aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-08-05RELEASE-NOTES: synced with 7b4bf37a44791Daniel Stenberg
2016-08-05mbedtls: set debug threshold to 4 (verbose) when MBEDTLS_DEBUG is definedThomas Glanzmann
In order to make MBEDTLS_DEBUG work, the debug threshold must be unequal to 0. This patch also adds a comment how mbedtls must be compiled in order to make debugging work, and explains the possible debug levels.
2016-08-05CURLOPT_TCP_NODELAY: now enabled by defaultDaniel Stenberg
After a few wasted hours hunting down the reason for slowness during a TLS handshake that turned out to be because of TCP_NODELAY not being set, I think we have enough motivation to toggle the default for this option. We now enable TCP_NODELAY by default and allow applications to switch it off. This also makes --tcp-nodelay unnecessary, but --no-tcp-nodelay can be used to disable it. Thanks-to: Tim Rühsen Bug: https://curl.haxx.se/mail/lib-2016-06/0143.html
2016-08-04TFTP: Fix upload problem with piped inputSerj Kalichev
When input stream for curl is stdin and input stream is not a file but generated by a script then curl can truncate data transfer to arbitrary size since a partial packet is treated as end of transfer by TFTP. Fixes #857
2016-08-04mk-ca-bundle.pl: -m keeps ca cert meta data in outputDaniel Stenberg
Makes the script pass on comments holding meta data to the output file. Like fingerprinters, issuer, date ranges etc. Closes #937
2016-08-04multi: make Curl_expire() work with 0 ms timeoutsDaniel Stenberg
Previously, passing a timeout of zero to Curl_expire() was a magic code for clearing all timeouts for the handle. That is now instead made with the new Curl_expire_clear() function and thus a 0 timeout is fine to set and will trigger a timeout ASAP. This will help removing short delays, in particular notable when doing HTTP/2.
2016-08-04transfer: return without select when the read loop reached maxcountDaniel Stenberg
Regression added in 790d6de48515. The was then added to avoid one particular transfer to starve out others. But when aborting due to reading the maxcount, the connection must be marked to be read from again without first doing a select as for some protocols (like SFTP/SCP) the data may already have been read off the socket. Reported-by: Dan Donahue Bug: https://curl.haxx.se/mail/lib-2016-07/0057.html
2016-08-03mbedtls: Added support for NTLMBill Nagel
2016-08-03travis: removed option to rebuild autotool from sourceSergei Nikulov
Fixes #943
2016-08-03bump: start working toward 7.50.2Daniel Stenberg
2016-08-03THANKS: 7 new contributors from the 7.50.1 releaseDaniel Stenberg
2016-08-03RELEASE-NOTES: 7.50.1Daniel Stenberg
2016-08-03TLS: only reuse connections with the same client certDaniel Stenberg
CVE-2016-5420 Bug: https://curl.haxx.se/docs/adv_20160803B.html
2016-08-03TLS: switch off SSL session id when client cert is usedDaniel Stenberg
CVE-2016-5419 Bug: https://curl.haxx.se/docs/adv_20160803A.html Reported-by: Bru Rom Contributions-by: Eric Rescorla and Ray Satiro
2016-08-03curl_multi_cleanup: clear connection pointer for easy handlesDaniel Stenberg
CVE-2016-5421 Bug: https://curl.haxx.se/docs/adv_20160803C.html Reported-by: Marcelo Echeverria and Fernando Muñoz
2016-08-03KNOWN_BUGS: SOCKS proxy not working via IPv6Daniel Stenberg
Closes #835
2016-08-03KNOWN_BUGS: CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAMDaniel Stenberg
Closes #768
2016-08-03KNOWN_BUGS: transfer-encoding: chunked in HTTP/2Daniel Stenberg
Closes #662
2016-08-03TODO: Provide cmake config-fileDaniel Stenberg
Closes #885
2016-08-02os400: define BUILDING_LIBCURL in make script.Patrick Monnerat
2016-08-01RELEASE-NOTES: synced with aa9f536a18bDaniel Stenberg
2016-08-01mbedtls: Fix debug function nameThomas Glanzmann
This patch is necessary so that curl compiles if MBEDTLS_DEBUG is defined. Bug: https://curl.haxx.se/mail/lib-2016-08/0001.html
2016-08-01travis: fix OSX build by re-installing libtoolSergei Nikulov
Apparently due to a broken homebrew install fixes #934 Closes #939
2016-08-01win32: fix a potential memory leak in Curl_load_libraryMartin Vejnár
If a call to GetSystemDirectory fails, the `path` pointer that was previously allocated would be leaked. This makes sure that `path` is always freed. Closes #938
2016-07-31include: revert 9adf3c4 and make public types void * againDaniel Stenberg
Many applications assume the actual contents of the public types and use that do for example forward declarations (saving them from including our public header) which then breaks when we switch from void * to a struct *. I'm not convinced we were wrong, but since this practise seems widespread enough I'm willing to (partly) step down. Now libcurl uses the struct itself when it is built and it allows applications to use the struct type if CURL_STRICTER is defined at the time of the #include. Reported-by: Peter Frühberger Fixes #926
2016-07-28cmake: Fix for schannel supportYonggang Luo
The check_library_exists_concat do not check crypt32 library properly. So include it directly. Bug: https://github.com/curl/curl/pull/917 Reported-by: Yonggang Luo Bug: https://github.com/curl/curl/issues/935 Reported-by: Alain Danteny
2016-07-28Revert "travis: Install libtool for OS X builds"Jay Satiro
Didn't work. This reverts commit 50723585ed380744358de054e2a55dccee65dfd7.
2016-07-28travis: Install libtool for OS X buildsJay Satiro
CI is failing due to missing libtoolize, so I'm trying this.
2016-07-26TODO: minor typo in last commitViktor Szakats
merged #931
2016-07-26TODO: Timeout idle connections from the poolDaniel Stenberg
2016-07-25os400: minimum supported OS version: V6R1M0.Patrick Monnerat
Do not log compilation informational messages.
2016-07-24tests: Fix for http/2 featureJay Satiro
Bug: https://curl.haxx.se/mail/lib-2016-07/0070.html Reported-by: Paul Howarth
2016-07-23README: Mention wolfSSL in the 'Dependencies' sectionSteve Holme
2016-07-23vauth.h: No need to query HAVE_GSSAPI || USE_WINDOWS_SSPI for SPNEGOSteve Holme
As SPNEGO is only defined when these pre-processor variables are defined there is no need to query them explicitly.
2016-07-23spnego: Corrected miss-placed * in Curl_auth_spnego_cleanup() declarationSteve Holme
Typo introduced in commit ad5e9bfd5d.
2016-07-22SECURITY: mention how to get windows-specific CVEsDaniel Stenberg
... and make the distros link a proper link
2016-07-21test558: fix test by stripping file paths from FD linesDan Fandrich
2016-07-21tests: distribute the http2-server.pl script, tooKamil Dudka
2016-07-21docs: distribute the CURLINFO_HTTP_VERSION(3) man page, tooKamil Dudka
2016-07-21bump: start working on 7.50.1Daniel Stenberg
2016-07-21RELEASE-NOTES: version 7.50.0 readyDaniel Stenberg
2016-07-21THANKS: 13 new contributors from the 7.50.0 releaseDaniel Stenberg
2016-07-21winbuild: fix embedded manifest optionJay Satiro
Embedded manifest option didn't work due to typo. Reported-by: Stefan Kanthak
2016-07-20vauth: Fix memleak by freeing credentials if out of memoryJay Satiro
This is a follow up to the parent commit dcdd4be which fixes one leak but creates another by failing to free the credentials handle if out of memory. Also there's a second location a few lines down where we fail to do same. This commit fixes both of those issues.
2016-07-20vauth: Fixed memory leak due to function returning without freeSaurav Babu
This patch allocates memory to "output_token" only when it is required so that memory is not leaked if function returns.
2016-07-20test558: updated after ipv6-check moveDaniel Stenberg
Follow-up commit to c50980807c5 to make this test pass.
2016-07-20connect: disable TFO on Linux when using SSLJay Satiro
- Linux TFO + TLS is not implemented yet. Bug: https://github.com/curl/curl/issues/907
2016-07-19ROADMAP: QUIC and TLS 1.3Daniel Stenberg
2016-07-19RELEASE-NOTES: synced with c50980807c5Daniel Stenberg
2016-07-18curl_global_init: Check if IPv6 worksBrian Prodoehl
- Curl_ipv6works() is not thread-safe until after the first call, so call it once during global init to avoid a possible race condition. Bug: https://github.com/curl/curl/issues/915 PR: https://github.com/curl/curl/pull/918