aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2015-11-12sasl_sspi: fix identity memory leak in digest authenticationStefan Bühler
2015-11-12sasl_sspi: fixed unicode build for digest authenticationStefan Bühler
Closes #525
2015-11-12oauth2: Re-factored OAuth 2.0 state variableSteve Holme
2015-11-12sasl: Don't choose OAuth 2.0 if mechanism not advertisedSteve Holme
Regression from commit 9e8ced9890 which meant if --oauth2-bearer was specified but the SASL mechanism wasn't supported by the server then the mechanism would be chosen.
2015-11-11oauth2: Introduced support for host and port detailsSteve Holme
Added support to the OAuth 2.0 message function for host and port, in order to accommodate the official OAUTHBEARER SASL mechanism which is to be added shortly.
2015-11-11curl_setup.h: Removed duplicate CURL_DISABLE_RTSP when HTTP_ONLY definedSteve Holme
2015-11-11cmake: Add missing feature macros in config header (Part 2)Steve Holme
In addition to commit a215381c94 added the RTSP, RTMP and SMB protocols.
2015-11-10cmake: Add missing feature macros in config headerDouglas Creager
The curl_config.h file can be generated either from curl_config.h.cmake or curl_config.h.in, depending on whether you're building using CMake or the autotools. The CMake template header doesn't include entries for all of the protocols that you can disable, which (I think) means that you can't actually disable those protocols when building via CMake. Closes #523
2015-11-10BoringSSL: Work with stricter BIO_get_mem_data()Douglas Creager
BoringSSL implements `BIO_get_mem_data` as a function, instead of a macro, and expects the output pointer to be a `char **`. We have to add an explicit cast to grab the pointer as a `const char **`. Closes #524
2015-11-10http2: rectify the http2 version #if checkDaniel Stenberg
We need 1.0.0 or later. Also verified by configure.
2015-11-09oauth2: Don't use XAUTH2 in OAuth 2.0 function nameSteve Holme
2015-11-09oauth2: Don't use XOAUTH2 in OAuth 2.0 variablesSteve Holme
2015-11-09oauth2: Use OAuth 2.0 rather than XOAUTH2 in commentsSteve Holme
When referring to OAuth 2.0 we should use the official name rather the SASL mechanism name.
2015-11-09imap: avoid freeing constant stringDaniel Stenberg
The fix in 1a614c6c3 was wrong and would leed to free() of a fixed string. Pointed-out-by: Kamil Dudka
2015-11-08imap: Don't check for continuation when executing a CUSTOMREQUESTJustin Ehlert
Bug: https://github.com/bagder/curl/issues/486 Closes https://github.com/bagder/curl/pull/487
2015-11-07imap: checksrc: remove space after while before parenDaniel Stenberg
2015-11-07checksrc.whitelist: "missing space after close paren"Daniel Stenberg
... when it was within a string!
2015-11-07imap: Quote other 'atom-specials' and not just the space characterSteve Holme
Closes #517
2015-11-07imap: Fixed double quote in LIST command when mailbox contains spacesSteve Holme
2015-11-06imap: fix compiler warningDaniel Stenberg
imap.c:657:13: error: assignment discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
2015-11-06imap: Don't call imap_atom() when no mailbox specified in LIST commandSteve Holme
2015-11-06getinfo: CURLINFO_ACTIVESOCKET: fix bad socket valueJay Satiro
- Set user info param to the socket returned by Curl_getconnectinfo, regardless of if the socket is bad. Effectively this means the user info param now will receive CURL_SOCKET_BAD instead of -1 on bad socket. - Remove incorrect comments. CURLINFO_ACTIVESOCKET is documented to write CURL_SOCKET_BAD to user info param but prior to this change it wrote -1. Bug: https://github.com/bagder/curl/pull/518 Reported-by: Marcel Raad
2015-11-05curl_ntlm_core: fix 2 curl_off_t constant overflows.Patrick Monnerat
2015-11-02rawstr: Speed up Curl_raw_toupper by 40%Lauri Kasanen
Rationale: when starting up a curl-using app, all cookies from the jar are checked against each other. This was causing a startup delay in the Fifth browser. All tests pass. Signed-off-by: Lauri Kasanen <cand@gmx.com>
2015-11-02http redirects: %-encode bytes outside of ascii rangeDaniel Stenberg
Apparently there are sites out there that do redirects to URLs they provide in plain UTF-8 or similar. Browsers and wget %-encode such headers when doing a subsequent request. Now libcurl does too. Added test 1138 to verify. Closes #473
2015-11-02formadd: support >2GB files on windowsDaniel Stenberg
Closes #425
2015-10-31curl.h: s/HTTPPOST_/CURL_HTTPOST_Daniel Stenberg
Fixes a name space pollution at the cost of programs using one of these defines will no longer compile. However, the vast majority of libcurl programs that do multipart formposts use curl_formadd() to build this list. Closes #506
2015-10-29mbedtls: fix "Structurally dead code"Daniel Stenberg
CID 1332129
2015-10-29mbedtls: fix "Logically dead code"Daniel Stenberg
CID 1332128
2015-10-29Revert "openssl: engine: remove double-free"Daniel Stenberg
This reverts commit 370ee919b37cc9a46c36428b2bb1527eae5db2bd. Issue #509 has all the details but it was confirmed that the crash was not due to this, so the previous commit was wrong.
2015-10-27openssl: engine: remove double-freeDaniel Stenberg
After a successful call to SSL_CTX_use_PrivateKey(), we must not call EVP_PKEY_free() on the key. Reported-by: nased0 Closes #509
2015-10-27socks: Fix incorrect port numbers in failed connect messagesJay Satiro
2015-10-23polarssl/mbedtls: fix name space pollutionDaniel Stenberg
Global private symbols MUST start with Curl_!
2015-10-23mbedTLS: THREADING_SUPPORT compilation fixDmitry S. Baikov
Closes #505
2015-10-23ftp: allow CURLOPT_IGNORE_CONTENT_LENGTH to ignore sizeKurt Fankhauser
This allows FTP transfers with growing (or shrinking) files without causing a transfer error. Closes #480
2015-10-23http2: s/priority/weightDaniel Stenberg
2015-10-23http2: on_frame_recv: trust the conn/data inputDaniel Stenberg
Removed wrong assert()s The 'conn' passed in as userdata can be used and there can be other sessionhandles ('data') than the single one this checked for.
2015-10-23http2: added three stream prio/deps optionsDaniel Stenberg
CURLOPT_STREAM_DEPENDS CURLOPT_STREAM_DEPENDS_E CURLOPT_STREAM_PRIORITY
2015-10-22mbedtls:new profile with RSA min key len = 1024.m-gardet
Closes #502
2015-10-21checksrc: add crude // detectionDaniel Stenberg
2015-10-21build: fix for MSDOS/djgppGisle Vanem
- Add a VPATH-statement for the vtls/*.c files. - Due to 'vtls/*.c', remove that subdir part from $(OBJECTS).
2015-10-20copyrights: update Gisle Vanem's emailDaniel Stenberg
2015-10-20vtls: fix compiler warning for TLS backends without sha256Daniel Stenberg
... noticed with mbedTLS.
2015-10-20vtls: added support for mbedTLSJonas Minnberg
closes #496
2015-10-17cookies: Add support for Mozilla's Publix Suffix ListTim Rühsen
Use libpsl to check the domain value of Set-Cookie headers (and cookie jar entries) for not being a Publix Suffix. The configure script checks for "libpsl" by default. Disable the check with --without-libpsl. Ref: https://publicsuffix.org/ Ref: https://github.com/publicsuffix/list Ref: https://github.com/rockdaboot/libpsl
2015-10-16http2: Don't pass unitialized name+len pairs to nghttp2_submit_requestAnders Bakken
bug introduced by 18691642931e5c7ac8af83ac3a84fbcb36000f96. Closes #493
2015-10-16multi: fix off-by-one finit[] array sizeDaniel Stenberg
introduced in c6aedf680f6. It needs to be CURLM_STATE_LAST big since it must hande the range 0 .. CURLM_STATE_MSGSENT (18) and CURLM_STATE_LAST is 19 right now. Reported-by: Dan Fandrich Bug: http://curl.haxx.se/mail/lib-2015-10/0069.html
2015-10-15fread_func: move callback pointer from set to state structDaniel Stenberg
... and assign it from the set.fread_func_set pointer in the Curl_init_CONNECT function. This A) avoids that we have code that assigns fields in the 'set' struct (which we always knew was bad) and more importantly B) it makes it impossibly to accidentally leave the wrong value for when the handle is re-used etc. Introducing a state-init functionality in multi.c, so that we can set a specific function to get called when we enter a state. The Curl_init_CONNECT is thus called when switching to the CONNECT state. Bug: https://github.com/bagder/curl/issues/346 Closes #346
2015-10-11openssl: Fix set up of pkcs12 certificate verification chainErik Johansson
sk_X509_pop will decrease the size of the stack which means that the loop would end after having added only half of the certificates. Also make sure that the X509 certificate is freed in case SSL_CTX_add_extra_chain_cert fails.
2015-10-09ntlm: error out without 64bit support as the code needs itDaniel Stenberg
It makes it a clearer message for developers reaching that point without the necessary support. Thanks-by: Jay Satiro Closes #78