| 42fd2350 | 12-Nov-2018 |
Daniel Stenberg |
nss: fix fallthrough comment to fix picky compiler warning |
| f7fa04d7 | 10-Nov-2018 |
Daniel Stenberg |
docs: expanded on some CURLU details |
| c05d77ee | 03-Nov-2018 |
Tim Rühsen |
ftp: avoid two unsigned int overflows in FTP listing parser
Curl_ftp_parselist: avoid unsigned integer overflows
The overflow has no real world impact, just avoid it for "best
p
ftp: avoid two unsigned int overflows in FTP listing parser
Curl_ftp_parselist: avoid unsigned integer overflows
The overflow has no real world impact, just avoid it for "best
practice".
Closes #3225
show more ...
|
| fcf3f133 | 09-Nov-2018 |
Daniel Stenberg |
curl: --local-port range was not "including"
The end port number in a given range was not included in the range used,
as it is documented to be.
Reported-by: infinnovation-dev o
curl: --local-port range was not "including"
The end port number in a given range was not included in the range used,
as it is documented to be.
Reported-by: infinnovation-dev on github
Fixes #3251
Closes #3255
show more ...
|
| 27cb3846 | 09-Nov-2018 |
Jérémy Rocher |
openssl: support BoringSSL TLS renegotiation
As per BoringSSL porting documentation [1], BoringSSL rejects peer
renegotiations by default.
curl fails when trying to authenticate
openssl: support BoringSSL TLS renegotiation
As per BoringSSL porting documentation [1], BoringSSL rejects peer
renegotiations by default.
curl fails when trying to authenticate to server through client
certificate if it is requested by server after the initial TLS
handshake.
Enable renegotiation by default with BoringSSL to get same behavior as
with OpenSSL. This is done by calling SSL_set_renegotiate_mode [2]
which was introduced in commit 1d5ef3bb1eb9 [3].
1 - https://boringssl.googlesource.com/boringssl/+/HEAD/PORTING.md#tls-renegotiation
2 - https://boringssl.googlesource.com/boringssl/+/master/include/openssl/ssl.h#3482
3 - https://boringssl.googlesource.com/boringssl/+/1d5ef3bb1eb97848617db5e7d633d735a401df86
Signed-off-by: Jérémy Rocher <rocher.jeremy@gmail.com>
Fixes #3258
Closes #3259
show more ...
|
| a1aabed8 | 09-Nov-2018 |
Daniel Stenberg |
HISTORY: add some milestones
Added a few of the more notable milestones in curl history that were
missing. Primarily more recent ones but I also noted some older that
could be worth
HISTORY: add some milestones
Added a few of the more notable milestones in curl history that were
missing. Primarily more recent ones but I also noted some older that
could be worth mentioning.
[ci skip]
Closes #3257
show more ...
|
| 10c91b66 | 09-Nov-2018 |
Daniel Gustafsson |
KNOWN_BUGS: add --proxy-any connection issue
Add the identified issue with --proxy-any and proxy servers which
advertise authentication schemes other than the supported one.
Clo
KNOWN_BUGS: add --proxy-any connection issue
Add the identified issue with --proxy-any and proxy servers which
advertise authentication schemes other than the supported one.
Closes #876
Closes #3250
Reported-by: NTMan on Github
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
show more ...
|
| 5c4fe0d8 | 01-Nov-2018 |
Jim Fuller |
setopt: add CURLOPT_CURLU
Allows an application to pass in a pre-parsed URL via a URL handle.
Closes #3227 |
| 073332b5 | 07-Nov-2018 |
Gisle Vanem |
docs: ESCape "\n" codes
Groff / Troff will display a:
printaf("Errno: %ld\n", error);
as:
printf("Errno: %ld0, error);
when a "\n" is not escaped. Use "\\n" instead.
docs: ESCape "\n" codes
Groff / Troff will display a:
printaf("Errno: %ld\n", error);
as:
printf("Errno: %ld0, error);
when a "\n" is not escaped. Use "\\n" instead.
Closes #3246
show more ...
|
| f859b05c | 07-Nov-2018 |
Daniel Stenberg |
curl: --local-port fix followup
Regression by 52db54869e6.
Reported-by: infinnovation-dev on github
Fixes #3248
Closes #3249 |
| 08b1a851 | 07-Nov-2018 |
Gisle Vanem |
More "\n" ESCaping |
| d9a74585 | 07-Nov-2018 |
Daniel Stenberg |
RELEASE-NOTES: synced |
| 52db5486 | 05-Nov-2018 |
Daniel Stenberg |
curl: fix --local-port integer overflow
The tool's local port command line range parser didn't check for integer
overflows and could pass "weird" data to libcurl for this option.
lib
curl: fix --local-port integer overflow
The tool's local port command line range parser didn't check for integer
overflows and could pass "weird" data to libcurl for this option.
libcurl however, has a strict range check for the values so it rejects
anything outside of the accepted range.
Reported-by: Brian Carpenter
Closes #3242
show more ...
|
| bda4ef41 | 07-Nov-2018 |
Daniel Stenberg |
curl: correct the switch() logic in ourWriteOut
Follow-up to e431daf013, as I did the wrong correction for a compiler
warning. It should be a break and not a fall-through.
Point
curl: correct the switch() logic in ourWriteOut
Follow-up to e431daf013, as I did the wrong correction for a compiler
warning. It should be a break and not a fall-through.
Pointed-out-by: Frank Gevaerts
show more ...
|
| e431daf0 | 08-Oct-2018 |
Frank Gevaerts |
curl: add %{stderr} and %{stdout} for --write-out
Closes #3115 |
| 8a49b291 | 07-Nov-2018 |
Daniel Gustafsson |
winssl: be consistent in Schannel capitalization
The productname from Microsoft is "Schannel", but in infof/failf
reporting we use "schannel". This removes different versions.
C
winssl: be consistent in Schannel capitalization
The productname from Microsoft is "Schannel", but in infof/failf
reporting we use "schannel". This removes different versions.
Closes #3243
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
show more ...
|
| 64f9d391 | 07-Nov-2018 |
Daniel Stenberg |
TODO: Have the URL API offer IDN decoding
Similar to how URL decoding/encoding is done, we could have URL
functions to convert IDN host names to punycode.
Suggested-by: Alexey M
TODO: Have the URL API offer IDN decoding
Similar to how URL decoding/encoding is done, we could have URL
functions to convert IDN host names to punycode.
Suggested-by: Alexey Melnichuk
Closes #3232
show more ...
|
| 9aa8ff28 | 06-Nov-2018 |
Daniel Stenberg |
urlapi: only skip encoding the first '=' with APPENDQUERY set
APPENDQUERY + URLENCODE would skip all equals signs but now it only skip
encoding the first to better allow "name=content" f
urlapi: only skip encoding the first '=' with APPENDQUERY set
APPENDQUERY + URLENCODE would skip all equals signs but now it only skip
encoding the first to better allow "name=content" for any content.
Reported-by: Alexey Melnichuk
Fixes #3231
Closes #3231
show more ...
|
| 9df8dc10 | 04-Nov-2018 |
Daniel Stenberg |
url: a short host name + port is not a scheme
The function identifying a leading "scheme" part of the URL considered a
few letters ending with a colon to be a scheme, making something li
url: a short host name + port is not a scheme
The function identifying a leading "scheme" part of the URL considered a
few letters ending with a colon to be a scheme, making something like
"short:80" to become an unknown scheme instead of a short host name and
a port number.
Extended test 1560 to verify.
Also fixed test203 to use file_pwd to make it get the correct path on
windows. Removed test 2070 since it was a duplicate of 203.
Assisted-by: Marcel Raad
Reported-by: Hagai Auro
Fixes #3220
Fixes #3233
Closes #3223
Closes #3235
show more ...
|
| 74f47823 | 05-Nov-2018 |
Sangamkar |
libcurl: stop reading from paused transfers
In the transfer loop it would previously not acknwledge the pause bit
and continue until drained or loop ended.
Closes #3240 |
| 397664a0 | 01-Nov-2018 |
Jay Satiro |
tool: add undocumented option --dump-module-paths for win32
- Add an undocumented diagnostic option for Windows to show the full
paths of all loaded modules regardless of whether or no
tool: add undocumented option --dump-module-paths for win32
- Add an undocumented diagnostic option for Windows to show the full
paths of all loaded modules regardless of whether or not libcurl
initialization succeeds.
This is needed so that in the CI we can get a list of all DLL
dependencies after initialization (when they're most likely to have
finished loading) and then package them as artifacts so that a
functioning build can be downloaded. Also I imagine it may have some use
as a diagnostic for help requests.
Ref: https://github.com/curl/curl/pull/3103
Closes https://github.com/curl/curl/pull/3208
show more ...
|
| 28429fb1 | 01-Nov-2018 |
Jay Satiro |
curl_multibyte: fix a malloc overcalculation
Prior to this change twice as many bytes as necessary were malloc'd when
converting wchar to UTF8. To allay confusion in the future I also
curl_multibyte: fix a malloc overcalculation
Prior to this change twice as many bytes as necessary were malloc'd when
converting wchar to UTF8. To allay confusion in the future I also
changed the variable name for the amount of bytes from len to bytes.
Closes https://github.com/curl/curl/pull/3209
show more ...
|
| 53db15ba | 03-Nov-2018 |
Michael Kaufmann |
netrc: don't ignore the login name specified with "--user"
- for "--netrc", don't ignore the login/password specified with "--user",
only ignore the login/password in the URL.
Th
netrc: don't ignore the login name specified with "--user"
- for "--netrc", don't ignore the login/password specified with "--user",
only ignore the login/password in the URL.
This restores the netrc behaviour of curl 7.61.1 and earlier.
- fix the documentation of CURL_NETRC_REQUIRED
- improve the detection of login/password changes when reading .netrc
- don't read .netrc if both login and password are already set
Fixes #3213
Closes #3224
show more ...
|
| a77b640c | 05-Nov-2018 |
Patrick Monnerat |
OS400: add URL API ccsid wrappers and sync ILE/RPG bindings |
| 5bfaa86c | 01-Nov-2018 |
Yasuhiro Matsumoto |
curl: fixed UTF-8 in current console code page (Windows)
Fixes #3211
Fixes #3175
Closes #3212 |
