aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-03-10THANKS-filter: unify Michael KönigDaniel Stenberg
2016-03-10RELEASE-NOTES: synced with 863c5766ddDaniel Stenberg
2016-03-10ftp: remove a check for NULL(!)Daniel Stenberg
... as it implies we need to check for that on all the other variable references as well (as Coverity otherwise warns us for missing NULL checks), and we're alredy making sure that the pointer is never NULL.
2016-03-10cookies: first n/v pair in Set-Cookie: is the cookie, then parametersDaniel Stenberg
RFC 6265 section 4.1.1 spells out that the first name/value pair in the header is the actual cookie name and content, while the following are the parameters. libcurl previously had a more liberal approach which causes significant problems when introducing new cookie parameters, like the suggested new cookie priority draft. The previous logic read all n/v pairs from left-to-right and the first name used that wassn't a known parameter name would be used as the cookie name, thus accepting "Set-Cookie: Max-Age=2; person=daniel" to be a cookie named 'person' while an RFC 6265 compliant parser should consider that to be a cookie named 'Max-Age' with an (unknown) parameter 'person'. Fixes #709
2016-03-10krb5: improved type handling to avoid clang compiler warningsDaniel Stenberg
2016-03-10url.c: fix clang warning: no newline at end of fileDaniel Stenberg
2016-03-10curl_multi_wait: never return -1 in 'numfds'Daniel Stenberg
Such a return value isn't documented but could still happen, and the curl tool code checks for it. It would happen when the underlying Curl_poll() function returns an error. Starting now we mask that error as a user of curl_multi_wait() would have no way to handle it anyway. Reported-by: Jay Satiro Closes #707
2016-03-09HTTP2.md: add CURL_HTTP_VERSION_2TLS and updated alt-svc linkDaniel Stenberg
2016-03-09curl_multi_wait.3: add exampleDaniel Stenberg
2016-03-08imap/pop3/smtp: Fixed connections upgraded with TLS are not reusedSteve Holme
Regression since commit 710f14edba. Bug: https://github.com/curl/curl/issues/422 Reported-by: Justin Ehlert
2016-03-08opt-docs: fix heading macrosJay Satiro
..SH should be .SH Bug: https://github.com/curl/curl/issues/705 Reported-by: Eric S. Raymond
2016-03-08cookie: do not refuse cookies for localhostTim Rühsen
Closes #658
2016-03-08ftp_done: clear tunnel_state when secondary socket closesDaniel Stenberg
Introducing a function for closing the secondary connection to make this bug less likely to happen again. Reported-by: daboul Closes #701
2016-03-08openssl: use the correct OpenSSL/BoringSSL/LibreSSL in messagesGisle Vanem
2016-03-08HTTP2.md: HTTP/2 by default for curl's HTTPS connectionsDaniel Stenberg
2016-03-08pipeline: Sanity check pipeline pointer before accessing it.Anders Bakken
I got a crash with this stack: curl/lib/url.c:2873 (Curl_removeHandleFromPipeline) curl/lib/url.c:2919 (Curl_getoff_all_pipelines) curl/lib/multi.c:561 (curl_multi_remove_handle) curl/lib/url.c:415 (Curl_close) curl/lib/easy.c:859 (curl_easy_cleanup) Closes #704
2016-03-08HTTP2.md: mention the disable ALPN and NPN optionsDaniel Stenberg
2016-03-07TODO: 17.12 keep running, read instructions from pipe/socketDaniel Stenberg
And delete trailing whitespace And rename section 17 to "command line tool" from "client" Closes #702
2016-03-07README.md: linkifiedDaniel Stenberg
It also makes it less readable as plain text, so let's keep this primarily for github use. Removed the top ascii art logo, as it looks weird when markdownified.
2016-03-07README.md: markdown version of READMEDaniel Stenberg
Attempt to make it look more appealing on github
2016-03-06mprintf: update trio project linkJay Satiro
2016-03-06CURLOPT_ACCEPTTIMEOUT_MS.3: added exampleDaniel Stenberg
2016-03-06CURLOPT_ACCEPT_ENCODING.3: added exampleDaniel Stenberg
2016-03-06CURLOPT_APPEND.3: added exampleDaniel Stenberg
2016-03-06CURLOPT_NOPROGRESS.3: added example, conform to stardard styleDaniel Stenberg
2016-03-06build-openssl/checksrc.bat: Fixed prepend vs append of Perl pathSteve Holme
Fixed inconsistency from commit 1eae114065 and 0ad6c72227 of the order in which Perl was added to the PATH.
2016-03-06opts: added two examplesDaniel Stenberg
2016-03-06CURLOPT_SSL_CTX_FUNCTION.3: use .NF for exampleDaniel Stenberg
2016-03-06CURLOPT_SSL_CTX_FUNCTION.3: added exampleDaniel Stenberg
and removed erroneous reference to test case lib509
2016-03-06curlx.c: use more curl style codeDaniel Stenberg
2016-03-06test46: change cookie expiry dateDaniel Stenberg
Since two of the cookies would now otherwise expire and cause the test to fail after commit 20de9b4f09 Discussed in #697
2016-03-05makefile.m32: add missing libs for static -winssl-ssh2 buildsViktor Szakats
Bug: https://github.com/curl/curl/pull/693
2016-03-05mbedtls: fix user-specified SSL protocol versionJay Satiro
Prior to this change when a single protocol CURL_SSLVERSION_ was specified by the user that version was set only as the minimum version but not as the maximum version as well.
2016-03-05.gitignore: Added *.VC.opendb and *.vcxproj.user files for VC14Steve Holme
2016-03-05build-openssl.bat: Fixed cannot find perl if installed but not in pathSteve Holme
2016-03-05checksrc.bat: Fixed cannot find perl if installed but not in pathSteve Holme
2016-03-05makefile.m32: fix to allow -ssh2-winssl combinationViktor Szakats
In makefile.m32, option -ssh2 (libssh2) automatically implied -ssl (OpenSSL) option, with no way to override it with -winssl. Since both libssh2 and curl support using Windows's built-in SSL backend, modify the logic to allow that combination.
2016-03-05cookie: Don't expire session cookies in remove_expiredJay Satiro
Prior to this change cookies with an expiry date that failed parsing and were converted to session cookies could be purged in remove_expired. Bug: https://github.com/curl/curl/issues/697 Reported-by: Seth Mos
2016-03-03cookie: remove redundant checkDaniel Stenberg
... as it was already checked previously within the function. Reported-by: Dmitry-Me Closes #695
2016-03-01url: if Curl_done is premature then pipeline not in useAnders Bakken
Prevent a crash if 2 (or more) requests are made to the same host and pipelining is enabled and the connection does not complete. Bug: https://github.com/curl/curl/pull/690
2016-03-01makefile.m32: allow to pass .dll/.exe-specific LDFLAGSViktor Szakats
using envvars `CURL_LDFLAG_EXTRAS_DLL` and `CURL_LDFLAG_EXTRAS_EXE` respectively. This is useful f.e. to pass ASLR-related extra options, that are required to make this feature work when using the mingw toolchain. Ref: https://github.com/curl/curl/pull/670#issuecomment-190863985 Closes https://github.com/curl/curl/pull/689
2016-02-29formpost: fix memory leaks in AddFormData error branchesDaniel Stenberg
Reported-by: Dmitry-Me Fixes #688
2016-02-28getinfo: Fix syntax error when mbedTLSJay Satiro
The assignment of the mbedTLS TLS session info in the parent commit was incorrect. Change the assignment to a pointer to the session structure.
2016-02-27getinfo: Add support for mbedTLS TLS session infoJay Satiro
.. and preprocessor check TLS session info is defined for all backends.
2016-02-26ROADMAP: clarify on the TLS proxy, mention HTTP cookies to work onDaniel Stenberg
2016-02-25file: try reading from files with no sizeDaniel Stenberg
Some systems have special files that report as 0 bytes big, but still contain data that can be read (for example /proc/cpuinfo on Linux). Starting now, a zero byte size is considered "unknown" size and will be read as far as possible anyway. Reported-by: Jesse Tan Closes #681
2016-02-25configure: warn on invalid ca bundle or pathJay Satiro
- Warn if --with-ca-bundle file does not exist. - Warn if --with-ca-path directory does not contain certificates. - Improve help messages for both. Example configure output: ca cert bundle: /some/file (warning: certs not found) ca cert path: /some/dir (warning: certs not found) Bug: https://github.com/curl/curl/issues/404 Reported-by: Jeffrey Walton
2016-02-24Curl_read: check for activated HTTP/1 pipelining, not only requestedDaniel Stenberg
... as when pipelining is used, we read things into a unified buffer and we don't do that with HTTP/2. This could then easily make programs that set CURLMOPT_PIPELINING = CURLPIPE_HTTP1|CURLPIPE_MULTIPLEX to get data intermixed or plain broken between HTTP/2 streams. Reported-by: Anders Bakken
2016-02-24os400: Fix ILE/RPG definition of CURLOPT_TFTP_NO_OPTIONSPatrick Monnerat
2016-02-23getinfo: CURLINFO_TLS_SSL_PTR supersedes CURLINFO_TLS_SESSIONJay Satiro
The two options are almost the same, except in the case of OpenSSL: CURLINFO_TLS_SESSION OpenSSL session internals is SSL_CTX *. CURLINFO_TLS_SSL_PTR OpenSSL session internals is SSL *. For backwards compatibility we couldn't modify CURLINFO_TLS_SESSION to return an SSL pointer for OpenSSL. Also, add support for the 'internals' member to point to SSL object for the other backends axTLS, PolarSSL, Secure Channel, Secure Transport and wolfSSL. Bug: https://github.com/curl/curl/issues/234 Reported-by: dkjjr89@users.noreply.github.com Bug: https://curl.haxx.se/mail/lib-2015-09/0127.html Reported-by: Michael König