Age | Commit message (Collapse) | Author |
|
Curl_auth_decode_digest_http_message(): copy terminating NUL as later
Curl_override_sspi_http_realm() expects a NUL-terminated string.
Fixes #1180
|
|
Mentioned in #1013
|
|
Reviewed-by: Peter Wu
Closes #1149
Fixes #1147
|
|
Reviewed-by: Nick Zitzmann
Closes #1173
|
|
Reviewed-by: Nick Zitzmann
Fixes #1172
|
|
The <netinet/tcp.h> is a leftover from the past when TCP socket options
were set in this file. This include causes build issues on AIX 4.3.
Reported-by: Kim Minjoong
Closes #1178
|
|
|
|
Fixed an old leftover use of the USE_SSLEAY define which would make a
socket get removed from the applications sockets to monitor when the
multi_socket API was used, leading to timeouts.
Bug: #1174
|
|
... as the former ones always go stale!
|
|
... and regenerated curl.1
|
|
|
|
|
|
... which the help text already implied since we switched to libidn2
from libidn in commit 9c91ec778104ae3b back in October 2016.
Reported-by: Christian Weisgerber
Bug: https://curl.haxx.se/mail/lib-2016-12/0110.html
|
|
|
|
To avoid dereferencing a NULL pointer.
Reported-by: Daniel Romero
|
|
wolfSSL configure script relevant changes from 3.9 to 3.10:
- DES3 no longer enabled by default
- Shamir no longer enabled by default
- Extended master secret enabled by default
- RSA and ECC timing protections enabled by default
For backwards compatibility I enabled DES3 and ECC shamir config options
(ie no change from 3.9), and the other changes are included.
|
|
|
|
|
|
... it only confuses people.
|
|
and fail appropriately if it returns error
|
|
|
|
|
|
Since several compilers had problems with the previous one
Reported-by: Ray Satiro
Bug: https://curl.haxx.se/mail/lib-2016-12/0098.html
|
|
Old legacy parsing that 1) hid problems for us and 2) probably isn't
needed anymore.
|
|
|
|
... just like we already do in src/ and lib/
|
|
This file is riddled with them...
|
|
|
|
Visual C++ complained:
warning C4267: '=': conversion from 'size_t' to 'long', possible loss of data
warning C4701: potentially uninitialized local variable 'path' used
|
|
|
|
|
|
CID 1397391 (#1 of 1): Unchecked return value (CHECKED_RETURN)
|
|
Follow-up to d00f2a8f2
|
|
|
|
- Check for pending data before waiting on the socket.
Bug: https://github.com/curl/curl/issues/1156
Reported-by: Adam Langley
|
|
|
|
Fixes a few issues in manual wildcard cert name validation in
schannel support code for Win32 CE:
- when comparing the wildcard name to the hostname, the wildcard
character was removed from the cert name and the hostname
was checked to see if it ended with the modified cert name.
This allowed cert names like *.com to match the connection
hostname. This violates recommendations from RFC 6125.
- when the wildcard name in the certificate is longer than the
connection hostname, a buffer overread of the connection
hostname buffer would occur during the comparison of the
certificate name and the connection hostname.
|
|
... and add a bunch of floating point printf tests
|
|
|
|
|
|
|
|
|
|
and regenerated curl.1
Reported-by: Gisle Vanem
|
|
|
|
Follow-up to 82245ea: Fix the example program sendrecv.c (handle
CURLE_AGAIN, handle incomplete send). Improve the documentation
for curl_easy_recv() and curl_easy_send().
Reviewed-by: Frank Meier
Assisted-by: Jay Satiro
See https://github.com/curl/curl/pull/1134
|
|
It doesn't benefit us much as the connection could get closed at
any time, and also by checking we lose the ability to determine
if the socket was closed by reading zero bytes.
Reported-by: Michael Kaufmann
Closes https://github.com/curl/curl/pull/1134
|
|
As the official docs seems really hard to keep track of and link to over
time
|
|
|
|
|
|
Fixed trailing whitespace and numerous formatting glitches
|