Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-05-30 | bump: start the journey toward 7.50.0 | Daniel Stenberg | |
2016-05-30 | openssl: fix build with OPENSSL_NO_COMP | Marcel Raad | |
With OPENSSL_NO_COMP defined, there is no function SSL_COMP_free_compression_methods Closes #836 | |||
2016-05-30 | memdebug: fix MSVC crash with -DMEMDEBUG_LOG_SYNC | Gisle Vanem | |
Fixes #828 | |||
2016-05-30 | README.md: polish | Jonathan | |
Closes #834 | |||
2016-05-30 | RELEASE-NOTES: fix vuln link | Daniel Stenberg | |
2016-05-30 | RELEASE-NOTES: 7.49.1 | Daniel Stenberg | |
2016-05-30 | loadlibrary: Only load system DLLs from the system directory | Steve Holme | |
Inspiration provided by: Daniel Stenberg and Ray Satiro Bug: https://curl.haxx.se/docs/adv_20160530.html Ref: Windows DLL hijacking with curl, CVE-2016-4802 | |||
2016-05-30 | ssh: fix version number check typo | Daniel Stenberg | |
2016-05-29 | curl_share_setopt.3: Add min ver needed for ssl session lock | Jay Satiro | |
Bug: https://github.com/curl/curl/issues/826 Reported-by: Michael Wallner | |||
2016-05-29 | ssh: fix build for libssh2 before 1.2.6 | Daniel Stenberg | |
The statvfs functionality was added to libssh2 in that version, so we switch off that functionality when built with older libraries. Fixes #831 | |||
2016-05-24 | mbedtls: fix includes so snprintf() works | Daniel Stenberg | |
Regression from the previous *printf() rearrangements, this file missed to include the correct header to make sure snprintf() works universally. Reported-by: Moti Avrahami Bug: https://curl.haxx.se/mail/lib-2016-05/0196.html | |||
2016-05-23 | checksrc.pl: Added variants of strcat() & strncat() to banned function list | Steve Holme | |
Added support for checking the tchar, unicode and mbcs variants of strcat() and strncat() in the banned function list. | |||
2016-05-23 | smtp: minor ident (white space) fixes | Daniel Stenberg | |
2016-05-23 | THANKS: updated after script fixes | Daniel Stenberg | |
Now giving credit properly to github user names, fixed some UTF-8 issues and added names discovered when contrithanks was improved. | |||
2016-05-23 | THANKS-filter: more name cleanups | Daniel Stenberg | |
2016-05-23 | contrithanks.sh: exclude existing names case insensitively | Daniel Stenberg | |
2016-05-23 | contrithanks.sh: use same grep pattern and -a flag as contributors.sh | Daniel Stenberg | |
2016-05-23 | contributors.sh: better grep pattern, use grep -a | Daniel Stenberg | |
2016-05-23 | THANKS-filter: fix more names | Daniel Stenberg | |
2016-05-23 | contrithanks.sh: do the same github fix as contributors.sh | Daniel Stenberg | |
from 1577bfa35ba | |||
2016-05-23 | contributors: Show GitHub username if real name unknown | Jay Satiro | |
Prior to this change if a GitHub contributor's real name was unknown they would be omitted from the list. Bug: https://github.com/curl/curl/issues/824 | |||
2016-05-21 | RELEASE-NOTES: synced with 3caaeffbe8ded4 | Daniel Stenberg | |
2016-05-20 | openssl: cleanup must free compression methods | Jay Satiro | |
- Free compression methods if OpenSSL 1.0.2 to avoid a memory leak. Bug: https://github.com/curl/curl/issues/817 Reported-by: jveazey@users.noreply.github.com | |||
2016-05-20 | curl_multibyte: fix compiler error | Gisle Vanem | |
While compiling lib/curl_multibyte.c with '-DUSE_WIN32_IDN' etc. I was getting: f:\mingw32\src\inet\curl\lib\memdebug.h(38): error C2054: expected '(' to follow 'CURL_EXTERN' f:\mingw32\src\inet\curl\lib\memdebug.h(38): error C2085: 'curl_domalloc': not in formal parameter list | |||
2016-05-20 | THANKS-filter: make Jan-E get proper credit | Daniel Stenberg | |
2016-05-20 | winbuild/Makefile.vc: Fix check on SSL, MBEDTLS, WINSSL exclusivity | Jan-E | |
Closes #818 | |||
2016-05-20 | libcurl.m4: Avoid obsolete warning | Alexander Traud | |
Closes #821 | |||
2016-05-20 | CURLOPT_CONNECT_TO.3: user must not free the list prematurely | Michael Kaufmann | |
The connect-to list isn't copied so as long as the handle may be used for a transfer the list must be valid. Bug: https://github.com/curl/curl/pull/819 Reported-by: Michael Kaufmann | |||
2016-05-19 | RELEASE-NOTES: synced with 48114a8634242c | Daniel Stenberg | |
2016-05-19 | openssl: ERR_remove_thread_state() is deprecated in latest 1.1.0 | Daniel Stenberg | |
See OpenSSL commit 21e001747d4a | |||
2016-05-19 | http2: use HTTP/2 in the HTTP/1.1-alike header | Daniel Stenberg | |
... when generating them, not "2.0" as the protocol is called just HTTP/2 and nothing else. | |||
2016-05-19 | dist: include curl_multi_socket_all.3 | Jay Satiro | |
Closes https://github.com/curl/curl/pull/816 | |||
2016-05-18 | bump: Start work on 7.49.1 | Steve Holme | |
2016-05-18 | curlbuild.h.dist: check __LP64__ as well to fix MIPS build | Daniel Stenberg | |
The preprocessor check that sets up the 32bit defines for non-configure builds didn't work properly for MIPS systems as __mips__ is defined for both 32bit and 64bit. Now __LP64__ is also checked and indicates 64bit. Reported-by: Tomas Jakobsson Fixes #813 | |||
2016-05-18 | schannel: fix compile break with MSVC XP toolset | Marcel Raad | |
For the Windows XP toolset of Visual C++ 2013/2015, the old Windows SDK 7.1 is used. In this case, _USING_V110_SDK71_ is defined. Closes #812 | |||
2016-05-18 | dist: include CHECKSRC.md | Daniel Stenberg | |
Reported-by: Paul Howarth Bug: https://curl.haxx.se/mail/lib-2016-05/0116.html | |||
2016-05-18 | test/Makefile.am: include manpage-scan.pl and nroff-scan.pl in dist | Daniel Stenberg | |
Reported-by: Ray Satiro Bug: https://curl.haxx.se/mail/lib-2016-05/0113.html | |||
2016-05-17 | THANKS: 24 new names from 7.49.0 release notes | Daniel Stenberg | |
2016-05-17 | RELEASE-NOTES: 7.49.0 | Daniel Stenberg | |
2016-05-17 | mbedtls/polarssl: set "hostname" unconditionally | Daniel Stenberg | |
...as otherwise the TLS libs will skip the CN/SAN check and just allow connection to any server. curl previously skipped this function when SNI wasn't used or when connecting to an IP address specified host. CVE-2016-3739 Bug: https://curl.haxx.se/docs/adv_20160518A.html Reported-by: Moti Avrahami | |||
2016-05-17 | CURLOPT_RESOLVE.3: fix typo | Frank Gevaerts | |
Closes #811 | |||
2016-05-17 | docs: CURLOPT_RESOLVE overrides CURLOPT_IPRESOLVE | Daniel Stenberg | |
2016-05-17 | KNOWN_BUGS: GnuTLS backend skips really long certificate fields | Daniel Stenberg | |
Closes #762 | |||
2016-05-17 | CURLOPT_HTTPPOST.3: the data needs to be around while in use | Daniel Stenberg | |
2016-05-17 | openssl: get_cert_chain: fix NULL dereference | Daniel Stenberg | |
CID 1361815: Explicit null dereferenced (FORWARD_NULL) | |||
2016-05-17 | openssl: get_cert_chain: avoid NULL dereference | Daniel Stenberg | |
CID 1361811: Explicit null dereferenced (FORWARD_NULL) | |||
2016-05-17 | dprintf_formatf: fix (false?) Coverity warning | Daniel Stenberg | |
CID 1024412: Memory - illegal accesses (OVERRUN). Claimed to happen when we run over 'workend' but the condition says <= workend and for all I can see it should be safe. Compensating for the warning by adding a byte margin in the buffer. Also, removed the extra brace level indentation in the code and made it so that 'workend' is only assigned once within the function. | |||
2016-05-16 | RELEASE-NOTES: synced with 2dcb5adc72d6 | Daniel Stenberg | |
2016-05-16 | THANKS-filter: fixed Jonathan Cardoso | Daniel Stenberg | |
2016-05-15 | ftp: fix incorrect out-of-memory code in Curl_pretransfer | Jay Satiro | |
- Return value type must match function type. s/CURLM_OUT_OF_MEMORY/CURLE_OUT_OF_MEMORY/ Caught by Travis CI |