aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-10-27openssl: output the correct cipher list on TLS 1.3 errorDaniel Stenberg
When failing to set the 1.3 cipher suite, the wrong string pointer would be used in the error message. Most often saying "(nil)". Reported-by: Ricky-Tigg on github Fixes #3178 Closes #3180
2018-10-27docs/CIPHERS: fix the TLS 1.3 cipher namesDaniel Stenberg
... picked straight from the OpenSSL man page: https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_ciphersuites.html Reported-by: Ricky-Tigg on github Bug: #3178
2018-10-27travis: install gnutls-bin packageMarcel Raad
This is required for gnutls-serv, which enables a few more tests. Closes https://github.com/curl/curl/pull/2958
2018-10-26ssh: free the session on init failuresDaniel Gustafsson
Ensure to clear the session object in case the libssh2 initialization fails. It could be argued that the libssh2 error function should be called to get a proper error message in this case. But since the only error path in libssh2_knownhost_init() is memory a allocation failure it's safest to avoid since the libssh2 error handling allocates memory. Closes #3179 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-26docs/RELEASE-PROCEDURE: remove old entries, modify the Dec 2018 dateDaniel Stenberg
... I'm moving it up one week due to travels. The rest stays.
2018-10-26openssl: make 'done' a proper booleanDaniel Gustafsson
Closes #3176
2018-10-26gtls: Values stored to but never readDaniel Stenberg
Detected by clang-tidy Closes #3176
2018-10-26curl.1: --ipv6 mutexes ipv4 (fixed typo)Alexey Eremikhin
Fixes #3171 Closes #3172
2018-10-26tool_main: make TerminalSettings staticDaniel Stenberg
Reported-by: Gisle Vanem Bug: https://github.com/curl/curl/commit/becfe1233ff2b6b0c3e1b6a10048b55b68c2539f#commitcomment-31008819 Closes #3161
2018-10-26curl-config.in: remove dependency on bcDaniel Stenberg
Reported-by: Dima Pasechnik Fixes #3143 Closes #3174
2018-10-26rtmp: fix for compiling with lwIPGisle Vanem
Compiling on _WIN32 and with USE_LWIPSOCK, causes this error: curl_rtmp.c(223,3): error: use of undeclared identifier 'setsockopt' setsockopt(r->m_sb.sb_socket, SOL_SOCKET, SO_RCVTIMEO, ^ curl_rtmp.c(41,32): note: expanded from macro 'setsockopt' #define setsockopt(a,b,c,d,e) (setsockopt)(a,b,c,(const char *)d,(int)e) ^ Closes #3155
2018-10-25configure: remove CURL_CONFIGURE_CURL_SOCKLEN_TDaniel Stenberg
Follow-up to #3166 which did the cmake part of this. This type/define is not used. Closes #3168
2018-10-25cmake: remove unused variablesRuslan Baratov
Remove variables: * HAVE_SOCKLEN_T * CURL_SIZEOF_CURL_SOCKLEN_T * CURL_TYPEOF_CURL_SOCKLEN_T Closes #3166
2018-10-25urldata: Fix comment in headerMichael Kaufmann
The "connecting" function is used by multiple protocols, not only FTP
2018-10-25netrc: free temporary strings if memory allocation failsMichael Kaufmann
- Change the inout parameters after all needed memory has been allocated. Do not change them if something goes wrong. - Free the allocated temporary strings if strdup() fails. Closes #3122
2018-10-24config: Remove unused SIZEOF_VOIDPRuslan Baratov
Closes #3162
2018-10-24RELEASE-NOTES: syncedDaniel Stenberg
2018-10-23Fix for compiling with lwIP (3)Gisle Vanem
lwIP on Windows does not have a WSAIoctl() function. But it do have a SO_SNDBUF option to lwip_setsockopt(). But it currently does nothing.
2018-10-23Curl_follow: return better errors on URL problemsDaniel Stenberg
... by making the converter function global and accessible. Closes #3153
2018-10-23Curl_follow: remove remaining free(newurl)Daniel Stenberg
Follow-up to 05564e750e8f0c. This function no longer frees the passed-in URL. Reported-by: Michael Kaufmann Bug: https://github.com/curl/curl/commit/05564e750e8f0c79016c680f301ce251e6e86155#commitcomm ent-30985666
2018-10-23headers: end all headers with guard commentDaniel Gustafsson
Most headerfiles end with a /* <headerguard> */ comment, but it was missing from some. The comment isn't the most important part of our code documentation but consistency has an intrinsic value in itself. This adds header guard comments to the files that were lacking it. Closes #3158 Reviewed-by: Jay Satiro <raysatiro@yahoo.com> Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-23CIPHERS.md: Mention the options used to set TLS 1.3 ciphersJay Satiro
Closes https://github.com/curl/curl/pull/3159
2018-10-20docs/BUG-BOUNTY: the sponsors actually decide the amountDaniel Stenberg
Retract the previous approach as the sponsors will be the ones to set the final amounts. Closes #3152 [ci skip]
2018-10-19multi: avoid double-freeDaniel Stenberg
Curl_follow() no longer frees the string. Make sure it happens in the caller function, like we normally handle allocations. This bug was introduced with the use of the URL API internally, it has never been in a release version Reported-by: Dario Weißer Closes #3149
2018-10-19multi: make the closure handle "inherit" CURLOPT_NOSIGNALDaniel Stenberg
Otherwise, closing that handle can still cause surprises! Reported-by: Martin Ankerl Fixes #3138 Closes #3147
2018-10-19VS projects: add USE_IPV6Marcel Raad
The Visual Studio builds didn't use IPv6. Add it to all projects since Visual Studio 2008, which is verified to build via AppVeyor. Closes https://github.com/curl/curl/pull/3137
2018-10-19config_win32: enable LDAPSMarcel Raad
As done in the autotools and CMake builds by default. Closes https://github.com/curl/curl/pull/3137
2018-10-18travis: add build for "configure --disable-verbose"Daniel Stenberg
Closes #3144
2018-10-17tool_cb_hdr: handle failure of rename()Kamil Dudka
Detected by Coverity. Closes #3140 Reviewed-by: Jay Satiro
2018-10-17RELEASE-NOTES: syncedDaniel Stenberg
2018-10-17docs/SECURITY-PROCESS: the hackerone IBB program drops curlDaniel Stenberg
... now there's only BountyGraph.
2018-10-16x509asn1: Fix SAN IP address verificationMatthew Whitehead
For IP addresses in the subject alternative name field, the length of the IP address (and hence the number of bytes to perform a memcmp on) is incorrectly calculated to be zero. The code previously subtracted q from name.end. where in a successful case q = name.end and therefore addrlen equalled 0. The change modifies the code to subtract name.beg from name.end to calculate the length correctly. The issue only affects libcurl with GSKit SSL, not other SSL backends. The issue is not a security issue as IP verification would always fail. Fixes #3102 Closes #3141
2018-10-15INSTALL: mention mesalink in TLS sectionDaniel Gustafsson
Commit 57348eb97d1b8fc3742e02c6587d2d02ff592da5 added support for the MesaLink vtls backend, but missed updating the TLS section containing supported backends in the docs. Closes #3134 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-14nonblock: fix unused parameter warningMarcel Raad
If USE_BLOCKING_SOCKETS is defined, curlx_nonblock's arguments are not used.
2018-10-13Curl_follow: Always free the passed new URLMichael Kaufmann
Closes #3124
2018-10-12replace rawgit links [ci skip]Viktor Szakats
Ref: https://rawgit.com/ "RawGit has reached the end of its useful life" Ref: https://news.ycombinator.com/item?id=18202481 Closes https://github.com/curl/curl/pull/3131
2018-10-12docs/BUG-BOUNTY.md: for vulns published since Aug 1st 2018Daniel Stenberg
[ci skip]
2018-10-12travis: make distcheck scan for BOM markersDaniel Stenberg
and remove BOM from projects/wolfssl_override.props Closes #3126
2018-10-11CMake: remove BOMMarcel Raad
Accidentally aded in commit 1bb86057ff07083deeb0b00f8ad35879ec4d03ea. Reported-by: Viktor Szakats Ref: https://github.com/curl/curl/pull/3120#issuecomment-428673136
2018-10-10transfer: fix typo in commentDaniel Gustafsson
2018-10-10docs: add "see also" links for SSL optionsMichael Kaufmann
- link TLS 1.2 and TLS 1.3 options - link proxy and non-proxy options Closes #3121
2018-10-10AppVeyor: remove BDIR variable that sneaked in againMarcel Raad
Removed in ae762e1abebe3a5fe75658583c85059a0957ef6e, accidentally added again in 9f3be5672dc4dda30ab43e0152e13d714a84d762.
2018-10-10CMake: disable -Wpedantic-ms-formatMarcel Raad
As done in the autotools build. This is required for MinGW, which supports only %I64 for printing 64-bit values, but warns about it. Closes https://github.com/curl/curl/pull/3120
2018-10-09ldap: show precise LDAP call in error message on WindowsViktor Szakats
Also add a unique but common text ('bind via') to make it easy to grep this specific failure regardless of platform. Ref: https://github.com/curl/curl/pull/878/files#diff-7a636f08047c4edb53a240f540b4ecf6R468 Closes https://github.com/curl/curl/pull/3118 Reviewed-by: Daniel Stenberg <daniel@haxx.se> Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
2018-10-09docs/DEPRECATE: minor reformat to render nicer on webDaniel Stenberg
2018-10-09CURLOPT_SSL_VERIFYSTATUS: Fix typoDaniel Gustafsson
Changes s/OSCP/OCSP/ and bumps the copyright year due to the change.
2018-10-09curl_setup: define NOGDI on WindowsMarcel Raad
This avoids an ERROR macro clash between <wingdi.h> and <arpa/tftp.h> on MinGW. Closes https://github.com/curl/curl/pull/3113
2018-10-09Windows: fixes for MinGW targeting Windows VistaMarcel Raad
Classic MinGW has neither InitializeCriticalSectionEx nor GetTickCount64, independent of the target Windows version. Closes https://github.com/curl/curl/pull/3113
2018-10-08TODO: fixed 'API for URL parsing/splitting'Daniel Stenberg
2018-10-08KNOWN_BUGS: Fix various typosDaniel Gustafsson
Closes #3112 Reviewed-by: Daniel Stenberg <daniel@haxx.se>