Age | Commit message (Collapse) | Author |
|
|
|
+ The hackerone bounty and its process
- We don't and can't handle pre-notification
|
|
Apparently the C => HTML converter on the web site doesn't quite like it
otherwise.
Reported-by: Jeroen Ooms
|
|
|
|
Closes #2724
|
|
... and not the other way around, which this previously said.
Reported-by: Vasiliy Faronov
Fixes #2723
Closes #2726
|
|
When size_t is not a typedef for unsigned long (as usually the case on
Windows), GCC emits -Wformat warnings when using lu and lx format
specifiers with size_t. Silence them with explicit casts to
unsigned long.
Closes https://github.com/curl/curl/pull/2721
|
|
|
|
|
|
Closes #2706
|
|
|
|
|
|
|
|
|
|
Closes #2704
|
|
|
|
The code treated the set version as the *exact* version to require in
the TLS handshake, which is not what other TLS backends do and probably
not what most people expect either.
Reported-by: Andreas Olsson
Assisted-by: Gaurav Malhotra
Fixes #2691
Closes #2694
|
|
Reported-by: Andreas Olsson
Fixes #2692
Closes #2693
|
|
The previous example was a little bit confusing, because SSL* structure
(or other "in use" SSL connection pointer) is not accessible after the
transfer is completed, therefore working with the raw TLS library
specific pointer needs to be done during transfer.
Closes #2690
|
|
|
|
|
|
Follow-up to b6a16afa0aa5
|
|
Closes #2673
|
|
|
|
Closes #2663
|
|
|
|
|
|
Closes #2657
|
|
Closes #2120
|
|
Closes #2281
|
|
Implemented by Björn in 946ce5b61f
|
|
Given the contstraints of SChannel, I'm exposing these as the algorithms
themselves instead; while replicating the ciphersuite as specified by
OpenSSL would have been preferable, I found no way in the SChannel API
to do so.
To use this from the commandline, you need to pass the names of contants
defining the desired algorithms. For example, curl --ciphers
"CALG_SHA1:CALG_RSA_SIGN:CALG_RSA_KEYX:CALG_AES_128:CALG_DH_EPHEM"
https://github.com The specific names come from wincrypt.h
Closes #2630
|
|
|
|
|
|
Detected using the `codespell` tool (version 1.13.0).
Also secure and fix an URL.
|
|
According to the user survey 2018, not even one out of 670 users use
them. Nobody on the mailing list spoke up for them either.
Closes #2629
|
|
If there's an existing entry using the selected name.
Closes #2622
|
|
Closes #2276
|
|
Adds CURLOPT_DISALLOW_USERNAME_IN_URL and --disallow-username-in-url. Makes
libcurl reject URLs with a username in them.
Closes #2340
|
|
|
|
|
|
Adds CURLOPT_TLS13_CIPHERS and CURLOPT_PROXY_TLS13_CIPHERS.
curl: added --tls13-ciphers and --proxy-tls13-ciphers
Fixes #2435
Reported-by: zzq1015 on github
Closes #2607
|
|
... the older description doesn't work
Reported-by: Peter Varga
Fixes #2615
Closes #2616
|
|
This was added earlier but appears to have been removed accidentally.
AFAICT this is very much still an issue.
-----
I say "accidentally" because the text seems to have harmlessly snuck
into [1] (which makes no mention of it). [1] was later reverted for
unspecified reasons in [2], presumably because the mentioned issue was
fixed or invalid.
[1] de9fac00c40db321d44fa6fbab6eb62ec4c83998
[2] 16d1f369403cbb04bd7b085eabbeebf159473fc2
Closes #2618
|
|
The latest psl is cached in the multi or share handle. It is refreshed
before use after 72 hours.
New share lock CURL_LOCK_DATA_PSL controls the psl cache sharing.
If the latest psl is not available, the builtin psl is used.
Reported-by: Yaakov Selkowitz
Fixes #2553
Closes #2601
|
|
|
|
--data, --form, and --ntlm were declared to be mutually exclusive with
non-existing options. --data and --form referred to --upload (which is
short for --upload-file and therefore did work, so this one was merely
a bit confusing), --ntlm referred to --negotiated instead of --negotiate.
Closes #2612
|
|
Almost all headers start with an uppercase letter, but some didn't.
|
|
Closes #2102
|
|
Closes #2588
|