aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-06-29openssl: make the requested TLS version the *minimum* wantedDaniel Stenberg
The code treated the set version as the *exact* version to require in the TLS handshake, which is not what other TLS backends do and probably not what most people expect either. Reported-by: Andreas Olsson Assisted-by: Gaurav Malhotra Fixes #2691 Closes #2694
2018-06-29RELEASE-NOTES: syncedDaniel Stenberg
2018-06-29openssl: allow TLS 1.3 by defaultDaniel Stenberg
Reported-by: Andreas Olsson Fixes #2692 Closes #2693
2018-06-28CURLINFO_TLS_SSL_PTR.3: improve the exampleAdrian Peniak
The previous example was a little bit confusing, because SSL* structure (or other "in use" SSL connection pointer) is not accessible after the transfer is completed, therefore working with the raw TLS library specific pointer needs to be done during transfer. Closes #2690
2018-06-27travis: add a build using the synchronous name resolverDaniel Stenberg
... since default uses the threaded one and we test the c-ares build already. Closes #2689
2018-06-27configure: remove CURL_CHECK_NI_WITHSCOPEID tooDaniel Stenberg
Since it isn't used either and requires the getnameinfo check Follow-up to 0aeca41702d2
2018-06-27getnameinfo: not usedDaniel Stenberg
Closes #2687
2018-06-27easy_perform: use *multi_timeout() to get wait timesDaniel Stenberg
... and trim the threaded Curl_resolver_getsock() to return zero millisecond wait times during the first three milliseconds so that localhost or names in the OS resolver cache gets detected and used faster. Closes #2685
2018-06-27configure: Add dependent libraries after cryptoMax Dymond
The linker is pretty dumb and processes things left to right, keeping a tally of symbols it hasn't resolved yet. So, we need -ldl to appear after -lcrypto otherwise the linker won't find the dl functions. Closes #2684
2018-06-27GOVERNANCE: linkify, changed some titlesDaniel Stenberg
2018-06-27GOVERNANCE: add maintainer details/dutiesDaniel Stenberg
2018-06-25url: check Curl_conncache_add_conn return codeDaniel Stenberg
... it was previously unchecked in two places and thus errors could remain undetected and cause trouble. Closes #2681
2018-06-25include/README: remove "hacking" advice, not the right placeDaniel Stenberg
2018-06-24RELEASE-NOTES: syncedDaniel Stenberg
2018-06-24CURLOPT_SSL_VERIFYPEER.3: fix syntax mistakeDaniel Stenberg
Follow-up to b6a16afa0aa5
2018-06-23netrc: use a larger bufferDaniel Stenberg
... to work with longer passwords etc. Grow it from a 256 to a 4096 bytes buffer. Reported-by: Dario Nieuwenhuis Fixes #2676 Closes #2680
2018-06-23CURLOPT_SSL_VERIFYPEER.3: Add performance notePatrick Schlangen
Closes #2673
2018-06-23multi: fix crash due to dangling entry in connect-pending listJavier Blazquez
Fixes #2677 Closes #2679
2018-06-22ConnectionExists: make sure conn->data is set when "taking" a connectionDaniel Stenberg
Follow-up to 2c15693. Bug #2674 Closes #2675
2018-06-22system.h: fix for gcc on 32 bit OpenServerKevin R. Bulgrien
Bug: https://curl.haxx.se/mail/lib-2018-06/0100.html
2018-06-21cmake: allow multiple SSL backendsRaphael Gozzo
This will make possible to select the SSL backend (using curl_global_sslset()) even when the libcurl is built using CMake Closes #2665
2018-06-21url: fix dangling conn->data pointerDaniel Stenberg
By masking sure to use the *current* easy handle with extracted connections from the cache, and make sure to NULLify the ->data pointer when the connection is put into the cache to make this mistake easier to detect in the future. Reported-by: Will Dietz Fixes #2669 Closes #2672
2018-06-18CURLOPT_INTERFACE.3: interface names not supported on WindowsDaniel Stenberg
2018-06-17travis: run more tests for coverage checkDaniel Stenberg
... run a few more tortured based and run all tests event-based. Closes #2664
2018-06-16multi: fix memory leak when stopped during name resolveDaniel Stenberg
When the application just started the transfer and then stops it while the name resolve in the background thread hasn't completed, we need to wait for the resolve to complete and then cleanup data accordingly. Enabled test 1553 again and added test 1590 to also check when the host name resolves successfully. Detected by OSS-fuzz. Closes #1968
2018-06-15maketgz: delete .bak files, fix indentationViktor Szakats
Ref: https://github.com/curl/curl/pull/2660 Closes https://github.com/curl/curl/pull/2662
2018-06-15runtests.pl: remove debug leftover from bb9a340c73f3Daniel Stenberg
2018-06-15curl-confopts.m4: fix typo from ed224f23d5bebDaniel Stenberg
Fixes my local configure to detect a custom installed c-ares without pkgconfig.
2018-06-15docs/RELEASE-PROCEDURE.md: renamed to use .md extensionDaniel Stenberg
Closes #2663
2018-06-15RELEASE-PROCEDURE: gpg sign the tagsDaniel Stenberg
2018-06-15RELEASE-NOTES: syncedDaniel Stenberg
2018-06-15CURLOPT_HTTPAUTH.3: CURLAUTH_BEARER was added in 7.61.0Daniel Stenberg
2018-06-14maketgz: fix sed issues on OSXMamta Upadhyay
maketgz creates release tarballs and removes the -DEV string in curl version (e.g. 7.58.0-DEV), else -DEV shows up on command line when curl is run. maketgz works fine on linux but fails on OSX. Problem is with the sed commands that use option -i without an extension. Maketgz expects GNU sed instead of BSD and this simply won't work on OSX. Adding a backup extension .bak after -i fixes this issue Running the script as if on OSX gives this error: sed: -e: No such file or directory Adding a .bak extension resolves it Closes #2660
2018-06-14configure: enhance ability to detect/build with static opensslDaniel Stenberg
Fix the -ldl and -ldl + -lpthread checks for OpenSSL, necessary for building with static libs without pkg-config. Reported-by: Marcel Raad Fixes #2199 Closes #2659
2018-06-14configure: use pkg-config for c-ares detectionDaniel Stenberg
First check if there's c-ares information given as pkg-config info and use that as first preference. Reported-by: pszemus on github Fixes #2203 Closes #2658
2018-06-14GOVERNANCE.md: explains how this project is runDaniel Stenberg
Closes #2657
2018-06-14KNOWN_BUGS: NTLM doen't support password with § characterDaniel Stenberg
Closes #2120
2018-06-14KNOWN_BUGS: slow connect to localhost on WindowsDaniel Stenberg
Closes #2281
2018-06-14mk-ca-bundle.pl: make -u delete certdata.txt if found not changedMatteo Bignotti
certdata.txt should be deleted also when the process is interrupted by "same certificate downloaded, exiting" The certdata.txt is currently kept on disk even if you give the -u option Closes #2655
2018-06-13progress: remove a set of unused definesDaniel Stenberg
Reported-by: Peter Wu Closes #2654
2018-06-13TODO: "Option to refuse usernames in URLs" doneDaniel Stenberg
Implemented by Björn in 946ce5b61f
2018-06-13Curl_init_do: handle NULL connection pointer passed inLyman Epp
Closes #2653
2018-06-12runtests: support variables in <strippart>Daniel Stenberg
... and make use of that to make 1455 work better without using a fixed local port number. Fixes #2649 Closes #2650
2018-06-12Curl_debug: remove dead printhost codeDaniel Stenberg
The struct field is never set (since 5e0d9aea3) so remove the use of it and remove the connectdata pointer from the prototype. Reported-by: Tejas Bug: https://curl.haxx.se/mail/lib-2018-06/0054.html Closes #2647
2018-06-12schannel: avoid incompatible pointer warningViktor Szakats
with clang-6.0: ``` vtls/schannel_verify.c: In function 'add_certs_to_store': vtls/schannel_verify.c:212:30: warning: passing argument 11 of 'CryptQueryObject' from incompatible pointer type [-Wincompatible-pointer-types] &cert_context)) { ^ In file included from /usr/share/mingw-w64/include/schannel.h:10:0, from /usr/share/mingw-w64/include/schnlsp.h:9, from vtls/schannel.h:29, from vtls/schannel_verify.c:40: /usr/share/mingw-w64/include/wincrypt.h:4437:26: note: expected 'const void **' but argument is of type 'CERT_CONTEXT ** {aka struct _CERT_CONTEXT **}' WINIMPM WINBOOL WINAPI CryptQueryObject (DWORD dwObjectType, const void *pvObject, DWORD dwExpectedContentTypeFlags, DWORD dwExpectedFormatTypeFlags, DWORD dwFlags, ^~~~~~~~~~~~~~~~ ``` Ref: https://msdn.microsoft.com/library/windows/desktop/aa380264 Closes https://github.com/curl/curl/pull/2648
2018-06-12schannel: support selecting ciphersRobert Prag
Given the contstraints of SChannel, I'm exposing these as the algorithms themselves instead; while replicating the ciphersuite as specified by OpenSSL would have been preferable, I found no way in the SChannel API to do so. To use this from the commandline, you need to pass the names of contants defining the desired algorithms. For example, curl --ciphers "CALG_SHA1:CALG_RSA_SIGN:CALG_RSA_KEYX:CALG_AES_128:CALG_DH_EPHEM" https://github.com The specific names come from wincrypt.h Closes #2630
2018-06-12test 46: make test pass after 2025Bernhard M. Wiedemann
shifting the expiry date to 2037 for now to be before the possibly problematic year 2038 similar in spirit to commit e6293cf8764e9eecb Closes #2646
2018-06-11cppcheck: fix warningsMarian Klymov
- Get rid of variable that was generating false positive warning (unitialized) - Fix issues in tests - Reduce scope of several variables all over etc Closes #2631
2018-06-11openssl: assume engine support in 1.0.1 or laterDaniel Stenberg
Previously it was checked for in configure/cmake, but that would then leave other build systems built without engine support. While engine support probably existed prior to 1.0.1, I decided to play safe. If someone experience a problem with this, we can widen the version check. Fixes #2641 Closes #2644
2018-06-11RELEASE-NOTES: syncedDaniel Stenberg