. The default behavior is unchanged. To build with clang (as offered by MSYS2), these settings can be used: CURL_CC=clang CURL_AR=llvm-ar CURL_RANLIB=llvm-ranlib Closes https://github.com/curl/curl/pull/1993
2017-10-15ldap: silence clang warningViktor Szakats
Use memset() to initialize a structure to avoid LLVM/Clang warning: ldap.c:193:39: warning: missing field 'UserLength' initializer [-Wmissing-field-initializers] Closes https://github.com/curl/curl/pull/1992
2017-10-14runtests: use valgrind for torture as wellDaniel Stenberg
NOTE: it makes them terribly slow. I recommend only using valgrind for specific torture tests or using lots of patience.
2017-10-14memdebug: trace send, recv and socketDaniel Stenberg
... to allow them to be included in torture tests too. closes #1980
2017-10-14configure: remove the C++ compiler checkDaniel Stenberg
... we used it only for the fuzzer, which we now have in a separate git repo. Closes #1990
2017-10-13mime: do not call failf() if easy handle is NULL.Patrick Monnerat
2017-10-13test651: curl_formadd with huge COPYCONTENTSDaniel Stenberg
2017-10-13mime: fix the content reader to handle >16K data properlyDaniel Stenberg
Reported-by: Jeroen Ooms Closes #1988