| #
c074ba64 |
| 01-Jul-2024 |
Daniel Stenberg |
code: language cleanup in comments
Based on the standards and guidelines we use for our documentation.
- expand contractions (they're => they are etc)
- host name = > hostname
code: language cleanup in comments
Based on the standards and guidelines we use for our documentation.
- expand contractions (they're => they are etc)
- host name = > hostname
- file name => filename
- user name = username
- man page => manpage
- run-time => runtime
- set-up => setup
- back-end => backend
- a HTTP => an HTTP
- Two spaces after a period => one space after period
Closes #14073
show more ...
|
| #
03cf1c7b |
| 24-Apr-2024 |
Viktor Szakats |
lib: silence `-Wsign-conversion` in base64, strcase, mprintf
Closes #13467
|
| #
2bc1d775 |
| 02-Jan-2023 |
Daniel Stenberg |
copyright: update all copyright lines and remove year ranges
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- save
copyright: update all copyright lines and remove year ranges
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- saves us from pointless churn
- git keeps history for us
- the year range is kept in COPYING
checksrc is updated to allow non-year using copyright statements
Closes #10205
show more ...
|
| #
3f039dfd |
| 31-Oct-2022 |
Daniel Stenberg |
strcase: use curl_str(n)equal for case insensitive matches
No point in having two entry points for the same functions.
Also merged the *safe* function treatment into these so that t
strcase: use curl_str(n)equal for case insensitive matches
No point in having two entry points for the same functions.
Also merged the *safe* function treatment into these so that they can
also be used when one or both pointers are NULL.
Closes #9837
show more ...
|
| #
ed5095ed |
| 05-Oct-2022 |
Daniel Stenberg |
strcase: add and use Curl_timestrcmp
This is a strcmp() alternative function for comparing "secrets",
designed to take the same time no matter the content to not leak
match/non-match
strcase: add and use Curl_timestrcmp
This is a strcmp() alternative function for comparing "secrets",
designed to take the same time no matter the content to not leak
match/non-match info to observers based on how fast it is.
The time this function takes is only a function of the shortest input
string.
Reported-by: Trail of Bits
Closes #9658
show more ...
|
| #
8dd95da3 |
| 05-Sep-2022 |
Daniel Stenberg |
ctype: remove all use of <ctype.h>, use our own versions
Except in the test servers.
Closes #9433
|
| #
ad9bc597 |
| 17-May-2022 |
max.mehl |
copyright: make repository REUSE compliant
Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the
copyright: make repository REUSE compliant
Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the file
`.reuse/dep5`.
This commit also adds a Github workflow to check pull requests and adapts
copyright.pl to the changes.
Closes #8869
show more ...
|
| #
b12c2b91 |
| 18-May-2022 |
Frank Gevaerts |
strcase: some optimisations
Lookup tables for toupper() and tolower() make Curl_strcasecompare()
about 1.5 times faster. Reorganising Curl_strcasecompare() to fully exit
early then a
strcase: some optimisations
Lookup tables for toupper() and tolower() make Curl_strcasecompare()
about 1.5 times faster. Reorganising Curl_strcasecompare() to fully exit
early then also allows simplifying the check at the end, for another
15%. In total, the changes make Curl_strcasecompare() around 1.6 to 1.7
times faster.
Note that these optimisation assume ASCII. The original
Curl_raw_toupper() and raw_tolower() look like they already made that
assumption.
Closes #8875
show more ...
|
| #
852aa5ad |
| 25-Apr-2022 |
Patrick Monnerat |
url: check sasl additional parameters for connection reuse.
Also move static function safecmp() as non-static Curl_safecmp() since
its purpose is needed at several places.
Bug:
url: check sasl additional parameters for connection reuse.
Also move static function safecmp() as non-static Curl_safecmp() since
its purpose is needed at several places.
Bug: https://curl.se/docs/CVE-2022-22576.html
CVE-2022-22576
Closes #8746
show more ...
|
| #
26101421 |
| 03-Feb-2022 |
Daniel Stenberg |
lib: remove support for CURL_DOES_CONVERSIONS
TPF was the only user and support for that was dropped.
Closes #8378
|
|
Revision tags: curl-7_76_1, curl-7_76_0, curl-7_75_0, curl-7_74_0 |
|
| #
4d2f8006 |
| 04-Nov-2020 |
Daniel Stenberg |
curl.se: new home
Closes #6172
|
|
Revision tags: curl-7_73_0, tiny-curl-7_72_0, curl-7_72_0, curl-7_71_1, curl-7_71_0, curl-7_70_0, curl-7_69_1, curl-7_69_0 |
|
| #
ea284778 |
| 23-Jan-2020 |
Daniel Stenberg |
strcase: turn Curl_raw_tolower into static
Only ever used from within this file.
|
|
Revision tags: curl-7_68_0, curl-7_67_0 |
|
| #
d0319adb |
| 31-Oct-2019 |
Vilhelm Prytz |
copyrights: update all copyright notices to 2019 on files changed this year
Closes #4547
|
| #
4a778f75 |
| 24-Sep-2019 |
Lucas Pardue |
strcase: fix raw lowercasing the letter X
Casing mistake in Curl_raw_tolower 'X' wasn't lowercased as 'x' prior to
this change.
Follow-up to 0023fce which added the function sev
strcase: fix raw lowercasing the letter X
Casing mistake in Curl_raw_tolower 'X' wasn't lowercased as 'x' prior to
this change.
Follow-up to 0023fce which added the function several days ago.
Ref: https://github.com/curl/curl/pull/4401#discussion_r327396546
Closes https://github.com/curl/curl/pull/4408
show more ...
|
| #
0023fce3 |
| 22-Sep-2019 |
Barry Pollard |
http: lowercase headernames for HTTP/2 and HTTP/3
Closes #4401
Fixes #4400
|
|
Revision tags: curl-7_66_0, curl-7_65_3, curl-7_65_2, curl-7_65_1, curl-7_65_0, curl-7_64_1, curl-7_64_0, curl-7_63_0, curl-7_62_0, curl-7_61_1, curl-7_61_0, curl-7_60_0, curl-7_59_0, curl-7_58_0, curl-7_57_0, curl-7_56_1, curl-7_56_0 |
|
| #
222e65fd |
| 31-Aug-2017 |
Daniel Stenberg |
strcase: corrected comment header for Curl_strcasecompare()
|
|
Revision tags: curl-7_55_1, curl-7_55_0, curl-7_54_1, curl-7_54_0 |
|
| #
66de5634 |
| 10-Mar-2017 |
Sylvestre Ledru |
Improve code readbility
... by removing the else branch after a return, break or continue.
Closes #1310
|
|
Revision tags: curl-7_53_1, curl-7_53_0, curl-7_52_1, curl-7_52_0 |
|
| #
b228d295 |
| 13-Dec-2016 |
Daniel Stenberg |
checksrc: stricter no-space-before-paren enforcement
In order to make the code style more uniform everywhere
|
| #
cb4e2be7 |
| 16-Nov-2016 |
Alex Rousskov |
proxy: Support HTTPS proxy and SOCKS+HTTP(s)
* HTTPS proxies:
An HTTPS proxy receives all transactions over an SSL/TLS connection.
Once a secure connection with the proxy is est
proxy: Support HTTPS proxy and SOCKS+HTTP(s)
* HTTPS proxies:
An HTTPS proxy receives all transactions over an SSL/TLS connection.
Once a secure connection with the proxy is established, the user agent
uses the proxy as usual, including sending CONNECT requests to instruct
the proxy to establish a [usually secure] TCP tunnel with an origin
server. HTTPS proxies protect nearly all aspects of user-proxy
communications as opposed to HTTP proxies that receive all requests
(including CONNECT requests) in vulnerable clear text.
With HTTPS proxies, it is possible to have two concurrent _nested_
SSL/TLS sessions: the "outer" one between the user agent and the proxy
and the "inner" one between the user agent and the origin server
(through the proxy). This change adds supports for such nested sessions
as well.
A secure connection with a proxy requires its own set of the usual SSL
options (their actual descriptions differ and need polishing, see TODO):
--proxy-cacert FILE CA certificate to verify peer against
--proxy-capath DIR CA directory to verify peer against
--proxy-cert CERT[:PASSWD] Client certificate file and password
--proxy-cert-type TYPE Certificate file type (DER/PEM/ENG)
--proxy-ciphers LIST SSL ciphers to use
--proxy-crlfile FILE Get a CRL list in PEM format from the file
--proxy-insecure Allow connections to proxies with bad certs
--proxy-key KEY Private key file name
--proxy-key-type TYPE Private key file type (DER/PEM/ENG)
--proxy-pass PASS Pass phrase for the private key
--proxy-ssl-allow-beast Allow security flaw to improve interop
--proxy-sslv2 Use SSLv2
--proxy-sslv3 Use SSLv3
--proxy-tlsv1 Use TLSv1
--proxy-tlsuser USER TLS username
--proxy-tlspassword STRING TLS password
--proxy-tlsauthtype STRING TLS authentication type (default SRP)
All --proxy-foo options are independent from their --foo counterparts,
except --proxy-crlfile which defaults to --crlfile and --proxy-capath
which defaults to --capath.
Curl now also supports %{proxy_ssl_verify_result} --write-out variable,
similar to the existing %{ssl_verify_result} variable.
Supported backends: OpenSSL, GnuTLS, and NSS.
* A SOCKS proxy + HTTP/HTTPS proxy combination:
If both --socks* and --proxy options are given, Curl first connects to
the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS
proxy.
TODO: Update documentation for the new APIs and --proxy-* options.
Look for "Added in 7.XXX" marks.
show more ...
|
|
Revision tags: curl-7_51_0 |
|
| #
47a21ca9 |
| 31-Oct-2016 |
Dan Fandrich |
strcasecompare: include curl.h in strcase.c
This should fix the "warning: 'curl_strequal' redeclared without
dllimport attribute: previous dllimport ignored" message and subsequent
l
strcasecompare: include curl.h in strcase.c
This should fix the "warning: 'curl_strequal' redeclared without
dllimport attribute: previous dllimport ignored" message and subsequent
link error on Windows because of the missing CURL_EXTERN on the
prototype.
show more ...
|
| #
8fe4bd08 |
| 31-Oct-2016 |
Daniel Stenberg |
curl_strequal: part of public API/ABI, needs to be kept
These two public functions have been mentioned as deprecated since a
very long time but since they are still part of the API and A
curl_strequal: part of public API/ABI, needs to be kept
These two public functions have been mentioned as deprecated since a
very long time but since they are still part of the API and ABI we need
to keep them around.
show more ...
|
| #
811a693b |
| 30-Sep-2016 |
Daniel Stenberg |
strcasecompare: all case insensitive string compares ignore locale now
We had some confusions on when each function was used. We should not act
differently on different locales anyway.
|
| #
502acba2 |
| 30-Sep-2016 |
Daniel Stenberg |
strcasecompare: is the new name for strequal()
... to make it less likely that we forget that the function actually
does case insentive compares. Also replaced several invokes of the
strcasecompare: is the new name for strequal()
... to make it less likely that we forget that the function actually
does case insentive compares. Also replaced several invokes of the
function with a plain strcmp when case sensitivity is not an issue (like
comparing with "-").
show more ...
|
