aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-09-07curl: whitelist use of strtok() in non-threaded contextDaniel Stenberg
2016-09-07checksrc: detect strtok() useDaniel Stenberg
... as that function slipped through once before.
2016-09-07mk-ca-bundle.pl: use SHA256 instead of SHA1Viktor Szakats
This hash is used to verify the original downloaded certificate bundle and also included in the generated bundle's comment header. Also rename related internal symbols to algorithm-agnostic names.
2016-09-07RELEASE-NOTES: curl 7.50.2 releaseDaniel Stenberg
2016-09-07THANKS: updated for 7.50.2Daniel Stenberg
2016-09-06openssl: fix CURLINFO_SSL_VERIFYRESULTGaurav Malhotra
CURLINFO_SSL_VERIFYRESULT does not get the certificate verification result when SSL_connect fails because of a certificate verification error. This fix saves the result of SSL_get_verify_result so that it is returned by CURLINFO_SSL_VERIFYRESULT. Closes https://github.com/curl/curl/pull/995
2016-09-06darwinssl: test for errSecSuccess in PKCS12 import rather than noErr (#993)Daniel Gustafsson
While noErr and errSecSuccess are defined as the same value, the API documentation states that SecPKCS12Import() returns errSecSuccess if there were no errors in importing. Ensure that a future change of the defined value doesn't break (however unlikely) and be consistent with the API docs.
2016-09-06docs: Fix link to CONTRIBUTE in Github contribution guidelines (#994)Daniel Gustafsson
2016-09-05openssl: Fix compilation with OPENSSL_API_COMPAT=0x10100000LMarcel Raad
With OPENSSL_API_COMPAT=0x10100000L (OpenSSL 1.1 API), the cleanup functions are unavailable (they're no-ops anyway in OpenSSL 1.1). The replacements for SSL_load_error_strings, SSLeay_add_ssl_algorithms, and OpenSSL_add_all_algorithms are called automatically [1][2]. SSLeay() is now called OpenSSL_version_num(). [1]: https://www.openssl.org/docs/man1.1.0/ssl/OPENSSL_init_ssl.html [2]: https://www.openssl.org/docs/man1.1.0/crypto/OPENSSL_init_crypto.html Closes #992
2016-09-05RELEASE-NOTES: synced with 3d4c0c8b9bc1dDaniel Stenberg
2016-09-05http2: return EOF when done uploading without known sizeDaniel Stenberg
Fixes #982
2016-09-05http2: skip the content-length parsing, detect unknown sizeDaniel Stenberg
2016-09-05http2: minor white space editDaniel Stenberg
2016-09-05http2: use named define instead of magic constant in read callbackDaniel Stenberg
2016-09-05configure: make the cpp -P detection not clobber CPPFLAGSCraig Davison
CPPPFLAGS is now CPPPFLAG. Fixes CURL_CHECK_DEF. Fixes #958
2016-09-04speed caps: not based on average speeds anymoreOlivier Brunel
Speed limits (from CURLOPT_MAX_RECV_SPEED_LARGE & CURLOPT_MAX_SEND_SPEED_LARGE) were applied simply by comparing limits with the cumulative average speed of the entire transfer; While this might work at times with good/constant connections, in other cases it can result to the limits simply being "ignored" for more than "short bursts" (as told in man page). Consider a download that goes on much slower than the limit for some time (because bandwidth is used elsewhere, server is slow, whatever the reason), then once things get better, curl would simply ignore the limit up until the average speed (since the beginning of the transfer) reached the limit. This could prove the limit useless to effectively avoid using the entire bandwidth (at least for quite some time). So instead, we now use a "moving starting point" as reference, and every time at least as much as the limit as been transferred, we can reset this starting point to the current position. This gets a good limiting effect that applies to the "current speed" with instant reactivity (in case of sudden speed burst). Closes #971
2016-09-03HISTORY.md: the multi socket was put in the wrong year!Daniel Stenberg
2016-09-03tool_helpers.c: fix comment typo (#989)Mark Hamilton
2016-09-03libtest/test.h: fix typo (#988)Mark Hamilton
2016-09-01CURLMOPT_PIPELINING.3: languageDaniel Stenberg
2016-09-01CURLMOPT_PIPELINING.3: extended and clarifiedDaniel Stenberg
Especially in regards to the multiplexing part.
2016-08-31curl_sspi.c: Updated function description commentsSteve Holme
* Added description to Curl_sspi_free_identity() * Added parameter and return explanations to Curl_sspi_global_init() * Added parameter explaination to Curl_sspi_global_cleanup()
2016-08-31README: Corrected the supported Visual Studio versionsSteve Holme
Missed from commit 8356022d17.
2016-08-31KNOWN_BUGS: Move the Visual Studio project shortcomings from local READMESteve Holme
2016-08-31KNOWN_BUGS: Expand 6.4 to include Kerberos V5Steve Holme
...and discuss a possible solution.
2016-08-30connect: fix #ifdefs for debug versions of conn/streamclose() macrosDaniel Stenberg
CURLDEBUG is for the memory debugging DEBUGBUILD is for the extra debug stuff Pointed-out-by: Steve Holme
2016-08-29KNOWN_BUGS: mention some cmake "support gaps"Daniel Stenberg
2016-08-28darwinssl: add documentation stating that the --cainfo option is intended ↵Nick Zitzmann
for backward compatibility only In other news, I changed one other reference to "Mac OS X" in the documentation (that I previously wrote) to say "macOS" instead.
2016-08-28http2: return CURLE_HTTP2_STREAM for unexpected stream closeDaniel Stenberg
Follow-up to c3e906e9cd0f, seems like a more appropriate error code Suggested-by: Jay Satiro
2016-08-28http2: handle closed streams when uploadingTatsuhiro Tsujikawa
Fixes #986
2016-08-28http2: make sure stream errors don't needlessly close the connectionDaniel Stenberg
With HTTP/2 each transfer is made in an indivial logical stream over the connection, making most previous errors that caused the connection to get forced-closed now instead just kill the stream and not the connection. Fixes #941
2016-08-27Curl_verify_windows_version: minor edit to avoid compiler warningsDaniel Stenberg
... instead of if() before the switch(), add a default to the switch so that the compilers don't warn on "warning: enumeration value 'PLATFORM_DONT_CARE' not handled in switch" anymore.
2016-08-27RELEASE-NOTES: Added missing fix from commit 15592143fSteve Holme
2016-08-26schannel: Disable ALPN for Wine since it is causing problemsJay Satiro
- Disable ALPN on Wine. - Don't pass input secbuffer when ALPN is disabled. When ALPN support was added a change was made to pass an input secbuffer to initialize the context. When ALPN is enabled the buffer contains the ALPN information, and when it's disabled the buffer is empty. In either case this input buffer caused problems with Wine and connections would not complete. Bug: https://github.com/curl/curl/issues/983 Reported-by: Christian Fillion
2016-08-26nss: work around race condition in PK11_FindSlotByName()Peter Wang
Serialise the call to PK11_FindSlotByName() to avoid spurious errors in a multi-threaded environment. The underlying cause is a race condition in nssSlot_IsTokenPresent(). Bug: https://bugzilla.mozilla.org/1297397 Closes #985
2016-08-26nss: refuse previously loaded certificate from fileKamil Dudka
... when we are not asked to use a certificate from file
2016-08-26ftp_done: remove dead codeDaniel Stenberg
2016-08-26TLS: random file/egd doesn't have to match for conn reuseDaniel Stenberg
2016-08-26test161: add comment for the exit codeDaniel Stenberg
2016-08-26test219: Add http as a required featureDan Fandrich
2016-08-25HTTP: stop parsing headers when switching to unknown protocolsMichael Kaufmann
- unknown protocols probably won't send more headers (e.g. WebSocket) - improved comments and moved them to the correct case statements Closes #899
2016-08-25openssl: make build with 1.1.0 againDaniel Stenberg
synced with OpenSSL git master commit cc06906707
2016-08-25INTERNALS: fix titleDaniel Stenberg
2016-08-25configure: detect zlib with our pkg-config macrosDaniel Stenberg
... instead of relying on the pkg-config autoconf macros to be present. Fixes #972 (again...)
2016-08-25http2: Remove incorrect commentsJay Satiro
.. also remove same from scp
2016-08-23ftp: fix wrong poll on the secondary socketAles Novak
When we're uploading using FTP and the server issues a tiny pause between opening the connection to the client's secondary socket, the client's initial poll() times out, which leads to second poll() which does not wait for POLLIN on the secondary socket. So that poll() also has to time out, creating a long (200ms) pause. This patch adds the correct flag to the secondary socket, making the second poll() correctly wait for the connection there too. Signed-off-by: Ales Novak <alnovak@suse.cz> Closes #978
2016-08-22RELEASE-NOTES: synced with 95ded2c56Daniel Stenberg
2016-08-21configure: make it work without PKG_CHECK_MODULESDaniel Stenberg
With commit c2f9b78 we added a new dependency on pkg-config for developers which may be unwanted. This change make the configure script still work as before if pkg-config isn't installed, it'll just use the old zlib detection logic without pkg-config. Reported-by: Marc Hörsken Fixes #972
2016-08-21Revert "KNOWN_BUGS: SOCKS proxy not working via IPv6"Marc Hoersken
This reverts commit 9cb1059f92286a6eb5d28c477fdd3f26aed1d554. As discussed in #835 SOCKS5 supports IPv6 proxies and destinations.
2016-08-21win: Basic support for Universal Windows Platform appsMarco Deckel
Closes #820