aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-06-30RELEASE-NOTES: synced with e6749055d653Daniel Stenberg
2015-06-29configure: disable libidn by defaultDaniel Stenberg
For security reasons, until there is a fix. Bug: http://curl.haxx.se/mail/lib-2015-06/0143.html Reported-by: Gustavo Grieco, Feist Josselin
2015-06-29SSL-PROBLEMS: mention WinSSL problems in WinXPDaniel Stenberg
2015-06-29CODE_OF_CONDUCT.md: addedDaniel Stenberg
Just to underscore how we treat each other in this project. Nothing new really, but could be useful for newcomers and outsiders to see our values.
2015-06-25tool_header_cb: fflush the header streamDaniel Stenberg
Flush the header stream when -D is used so that they are sent off earlier. Bug: https://github.com/bagder/curl/issues/324 Reported-by: Cédric Connes
2015-06-25tests: Distribute CMakeLists.txt files in subdirectoriesRoger Leigh
2015-06-24CURLOPT_FAILONERROR.3: mention that it closes the connectionDaniel Stenberg
Reported-by: bemoody Bug: https://github.com/bagder/curl/issues/325
2015-06-24curl_multi_setopt.3: alpha sort the optionsDaniel Stenberg
2015-06-24curl_multi_setopt.3: add the new push optionsDaniel Stenberg
2015-06-24http2: Use nghttp2 library error code for error return valueTatsuhiro Tsujikawa
2015-06-24http2: Harden header validation for curl_pushheader_bynameTatsuhiro Tsujikawa
Since we do prefix match using given header by application code against header name pair in format "NAME:VALUE", and VALUE part can contain ":", we have to careful about existence of ":" in header parameter. ":" should be allowed to match HTTP/2 pseudo-header field, and other use of ":" in header must be treated as error, and curl_pushheader_byname should return NULL. This commit implements this behaviour.
2015-06-24CURLMOPT_PUSHFUNCTION.3: Remove unused variableTatsuhiro Tsujikawa
2015-06-24CURLMOPT_PUSHFUNCTION.3: added exampleDaniel Stenberg
2015-06-24http2: curl_pushheader_byname now takes a const char *Daniel Stenberg
2015-06-24http2-serverpush.c: example codeDaniel Stenberg
2015-06-24http2: free all header memory after the push callbackDaniel Stenberg
2015-06-24http2: init the pushed transfer properlyDaniel Stenberg
2015-06-24http2: fixed the header accessor functions for the push callbackDaniel Stenberg
2015-06-24http2: setup the new pushed stream properlyDaniel Stenberg
2015-06-24http2: initial implementation of the push callbackDaniel Stenberg
2015-06-24http2: initial HTTP/2 server push types/docsDaniel Stenberg
2015-06-23test1531: verify POSTFIELDSIZE set after add_handleDaniel Stenberg
Following the fix made in 903b6e05565bf.
2015-06-23pretransfer: init state.infilesize here, not in add_handleDaniel Stenberg
... to properly support that options are set to the handle after it is added to the multi handle. Bug: http://curl.haxx.se/mail/lib-2015-06/0122.html Reported-by: Stefan Bühler
2015-06-21tool_help: fix --tlsv1 help text to use >= for TLSv1Lior Kaplan
2015-06-20INSTALL: Advise use of non-native SSL for Windows <= XPJay Satiro
Advise that WinSSL in versions <= XP will not be able to connect to servers that no longer support the legacy handshakes and algorithms used by those versions, and to use an alternate backend like OpenSSL instead. Bug: https://github.com/bagder/curl/issues/253 Reported-by: zenden2k <zenden2k@gmail.com>
2015-06-19curl_easy_setopt.3: restore contents removed by mistakeKamil Dudka
... in commit curl-7_43_0-18-g570076e
2015-06-19curl_easy_setopt.3: mention CURLOPT_PIPEWAITDaniel Stenberg
2015-06-18cookie: Fix bug in export if any-domain cookie is presentJay Satiro
In 3013bb6 I had changed cookie export to ignore any-domain cookies, however the logic I used to do so was incorrect, and would lead to a busy loop in the case of exporting a cookie list that contained any-domain cookies. The result of that is worse though, because in that case the other cookies would not be written resulting in an empty file once the application is terminated to stop the busy loop.
2015-06-18FTP: fixed compiling with --disable-proxy, broken in b88f980aDan Fandrich
2015-06-18tool: always provide negotiate/kerberos optionsDaniel Stenberg
libcurl can still be built with it, even if the tool is not. Maintain independence!
2015-06-18TODO: Support IDNA2008Daniel Stenberg
2015-06-18Makefile.m32: add support for CURL_LDFLAG_EXTRASViktor Szakats
It is similar to existing CURL_CFLAG_EXTRAS, but for extra linker option.
2015-06-18RTSP: removed another piece of dead codeDaniel Stenberg
Coverity CID 1306668
2015-06-18openssl: fix use of uninitialized bufferDaniel Stenberg
Make sure that the error buffer is always initialized and simplify the use of it to make the logic easier. Bug: https://github.com/bagder/curl/issues/318 Reported-by: sneis
2015-06-18examples: more descriptionsDaniel Stenberg
2015-06-18examples: add descriptions with <DESC>Daniel Stenberg
Using this fixed format for example descriptions, we can generate a better list on the web site.
2015-06-18libcurl-errors.3: fix typoDaniel Stenberg
2015-06-18curl_easy_setopt.3: option order doesn't matterDaniel Stenberg
2015-06-18openssl: fix build with BoringSSLDaniel Stenberg
OPENSSL_load_builtin_modules does not exist in BoringSSL. Regression from cae43a1
2015-06-17openssl: Fix build with openssl < ~ 0.9.8fPaul Howarth
The symbol SSL3_MT_NEWSESSION_TICKET appears to have been introduced at around openssl 0.9.8f, and the use of it in lib/vtls/openssl.c breaks builds with older openssls (certainly with 0.9.8b, which is the latest older version I have to try with).
2015-06-17FTP: do the HTTP CONNECT for data connection blockingDaniel Stenberg
** WORK-AROUND ** The introduced non-blocking general behaviour for Curl_proxyCONNECT() didn't work for the data connection establishment unless it was very fast. The newly introduced function argument makes it operate in a more blocking manner, more like it used to work in the past. This blocking approach is only used when the FTP data connecting through HTTP proxy. Blocking like this is bad. A better fix would make it work more asynchronously. Bug: https://github.com/bagder/curl/issues/278
2015-06-17bump: start the journey toward 7.44.0Daniel Stenberg
2015-06-17CURLOPT_ERRORBUFFER.3: Fix example, escape backslashesJay Satiro
2015-06-17CURLOPT_ERRORBUFFER.3: Improve exampleJay Satiro
2015-06-17RELEASE-NOTES: 7.43.0 releaseDaniel Stenberg
2015-06-17THANKS: updated with 7.43.0 namesDaniel Stenberg
2015-06-17http: do not leak basic auth credentials on re-used connectionsKamil Dudka
CVE-2015-3236 This partially reverts commit curl-7_39_0-237-g87c4abb Reported-by: Tomas Tomecek, Kamil Dudka Bug: http://curl.haxx.se/docs/adv_20150617A.html
2015-06-17test2040: verify basic auth on re-used connectionsKamil Dudka
2015-06-17SMB: rangecheck values read off incoming packetDaniel Stenberg
CVE-2015-3237 Detected by Coverity. CID 1299430. Bug: http://curl.haxx.se/docs/adv_20150617B.html
2015-06-17schannel: schannel_recv overhaulJay Satiro
This commit is several drafts squashed together. The changes from each draft are noted below. If any changes are similar and possibly contradictory the change in the latest draft takes precedence. Bug: https://github.com/bagder/curl/issues/244 Reported-by: Chris Araman %% %% Draft 1 %% - return 0 if len == 0. that will have to be documented. - continue on and process the caches regardless of raw recv - if decrypted data will be returned then set the error code to CURLE_OK and return its count - if decrypted data will not be returned and the connection has closed (eg nread == 0) then return 0 and CURLE_OK - if decrypted data will not be returned and the connection *hasn't* closed then set the error code to CURLE_AGAIN --only if an error code isn't already set-- and return -1 - narrow the Win2k workaround to only Win2k %% %% Draft 2 %% - Trying out a change in flow to handle corner cases. %% %% Draft 3 %% - Back out the lazier decryption change made in draft2. %% %% Draft 4 %% - Some formatting and branching changes - Decrypt all encrypted cached data when len == 0 - Save connection closed state - Change special Win2k check to use connection closed state %% %% Draft 5 %% - Default to CURLE_AGAIN in cleanup if an error code wasn't set and the connection isn't closed. %% %% Draft 6 %% - Save the last error only if it is an unrecoverable error. Prior to this I saved the last error state in all cases; unfortunately the logic to cover that in all cases would lead to some muddle and I'm concerned that could then lead to a bug in the future so I've replaced it by only recording an unrecoverable error and that state will persist. - Do not recurse on renegotiation. Instead we'll continue on to process any trailing encrypted data received during the renegotiation only. - Move the err checks in cleanup after the check for decrypted data. In either case decrypted data is always returned but I think it's easier to understand when those err checks come after the decrypted data check. %% %% Draft 7 %% - Regardless of len value go directly to cleanup if there is an unrecoverable error or a close_notify was already received. Prior to this change we only acknowledged those two states if len != 0. - Fix a bug in connection closed behavior: Set the error state in the cleanup, because we don't know for sure it's an error until that time. - (Related to above) In the case the connection is closed go "greedy" with the decryption to make sure all remaining encrypted data has been decrypted even if it is not needed at that time by the caller. This is necessary because we can only tell if the connection closed gracefully (close_notify) once all encrypted data has been decrypted. - Do not renegotiate when an unrecoverable error is pending. %% %% Draft 8 %% - Don't show 'server closed the connection' info message twice. - Show an info message if server closed abruptly (missing close_notify).