Age | Commit message (Collapse) | Author |
|
Closes https://github.com/curl/curl/pull/3919
|
|
Closes https://github.com/curl/curl/pull/3919
|
|
Also removed mentions from most docs.
Discussed: https://curl.haxx.se/mail/lib-2019-05/0045.html
Closes #3888
|
|
- adds the check to cmake
- fixes the configure check to work for cross-compiled windows builds
Closes #3917
|
|
If the proxy string is given as an IPv6 numerical address with a zone
id, make sure to use that for the connect to the proxy.
Reported-by: Edmond Yu
Fixes #3482
Closes #3918
|
|
|
|
|
|
Reported-by: GitYuanQu on github
Fixes #3902
Closes #3914
|
|
Made detection macros for these two functions in the same style as other
functions possibly in winsock in the hope this will work better to
detect these functions when cross-compiling for Windows.
Follow-up to e91e4816123
Fixes #3913
Closes #3915
|
|
Fixes Codacy/CppCheck warnings.
Closes
|
|
When compiling without getpeername() or getsockname(), the sockfd
paramter to Curl_udpateconninfo() became unused after commit e91e481612
added ifdef guards.
Closes #3910
Fixes https://curl.haxx.se/dev/log.cgi?id=20190520172441-32196
Reviewed-by: Marcel Raad, Daniel Stenberg
|
|
Commit e91e48161235272ff485ff32bd048c53af731f43 moved ftp_ccc in under
the FTP featureflag in the UserDefined struct, but vtls callsites were
still using it unprotected.
Closes #3912
Fixes: https://curl.haxx.se/dev/log.cgi?id=20190520044705-29865
Reviewed-by: Daniel Stenberg, Marcel Raad
|
|
Reported-by: Olen Andoni
Fixes #3906
Closes #3907
|
|
Closes #3892
|
|
Ref: #3905
|
|
The longest currently registered URI scheme at IANA is 36 bytes long.
Closes #3905
Closes #3900
|
|
Fixes Codacy/CppCheck warnings.
Closes https://github.com/curl/curl/pull/3872
|
|
Just initialize word_begin with the correct value.
Closes https://github.com/curl/curl/pull/3873
|
|
This way, we need only one call to free.
Closes https://github.com/curl/curl/pull/3873
|
|
sock was only used to be assigned to fd_read.
Closes https://github.com/curl/curl/pull/3873
|
|
|
|
bug: https://curl.haxx.se/docs/CVE-2019-5436.html
Reported-by: l00p3r on hackerone
CVE-2019-5436
|
|
When running a multi TLS backend build the version string needs more
buffer space. Make the internal ssl_buffer stack buffer match the one
in Curl_multissl_version() to allow for the longer string. For single
TLS backend builds there is no use in extended to buffer. This is a
fallout from #3863 which fixes up the multi_ssl string generation to
avoid a buffer overflow when the buffer is too small.
Closes #3875
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
Currently when the server responds with 401 on NTLM authenticated
connection (re-used) we consider it to have failed. However this is
legitimate and may happen when for example IIS is set configured to
'authPersistSingleRequest' or when the request goes thru a proxy (with
'via' header).
Implemented by imploying an additional state once a connection is
re-used to indicate that if we receive 401 we need to restart
authentication.
Missed in fe6049f0.
|
|
Missed in 50b87c4e.
|
|
Missed in fe20826b as it wasn't implemented in http.c in b4d6db83.
Closes #3894
|
|
Closes #3844
|
|
|
|
|
|
|
|
|
|
Approved-by: Daniel Stenberg
Closes #3896
|
|
Ref: https://github.com/curl/curl/commit/0af41b40b2c7bd379b2251cbe7cd618e21fa0ea1#commitcomment-33563135
Approved-by: Daniel Stenberg
Closes #3895
|
|
Closes #3887
|
|
They serve very little purpose and mostly just add noise. Most of them
have been around for a very long time. I read them all before removing
or rephrasing them.
Ref: #3876
Closes #3883
|
|
... since libcurl has started to be totally unaware of options for
disabled protocols they now return error.
Bug: https://github.com/curl/curl/commit/c9c5304dd4747cbe75d2f24be85920d572fcb5b8#commitcomment-33533937
Reported-by: Marcel Raad
Closes #3886
|
|
This brings the code inline with the other HTTP authentication mechanisms.
Closes #3890
|
|
|
|
|
|
Reported-by: Roy Bellingan
Bug: #3885
|
|
As we treat a given proxy as a URL we should use the unified URL parser
to extract the parts out of it.
Closes #3878
|
|
Given that this member variable is not used by the SASL based protocols
there is no need to have it here.
Closes #3882
|
|
Given that this member variable is not used by the SASL based protocols
there is no need to have it here.
|
|
|
|
Given that Curl_disconnect() calls Curl_http_auth_cleanup_ntlm() prior
to calling conn_shutdown() and it in turn performs this, there is no
need to perform the same action in conn_shutdown().
Closes #3881
|
|
Updated test 1560 to verify.
Closes #3880
|
|
If --with-ssl is used and configure still couldn't enable SSL this
creates an error instead of just silently ignoring the fact.
Suggested-by: Isaiah Norton
Fixes #3824
Closes #3830
|
|
|
|
No need to set variables to zero as calloc() does this for us.
Closes #3879
|
|
Clues-provided-by: Jay Satiro
Clues-provided-by: Jeroen Ooms
Fixes #3711
Closes #3874
|