| Age | Commit message (Collapse) | Author |
|---|
|
Closes #4843
|
|
Avoid "reparsing" the content and instead deliver more exactly what is
provided in the certificate and avoid truncating the data after 512
bytes as done previously. This no longer removes embedded newlines.
Fixes #4837
Reported-by: bnfp on github
Closes #4841
|
|
- Copy CURLOPT_SSL_OPTIONS.3 description to CURLOPT_PROXY_SSL_OPTIONS.3.
Prior to this change CURLSSLOPT_NO_PARTIALCHAIN was missing from the
CURLOPT_PROXY_SSL_OPTIONS description.
|
|
For now, no cert in the bundle actually sets a date there...
Co-Authored-by: Jay Satiro
Reported-by: Christian Heimes
Fixes #4834
Closes #4836
|
|
|
|
Introduces CURLOPT_MAIL_RCPT_ALLLOWFAILS.
Verified with the new tests 3002-3007
Closes #4816
|
|
follow-up from dea17b519d (one of these days I'll learn to check before
I push)
|
|
Fixes the bug where oauth_bearer gets deallocated when we re-use a
connection.
Closes #4824
|
|
Closes #4762
Fixes #4753
|
|
It is superfluous and could even be misleading.
Bug: https://curl.haxx.se/mail/archive-2020-01/0016.html
Reported-by: Mike Norton
Closes #4832
|
|
Previously, it was only possible to set it to Windows Vista or XP by
setting the option `ENABLE_INET_PTON` to `ON` resp. `OFF`.
Use a new cache variable `CURL_TARGET_WINDOWS_VERSION` to be able to
explicitly set the target Windows version. `ENABLE_INET_PTON` is
ignored in this case.
Ref: https://github.com/curl/curl/pull/1639#issuecomment-313039352
Ref: https://github.com/curl/curl/pull/4607#issuecomment-557541456
Closes https://github.com/curl/curl/pull/4815
|
|
Follow-up to 7ff9222ced8c
|
|
Mentioned: https://curl.haxx.se/mail/lib-2020-01/0050.html
Closes #4814
|
|
I'd like to see this happen.
|
|
|
|
The symbols without wc_ prefix are not always provided.
Ref: https://github.com/wolfSSL/wolfssl/issues/2744
Closes #4827
|
|
As detailed in DEPRECATE.md, the polarssl support is now removed after
having been disabled for 6 months and nobody has missed it.
The threadlock files used by mbedtls are renamed to an 'mbedtls' prefix
instead of the former 'polarssl' and the common functions that
previously were shared between mbedtls and polarssl and contained the
name 'polarssl' have now all been renamed to instead say 'mbedtls'.
Closes #4825
|
|
This led to a conversion warning on 64-bit MinGW, which has 32-bit
`long` but 64-bit `size_t`.
Closes https://github.com/curl/curl/pull/4823
|
|
To avoid division by zero - or other issues.
Reported-by: Daniel Marjamäki
Closes #4818
|
|
|
|
|
|
It doesn't make much sense to only check if the function can be linked
when it's not declared in any header and that is treated as an error.
With the correct target Windows version set, the function is declared
in ws2tcpip.h and the comment above the modified block is invalid.
Also, move the definition of `_WIN32_WINNT` up to before all symbol
availability checks so that we don't have to care which ones must be
done after it.
Tested with Visual Studio 2019 and current MinGW-w64.
Closes https://github.com/curl/curl/pull/4808
|
|
Follow-up to 29e40a6 from two days ago, which added that feature for
Windows 7 and earlier. The bug only occurred in same.
Ref: https://github.com/curl/curl/pull/4761
|
|
... and refer to that file from from CURLOPT_COOKIEFILE.3 and
CURLOPT_COOKIELIST.3
Assisted-by: Jay Satiro
Reported-by: bsammon on github
Fixes #4805
Closes #4806
|
|
This enables Link Time Optimization. LTO is a proven technique for
optimizing across compilation units.
Closes #4799
|
|
|
|
A regression made the code use 'multiplexed' as a boolean instead of the
counter it is intended to be. This made curl try to "over-populate"
connections with new streams.
This regression came with 41fcdf71a1, shipped in curl 7.65.0.
Also, respect the CURLMOPT_MAX_CONCURRENT_STREAMS value in the same
check.
Reported-by: Kunal Ekawde
Fixes #4779
Closes #4784
|
|
It was not intended nor documented!
Added test 1176 to verify.
Reported-by: vshmuk on hackerone
Closes #4812
|
|
Adds support for SFTP (not SCP) using WolfSSH.
Closes #4231
|
|
As it was just unnecessary duplicated information already stored in the
'per_transfer' struct and that's around mostly anyway.
The duplicated pointer caused problems when the code flow was aborted
before the dupe was filled in and could cause a NULL pointer access.
Reported-by: Brian Carpenter
Fixes #4807
Closes #4810
|
|
Follow-up to recent commits
[skip ci]
|
|
- Allow forcing the host's key type found in the known_hosts file.
Currently, curl (with libssh2) does not take keys from your known_hosts
file into account when talking to a server. With this patch the
known_hosts file will be searched for an entry matching the hostname
and, if found, libssh2 will be told to claim this key type from the
server.
Closes https://github.com/curl/curl/pull/4747
|
|
- Add "libssh2" name to FindLibSSH2 library search.
On Windows systems, libSSH2 CMake installation may name the library
"LibSSH2".
Prior to this change cmake only checked for name "ssh2". On Linux that
works fine because it will prepend the "lib", but it doesn't do that on
Windows.
Closes https://github.com/curl/curl/pull/4804
|
|
- Support hostname verification via alternative names (SAN) in the
peer certificate when CURLOPT_CAINFO is used in Windows 7 and earlier.
CERT_NAME_SEARCH_ALL_NAMES_FLAG doesn't exist before Windows 8. As a
result CertGetNameString doesn't quite work on those versions of
Windows. This change provides an alternative solution for
CertGetNameString by iterating through CERT_ALT_NAME_INFO for earlier
versions of Windows.
Prior to this change many certificates failed the hostname validation
when CURLOPT_CAINFO was used in Windows 7 and earlier. Most certificates
now represent multiple hostnames and rely on the alternative names field
exclusively to represent their hostnames.
Reported-by: Jeroen Ooms
Fixes https://github.com/curl/curl/issues/3711
Closes https://github.com/curl/curl/pull/4761
|
|
- Add new error code CURLE_QUIC_CONNECT_ERROR for QUIC connection
errors.
Prior to this change CURLE_FAILED_INIT was used, but that was not
correct.
Closes https://github.com/curl/curl/pull/4754
|
|
- Add new error CURLM_BAD_FUNCTION_ARGUMENT and return that error when
curl_multi_wait/poll is passed timeout param < 0.
Prior to this change passing a negative value to curl_multi_wait/poll
such as -1 could cause the function to wait forever.
Reported-by: hamstergene@users.noreply.github.com
Fixes https://github.com/curl/curl/issues/4763
Closes https://github.com/curl/curl/pull/4765
|
|
- Define USE_WIN32_CRYPTO by default. This enables SMB.
- Show whether SMB is enabled in the "Enabled features" output.
- Fix mingw compiler warning for call to CryptHashData by casting away
const param. mingw CryptHashData prototype is wrong.
Closes https://github.com/curl/curl/pull/4717
|
|
Reported-by: Johannes Schindelin
Ref: https://github.com/curl/curl/pull/3863#pullrequestreview-241395121
Closes https://github.com/curl/curl/pull/4803
|
|
Follow-up to 875314ed0bf3b
|
|
The code was duplicated in the various resolver backends.
Also, it was called after the call to `Curl_ipvalid`, which matters in
case of `CURLRES_IPV4` when called from `connect.c:bindlocal`. This
caused test 1048 to fail on classic MinGW.
The code ignores `conn->ip_version` as done previously in the
individual resolver backends.
Move the call to the `resolver_start` callback up to appease test 655,
which wants it to be called also for literal addresses.
Closes https://github.com/curl/curl/pull/4798
|
|
|
|
... using the new badsymbols.pl perl script
Fixes #4793
Closes #4794
|
|
|
|
...requires some rearranging of the setup of CURLOPT_ and CURLMOPT_
enums.
|
|
It isn't our job to define this in a public header - and it defines a
name outside of our naming scope.
|
|
Follow-up to: 4027bd72d9
|
|
|
|
- When creating a directory hierarchy do not error when mkdir fails due
to error EACCESS (13) "access denied".
Some file systems allow for directory traversal; in this case that it
should be possible to create child directories when permission to the
parent directory is restricted.
This is a regression caused by me in f16bed0 (precedes curl-7_61_1).
Basically I had assumed that if a directory already existed it would
fail only with error EEXIST, and not error EACCES. The latter may
happen if the directory exists but has certain restricted permissions.
Reported-by: mbeifuss@users.noreply.github.com
Fixes https://github.com/curl/curl/issues/4796
Closes https://github.com/curl/curl/pull/4797
|
|
Closes #4080
|
|
Ref: https://curl.haxx.se/mail/lib-2020-01/0031.html
|
