Age | Commit message (Collapse) | Author |
|
MinGW warns:
/lib/vtls/schannel.c:219:64: warning: signed and unsigned type in
conditional expression [-Wsign-compare]
Fix this by casting the ptrdiff_t to size_t as we know it's positive.
Closes https://github.com/curl/curl/pull/2721
|
|
Original MinGW's w32api has CryptHashData's second parameter as BYTE *
instead of const BYTE *.
Closes https://github.com/curl/curl/pull/2721
|
|
They are not defined in the original MinGW's <wincrypt.h>.
Closes https://github.com/curl/curl/pull/2721
|
|
Otherwise, only part of it gets pulled in through <windows.h> on
original MinGW.
Fixes https://github.com/curl/curl/issues/2361
Closes https://github.com/curl/curl/pull/2721
|
|
When size_t is not a typedef for unsigned long (as usually the case on
Windows), GCC emits -Wformat warnings when using lu and lx format
specifiers with size_t. Silence them with explicit casts to
unsigned long.
Closes https://github.com/curl/curl/pull/2721
|
|
... not the read buffer size, as that can be set smaller and thus cause
a buffer overflow! CVE-2018-0500
Reported-by: Peter Wu
Bug: https://curl.haxx.se/docs/adv_2018-70a2.html
|
|
Closes #2718
|
|
...but GCC users lose out on TLS 1.3 support, since we can't weak-link
enumeration constants.
Fixes #2656
Closes #2703
|
|
Variable 'output_var' is not used and can be removed.
Function 'collect_true' renamed to 'count_true'.
|
|
Closes #2711
|
|
|
|
... because otherwise not everything get closed down correctly.
Fixes #2708
Closes #2712
|
|
Closes #2713
|
|
|
|
Closes #2706
|
|
|
|
|
|
|
|
|
|
|
|
Closes #2704
|
|
telnet.c(1401,28): warning: cast from function call of type 'int' to
non-matching type 'HANDLE' (aka 'void *') [-Wbad-function-cast]
Fixes #2696
Closes #2700
|
|
|
|
Closes #2698
|
|
The code treated the set version as the *exact* version to require in
the TLS handshake, which is not what other TLS backends do and probably
not what most people expect either.
Reported-by: Andreas Olsson
Assisted-by: Gaurav Malhotra
Fixes #2691
Closes #2694
|
|
|
|
Reported-by: Andreas Olsson
Fixes #2692
Closes #2693
|
|
The previous example was a little bit confusing, because SSL* structure
(or other "in use" SSL connection pointer) is not accessible after the
transfer is completed, therefore working with the raw TLS library
specific pointer needs to be done during transfer.
Closes #2690
|
|
... since default uses the threaded one and we test the c-ares build
already.
Closes #2689
|
|
Since it isn't used either and requires the getnameinfo check
Follow-up to 0aeca41702d2
|
|
Closes #2687
|
|
... and trim the threaded Curl_resolver_getsock() to return zero
millisecond wait times during the first three milliseconds so that
localhost or names in the OS resolver cache gets detected and used
faster.
Closes #2685
|
|
The linker is pretty dumb and processes things left to right, keeping a
tally of symbols it hasn't resolved yet. So, we need -ldl to appear
after -lcrypto otherwise the linker won't find the dl functions.
Closes #2684
|
|
|
|
|
|
... it was previously unchecked in two places and thus errors could
remain undetected and cause trouble.
Closes #2681
|
|
|
|
|
|
Follow-up to b6a16afa0aa5
|
|
... to work with longer passwords etc. Grow it from a 256 to a 4096
bytes buffer.
Reported-by: Dario Nieuwenhuis
Fixes #2676
Closes #2680
|
|
Closes #2673
|
|
Fixes #2677
Closes #2679
|
|
Follow-up to 2c15693.
Bug #2674
Closes #2675
|
|
Bug: https://curl.haxx.se/mail/lib-2018-06/0100.html
|
|
This will make possible to select the SSL backend (using
curl_global_sslset()) even when the libcurl is built using CMake
Closes #2665
|
|
By masking sure to use the *current* easy handle with extracted
connections from the cache, and make sure to NULLify the ->data pointer
when the connection is put into the cache to make this mistake easier to
detect in the future.
Reported-by: Will Dietz
Fixes #2669
Closes #2672
|
|
|
|
... run a few more tortured based and run all tests event-based.
Closes #2664
|
|
When the application just started the transfer and then stops it while
the name resolve in the background thread hasn't completed, we need to
wait for the resolve to complete and then cleanup data accordingly.
Enabled test 1553 again and added test 1590 to also check when the host
name resolves successfully.
Detected by OSS-fuzz.
Closes #1968
|
|
Ref: https://github.com/curl/curl/pull/2660
Closes https://github.com/curl/curl/pull/2662
|