Age | Commit message (Collapse) | Author |
|
lib/vtls/openssl.c has a workaround for a bug with OCSP responses signed
by intermediate certs, this was fixed in LibreSSL in
https://github.com/libressl-portable/openbsd/commit/912c64f68f7ac4f225b7d1fdc8fbd43168912ba0
Bug: https://curl.haxx.se/mail/lib-2017-06/0038.html
|
|
Bug: https://github.com/curl/curl/issues/1540
Advisory: https://curl.haxx.se/docs/adv_20170614.html
Assisted-by: Ray Satiro
Reported-by: Marcel Raad
|
|
... and return error instead of triggering an assert() when being way
out of range.
|
|
|
|
With the introduction of expire IDs and the fact that existing timers
can be removed now and thus never expire, the concept with adding a
"latest" timer is not working anymore as it risks to not expire at all.
So, to be certain the timers actually are in line and will expire, the
plain Curl_expire() needs to be used. The _latest() function was added
as a sort of shortcut in the past that's quite simply not necessary
anymore.
Follow-up to 31b39c40cf90
Reported-by: Paul Harris
Closes #1555
|
|
... as it would previously just get the "now" timestamp before the
transfer starts and then not update it again.
Closes #1550
|
|
mk-lib1521.pl generates a test program (lib1521.c) that calls
curl_easy_setopt() for every known option with a few typical values to
make sure they work (ignoring the return codes).
Some small changes were necessary to avoid asserts and NULL accesses
when doing this.
The perl script needs to be manually rerun when we add new options.
Closes #1543
|
|
This was the only remaining use of toupper in the entire source code.
Suggested-by: Daniel Stenberg
|
|
Otherwise, clang on Cygwin64 warns:
curl_ntlm_core.c:525:35: error: array subscript is of type 'char'
[-Werror,-Wchar-subscripts]
dest[2 * i] = (unsigned char)(toupper(src[i]));
^~~~~~~~~~~~~~~
/usr/include/ctype.h:152:25: note: expanded from macro 'toupper'
(void) __CTYPE_PTR[__x]; (toupper) (__x);})
^~~~
|
|
|
|
This fixes the following warning with CURL_DISABLE_CRYPTO_AUTH,
as seen in the autobuilds:
curl_sasl.c:417:9: warning: unused variable 'serverdata'
[-Wunused-variable]
|
|
cyassl/ssl.h needs the macros from cyassl/options.h, so define them
before including cyassl/ssl.h the first time, which happens in
urldata.h.
This broke the build on Ubuntu Xenial, which comes with WolfSSL 3.4.8
and therefore redefines the symbols from cyassl/options.h instead of
including the header.
Closes https://github.com/curl/curl/pull/1536
|
|
Found when updating test 1395, which I did to increase test coverage of
this source file...
Closes #1535
|
|
mbedtls_x509_crt_profile_fr is only used locally.
This fixes a missing-variable-declarations warning with clang.
|
|
Unaligned access is on purpose here and the warning is harmless on
affected architectures. GCC knows that, while clang warns on all
architectures.
|
|
Closes #1529
|
|
Closes #1528
|
|
... with a strlen() if no size was set, and do this in the pretransfer
function so that the info is set early. Otherwise, the default strlen()
done on the POSTFIELDS data never sets state.infilesize.
Reported-by: Vincas Razma
Bug: #1294
|
|
vtls/mbedtls.c:804:69: warning: declaration of 'entropy' shadows a global declaration [-Wshadow]
CURLcode Curl_mbedtls_random(struct Curl_easy *data, unsigned char *entropy,
^~~~~~~
|
|
follow-up to f31760e63b4e
Reported-by: Michael Kaufmann
Bug: https://github.com/curl/curl/pull/1495#issuecomment-303982793
|
|
Fix bugs and compiler warnings on systems with 32-bit long and
64-bit time_t.
Reviewed-by: Daniel Stenberg
Closes #1499
|
|
Test 1261 added to verify.
Reported-by: Lloyd Fournier
Fixes #1489
Closes #1497
|
|
|
|
* LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG)
* ldap: updated per build options handling
* ldap: fixed logic for auth selection
|
|
Fixed a syntax error with setting cache variables (The type and
docstring were missing), resulting in build errors. Quoted the
CURL_CA_PATH and CURL_CA_BUNDLE otherwise the path was written without
quotes in C code, resulting in build errors.
Closes #1503
Signed-off-by: Akhil <akhil.kedia@samsung.com>
|
|
follow-up to 4cdb1be8246c
|
|
.... caused by a typo in the last commit (fixing issue #1504):
memdebug.c: In function ‘curl_fclose’:
memdebug.c:444:3: error: implicit declaration of function
‘DEBUGDEBUGASSERT’ [-Werror=implicit-function-declaration]
|
|
... as it does extra checks to actually work.
Reported-by: jonrumsey at github
Fixes #1504
|
|
This is for symmetry with the autoconf generated curl_config.h.in
|
|
... as otherwise it risks not cleaning up the libssh2 handle properly
which leads to memory leak!
Assisted-by: Joel Depooter
Closes #1495
Closes #1479
Bug: https://curl.haxx.se/mail/lib-2017-04/0024.html
|
|
if no error was raised by the API but the SecIdentityRef was null
Fixes #1450
|
|
Reported-by: wyattoday at github
Fixes #1487
|
|
Closes #1400
|
|
Some code (e.g. Curl_fillreadbuffer) assumes that this buffer is not
exceedingly tiny and will break if it is. This same check is already
done at run time in the CURLOPT_BUFFERSIZE option.
|
|
|
|
The function IsPipeliningPossible() would return TRUE if either
pipelining OR HTTP/2 were possible on a connection, which would lead to
it returning TRUE even for POSTs on HTTP/1 connections.
It now returns a bitmask so that the caller can differentiate which kind
the connection allows.
Fixes #1481
Closes #1483
Reported-by: stootill at github
|
|
Tested with servers: IIS 7.5; OpenSSL 1.0.2.
Closes https://github.com/curl/curl/pull/1475
|
|
clang 5.0 complains:
possible misuse of comma operator here [-Wcomma]
Change the comma to a semicolon to fix that.
|
|
... since the total amount is low this is faster, easier and reduces
memory overhead.
Also, Curl_expire_done() can now mark an expire timeout as done so that
it never times out.
Closes #1472
|
|
A) reduces the timeout lists drastically
B) prevents a lot of superfluous loops for timers that expires "in vain"
when it has actually already been extended to fire later on
|
|
... to really make sure the boundary fits in the target buffer.
Fixes unused parameter 'buflen' warning.
Reported-by: Michael Kaufmann
Bug: https://github.com/curl/curl/pull/1468#issuecomment-300078754
|
|
When the random seed is purposely made predictable for testing purposes
by using the CURL_ENTROPY environment variable, process that data in an
endian agnostic way so the the initial random seed is the same
regardless of endianness.
- Change Curl_rand to write to a char array instead of int array.
- Add Curl_rand_hex to write random hex characters to a buffer.
Fixes #1315
Closes #1468
Co-authored-by: Daniel Stenberg
Reported-by: Michael Kaufmann
|
|
Don't do anything in this file if CURLRES_THREADED is not defined.
|
|
The cases this warns about are handled elsewhere, so just use an
intermediate variable to silence the warning.
|
|
|
|
SEND_QUAL_ARG2 had to be set, but was never used. Use it in swrite to
avoid warnings about casting away low-level const.
Closes https://github.com/curl/curl/pull/1464
|
|
Fix the following warnings when building the tests by using the correct
types:
cast from 'const char *' to 'void *' drops const qualifier
[-Wcast-qual]
implicit conversion changes signedness [-Wsign-conversion]
|
|
Previous TODO wanting to write in chunks. We should support writing more
at once since some TELNET servers may respond immediately upon first
byte written such as WHOIS servers.
Closes #1389
|
|
|
|
|