Age | Commit message (Collapse) | Author |
|
|
|
|
|
When a username and password are provided in the URL, they were wrongly
removed from the stored URL so that subsequent uses of the same URL
wouldn't find the crendentials. This made doing HTTP auth with multiple
connections (like Digest) mishave.
Regression from 46e164069d1a5230 (7.62.0)
Test case 335 added to verify.
Reported-by: Mike Crowe
Fixes #4228
Closes #4229
|
|
... instead of having them in quicsocket
|
|
Closes #4225
|
|
|
|
|
|
|
|
|
|
|
|
Closes #4220
|
|
|
|
With HTTP/3 libs and plenty TLS libs, I manged to hit the limit (which
causes a truncated output).
|
|
- Add new error code CURLE_AUTH_ERROR.
Prior to this change auth function errors were signaled by
CURLE_OUT_OF_MEMORY and CURLE_RECV_ERROR, and neither one was
technically correct.
Ref: https://github.com/curl/curl/pull/3848
Co-authored-by: Dominik Hölzl
Closes https://github.com/curl/curl/pull/3864
|
|
SSL_VersionRangeGetDefault returns (TLSv1.0, TLSv1.2) as supported
range in NSS 3.45. It looks like the intention is to raise the minimum
version rather than lowering the maximum, so adjust accordingly. Note
that the caller (nss_setup_connect) initializes the version range to
(TLSv1.0, TLSv1.3), so there is no need to check for >= TLSv1.0 again.
Closes #4187
Reviewed-by: Daniel Stenberg
Reviewed-by: Kamil Dudka
|
|
|
|
|
|
|
|
Closes #4217
|
|
Closes #4216
|
|
This commit makes sending HTTP/3 request with nghttp3 work. It
minimally receives HTTP response and calls nghttp3 callbacks, but no
processing is made at the moment.
Closes #4215
|
|
|
|
- checked for by configure
- updated docs/HTTP3.md
- shown in the version string
Closes #4210
|
|
This avoids EBADF errors from EPOLL_CTL_DEL operations in the
ephiperfifo.c example. EBADF is dangerous in multi-threaded
applications where I rely on epoll_ctl to operate on the same
epoll description from different threads.
Follow-up to eb9a604f8d7db8
Bug: https://curl.haxx.se/mail/lib-2019-08/0026.html
Closes #4211
|
|
Closes #4212
|
|
|
|
Closes #4209
|
|
There's no use for this anymore and it was never in a release.
Closes #4206
|
|
Closes #4204
|
|
|
|
So that users can mask in/out specific HTTP versions when Alt-Svc is
used.
- Removed "h2c" and updated test case accordingly
- Changed how the altsvc struct is laid out
- Added ifdefs to make the unittest run even in a quiche-tree
Closes #4201
|
|
Closes #4200
|
|
RFC 7838 section 5:
When using an alternative service, clients SHOULD include an Alt-Used
header field in all requests.
Removed CURLALTSVC_ALTUSED again (feature is still EXPERIMENTAL thus
this is deemed ok).
You can disable sending this header just like you disable any other HTTP
header in libcurl.
Closes #4199
|
|
Even though it cannot fall-back to a lower HTTP version automatically. The
safer way to upgrade remains via CURLOPT_ALTSVC.
CURLOPT_H3 no longer has any bits that do anything and might be removed
before we remove the experimental label.
Updated the curl tool accordingly to use "--http3".
Closes #4197
|
|
This is only the libcurl part that provides the information. There's no
user of the parsed value. This change includes three new tests for the
parser.
Ref: #3794
|
|
It can't be set for CURLOPT_HTTP_VERSION, but it can be extracted with
CURLINFO_HTTP_VERSION.
|
|
|
|
|
|
|
|
|
|
Added the ability for the calling program to specify the authorisation
identity (authzid), the identity to act as, in addition to the
authentication identity (authcid) and password when using SASL PLAIN
authentication.
Fixes #3653
Closes #3790
NOTE: This commit was cherry-picked and is part of a series of commits
that added the authzid feature for upcoming 7.66.0. The series was
temporarily reverted in db8ec1f so that it would not ship in a 7.65.x
patch release.
Closes https://github.com/curl/curl/pull/4186
|
|
Closes #4184
|
|
Repeatedly we see problems where using curl_multi_wait() is difficult or
just awkward because if it has no file descriptor to wait for
internally, it returns immediately and leaves it to the caller to wait
for a small amount of time in order to avoid occasional busy-looping.
This is often missed or misunderstood, leading to underperforming
applications.
This change introduces curl_multi_poll() as a replacement drop-in
function that accepts the exact same set of arguments. This function
works identically to curl_multi_wait() - EXCEPT - for the case when
there's nothing to wait for internally, as then this function will by
itself wait for a "suitable" short time before it returns. This
effectiely avoids all risks of busy-looping and should also make it less
likely that apps "over-wait".
This also changes the curl tool to use this funtion internally when
doing parallel transfers and changes curl_easy_perform() to use it
internally.
Closes #4163
|
|
... and remove some verbose messages we don't need. Made transfers from
facebook.com work better.
|
|
|
|
|
|
- enable debug log
- fix use of quiche API
- use download buffer
- separate header/body
Closes #4193
|
|
As the plan has been laid out in DEPRECATED. Update docs accordingly and
verify in test 1174. Now requires the option to be set to allow HTTP/0.9
responses.
Closes #4191
|
|
|
|
|