aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-09-13krb5: fix memory leak in krb_authDaniel Gustafsson
The FTP command allocated by aprintf() must be freed after usage. Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-09-13ftp: include command in Curl_ftpsend sendbufferDaniel Gustafsson
Commit 8238ba9c5f10414a88f502bf3f5d5a42d632984c inadvertently removed the actual command to be sent from the send buffer in a refactoring. Add back copying the command into the buffer. Also add more guards against malformed input while at it. Closes #2985 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-09-13ntlm_wb: Fix memory leaks in ntlm_wb_responseDaniel Gustafsson
When erroring out on a request being too large, the existing buffer was leaked. Fix by explicitly freeing on the way out. Closes #2966 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-09-13travis: build the MesaLink vtls backend with MesaLink 0.7.1Yiming Jing
2018-09-13runtests.pl: run tests against the MesaLink vtls backendYiming Jing
2018-09-13vtls: add a MesaLink vtls backendYiming Jing
Closes #2984
2018-09-13configure.ac: add a MesaLink vtls backendYiming Jing
2018-09-13curl_url_set.3: properly escape \n in example codeDave Reisner
This yields "the scheme is %s\n" instead of "the scheme is %s0 Closes #2970
2018-09-13curl_url_set.3: fix typo in reference to CURLU_APPENDQUERYDave Reisner
2018-09-13urlglob: improve error messageDaniel Stenberg
to help user understand what the problem is Reported-by: Daniel Shahaf Fixes #2763 Closes #2977
2018-09-12tests/certs: rebuild certs with 2048-bit RSA keysYiming Jing
The previous test certificates contained RSA keys of only 1024 bits. However, RSA claims that 1024-bit RSA keys are likely to become crackable some time before 2010. The NIST recommends at least 2048-bit keys for RSA for now. Better use full 2048 also for testing. Closes #2973
2018-09-12TODO: fix typo in itemDaniel Gustafsson
Closes #2968 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-09-12anyauthput: fix compiler warning on 64-bit WindowsMarcel Raad
On Windows, the read function from <io.h> is used, which has its byte count parameter as unsigned int instead of size_t. Closes https://github.com/curl/curl/pull/2972
2018-09-12lib: fix gcc8 warning on WindowsViktor Szakats
Closes https://github.com/curl/curl/pull/2979
2018-09-12openssl: fix gcc8 warningJay Satiro
- Use memcpy instead of strncpy to copy a string without termination, since gcc8 warns about using strncpy to copy as many bytes from a string as its length. Suggested-by: Viktor Szakats Closes https://github.com/curl/curl/issues/2980
2018-09-10libcurl-url.3: overview man page for the URL APIDaniel Stenberg
Closes #2967
2018-09-10example/asiohiper: insert warning comment about its statusDaniel Stenberg
This example is simply not working correctly but there's nobody around with the skills and energy to fix it. Closes #2407
2018-09-10docs/cmdline-opts: update the documentation of --tlsv1.0Kamil Dudka
... to reflect the changes in 6015cefb1b2cfde4b4850121c42405275e5e77d9 Closes #2955
2018-09-10docs/examples: do not wait when no transfers are runningKamil Dudka
Closes #2948
2018-09-10cookies: Move failure case label to end of functionDaniel Gustafsson
Rather than jumping backwards to where failure cleanup happens to be performed, move the failure case to end of the function where it is expected per existing coding convention. Closes #2965
2018-09-10misc: fix typos in commentsDaniel Gustafsson
Closes #2963
2018-09-10cookies: fix leak when writing cookies to fileDaniel Gustafsson
If the formatting fails, we error out on a fatal error and clean up on the way out. The array was however freed within the wrong scope and was thus never freed in case the cookies were written to a file instead of STDOUT. Closes #2957
2018-09-10cookies: Remove redundant expired checkDaniel Gustafsson
Expired cookies have already been purged at a later expiration time before this check, so remove the redundant check. closes #2962
2018-09-09ntlm_wb: bail out if the response gets overly largeDaniel Stenberg
Exit the realloc() loop if the response turns out ridiculously large to avoid worse problems. Reported-by: Harry Sintonen Closes #2959
2018-09-08url.c: fix comment typo and indentationDaniel Gustafsson
Closes #2960
2018-09-08urlapi: avoid derefencing a possible NULL pointerDaniel Stenberg
Coverity CID 1439134
2018-09-08RELEASE-NOTES: syncedDaniel Stenberg
2018-09-08test324: fix after 3f3b26d6feb0667714902e836af608094235fca2Marcel Raad
The expected error code is now 60. 51 is dead.
2018-09-08curl_url_set.3: correct descriptionDaniel Stenberg
2018-09-08curl_url-docs: fix AVAILABILITY as Added in curl 7.62.0Daniel Stenberg
2018-09-08URL-APIDaniel Stenberg
See header file and man pages for API. All documented API details work and are tested in the 1560 test case. Closes #2842
2018-09-07curl_easy_upkeep: removed 'conn' from the nameDaniel Stenberg
... including the associated option. Fixes #2951 Closes #2952
2018-09-07upkeep: add a connection upkeep API: curl_easy_conn_upkeep()Max Dymond
Add functionality so that protocols can do custom keepalive on their connections, when an external API function is called. Add docs for the new options in 7.62.0 Closes #1641
2018-09-07configure: add option to disable automatic OpenSSL config loadingPhilipp Waehnert
Sometimes it may be considered a security risk to load an external OpenSSL configuration automatically inside curl_global_init(). The configuration option --disable-ssl-auto-load-config disables this automatism. The Windows build scripts winbuild/Makefile.vs provide a corresponding option ENABLE_SSL_AUTO_LOAD_CONFIG accepting a boolean value. Setting neither of these options corresponds to the previous behavior loading the external OpenSSL configuration automatically. Fixes #2724 Closes #2791
2018-09-07doh: minor edits to please CoverityDaniel Stenberg
The gcc typecheck macros and coverity combined made it warn on the 2nd argument for ERROR_CHECK_SETOPT(). Here's minor rearrange to please it. Coverity CID 1439115 and CID 1439114.
2018-09-07schannel: avoid switch-cases that go to default anywayDaniel Stenberg
SEC_E_APPLICATION_PROTOCOL_MISMATCH isn't defined in some versions of mingw and would require an ifdef otherwise. Reported-by: Thomas Glanzmann Approved-by: Marc Hörsken Bug: https://curl.haxx.se/mail/lib-2018-09/0020.html Closes #2950
2018-09-06imap: change from "FETCH" to "UID FETCH"Nicklas Avén
... and add "MAILINDEX". As described in #2789, this is a suggested solution. Changing UID=xx to actually get mail with UID xx and add "MAILINDEX" to get a mail with a special index in the mail box (old behavior). So MAILINDEX=1 gives the first non deleted mail in the mail box. Fixes #2789 Closes #2815
2018-09-06CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer sizeDaniel Stenberg
This is step 3 of #2888. Fixes #2888 Closes #2896
2018-09-06travis: add the DOH tests to the torture testingDaniel Stenberg
2018-09-06DOH: add test case 1650 and 2100Daniel Stenberg
2018-09-06curl: --doh-url addedDaniel Stenberg
2018-09-06setopt: add CURLOPT_DOH_URLDaniel Stenberg
Closes #2668
2018-09-06ssl: deprecate CURLE_SSL_CACERT in favour of a unified error codeHan Han
Long live CURLE_PEER_FAILED_VERIFICATION
2018-09-06x509asn1: return CURLE_PEER_FAILED_VERIFICATION on failure to parse certHan Han
CURLE_PEER_FAILED_VERIFICATION makes more sense because Curl_parseX509 does not allocate memory internally as its first argument is a pointer to the certificate structure. The same error code is also returned by Curl_verifyhost when its call to Curl_parseX509 fails so the change makes error handling more consistent.
2018-09-06openssl: return CURLE_PEER_FAILED_VERIFICATION on failure to parse issuerHan Han
Failure to extract the issuer name from the server certificate should return a more specific error code like on other TLS backends.
2018-09-06schannel: unified error code handlingHan Han
Closes #2901
2018-09-06darwinssl: more specific and unified error codesHan Han
Closes #2901
2018-09-06CURLOPT_DNS_USE_GLOBAL_CACHE: deprecatedDaniel Stenberg
Disable the CURLOPT_DNS_USE_GLOBAL_CACHE option and mark it for deprecation and complete removal in six months. Bug: https://curl.haxx.se/mail/lib-2018-09/0010.html Closes #2942
2018-09-05url: default to CURL_HTTP_VERSION_2TLS if built h2-enabledDaniel Stenberg
Closes #2709
2018-09-05multiplex: enable by defaultDaniel Stenberg
Starting 7.62.0, multiplexing is enabled by default in multi handles.