aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-12-13ntlm_wb: fix double-free in OOMDaniel Stenberg
Detected by torture testing test 1310 Closes #4710
2019-12-13cirrus: Drop the FreeBSD 10.4 buildDan Fandrich
Upstream support for 10.4 ended a year ago, and it looks like the image is now gone, too. [skip ci]
2019-12-13unit1620: fix bad free in OOMDaniel Stenberg
Closes #4709
2019-12-13unit1609: fix mem-leak in OOMDaniel Stenberg
Closes #4709
2019-12-13unit1607: fix mem-leak in OOMDaniel Stenberg
Closes #4709
2019-12-13lib1559: fix mem-leak in OOMDaniel Stenberg
Closes #4709
2019-12-13lib1557: fix mem-leak in OOMDaniel Stenberg
Closes #4709
2019-12-12altsvc: make the save function ignore NULL filenamesDaniel Stenberg
It might happen in OOM situations. Detected bv torture tests. Closes #4707
2019-12-12curl: fix memory leak in OOM in etags logicDaniel Stenberg
Detected by torture tests Closes #4706
2019-12-12doh: make it behave when built without proxy supportDaniel Stenberg
Reported-by: Marcel Raad Bug: https://github.com/curl/curl/pull/4692#issuecomment-564115734 Closes #4704
2019-12-12curl: improved cleanup in upload error pathDaniel Stenberg
Memory leak found by torture test 58 Closes #4705
2019-12-11mailmap: fix Andrew IshchukDaniel Stenberg
2019-12-11travis: make torture use --shallow=40Daniel Stenberg
As a first step to enable it to run over a more diverse set of tests in a reasonable time.
2019-12-11runtests: introduce --shallow to reduce huge torture testsDaniel Stenberg
When set, shallow mode limits runtests -t to make no more than NUM fails per test case. If more are found, it will randomly discard entries until the number is right. The random seed can also be set. This is particularly useful when running MANY tests as then most torture failures will already fail the same functions over and over and make the total operation painfully tedious. Closes #4699
2019-12-11conncache: CONNECT_ONLY connections assumed always in-useDaniel Stenberg
This makes them never to be considered "the oldest" to be discarded when reaching the connection cache limit. The reasoning here is that CONNECT_ONLY is primarily used in combination with using the connection's socket post connect and since that is used outside of curl's knowledge we must assume that it is in use until explicitly closed. Reported-by: Pavel Pavlov Reported-by: Pavel Löbl Fixes #4426 Fixes #4369 Closes #4696
2019-12-10vtls: make BearSSL possible to set with CURL_SSL_BACKENDGisle Vanem
Ref: https://github.com/curl/curl/commit/9b879160df01e7ddbb4770904391d3b74114302b#commitcomment-36355622 Closes #4698
2019-12-10RELEASE-NOTES: syncedDaniel Stenberg
2019-12-10travis: remove "coverage", make it "torture"Daniel Stenberg
The coveralls service and test coverage numbers are just too unreliable. Removed badge from README.md as well. Fixes #4694 Closes #4695
2019-12-10azure: add libssh2 and cmake macos buildsDaniel Stenberg
Removed the macos libssh2 build from travis Closes #4686
2019-12-10curl: use errorf() betterDaniel Stenberg
Change series of error outputs to use errorf(). Only errors that are due to mistakes in command line option usage should use helpf(), other types of errors in the tool should rather use errorf(). Closes #4691
2019-12-09tests: make it possible to set executable extensionsMarc Hoersken
This enables the use of Windows Subsystem for Linux (WSL) to run the testsuite against Windows binaries while using Linux servers. This commit introduces the following environment variables: - CURL_TEST_EXE_EXT: set the executable extension for all components - CURL_TEST_EXE_EXT_TOOL: set it for the curl tool only - CURL_TEST_EXE_EXT_SSH: set it for the SSH tools only Later testcurl.pl could be adjusted to make use of those variables. - CURL_TEST_EXE_EXT_SRV: set it for the test servers only (This is one of several commits to support use of WSL for the tests.) Closes https://github.com/curl/curl/pull/3899
2019-12-09tests: fix permissions of ssh keys in WSLMarc Hoersken
Keys created on Windows Subsystem for Linux (WSL) require it for some reason. (This is one of several commits to support use of WSL for the tests.) Ref: https://github.com/curl/curl/pull/3899
2019-12-09tests: use \r\n for log messages in WSLMarc Hoersken
Bash in Windows Subsystem for Linux (WSL) requires it for some reason. (This is one of several commits to support use of WSL for the tests.) Ref: https://github.com/curl/curl/pull/3899
2019-12-09winbuild: Define CARES_STATICLIB when WITH_CARES=staticandrew_ishchuk
When libcurl is built with MODE=static, c-ares is forced into static linkage too. That doesn't happen when MODE=dll so linker would break over undefined symbols. closes https://github.com/curl/curl/pull/4688
2019-12-09conn: always set bits.close with connclose()Daniel Stenberg
Closes #4690
2019-12-09cirrus: enable clang sanitizers on freebsd 13Daniel Stenberg
2019-12-09conncache: fix multi-thread use of shared connection cacheDaniel Stenberg
It could accidentally let the connection get used by more than one thread, leading to double-free and more. Reported-by: Christopher Reid Fixes #4544 Closes #4557
2019-12-09azure: add a vanilla macos buildDaniel Stenberg
Closes #4685
2019-12-06curl: make the etag load logic work without fseekDaniel Stenberg
The fseek()s were unnecessary and caused Coverity warning CID 1456554 Closes #4681
2019-12-06mailmap: Mohammad HasbiniDaniel Stenberg
2019-12-06docs: fix some typosmhasbini
Closes #4680
2019-12-06RELEASE-NOTES: syncedDaniel Stenberg
2019-12-05lib: fix some loose ends for recently added CURLSSLOPT_NO_PARTIALCHAINJay Satiro
Add support for CURLSSLOPT_NO_PARTIALCHAIN in CURLOPT_PROXY_SSL_OPTIONS and OS400 package spec. Also I added the option to the NameValue list in the tool even though it isn't exposed as a command-line option (...yet?). (NameValue stringizes the option name for the curl cmd -> libcurl source generator) Follow-up to 564d88a which added CURLSSLOPT_NO_PARTIALCHAIN. Ref: https://github.com/curl/curl/pull/4655
2019-12-05setopt: Fix ALPN / NPN user option when built without HTTP2Jay Satiro
- Stop treating lack of HTTP2 as an unknown option error result for CURLOPT_SSL_ENABLE_ALPN and CURLOPT_SSL_ENABLE_NPN. Prior to this change it was impossible to disable ALPN / NPN if libcurl was built without HTTP2. Setting either option would result in CURLE_UNKNOWN_OPTION and the respective internal option would not be set. That was incorrect since ALPN and NPN are used independent of HTTP2. Reported-by: Shailesh Kapse Fixes https://github.com/curl/curl/issues/4668 Closes https://github.com/curl/curl/pull/4672
2019-12-05etag: allow both --etag-compare and --etag-save in same cmdlineDaniel Stenberg
Fixes #4669 Closes #4678
2019-12-05curl_setup: fix `CURLRES_IPV6` conditionMarcel Raad
Move the definition of `CURLRES_IPV6` to before undefining `HAVE_GETADDRINFO`. Regression from commit 67a08dca27a which caused some tests to fail and others to be skipped with c-ares. Fixes https://github.com/curl/curl/issues/4673 Closes https://github.com/curl/curl/pull/4677
2019-12-05test342: make it return a 304 as the tag matchesDaniel Stenberg
2019-12-04CMake: add support for building with the NSS vtls backendPeter Wu
Options are cross-checked with configure.ac and acinclude.m4. Tested on Arch Linux, untested on other platforms like Windows or macOS. Closes #4663 Reviewed-by: Kamil Dudka
2019-12-04azure: add more buildsDaniel Stenberg
... removed two from travis (that now runs on azure instead) Closes #4671
2019-12-04CURLOPT_VERBOSE.3: see also ERRORBUFFERDaniel Stenberg
2019-12-03hostip4.c: bump copyright year rangeDaniel Stenberg
2019-12-03configure: enable IPv6 support without `getaddrinfo`Marcel Raad
This makes it possible to recognize and connect to literal IPv6 addresses when `getaddrinfo` is not available, which is already the case for the CMake build. This affects e.g. classic MinGW because it still targets Windows 2000 by default, where `getaddrinfo` is not available, but general IPv6 support is. Instead of checking for `getaddrinfo`, check for `sockaddr_in6` as the CMake build does. Closes https://github.com/curl/curl/pull/4662
2019-12-03curl_setup: disable IPv6 resolver without `getaddrinfo`Marcel Raad
Also, use `CURLRES_IPV6` only for actual DNS resolution, not for IPv6 address support. This makes it possible to connect to IPv6 literals by setting `ENABLE_IPV6` even without `getaddrinfo` support. It also fixes the CMake build when using the synchronous resolver without `getaddrinfo` support. Closes https://github.com/curl/curl/pull/4662
2019-12-03github action/azure pipeline: run 'make test-nonflaky' for testsDaniel Stenberg
To match travis and give more info on failures.
2019-12-03openssl: CURLSSLOPT_NO_PARTIALCHAIN can disable partial cert chainsDaniel Stenberg
Closes #4655
2019-12-03openssl: set X509_V_FLAG_PARTIAL_CHAINDaniel Stenberg
Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA certificates are. This allows users to verify servers using the intermediate cert only, instead of needing the whole chain. Other TLS backends already accept partial chains. Reported-by: Jeffrey Walton Bug: https://curl.haxx.se/mail/lib-2019-11/0094.html
2019-12-03curl: show better error message when no homedir is foundDaniel Stenberg
Reported-by: Vlastimil Ovčáčík Fixes #4644 Closes #4665
2019-12-03OPENSOCKETFUNCTION.3: correct the purpose descriptionDaniel Stenberg
Reported-by: Jeff Mears Bug: https://curl.haxx.se/mail/lib-2019-12/0007.html Closes #4667
2019-12-03travis: do not use OVERRIDE_CC or OVERRIDE_CXX if emptyPeter Wu
Fixes the macOS builds where OVERRIDE_CC and OVERRIDE_CXX are not set. Reported-by: Jay Satiro Fixes #4659 Closes #4661 Closes #4664
2019-12-02azure-pipelines: fix the test scriptDaniel Stenberg