aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-02-16header callback: don't chop headers into smaller piecesDaniel Stenberg
Reported-by: Guido Berhoerster Fixes #2314 Closes #2316
2018-02-16test1154: verify that long HTTP headers get rejectedDaniel Stenberg
2018-02-16http: fix the max header length detection logicDaniel Stenberg
Previously, it would only check for max length if the existing alloc buffer was to small to fit it, which often would make the header still get used. Reported-by: Guido Berhoerster Bug: https://curl.haxx.se/mail/lib-2018-02/0056.html Closes #2315
2018-02-16CURLOPT_HEADERFUNCTION.3: fix typo from d939226813Daniel Stenberg
Reported-by: Erik Johansson Bug: https://github.com/curl/curl/commit/d9392268131c1b8d18dec3fa30e0bded833a5db7#commitcomment-27607495
2018-02-16CURLOPT_HEADERFUNCTION.3: mention folded headersDaniel Stenberg
2018-02-16TODO: 1.1 Option to refuse usernames in URLsDaniel Stenberg
Also expanded the CURL_REFUSE_CLEARTEXT section with more ideas.
2018-02-16TODO: 1.7 Support HTTP/2 for HTTP(S) proxiesDaniel Stenberg
2018-02-16ssh: add two missing state namesDaniel Stenberg
The list of state names (used in debug builds) was out of sync in relation to the list of states (used in all builds). I now added an assert to make sure the sizes of the two lists match, to aid in detecting this mistake better in the future. Regression since c92d2e14cf, shipped in 7.58.0. Reported-by: Somnath Kundu Fixes #2312 Closes #2313
2018-02-15Revert "KNOWN_BUGS: 2.5 curl should not offer "ALPN: h2" when using https-proxy"Daniel Stenberg
This reverts commit de9fac00c40db321d44fa6fbab6eb62ec4c83998. Reported-by: Jay Satiro
2018-02-15non-ascii: fix implicit declaration warningJay Satiro
Follow-up to b46cfbc. Caught by Travis CI.
2018-02-15travis: add build with iconv enabledDaniel Stenberg
... to verify it builds and works fine. Ref: https://curl.haxx.se/mail/lib-2017-09/0031.html Closes #1872
2018-02-15TODO: 18.18 retry on network is unreachableDaniel Stenberg
Closes #1603
2018-02-15KNOWN_BUGS: 2.5 curl should not offer "ALPN: h2" when using https-proxyDaniel Stenberg
Closes #1254
2018-02-15nss: use PK11_CreateManagedGenericObject() if availableKamil Dudka
... so that the memory allocated by applications using libcurl does not grow per each TLS connection. Bug: https://bugzilla.redhat.com/1510247 Closes #2297
2018-02-15TODO fixed: Detect when called from within callbacksBjörn Stenberg
Closes #2302
2018-02-14BINDINGS: fix curb link (and remove ruby-curl-multi)Daniel Stenberg
Reported-by: Klaus Stein
2018-02-13curl_gssapi: make sure this file too uses our *printf()Daniel Stenberg
2018-02-13libcurl-security.3: separate file:// sectionDaniel Stenberg
... just to make it more apparent. Even if it repeats some pieces of information.
2018-02-13libcurl-security.3: the http://192.168.0.1/my_router_config caseDaniel Stenberg
Mentioned-By: Rich Moore
2018-02-13libcurl-security.3: mention the URL standards problems tooDaniel Stenberg
2018-02-13libcurl-security.3: split out from libcurl-tutorial.3Daniel Stenberg
To make more accessible. Merged in some new language from "URLs are dangerous things" as discussed on the mailing list a few days ago: Bug: https://curl.haxx.se/mail/lib-2018-02/0013.html
2018-02-13RELEASE-NOTES: synced with e551910f8Daniel Stenberg
2018-02-13tests: new tests for http raw modePatrick Monnerat
Test 319 checks proper raw mode data with non-chunked gzip transfer-encoded server data. Test 326 checks raw mode with chunked server data. Bug: #2303 Closes #2308
2018-02-12tlsauthtype.d: works only if libcurl is built with TLS-SRP supportKamil Dudka
Bug: https://bugzilla.redhat.com/1542256 Closes #2306
2018-02-12smtp: fix processing of initial dot in dataPatrick Monnerat
RFC 5321 4.1.1.4 specifies the CRLF terminating the DATA command should be taken into account when chasing the <CRLF>.<CRLF> end marker. Thus a leading dot character in data is also subject to escaping. Tests 911 and test server are adapted to this situation. New tests 951 and 952 check proper handling of initial dot in data. Closes #2304
2018-02-12sha256: avoid redefineDaniel Stenberg
2018-02-12sha256: build with OpenSSL < 0.9.8 tooDouglas Mencken
support for SHA-2 was introduced in OpenSSL 0.9.8 Closes #2305
2018-02-12README: language fixBruno Grasselli
s/off/from Closes #2300
2018-02-12http_chunks: don't write chunks twice with CURLOPT_HTTP_TRANSFER_DECODING onPatrick Monnerat
Bug: #2303 Reported-By: Henry Roeland
2018-02-09get_posix_time: only check for overflows if they can happen!Daniel Stenberg
2018-02-09schannel: fix "no previous prototype" compiler warningMichael Kaufmann
2018-02-09content_encoding: Add "none" alias to "identity"Mohammad AlSaleh
Some servers return a "content-encoding" header with a non-standard "none" value. Add "none" as an alias to "identity" as a work-around, to avoid unrecognised content encoding type errors. Signed-off-by: Mohammad AlSaleh <CE.Mohammad.AlSaleh@gmail.com> Closes https://github.com/curl/curl/pull/2298
2018-02-08build-openssl.bat: Follow up to 648679ab8e to suppress copy/move outputSteve Holme
2018-02-08build-openssl.bat: Fixed incorrect move if destination build folder existsSteve Holme
2018-02-08schannel: fix compiler warningsMichael Kaufmann
Closes #2296
2018-02-07curl_addrinfo.c: Allow Unix Domain Sockets to compile under WindowsSteve Holme
Windows 10.0.17061 SDK introduces support for Unix Domain Sockets. Added the necessary include file to curl_addrinfo.c. Note: The SDK (which is considered beta) has to be installed, VS 2017 project file has to be re-targeted for Windows 10.0.17061 and #define enabled in config-win32.h.
2018-02-07fnmatch: optimize processing of consecutive *s and ?s pattern charactersPatrick Monnerat
Reported-By: Daniel Stenberg Fixes #2291 Closes #2293
2018-02-06build-openssl.bat/build-wolfssl.bat: Build platform is optionalSteve Holme
Whilst the compiler parameter is mandatory, platform is optional as it is automatically calculated by the :configure section. This partially reverts commit 6d62d2c55d.
2018-02-06openssl: Don't add verify locations when verifypeer==0Patrick Schlangen
When peer verification is disabled, calling SSL_CTX_load_verify_locations is not necessary. Only call it when verification is enabled to save resources and increase performance. Closes #2290
2018-02-05build-wolfssl.bat: Extend VC15 support to include Enterprise and ProfessionalSteve Holme
...and not just the Community Edition.
2018-02-05build-openssl.bat: Extend VC15 support to include Enterprise and ProfessionalSteve Holme
...and not just the Community Edition.
2018-02-05time-cond: fix reading the file modification time on WindowsMichael Kaufmann
On Windows, stat() may adjust the unix file time by a daylight saving time offset. Avoid this by calling GetFileTime() instead. Fixes #2164 Closes #2204
2018-02-05formdata: use the mime-content type functionDaniel Stenberg
Reduce code duplication by making Curl_mime_contenttype available and used by the formdata function. This also makes the formdata function recognize a set of more file extensions by default. PR #2280 brought this to my attention. Closes #2282
2018-02-02getdate: return -1 for out of rangeDaniel Stenberg
...as that's how the function is documented to work. Reported-by: Michael Kaufmann Bug found in an autobuild with 32 bit time_t Closes #2278
2018-02-01build: fix termios issue on android cross-compileBen Greear
Bug: https://curl.haxx.se/mail/lib-2018-01/0122.html Signed-off-by: Ben Greear <greearb@candelatech.com>
2018-02-01time_t-fixes: remove typecasts to 'long' for info.filetimeDaniel Stenberg
They're now wrong. Reported-by: Michael Kaufmann Closes #2277
2018-01-31curl_setup: move the precautionary define of SIZEOF_TIME_TDaniel Stenberg
... up to before it may be used for the TIME_T_MAX/MIN logic. Reported-by: Michael Kaufmann
2018-01-31parsedate: s/#if/#ifdefDaniel Stenberg
Reported-by: Michael Kaufmann Bug: https://github.com/curl/curl/commit/1c39128d974666107fc6d9ea15f294036851f224#commitcomment-27246479
2018-01-31fnmatch: pattern syntax can no longer failPatrick Monnerat
Whenever an expected pattern syntax rule cannot be matched, the character starting the rule loses its special meaning and the parsing is resumed: - backslash at the end of pattern string matches itself. - Error in [:keyword:] results in set containing :\[dekorwy. Unit test 1307 updated for this new situation. Closes #2273
2018-01-31fnmatch: accept an alphanum to be followed by a non-alphanum in char setPatrick Monnerat
Also be more tolerant about set pattern syntax. Update unit test 1307 accordingly. Bug: https://curl.haxx.se/mail/lib-2018-01/0114.html