Age | Commit message (Collapse) | Author |
|
Reported-by: smuellerDD on github
Fixes #3932
Closes #3933
|
|
|
|
Reported-by: Marcel Raad
Fixes #3926
Closes #3929
|
|
Closes #3930
|
|
Using the memdebug.h mem-leak feature, I noticed 2 calls like:
FILE tool_parsecfg.c:70 fopen("c:\Users\Gisle\AppData\Roaming\_curlrc","rt")
FILE tool_parsecfg.c:114 fopen("c:\Users\Gisle\AppData\Roaming\_curlrc","rt")
No need for 'fopen(), 'fclose()' and a 'fopen()' yet again.
|
|
|
|
Reported-by: elsamuko at github
Fixes #3921
Closes #3922
|
|
|
|
|
|
Closes https://github.com/curl/curl/pull/3923
|
|
- Change data and protocol sections to CRLF line endings.
Prior to this change the tests would fail or hang, which is because
certain sections such as protocol require CRLF line endings.
Follow-up to a9499ff from today which added the tests.
Ref: https://github.com/curl/curl/pull/3790
|
|
Regression since e91e48161235272ff485.
Reported-by: Tom Greenslade
Fixes #3924
Closes #3925
|
|
This reverts commit 3b06e68b7734cb10a555f9d7e804dd5d808236a4.
Clearly this change wasn't good enough as it broke CURLOPT_LOW_SPEED_LIMIT +
CURLOPT_LOW_SPEED_TIME
Reported-by: Dave Reisner
Fixes #3927
Closes #3928
|
|
|
|
|
|
Added the ability for the calling program to specify the authorisation
identity (authzid), the identity to act as, in addition to the
authentication identity (authcid) and password when using SASL PLAIN
authentication.
Fixed #3653
Closes #3790
|
|
Testing against OpenSSH for Windows requires v7.7.0.0 or newer
due to the use of AllowUsers and DenyUsers. For more info see:
https://github.com/PowerShell/Win32-OpenSSH/wiki/sshd_config
|
|
|
|
Closes https://github.com/curl/curl/pull/3919
|
|
Closes https://github.com/curl/curl/pull/3919
|
|
Closes https://github.com/curl/curl/pull/3919
|
|
Closes https://github.com/curl/curl/pull/3919
|
|
Closes https://github.com/curl/curl/pull/3919
|
|
Also removed mentions from most docs.
Discussed: https://curl.haxx.se/mail/lib-2019-05/0045.html
Closes #3888
|
|
- adds the check to cmake
- fixes the configure check to work for cross-compiled windows builds
Closes #3917
|
|
If the proxy string is given as an IPv6 numerical address with a zone
id, make sure to use that for the connect to the proxy.
Reported-by: Edmond Yu
Fixes #3482
Closes #3918
|
|
|
|
|
|
Reported-by: GitYuanQu on github
Fixes #3902
Closes #3914
|
|
Made detection macros for these two functions in the same style as other
functions possibly in winsock in the hope this will work better to
detect these functions when cross-compiling for Windows.
Follow-up to e91e4816123
Fixes #3913
Closes #3915
|
|
Fixes Codacy/CppCheck warnings.
Closes
|
|
When compiling without getpeername() or getsockname(), the sockfd
paramter to Curl_udpateconninfo() became unused after commit e91e481612
added ifdef guards.
Closes #3910
Fixes https://curl.haxx.se/dev/log.cgi?id=20190520172441-32196
Reviewed-by: Marcel Raad, Daniel Stenberg
|
|
Commit e91e48161235272ff485ff32bd048c53af731f43 moved ftp_ccc in under
the FTP featureflag in the UserDefined struct, but vtls callsites were
still using it unprotected.
Closes #3912
Fixes: https://curl.haxx.se/dev/log.cgi?id=20190520044705-29865
Reviewed-by: Daniel Stenberg, Marcel Raad
|
|
Reported-by: Olen Andoni
Fixes #3906
Closes #3907
|
|
Closes #3892
|
|
Ref: #3905
|
|
The longest currently registered URI scheme at IANA is 36 bytes long.
Closes #3905
Closes #3900
|
|
Fixes Codacy/CppCheck warnings.
Closes https://github.com/curl/curl/pull/3872
|
|
Just initialize word_begin with the correct value.
Closes https://github.com/curl/curl/pull/3873
|
|
This way, we need only one call to free.
Closes https://github.com/curl/curl/pull/3873
|
|
sock was only used to be assigned to fd_read.
Closes https://github.com/curl/curl/pull/3873
|
|
|
|
bug: https://curl.haxx.se/docs/CVE-2019-5436.html
Reported-by: l00p3r on hackerone
CVE-2019-5436
|
|
When running a multi TLS backend build the version string needs more
buffer space. Make the internal ssl_buffer stack buffer match the one
in Curl_multissl_version() to allow for the longer string. For single
TLS backend builds there is no use in extended to buffer. This is a
fallout from #3863 which fixes up the multi_ssl string generation to
avoid a buffer overflow when the buffer is too small.
Closes #3875
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
Currently when the server responds with 401 on NTLM authenticated
connection (re-used) we consider it to have failed. However this is
legitimate and may happen when for example IIS is set configured to
'authPersistSingleRequest' or when the request goes thru a proxy (with
'via' header).
Implemented by imploying an additional state once a connection is
re-used to indicate that if we receive 401 we need to restart
authentication.
Missed in fe6049f0.
|
|
Missed in 50b87c4e.
|
|
Missed in fe20826b as it wasn't implemented in http.c in b4d6db83.
Closes #3894
|
|
Closes #3844
|
|
|
|
|