aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-02-21TLS: make SSL_VERIFYSTATUS work againDaniel Stenberg
The CURLOPT_SSL_VERIFYSTATUS option was not properly handled by libcurl and thus even if the status couldn't be verified, the connection would be allowed and the user would not be told about the failed verification. Regression since cb4e2be7c6d42ca CVE-2017-2629 Bug: https://curl.haxx.se/docs/adv_20170222.html Reported-by: Marcus Hoffmann
2017-02-21digest_sspi: Handle 'stale=TRUE' directive in HTTP digestJay Satiro
- If the server has provided another challenge use it as the replacement input token if stale=TRUE. Otherwise previous credentials have failed so return CURLE_LOGIN_DENIED. Prior to this change the stale directive was ignored and if another challenge was received it would cause error CURLE_BAD_CONTENT_ENCODING. Ref: https://tools.ietf.org/html/rfc2617#page-10 Bug: https://github.com/curl/curl/issues/928 Reported-by: tarek112@users.noreply.github.com
2017-02-20smb: use getpid replacement for windows UWP buildsDaniel Stenberg
Source: https://github.com/Microsoft/vcpkg/blob/7676b8780db1e1e591c4fc7eba4f96f73c428cb4/ports/curl/0002_fix_uwp.patch
2017-02-20TODO: CURLOPT_RESOLVE for any port numberDaniel Stenberg
Closes #1264
2017-02-20RELEASE-NOTES: synced with af30f1152d43dcdbDaniel Stenberg
2017-02-20sftp: improved checks for create dir failuresJean Gressmann
Since negative values are errors and not only -1. This makes SFTP upload with --create-dirs work (again). Closes #1269
2017-02-20digest_sspi: Fix nonce-count generation in HTTP digestMax Khon
- on the first invocation: keep security context returned by InitializeSecurityContext() - on subsequent invocations: use MakeSignature() instead of InitializeSecurityContext() to generate HTTP digest response Bug: https://github.com/curl/curl/issues/870 Reported-by: Andreas Roth Closes https://github.com/curl/curl/pull/1251
2017-02-20examples/multi-uv: checksrc complianceJay Satiro
2017-02-19string formatting: fix 4 printf-style format stringsMichael Kaufmann
2017-02-18tests: removed the obsolete name parameterDan Fandrich
2017-02-18speed caps: update the timeouts if the speed is too low/highMichael Kaufmann
Follow-up to 4b86113 Fixes https://github.com/curl/curl/issues/793 Fixes https://github.com/curl/curl/issues/942
2017-02-18docs: fix timeout handling in multi-uv exampleMichael Kaufmann
2017-02-18proxy: fix hostname resolution and IDN conversionMichael Kaufmann
Properly resolve, convert and log the proxy host names. Support the "--connect-to" feature for SOCKS proxies and for passive FTP data transfers. Follow-up to cb4e2be Reported-by: Jay Satiro Fixes https://github.com/curl/curl/issues/1248
2017-02-17http: fix missing 'Content-Length: 0' while negotiating authIsaac Boukris
- While negotiating auth during PUT/POST if a user-specified Content-Length header is set send 'Content-Length: 0'. This is what we do already in HTTPREQ_POST_FORM and what we did in the HTTPREQ_POST case (regression since afd288b). Prior to this change no Content-Length header would be sent in such a case. Bug: https://curl.haxx.se/mail/lib-2017-02/0006.html Reported-by: Dominik Hölzl Closes https://github.com/curl/curl/pull/1242
2017-02-16winbuild: add note on auto-detection of MACHINE in Makefile.vcSimon Warta
Closes #1265
2017-02-16RELEASE-PROCEDURE: update the upcoming release calendarDaniel Stenberg
2017-02-15TODO: consider file name from the redirected URL with -O ?Daniel Stenberg
It isn't easily solved, but with some thinking someone could probably come up with a working approach? Closes #1241
2017-02-15tool_urlglob: Allow a glob range with the same start and stopJay Satiro
For example allow ranges like [1-1] and [a-a] etc. Regression since 5ca96cb. Bug: https://github.com/curl/curl/issues/1238 Reported-by: R. Dennis Steed
2017-02-15axtls: adapt to API changesDaniel Stenberg
Builds with axTLS 2.1.2. This then also breaks compatibility with axTLS < 2.1.0 (the older API) ... and fix the session_id mixup brought in 04b4ee549 Fixes #1220
2017-02-14RELEASE-NOTES: synced with 690935390c29cDaniel Stenberg
2017-02-14curl: fix typo in time condition warning messageNick Draffen
The warning message had a typo. The argument long form is --time-cond not --timecond Closes #1263
2017-02-14smb: code indentDaniel Stenberg
2017-02-14configure: Allow disabling pthreads, fall back on Win32 threadsJay Satiro
When the threaded resolver option is specified for configure the default thread library is pthreads. This change makes it possible to --disable-pthreads and then configure can fall back on Win32 threads for native Windows builds. Closes https://github.com/curl/curl/pull/1260
2017-02-13http2: fix memory-leak when denying push streamsDaniel Stenberg
Reported-by: zelinchen@users.noreply.github.com Fixes #1229
2017-02-11tool_operate: Show HTTPS-Proxy options on CURLE_SSL_CACERTJay Satiro
When CURLE_SSL_CACERT occurs the tool shows a lengthy error message to the user explaining possible solutions such as --cacert and --insecure. This change appends to that message similar options --proxy-cacert and --proxy-insecure when there's a specified HTTPS proxy. Closes https://github.com/curl/curl/issues/1258
2017-02-10cmdline-opts/page-footer: ftp.sunet.se is no longer an FTP mirrorDaniel Stenberg
2017-02-10URL: only accept ";options" in SMTP/POP3/IMAP URL schemesDaniel Stenberg
Fixes #1252
2017-02-09cmdline-opts/socks*: Mention --preproxy in --socks* optsJay Satiro
- Document in --socks* opts they're still mutually exclusive of --proxy. Partial revert of 423a93c; I had misinterpreted the SOCKS proxy + HTTP/HTTPS proxy combination. - Document in --socks* opts that --preproxy can be used to specify a SOCKS proxy at the same time --proxy is used with an HTTP/HTTPS proxy.
2017-02-09CURLOPT_SSL_VERIFYPEER.3: also the https proxy versionDaniel Stenberg
2017-02-09nss: make FTPS work with --proxytunnelKamil Dudka
If the NSS code was in the middle of a non-blocking handshake and it was asked to finish the handshake in blocking mode, it unexpectedly continued in the non-blocking mode, which caused a FTPS connection over CONNECT to fail with "(81) Socket not ready for send/recv". Bug: https://bugzilla.redhat.com/1420327
2017-02-09examples/multithread.c: link to our multi-thread docsDaniel Stenberg
... instead of the OpenSSL mutex page.
2017-02-09http_proxy: avoid freeing static memoryDaniel Stenberg
Follow up to 7fe81ec298e0: make sure 'host' is either NULL or malloced.
2017-02-09http_proxy: Fix tiny memory leak upon edge case connecting to proxyCameron MacMinn
Fixes #1255
2017-02-08polarssl, mbedtls: Fix detection of pending dataMichael Kaufmann
Reported-by: Dan Fandrich Bug: https://curl.haxx.se/mail/lib-2017-02/0032.html
2017-02-07test1139: Added the --manual keyword since the manual is requiredDan Fandrich
2017-02-07RELEASE-NOTES: synced with 102454459dd688cDaniel Stenberg
2017-02-07THANKS-filter: polish some recent contributorsDaniel Stenberg
2017-02-07http2: reset push header counter fixes crashDaniel Stenberg
When removing an easy handler from a multi before it completed its transfer, and it had pushed streams, it would segfault due to the pushed counted not being cleared. Fixed-by: zelinchen@users.noreply.github.com Fixes #1249
2017-02-07transfer: only retry nobody-requests for HTTPMarkus Westerlind
Using sftp to delete a file with CURLOPT_NOBODY set with a reused connection would fail as curl expected to get some data. Thus it would retry the command again which fails as the file has already been deleted. Fixes #1243
2017-02-07telnet: Fix typosDaniel Gustafsson
Ref: https://github.com/curl/curl/pull/1245
2017-02-07test552: Fix typosDaniel Gustafsson
Closes https://github.com/curl/curl/pull/1245
2017-02-07darwinssl: Avoid parsing certificates when not in verbose modeDaniel Gustafsson
The information extracted from the server certificates in step 3 is only used when in verbose mode, and there is no error handling or validation performed as that has already been done. Only run the certificate information extraction when in verbose mode and libcurl was built with verbose strings. Closes https://github.com/curl/curl/pull/1246
2017-02-07schannel: Remove incorrect SNI disabled messageJDepooter
- Remove the SNI disabled when host verification disabled message since that is incorrect. - Show a message for legacy versions of Windows <= XP that connections may fail since those versions of WinSSL lack SNI, algorithms, etc. Bug: https://github.com/curl/curl/pull/1240
2017-02-07CHANGES: spell fix, use correct path to scriptDaniel Stenberg
2017-02-07CHANGES.0: removedDaniel Stenberg
This is the previously manually edited changelog, not touched since Aug 2015. Still present in git for those who wants it.
2017-02-06cmdline-opts: Fixed build and test in out of source tree buildsDan Fandrich
2017-02-06use *.sourceforge.io and misc URL updatesViktor Szakats
Ref: https://sourceforge.net/blog/introducing-https-for-project-websites/ Closes: https://github.com/curl/curl/pull/1247
2017-02-06docs: Add more HTTPS proxy documentationJay Satiro
- Document HTTPS proxy type. - Document --write-out %{proxy_ssl_verify_result}. - Document SOCKS proxy + HTTP/HTTPS proxy combination. HTTPS proxy support was added in 7.52.0 for OpenSSL, GnuTLS and NSS. Ref: https://github.com/curl/curl/commit/cb4e2be
2017-02-01OS400: Fix symbolsJay Satiro
- s/CURLOPT_SOCKS_PROXY/CURLOPT_PRE_PROXY Follow-up to 7907a2b and 845522c. - Fix incorrect id for CURLOPT_PROXY_PINNEDPUBLICKEY. - Add id for CURLOPT_ABSTRACT_UNIX_SOCKET. Bug: https://github.com/curl/curl/issues/1237 Reported-by: jonrumsey@users.noreply.github.com
2017-02-01cmake: Support curl --xattr when built with cmakeSean Burford
- Test for and set HAVE_FSETXATTR when support for extended file attributes is present. Closes https://github.com/curl/curl/pull/1176