aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2017-05-25ssh: fix 'left' may be used uninitializedDaniel Stenberg
follow-up to f31760e63b4e Reported-by: Michael Kaufmann Bug: https://github.com/curl/curl/pull/1495#issuecomment-303982793
2017-05-24time: fix type conversions and compiler warningsMichael Kaufmann
Fix bugs and compiler warnings on systems with 32-bit long and 64-bit time_t. Reviewed-by: Daniel Stenberg Closes #1499
2017-05-23redirect: store the "would redirect to" URL when max redirs is reachedDaniel Stenberg
Test 1261 added to verify. Reported-by: Lloyd Fournier Fixes #1489 Closes #1497
2017-05-24LDAP: fixed checksrc issueSergei Nikulov
2017-05-23LDAP: using ldap_bind_s on Windows with methods (#878)Sergei Nikulov
* LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG) * ldap: updated per build options handling * ldap: fixed logic for auth selection
2017-05-23cmake: fix build on Ubuntu 14.04Akhil Kedia
Fixed a syntax error with setting cache variables (The type and docstring were missing), resulting in build errors. Quoted the CURL_CA_PATH and CURL_CA_BUNDLE otherwise the path was written without quotes in C code, resulting in build errors. Closes #1503 Signed-off-by: Akhil <akhil.kedia@samsung.com>
2017-05-23url: fix declaration of 'pipe' shadows a global declarationDaniel Stenberg
follow-up to 4cdb1be8246c
2017-05-22memdebug: fix compilation failureKamil Dudka
.... caused by a typo in the last commit (fixing issue #1504): memdebug.c: In function ‘curl_fclose’: memdebug.c:444:3: error: implicit declaration of function ‘DEBUGDEBUGASSERT’ [-Werror=implicit-function-declaration]
2017-05-22assert: avoid, use DEBUGASSERT instead!Daniel Stenberg
... as it does extra checks to actually work. Reported-by: jonrumsey at github Fixes #1504
2017-05-21cmake: Add CURL_CA_FALLBACK to curl_config.h.cmakeSimon Warta
This is for symmetry with the autoconf generated curl_config.h.in
2017-05-20ssh: ignore timeouts during disconnectDaniel Stenberg
... as otherwise it risks not cleaning up the libssh2 handle properly which leads to memory leak! Assisted-by: Joel Depooter Closes #1495 Closes #1479 Bug: https://curl.haxx.se/mail/lib-2017-04/0024.html
2017-05-16darwinssl: Fix exception when processing a client-side certificate fileNick Zitzmann
if no error was raised by the API but the SecIdentityRef was null Fixes #1450
2017-05-16curl_sasl: fix build error with CURL_DISABLE_CRYPTO_AUTH + USE_NTLMDaniel Stenberg
Reported-by: wyattoday at github Fixes #1487
2017-05-15SecureTransport/DarwinSSL: Implement public key pinningmoparisthebest
Closes #1400
2017-05-13url.c: add a compile-time check that CURL_MAX_WRITE_SIZE is large enoughDan Fandrich
Some code (e.g. Curl_fillreadbuffer) assumes that this buffer is not exceedingly tiny and will break if it is. This same check is already done at run time in the CURLOPT_BUFFERSIZE option.
2017-05-12multi: remove leftover debug infof() calls from e9fd794a6Daniel Stenberg
2017-05-12pipeline: fix mistakenly trying to pipeline POSTsDaniel Stenberg
The function IsPipeliningPossible() would return TRUE if either pipelining OR HTTP/2 were possible on a connection, which would lead to it returning TRUE even for POSTs on HTTP/1 connections. It now returns a bitmask so that the caller can differentiate which kind the connection allows. Fixes #1481 Closes #1483 Reported-by: stootill at github
2017-05-12mbedtls: Support server renegotiation requestRon Eldor
Tested with servers: IIS 7.5; OpenSSL 1.0.2. Closes https://github.com/curl/curl/pull/1475
2017-05-11formdata: fix -Wcomma warningMarcel Raad
clang 5.0 complains: possible misuse of comma operator here [-Wcomma] Change the comma to a semicolon to fix that.
2017-05-10multi: use a fixed array of timers instead of mallocDaniel Stenberg
... since the total amount is low this is faster, easier and reduces memory overhead. Also, Curl_expire_done() can now mark an expire timeout as done so that it never times out. Closes #1472
2017-05-10multi: assign IDs to all timers and make each timer singletonDaniel Stenberg
A) reduces the timeout lists drastically B) prevents a lot of superfluous loops for timers that expires "in vain" when it has actually already been extended to fire later on
2017-05-09formboundary: convert assert into run-time checkDaniel Stenberg
... to really make sure the boundary fits in the target buffer. Fixes unused parameter 'buflen' warning. Reported-by: Michael Kaufmann Bug: https://github.com/curl/curl/pull/1468#issuecomment-300078754
2017-05-08rand: treat fake entropy the same regardless of endiannessJay Satiro
When the random seed is purposely made predictable for testing purposes by using the CURL_ENTROPY environment variable, process that data in an endian agnostic way so the the initial random seed is the same regardless of endianness. - Change Curl_rand to write to a char array instead of int array. - Add Curl_rand_hex to write random hex characters to a buffer. Fixes #1315 Closes #1468 Co-authored-by: Daniel Stenberg Reported-by: Michael Kaufmann
2017-05-07asyn-thread: fix unused macro warningsMarcel Raad
Don't do anything in this file if CURLRES_THREADED is not defined.
2017-05-07tftp: silence bad-function-cast warningMarcel Raad
The cases this warns about are handled elsewhere, so just use an intermediate variable to silence the warning.
2017-05-04schannel: return a more specific error code for SEC_E_UNTRUSTED_ROOTDan Fandrich
2017-05-04curl_setup_once: use SEND_QUAL_ARG2 for swriteMarcel Raad
SEND_QUAL_ARG2 had to be set, but was never used. Use it in swrite to avoid warnings about casting away low-level const. Closes https://github.com/curl/curl/pull/1464
2017-05-03lib: fix compiler warningsMarcel Raad
Fix the following warnings when building the tests by using the correct types: cast from 'const char *' to 'void *' drops const qualifier [-Wcast-qual] implicit conversion changes signedness [-Wsign-conversion]
2017-05-02Telnet: Write full buffer instead of byte-by-byteRichard Hsu
Previous TODO wanting to write in chunks. We should support writing more at once since some TELNET servers may respond immediately upon first byte written such as WHOIS servers. Closes #1389
2017-05-02gtls: fixed a lingering BUFSIZE referenceDan Fandrich
2017-05-02ssh: fix compiler warning from e40e9d7f0deDaniel Stenberg
2017-05-02url: let CURLOPT_BUFFERSIZE realloc to smaller sizes tooDaniel Stenberg
Closes #1449
2017-05-01BUFSIZE: rename to READBUFFER_*, make separate MASTERBUF_SIZEDaniel Stenberg
2017-05-01openssl: use local stack for temp storageDaniel Stenberg
2017-05-01sendf: remove use of BUFSIZE from debug data conversionsDaniel Stenberg
The buffer can have other sizes.
2017-05-01buffer: use data->set.buffer_size instead of BUFSIZEDaniel Stenberg
... to properly use the dynamically set buffer size!
2017-05-01krb5: use private buffer for temp string, not receive bufferDaniel Stenberg
2017-05-01upload: UPLOAD_BUFSIZE is now for the upload bufferDaniel Stenberg
2017-05-01http-proxy: use a dedicated CONNECT response bufferDaniel Stenberg
To make it suitably independent of the receive buffer and its flexible size.
2017-05-01transfer: fix minor buffer_size mistakeDaniel Stenberg
2017-05-01failf: use private buffer, don't clobber receive bufferDaniel Stenberg
2017-05-01pingpong: use the set buffer sizeDaniel Stenberg
2017-05-01http2: use the correct set buffer sizeDaniel Stenberg
2017-05-01http: don't clobber the receive buffer for timecondDaniel Stenberg
2017-05-01buffer_size: make sure it always has the correct sizeDaniel Stenberg
Removes the need for CURL_BUFSIZE
2017-05-01file: use private buffer for C-L outputDaniel Stenberg
... instead of clobbering the download buffer.
2017-05-01CURLOPT_BUFFERSIZE: 1024 bytes is now the minimum sizeDaniel Stenberg
The buffer is needed to receive FTP, HTTP CONNECT responses etc so already at this size things risk breaking and smaller is certainly not wise.
2017-05-01ftp: use private buffer for temp storage, not receive bufferDaniel Stenberg
2017-05-01http: use private user:password output bufferDaniel Stenberg
Don't clobber the receive buffer.
2017-05-01curl_setup: Ensure no more than one IDN lib is enabledJay Satiro
Prior to this change it was possible for libcurl to be built with both Windows' native IDN lib (normaliz) and libidn2 enabled. It appears that doesn't offer any benefit --and could cause a bug-- since libcurl's IDN handling is written to use either one but not both. Bug: https://github.com/curl/curl/issues/1441#issuecomment-297689856 Reported-by: Gisle Vanem