aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-09-22SECURITY-PROCESS: mention the bountygraph program [ci skip]Daniel Stenberg
Closes #3032
2018-09-22url: use the URL API internally as wellDaniel Stenberg
... to make it a truly unified URL parser. Closes #3017
2018-09-22URL and mailmap updates, remove an obsolete directory [ci skip]Viktor Szakats
Closes https://github.com/curl/curl/pull/3031
2018-09-22RELEASE-NOTES: syncedDaniel Stenberg
2018-09-21configure: force-use -lpthreads on HPUXDaniel Stenberg
When trying to detect pthreads use on HPUX the checks will succeed without the correct -l option but then end up failing at run-time. Reported-by: Eason-Yu on github Fixes #2697 Closes #3025
2018-09-21Curl_saferealloc: Fixed typo in docblockErik Minekus
Closes #3029
2018-09-21urlapi: fix support for address scope in IPv6 numerical addressesDaniel Stenberg
Closes #3024
2018-09-21GnutTLS: TLS 1.3 supportLoganaden Velvindron
Closes #2971
2018-09-20TODO: c-ares and CURLOPT_OPENSOCKETFUNCTIONDaniel Stenberg
Removed DoH. Closes #2734
2018-09-20vtls: fix ssl version "or later" behavior change for many backendsJay Satiro
- Treat CURL_SSLVERSION_MAX_NONE the same as CURL_SSLVERSION_MAX_DEFAULT. Prior to this change NONE would mean use the minimum version also as the maximum. This is a follow-up to 6015cef which changed the behavior of setting the SSL version so that the requested version would only be the minimum and not the maximum. It appears it was (mostly) implemented in OpenSSL but not other backends. In other words CURL_SSLVERSION_TLSv1_0 used to mean use just TLS v1.0 and now it means use TLS v1.0 *or later*. - Fix CURL_SSLVERSION_MAX_DEFAULT for OpenSSL. Prior to this change CURL_SSLVERSION_MAX_DEFAULT with OpenSSL was erroneously treated as always TLS 1.3, and would cause an error if OpenSSL was built without TLS 1.3 support. Co-authored-by: Daniel Gustafsson Fixes https://github.com/curl/curl/issues/2969 Closes https://github.com/curl/curl/pull/3012
2018-09-20certs: generate tests certs with sha256 digest algorithmDaniel Stenberg
As OpenSSL 1.1.1 starts to complain and fail on sha1 CAs: "SSL certificate problem: CA signature digest algorithm too weak" Closes #3014
2018-09-19urlapi: document the error codes, remove two unused onesDaniel Stenberg
Assisted-by: Daniel Gustafsson Closes #3019
2018-09-19urlapi: add CURLU_GUESS_SCHEME and fix hostname acceptanceDaniel Stenberg
In order for this API to fully work for libcurl itself, it now offers a CURLU_GUESS_SCHEME flag that makes it "guess" scheme based on the host name prefix just like libcurl always did. If there's no known prefix, it will guess "http://". Separately, it relaxes the check of the host name so that IDN host names can be passed in as well. Both these changes are necessary for libcurl itself to use this API. Assisted-by: Daniel Gustafsson Closes #3018
2018-09-19nss: try to connect even if libnssckbi.so fails to loadKamil Dudka
One can still use CA certificates stored in NSS database. Reported-by: Maxime Legros Bug: https://curl.haxx.se/mail/lib-2018-09/0077.html Closes #3016
2018-09-19urlapi: don't set value which is never readDaniel Gustafsson
In the CURLUPART_URL case, there is no codepath which invokes url decoding so remove the assignment of the urldecode variable. This fixes the deadstore bug-report from clang static analysis. Closes #3015 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-09-19todo: Update reference to already done itemDaniel Gustafsson
TODO item 1.1 was implemented in commit 946ce5b61f, update reference to it with instead referencing the implemented option. Closes #3013 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-09-18RELEASE-NOTES: syncedDaniel Stenberg
2018-09-18cmake: don't require OpenSSL if USE_OPENSSL=OFFslodki
User must have OpenSSL installed even if not used by libcurl at all since 7.61.1 release. Broken at 7867aaa9a01decf93711428462335be8cef70212 Reviewed-by: Sergei Nikulov Closes #3001
2018-09-18curl_multi_wait: call getsock before figuring out timeoutDaniel Stenberg
.... since getsock may update the expiry timer. Fixes #2996 Closes #3000
2018-09-18examples/http2-pushinmemory: receive HTTP/2 pushed files in memoryDaniel Stenberg
Closes #3004
2018-09-18darwinssl: Fix realloc memleakDaniel Gustafsson
The reallocation was using the input pointer for the return value, which leads to a memory leak on reallication failure. Fix by instead use the safe internal API call Curl_saferealloc(). Closes #3005 Reviewed-by: Daniel Stenberg <daniel@haxx.se> Reviewed-by: Nick Zitzmann <nickzman@gmail.com>
2018-09-17examples: Fix memory leaks from realloc errorsKruzya
Make sure to not overwrite the reallocated pointer in realloc() calls to avoid a memleak on memory errors.
2018-09-17memory: add missing curl_printf headerDaniel Gustafsson
ftp_send_command() was using vsnprintf() without including the libcurl *rintf() replacement header. Fix by including curl_printf.h and also add curl_memory.h while at it since memdebug.h depends on it. Closes #2999 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-09-16curl: update --tlsv* descriptions in --help outputSi
Closes #2994
2018-09-16http: made Curl_add_buffer functions take a pointer-pointerDaniel Stenberg
... so that they can clear the original pointer on failure, which makes the error-paths and their cleanups easier. Closes #2992
2018-09-16http2: fix memory leaks on error-pathDaniel Stenberg
2018-09-15libtest: Add chkdecimalpoint to .gitignoreRikard Falkeborn
Closes #2998
2018-09-14secure Openwall URLsViktor Szakats
2018-09-14openssl: show "proper" version number for libressl buildsDaniel Stenberg
Closes #2989
2018-09-14openssl: assume engine support in 0.9.8 or laterRainer Jung
Fixes #2983 Closes #2988
2018-09-13sendf: use failf() rather than Curl_failf()Daniel Gustafsson
The failf() macro is the name used for invoking Curl_failf(). While there isn't a way to turn off failf like there is for infof, but it's still a good idea to use the macro. Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-09-13sendf: Fix whitespace in infof/failf concatenationDaniel Gustafsson
Strings broken on multiple rows in the .c file need to have appropriate whitespace padding on either side of the concatenation point to render a correct amalgamated string. Fix by adding a space at the occurrences found. Closes #2986 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-09-13krb5: fix memory leak in krb_authDaniel Gustafsson
The FTP command allocated by aprintf() must be freed after usage. Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-09-13ftp: include command in Curl_ftpsend sendbufferDaniel Gustafsson
Commit 8238ba9c5f10414a88f502bf3f5d5a42d632984c inadvertently removed the actual command to be sent from the send buffer in a refactoring. Add back copying the command into the buffer. Also add more guards against malformed input while at it. Closes #2985 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-09-13ntlm_wb: Fix memory leaks in ntlm_wb_responseDaniel Gustafsson
When erroring out on a request being too large, the existing buffer was leaked. Fix by explicitly freeing on the way out. Closes #2966 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-09-13travis: build the MesaLink vtls backend with MesaLink 0.7.1Yiming Jing
2018-09-13runtests.pl: run tests against the MesaLink vtls backendYiming Jing
2018-09-13vtls: add a MesaLink vtls backendYiming Jing
Closes #2984
2018-09-13configure.ac: add a MesaLink vtls backendYiming Jing
2018-09-13curl_url_set.3: properly escape \n in example codeDave Reisner
This yields "the scheme is %s\n" instead of "the scheme is %s0 Closes #2970
2018-09-13curl_url_set.3: fix typo in reference to CURLU_APPENDQUERYDave Reisner
2018-09-13urlglob: improve error messageDaniel Stenberg
to help user understand what the problem is Reported-by: Daniel Shahaf Fixes #2763 Closes #2977
2018-09-12tests/certs: rebuild certs with 2048-bit RSA keysYiming Jing
The previous test certificates contained RSA keys of only 1024 bits. However, RSA claims that 1024-bit RSA keys are likely to become crackable some time before 2010. The NIST recommends at least 2048-bit keys for RSA for now. Better use full 2048 also for testing. Closes #2973
2018-09-12TODO: fix typo in itemDaniel Gustafsson
Closes #2968 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-09-12anyauthput: fix compiler warning on 64-bit WindowsMarcel Raad
On Windows, the read function from <io.h> is used, which has its byte count parameter as unsigned int instead of size_t. Closes https://github.com/curl/curl/pull/2972
2018-09-12lib: fix gcc8 warning on WindowsViktor Szakats
Closes https://github.com/curl/curl/pull/2979
2018-09-12openssl: fix gcc8 warningJay Satiro
- Use memcpy instead of strncpy to copy a string without termination, since gcc8 warns about using strncpy to copy as many bytes from a string as its length. Suggested-by: Viktor Szakats Closes https://github.com/curl/curl/issues/2980
2018-09-10libcurl-url.3: overview man page for the URL APIDaniel Stenberg
Closes #2967
2018-09-10example/asiohiper: insert warning comment about its statusDaniel Stenberg
This example is simply not working correctly but there's nobody around with the skills and energy to fix it. Closes #2407
2018-09-10docs/cmdline-opts: update the documentation of --tlsv1.0Kamil Dudka
... to reflect the changes in 6015cefb1b2cfde4b4850121c42405275e5e77d9 Closes #2955