Age | Commit message (Collapse) | Author |
|
Follow-up to f9c7ba9096ec2
Coverity CID 1453474
Closes #4291
|
|
For the 'proto' union within the connectdata struct.
Closes #4290
|
|
Closes #4289
|
|
Otherwise, a three byte response would make the smtp_state_ehlo_resp()
function misbehave.
Credit to OSS-Fuzz
Bug: https://crbug.com/oss-fuzz/16918
Assisted-by: Max Dymond
Closes #4287
|
|
... it might otherwise return OK from this function leaving that pointer
uninitialized.
Bug: https://crbug.com/oss-fuzz/16907
Closes #4286
|
|
This allows the function to figure out if a unix domain socket has a
file name or not associated with it! When a socket is created with
socketpair(), as done in the fuzzer testing, the path struct member is
uninitialized and must not be accessed.
Bug: https://crbug.com/oss-fuzz/16699
Closes #4283
|
|
... to make sure we continue draining the queue until empty
Closes #4281
|
|
Found-by: Jeremy Lainé
|
|
... to trigger a new read to detect the stream close!
Closes #4275
|
|
Closes #4278
|
|
Closes #4274
|
|
Closes #4270
|
|
It could otherwise return an error even when closed correctly if GOAWAY
had been received previously.
Reported-by: Tom van der Woerdt
Fixes #4267
Closes #4268
|
|
This is a follow-up to https://github.com/curl/curl/pull/3864 .
Closes #4224
|
|
Closes #4265
|
|
Closes #4260
|
|
Closes #4259
|
|
|
|
Assisted-by: Tatsuhiro Tsujikawa
|
|
Fix read off end of array due to bad pointer math in getworkingpath for
SCP home directory case.
Closes #4258
|
|
and remove 'header_recvbuf', not used for anything
Reported-by: Jeremy Lainé
Closes #4257
|
|
Closes #4256
|
|
Follow-up to f9c7ba9096ec
The use of DOT_CHAR for ".ssh" was probably a mistake and is removed
now.
Pointed-out-by: Gisle Vanem
Bug: https://github.com/curl/curl/pull/4230#issuecomment-522960638
Closes #4247
|
|
Reported in build "Win32 target on Debian Stretch (64-bit) -
i686-w64-mingw32 - gcc-20170516"
Closes #4245
|
|
Closes #4244
|
|
Closes #4242
|
|
|
|
For a long time (since 7.28.1) we've returned error when setting the
value to 1 to make applications notice that we stopped supported the old
behavior for 1. Starting now, we treat 1 and 2 exactly the same.
Closes #4241
|
|
... but fall back and try "_netrc" too if the dot version didn't work.
Co-Authored-By: Steve Holme
|
|
... which of course doesn't have to be the same used at build-time.
Function just recently merged in ngtcp2.
|
|
To fix a segfault and to better deal with 0-RTT
Assisted-by: Tatsuhiro Tsujikawa
|
|
The quiche debug callback is global and can only be initialized once, so
make sure we don't do it multiple times (e.g. if multiple requests are
executed).
In addition this initializes the callback before the connection is
created, so we get logs for the handshake as well.
Closes #4236
|
|
Closes #4235
|
|
|
|
|
|
|
|
When a username and password are provided in the URL, they were wrongly
removed from the stored URL so that subsequent uses of the same URL
wouldn't find the crendentials. This made doing HTTP auth with multiple
connections (like Digest) mishave.
Regression from 46e164069d1a5230 (7.62.0)
Test case 335 added to verify.
Reported-by: Mike Crowe
Fixes #4228
Closes #4229
|
|
... instead of having them in quicsocket
|
|
Closes #4225
|
|
|
|
|
|
|
|
|
|
|
|
Closes #4220
|
|
|
|
With HTTP/3 libs and plenty TLS libs, I manged to hit the limit (which
causes a truncated output).
|
|
- Add new error code CURLE_AUTH_ERROR.
Prior to this change auth function errors were signaled by
CURLE_OUT_OF_MEMORY and CURLE_RECV_ERROR, and neither one was
technically correct.
Ref: https://github.com/curl/curl/pull/3848
Co-authored-by: Dominik Hölzl
Closes https://github.com/curl/curl/pull/3864
|
|
SSL_VersionRangeGetDefault returns (TLSv1.0, TLSv1.2) as supported
range in NSS 3.45. It looks like the intention is to raise the minimum
version rather than lowering the maximum, so adjust accordingly. Note
that the caller (nss_setup_connect) initializes the version range to
(TLSv1.0, TLSv1.3), so there is no need to check for >= TLSv1.0 again.
Closes #4187
Reviewed-by: Daniel Stenberg
Reviewed-by: Kamil Dudka
|
|
|