| Age | Commit message (Collapse) | Author |
|---|
|
The check for if -ldl is needed to build with (a statically built)
openssl was broken. This repairs the check, and adds a check for
-lpthread as well since OpenSSL 1.1.0+ does in fact require -lpthread so
only adding -ldl for a static openssl build is no longer enough.
Reported-by: Jay Satiro
Ref: #1426
Closes #1427
|
|
Pointed-it-by: Kevin Ji
URL: https://github.com/curl/curl/commit/cbae73e1dd95946597ea74ccb580c30f78e3fa73#commitcomment-21872622
|
|
- Track when the cached encrypted data contains only a partial record
that can't be decrypted without more data (SEC_E_INCOMPLETE_MESSAGE).
- Change Curl_schannel_data_pending to return false in such a case.
Other SSL libraries have pending data functions that behave similarly.
Ref: https://github.com/curl/curl/pull/1387
Closes https://github.com/curl/curl/pull/1392
|
|
`if(nfds || extra_nfds) {` is followed by `malloc(nfds * ...)`.
If `extra_fs` could be non-zero when `nfds` was zero, then we have
`malloc(0)` which is allowed to return `NULL`. But, malloc returning
NULL can be confusing. In this code, the next line would treat the NULL
as an allocation failure.
It turns out, if `nfds` is zero then `extra_nfds` must also be zero.
The final value of `nfds` includes `extra_nfds`. So the test for
`extra_nfds` is redundant. It can only confuse the reader.
Closes #1439
|
|
With -Og, GCC complains:
easy.c:628:7: error: ‘mcode’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
../lib/strcase.h:35:29: error: ‘tok_buf’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
vauth/digest.c:208:9: note: ‘tok_buf’ was declared here
../lib/strcase.h:35:29: error: ‘tok_buf’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
vauth/digest.c:566:15: note: ‘tok_buf’ was declared here
Fix this by initializing the variables.
|
|
This reduces the binary size and fixes a compile warning.
|
|
The 'list element' struct now has to be within the data that is being
added to the list. Removes 16.6% (tiny) mallocs from a simple HTTP
transfer. (96 => 80)
Also removed return codes since the llist functions can't fail now.
Test 1300 updated accordingly.
Closes #1435
|
|
All the callbacks passed to curl_easy_setopt are defined as function
pointers. The possibility to pass both functions and function pointers
was handled for the callbacks that typecheck-gcc.h defined as
compatible, but not for the public callback types themselves.
This makes all compatible callback types defined in typecheck-gcc.h
function pointers too and checks all functions uniformly with
_curl_callback_compatible, which handles both functions and function
pointers.
A symptom of the problem was a warning in tool_operate.c with
--disable-libcurl-option and without --enable-debug as that file
passes the callback functions to curl_easy_setopt directly.
Fixes https://github.com/curl/curl/issues/1403
Closes https://github.com/curl/curl/pull/1404
|
|
In that case, use libcurl's internal MD4 routine. This fixes tests 1013
and 1014 which were failing due to configure assuming NTLM and SMB were
always available whenever mbed TLS was in use (which is now true).
|
|
|
|
... when failing to get the server certificate.
|
|
This reverts commit 5b4cbcf11d5100ff793a8e9edbaa6fe1fc7495f5.
Since it broke out-of-tree builds from tarballs. See discussion in #1432
|
|
|
|
... since apparently "BSD make" doesn't support it.
Reported-by: Thomas Klausner
Fixes #1432
|
|
|
|
|
|
This fixes 3 warnings issued by MinGW:
1. PR_ImportTCPSocket actually has a paramter of type PROsfd instead of
PRInt32, which is 64 bits on Windows. Fixed this by including the
corresponding header file instead of redeclaring the function, which is
supported even though it is in the private include folder. [1]
2. In 64-bit mode, size_t is 64 bits while CK_ULONG is 32 bits, so an explicit
narrowing cast is needed.
3. Curl_timeleft returns time_t instead of long since commit
21aa32d30dbf319f2d336e0cb68d3a3235869fbb.
[1] https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSPR/Reference/PR_ImportTCPSocket
Closes https://github.com/curl/curl/pull/1393
|
|
Move the sessionid flag to ssl_primary_config so that ssl and proxy_ssl
will each have their own sessionid flag.
Regression since HTTPS-Proxy support was added in cb4e2be. Prior to that
this issue had been fixed in 247d890, CVE-2016-5419.
Bug: https://github.com/curl/curl/issues/1341
Reported-by: lijian996@users.noreply.github.com
The new incarnation of this bug is called CVE-2017-7468 and is documented
here: https://curl.haxx.se/docs/adv_20170419.html
|
|
X.509 certificates carry public keys, not private keys. Fields
corresponding to the private half of the key will always be NULL.
Closes #1425
|
|
ERR_error_string with NULL parameter is not thread-safe. The library
writes the string into some static buffer. Two threads doing this at
once may clobber each other and run into problems. Switch to
ERR_error_string_n which avoids this problem and is explicitly
bounds-checked.
Also clean up some remnants of OpenSSL 0.9.5 around here. A number of
comments (fixed buffer size, explaining that ERR_error_string_n was
added in a particular version) date to when ossl_strerror tried to
support pre-ERR_error_string_n OpenSSLs.
Closes #1424
|
|
Rather than making assumptions about the values, use a switch-case.
Closes #1424
|
|
A few random typos, and minor whitespace cleanups, found in comments
while reading code.
Closes #1423
|
|
This makes test 1135 pass with CRLF checkouts.
Ref: https://github.com/curl/curl/pull/1344#issuecomment-289243166
Closes https://github.com/curl/curl/pull/1422
|
|
Ignore everything after the version numbers in LIBCURL_VERSION and
LIBCURL_VERSION_NUM to ged rid of the extra CR character.
This makes tests 1022 and 1023 pass on Linux with a CRLF checkout.
Ref: https://github.com/curl/curl/pull/1344#issuecomment-289243166
Closes https://github.com/curl/curl/pull/1422
|
|
Bash on Linux errors out on CR characters.
This makes tests 1221 and 1222 pass on Linux with a CRLF checkout.
Ref: https://github.com/curl/curl/pull/1344#issuecomment-289243166
Closes https://github.com/curl/curl/pull/1422
|
|
MinGW-w64 complains:
warning: conversion to 'long int' from 'time_t {aka long long int}' may
alter its value [-Wconversion]
Fix this by using the correct type.
|
|
|
|
Add missing newhandle free call in push_promise().
Closes #1416
|
|
Add missing our_ssl_sessionid free call in mbed_connect_step3().
Closes #1417
|
|
This adds -Werror-implicit-function-declaration for GCC 2.95+ so that
these errors are visible at the point where they occur instead of only
at link time.
Implicit function declarations are illegal in C99 and C++ anyway, and
the same warning has been turned into an error for ICC in commit
3072c5b8a127057aa922b7c51051bbb4a630b091.
Ref: https://gcc.gnu.org/onlinedocs/gcc-2.95.2/gcc_2.html#SEC8
Ref: https://curl.haxx.se/mail/lib-2017-04/0001.html
Closes https://github.com/curl/curl/pull/1419
|
|
Ref: https://github.com/curl/curl/issues/1408
Closes https://github.com/curl/curl/pull/1412
|
|
Follow-up to aa573c3c55cda72ec5ef677d87f6f46a53385f0c
Ref: https://github.com/curl/curl/pull/1406
|
|
If the existing timer is still in there but has expired, the new timer
should be added.
Reported-by: Rainer Canavan
Bug: https://curl.haxx.se/mail/lib-2017-04/0030.html
Closes #1407
|
|
Reported-by: Marcel Raad
Fixes #1408
Closes #1409
|
|
ssl_session_init was only introduced in version 1.3.8, the penultimate
version. The function only contains a memset, so replace it with that.
Suggested-by: Jay Satiro
Fixes https://github.com/curl/curl/issues/1401
|
|
The POSIX standard location is <poll.h>. Using <sys/poll.h> results in
warning spam when using the musl standard library.
Closes https://github.com/curl/curl/pull/1406
|
|
Closes #1402
|
|
... because they may include an intermediate certificate for a client
certificate and the intermediate certificate needs to be presented to
the server, no matter if we verify the peer or not.
Reported-by: thraidh
Closes #851
|
|
|
|
|
|
Reported-by: Alex Bligh
Bug: https://curl.haxx.se/mail/lib-2017-04/0044.html
|
|
Issues and PRs with no activity for 180 days will get marked as stale,
and if no further activity happens within 14 more days, the issue gets
closed.
This follows our established policy of not letting stalled bugs "get in
the way": https://curl.haxx.se/docs/bugs.html#Closing_off_stalled_bugs
Closes #1398
|
|
- Change documented param type to char ** from incorrect long *.
|
|
--without-ssl is needed instead of --with-winssl.
|
|
... by moving the variables into the correct #ifdef block.
|
|
|
|
Closes #1397
|
|
When UNICODE is not defined, the Curl_convert_UTF8_to_tchar macro maps
directly to its argument. As it is declared as a pointer to const and
InitializeSecurityContext expects a pointer to non-const, both MSVC and MinGW
issue a warning about implicitly casting away the const. Fix this by declaring
the variables as pointers to non-const.
Closes https://github.com/curl/curl/pull/1394
|
|
Reported-by: Carsten (talksinmath)
Fixes #1384
Closes #1395
|
|
Curl_timeleft returns time_t instead of long since commit
21aa32d30dbf319f2d336e0cb68d3a3235869fbb.
|
