aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2017-02-18proxy: fix hostname resolution and IDN conversionMichael Kaufmann
Properly resolve, convert and log the proxy host names. Support the "--connect-to" feature for SOCKS proxies and for passive FTP data transfers. Follow-up to cb4e2be Reported-by: Jay Satiro Fixes https://github.com/curl/curl/issues/1248
2017-02-17http: fix missing 'Content-Length: 0' while negotiating authIsaac Boukris
- While negotiating auth during PUT/POST if a user-specified Content-Length header is set send 'Content-Length: 0'. This is what we do already in HTTPREQ_POST_FORM and what we did in the HTTPREQ_POST case (regression since afd288b). Prior to this change no Content-Length header would be sent in such a case. Bug: https://curl.haxx.se/mail/lib-2017-02/0006.html Reported-by: Dominik Hölzl Closes https://github.com/curl/curl/pull/1242
2017-02-15axtls: adapt to API changesDaniel Stenberg
Builds with axTLS 2.1.2. This then also breaks compatibility with axTLS < 2.1.0 (the older API) ... and fix the session_id mixup brought in 04b4ee549 Fixes #1220
2017-02-14smb: code indentDaniel Stenberg
2017-02-13http2: fix memory-leak when denying push streamsDaniel Stenberg
Reported-by: zelinchen@users.noreply.github.com Fixes #1229
2017-02-10URL: only accept ";options" in SMTP/POP3/IMAP URL schemesDaniel Stenberg
Fixes #1252
2017-02-09nss: make FTPS work with --proxytunnelKamil Dudka
If the NSS code was in the middle of a non-blocking handshake and it was asked to finish the handshake in blocking mode, it unexpectedly continued in the non-blocking mode, which caused a FTPS connection over CONNECT to fail with "(81) Socket not ready for send/recv". Bug: https://bugzilla.redhat.com/1420327
2017-02-09http_proxy: avoid freeing static memoryDaniel Stenberg
Follow up to 7fe81ec298e0: make sure 'host' is either NULL or malloced.
2017-02-09http_proxy: Fix tiny memory leak upon edge case connecting to proxyCameron MacMinn
Fixes #1255
2017-02-08polarssl, mbedtls: Fix detection of pending dataMichael Kaufmann
Reported-by: Dan Fandrich Bug: https://curl.haxx.se/mail/lib-2017-02/0032.html
2017-02-07http2: reset push header counter fixes crashDaniel Stenberg
When removing an easy handler from a multi before it completed its transfer, and it had pushed streams, it would segfault due to the pushed counted not being cleared. Fixed-by: zelinchen@users.noreply.github.com Fixes #1249
2017-02-07transfer: only retry nobody-requests for HTTPMarkus Westerlind
Using sftp to delete a file with CURLOPT_NOBODY set with a reused connection would fail as curl expected to get some data. Thus it would retry the command again which fails as the file has already been deleted. Fixes #1243
2017-02-07telnet: Fix typosDaniel Gustafsson
Ref: https://github.com/curl/curl/pull/1245
2017-02-07darwinssl: Avoid parsing certificates when not in verbose modeDaniel Gustafsson
The information extracted from the server certificates in step 3 is only used when in verbose mode, and there is no error handling or validation performed as that has already been done. Only run the certificate information extraction when in verbose mode and libcurl was built with verbose strings. Closes https://github.com/curl/curl/pull/1246
2017-02-07schannel: Remove incorrect SNI disabled messageJDepooter
- Remove the SNI disabled when host verification disabled message since that is incorrect. - Show a message for legacy versions of Windows <= XP that connections may fail since those versions of WinSSL lack SNI, algorithms, etc. Bug: https://github.com/curl/curl/pull/1240
2017-02-06use *.sourceforge.io and misc URL updatesViktor Szakats
Ref: https://sourceforge.net/blog/introducing-https-for-project-websites/ Closes: https://github.com/curl/curl/pull/1247
2017-02-01cmake: Support curl --xattr when built with cmakeSean Burford
- Test for and set HAVE_FSETXATTR when support for extended file attributes is present. Closes https://github.com/curl/curl/pull/1176
2017-01-31openssl: Don't use certificate after transferring ownershipAdam Langley
SSL_CTX_add_extra_chain_cert takes ownership of the given certificate while, despite the similar name, SSL_CTX_add_client_CA does not. Thus it's best to call SSL_CTX_add_client_CA before SSL_CTX_add_extra_chain_cert, while the code still has ownership of the argument. Closes https://github.com/curl/curl/pull/1236
2017-01-29mbedtls: implement CTR-DRBG and HAVEGE random generatorsAntoine Aubert
closes #1227
2017-01-28mbedtls: disable TLS session ticketsMichael Kaufmann
SSL session reuse with TLS session tickets is not supported yet. Use SSL session IDs instead. See https://github.com/curl/curl/issues/1109
2017-01-28gnutls: disable TLS session ticketsMichael Kaufmann
SSL session reuse with TLS session tickets is not supported yet. Use SSL session IDs instead. Fixes https://github.com/curl/curl/issues/1109
2017-01-28polarssl: fix hangsMichael Kaufmann
This bugfix is similar to commit c111178bd4.
2017-01-27cookies: do not assume a valid domain has a dotDaniel Stenberg
This repairs cookies for localhost. Non-PSL builds will now only accept "localhost" without dots, while PSL builds okeys everything not listed as PSL. Added test 1258 to verify. This was a regression brought in a76825a5efa6b4
2017-01-24telnet: fix windows compiler warningsDaniel Stenberg
Thumbs-up-by: Jay Satiro Closes #1225
2017-01-23VC: remove the makefile.vc6 build infraDaniel Stenberg
The winbuild/ build files is now the single MSVC makefile build choice. Closes #1215
2017-01-22vtls: source indentation fixDaniel Stenberg
2017-01-20vtls: fix PolarSSL non-blocking handlingDaniel Stenberg
A regression brought in cb4e2be Reported-by: Michael Kaufmann Bug: https://github.com/curl/curl/issues/1174#issuecomment-274018791
2017-01-20vtls: fix mbedtls multi non blocking handshake.Antoine Aubert
When using multi, mbedtls handshake is in non blocking mode. vtls must set wait for read/write flags for the socket. Closes #1223
2017-01-19CURLOPT_BUFFERSIZE: support enlarging receive bufferRichy Kim
Replace use of fixed macro BUFSIZE to define the size of the receive buffer. Reappropriate CURLOPT_BUFFERSIZE to include enlarging receive buffer size. Upon setting, resize buffer if larger than the current default size up to a MAX_BUFSIZE (512KB). This can benefit protocols like SFTP. Closes #1222
2017-01-19*.rc: escape non-ASCII/non-UTF-8 character for clarityViktor Szakats
Closes https://github.com/curl/curl/pull/1217
2017-01-18CURLOPT_CONNECT_TO: Fix compile warningsMichael Kaufmann
Fix compile warnings that appeared only when curl has been configured with '--disable-verbose'.
2017-01-18parseurl: move back buffer to function scopeDaniel Stenberg
Regression since 1d4202ad, which moved the buffer into a more narrow scope, but the data in that buffer was used outside of that more narrow scope. Reported-by: Dan Fandrich Bug: https://curl.haxx.se/mail/lib-2017-01/0093.html
2017-01-17openssl: Fix random generationJay Satiro
- Fix logic error in Curl_ossl_random. Broken a few days ago in 807698d.
2017-01-15nss: use the correct lock in nss_find_slot_by_name()Kamil Dudka
2017-01-15http2: disable server push if not requestedAlessandro Ghedini
Ref: https://github.com/curl/curl/pull/1160
2017-01-14http: print correct HTTP string in verbose output when using HTTP/2Alessandro Ghedini
Before: ``` % src/curl https://sigsegv.ninja/ -v --http2 ... > GET / HTTP/1.1 > Host: sigsegv.ninja > User-Agent: curl/7.52.2-DEV > Accept: */* > ... ``` After: ``` % src/curl https://sigsegv.ninja/ -v --http2 ... > GET / HTTP/2 > Host: sigsegv.ninja > User-Agent: curl/7.52.2-DEV > Accept: */* > ```
2017-01-14addrinfo: fix compiler warning on offsetof() useDaniel Stenberg
curl_addrinfo.c:519:20: error: conversion to ‘curl_socklen_t {aka unsigned int}’ from ‘long unsigned int’ may alter its value [-Werror=conversion] Follow-up to 1d786faee1046f
2017-01-13unix_socket: add support for abstract unix domain socketIsaac Boukris
In addition to unix domain sockets, Linux also supports an abstract namespace which is independent of the filesystem. In order to support it, add new CURLOPT_ABSTRACT_UNIX_SOCKET option which uses the same storage as CURLOPT_UNIX_SOCKET_PATH internally, along with a flag to specify abstract socket. On non-supporting platforms, the abstract address will be interpreted as an empty string and fail gracefully. Also add new --abstract-unix-socket tool parameter. Signed-off-by: Isaac Boukris <iboukris@gmail.com> Reported-by: Chungtsun Li (typeless) Reviewed-by: Daniel Stenberg Reviewed-by: Peter Wu Closes #1197 Fixes #1061
2017-01-13IDN: Use TR46 non-transitionalDaniel Stenberg
Assisted-by: Tim Rühsen
2017-01-13IDN: revert use of the transitional optionDaniel Stenberg
It made the german ß get converted to ss, IDNA2003 style, and we can't have that for the .de TLD - a primary reason for our switch to IDNA2008. Test 165 verifies.
2017-01-13IDN: Fix compile time detection of linidn2 TR46Tim Rühsen
Follow-up to f30cbcac1 Closes #1207
2017-01-13url: --noproxy option overrides NO_PROXY environment variableERAMOTO Masaya
Under condition using http_proxy env var, noproxy list was the combination of --noproxy option and NO_PROXY env var previously. Since this commit, --noproxy option overrides NO_PROXY environment variable even if use http_proxy env var. Closes #1140
2017-01-13url: Refactor detect_proxy()ERAMOTO Masaya
If defined CURL_DISABLE_HTTP, detect_proxy() returned NULL. If not defined CURL_DISABLE_HTTP, detect_proxy() checked noproxy list. Thus refactor to set proxy to NULL instead of calling detect_proxy() if define CURL_DISABLE_HTTP, and refactor to call detect_proxy() if not define CURL_DISABLE_HTTP and the host is not in the noproxy list.
2017-01-13url: Fix NO_PROXY env var to work properly with --proxy option.ERAMOTO Masaya
The combination of --noproxy option and http_proxy env var works well both for proxied hosts and non-proxied hosts. However, when combining NO_PROXY env var with --proxy option, non-proxied hosts are not reachable while proxied host is OK. This patch allows us to access non-proxied hosts even if using NO_PROXY env var with --proxy option.
2017-01-13IDN: Use TR46 'transitional' for toASCII translationsTim Rühsen
References: http://unicode.org/faq/idn.html http://unicode.org/reports/tr46 Closes #1206
2017-01-13gnutls: check for alpn and ocsp in configureMarcus Hoffmann
Check for presence of gnutls_alpn_* and gnutls_ocsp_* functions during configure instead of relying on the version number. GnuTLS has options to turn these features off and we ca just work with with such builds like we work with older versions. Signed-off-by: Marcus Hoffmann <m.hoffmann@cartelsol.com> Closes #1204
2017-01-12url: Fix parsing for when 'file' is the default protocolJay Satiro
Follow-up to 3463408. Prior to 3463408 file:// hostnames were silently stripped. Prior to this commit it did not work when a schemeless url was used with file as the default protocol. Ref: https://curl.haxx.se/mail/lib-2016-11/0081.html Closes https://github.com/curl/curl/pull/1124 Also fix for drive letters: - Support --proto-default file c:/foo/bar.txt - Support file://c:/foo/bar.txt - Fail when a file:// drive letter is detected and not MSDOS/Windows. Bug: https://github.com/curl/curl/issues/1187 Reported-by: Anatol Belski Assisted-by: Anatol Belski
2017-01-12rand: make it work without TLS backingDaniel Stenberg
Regression introduced in commit f682156a4fc6c4 Reported-by: John Kohl Bug: https://curl.haxx.se/mail/lib-2017-01/0055.html
2017-01-12STARTTLS: Don't print response character in denied messagesJay Satiro
Both IMAP and POP3 response characters are used internally, but when appended to the STARTTLS denial message likely could confuse the user. Closes https://github.com/curl/curl/pull/1203
2017-01-12smtp: Fix STARTTLS denied error messageJay Satiro
- Format the numeric denial code as an integer instead of a character.