Age | Commit message (Collapse) | Author |
|
- Use memcpy instead of strncpy to copy a string without termination,
since gcc8 warns about using strncpy to copy as many bytes from a
string as its length.
Suggested-by: Viktor Szakats
Closes https://github.com/curl/curl/issues/2980
|
|
Closes #2967
|
|
This example is simply not working correctly but there's nobody around
with the skills and energy to fix it.
Closes #2407
|
|
... to reflect the changes in 6015cefb1b2cfde4b4850121c42405275e5e77d9
Closes #2955
|
|
Closes #2948
|
|
Rather than jumping backwards to where failure cleanup happens
to be performed, move the failure case to end of the function
where it is expected per existing coding convention.
Closes #2965
|
|
Closes #2963
|
|
If the formatting fails, we error out on a fatal error and
clean up on the way out. The array was however freed within
the wrong scope and was thus never freed in case the cookies
were written to a file instead of STDOUT.
Closes #2957
|
|
Expired cookies have already been purged at a later expiration time
before this check, so remove the redundant check.
closes #2962
|
|
Exit the realloc() loop if the response turns out ridiculously large to
avoid worse problems.
Reported-by: Harry Sintonen
Closes #2959
|
|
Closes #2960
|
|
Coverity CID 1439134
|
|
|
|
The expected error code is now 60. 51 is dead.
|
|
|
|
|
|
See header file and man pages for API. All documented API details work
and are tested in the 1560 test case.
Closes #2842
|
|
... including the associated option.
Fixes #2951
Closes #2952
|
|
Add functionality so that protocols can do custom keepalive on their
connections, when an external API function is called.
Add docs for the new options in 7.62.0
Closes #1641
|
|
Sometimes it may be considered a security risk to load an external
OpenSSL configuration automatically inside curl_global_init(). The
configuration option --disable-ssl-auto-load-config disables this
automatism. The Windows build scripts winbuild/Makefile.vs provide a
corresponding option ENABLE_SSL_AUTO_LOAD_CONFIG accepting a boolean
value.
Setting neither of these options corresponds to the previous behavior
loading the external OpenSSL configuration automatically.
Fixes #2724
Closes #2791
|
|
The gcc typecheck macros and coverity combined made it warn on the 2nd
argument for ERROR_CHECK_SETOPT(). Here's minor rearrange to please it.
Coverity CID 1439115 and CID 1439114.
|
|
SEC_E_APPLICATION_PROTOCOL_MISMATCH isn't defined in some versions of
mingw and would require an ifdef otherwise.
Reported-by: Thomas Glanzmann
Approved-by: Marc Hörsken
Bug: https://curl.haxx.se/mail/lib-2018-09/0020.html
Closes #2950
|
|
... and add "MAILINDEX".
As described in #2789, this is a suggested solution. Changing UID=xx to
actually get mail with UID xx and add "MAILINDEX" to get a mail with a
special index in the mail box (old behavior). So MAILINDEX=1 gives the
first non deleted mail in the mail box.
Fixes #2789
Closes #2815
|
|
This is step 3 of #2888.
Fixes #2888
Closes #2896
|
|
|
|
|
|
|
|
Closes #2668
|
|
Long live CURLE_PEER_FAILED_VERIFICATION
|
|
CURLE_PEER_FAILED_VERIFICATION makes more sense because Curl_parseX509
does not allocate memory internally as its first argument is a pointer
to the certificate structure. The same error code is also returned by
Curl_verifyhost when its call to Curl_parseX509 fails so the change
makes error handling more consistent.
|
|
Failure to extract the issuer name from the server certificate should
return a more specific error code like on other TLS backends.
|
|
Closes #2901
|
|
Closes #2901
|
|
Disable the CURLOPT_DNS_USE_GLOBAL_CACHE option and mark it for
deprecation and complete removal in six months.
Bug: https://curl.haxx.se/mail/lib-2018-09/0010.html
Closes #2942
|
|
Closes #2709
|
|
Starting 7.62.0, multiplexing is enabled by default in multi handles.
|
|
Approved-by: Daniel Gustafsson
Closes #2937
|
|
makes it not run in the CI builds
Closes #2941
|
|
Transparently. The related curl_multi_setopt() options all still returns
OK when pipelining is selected.
To re-enable the support, the single line change in lib/multi.c needs to
be reverted.
See docs/DEPRECATE.md
Closes #2705
|
|
|
|
|
|
|
|
Since scan-build would warn on the dead "Dead store/Dead increment"
|
|
|
|
Fixes #2939
Closes #2940
|
|
This is a follow-up to PR #2607 and PR #2926.
Closes #2936
|
|
- Treat 408 request timeout as transient so that curl will retry the
request if --retry was used.
Closes #2925
|
|
The flag indicating TLS 1.3 cipher support in the OpenSSL backend was
missing.
Bug: https://github.com/curl/curl/pull/2607#issuecomment-417283187
Reported-by: Kamil Dudka
Closes #2926
|
|
... since it would cause an integer overflow if longer than (max size_t
/ 2).
This is CVE-2018-14618
Bug: https://curl.haxx.se/docs/CVE-2018-14618.html
Closes #2756
Reported-by: Zhaoyang Wu
|
|
Closes #2928
|