aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-12-16cyassl: deal with lack of *get_peer_certificateDaniel Stenberg
The function is only present in wolfssl/cyassl if it was built with --enable-opensslextra. With these checks added, pinning support is disabled unless the TLS lib has that function available. Also fix the mistake in configure that checks for the wrong lib name. Closes #566
2015-12-16wolfssl: handle builds without SSLv3 supportDaniel Stenberg
2015-12-15http2: Support trailer fieldsTatsuhiro Tsujikawa
This commit adds trailer support in HTTP/2. In HTTP/1.1, chunked encoding must be used to send trialer fields. HTTP/2 deprecated any trandfer-encoding, including chunked. But trailer fields are now always available. Since trailer fields are relatively rare these days (gRPC uses them extensively though), allocating buffer for trailer fields is done when we detect that HEADERS frame containing trailer fields is started. We use Curl_add_buffer_* functions to buffer all trailers, just like we do for regular header fields. And then deliver them when stream is closed. We have to be careful here so that all data are delivered to upper layer before sending trailers to the application. We can deliver trailer field one by one using NGHTTP2_ERR_PAUSE mechanism, but current method is far more simple. Another possibility is use chunked encoding internally for HTTP/2 traffic. I have not tested it, but it could add another overhead. Closes #564
2015-12-15RELEASE-NOTES: synced with 6c2c019654e658aDaniel Stenberg
2015-12-15x509asn1: Fix host altname verificationJay Satiro
- In Curl_verifyhost check all altnames in the certificate. Prior to this change only the first altname was checked. Only the GSKit SSL backend was affected by this bug. Bug: http://curl.haxx.se/mail/lib-2015-12/0062.html Reported-by: John Kohl
2015-12-15curl --expect100-timeout: addedDaniel Stenberg
This is the new command line option to set the value for the existing libcurl option CURLOPT_EXPECT_100_TIMEOUT_MS
2015-12-15cyassl: fix compiler warning on type conversionDaniel Stenberg
2015-12-15curlver: the pending release will become 7.47.0Daniel Stenberg
2015-12-14setstropt: const-correctnessAnders Bakken
Closes #565
2015-12-14ROADMAP: implemented HTTP2 for HTTPS-onlyDaniel Stenberg
2015-12-14HTTP2.md: spell fix and remove TODO now implementedDaniel Stenberg
2015-12-14libressl: the latest openssl x509 funcs are not in libresslDaniel Stenberg
2015-12-13curl: use 2TLS by defaultDaniel Stenberg
Make this the default for the curl tool (if built with HTTP/2 powers enabled) unless a specific HTTP version is requested on the command line. This should allow more users to get HTTP/2 powers without having to change anything.
2015-12-13http: add libcurl option to allow HTTP/2 for HTTPS onlyDaniel Stenberg
... and stick to 1.1 for HTTP. This is in line with what browsers do and should have very little risk.
2015-12-10openssl: adapt to openssl >= 1.1.0 X509 opaque structsDaniel Stenberg
Closes #491
2015-12-10openssl: avoid BIO_reset() warnings since it returns a valueDaniel Stenberg
2015-12-10openssl: adapt to 1.1.0+ name changesDaniel Stenberg
2015-12-09scripts/makefile: add standard headerDaniel Stenberg
2015-12-09scripts/Makefile: fix GNUism and survive no perlDaniel Stenberg
Closes #555 Reported-by: Thomas Klausner
2015-12-09fix b6d5cb40d7038feDaniel Stenberg
2015-12-08http2: Fix hanging paused streamTatsuhiro Tsujikawa
When NGHTTP2_ERR_PAUSE is returned from data_source_read_callback, we might not process DATA frame fully. Calling nghttp2_session_mem_recv() again will continue to process DATA frame, but if there is no incoming frames, then we have to call it again with 0-length data. Without this, on_stream_close callback will not be called, and stream could be hanged. Bug: http://curl.haxx.se/mail/lib-2015-11/0103.html Reported-by: Francisco Moraes
2015-12-08build: fix compilation error with CURL_DISABLE_VERBOSE_STRINGSChristian Stewart
With curl disable verbose strings in http.c the compilation fails due to the data variable being undefined later on in the function. Closes #558
2015-12-07config-win32: Fix warning HAVE_WINSOCK2_H undefinedGisle Vanem
2015-12-07openssl: BoringSSL doesn't have CONF_modules_freeGisle Vanem
2015-12-07lwip: Fix compatibility issues with later versionsGisle Vanem
The name of the header guard in lwIP's <lwip/opt.h> has changed from '__LWIP_OPT_H__' to 'LWIP_HDR_OPT_H' (bug #35874 in May 2015). Other fixes: - In curl_setup.h, the problem with an old PSDK doesn't apply if lwIP is used. - In memdebug.h, the 'socket' should be undefined first due to lwIP's lwip_socket() macro. - In curl_addrinfo.c lwIP's getaddrinfo() + freeaddrinfo() macros need special handling because they were undef'ed in memdebug.h. - In select.c we can't use preprocessor conditionals inside select if MSVC and select is a macro, as it is with lwIP. http://curl.haxx.se/mail/lib-2015-12/0023.html http://curl.haxx.se/mail/lib-2015-12/0024.html
2015-12-07os400: define CURL_VERSION_PSL in ILE/RPG bindingPatrick Monnerat
2015-12-07version: Add flag CURL_VERSION_PSL for libpslGisle Vanem
2015-12-07formdata: Check if length is too large for memoryJay Satiro
- If the size of the length type (curl_off_t) is greater than the size of the size_t type then check before allocating memory to make sure the value of length will fit in a size_t without overflow. If it doesn't then return CURLE_BAD_FUNCTION_ARGUMENT. Bug: https://github.com/bagder/curl/issues/425#issuecomment-154518679 Reported-by: Steve Holme
2015-12-03tests: Corrected copy and pasted comments from commit e643c5c908Steve Holme
2015-12-03curl: remove keepalive #ifdef checks done on libcurl's behalfDaniel Stenberg
They didn't match the ifdef logic used within libcurl anyway so they could indeed warn for the wrong case - plus the tool cannot know how the lib actually performs at that level.
2015-12-02test947: Corrected typo in test nameSteve Holme
2015-12-02tests: Disable the OAUTHBEARER tests when using a non-default port numberSteve Holme
Tests 842, 843, 844, 845, 887, 888, 889, 890, 946, 947, 948 and 949 fail if a custom port number is specified via the -b option of runtests.pl. Suggested by: Kamil Dudka Bug: http://curl.haxx.se/mail/lib-2015-12/0003.html
2015-12-02bump: towards next releaseDaniel Stenberg
for all we know now, it might be called 7.46.1
2015-12-01RELEASE-NOTES: updated contributor count for 7.46.0Daniel Stenberg
2015-12-01THANKS: new contributors from the 7.46.0 releaseDaniel Stenberg
2015-12-01THANKS-filter: single Tim Rühsen spellingDaniel Stenberg
2015-12-01docs/examples: gitignore some more built examplesDaniel Stenberg
2015-11-30RELEASE-NOTES; this bug was never releasedDaniel Stenberg
2015-11-30RELEASE-NOTES: synced with e55f15454efacb0Daniel Stenberg
2015-11-30Curl_read_plain: clean up ifdefs that break statementsFlavio Medeiros
Closes #546
2015-11-30http2: convert some verbose output into debug-only outputDaniel Stenberg
2015-11-30http2 push: add missing inits of new streamDaniel Stenberg
- set the correct stream_id for pushed streams - init maxdownload and size properly
2015-11-30http2 push: set weight for new streamDaniel Stenberg
give the new stream the old one's stream_weight internally to avoid sending a PRIORITY frame unless asked for it
2015-11-28curl_setup.h: undef freeaddrinfo in c-ares block to fix buildDaniel Stenberg
Fixes warnings 78c25c854a added.
2015-11-27nonblock: fix setting non-blocking mode for AmigaDaniel Stenberg
IoctlSocket() apparently wants a pointer to a long, passed as a char * in its third parameter. This bug was introduced already back in commit c5fdeef41d from October 1 2001! Bug: http://curl.haxx.se/mail/lib-2015-11/0088.html Reported-by: Norbert Kett
2015-11-27zsh install: fix DESTDIR supportDaniel Stenberg
Reported-by: Mohammad AlSaleh
2015-11-27lib: Only define curl_dofreeaddrinfo if struct addrinfo is availableDan Fandrich
2015-11-27tool_paramhlp: Fixed display of URL index in password prompt for --nextSteve Holme
Commit f3bae6ed73 added the URL index to the password prompt when using --next. Unfortunately, because the size_t specifier (%zu) is not supported by all sprintf() implementations we use the curl_off_t format specifier instead. The display of an incorrect value arises on platforms where size_t and curl_off_t are of a different size.
2015-11-25timecond: do not add if-modified-since without timeconditionDaniel Stenberg
The RTSP code path didn't skip adding the if-modified-since for certain RTSP code paths, even if CURLOPT_TIMECONDITION was set to CURL_TIMECOND_NONE. Also, an unknown non-zero CURLOPT_TIMECONDITION value no longer equals CURL_TIMECOND_IFMODSINCE. Bug: http://stackoverflow.com/questions/33903982/curl-timecond-none-doesnt-work-how-to-remove-if-modified-since-header
2015-11-25RELEASE-NOTES: synced with 99d17a5e2ba77e58Daniel Stenberg