Age | Commit message (Collapse) | Author |
|
In order to make MBEDTLS_DEBUG work, the debug threshold must be unequal
to 0. This patch also adds a comment how mbedtls must be compiled in
order to make debugging work, and explains the possible debug levels.
|
|
After a few wasted hours hunting down the reason for slowness during a
TLS handshake that turned out to be because of TCP_NODELAY not being
set, I think we have enough motivation to toggle the default for this
option. We now enable TCP_NODELAY by default and allow applications to
switch it off.
This also makes --tcp-nodelay unnecessary, but --no-tcp-nodelay can be
used to disable it.
Thanks-to: Tim Rühsen
Bug: https://curl.haxx.se/mail/lib-2016-06/0143.html
|
|
When input stream for curl is stdin and input stream is not a file but
generated by a script then curl can truncate data transfer to arbitrary
size since a partial packet is treated as end of transfer by TFTP.
Fixes #857
|
|
Makes the script pass on comments holding meta data to the output
file. Like fingerprinters, issuer, date ranges etc.
Closes #937
|
|
Previously, passing a timeout of zero to Curl_expire() was a magic code
for clearing all timeouts for the handle. That is now instead made with
the new Curl_expire_clear() function and thus a 0 timeout is fine to set
and will trigger a timeout ASAP.
This will help removing short delays, in particular notable when doing
HTTP/2.
|
|
Regression added in 790d6de48515. The was then added to avoid one
particular transfer to starve out others. But when aborting due to
reading the maxcount, the connection must be marked to be read from
again without first doing a select as for some protocols (like SFTP/SCP)
the data may already have been read off the socket.
Reported-by: Dan Donahue
Bug: https://curl.haxx.se/mail/lib-2016-07/0057.html
|
|
|
|
Fixes #943
|
|
|
|
|
|
|
|
CVE-2016-5420
Bug: https://curl.haxx.se/docs/adv_20160803B.html
|
|
CVE-2016-5419
Bug: https://curl.haxx.se/docs/adv_20160803A.html
Reported-by: Bru Rom
Contributions-by: Eric Rescorla and Ray Satiro
|
|
CVE-2016-5421
Bug: https://curl.haxx.se/docs/adv_20160803C.html
Reported-by: Marcelo Echeverria and Fernando Muñoz
|
|
Closes #835
|
|
Closes #768
|
|
Closes #662
|
|
Closes #885
|
|
|
|
|
|
This patch is necessary so that curl compiles if MBEDTLS_DEBUG is
defined.
Bug: https://curl.haxx.se/mail/lib-2016-08/0001.html
|
|
Apparently due to a broken homebrew install
fixes #934
Closes #939
|
|
If a call to GetSystemDirectory fails, the `path` pointer that was
previously allocated would be leaked. This makes sure that `path` is
always freed.
Closes #938
|
|
Many applications assume the actual contents of the public types and use
that do for example forward declarations (saving them from including our
public header) which then breaks when we switch from void * to a struct
*.
I'm not convinced we were wrong, but since this practise seems
widespread enough I'm willing to (partly) step down.
Now libcurl uses the struct itself when it is built and it allows
applications to use the struct type if CURL_STRICTER is defined at the
time of the #include.
Reported-by: Peter Frühberger
Fixes #926
|
|
The check_library_exists_concat do not check crypt32 library properly.
So include it directly.
Bug: https://github.com/curl/curl/pull/917
Reported-by: Yonggang Luo
Bug: https://github.com/curl/curl/issues/935
Reported-by: Alain Danteny
|
|
Didn't work.
This reverts commit 50723585ed380744358de054e2a55dccee65dfd7.
|
|
CI is failing due to missing libtoolize, so I'm trying this.
|
|
merged #931
|
|
|
|
Do not log compilation informational messages.
|
|
Bug: https://curl.haxx.se/mail/lib-2016-07/0070.html
Reported-by: Paul Howarth
|
|
|
|
As SPNEGO is only defined when these pre-processor variables are defined
there is no need to query them explicitly.
|
|
Typo introduced in commit ad5e9bfd5d.
|
|
... and make the distros link a proper link
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Embedded manifest option didn't work due to typo.
Reported-by: Stefan Kanthak
|
|
This is a follow up to the parent commit dcdd4be which fixes one leak
but creates another by failing to free the credentials handle if out of
memory. Also there's a second location a few lines down where we fail to
do same. This commit fixes both of those issues.
|
|
This patch allocates memory to "output_token" only when it is required
so that memory is not leaked if function returns.
|
|
Follow-up commit to c50980807c5 to make this test pass.
|
|
- Linux TFO + TLS is not implemented yet.
Bug: https://github.com/curl/curl/issues/907
|
|
|
|
|
|
- Curl_ipv6works() is not thread-safe until after the first call, so
call it once during global init to avoid a possible race condition.
Bug: https://github.com/curl/curl/issues/915
PR: https://github.com/curl/curl/pull/918
|
|
Closes https://github.com/curl/curl/pull/914
|