aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-09-06x509asn1: return CURLE_PEER_FAILED_VERIFICATION on failure to parse certHan Han
CURLE_PEER_FAILED_VERIFICATION makes more sense because Curl_parseX509 does not allocate memory internally as its first argument is a pointer to the certificate structure. The same error code is also returned by Curl_verifyhost when its call to Curl_parseX509 fails so the change makes error handling more consistent.
2018-09-06openssl: return CURLE_PEER_FAILED_VERIFICATION on failure to parse issuerHan Han
Failure to extract the issuer name from the server certificate should return a more specific error code like on other TLS backends.
2018-09-06schannel: unified error code handlingHan Han
Closes #2901
2018-09-06darwinssl: more specific and unified error codesHan Han
Closes #2901
2018-09-06CURLOPT_DNS_USE_GLOBAL_CACHE: deprecatedDaniel Stenberg
Disable the CURLOPT_DNS_USE_GLOBAL_CACHE option and mark it for deprecation and complete removal in six months. Bug: https://curl.haxx.se/mail/lib-2018-09/0010.html Closes #2942
2018-09-05url: default to CURL_HTTP_VERSION_2TLS if built h2-enabledDaniel Stenberg
Closes #2709
2018-09-05multiplex: enable by defaultDaniel Stenberg
Starting 7.62.0, multiplexing is enabled by default in multi handles.
2018-09-05tests: add unit tests for url.cJim Fuller
Approved-by: Daniel Gustafsson Closes #2937
2018-09-05test1452: mark as flakyDaniel Stenberg
makes it not run in the CI builds Closes #2941
2018-09-05pipelining: deprecatedDaniel Stenberg
Transparently. The related curl_multi_setopt() options all still returns OK when pipelining is selected. To re-enable the support, the single line change in lib/multi.c needs to be reverted. See docs/DEPRECATE.md Closes #2705
2018-09-05RELEASE-NOTES: start working on 7.62.0Daniel Stenberg
2018-09-04THANKS: 7.61.1 statusDaniel Stenberg
2018-09-04RELEASE-NOTES: 7.61.1Daniel Stenberg
2018-09-04Curl_getoff_all_pipelines: ignore unused return valuesDaniel Stenberg
Since scan-build would warn on the dead "Dead store/Dead increment"
2018-09-04sftp: fix indentationViktor Szakats
2018-09-04sftp: don't send post-qoute sequence when retrying a connectionPrzemysław Tomaszewski
Fixes #2939 Closes #2940
2018-09-03url, vtls: make CURLOPT{,_PROXY}_TLS13_CIPHERS workKamil Dudka
This is a follow-up to PR #2607 and PR #2926. Closes #2936
2018-09-03tool_operate: Add http code 408 to transient list for --retryJay Satiro
- Treat 408 request timeout as transient so that curl will retry the request if --retry was used. Closes #2925
2018-09-03openssl: Fix setting TLS 1.3 cipher suitesJay Satiro
The flag indicating TLS 1.3 cipher support in the OpenSSL backend was missing. Bug: https://github.com/curl/curl/pull/2607#issuecomment-417283187 Reported-by: Kamil Dudka Closes #2926
2018-09-03Curl_ntlm_core_mk_nt_hash: return error on too long passwordDaniel Stenberg
... since it would cause an integer overflow if longer than (max size_t / 2). This is CVE-2018-14618 Bug: https://curl.haxx.se/docs/CVE-2018-14618.html Closes #2756 Reported-by: Zhaoyang Wu
2018-09-02http2: Use correct format identifier for stream_idRikard Falkeborn
Closes #2928
2018-09-02test1148: fix precheck outputMarcel Raad
"precheck command error" is not very helpful.
2018-09-01all: s/int/size_t cleanupDaniel Stenberg
Assisted-by: Rikard Falkeborn Closes #2922
2018-09-01ssh-libssh: use FALLTHROUGH to silence gcc8Daniel Stenberg
2018-08-31tool_operate: Fix setting proxy TLS 1.3 ciphersJay Satiro
2018-08-31cookies: support creation-time attribute for cookiesDaniel Gustafsson
According to RFC6265 section 5.4, cookies with equal path lengths SHOULD be sorted by creation-time (earlier first). This adds a creation-time record to the cookie struct in order to make cookie sorting more deterministic. The creation-time is defined as the order of the cookies in the jar, the first cookie read fro the jar being the oldest. The creation-time is thus not serialized into the jar. Also remove the strcmp() matching in the sorting as there is no lexicographic ordering in RFC6265. Existing tests are updated to match. Closes #2524
2018-08-31Don't use Windows path %PWD for SSH testsMarcel Raad
All these tests failed on Windows because something like sftp://%HOSTIP:%SSHPORT%PWD/ expanded to sftp://127.0.0.1:1234c:/msys64/home/bla/curl and then curl complained about the port number ending with a letter. Use the original POSIX path instead of the Windows path created in checksystem to fix this. Closes https://github.com/curl/curl/pull/2920
2018-08-29CURLOPT_SSL_CTX_FUNCTION.3: clarify connection reuse warningJay Satiro
Reported-by: Daniel Stenberg Closes https://github.com/curl/curl/issues/2916
2018-08-28THANKS-filter: dedup Daniel JelińskiDaniel Stenberg
2018-08-27RELEASE-NOTES: syncedDaniel Stenberg
2018-08-27CURLOPT_ACCEPT_ENCODING.3: list them comma-separated [ci skip]Daniel Stenberg
2018-08-27CURLOPT_SSL_CTX_FUNCTION.3: might cause unintended connection reuse [ci skip]Daniel Stenberg
Added a warning! Closes #2915
2018-08-25curl: fix time-of-check, time-of-use race in dir creationDaniel Stenberg
Patch-by: Jay Satiro Detected by Coverity Fixes #2739 Closes #2912
2018-08-25cmdline-opts/page-footer: fix edit mistakeDaniel Stenberg
There was a missing newline. follow-up to a7ba60bb7250
2018-08-24docs: clarify NO_PROXY env variable functionalityDaniel Stenberg
Reported-by: Kirill Marchuk Fixes #2773 Closes #2911
2018-08-24lib1522: fix curl_easy_setopt argument typeMarcel Raad
CURLOPT_POSTFIELDSIZE is a long option.
2018-08-24curl_threads: silence bad-function-cast warningMarcel Raad
As uintptr_t and HANDLE are always the same size, this warning is harmless. Just silence it using an intermediate uintptr_t variable. Closes https://github.com/curl/curl/pull/2908
2018-08-24README: add appveyor build badge [ci skip]Daniel Stenberg
Closes #2913
2018-08-24schannel: client certificate store opening fixIhor Karpenko
1) Using CERT_STORE_OPEN_EXISTING_FLAG ( or CERT_STORE_READONLY_FLAG ) while opening certificate store would be sufficient in this scenario and less-demanding in sense of required user credentials ( for example, IIS_IUSRS will get "Access Denied" 0x05 error for existing CertOpenStore call without any of flags mentioned above ), 2) as 'cert_store_name' is a DWORD, attempt to format its value like a string ( in "Failed to open cert store" error message ) will throw null pointer exception 3) adding GetLastError(), in my opinion, will make error message more useful. Bug: https://curl.haxx.se/mail/lib-2018-08/0198.html Closes #2909
2018-08-24gopher: Do not translate `?' to `%09'Leonardo Taccari
Since GOPHER support was added in curl `?' character was automatically translated to `%09' (`\t'). However, this behaviour does not seems documented in RFC 4266 and for search selectors it is documented to directly use `%09' in the URL. Apart that several gopher servers in the current gopherspace have CGI support where `?' is used as part of the selector and translating it to `%09' often leads to surprising results. Closes #2910
2018-08-23cookie tests: treat files as textMarcel Raad
Fixes test failures because of wrong line endings on Windows.
2018-08-23libcurl-thread.3: expand somewhat on the NO_SIGNAL motivationDaniel Stenberg
Multi-threaded applictions basically MUST set CURLOPT_NO_SIGNAL to 1L to avoid the risk of getting a SIGPIPE. Either way, a multi-threaded application that uses libcurl/openssl needs to have a signhandler for or ignore SIGPIPE on its own. Based on discussions in #2800 Closes #2904
2018-08-22RELEASE-NOTES: syncedDaniel Stenberg
2018-08-22Tests: fixes for WindowsMarcel Raad
- test 1268 requires unix sockets - test 2072 must be disabled also for MSYS/MinGW
2018-08-22http2: abort the send_callback if not setup yetDaniel Stenberg
When Curl_http2_done() gets called before the http2 data is setup all the way, we cannot send anything and this should just return an error. Detected by OSS-Fuzz Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10012
2018-08-21http2: remove four unused nghttp2 callbacksDaniel Stenberg
Closes #2903
2018-08-21x509asn1: use FALLTHROUGHDaniel Stenberg
... as no other comments are accepted since 014ed7c22f51463
2018-08-21test1148: disable if decimal separator is not pointMarcel Raad
Modifying the locale with environment variables doesn't work for native Windows applications. Just disable the test in this case if the decimal separator is something different than a point. Use a precheck with a small C program to achieve that. Closes https://github.com/curl/curl/pull/2786
2018-08-21Enable more GCC warningsMarcel Raad
This enables the following additional warnings: -Wold-style-definition -Warray-bounds=2 instead of the default 1 -Wformat=2, but only for GCC 4.8+ as Wno-format-nonliteral is not respected for older versions -Wunused-const-variable, which enables level 2 instead of the default 1 -Warray-bounds also in debug mode through -ftree-vrp -Wnull-dereference also in debug mode through -fdelete-null-pointer-checks Closes https://github.com/curl/curl/pull/2747
2018-08-21curl-compilers: enable -Wimplicit-fallthrough=4 for GCCMarcel Raad
This enables level 4 instead of the default level 3, which of the currently used comments only allows /* FALLTHROUGH */ to silence the warning. Closes https://github.com/curl/curl/pull/2747