curl.1: --ipv6 mutexes ipv4 (fixed typo)

Fixes #3171
Closes #3172

tool_main: make TerminalSettings static

Reported-by: Gisle Vanem
Bug: https://github.com/curl/curl/commit/becfe1233ff2b6b0c3e1b6a10048b55b68c2539f#commitcomment-31008819
Closes #3161

curl-config.in: remove dependency on bc

Reported-by: Dima Pasechnik
Fixes #3143
Closes #3174

rtmp: fix for compiling with lwIP

Compiling on _WIN32 and with USE_LWIPSOCK, causes this error:
curl_rtmp.c(223,3): error: use of undeclared identifier 'setsockopt'
setsockopt

rtmp: fix for compiling with lwIP

Compiling on _WIN32 and with USE_LWIPSOCK, causes this error:
curl_rtmp.c(223,3): error: use of undeclared identifier 'setsockopt'
setsockopt(r->m_sb.sb_socket, SOL_SOCKET, SO_RCVTIMEO,
^
curl_rtmp.c(41,32): note: expanded from macro 'setsockopt'
#define setsockopt(a,b,c,d,e) (setsockopt)(a,b,c,(const char *)d,(int)e)
^
Closes #3155

show more ...

configure: remove CURL_CONFIGURE_CURL_SOCKLEN_T

Follow-up to #3166 which did the cmake part of this. This type/define is
not used.

Closes #3168

cmake: remove unused variables

Remove variables:
* HAVE_SOCKLEN_T
* CURL_SIZEOF_CURL_SOCKLEN_T
* CURL_TYPEOF_CURL_SOCKLEN_T

Closes #3166

urldata: Fix comment in header

The "connecting" function is used by multiple protocols, not only FTP

netrc: free temporary strings if memory allocation fails

- Change the inout parameters after all needed memory has been
allocated. Do not change them if something goes wrong.
- Fre

netrc: free temporary strings if memory allocation fails

- Change the inout parameters after all needed memory has been
allocated. Do not change them if something goes wrong.
- Free the allocated temporary strings if strdup() fails.

Closes #3122

show more ...

config: Remove unused SIZEOF_VOIDP

Closes #3162

RELEASE-NOTES: synced

Fix for compiling with lwIP (3)

lwIP on Windows does not have a WSAIoctl() function.
But it do have a SO_SNDBUF option to lwip_setsockopt(). But it currently does nothing.

Curl_follow: return better errors on URL problems

... by making the converter function global and accessible.

Closes #3153

Curl_follow: remove remaining free(newurl)

Follow-up to 05564e750e8f0c. This function no longer frees the passed-in
URL.

Reported-by: Michael Kaufmann
Bug: https://github.co

Curl_follow: remove remaining free(newurl)

Follow-up to 05564e750e8f0c. This function no longer frees the passed-in
URL.

Reported-by: Michael Kaufmann
Bug: https://github.com/curl/curl/commit/05564e750e8f0c79016c680f301ce251e6e86155#commitcomm
ent-30985666

show more ...

headers: end all headers with guard comment

Most headerfiles end with a /* <headerguard> */ comment, but it was
missing from some. The comment isn't the most important part of our
co

headers: end all headers with guard comment

Most headerfiles end with a /* <headerguard> */ comment, but it was
missing from some. The comment isn't the most important part of our
code documentation but consistency has an intrinsic value in itself.
This adds header guard comments to the files that were lacking it.

Closes #3158
Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
Reviewed-by: Daniel Stenberg <daniel@haxx.se>

show more ...

CIPHERS.md: Mention the options used to set TLS 1.3 ciphers

Closes https://github.com/curl/curl/pull/3159

docs/BUG-BOUNTY: the sponsors actually decide the amount

Retract the previous approach as the sponsors will be the ones to set the
final amounts.

Closes #3152
[ci skip]

multi: avoid double-free

Curl_follow() no longer frees the string. Make sure it happens in the
caller function, like we normally handle allocations.

This bug was introduced with

multi: avoid double-free

Curl_follow() no longer frees the string. Make sure it happens in the
caller function, like we normally handle allocations.

This bug was introduced with the use of the URL API internally, it has
never been in a release version

Reported-by: Dario Weißer
Closes #3149

show more ...

multi: make the closure handle "inherit" CURLOPT_NOSIGNAL

Otherwise, closing that handle can still cause surprises!

Reported-by: Martin Ankerl
Fixes #3138
Closes #3147

VS projects: add USE_IPV6

The Visual Studio builds didn't use IPv6. Add it to all projects since
Visual Studio 2008, which is verified to build via AppVeyor.

Closes https://gith

VS projects: add USE_IPV6

The Visual Studio builds didn't use IPv6. Add it to all projects since
Visual Studio 2008, which is verified to build via AppVeyor.

Closes https://github.com/curl/curl/pull/3137

show more ...

config_win32: enable LDAPS

As done in the autotools and CMake builds by default.

Closes https://github.com/curl/curl/pull/3137

travis: add build for "configure --disable-verbose"

Closes #3144

tool_cb_hdr: handle failure of rename()

Detected by Coverity.

Closes #3140
Reviewed-by: Jay Satiro

RELEASE-NOTES: synced

docs/SECURITY-PROCESS: the hackerone IBB program drops curl

... now there's only BountyGraph.

x509asn1: Fix SAN IP address verification

For IP addresses in the subject alternative name field, the length
of the IP address (and hence the number of bytes to perform a
memcmp on)

x509asn1: Fix SAN IP address verification

For IP addresses in the subject alternative name field, the length
of the IP address (and hence the number of bytes to perform a
memcmp on) is incorrectly calculated to be zero. The code previously
subtracted q from name.end. where in a successful case q = name.end
and therefore addrlen equalled 0. The change modifies the code to
subtract name.beg from name.end to calculate the length correctly.

The issue only affects libcurl with GSKit SSL, not other SSL backends.
The issue is not a security issue as IP verification would always fail.

Fixes #3102
Closes #3141

show more ...