aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-08-15proxy: reject attempts to use unsupported proxy schemesDaniel Stenberg
I discovered some people have been using "https://example.com" style strings as proxy and it "works" (curl doesn't complain) because curl ignores unknown schemes and then assumes plain HTTP instead. I think this misleads users into believing curl uses HTTPS to proxies when it doesn't. Now curl rejects proxy strings using unsupported schemes instead of just ignoring and defaulting to HTTP.
2016-08-15RELEASE-NOTES: synced with b7ee5316c2fd5bDaniel Stenberg
2016-08-14socks.c: Correctly calculate position of port in response packetMarc Hoersken
Third commit to fix issue #944 regarding SOCKS5 error handling. Reported-by: David Kalnischkies
2016-08-14socks.c: Do not modify and invalidate calculated response lengthMarc Hoersken
Second commit to fix issue #944 regarding SOCKS5 error handling. Reported-by: David Kalnischkies
2016-08-14socks.c: Move error output after reading the whole response packetMarc Hoersken
First commit to fix issue #944 regarding SOCKS5 error handling. Reported-by: David Kalnischkies
2016-08-13MANUAL: Remove invalid link to LDAP documentation (#962)Ronnie Mose
The server developer.netscape.com does not resolve into any ip address and can be removed.
2016-08-13openssl: accept subjectAltName iPAddress if no dNSName matchJay Satiro
Undo change introduced in d4643d6 which caused iPAddress match to be ignored if dNSName was present but did not match. Also, if iPAddress is present but does not match, and dNSName is not present, fail as no-match. Prior to this change in such a case the CN would be checked for a match. Bug: https://github.com/curl/curl/issues/959 Reported-by: wmsch@users.noreply.github.com
2016-08-12configure.ac: add zlib search with pkg-configDambaev Alexander
Closes #956
2016-08-11rtsp: ignore whitespace in session idDaniel Stenberg
Follow-up to e577c43bb to fix test case 569 brekage: stop the parser at whitespace as well. Help-by: Erik Janssen
2016-08-11HTTP: retry failed HEAD requests tooDaniel Stenberg
Mark's new document about HTTP Retries (https://mnot.github.io/I-D/httpbis-retry/) made me check our code and I spotted that we don't retry failed HEAD requests which seems totally inconsistent and I can't see any reason for that separate treatment. So, no separate treatment for HEAD starting now. A HTTP request sent over a reused connection that gets cut off before a single byte is received will be retried on a fresh connection. Made-aware-by: Mark Nottingham
2016-08-11mk-ca-bundle.1: document -m, added in 1.26Daniel Stenberg
2016-08-10RELEASE-NOTES: synced with e577c43bb5Daniel Stenberg
2016-08-10rtsp: accept any RTSP session idErik Janssen
Makes libcurl work in communication with gstreamer-based RTSP servers. The original code validates the session id to be in accordance with the RFC. I think it is better not to do that: - For curl the actual content is a don't care. - The clarity of the RFC is debatable, is $ allowed or only as \$, that is imho not clear - Gstreamer seems to url-encode the session id but % is not allowed by the RFC - less code With this patch curl will correctly handle real-life lines like: Session: biTN4Kc.8%2B1w-AF.; timeout=60 Bug: https://curl.haxx.se/mail/lib-2016-08/0076.html
2016-08-09symbols-in-versions: add CURL_STRICTERDaniel Stenberg
Added in 5fce88aa8c12564
2016-08-09winbuild: Allow changing C compiler via environment variable CC (#952)Simon Warta
This makes it possible to use specific compilers or a cache. Sample use for clcache: set CC=clcache.bat nmake /f Makefile.vc DEBUG=no MODE=static VC=14 GEN_PDB=no
2016-08-09LICENSE-MIXING.md: switched to markdownDaniel Stenberg
2016-08-09docs-make: have markdown files use .mdDaniel Stenberg
2016-08-09curl.h: make CURL_NO_OLDIES define CURL_STRICTERDaniel Stenberg
2016-08-09HISTORY.md: use markdown extensionDaniel Stenberg
2016-08-09SSLCERTS.md: renamed to markdown extensionDaniel Stenberg
2016-08-09INTERNALS.md: use markdown extension for markdown contentDaniel Stenberg
2016-08-09CONTRIBUTE.md: markdown extensionDaniel Stenberg
2016-08-09CONTRIBUTE: changed to markdownDaniel Stenberg
2016-08-09CONTRIBUTE: refreshedDaniel Stenberg
2016-08-09TODO: added an SSH section and two SFTP things to doDaniel Stenberg
2016-08-09TODO: remove the 1.22 duplicated itemDaniel Stenberg
2016-08-09TODO: move "CURLOPT_MAIL_CLIENT" to SMTP sectionDaniel Stenberg
2016-08-09TODO: API for URL parsing/splittingDaniel Stenberg
2016-08-09TODO: move QUIC to the HTTP sectionDaniel Stenberg
2016-08-09winbuild: Free name $(CC) in Makefile (#950)Simon Warta
In the old line number 290, CC and CURL_CC had the same value. After that, /DCURL_STATICLIB was added to CC but not CURL_CC (intended?). This gets rid of the CC variable entirely. It is a first step to make it possible to manualyl set a CC variable in order to be able to change the compiler.
2016-08-08TODO: Use huge HTTP/2 windowsDaniel Stenberg
2016-08-08winbuild: Avoid setting redundant CFLAGS to compile commands (#949)Simon Warta
$(CURL_CC) is always used with $(CURL_CFLAGS) appended, so before this, all arguments in CURL_CFLAGS have been added twice.
2016-08-08cmake: Enable win32 threaded resolver by defaultJay Satiro
- Turn on USE_THREADS_WIN32 in Windows if ares isn't on This change is similar to what we already do in the autotools build.
2016-08-08cmake: Enable win32 large file support by defaultJay Satiro
All compilers used by cmake in Windows should support large files. - Add test SIZEOF_OFF_T - Remove outdated test SIZEOF_CURL_OFF_T - Turn on USE_WIN32_LARGE_FILES in Windows - Check for 'Largefile' during the features output
2016-08-07TODO: added several ideas, removed SPDYDaniel Stenberg
2016-08-05http2: always wait for readable socketDaniel Stenberg
Since the server can at any time send a HTTP/2 frame to us, we need to wait for the socket to be readable during all transfers so that we can act on incoming frames even when uploading etc. Reminded-by: Tatsuhiro Tsujikawa
2016-08-05RELEASE-NOTES: synced with 7b4bf37a44791Daniel Stenberg
2016-08-05mbedtls: set debug threshold to 4 (verbose) when MBEDTLS_DEBUG is definedThomas Glanzmann
In order to make MBEDTLS_DEBUG work, the debug threshold must be unequal to 0. This patch also adds a comment how mbedtls must be compiled in order to make debugging work, and explains the possible debug levels.
2016-08-05CURLOPT_TCP_NODELAY: now enabled by defaultDaniel Stenberg
After a few wasted hours hunting down the reason for slowness during a TLS handshake that turned out to be because of TCP_NODELAY not being set, I think we have enough motivation to toggle the default for this option. We now enable TCP_NODELAY by default and allow applications to switch it off. This also makes --tcp-nodelay unnecessary, but --no-tcp-nodelay can be used to disable it. Thanks-to: Tim Rühsen Bug: https://curl.haxx.se/mail/lib-2016-06/0143.html
2016-08-04TFTP: Fix upload problem with piped inputSerj Kalichev
When input stream for curl is stdin and input stream is not a file but generated by a script then curl can truncate data transfer to arbitrary size since a partial packet is treated as end of transfer by TFTP. Fixes #857
2016-08-04mk-ca-bundle.pl: -m keeps ca cert meta data in outputDaniel Stenberg
Makes the script pass on comments holding meta data to the output file. Like fingerprinters, issuer, date ranges etc. Closes #937
2016-08-04multi: make Curl_expire() work with 0 ms timeoutsDaniel Stenberg
Previously, passing a timeout of zero to Curl_expire() was a magic code for clearing all timeouts for the handle. That is now instead made with the new Curl_expire_clear() function and thus a 0 timeout is fine to set and will trigger a timeout ASAP. This will help removing short delays, in particular notable when doing HTTP/2.
2016-08-04transfer: return without select when the read loop reached maxcountDaniel Stenberg
Regression added in 790d6de48515. The was then added to avoid one particular transfer to starve out others. But when aborting due to reading the maxcount, the connection must be marked to be read from again without first doing a select as for some protocols (like SFTP/SCP) the data may already have been read off the socket. Reported-by: Dan Donahue Bug: https://curl.haxx.se/mail/lib-2016-07/0057.html
2016-08-03mbedtls: Added support for NTLMBill Nagel
2016-08-03travis: removed option to rebuild autotool from sourceSergei Nikulov
Fixes #943
2016-08-03bump: start working toward 7.50.2Daniel Stenberg
2016-08-03THANKS: 7 new contributors from the 7.50.1 releaseDaniel Stenberg
2016-08-03RELEASE-NOTES: 7.50.1Daniel Stenberg
2016-08-03TLS: only reuse connections with the same client certDaniel Stenberg
CVE-2016-5420 Bug: https://curl.haxx.se/docs/adv_20160803B.html
2016-08-03TLS: switch off SSL session id when client cert is usedDaniel Stenberg
CVE-2016-5419 Bug: https://curl.haxx.se/docs/adv_20160803A.html Reported-by: Bru Rom Contributions-by: Eric Rescorla and Ray Satiro