| Age | Commit message (Collapse) | Author |
|---|
|
If the compile-time CURL_CA_BUNDLE location is defined use it as the
default value for the proxy CA bundle location, which is the same as
what we already do for the regular CA bundle location.
Ref: https://github.com/curl/curl/pull/1257
|
|
Closes #1285
|
|
Closes #1280
|
|
|
|
|
|
Closes #1283
Fixes #1277
|
|
synced with df665f4df0f7a352
|
|
Reported-by: shachaf@users.noreply.github.com
Fixes #1281
|
|
curl.1 is generated by the cmdline-opts script since 4c49b83.
|
|
|
|
|
|
f77dabe broke builds in Windows using Windows SSPI but not Windows SSL.
Bug: https://github.com/curl/curl/issues/1276
Reported-by: jveazey@users.noreply.github.com
|
|
- Change CURLOPT_PROXY_CAPATH to return CURLE_NOT_BUILT_IN if the option
is not supported, which is the same as what we already do for
CURLOPT_CAPATH.
- Change the curl tool to handle CURLOPT_PROXY_CAPATH error
CURLE_NOT_BUILT_IN as a warning instead of as an error, which is the
same as what we already do for CURLOPT_CAPATH.
- Fix CAPATH docs to show that CURLE_NOT_BUILT_IN is returned when the
respective CAPATH option is not supported by the SSL library.
Ref: https://github.com/curl/curl/pull/1257
|
|
|
|
|
|
|
|
The CURLOPT_SSL_VERIFYSTATUS option was not properly handled by libcurl
and thus even if the status couldn't be verified, the connection would
be allowed and the user would not be told about the failed verification.
Regression since cb4e2be7c6d42ca
CVE-2017-2629
Bug: https://curl.haxx.se/docs/adv_20170222.html
Reported-by: Marcus Hoffmann
|
|
- If the server has provided another challenge use it as the replacement
input token if stale=TRUE. Otherwise previous credentials have failed
so return CURLE_LOGIN_DENIED.
Prior to this change the stale directive was ignored and if another
challenge was received it would cause error CURLE_BAD_CONTENT_ENCODING.
Ref: https://tools.ietf.org/html/rfc2617#page-10
Bug: https://github.com/curl/curl/issues/928
Reported-by: tarek112@users.noreply.github.com
|
|
Source: https://github.com/Microsoft/vcpkg/blob/7676b8780db1e1e591c4fc7eba4f96f73c428cb4/ports/curl/0002_fix_uwp.patch
|
|
Closes #1264
|
|
|
|
Since negative values are errors and not only -1. This makes SFTP upload
with --create-dirs work (again).
Closes #1269
|
|
- on the first invocation: keep security context returned by
InitializeSecurityContext()
- on subsequent invocations: use MakeSignature() instead of
InitializeSecurityContext() to generate HTTP digest response
Bug: https://github.com/curl/curl/issues/870
Reported-by: Andreas Roth
Closes https://github.com/curl/curl/pull/1251
|
|
|
|
|
|
|
|
Follow-up to 4b86113
Fixes https://github.com/curl/curl/issues/793
Fixes https://github.com/curl/curl/issues/942
|
|
|
|
Properly resolve, convert and log the proxy host names.
Support the "--connect-to" feature for SOCKS proxies and for passive FTP
data transfers.
Follow-up to cb4e2be
Reported-by: Jay Satiro
Fixes https://github.com/curl/curl/issues/1248
|
|
- While negotiating auth during PUT/POST if a user-specified
Content-Length header is set send 'Content-Length: 0'.
This is what we do already in HTTPREQ_POST_FORM and what we did in the
HTTPREQ_POST case (regression since afd288b).
Prior to this change no Content-Length header would be sent in such a
case.
Bug: https://curl.haxx.se/mail/lib-2017-02/0006.html
Reported-by: Dominik Hölzl
Closes https://github.com/curl/curl/pull/1242
|
|
Closes #1265
|
|
|
|
It isn't easily solved, but with some thinking someone could probably
come up with a working approach?
Closes #1241
|
|
For example allow ranges like [1-1] and [a-a] etc.
Regression since 5ca96cb.
Bug: https://github.com/curl/curl/issues/1238
Reported-by: R. Dennis Steed
|
|
Builds with axTLS 2.1.2. This then also breaks compatibility with axTLS
< 2.1.0 (the older API)
... and fix the session_id mixup brought in 04b4ee549
Fixes #1220
|
|
|
|
The warning message had a typo. The argument long form is --time-cond
not --timecond
Closes #1263
|
|
|
|
When the threaded resolver option is specified for configure the default
thread library is pthreads. This change makes it possible to
--disable-pthreads and then configure can fall back on Win32 threads for
native Windows builds.
Closes https://github.com/curl/curl/pull/1260
|
|
Reported-by: zelinchen@users.noreply.github.com
Fixes #1229
|
|
When CURLE_SSL_CACERT occurs the tool shows a lengthy error message to
the user explaining possible solutions such as --cacert and --insecure.
This change appends to that message similar options --proxy-cacert and
--proxy-insecure when there's a specified HTTPS proxy.
Closes https://github.com/curl/curl/issues/1258
|
|
|
|
Fixes #1252
|
|
- Document in --socks* opts they're still mutually exclusive of --proxy.
Partial revert of 423a93c; I had misinterpreted the SOCKS proxy +
HTTP/HTTPS proxy combination.
- Document in --socks* opts that --preproxy can be used to specify a
SOCKS proxy at the same time --proxy is used with an HTTP/HTTPS proxy.
|
|
|
|
If the NSS code was in the middle of a non-blocking handshake and it
was asked to finish the handshake in blocking mode, it unexpectedly
continued in the non-blocking mode, which caused a FTPS connection
over CONNECT to fail with "(81) Socket not ready for send/recv".
Bug: https://bugzilla.redhat.com/1420327
|
|
... instead of the OpenSSL mutex page.
|
|
Follow up to 7fe81ec298e0: make sure 'host' is either NULL or malloced.
|
|
Fixes #1255
|
|
Reported-by: Dan Fandrich
Bug: https://curl.haxx.se/mail/lib-2017-02/0032.html
|
