Age | Commit message (Collapse) | Author |
|
In MultiSSL mode (i.e. when more than one SSL backend is compiled
in), we cannot use the compile time flag `USE_NSS` as indicator that
the NSS backend is in use. As far as Metalink is concerned, the SSL
backend is only used for MD5, SHA-1 and SHA-256 calculations,
therefore one of the available SSL backends is selected at compile
time, in a strict order of preference.
Let's introduce a new `HAVE_NSS_CONTEXT` constant that can be used
to determine whether the SSL backend used for Metalink is the NSS
backend, and use that to guard the code that wants to de-initialize
the NSS-specific data structure.
Ref: https://github.com/curl/curl/pull/1848
|
|
Also suppress length argument of curl_mime_name() (names are always
zero-terminated).
|
|
Detected by coverity. CID 1418137.
|
|
... previously it would store a return value even when it returned
error, which could make the value get used anyway!
Reported-by: Brian Carpenter
Closes #1893
|
|
|
|
|
|
- The part kind MIMEKIND_FILE and associated code are suppressed.
- Seek data origin offset not used anymore: suppressed.
- MIMEKIND_NAMEDFILE renamed MIMEKIND_FILE; associated fields/functions
renamed accordingly.
- Curl_getformdata() processes stdin via a callback.
|
|
curl_mime_encoder() is operational and documented.
curl tool -F option is extended with ";encoder=".
curl tool --libcurl option generates calls to curl_mime_encoder().
New encoder tests 648 & 649.
Test 1404 extended with an encoder specification.
|
|
Use and generate CURL_ZERO_TERMINATED in curl tool and tests.
|
|
|
|
To support telling a string is nul-terminated, symbol CURL_ZERO_TERMINATED
has been introduced.
Documentation updated accordingly.
symbols in versions updated. Added form API symbols deprecation info.
|
|
This feature is badly supported in Windows: as a replacement, a caller has
to use curl_mime_data_cb() with fread, fseek and possibly fclose
callbacks to process opened files.
The cli tool and documentation are updated accordingly.
The feature is however kept internally for form API compatibility, with
the known caveats it always had.
As a side effect, stdin size is not determined by the cli tool even if
possible and this results in a chunked transfer encoding. Test 173 is
updated accordingly.
|
|
|
|
Extended -F option syntax to support multipart mail messages.
-F keyword headers= added to include custom headers in parts.
Documentation upgraded.
|
|
Closes https://github.com/curl/curl/pull/1840
|
|
This new feature flag reports When cURL was built with multiple SSL
backends.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
|
Previously, the code assumed that at most one of the SSL backends would
be compiled in, emulating OpenSSL's functions if the configured backend
was not OpenSSL itself.
However, now we allow building with multiple SSL backends and choosing
one at runtime. Therefore, metalink needs to be adjusted to handle this
scenario, too.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
|
The previous message was just too long for ordinary people and it was
encouraging users to use `--insecure` a little too easy.
Based-on-work-by: Frank Denis
Closes #1810
Closes #1817
|
|
By default, the MinGW CRT globs command-line arguments. This prevents
getting a single asterisk into an argument as test 1299 does. Turn off
globbing by setting the global variable _CRT_glob to 0 for MinGW.
Fixes https://github.com/curl/curl/issues/1751
Closes https://github.com/curl/curl/pull/1813
|
|
libidn was replaced with libidn2 last year in configure.
Caveat: libidn2 may depend on a list of further libs.
These can be manually specified via CURL_LDFLAG_EXTRAS.
Closes https://github.com/curl/curl/pull/1815
|
|
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
|
|
|
... as they're not used externally and internally we check for the sizes
already in configure etc.
Closes #1767
|
|
The required low-level logic was already available as part of
`libssh2` (via `LIBSSH2_FLAG_COMPRESS` `libssh2_session_flag()`[1]
option.)
This patch adds the new `libcurl` option `CURLOPT_SSH_COMPRESSION`
(boolean) and the new `curl` command-line option `--compressed-ssh`
to request this `libssh2` feature. To have compression enabled, it
is required that the SSH server supports a (zlib) compatible
compression method and that `libssh2` was built with `zlib` support
enabled.
[1] https://www.libssh2.org/libssh2_session_flag.html
Ref: https://github.com/curl/curl/issues/1732
Closes https://github.com/curl/curl/pull/1735
|
|
Commit curl-7_54_0-118-g8b2f22e changed the output format of curl --help
to use <file> and <dir> instead of FILE and DIR, which caused zsh.pl to
produce a broken completion script:
% curl --<TAB>
_curl:10: no such file or directory: seconds
Closes #1779
|
|
... make sure we bail out on overflows.
Reported-by: Brian Carpenter
Closes #1758
|
|
- Enable execute permission (chmod +x)
- Change interpreter to /usr/bin/env perl
Ref: https://github.com/curl/curl/issues/1743
|
|
|
|
The fix for this in 8661a0aacc01492e0436275ff36a21734f2541bb wasn't
complete: if the parsed number in num is larger than will fit in a long,
the conversion is undefined behaviour (causing test1427 to fail for me
on IA32 with GCC 7.1, although it passes on AMD64 and ARMv7). Getting
rid of the cast means the comparison will be done using doubles.
It might make more sense for the max argument to also be a double...
Fixes #1750
Closes #1749
|
|
Closes #1741
|
|
Make the number parser aware of the maximum limit curl accepts for a
value and return an error immediately if larger, instead of running an
integer overflow later.
Fixes #1730
Closes #1736
|
|
Added test 1289 to verify.
CVE-2017-1000101
Bug: https://curl.haxx.se/docs/adv_20170809A.html
Reported-by: Brian Carpenter
|
|
Fixes #1728
|
|
Follow-up to 171f8de.
Ref: https://github.com/curl/curl/issues/1704
|
|
Ref: #1591
|
|
Prior to this change (SET_)ERRNO mapped to GetLastError/SetLastError
for Win32 and regular errno otherwise.
I reviewed the code and found no justifiable reason for conflating errno
on WIN32 with GetLastError/SetLastError. All Win32 CRTs support errno,
and any Win32 multithreaded CRT supports thread-local errno.
Fixes https://github.com/curl/curl/issues/895
Closes https://github.com/curl/curl/pull/1589
|
|
|
|
GCC 4.4 complains:
tool_cb_wrt.c:81: error: declaration of ‘isatty’ shadows a global
declaration
/usr/include/unistd.h:782: error: shadowed declaration is here
Fix this by renaming the variable.
Closes https://github.com/curl/curl/pull/1661
|
|
tool_sleep.c:54:24: error: implicit conversion loses integer precision:
'long' to '__darwin_suseconds_t' (aka 'int')
[-Werror,-Wshorten-64-to-32]
|
|
... and don't build at all in include
Prompted-by-work-by: Simon Warta
Ref: #1590
Closes #1591
|
|
Closes https://github.com/curl/curl/pull/1454
|
|
Bug: https://github.com/curl/curl/pull/1486#issuecomment-310926872
Reported-by: Dan Fandrich
|
|
... and CURLOPT_REQUEST_TARGET instead of CURLOPT_STRIP_PATH_SLASH.
This option instead provides the full "alternative" target to use in the
request, instead of extracting the path from the URL.
Test 1298 and 1299 updated accordingly.
Idea-by: Evert Pot
Suggestion: https://daniel.haxx.se/blog/2017/06/19/options-with-curl/comment-page-1/#comment-18373
Closes #1593
|
|
... to enable sending "OPTIONS *" which wasn't possible previously.
This option currently only works for HTTP.
Added test cases 1298 + 1299 to verify
Fixes #1280
Closes #1462
|
|
this improves symmetry with the rule above
|
|
|
|
... as it really cannot have reached this far with config being NULL,
thus this is unnecesary and misleading.
Bug: https://news.ycombinator.com/item?id=14577585 and
https://daniel.haxx.se/blog/2017/06/17/curl-doesnt-spew-binary-anymore/comment-page-1/#comment-18356
Forwarded-to-us-by: Jakub Wilk
|
|
... unless "--output -" is used. Binary detection is done by simply
checking for a binary zero in early data.
Added test 1425 1426 to verify.
Closes #1512
|
|
The configure-based build also has this in addition to -Wall.
Closes https://github.com/curl/curl/pull/1578
|
|
So many headers can be provided as @filename.
Suggested-by: Timothe Litt
Closes #1486
|