| Age | Commit message (Collapse) | Author |
|---|
|
TLS servers may request a certificate from the client. This request
includes a list of 0 or more acceptable issuer DNs. The client may use
this list to determine which certificate to send. GnuTLS's default
behavior is to not send a client certificate if there is no
match. However, OpenSSL's default behavior is to send the configured
certificate. The `GNUTLS_FORCE_CLIENT_CERT` flag mimics OpenSSL
behavior.
Authored-by: jethrogb on github
Fixes #1411
Closes #4958
|
|
Spotted by 'codespell'
Closes #4957
|
|
Whilst lib\md4.c used this pre-processor, lib\md5.c and
src\tool_metalink.c did not and simply relied on the WIN32
pre-processor directive.
Reviewed-by: Marcel Raad
Closes #4955
|
|
As they were added primarily for debugging, they provide little use for
users.
Closes #4951
|
|
Follow-up to 1fc0617dcc
|
|
- Change tool_util.c tvnow() for Windows to match more closely to
timeval.c Curl_now().
- Create a win32 init function for the tool, since some initialization
is required for the tvnow() changes.
Prior to this change the monotonic time function used by curl in Windows
was determined at build-time and not runtime. That was a problem because
when curl was built targeted for compatibility with old versions of
Windows (eg _WIN32_WINNT < 0x0600) it would use GetTickCount which wraps
every 49.7 days that Windows has been running.
This change makes curl behave similar to libcurl's tvnow function, which
determines at runtime whether the OS is Vista+ and if so calls
QueryPerformanceCounter instead. (Note QueryPerformanceCounter is used
because it has higher resolution than the more obvious candidate
GetTickCount64). The changes to tvnow are basically a copy and paste but
the types in some cases are different.
Ref: https://github.com/curl/curl/issues/3309
Closes https://github.com/curl/curl/pull/4847
|
|
Follow-up to 4a4b63daa
Reported-by: Peter Piekarski
Bug: https://github.com/curl/curl/commit/4a4b63daaa01ef59b131d91e8e6e6dfe275c0f08#r37351330
|
|
... by writing the file to temp name then rename to the final when done.
Assisted-by: Jay Satiro
Fixes #4936
Closes #4942
|
|
And make the cookie save function use it.
|
|
Saves the file as "[filename].[8 random hex digits].tmp" and renames
away the extension when done.
Co-authored-by: Jay Satiro
Reported-by: Mike Frysinger
Fixes #4914
Closes #4926
|
|
Removes two entries from KNOWN_BUGS.
Closes #4907
|
|
Otherwise, a very fast single transfer ricks starving out other
concurrent transfers.
Closes #4927
|
|
This was an array indexed with sockindex but it was only ever used for
the secondary socket.
Closes #4929
|
|
Follow up to 9dc350b6.
|
|
- Deduplicate GetEnv() code.
- On Windows change ultimate call to use Windows API
GetEnvironmentVariable() instead of C runtime getenv().
Prior to this change both libcurl and the tool had their own GetEnv
which over time diverged. Now the tool's GetEnv is a wrapper around
curl_getenv (libcurl API function which is itself a wrapper around
libcurl's GetEnv).
Furthermore this change fixes a bug in that Windows API
GetEnvironmentVariable() is called instead of C runtime getenv() to get
the environment variable since some changes aren't always visible to the
latter.
Reported-by: Christoph M. Becker
Fixes https://github.com/curl/curl/issues/4774
Closes https://github.com/curl/curl/pull/4863
|
|
Follow-up to 1c4fa67e8a8fcf6
|
|
STRERROR_LEN is the constant used throughout the library to set the size
of the buffer on the stack that the curl strerror functions write to.
Prior to this change some extended length Windows error messages could
be truncated.
Closes https://github.com/curl/curl/pull/4920
|
|
- Do not say that conn->data is "cleared" by multi_done().
If the connection is in use then multi_done assigns another easy handle
still using the connection to conn->data, therefore in that case it is
not cleared.
Closes https://github.com/curl/curl/pull/4901
|
|
multi is already assigned to data->multi by curl_multi_add_handle.
Closes https://github.com/curl/curl/pull/4900
|
|
This avoids the duplication of strings when the optional AUTH and SIZE
parameters are required. It also assists with the modifications that
are part of #4892.
Closes #4903
|
|
The alt-svc cache survives a call to curl_easy_reset fine, but the file
name to use for saving the cache was cleared. Now the alt-svc cache has
a copy of the file name to survive handle resets.
Added test 1908 to verify.
Reported-by: Craig Andrews
Fixes #4898
Closes #4902
|
|
Provide the failure reason in the failf() info just as we do for the
libidn2 version of code.
Closes #4899
|
|
|
|
RFC 7616 section 3.4 (The Authorization Header Field) states that "For
historical reasons, a sender MUST NOT generate the quoted string syntax
for the following parameters: algorithm, qop, and nc". This removes the
quoting for the algorithm parameter.
Reviewed-by: Steve Holme
Closes #4890
|
|
Closes #4887
|
|
... as this is already done much earlier in the URL parser.
Also add test case 894 that verifies that pop3 with an encodedd CR in
the user name is rejected.
Closes #4887
|
|
Reported-by: Daniel Stenberg
Closes #4886
|
|
These two stack based buffers only need to be 46 + 66 bytes instead of
256 + 1024.
Closes #4880
|
|
... and move the #ifdefs out of the functions. Addresses the fact they
were different before this change.
Reported-by: Harry Sintonen
Closes #4876
|
|
- Fixed the flag parsing to apply to specific alternative entry only, as
per RFC. The earlier code would also get totally confused by
multiprotocol header, parsing flags from the wrong part of the header.
- Fixed the parser terminating on unknown protocols, instead of skipping
them.
- Fixed a busyloop when protocol-id was present without an equal sign.
Closes #4875
|
|
|
|
...rather than the full conndata structure.
|
|
|
|
Fixes a scan-build failure on Bionic.
Closes https://github.com/curl/curl/pull/4872
|
|
Closes #4869
Reviewed-by: Emil Engler and Daniel Gustafsson
|
|
To assist with adding winbind support to the SASL NTLM authentication,
move the winbind specific data out of conndata into ntlmdata.
|
|
Follow-up to 7fc63d72333a
|
|
Closes #4868
|
|
Closes #4867
|
|
Closes #4865
|
|
While most keywords in cookies are case insensitive, these prefixes are
specified explicitly to get checked "with a case-sensitive match".
(From the 6265bis document in progress)
Ref: https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-04
Closes #4864
|
|
... since the current transfer is being killed. Setting to NULL is
wrong, leaving it pointing to 'data' is wrong since that handle might be
about to get freed.
Fixes #4845
Closes #4858
Reported-by: dmitrmax on github
|
|
In the "scheme-less" parsing case, we need to strip off credentials
first before we guess scheme based on the host name!
Assisted-by: Jay Satiro
Fixes #4856
Closes #4857
|
|
Previously it was stored in a global state which contributed to
curl_global_init's thread unsafety. This boolean is now instead figured
out in curl_multi_init() and stored in the multi handle. Less effective,
but thread safe.
Closes #4851
|
|
... and check for inconsistencies for OS400 at build time with the new
chkstrings tool.
Closes #4822
|
|
- Removed from global_init since it isn't thread-safe. The symbol will
still remain to not break compiles, it just won't have any effect going
forward.
- make the internals NOT loop on EINTR (the opposite from previously).
It only risks returning from the select/poll/wait functions early, and that
should be risk-free.
Closes #4840
|
|
Closes #4835
|
|
(and the corresponding unit test)
Closes #4842
|
|
|
|
Only ever used from within this file.
|
