aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-11-11URL-parser: for file://[host]/ URLs, the [host] must be localhostDaniel Stenberg
Previously, the [host] part was just ignored which made libcurl accept strange URLs misleading users. like "file://etc/passwd" which might've looked like it refers to "/etc/passwd" but is just "/passwd" since the "etc" is an ignored host name. Reported-by: Mike Crowe Assisted-by: Kamil Dudka
2016-11-11test558: adapt to 0649433daDaniel Stenberg
2016-11-11openssl: make sure to fail in the unlikely event that PRNG seeding failsDaniel Stenberg
2016-11-11openssl: avoid unnecessary seeding if already doneDaniel Stenberg
1.1.0+ does more of this by itself so we can avoid extra processing this way.
2016-11-11openssl: RAND_status always exists in OpenSSL >= 0.9.7Daniel Stenberg
and remove RAND_screen from configure since nothing is using that function
2016-11-11Curl_pgrsUpdate: use dedicated function for time passedDaniel Stenberg
2016-11-11realloc: use Curl_saferealloc to avoid common mistakesDaniel Stenberg
Discussed: https://curl.haxx.se/mail/lib-2016-11/0087.html
2016-11-11curl: Add --retry-connrefusedDaniel Hwang
to consider ECONNREFUSED as a transient error. Closes #1064
2016-11-10openssl: raise the max_version to 1.3 if asked forDaniel Stenberg
Now I've managed to negotiate TLS 1.3 with https://enabled.tls13.com/ when using boringssl.
2016-11-09vtls: Fail on unrecognized param for CURLOPT_SSLVERSIONJay Satiro
- Fix GnuTLS code for CURL_SSLVERSION_TLSv1_2 that broke when the TLS 1.3 support was added in 6ad3add. - Homogenize across code for all backends the error message when TLS 1.3 is not available to "<backend>: TLS 1.3 is not yet supported". - Return an error when a user-specified ssl version is unrecognized. --- Prior to this change our code for some of the backends used the 'default' label in the switch statement (ie ver unrecognized) for ssl.version and treated it the same as CURL_SSLVERSION_DEFAULT. Bug: https://curl.haxx.se/mail/lib-2016-11/0048.html Reported-by: Kamil Dudka
2016-11-09SPNEGO: Fix memory leak when authentication failsIsaac Boukris
If SPNEGO fails, cleanup the negotiate handle right away. Fixes #1115 Signed-off-by: Isaac Boukris <iboukris@gmail.com> Reported-by: ashman-p
2016-11-09CODE_STYLE.md: link to INTERNALS.md correctlyDaniel Stenberg
2016-11-09bump: next version will be 7.52.0Daniel Stenberg
2016-11-09RELEASE-NOTES: synced with dfcdaaba371e9a3Daniel Stenberg
2016-11-08examples/fileupload.c: fclose the file as wellDaniel Stenberg
2016-11-08printf: fix ".*f" handlingDaniel Stenberg
It would always use precision 1 instead of reading it from the argument list as intended. Reported-by: Ray Satiro Bug: #1113
2016-11-08curl_formadd.3: *_FILECONTENT and *_FILE need the file to be keptDaniel Stenberg
Reported-by: Frank Gevaerts
2016-11-07nss: silence warning 'SSL_NEXT_PROTO_EARLY_VALUE not handled in switch'Kamil Dudka
... with nss-3.26.0 and newer Reported-by: Daniel Stenberg
2016-11-07openssl: initial TLS 1.3 adaptionsDaniel Stenberg
BoringSSL supports TLSv1.3 already, but these changes don't seem to be anough to get it working.
2016-11-07ssh: check md5 fingerprints case insensitively (regression)Daniel Stenberg
Revert the change from ce8d09483eea but use the new function Reported-by: Kamil Dudka Bug: https://github.com/curl/curl/commit/ce8d09483eea2fcb1b50e323e1a8ed1f3613b2e3#commitcomment-19666146
2016-11-07curl: introduce the --tlsv1.3 option to force TLS 1.3Kamil Dudka
Fully implemented with the NSS backend only for now. Reviewed-by: Ray Satiro
2016-11-07vtls: support TLS 1.3 via CURL_SSLVERSION_TLSv1_3Kamil Dudka
Fully implemented with the NSS backend only for now. Reviewed-by: Ray Satiro
2016-11-07nss: map CURL_SSLVERSION_DEFAULT to NSS defaultKamil Dudka
... but make sure we use at least TLSv1.0 according to libcurl API Reported-by: Cure53 Reviewed-by: Ray Satiro
2016-11-07s/cURL/curlDaniel Stenberg
We're mostly saying just "curl" in lower case these days so here's a big cleanup to adapt to this reality. A few instances are left as the project could still formally be considered called cURL.
2016-11-07http2: Don't send header fields prohibited by HTTP/2 specTatsuhiro Tsujikawa
Previously, we just ignored "Connection" header field. But HTTP/2 specification actually prohibits few more header fields. This commit ignores all of them so that we don't send these bad header fields. Bug: https://curl.haxx.se/mail/archive-2016-10/0033.html Reported-by: Ricki Hirner Closes https://github.com/curl/curl/pull/1092
2016-11-07curl.1: explain the SMTP data expected for -TDaniel Stenberg
Fixes #1107 Reported-by: Adam Piggott
2016-11-06cmake: disable poll for macOSPeter Wu
Mirrors the autotools behavior introduced with curl-7_50_3-83-ga34c7ce. Fixes #1089
2016-11-05easy: Initialize info variables on easy init and duphandleJay Satiro
- Call Curl_initinfo on init and duphandle. Prior to this change the statistical and informational variables were simply zeroed by calloc on easy init and duphandle. While zero is the correct default value for almost all info variables, there is one where it isn't (filetime initializes to -1). Bug: https://github.com/curl/curl/issues/1103 Reported-by: Neal Poole
2016-11-05curl -w: added more decimal digits to timing countersMauro Rappa
Now showing microsecond resolution. Closes #1106
2016-11-04dist: add CMakeLists.txt to the tarballJakub Zakrzewski
2016-11-04mbedtls: fix build with mbedtls versions < 2.4.0Daniel Stenberg
Regression added in 62a8095e714 Reported-by: Tony Kelman Discussed in #1087
2016-11-03configure: verify that compiler groks -Werror=partial-availabilityDaniel Stenberg
Reported-by: bemoody Fixes #1104
2016-11-03docs: shorten and simplify the top comment in multi-uv.cDaniel Stenberg
and change URL to use https
2016-11-03docs: handle CURL_POLL_INOUT in multi-uv exampleAndrei Sedoi
2016-11-03docs: multi-uv: don't use CURLMsg after cleanupAndrei Sedoi
2016-11-03docs: remove unused variables in multi-uv exampleAndrei Sedoi
2016-11-03bump: start working on 7.51.1Daniel Stenberg
2016-11-02winbuild: remove strcase.obj from curl buildDaniel Stenberg
Reported-by: Bruce Stephens Fixes #1098
2016-11-02msvc: removed a straggling reference to strequal.cDan Fandrich
Follow-up to 502acba2
2016-11-02THANKS: synced with 7.51.0Daniel Stenberg
2016-11-02RELEASE-NOTES: 7.51.0Daniel Stenberg
2016-11-02ftp_done: don't clobber the passed in error codeDaniel Stenberg
Coverity CID 1374359 pointed out the unused result value.
2016-11-02ftp: remove dead code in ftp_doneDaniel Stenberg
Coverity CID 1374358
2016-11-01generate.bat: Include include/curl in libcurl VS projectsJay Satiro
.. because including those headers helps Visual Studio's Intellisense.
2016-11-01generate.bat: Remove strcase.[ch] from curl tool VS projectsJay Satiro
..because they're no longer needed in the tool build. strcase is still built by the libcurl project and exports curl_str(n)equal which is used by the curl tool. Bug: https://github.com/curl/curl/commit/9363f1a#all_commit_comments
2016-11-02metalink: simplify the hex parsing functionDaniel Stenberg
... and now it avoids using the libcurl toupper() function
2016-11-01file: fix compiler warningMichael Kaufmann
follow-up to 46133aa5
2016-11-01strcase: fixed Metalink builds by redefining checkprefix()Dan Fandrich
...to use the public function curl_strnequal(). This isn't ideal because it adds extra overhead to any internal calls to checkprefix. follow-up to 95bd2b3e
2016-11-01curl.1: typoDaniel Stenberg
2016-11-01curl.1: expand on how multiple uses of -o looksDaniel Stenberg
Suggested-by: Dan Jacobson Issue: https://github.com/curl/curl/issues/1097