| Age | Commit message (Collapse) | Author |
|---|
|
This reverts commit 74623551f306990e70c7c5515b88972005604a74.
Instead mark the function call with (void). Getting the return code and
using it instead triggered Coverity warning CID 1463596 because
snprintf() can return a negative value...
Closes #5441
|
|
Reported-by: Billyzou0741326 on github
Fixes #5432
Closes #5436
|
|
Follow-up from a3b0699d5c1
|
|
The option number also needs to be less than CURLOPTTYPE_BLOB.
Follow-up to cac5374298
Reported-by: Jeroen Ooms
Bug: https://github.com/curl/curl/pull/5365#issuecomment-631084114
|
|
Closes #5426
|
|
Closes #5406
|
|
Follow-up to c5f0a9db22.
|
|
Seems highly unlikely to actually be possible, but better safe than
sorry.
Closes #5417
|
|
... in curl_easy_getinfo() calls. They're harmless but clearing the
variables makes the code safer and comforts the reader.
Closes #5416
|
|
Follow-up to fae30656. Should've been squashed with that commit...
|
|
Closes #5414
|
|
... and avoid a strlen() call. Fixes a MonocleAI warning.
Reported-by: MonocleAI
Fixes #5413
Closes #5420
|
|
It was not used much anyway and instead we let it store a blank buffer
in case of failure.
Reported-by: MonocleAI
Fixes #5411
Closes #5418
|
|
They're done on purpose, make that visible in the code.
Reported-by: MonocleAI
Fixes #5412
Closes #549
|
|
Closes #5396
Closes #5398
|
|
|
|
... as returning a "" is not a good idea as the string is supposed to be
allocated and returning a const string will cause issues.
Reported-by: Brian Carpenter
Follow-up to ed35d6590e72c
Closes #5405
|
|
Changes, partially to reduce build failures from external dependencies:
- Upgrade Ubuntu and drop unnecessary third-party repos.
- Properly clone apt config to ensure retries.
- Upgrade to clang-9 from the standard repos.
- Use Ubuntu 20.04 focal for the libssh build, use of ssh_get_publickey
fails on -Werror=deprecated-declarations in Ubuntu 18.04. Do not use
focal everywhere yet since Travis CI has not documented this option.
In focal, python-impacket (Py2.7) has been removed, leaving only
python3-impacket. Since it is only needed for SMB tests and not SSH,
skip it for the libssh job since it might need more work.
- apt: Remove gcc-8 and libstdc++-8-dev, already installed via g++-8.
Non-functional cleanups:
- Simplify test matrix, drop redundant os and compiler keys.
- Deprecation fixes: remove sudo, rename matrix -> jobs.
- Every job has an 'env' key, put this key first in a list item.
Closes #5370
|
|
Automatically apply a consistent indentation with:
python3 -c 'from ruamel.yaml import YAML;y=YAML();d=y.load(open(".travis.yml"));y.width=500;y.dump(d,open(".travis.yml.new","w"))'
followed by manually re-indenting three comments.
Closes #5370
|
|
Closes #5372
|
|
Closes #4820
|
|
Closes #5176
|
|
Fixes #1410
Closes #5401
|
|
This change introduces a generic way to provide binary data in setopt
options, called BLOBs.
This change introduces these new setopts:
CURLOPT_ISSUERCERT_BLOB, CURLOPT_PROXY_SSLCERT_BLOB,
CURLOPT_PROXY_SSLKEY_BLOB, CURLOPT_SSLCERT_BLOB and CURLOPT_SSLKEY_BLOB.
Reviewed-by: Daniel Stenberg
Closes #5357
|
|
- Stick to a single unified way to use structs
- Make checksrc complain on 'typedef struct {'
- Allow them in tests, public headers and examples
- Let MD4_CTX, MD5_CTX, and SHA256_CTX typedefs remain as they actually
typedef different types/structs depending on build conditions.
Closes #5338
|
|
|
|
Previously, after PASV and immediately after the data connection has
connected, the function would only return the control socket to wait for
which then made the data connection simply timeout and not get polled
correctly. This become obvious when running test 1631 and 1632 event-
based.
|
|
|
|
|
|
If it can't be found in the request. Also support --cmdfile to set it to
a custom file name.
runtests.pl always writes this file with the test number in it since a
while back.
|
|
Reported-by: Neal Poole
Fixes #5340
Closes #5385
|
|
It only applies to non-Unicode builds now.
Also merge 5.10 into it as it's effectively a duplicate.
Closes https://github.com/curl/curl/pull/3784
|
|
Use them only if `_UNICODE` is defined, in which case command-line
arguments have been converted to UTF-8.
Closes https://github.com/curl/curl/pull/3784
|
|
- use `wmain` instead of `main` when `_UNICODE` is defined [0]
- define `argv_item_t` as `wchar_t *` in this case
- use the curl_multibyte gear to convert the command-line arguments to
UTF-8
This makes it possible to pass parameters with characters outside of
the current locale on Windows, which is required for some tests, e.g.
the IDN tests. Out of the box, this currently only works with the
Visual Studio project files, which default to Unicode, and winbuild
with the `ENABLE_UNICODE` option.
[0] https://devblogs.microsoft.com/oldnewthing/?p=40643
Ref: https://github.com/curl/curl/issues/3747
Closes https://github.com/curl/curl/pull/3784
|
|
This will also be needed in the tool and tests.
Ref: https://github.com/curl/curl/pull/3758#issuecomment-482197512
Closes https://github.com/curl/curl/pull/3784
|
|
Found-by: Gregory Jefferis
Reported-by: Jeroen Ooms
Added test 1168 to verify. Bug spotted when doing a redirect.
Bug: https://github.com/jeroen/curl/issues/224
Closes #5400
|
|
Initial test 1630 added with basic HTTPS-proxy use. HTTPS-proxy is like
HTTP proxy but with a full TLS connection to the proxy.
Closes #5399
|
|
|
|
Fix theoretical integer overflow in Curl_auth_create_plain_message.
The security impact of the overflow was discussed on hackerone. We
agreed this is more of a theoretical vulnerability, as the integer
overflow would only be triggerable on systems using 32-bits size_t with
over 4GB of available memory space for the process.
Closes #5391
|
|
- Quote the globbing example URLs that contain characters [] {} since
otherwise they may be interpreted as shell metacharacters.
Bug: https://github.com/curl/curl/issues/5388
Reported-by: John Simpson
Closes https://github.com/curl/curl/pull/5394
|
|
Fine: "struct hello *world"
Not fine: "struct hello* world" (and variations)
Closes #5386
|
|
Added test 971 to verify that the list is in sync with the files in
cmdline-opts. The check also verifies that .d-files that uses Added:
specify the same version number as the options-in-versions file does.
Closes #5381
|
|
We boast support for 25 transfer protocols. Make sure the lists are
consistent
Closes #5384
|
|
... to avoid an OpenSSL bug that otherwise makes the CRL check to fail.
Reported-by: Michael Kaufmann
Fixes #5374
Closes #5376
|
|
|
|
|
|
|
|
--happy-eyeballs-timeout-ms, --resolve and --ssl-revoke-best-effort
gen.pl already warned about these lines but we didn't listen
Closes #5379
|
|
Closes #5387
|
|
|
