Age | Commit message (Collapse) | Author |
|
Primarily for SNI, we need the host name without a trailing dot.
"https://www.example.com." resolves fine but fails on SNI unless the dot
is removed.
Reported-by: Leon Winter
Bug: http://curl.haxx.se/mail/lib-2014-04/0161.html
|
|
When looping and closing each individual connection left open, the
SIGPIPE ignoring was not done and could thus lead to death by signal 13.
Bug: http://thread.gmane.org/gmane.comp.version-control.git/238242
|
|
As there's a default connection timeout and this wrongly used the
connection timeout during a transfer after the connection is completed,
this function would trigger timeouts during transfers erroneously.
Bug: http://curl.haxx.se/bug/view.cgi?id=1352
Figured-out-by: Radu Simionescu
|
|
If the precision is indeed shorter than the string, don't strlen() to
find the end because that's not how the precision operator works.
I also added a unit test for curl_msnprintf to make sure this works and
that the fix doesn't a few other basic use cases. I found a POSIX
compliance problem that I marked TODO in the unit test, and I figure we
need to add more tests in the future.
Reported-by: Török Edwin
|
|
Commit 07b66cbfa4 unfortunately broke native NTLM message support in
compilers, such as VC6, VC7 and others, that don't support long long
type declarations. This commit fixes VC6 and VC7 as they support the
__int64 extension, however, we should consider an additional fix for
other compilers that don't support this.
|
|
Fixed the HAVE_LONGLONG declaration as long long is supported in Visual
Studio .NET 2003 (VC7.1) onwards.
|
|
So printf(%s) on it or reading before bounds checking is wrong, fixing
it. Could previously lead to reading out of boundary.
Reported-by: Török Edwin
|
|
|
|
|
|
|
|
commit 6d5f40238028f2d8c (Apr 27) or later nghttp2 is now required
|
|
set.infilesize in this case was modified in several places, which could
lead to repeated requests using the same handle to get unintendent/wrong
consequences based on what the previous request did!
|
|
... during the non-blocking SSL handshake
|
|
This makes the findprotocol() function work as intended so that libcurl
can properly be restricted to not support HTTP while still supporting
HTTPS - since the HTTPS handler previously set both the HTTP and HTTPS
bits in the protocol field.
This fixes --proto and --proto-redir for most SSL protocols.
This is done by adding a few new convenience defines that groups HTTP
and HTTPS, FTP and FTPS etc that should then be used when the code wants
to check for both protocols at once. PROTO_FAMILY_[protocol] style.
Bug: https://github.com/bagder/curl/pull/97
Reported-by: drizzt
|
|
Versions since at least 2.9.4 renamed error.h to error-ssl.h, so use
whichever one is available.
|
|
gnutls_x509_crt_import() must not be called with a NULL certificate
Bug: http://curl.haxx.se/mail/lib-2014-04/0145.html
Reported-by: Damian Dixon
|
|
As this makes curl_global_init_mem() behave the same way as
curl_global_init() already does in that aspect - the same number of
curl_global_cleanup() calls is then required to again decrease the
counter and then eventually do the cleanup.
Bug: http://curl.haxx.se/bug/view.cgi?id=1362
Reported-by: Tristan
|
|
|
|
|
|
ufds might not be allocated in case nfds overflows to zero while
extra_nfds is still non-zero. udfs is then accessed within the
extra_nfds-based for loop.
|
|
|
|
|
|
|
|
|
|
|
|
Follow up on b0e742544be22ede33206a597b22682e51e0c676
|
|
|
|
In case the first address in the tempaddr array is NULL,
the code would previously dereference an unchecked null pointer.
|
|
|
|
The FreeContextBuffer SAL declaration does not declare the pointer
as optional, therefore it must not be NULL.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Added support for parsing query strings from the URL as defined by
RFC-5092.
|
|
|
|
Should a command return untagged responses that contained no data then
the imap_matchresp() function would not detect them as valid responses,
as it wasn't taking the CRLF characters into account at the end of each
line.
|
|
|
|
|
|
Given that we presently support "auth" and not "auth-int" or "auth-conf"
for native challenge-response messages, added client side validation of
the quality-of-protection options from the server's challenge message.
|
|
Bug: http://curl.haxx.se/mail/lib-2014-04/0063.html
Reported-by: Jeroen Koekkoek
|
|
To avoid urldata.h being included from the header file or that the
source file has the correct include order as highlighted by one of
the auto builds recently.
|
|
warning: no previous prototype for 'Curl_sasl_create_digest_md5_message'
|
|
|
|
warning: 'sasl_digest_get_key_value' defined but not used
|
|
|
|
|
|
* Added comments to SSPI NTLM message generation
* Added comments to native DIGEST-MD5 code
* Removed redundant identity pointer
|