aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2018-02-20hostip: fix 'potentially uninitialized variable' warningJay Satiro
Follow-up to 50d1b33. Caught by AppVeyor.
2018-02-20CURLOPT_RESOLVE: Add support for multiple IP addresses per entryAnders Bakken
This enables users to preresolve but still take advantage of happy eyeballs and trying multiple addresses if some are not connecting. Ref: https://github.com/curl/curl/pull/2260
2018-02-16header callback: don't chop headers into smaller piecesDaniel Stenberg
Reported-by: Guido Berhoerster Fixes #2314 Closes #2316
2018-02-16http: fix the max header length detection logicDaniel Stenberg
Previously, it would only check for max length if the existing alloc buffer was to small to fit it, which often would make the header still get used. Reported-by: Guido Berhoerster Bug: https://curl.haxx.se/mail/lib-2018-02/0056.html Closes #2315
2018-02-16ssh: add two missing state namesDaniel Stenberg
The list of state names (used in debug builds) was out of sync in relation to the list of states (used in all builds). I now added an assert to make sure the sizes of the two lists match, to aid in detecting this mistake better in the future. Regression since c92d2e14cf, shipped in 7.58.0. Reported-by: Somnath Kundu Fixes #2312 Closes #2313
2018-02-15non-ascii: fix implicit declaration warningJay Satiro
Follow-up to b46cfbc. Caught by Travis CI.
2018-02-15nss: use PK11_CreateManagedGenericObject() if availableKamil Dudka
... so that the memory allocated by applications using libcurl does not grow per each TLS connection. Bug: https://bugzilla.redhat.com/1510247 Closes #2297
2018-02-15TODO fixed: Detect when called from within callbacksBjörn Stenberg
Closes #2302
2018-02-13curl_gssapi: make sure this file too uses our *printf()Daniel Stenberg
2018-02-12smtp: fix processing of initial dot in dataPatrick Monnerat
RFC 5321 4.1.1.4 specifies the CRLF terminating the DATA command should be taken into account when chasing the <CRLF>.<CRLF> end marker. Thus a leading dot character in data is also subject to escaping. Tests 911 and test server are adapted to this situation. New tests 951 and 952 check proper handling of initial dot in data. Closes #2304
2018-02-12sha256: avoid redefineDaniel Stenberg
2018-02-12sha256: build with OpenSSL < 0.9.8 tooDouglas Mencken
support for SHA-2 was introduced in OpenSSL 0.9.8 Closes #2305
2018-02-12http_chunks: don't write chunks twice with CURLOPT_HTTP_TRANSFER_DECODING onPatrick Monnerat
Bug: #2303 Reported-By: Henry Roeland
2018-02-09get_posix_time: only check for overflows if they can happen!Daniel Stenberg
2018-02-09schannel: fix "no previous prototype" compiler warningMichael Kaufmann
2018-02-09content_encoding: Add "none" alias to "identity"Mohammad AlSaleh
Some servers return a "content-encoding" header with a non-standard "none" value. Add "none" as an alias to "identity" as a work-around, to avoid unrecognised content encoding type errors. Signed-off-by: Mohammad AlSaleh <CE.Mohammad.AlSaleh@gmail.com> Closes https://github.com/curl/curl/pull/2298
2018-02-08schannel: fix compiler warningsMichael Kaufmann
Closes #2296
2018-02-07curl_addrinfo.c: Allow Unix Domain Sockets to compile under WindowsSteve Holme
Windows 10.0.17061 SDK introduces support for Unix Domain Sockets. Added the necessary include file to curl_addrinfo.c. Note: The SDK (which is considered beta) has to be installed, VS 2017 project file has to be re-targeted for Windows 10.0.17061 and #define enabled in config-win32.h.
2018-02-07fnmatch: optimize processing of consecutive *s and ?s pattern charactersPatrick Monnerat
Reported-By: Daniel Stenberg Fixes #2291 Closes #2293
2018-02-06openssl: Don't add verify locations when verifypeer==0Patrick Schlangen
When peer verification is disabled, calling SSL_CTX_load_verify_locations is not necessary. Only call it when verification is enabled to save resources and increase performance. Closes #2290
2018-02-05formdata: use the mime-content type functionDaniel Stenberg
Reduce code duplication by making Curl_mime_contenttype available and used by the formdata function. This also makes the formdata function recognize a set of more file extensions by default. PR #2280 brought this to my attention. Closes #2282
2018-02-02getdate: return -1 for out of rangeDaniel Stenberg
...as that's how the function is documented to work. Reported-by: Michael Kaufmann Bug found in an autobuild with 32 bit time_t Closes #2278
2018-02-01time_t-fixes: remove typecasts to 'long' for info.filetimeDaniel Stenberg
They're now wrong. Reported-by: Michael Kaufmann Closes #2277
2018-01-31curl_setup: move the precautionary define of SIZEOF_TIME_TDaniel Stenberg
... up to before it may be used for the TIME_T_MAX/MIN logic. Reported-by: Michael Kaufmann
2018-01-31parsedate: s/#if/#ifdefDaniel Stenberg
Reported-by: Michael Kaufmann Bug: https://github.com/curl/curl/commit/1c39128d974666107fc6d9ea15f294036851f224#commitcomment-27246479
2018-01-31fnmatch: pattern syntax can no longer failPatrick Monnerat
Whenever an expected pattern syntax rule cannot be matched, the character starting the rule loses its special meaning and the parsing is resumed: - backslash at the end of pattern string matches itself. - Error in [:keyword:] results in set containing :\[dekorwy. Unit test 1307 updated for this new situation. Closes #2273
2018-01-31fnmatch: accept an alphanum to be followed by a non-alphanum in char setPatrick Monnerat
Also be more tolerant about set pattern syntax. Update unit test 1307 accordingly. Bug: https://curl.haxx.se/mail/lib-2018-01/0114.html
2018-01-31fnmatch: do not match the empty string with a character setPatrick Monnerat
2018-01-30http2: set DEBUG_HTTP2 to enable more HTTP/2 loggingDaniel Stenberg
... instead of doing it unconditionally in debug builds. It cluttered up the output a little too much.
2018-01-30file: Check the return code from Curl_range and bail out on errorMax Dymond
2018-01-30Curl_range: add check to ensure "from <= to"Max Dymond
2018-01-30Curl_range: commonize FTP and FILE range handlingMax Dymond
Closes #2205
2018-01-30time: support > year 2038 time stamps for system with 32bit longDaniel Stenberg
... with the introduction of CURLOPT_TIMEVALUE_LARGE and CURLINFO_FILETIME_T. Fixes #2238 Closes #2264
2018-01-30curl_easy_reset: clear digest auth stateDaniel Stenberg
Bug: https://curl.haxx.se/mail/lib-2018-01/0074.html Reported-by: Ruurd Beerstra Fixes #2255 Closes #2272
2018-01-29curl_ctype: private is*() type macros and functionsDaniel Stenberg
... since the libc provided one are locale dependent in a way we don't want. Also, the "native" isalnum() (for example) works differently on different platforms which caused test 1307 failures on macos only. Closes #2269
2018-01-25GSKit: restore pinnedpubkey functionalitymoparisthebest
inadvertently removed in 283babfaf8d8f3bab9d3c63cea94eb0b84e79c37 Closes #2263
2018-01-25darwinssl: Don't import client certificates into Keychain on macOSDair Grant
Closes #2085
2018-01-25parsedate: fix date parsing for systems with 32 bit longDaniel Stenberg
Make curl_getdate() handle dates before 1970 as well (returning negative values). Make test 517 test dates for 64 bit time_t. This fixes bug (3) mentioned in #2238 Closes #2250
2018-01-25openssl: fix pinned public key build error in FIPS modeMcDonough, Tim
Here is a version that should work with all versions of openssl 0.9.7 through 1.1.0. Links to the docs: https://www.openssl.org/docs/man1.0.2/crypto/EVP_DigestInit.html https://www.openssl.org/docs/man1.1.0/crypto/EVP_DigestInit.html At the very bottom of the 1.1.0 documentation there is a history section that states, " stack allocated EVP_MD_CTXs are no longer supported." If EVP_MD_CTX_create and EVP_MD_CTX_destroy are not defined, then a simple mapping can be used as described here: https://wiki.openssl.org/index.php/Talk:OpenSSL_1.1.0_Changes Closes #2258
2018-01-25SChannel/WinSSL: Replace Curl_none_md5sum with Curl_schannel_md5summoparisthebest
2018-01-25SChannel/WinSSL: Implement public key pinningmoparisthebest
Closes #1429
2018-01-25cookies: remove verbose "cookie size:" outputDaniel Stenberg
It was once used for some debugging/verifying logic but should never have ended up in git!
2018-01-24Fix small typo.Gisle Vanem
2018-01-23CONNECT_TO: fail attempt to set an IPv6 numerical without IPv6 supportDaniel Stenberg
Bug: https://curl.haxx.se/mail/lib-2018-01/0087.html Reported-by: John Hascall Closes #2257
2018-01-22http: prevent custom Authorization headers in redirectsDaniel Stenberg
... unless CURLOPT_UNRESTRICTED_AUTH is set to allow them. This matches how curl already handles Authorization headers created internally. Note: this changes behavior slightly, for the sake of reducing mistakes. Added test 317 and 318 to verify. Reported-by: Craig de Stigter Bug: https://curl.haxx.se/docs/adv_2018-b3bf.html
2018-01-18http2: don't close connection when single transfer is stoppedKartik Mahajan
Fixes #2237 Closes #2249
2018-01-18SSH: Fix state machine for ssh-agent authenticationMichael Gmelin
In case an identity didn't match[0], the state machine would fail in state SSH_AUTH_AGENT instead of progressing to the next identity in ssh-agent. As a result, ssh-agent authentication only worked if the identity required happened to be the first added to ssh-agent. This was introduced as part of commit c4eb10e2f06fbd6cc904f1d78e4, which stated that the "else" statement was required to prevent getting stuck in state SSH_AUTH_AGENT. Given the state machine's logic and libssh2's interface I couldn't see how this could happen or reproduce it and I also couldn't find a more detailed description of the problem which would explain a test case to reproduce the problem this was supposed to fix. [0] libssh2_agent_userauth returning LIBSSH2_ERROR_AUTHENTICATION_FAILED Closes #2248
2018-01-18openssl: fix potential memory leak in SSLKEYLOGFILE logicDaniel Stenberg
Coverity CID 1427646.
2018-01-18openssl: fix the libressl build againDaniel Stenberg
Follow-up to 84fcaa2e7. libressl does not have the API even if it says it is late OpenSSL version... Fixes #2246 Closes #2247 Reported-by: jungle-boogie on github
2018-01-17curl_fnmatch: only allow 5 '*' sections in a single patternDaniel Stenberg
... to avoid excessive recursive calls. The number 5 is totally arbitrary and could be modified if someone has a good motivation.