| Age | Commit message (Collapse) | Author |
|---|
|
Curl_verify_certificate() must use the Curl_ prefix since it is globally
available in the lib and otherwise steps outside of our namespace!
Closes #3201
|
|
It is unused since commit f7208df7d9d5cd5e15e2d89237e828f32b63f135.
Closes #3204
|
|
... revert the mistaken change brought in commit 8440616f53.
Reported-by: Alessandro Ghedini
Bug: https://curl.haxx.se/mail/lib-2018-10/0118.html
Closes #3198
|
|
|
|
|
|
MesaLink support was added in commit 57348eb97d1b8fc3742e02c but the
backend was never added to the curl_sslbackend enum in curl/curl.h.
This adds the new backend to the enum and updates the relevant docs.
Closes #3195
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
Closes #3191
|
|
|
|
CVE-2018-16842
Reported-by: Brian Carpenter
Bug: https://curl.haxx.se/docs/CVE-2018-16842.html
|
|
Closes #3123
|
|
|
|
|
|
Detected by UndefinedBehaviorSanitizer
Closes #3187
|
|
Closes #3182
|
|
Closes #3186
|
|
CVE-2018-16839
Reported-by: Harry Sintonen
Bug: https://curl.haxx.se/docs/CVE-2018-16839.html
|
|
Regression from b46cfbc068 (7.59.0)
CVE-2018-16840
Reported-by: Brian Carpenter (Geeknik Labs)
Bug: https://curl.haxx.se/docs/CVE-2018-16840.html
|
|
system.h selects the proper Sun settings when __SUNPRO_C is defined. The
Sun compiler does not define it when compiling C++ files. I'm adding a
check also on __SUNPRO_CC to allow curl to work properly also when used
in a C++ project on Sun Solaris.
Closes #3181
|
|
|
|
The version used for Gskit, NSS, GnuTLS, WolfSSL and schannel.
|
|
|
|
Available in the root, src and lib dirs.
Closes #3163
|
|
See: https://curl.haxx.se/mail/lib-2018-10/0107.html
|
|
Use an unsigned variable: as the signed operation behavior is undefined,
this change silents clang-tidy about it.
Ref: https://github.com/curl/curl/pull/3163
Reported-By: Daniel Stenberg
|
|
If Curl_protocol_connect() returns an error code,
handle the error instead of switching to the next state.
Closes #3170
|
|
|
|
When failing to set the 1.3 cipher suite, the wrong string pointer would
be used in the error message. Most often saying "(nil)".
Reported-by: Ricky-Tigg on github
Fixes #3178
Closes #3180
|
|
... picked straight from the OpenSSL man page:
https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_ciphersuites.html
Reported-by: Ricky-Tigg on github
Bug: #3178
|
|
This is required for gnutls-serv, which enables a few more tests.
Closes https://github.com/curl/curl/pull/2958
|
|
Ensure to clear the session object in case the libssh2 initialization
fails.
It could be argued that the libssh2 error function should be called to
get a proper error message in this case. But since the only error path
in libssh2_knownhost_init() is memory a allocation failure it's safest
to avoid since the libssh2 error handling allocates memory.
Closes #3179
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
... I'm moving it up one week due to travels. The rest stays.
|
|
Closes #3176
|
|
Detected by clang-tidy
Closes #3176
|
|
Fixes #3171
Closes #3172
|
|
Reported-by: Gisle Vanem
Bug: https://github.com/curl/curl/commit/becfe1233ff2b6b0c3e1b6a10048b55b68c2539f#commitcomment-31008819
Closes #3161
|
|
Reported-by: Dima Pasechnik
Fixes #3143
Closes #3174
|
|
Compiling on _WIN32 and with USE_LWIPSOCK, causes this error:
curl_rtmp.c(223,3): error: use of undeclared identifier 'setsockopt'
setsockopt(r->m_sb.sb_socket, SOL_SOCKET, SO_RCVTIMEO,
^
curl_rtmp.c(41,32): note: expanded from macro 'setsockopt'
#define setsockopt(a,b,c,d,e) (setsockopt)(a,b,c,(const char *)d,(int)e)
^
Closes #3155
|
|
Follow-up to #3166 which did the cmake part of this. This type/define is
not used.
Closes #3168
|
|
Remove variables:
* HAVE_SOCKLEN_T
* CURL_SIZEOF_CURL_SOCKLEN_T
* CURL_TYPEOF_CURL_SOCKLEN_T
Closes #3166
|
|
The "connecting" function is used by multiple protocols, not only FTP
|
|
- Change the inout parameters after all needed memory has been
allocated. Do not change them if something goes wrong.
- Free the allocated temporary strings if strdup() fails.
Closes #3122
|
|
Closes #3162
|
|
|
|
lwIP on Windows does not have a WSAIoctl() function.
But it do have a SO_SNDBUF option to lwip_setsockopt(). But it currently does nothing.
|
|
... by making the converter function global and accessible.
Closes #3153
|
|
Follow-up to 05564e750e8f0c. This function no longer frees the passed-in
URL.
Reported-by: Michael Kaufmann
Bug: https://github.com/curl/curl/commit/05564e750e8f0c79016c680f301ce251e6e86155#commitcomm
ent-30985666
|
|
Most headerfiles end with a /* <headerguard> */ comment, but it was
missing from some. The comment isn't the most important part of our
code documentation but consistency has an intrinsic value in itself.
This adds header guard comments to the files that were lacking it.
Closes #3158
Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
Closes https://github.com/curl/curl/pull/3159
|
|
Retract the previous approach as the sponsors will be the ones to set the
final amounts.
Closes #3152
[ci skip]
|
|
Curl_follow() no longer frees the string. Make sure it happens in the
caller function, like we normally handle allocations.
This bug was introduced with the use of the URL API internally, it has
never been in a release version
Reported-by: Dario Weißer
Closes #3149
|
