| Age | Commit message (Collapse) | Author |
|---|
|
CVE-2016-8622
Bug: https://curl.haxx.se/docs/adv_20161102H.html
Reported-by: Cure53
|
|
- Clarify that this option is only for HTTP/1.1 pipelining.
Bug: https://github.com/curl/curl/issues/1059
Reported-by: Jeroen Ooms
Assisted-by: Daniel Stenberg
|
|
The tool was never called cURL, only the project. But even so, we have
more and more over time switched to just use lower case.
|
|
|
|
The 'userp' argument is unused in this example code.
|
|
|
|
Add the new option CURLOPT_KEEP_SENDING_ON_ERROR to control whether
sending the request body shall be completed when the server responds
early with an error status code.
This is suitable for manual NTLM authentication.
Reviewed-by: Jay Satiro
Closes https://github.com/curl/curl/pull/904
|
|
.. and add that --proto-redir and CURLOPT_REDIR_PROTOCOLS do not
override protocols denied by --proto and CURLOPT_PROTOCOLS.
- Add a test to enforce: --proto deny must override --proto-redir allow
Closes https://github.com/curl/curl/pull/1031
|
|
Discussed in #997
Assisted-by: Jay Satiro
|
|
|
|
Since we're using CURLE_FTP_WEIRD_SERVER_REPLY in imap, pop3 and smtp as
more of a generic "failed to parse" introduce an alias without FTP in
the name.
Closes https://github.com/curl/curl/pull/975
|
|
Speed limits (from CURLOPT_MAX_RECV_SPEED_LARGE &
CURLOPT_MAX_SEND_SPEED_LARGE) were applied simply by comparing limits
with the cumulative average speed of the entire transfer; While this
might work at times with good/constant connections, in other cases it
can result to the limits simply being "ignored" for more than "short
bursts" (as told in man page).
Consider a download that goes on much slower than the limit for some
time (because bandwidth is used elsewhere, server is slow, whatever the
reason), then once things get better, curl would simply ignore the limit
up until the average speed (since the beginning of the transfer) reached
the limit. This could prove the limit useless to effectively avoid
using the entire bandwidth (at least for quite some time).
So instead, we now use a "moving starting point" as reference, and every
time at least as much as the limit as been transferred, we can reset
this starting point to the current position. This gets a good limiting
effect that applies to the "current speed" with instant reactivity (in
case of sudden speed burst).
Closes #971
|
|
|
|
Especially in regards to the multiplexing part.
|
|
for backward compatibility only
In other news, I changed one other reference to "Mac OS X" in the documentation (that I previously wrote) to say "macOS" instead.
|
|
|
|
Follow-up to a96319ebb9 (document the new behavior)
|
|
Added in 5fce88aa8c12564
|
|
After a few wasted hours hunting down the reason for slowness during a
TLS handshake that turned out to be because of TCP_NODELAY not being
set, I think we have enough motivation to toggle the default for this
option. We now enable TCP_NODELAY by default and allow applications to
switch it off.
This also makes --tcp-nodelay unnecessary, but --no-tcp-nodelay can be
used to disable it.
Thanks-to: Tim Rühsen
Bug: https://curl.haxx.se/mail/lib-2016-06/0143.html
|
|
|
|
Closes https://github.com/curl/curl/pull/914
|
|
|
|
Reported-by: Richard Gray
Bug: https://curl.haxx.se/mail/lib-2016-06/0136.html
|
|
When CURLOPT_POSTFIELDS is set to an empty string libcurl will send a
zero-byte POST. Prior to this change it was documented as sending data
from the read callback.
This also changes the wording of what happens when empty or NULL so that
it's hopefully easier to understand for people whose primary language
isn't English.
Bug: https://github.com/curl/curl/issues/862
Reported-by: Askar Safin
|
|
- Remove some erroneous text.
Closes https://github.com/curl/curl/pull/865
|
|
Closes #850
|
|
Closes #822
|
|
Adds access to the effectively used http version to both libcurl and
curl.
Closes #799
|
|
Bug: https://github.com/curl/curl/issues/826
Reported-by: Michael Wallner
|
|
Closes #821
|
|
The connect-to list isn't copied so as long as the handle may be used
for a transfer the list must be valid.
Bug: https://github.com/curl/curl/pull/819
Reported-by: Michael Kaufmann
|
|
Closes https://github.com/curl/curl/pull/816
|
|
Closes #811
|
|
|
|
|
|
Because the old OpenSSL link now redirects to their master documentation
(currently 1.1.0), which does not document the required actions for
OpenSSL <= 1.0.2.
|
|
|
|
|
|
Mention possible content-length mismatch with sum of bytes reported
by write callbacks when auto decoding is enabled.
See #785
|
|
|
|
|
|
|
|
|
|
Closes #786
|
|
As discussed in #785
|
|
Bug: https://curl.haxx.se/mail/lib-2016-04/0126.html
Reported-by: Bru Rom
|
|
|
|
... although it is deprecated.
|
|
This also fixes PolarSSL session resume.
Prior to this change the TLS session information wasn't properly
saved and restored for PolarSSL and mbedTLS.
Bug: https://curl.haxx.se/mail/lib-2016-01/0070.html
Reported-by: Thomas Glanzmann
Bug: https://curl.haxx.se/mail/lib-2016-04/0095.html
Reported-by: Moti Avrahami
|
|
Fixes #779
|
