| Age | Commit message (Collapse) | Author | 
|---|
|  | Closes #4423 | 
|  | Instead of showing the somewhat nonsensical errno number, use strerror()
to provide a more relatable error message.
Closes #4411 | 
|  | Prior to this change non-ssl/non-ssh connections that were reused set
TIMER_APPCONNECT [1]. Arguably that was incorrect since no SSL/SSH
handshake took place.
[1]: TIMER_APPCONNECT is publicly known as CURLINFO_APPCONNECT_TIME in
libcurl and %{time_appconnect} in the curl tool. It is documented as
"the time until the SSL/SSH handshake is completed".
Reported-by: Marcel Hernandez
Ref: https://github.com/curl/curl/issues/3760
Closes https://github.com/curl/curl/pull/3773 | 
|  | - convert some of them to H3BUF() calls to infof()
- remove some of them completely
- made DEBUG_HTTP3 defined only if CURLDEBUG is set for now
Closes #4421 | 
|  | Closes #4403 | 
|  |  | 
|  | Follow-up to d176a2c7e5 | 
|  | The parser would check for a query part before fragment, which caused it
to do wrong when the fragment contains a question mark.
Extended test 1560 to verify.
Reported-by: Alex Konev
Fixes #4412
Closes #4413 | 
|  | As libcurl now uses these 2 system functions, wrappers are needed on os400
to convert returned AF_UNIX sockaddrs to ascii.
This is a follow-up to commit 7fb54ef.
See also #4037.
Closes #4214 | 
|  | Casing mistake in Curl_raw_tolower 'X' wasn't lowercased as 'x' prior to
this change.
Follow-up to 0023fce which added the function several days ago.
Ref: https://github.com/curl/curl/pull/4401#discussion_r327396546
Closes https://github.com/curl/curl/pull/4408 | 
|  | PVS-Studio warning
Fixes #4402 | 
|  | PVS-Studio warning
Fixes #4402 | 
|  | PVS-Studio warning
Fixed #4402 | 
|  | PVS-Studio warning
Fixes #4402 | 
|  | PVS-Studio warning
Fixes #4402 | 
|  | PVS-Studio warning
Fixes #4402 | 
|  | PVS-Studio warning
Fixes #4402 | 
|  | Otherwise curl may be told to use for instance pop3 to
communicate with the doh server, which most likely
is not what you want.
Found through fuzzing.
Closes #4406 | 
|  | Closes #4406 | 
|  | Closes #4401
Fixes #4400 | 
|  | Curl_timeleft returns `timediff_t`, which is 64 bits wide also on
32-bit systems since commit b1616dad8f0.
Closes https://github.com/curl/curl/pull/4398 | 
|  | It was already fixed for BoringSSL in commit a0f8fccb1e0.
LibreSSL has had the second argument to SSL_CTX_set_min_proto_version
as uint16_t ever since the function was added in [0].
[0] https://github.com/libressl-portable/openbsd/commit/56f107201baefb5533486d665a58d8f57fd3aeda
Closes https://github.com/curl/curl/pull/4397 | 
|  | Prior to this change when a server returned a socks5 connect error then
curl would parse the destination address:port from that data and show it
to the user as the destination:
curld -v --socks5 10.0.3.1:1080 http://google.com:99
* SOCKS5 communication to google.com:99
* SOCKS5 connect to IPv4 172.217.12.206 (locally resolved)
* Can't complete SOCKS5 connection to 253.127.0.0:26673. (1)
curl: (7) Can't complete SOCKS5 connection to 253.127.0.0:26673. (1)
That's incorrect because the address:port included in the connect error
is actually a bind address:port (typically unused) and not the
destination address:port. This fix changes curl to show the destination
information that curl sent to the server instead:
curld -v --socks5 10.0.3.1:1080 http://google.com:99
* SOCKS5 communication to google.com:99
* SOCKS5 connect to IPv4 172.217.7.14:99 (locally resolved)
* Can't complete SOCKS5 connection to 172.217.7.14:99. (1)
curl: (7) Can't complete SOCKS5 connection to 172.217.7.14:99. (1)
curld -v --socks5-hostname 10.0.3.1:1080 http://google.com:99
* SOCKS5 communication to google.com:99
* SOCKS5 connect to google.com:99 (remotely resolved)
* Can't complete SOCKS5 connection to google.com:99. (1)
curl: (7) Can't complete SOCKS5 connection to google.com:99. (1)
Ref: https://tools.ietf.org/html/rfc1928#section-6
Closes https://github.com/curl/curl/pull/4394 | 
|  | Closes #4395 | 
|  | Follow-up from 03ebe66d70 | 
|  | Closes #4387
Fixes #4379 | 
|  | Closes #4382 | 
|  | As the loop discards cookies without domain set. This bug would lead to
qsort() trying to sort uninitialized pointers. We have however not found
it a security problem.
Reported-by: Paul Dreik
Closes #4386 | 
|  | If the input hostname is "[", hlen will underflow to max of size_t when
it is subtracted with 2.
hostname[hlen] will then cause a warning by ubsanitizer:
runtime error: addition of unsigned offset to 0x<snip> overflowed to
0x<snip>
I think that in practice, the generated code will work, and the output
of hostname[hlen] will be the first character "[".
This can be demonstrated by the following program (tested in both clang
and gcc, with -O3)
int main() {
  char* hostname=strdup("[");
  size_t hlen = strlen(hostname);
  hlen-=2;
  hostname++;
  printf("character is %d\n",+hostname[hlen]);
  free(hostname-1);
}
I found this through fuzzing, and even if it seems harmless, the proper
thing is to return early with an error.
Closes #4389 | 
|  | Closes #4392 | 
|  | Fixes warning detected by PVS-Studio
Fixes #4374 | 
|  | Fixes warning detected by PVS-Studio
Fixes #4374 | 
|  | Fixes warning detected by PVS-Studio
Fixes #4374 | 
|  | Fixes warning detected by PVS-Studio
Fixes #4374 | 
|  | Fixes bug detected by PVS-Studio
Fixes #4374 | 
|  | Fixes warning detected by PVS-Studio
Fixes #4374 | 
|  | Fixes warning detected by PVS-Studio
Fixes #4374 | 
|  | Fixes warning detected by PVS-Studio
Fixes #4374 | 
|  | Fixes warning detected by PVS-Studio
Fixes #4374 | 
|  | Fixes warning detected by PVS-Studio
Fixes #4374 | 
|  | Fixes warning detected by PVS-Studio
Fixes #4374 | 
|  | Fixes warning detected by PVS-Studio
Fixes #4374 | 
|  | Fixes warning detected by PVS-Studio
Fixes #4374 | 
|  | Fixes warning detected by PVS-Studio
Fixes #4374 | 
|  | ... both !result and (ftp->transfer != FTPTRANSFER_BODY)!
Fixes warning detected by PVS-Studio
Fixes #4374 | 
|  | Fixes warning detected by PVS-Studio
Fixes #4374 | 
|  | Fixes warning detected by PVS-Studio
Fixes #4374 | 
|  | Fixes warning detected by PVS-Studio
Fixes #4374 | 
|  | Fixes warning detected by PVS-Studio
Fixes #4374
Reported-by: Valerii Zapodovnikov | 
|  | Closes #4381 |