Age | Commit message (Collapse) | Author |
|
Detected using the `codespell` tool (version 1.13.0).
Also secure and fix an URL.
|
|
|
|
URL: https://curl.haxx.se/mail/lib-2018-06/0000.html
This is step one. It adds #error statements that require source edits to
make curl build again if asked to use axTLS. At a later stage we might
remove the axTLS specific code completely.
Closes #2628
|
|
According to the user survey 2018, not even one out of 670 users use
them. Nobody on the mailing list spoke up for them either.
Closes #2629
|
|
... for curl_dofreeaddrinfo
|
|
... it might call infof() with a NULL first argument that isn't harmful
but makes it not do anything. The infof() line is not very useful
anymore, it has served it purpose. Good riddance!
Fixes #2627
|
|
If there's an existing entry using the selected name.
Closes #2622
|
|
If configure detects fnmatch to be available, use that instead of our
custom one for FTP wildcard pattern matching. For standard compliance,
to reduce our footprint and to use already well tested and well
exercised code.
A POSIX fnmatch behaves slightly different than the internal function
for a few test patterns currently and the macOS one yet slightly
different. Test case 1307 is adjusted for these differences.
Closes #2626
|
|
Follow-up to commit 946ce5b
|
|
|
|
Closes #2276
|
|
On our x86 Android toolchain, getpwuid_r is implemented but the header
is missing:
netrc.c:81:7: error: implicit declaration of function 'getpwuid_r' [-Werror=implicit-function-declaration]
Unfortunately, the function is used in curl_ntlm_wb.c, too, so I moved
the prototype to curl_setup.h.
Signed-off-by: Bernhard Walle <bernhard@bwalle.de>
Closes #2609
|
|
Closes #2624
|
|
Closes #2623
|
|
Adds CURLOPT_DISALLOW_USERNAME_IN_URL and --disallow-username-in-url. Makes
libcurl reject URLs with a username in them.
Closes #2340
|
|
|
|
|
|
* enable it in `src/Makefile.m32`
* enable it in `winbuild/MakefileBuild.vc` if a custom manifest is
_not_ enabled via the existing `EMBED_MANIFEST` option
* enable it for all Windows CMake builds (also disable the built-in
minimal manifest, added by CMake by default.)
For other build systems, add the `-DCURL_EMBED_MANIFEST` option to
the list of RC (Resource Compiler) flags to enable the manifest
included in `src/curl.rc`. This may require to disable whatever
automatic or other means in which way another manifest is added to
`curl.exe`.
Notice that Borland C doesn't support this method due to a
long-pending resource compiler bug. Watcom C may also not handle
it correctly when the `-zm` `wrc` option is used (this option may
be unnecessary though) and regardless of options in certain earlier
revisions of the 2.0 beta version.
Closes https://github.com/curl/curl/pull/1221
Fixes https://github.com/curl/curl/issues/2591
|
|
|
|
Also sync ILE/RPG binding to define the new functions.
|
|
Adds CURLOPT_TLS13_CIPHERS and CURLOPT_PROXY_TLS13_CIPHERS.
curl: added --tls13-ciphers and --proxy-tls13-ciphers
Fixes #2435
Reported-by: zzq1015 on github
Closes #2607
|
|
The automake default ar flags are 'cru', but the 'u' flag in there
causes warnings on many modern Linux distros. Removing 'u' may have a
minor performance impact on older distros but should not cause harm.
Explained on the automake mailing list already back in April 2015:
https://www.mail-archive.com/automake-patches@gnu.org/msg07705.html
Reported-by: elephoenix on github
Fixes #2617
Closes #2619
|
|
|
|
... the older description doesn't work
Reported-by: Peter Varga
Fixes #2615
Closes #2616
|
|
This was added earlier but appears to have been removed accidentally.
AFAICT this is very much still an issue.
-----
I say "accidentally" because the text seems to have harmlessly snuck
into [1] (which makes no mention of it). [1] was later reverted for
unspecified reasons in [2], presumably because the mentioned issue was
fixed or invalid.
[1] de9fac00c40db321d44fa6fbab6eb62ec4c83998
[2] 16d1f369403cbb04bd7b085eabbeebf159473fc2
Closes #2618
|
|
A non-escaped bracket ([) is for a character group - as documented. It
will *not* match an individual bracket anymore. Test case 1307 updated
accordingly to match.
Problem detected by OSS-Fuzz, although this fix is probably not a final
fix for the notorious timeout issues.
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8525
Closes #2614
|
|
The latest psl is cached in the multi or share handle. It is refreshed
before use after 72 hours.
New share lock CURL_LOCK_DATA_PSL controls the psl cache sharing.
If the latest psl is not available, the builtin psl is used.
Reported-by: Yaakov Selkowitz
Fixes #2553
Closes #2601
|
|
The ssh2 pkg-config file could contain the following lines when build
with a static version of mbedtls:
Libs: -L${libdir} -lssh2 /xxx/libmbedcrypto.a
Libs.private: /xxx/libmbedcrypto.a
This static mbedtls library must be used to correctly detect ssh2
support and this library must be copied in libcurl.pc otherwise
compilation of any application (such as upmpdcli) with libcurl will fail
when trying to found mbedtls functions included in libssh2. So, replace
pkg-config --libs-only-l by pkg-config --libs.
Fixes:
- http://autobuild.buildroot.net/results/43e24b22a77f616d6198c10435dcc23cc3b9088a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Closes #2613
|
|
|
|
The autotools-based build system does it, so we do it also in CMake.
Bug: #2609
Signed-off-by: Bernhard Walle <bernhard@bwalle.de>
|
|
|
|
--data, --form, and --ntlm were declared to be mutually exclusive with
non-existing options. --data and --form referred to --upload (which is
short for --upload-file and therefore did work, so this one was merely
a bit confusing), --ntlm referred to --negotiated instead of --negotiate.
Closes #2612
|
|
Almost all headers start with an uppercase letter, but some didn't.
|
|
|
|
compiling
|
|
|
|
Closes #2604
|
|
Change requirement from $(DISTDIR) to $(DIRDIST)
closes #2603
|
|
This removes the slightly annoying "Could not file LIBCURL_OBJS.inc" and
"Could not find CURL_OBJS.inc.inc" message when building into a clean
folder.
closes #2602
|
|
Fallback on Z_SYNC_FLUSH when Z_BLOCK is not available.
Fixes #2606
Closes #2608
|
|
... even when there's no protocol specific handler setup.
Bug: https://curl.haxx.se/mail/lib-2018-05/0062.html
Reported-by: Sean Miller
Closes #2600
|
|
Closes #2102
|
|
Closes #2588
|
|
using -DCMAKE_DEBUG_POSTFIX explicitly
fixes #2121, obsoletes #2384
|
|
When given a prefix, the $PREFIX_OPENSSL/lib/openssl.pc or
$PREFIX_OPENSSL/include/openssl/ssl.h files must be present or cause an
error. Helps users detect when giving configure the wrong path.
Reported-by: Oleg Pudeyev
Assisted-by: Per Malmberg
Fixes #2580
|
|
This avoids appending error data to already existing good data.
Test 92 is updated to match this change.
New test 1156 checks all combinations of --range/--resume, --fail,
Content-Range header and http status code 200/416.
Fixes #1163
Reported-By: Ithubg on github
Closes #2578
|
|
|
|
follow-up to mistake in 6876ccf90b4
|
|
OpenSSL has supported --cacert for ages, always accepting LF-only line
endings ("Unix line endings") as well as CR/LF line endings ("Windows
line endings").
When we introduced support for --cacert also with Secure Channel (or in
cURL speak: "WinSSL"), we did not take care to support CR/LF line
endings, too, even if we are much more likely to receive input in that
form when using Windows.
Let's fix that.
Happily, CryptQueryObject(), the function we use to parse the ca-bundle,
accepts CR/LF input already, and the trailing LF before the END
CERTIFICATE marker catches naturally any CR/LF line ending, too. So all
we need to care about is the BEGIN CERTIFICATE marker. We do not
actually need to verify here that the line ending is CR/LF. Just
checking for a CR or an LF is really plenty enough.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Closes https://github.com/curl/curl/pull/2592
|
|
|