aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-05-17bump: start working on the pending 7.61.0Daniel Stenberg
2018-05-16tests/libtest/Makefile: Do not unconditionally add gcc-specific flagsDagobert Michelsen
The warning flag leads e.g. Sun Studio compiler to bail out. Closes #2576
2018-05-16schannel_verify: fix build for non-schannelDaniel Stenberg
2018-05-16rand: fix typoJay Satiro
2018-05-16schannel: disable manual verify if APIs not availableJay Satiro
.. because original MinGW and old compilers do not have the Windows API definitions needed to support manual verification.
2018-05-16schannel: disable client cert option if APIs not availableArchangel_SDY
Original MinGW targets Windows 2000 by default, which lacks some APIs and definitions for this feature. Disable it if these APIs are not available. Closes https://github.com/curl/curl/pull/2522
2018-05-15RELEASE-NOTES: 7.60.0 releaseDaniel Stenberg
2018-05-15THANKS: added people from the curl 7.60.0 releaseDaniel Stenberg
2018-05-15docs/libcurl/index.html: removedDaniel Stenberg
The HTML files are long gone from the dist, now remove the last HTML file pointing to those missing files. d
2018-05-14http2: remove unused variablesteini2000
Closes #2570
2018-05-14http2: use easy handle of stream for loggingsteini2000
2018-05-14gcc: disable picky gcc-8 function pointer warnings in two placesDaniel Stenberg
Reported-by: Rikard Falkeborn Bug: #2560 Closes #2569
2018-05-14http2: use the correct function pointer typedefDaniel Stenberg
Fixes gcc-8 picky compiler warnings Reported-by: Rikard Falkeborn Bug: #2560 Closes #2568
2018-05-14CODE_STYLE: mention return w/o parens, but sizeof withDaniel Stenberg
... and remove the github markdown syntax so that it renders better on the web site. Also, don't use back-ticks inlined to allow the CSS to highlight source code better.
2018-05-14examples: Fix format specifiersRikard Falkeborn
Closes #2561
2018-05-14tool: Fix format specifiersRikard Falkeborn
2018-05-14ntlm: Fix format specifiersRikard Falkeborn
2018-05-14tests: Fix format specifiersRikard Falkeborn
2018-05-14lib: Fix format specifiersRikard Falkeborn
2018-05-14contributors.sh: use "on github", not atDaniel Stenberg
2018-05-14http2: getsock fix for uploadsDaniel Stenberg
When there's an upload in progress, make sure to wait for the socket to become writable. Detected-by: steini2000 on github Bug: #2520 Closes #2567
2018-05-14pingpong: fix response cache memcpy overflowDaniel Stenberg
Response data for a handle with a large buffer might be cached and then used with the "closure" handle when it has a smaller buffer and then the larger cache will be copied and overflow the new smaller heap based buffer. Reported-by: Dario Weisser CVE: CVE-2018-1000300 Bug: https://curl.haxx.se/docs/adv_2018-82c2.html
2018-05-14http: restore buffer pointer when bad response-line is parsedDaniel Stenberg
... leaving the k->str could lead to buffer over-reads later on. CVE: CVE-2018-1000301 Assisted-by: Max Dymond Detected by OSS-Fuzz. Bug: https://curl.haxx.se/docs/adv_2018-b138.html Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7105
2018-05-13cookies: do not take cookie name as a parameterPatrick Monnerat
RFC 6265 section 4.2.1 does not set restrictions on cookie names. This is a follow-up to commit 7f7fcd0. Also explicitly check proper syntax of cookie name/value pair. New test 1155 checks that cookie names are not reserved words. Reported-By: anshnd at github Fixes #2564 Closes #2566
2018-05-12smb: reject negative file sizesDaniel Stenberg
Assisted-by: Max Dymond Detected by OSS-Fuzz Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8245
2018-05-11setup_transfer: deal with both sockets being -1Daniel Stenberg
Detected by Coverity; CID 1435559. Follow-up to f8d608f38d00. It would index the array with -1 if neither index was a socket.
2018-05-10travis: add build using NSSDaniel Stenberg
Closes #2558
2018-05-10openssl: change FILE ops to BIO opsSunny Purushe
To make builds with VS2015 work. Recent changes in VS2015 _IOB_ENTRIES handling is causing problems. This fix changes the OpenSSL backend code to use BIO functions instead of FILE I/O functions to circumvent those problems. Closes #2512
2018-05-09travis: add a build using WolfSSLDaniel Stenberg
Assisted-by: Dan Fandrich Closes #2528
2018-05-07RELEASE-NOTES: typoDaniel Stenberg
2018-05-07RELEASE-NOTES: syncedDaniel Stenberg
2018-05-05URLs: fix one more http urlDaniel Gustafsson
This file wasn't included in commit 4af40b3646d3b09 which updated all haxx.se http urls to https. The file was committed prior to that update, but may have been merged after it and hence didn't get updated. Closes #2550
2018-05-05github/lock: auto-lock closed issues after 90 days of inactivityDaniel Stenberg
2018-05-04vtls: fix missing commasDaniel Stenberg
follow-up to e66cca046cef
2018-05-04vtls: use unified "supports" bitfield member in backendsDaniel Stenberg
... instead of previous separate struct fields, to make it easier to extend and change individual backends without having to modify them all. closes #2547
2018-05-04transfer: don't unset writesockfd on setup of multiplexed connsDaniel Stenberg
Curl_setup_transfer() can be called to setup a new individual transfer over a multiplexed connection so it shouldn't unset writesockfd. Bug: #2520 Closes #2549
2018-05-04configure: put CURLDEBUG and DEBUGBUILD in lib/curl_config.hFrank Gevaerts
They are removed from the compiler flags. This ensures that make dependency tracking will force a rebuild whenever configure --enable-debug or --enable-curldebug changes. Closes #2548
2018-05-04http: don't set the "rewind" flag when not uploading anythingDaniel Stenberg
It triggers an assert. Detected by OSS-Fuzz Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8144 Closes #2546
2018-05-04travis: add an mbedtls buildDaniel Stenberg
Closes #2531
2018-05-03configure: only check for CA bundle for file-using SSL backendsDaniel Stenberg
When only building with SSL backends that don't use the CA bundle file (by default), skip the check. Fixes #2543 Fixes #2180 Closes #2545
2018-05-03ssh-libssh.c: fix left shift compiler warningDaniel Stenberg
ssh-libssh.c:2429:21: warning: result of '1 << 31' requires 33 bits to represent, but 'int' only has 32 bits [-Wshift-overflow=] 'len' will never be that big anyway so I converted the run-time check to a regular assert.
2018-05-03URL: fix ASCII dependency in strcpy_url and strlen_urlStephan Mühlstrasser
Commit 3c630f9b0af097663a64e5c875c580aa9808a92b partially reverted the changes from commit dd7521bcc1b7a6fcb53c31f9bd1192fcc884bd56 because of the problem that strcpy_url() was modified unilaterally without also modifying strlen_url(). As a consequence strcpy_url() was again depending on ASCII encoding. This change fixes strlen_url() and strcpy_url() in parallel to use a common host-encoding independent criterion for deciding whether an URL character must be %-escaped. Closes #2535
2018-05-03docs: remove extraneous commas in man pagesDenis Ollier
Closes #2544
2018-05-03RELEASE-NOTES: syncedDaniel Stenberg
2018-05-03Revert "TODO: remove configure --disable-pthreads"Daniel Stenberg
This reverts commit d5d683a97f9765bddfd964fe32e137aa6e703ed3. --disable-pthreads can be used to disable pthreads and get the threaded resolver to use the windows threading when building with mingw.
2018-05-02vtls: don't define MD5_DIGEST_LENGTH for wolfsslDaniel Stenberg
... as it defines it (too)
2018-05-02TODO: remove configure --disable-pthreadsDaniel Stenberg
2018-05-02wolfssl: Fix non-blocking connectDavid Garske
Closes https://github.com/curl/curl/pull/2542
2018-04-30CURLOPT_URL.3: add ENCODING section [ci skip]Daniel Stenberg
Feedback-by: Michael Kilburn
2018-04-30KNOWN_BUGS: Client cert with Issuer DN differs between backendsDaniel Stenberg
Closes #1411