aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-09-14URL: on connection re-use, still pick the new remote portDaniel Stenberg
... as when a proxy connection is being re-used, it can still get a different remote port. Fixes #1887 Reported-by: Oli Kingshott
2017-09-12RELEASE-NOTES: synced with 87501e57fDaniel Stenberg
2017-09-12code style: remove wrong uses of multiple spacesDaniel Stenberg
Closes #1878
2017-09-12checksrc: detect and warn for multiple spacesDaniel Stenberg
2017-09-12code style: use space after semicolonDaniel Stenberg
2017-09-12checksrc: verify space after semicolonsDaniel Stenberg
2017-09-11code style: use spaces around plusesDaniel Stenberg
2017-09-11checksrc: detect and warn for lack of spaces next to plus signsDaniel Stenberg
2017-09-11code style: use spaces around equals signsDaniel Stenberg
2017-09-11checksrc: verify spaces around equals signsDaniel Stenberg
... as the code style mandates.
2017-09-11Curl_checkheaders: make it available for IMAP and SMTP tooDaniel Stenberg
... not only HTTP uses this now. Closes #1875
2017-09-11travis: add build without HTTP/SMTP/IMAPDaniel Stenberg
2017-09-10mbedtls: enable CA path processingJay Satiro
CA path processing was implemented when mbedtls.c was added to libcurl in fe7590f, but it was never enabled. Bug: https://github.com/curl/curl/issues/1877 Reported-by: SBKarr@users.noreply.github.com
2017-09-08rtsp: do not call fwrite() with NULL pointer FILE *Daniel Stenberg
If the default write callback is used and no destination has been set, a NULL pointer would be passed to fwrite()'s 4th argument. OSS-fuzz bug https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3327 (not publicly open yet) Detected by OSS-fuzz Closes #1874
2017-09-08configure: use -Wno-varargs on clang 3.9[.X] debug buildsDaniel Stenberg
... to avoid a clang bug
2017-09-08ossfuzz: add some more handled CURL optionsMax Dymond
Add support for HEADER, COOKIE, RANGE, CUSTOMREQUEST, MAIL_RECIPIENT, MAIL_FROM and uploading data.
2017-09-07configure: check for C++ compiler after C, to make it non-fatalDaniel Stenberg
The tests for object file/executable file extensions are presumably only done for the first of these macros in the configure file. Bug: https://github.com/curl/curl/pull/1851#issuecomment-327597515 Reported-by: Marcel Raad Closes #1873
2017-09-07form API: add new test 650.Patrick Monnerat
Now that the form API is deprecated and not used anymore in curl tool, a lot of its features left untested. Test 650 attempts to check all these features not tested elsewhere.
2017-09-07configure: fix curl_off_t check's include orderJay Satiro
- Prepend srcdir include path instead of append. Prior to this change it was possible that during the check for the size of curl_off_t the include path of a user's already installed curl could come before the include path of the to-be-built curl, resulting in the system.h of the former being incorrectly included for that check. Closes https://github.com/curl/curl/pull/1870
2017-09-07KNOWN_BUGS: Remove CMake symbol hiding issueJakub Zakrzewski
It has already been fixed in 6140dfc
2017-09-07http-proxy: when not doing CONNECT, that phase is done immediatelyDaniel Stenberg
`conn->connect_state` is NULL when doing a regular non-CONNECT request over the proxy and should therefor be considered complete at once. Fixes #1853 Closes #1862 Reported-by: Lawrence Wagerfield
2017-09-07OpenSSL: fix yet another mistake while encapsulating SSL backend dataJohannes Schindelin
Another mistake in my manual fixups of the largely mechanical search-and-replace ("connssl->" -> "BACKEND->"), just like the previous commit concerning HTTPS proxies (and hence not caught during my earlier testing). Fixes #1855 Closes #1871 Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-09-07OpenSSL: fix erroneous SSL backend encapsulationJohannes Schindelin
In d65e6cc4f (vtls: prepare the SSL backends for encapsulated private data, 2017-06-21), this developer prepared for a separation of the private data of the SSL backends from the general connection data. This conversion was partially automated (search-and-replace) and partially manual (e.g. proxy_ssl's backend data). Sadly, there was a crucial error in the manual part, where the wrong handle was used: rather than connecting ssl[sockindex]' BIO to the proxy_ssl[sockindex]', we reconnected proxy_ssl[sockindex]. The reason was an incorrect location to paste "BACKEND->"... d'oh. Reported by Jay Satiro in https://github.com/curl/curl/issues/1855. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-09-07vtls: fix memory corruptionJay Satiro
Ever since 70f1db321 (vtls: encapsulate SSL backend-specific data, 2017-07-28), the code handling HTTPS proxies was broken because the pointer to the SSL backend data was not swapped between conn->ssl[sockindex] and conn->proxy_ssl[sockindex] as intended, but instead set to NULL (causing segmentation faults). [jes: provided the commit message, tested and verified the patch] Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-09-07vtls: switch to CURL_SHA256_DIGEST_LENGTH defineDaniel Stenberg
... instead of the prefix-less version since WolfSSL 3.12 now uses an enum with that name that causes build failures for us. Fixes #1865 Closes #1867 Reported-by: Gisle Vanem
2017-09-07travis: add c-ares enabled builds linux + osxDaniel Stenberg
Closes #1868
2017-09-07HISTORY: added some recent itemsDaniel Stenberg
2017-09-06SSL: fix unused parameter warningsJay Satiro
2017-09-06mime: drop internal FILE * support.Patrick Monnerat
- The part kind MIMEKIND_FILE and associated code are suppressed. - Seek data origin offset not used anymore: suppressed. - MIMEKIND_NAMEDFILE renamed MIMEKIND_FILE; associated fields/functions renamed accordingly. - Curl_getformdata() processes stdin via a callback.
2017-09-06configure: remove --enable-soname-bump and SONAME_BUMPDaniel Stenberg
Back in 2008, (and commit 3f3d6ebe665f3) we changed the logic in how we determine the native type for `curl_off_t`. To really make sure we didn't break ABI without bumping SONAME, we introduced logic that attempted to detect that it would use a different size and thus not be compatible. We also provided a manual switch that allowed users to tell configure to bump SONAME by force. Today, we know of no one who ever got a SONAME bump auto-detected and we don't know of anyone who's using the manual bump feature. The auto- detection is also no longer working since we introduced defining curl_off_t in system.h (7.55.0). Finally, this bumping logic is not present in the cmake build. Closes #1861
2017-09-06vtls: select ssl backend case-insensitive (follow-up)Gisle Vanem
- Do a case-insensitive comparison of CURL_SSL_BACKEND env as well. - Change Curl_strcasecompare calls to strcasecompare (maps to the former but shorter). Follow-up to c290b8f. Bug: https://github.com/curl/curl/commit/c290b8f#commitcomment-24094313 Co-authored-by: Jay Satiro
2017-09-05openssl: Integrate Peter Wu's SSLKEYLOGFILE implementationJay Satiro
This is an adaptation of 2 of Peter Wu's SSLKEYLOGFILE implementations. The first one, written for old OpenSSL versions: https://git.lekensteyn.nl/peter/wireshark-notes/tree/src/sslkeylog.c The second one, written for BoringSSL and new OpenSSL versions: https://github.com/curl/curl/pull/1346 Note the first one is GPL licensed but the author gave permission to waive that license for libcurl. As of right now this feature is disabled by default, and does not have a configure option to enable it. To enable this feature define ENABLE_SSLKEYLOGFILE when building libcurl and set environment variable SSLKEYLOGFILE to a pathname that will receive the keys. And in Wireshark change your preferences to point to that key file: Edit > Preferences > Protocols > SSL > Master-Secret Co-authored-by: Peter Wu Ref: https://github.com/curl/curl/pull/1030 Ref: https://github.com/curl/curl/pull/1346 Closes https://github.com/curl/curl/pull/1866
2017-09-05mime: fix a trivial warning.Patrick Monnerat
2017-09-05mime: replace 'struct Curl_mimepart' by 'curl_mimepart' in encoder code.Patrick Monnerat
mime_state is now a typedef.
2017-09-05mime: implement encoders.Patrick Monnerat
curl_mime_encoder() is operational and documented. curl tool -F option is extended with ";encoder=". curl tool --libcurl option generates calls to curl_mime_encoder(). New encoder tests 648 & 649. Test 1404 extended with an encoder specification.
2017-09-05runtests.pl: support attribute "nonewline" in part verify/upload.Patrick Monnerat
2017-09-05fixup data/test1135Daniel Stenberg
2017-09-05mime: unified to use the typedef'd mime structs everywhereDaniel Stenberg
... and slightly edited to follow our code style better.
2017-09-05curl.h: use lower case curl_mime* as for all public symbolsDaniel Stenberg
2017-09-05docs/curl_mime_*.3: use correct variable types in examplesDaniel Stenberg
2017-09-05openssl: use OpenSSL's default ciphers by defaultKamil Dudka
Up2date versions of OpenSSL maintain the default reasonably secure without breaking compatibility, so it is better not to override the default by curl. Suggested at https://bugzilla.redhat.com/1483972 Closes #1846
2017-09-05examples/mime: minor example code fixesViktor Szakats
2017-09-05docs/curl_mime_*.3: added examplesDaniel Stenberg
2017-09-05configure: add MultiSSL to FEATURES when enabledDaniel Stenberg
...for curl-config and its corresponding test 1014
2017-09-05http-proxy: treat all 2xx as CONNECT successDaniel Stenberg
Added test 1904 to verify. Reported-by: Lawrence Wagerfield Fixes #1859 Closes #1860
2017-09-05MAIL-ETIQUETTE: added "1.9 Your emails are public"Daniel Stenberg
2017-09-04curl.h: fix "unused checksrc ignore", remove dangling referenceDaniel Stenberg
... to a README file that doesn't exist anymore
2017-09-04docs: Update to secure URL versionsViktor Szakats
2017-09-04mime: use CURL_ZERO_TERMINATED in examplesViktor Szakats
and some minor whitespace fixes
2017-09-04schannel: return CURLE_SSL_CACERT on failed verificationDaniel Stenberg
... not *CACERT_BADFILE as it isn't really because of a bad file. Bug: https://curl.haxx.se/mail/lib-2017-09/0002.html Closes #1858