aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-03-05cookie: Don't expire session cookies in remove_expiredJay Satiro
Prior to this change cookies with an expiry date that failed parsing and were converted to session cookies could be purged in remove_expired. Bug: https://github.com/curl/curl/issues/697 Reported-by: Seth Mos
2016-03-03cookie: remove redundant checkDaniel Stenberg
... as it was already checked previously within the function. Reported-by: Dmitry-Me Closes #695
2016-03-01url: if Curl_done is premature then pipeline not in useAnders Bakken
Prevent a crash if 2 (or more) requests are made to the same host and pipelining is enabled and the connection does not complete. Bug: https://github.com/curl/curl/pull/690
2016-03-01makefile.m32: allow to pass .dll/.exe-specific LDFLAGSViktor Szakats
using envvars `CURL_LDFLAG_EXTRAS_DLL` and `CURL_LDFLAG_EXTRAS_EXE` respectively. This is useful f.e. to pass ASLR-related extra options, that are required to make this feature work when using the mingw toolchain. Ref: https://github.com/curl/curl/pull/670#issuecomment-190863985 Closes https://github.com/curl/curl/pull/689
2016-02-29formpost: fix memory leaks in AddFormData error branchesDaniel Stenberg
Reported-by: Dmitry-Me Fixes #688
2016-02-28getinfo: Fix syntax error when mbedTLSJay Satiro
The assignment of the mbedTLS TLS session info in the parent commit was incorrect. Change the assignment to a pointer to the session structure.
2016-02-27getinfo: Add support for mbedTLS TLS session infoJay Satiro
.. and preprocessor check TLS session info is defined for all backends.
2016-02-26ROADMAP: clarify on the TLS proxy, mention HTTP cookies to work onDaniel Stenberg
2016-02-25file: try reading from files with no sizeDaniel Stenberg
Some systems have special files that report as 0 bytes big, but still contain data that can be read (for example /proc/cpuinfo on Linux). Starting now, a zero byte size is considered "unknown" size and will be read as far as possible anyway. Reported-by: Jesse Tan Closes #681
2016-02-25configure: warn on invalid ca bundle or pathJay Satiro
- Warn if --with-ca-bundle file does not exist. - Warn if --with-ca-path directory does not contain certificates. - Improve help messages for both. Example configure output: ca cert bundle: /some/file (warning: certs not found) ca cert path: /some/dir (warning: certs not found) Bug: https://github.com/curl/curl/issues/404 Reported-by: Jeffrey Walton
2016-02-24Curl_read: check for activated HTTP/1 pipelining, not only requestedDaniel Stenberg
... as when pipelining is used, we read things into a unified buffer and we don't do that with HTTP/2. This could then easily make programs that set CURLMOPT_PIPELINING = CURLPIPE_HTTP1|CURLPIPE_MULTIPLEX to get data intermixed or plain broken between HTTP/2 streams. Reported-by: Anders Bakken
2016-02-24os400: Fix ILE/RPG definition of CURLOPT_TFTP_NO_OPTIONSPatrick Monnerat
2016-02-23getinfo: CURLINFO_TLS_SSL_PTR supersedes CURLINFO_TLS_SESSIONJay Satiro
The two options are almost the same, except in the case of OpenSSL: CURLINFO_TLS_SESSION OpenSSL session internals is SSL_CTX *. CURLINFO_TLS_SSL_PTR OpenSSL session internals is SSL *. For backwards compatibility we couldn't modify CURLINFO_TLS_SESSION to return an SSL pointer for OpenSSL. Also, add support for the 'internals' member to point to SSL object for the other backends axTLS, PolarSSL, Secure Channel, Secure Transport and wolfSSL. Bug: https://github.com/curl/curl/issues/234 Reported-by: dkjjr89@users.noreply.github.com Bug: https://curl.haxx.se/mail/lib-2015-09/0127.html Reported-by: Michael König
2016-02-23multi_remove_handle: keep the timeout list until after disconnectDaniel Stenberg
The internal Curl_done() function uses Curl_expire() at times and that uses the timeout list. Better clean up the list once we're done using it. This caused a segfault. Reported-by: 蔡文凱 Bug: https://curl.haxx.se/mail/lib-2016-02/0097.html
2016-02-23tests/sshserver.pl: use RSA instead of DSA for host authKamil Dudka
DSA is no longer supported by OpenSSH 7.0, which causes all SCP/SFTP test cases to be skipped. Using RSA for host authentication works with both old and new versions of OpenSSH. Reported-by: Karlson2k Closes #676
2016-02-23TFTP: add option to suppress TFTP option requests (Part 2)Jay Satiro
- Add tests. - Add an example to CURLOPT_TFTP_NO_OPTIONS.3. - Add --tftp-no-options to expose CURLOPT_TFTP_NO_OPTIONS. Bug: https://github.com/curl/curl/issues/481
2016-02-23TFTP: add option to suppress TFTP option requests (Part 1)Michael Koenig
Some TFTP server implementations ignore the "TFTP Option extension" (RFC 1782-1784, 2347-2349), or implement it in a flawed way, causing problems with libcurl. Another switch for curl_easy_setopt "CURLOPT_TFTP_NO_OPTIONS" is introduced which prevents libcurl from sending TFTP option requests to a server, avoiding many problems caused by faulty implementations. Bug: https://github.com/curl/curl/issues/481
2016-02-22runtests: Fixed usage of %PWD on MinGW64Karlson2k
Closes #672
2016-02-20CURLOPT_DEBUGFUNCTION.3: Fix exampleJay Satiro
2016-02-20src/Makefile.m32: add CURL_{LD,C}FLAGS_EXTRAS supportViktor Szakats
Sync with lib/Makefile.m32 which already uses those variables. Bug: https://github.com/curl/curl/pull/670
2016-02-20Enabled test 1437 after the bug fix in commit 3fa220a6Dan Fandrich
2016-02-19curl_sasl: Fix memory leak in digest parserEmil Lerner
If any parameter in a HTTP DIGEST challenge message is present multiple times, memory allocated for all but the last entry should be freed. Bug: https://github.com/curl/curl/pull/667
2016-02-19Added test 1437 to verify a memory leakDan Fandrich
Reported-by: neex@users.noreply.github.com
2016-02-18CURLOPT_COOKIEFILE.3: HTTP headers must be Set-Cookie styleJay Satiro
Bug: https://github.com/curl/curl/issues/666 Reported-by: baumanj@users.noreply.github.com
2016-02-18curl.1: HTTP headers for --cookie must be Set-Cookie styleJay Satiro
Bug: https://github.com/curl/curl/issues/666 Reported-by: baumanj@users.noreply.github.com
2016-02-18curl.1: add a missing dashDaniel Stenberg
2016-02-18CONTRIBUTING.md: fix linksDaniel Stenberg
2016-02-18ISSUE_TEMPLATE: github issue templateDaniel Stenberg
First version, try this out!
2016-02-18CONTRIBUTING.md: move into .githubDaniel Stenberg
To hide github specific files somewhat from the rest.
2016-02-18opts: add referencesDaniel Stenberg
2016-02-17examples/make: add 'checksrc' targetDaniel Stenberg
2016-02-1710-at-a-time: typecast the argument passed to sleep()Daniel Stenberg
2016-02-17externalsocket.c: fix compiler warning for fwrite return typeDaniel Stenberg
2016-02-17anyauthput.c: fix compiler warningsDaniel Stenberg
2016-02-17simplessl.c: warning: while with spaceDaniel Stenberg
2016-02-17curlx.c: i2s_ASN1_IA5STRING() clashes with an openssl functionDaniel Stenberg
Reported-By: Gisle Vanem
2016-02-17http2: don't decompress gzip decoding automaticallyDaniel Stenberg
At one point during the development of HTTP/2, the commit 133cdd29ea0 introduced automatic decompression of Content-Encoding as that was what the spec said then. Now however, HTTP/2 should work the same way as HTTP/1 in this regard. Reported-by: Kazuho Oku Closes #661
2016-02-16http: Don't break the header into chunks if HTTP/2Tatsuhiro Tsujikawa
nghttp2 callback deals with TLS layer and therefore the header does not need to be broken into chunks. Bug: https://github.com/curl/curl/issues/659 Reported-by: Kazuho Oku
2016-02-16openssl: use macro to guard the opaque EVP_PKEY branchViktor Szakats
2016-02-16openssl: avoid direct PKEY access with OpenSSL 1.1.0Viktor Szakats
by using API instead of accessing an internal structure. This is required starting OpenSSL 1.1.0-pre3. Closes #650
2016-02-15RELEASE-NOTES: synced with ede0bfc079daDaniel Stenberg
2016-02-14CURLOPT_CONNECTTIMEOUT_MS.3: Fix example to use milliseconds optionClint Clayton
Change the example in the docs for CURLOPT_CONNECTTIMEOUT_MS to use CURLOPT_CONNECTTIMEOUT_MS instead of CURLOPT_CONNECTTIMEOUT. Closes #653
2016-02-14opt-docs: add more referencesDaniel Stenberg
2016-02-14SCP: use libssh2_scp_recv2 to support > 2GB files on windowsDavid Byron
libssh2_scp_recv2 is introduced in libssh2 1.7.0 - to be released "any day now. Closes #451
2016-02-13gtls: fix for builds lacking encrypted key file supportShine Fan
Bug: https://github.com/curl/curl/pull/651
2016-02-13test1604: Add to Makefile.inc so it gets runDan Fandrich
2016-02-12generate.bat: Fix comment bug by removing old commentsJay Satiro
Remove NOTES section, it's no longer needed since we aren't setting the errorlevel and more importantly the recently updated URL in the comments is causing some unusual behavior that breaks the script. Closes https://github.com/curl/curl/issues/649
2016-02-12curl.1: --disable-{eprt,epsv} are ignored for IPv6 hostsKamil Dudka
The behavior has been clarified in CURLOPT_FTP_USE_{EPRT,EPSV}.3 man pages since curl-7_12_3~131. This patch makes it clear in the curl.1 man page, too. Bug: https://bugzilla.redhat.com/1305970
2016-02-12dist: ship buildconf.bat tooDaniel Stenberg
As the winbuild/* stuff uses it!
2016-02-12curlx_tvdiff: handle 32bit time_t overflowsDaniel Stenberg
On 32bit systems, make sure we don't overflow and return funky values for very large time differences. Reported-by: Anders Bakken Closes #646