aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-05-27openssl: typo in commentDaniel Melani
2015-05-27openssl: Use TLS_client_method for OpenSSL 1.1.0+Jay Satiro
SSLv23_client_method is deprecated starting in OpenSSL 1.1.0. The equivalent is TLS_client_method. https://github.com/openssl/openssl/commit/13c9bb3#diff-708d3ae0f2c2973b272b811315381557
2015-05-26FAQ: How do I port libcurl to my OS?Daniel Stenberg
2015-05-25CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domainJay Satiro
Document that if Set-Cookie is used without a domain then the cookie is sent for any domain and will not be modified. Bug: http://curl.haxx.se/mail/lib-2015-05/0137.html Reported-by: Alexander Dyagilev
2015-05-25http2: Copy data passed in Curl_http2_switched into HTTP/2 connection bufferTatsuhiro Tsujikawa
Previously, after seeing upgrade to HTTP/2, we feed data followed by upgrade response headers directly to nghttp2_session_mem_recv() in Curl_http2_switched(). But it turns out that passed buffer, mem, is part of stream->mem, and callbacks called by nghttp2_session_mem_recv() will write stream specific data into stream->mem, overwriting input data. This will corrupt input, and most likely frame length error is detected by nghttp2 library. The fix is first copy the passed data to HTTP/2 connection buffer, httpc->inbuf, and call nghttp2_session_mem_recv().
2015-05-24CURLOPT_COOKIE.3: Explain that the cookies won't be modifiedJay Satiro
The CURLOPT_COOKIE doc says it "sets the cookie header explicitly in the outgoing request(s)." However there seems to be some user confusion about cookie modification. Document that the cookies set by this option are not modified by the cookie engine. Bug: http://curl.haxx.se/mail/lib-2015-05/0115.html Reported-by: Alexander Dyagilev
2015-05-24CURLOPT_COOKIELIST.3: Add exampleJay Satiro
2015-05-24testcurl.pl: use rel2abs to make the source directory absoluteDan Fandrich
This function makes a platform-specific absolute path which uses backslashes on Windows. This form works when passing it on the command-line, as well as if the source is on another drive.
2015-05-24conncache: fixed memory leak on OOM (torture tests)Dan Fandrich
2015-05-24perl: remove subdir, not touched in 9 yearsDaniel Stenberg
2015-05-24log2changes.pl: moved to scripts/Daniel Stenberg
2015-05-24scripts: add zsh.pl for generating zsh completionAlessandro Ghedini
2015-05-23test1510: another flaky testDan Fandrich
2015-05-22security: fix "Unchecked return value" from sscanf()Daniel Stenberg
By (void) prefixing it and adding a comment. Did some minor related cleanups. Coverity CID 1299423.
2015-05-22security: simplify choose_mechDaniel Stenberg
Coverity CID 1299424 identified dead code because of checks that could never equal true (if the mechanism's name was NULL). Simplified the function by removing a level of pointers and removing the loop and array that weren't used.
2015-05-22RTSP: catch attempted unsupported requests betterDaniel Stenberg
Replace use of assert with code that properly catches bad input at run-time even in non-debug builds. This flaw was sort of detected by Coverity CID 1299425 which claimed the "case RTSPREQ_NONE" was dead code.
2015-05-22share_init: fix OOM crashDaniel Stenberg
A failed calloc() would lead to NULL pointer use. Coverity CID 1299427.
2015-05-22parse_proxy: switch off tunneling if non-HTTP proxyDaniel Stenberg
non-HTTP proxy implies not using CURLOPT_HTTPPROXYTUNNEL Bug: http://curl.haxx.se/mail/lib-2015-05/0056.html Reported-by: Sean Boudreau
2015-05-22curl: fix potential NULL dereferenceDaniel Stenberg
Coverity CID 1299428: Dereference after null check (FORWARD_NULL)
2015-05-22http2: on_frame_recv: return early on stream 0Daniel Stenberg
Coverity CID 1299426 warned about possible NULL dereference otherwise, but that would only ever happen if we get invalid HTTP/2 data with frames for stream 0. Avoid this risk by returning early when stream 0 is used.
2015-05-22http: removed self assignmentDaniel Stenberg
Follow-up fix from b0143a2a33f0 Detected by coverity. CID 1299429
2015-05-22http2: Make HTTP Upgrade workTatsuhiro Tsujikawa
This commit just add implicitly opened stream 1 to streams hash.
2015-05-22strerror: Change SEC_E_ILLEGAL_MESSAGE descriptionJay Satiro
Prior to this change the description for SEC_E_ILLEGAL_MESSAGE was OS and language specific, and invariably translated to something not very helpful like: "The message received was unexpected or badly formatted." Bug: https://github.com/bagder/curl/issues/267 Reported-by: Michael Osipov
2015-05-21telnet: Fix read-callback change for Windows buildsJay Satiro
Refer to b0143a2 for more information on the read-callback change.
2015-05-21CURLOPT_HTTPPROXYTUNNEL.3: only works with a HTTP proxy!Daniel Stenberg
2015-05-21testcurl.pl: allow source to be in an arbitrary directoryDan Fandrich
This way, the build directory can be located on an entirely different filesystem from the source code (e.g. a tmpfs).
2015-05-20read_callback: move to SessionHandle from connectdataDaniel Stenberg
With many easy handles using the same connection for multiplexing, it is important we store and keep the transfer-oriented stuff in the SessionHandle so that callbacks and callback data work fine even when many easy handles share the same physical connection.
2015-05-20http2: show stream IDs in decimalDaniel Stenberg
It makes them easier to match output from the nghttpd test server.
2015-05-20http2: Faster http2 uploadTatsuhiro Tsujikawa
Previously, when we send all given buffer in data_source_callback, we return NGHTTP2_ERR_DEFERRED, and nghttp2 library removes this stream temporarily for writing. This itself is good. If this is the sole stream in the session, nghttp2_session_want_write() returns zero, which means that libcurl does not check writeability of the underlying socket. This leads to very slow upload, because it seems curl only upload 16k something per 1 second. To fix this, if we still have data to send, call nghttp2_session_resume_data after nghttp2_session_send. This makes nghttp2_session_want_write() returns nonzero (if connection window still opens), and as a result, socket writeability is checked, and upload speed becomes normal.
2015-05-20gtls: don't fail on non-fatal alerts during handshakeDmitry Eremin-Solenikov
Stop curl from failing when non-fatal alert is received during handshake. This e.g. fixes lots of problems when working with https sites through proxies.
2015-05-20curl_easy_unescape.3: update RFC referenceDaniel Stenberg
Reported-by: bsammon Bug: https://github.com/bagder/curl/issues/282
2015-05-20CURLOPT_POSTFIELDS.3: Mention curl_easy_escapeJay Satiro
.. also correct some variable naming in curl_easy_escape.3 Bug: https://github.com/bagder/curl/issues/281 Reported-by: bsammon@users.noreply.github.com
2015-05-19openssl: Use SSL_CTX_set_msg_callback and SSL_CTX_set_msg_callback_argBrian Prodoehl
BoringSSL removed support for direct callers of SSL_CTX_callback_ctrl and SSL_CTX_ctrl, so move to a way that should work on BoringSSL and OpenSSL. re #275
2015-05-19curl.1: fix missing space in section --dataJay Satiro
2015-05-19transfer: remove erroneous and misleading commentDaniel Stenberg
2015-05-19http: silence compile-time warnings without USE_NGHTTP2Kamil Dudka
Error: CLANG_WARNING: lib/http.c:173:16: warning: Value stored to 'http' during its initialization is never read Error: COMPILER_WARNING: lib/http.c: scope_hint: In function ‘http_disconnect’ lib/http.c:173:16: warning: unused variable ‘http’ [-Wunused-variable]
2015-05-19transfer: Replace __func__ instances with function nameJay Satiro
.. also make __func__ replacement in multi. Prior to this change debug builds would fail to build if the compiler was building pre-c99 and didn't support __func__.
2015-05-19build: bump version in default nghttp2 pathsViktor Szakats
2015-05-19INTERNALS: we require nghttp2 1.0.0+ nowDaniel Stenberg
2015-05-18http: Add some include guards for the new HTTP/2 stuffJay Satiro
2015-05-18http2: store upload state per streamDaniel Stenberg
Use a curl_off_t for upload left
2015-05-18http2: fix build when NOT h2-enabledDaniel Stenberg
2015-05-18http2: switch to use Curl_hash_destroy()Daniel Stenberg
as after 4883f7019d3, the *_clean() function only flushes the hash.
2015-05-18curlver: restore LIBCURL_VERSION_NUM defined as a full numberDaniel Stenberg
As it breaks configure, curl-config and test 1023 if not.
2015-05-18hostip: fix unintended destruction of hash tableAnthony Avina
.. and added unit1602 for hash.c
2015-05-18curlver: introducing new version number (checking) macrosDaniel Stenberg
2015-05-18runtests.pl: use 'h2c' now, no -14 anymoreDaniel Stenberg
2015-05-18http2: Ignore if we have stream ID not in hash in on_stream_closeTatsuhiro Tsujikawa
We could get stream ID not in the hash in on_stream_close. For example, if we decided to reject stream (e.g., PUSH_PROMISE), then we don't create stream and store it in hash with its stream ID.
2015-05-18Require nghttp2 v1.0.0Tatsuhiro Tsujikawa
This commit requires nghttp2 v1.0.0 to compile, and migrate to v1.0.0, and utilize recent version of nghttp2 to simplify the code, First we use nghttp2_option_set_no_recv_client_magic function to detect nghttp2 v1.0.0. That function only exists since v1.0.0. Since nghttp2 v0.7.5, nghttp2 ensures header field ordering, and validates received header field. If it found error, RST_STREAM with PROTOCOL_ERROR is issued. Since we require v1.0.0, we can utilize this feature to simplify libcurl code. This commit does this. Migration from 0.7 series are done based on nghttp2 migration document. For libcurl, we removed the code sending first 24 bytes client magic. It is now done by nghttp2 library. on_invalid_frame_recv callback signature changed, and is updated accordingly.
2015-05-18http2: infof length in on_frame_send()Daniel Stenberg