THANKS-filter: dedup Daniel Jeliński

RELEASE-NOTES: synced

CURLOPT_ACCEPT_ENCODING.3: list them comma-separated [ci skip]

CURLOPT_SSL_CTX_FUNCTION.3: might cause unintended connection reuse [ci skip]

Added a warning!

Closes #2915

curl: fix time-of-check, time-of-use race in dir creation

Patch-by: Jay Satiro
Detected by Coverity
Fixes #2739
Closes #2912

cmdline-opts/page-footer: fix edit mistake

There was a missing newline.

follow-up to a7ba60bb7250

docs: clarify NO_PROXY env variable functionality

Reported-by: Kirill Marchuk
Fixes #2773
Closes #2911

lib1522: fix curl_easy_setopt argument type

CURLOPT_POSTFIELDSIZE is a long option.

curl_threads: silence bad-function-cast warning

As uintptr_t and HANDLE are always the same size, this warning is
harmless. Just silence it using an intermediate uintptr_t variable.

curl_threads: silence bad-function-cast warning

As uintptr_t and HANDLE are always the same size, this warning is
harmless. Just silence it using an intermediate uintptr_t variable.

Closes https://github.com/curl/curl/pull/2908

show more ...

README: add appveyor build badge [ci skip]

Closes #2913

schannel: client certificate store opening fix

1) Using CERT_STORE_OPEN_EXISTING_FLAG ( or CERT_STORE_READONLY_FLAG )
while opening certificate store would be sufficient in this scenario

schannel: client certificate store opening fix

1) Using CERT_STORE_OPEN_EXISTING_FLAG ( or CERT_STORE_READONLY_FLAG )
while opening certificate store would be sufficient in this scenario and
less-demanding in sense of required user credentials ( for example,
IIS_IUSRS will get "Access Denied" 0x05 error for existing CertOpenStore
call without any of flags mentioned above ),

2) as 'cert_store_name' is a DWORD, attempt to format its value like a
string ( in "Failed to open cert store" error message ) will throw null
pointer exception

3) adding GetLastError(), in my opinion, will make error message more
useful.

Bug: https://curl.haxx.se/mail/lib-2018-08/0198.html

Closes #2909

show more ...

gopher: Do not translate `?' to `%09'

Since GOPHER support was added in curl `?' character was automatically
translated to `%09' (`\t').

However, this behaviour does not seems d

gopher: Do not translate `?' to `%09'

Since GOPHER support was added in curl `?' character was automatically
translated to `%09' (`\t').

However, this behaviour does not seems documented in RFC 4266 and for
search selectors it is documented to directly use `%09' in the URL.
Apart that several gopher servers in the current gopherspace have CGI
support where `?' is used as part of the selector and translating it to
`%09' often leads to surprising results.

Closes #2910

show more ...

cookie tests: treat files as text

Fixes test failures because of wrong line endings on Windows.

libcurl-thread.3: expand somewhat on the NO_SIGNAL motivation

Multi-threaded applictions basically MUST set CURLOPT_NO_SIGNAL to 1L to
avoid the risk of getting a SIGPIPE.

Eithe

libcurl-thread.3: expand somewhat on the NO_SIGNAL motivation

Multi-threaded applictions basically MUST set CURLOPT_NO_SIGNAL to 1L to
avoid the risk of getting a SIGPIPE.

Either way, a multi-threaded application that uses libcurl/openssl needs
to have a signhandler for or ignore SIGPIPE on its own.

Based on discussions in #2800
Closes #2904

show more ...

RELEASE-NOTES: synced

Tests: fixes for Windows

- test 1268 requires unix sockets
- test 2072 must be disabled also for MSYS/MinGW

http2: abort the send_callback if not setup yet

When Curl_http2_done() gets called before the http2 data is setup all
the way, we cannot send anything and this should just return an erro

http2: abort the send_callback if not setup yet

When Curl_http2_done() gets called before the http2 data is setup all
the way, we cannot send anything and this should just return an error.

Detected by OSS-Fuzz
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10012

show more ...

http2: remove four unused nghttp2 callbacks

Closes #2903

x509asn1: use FALLTHROUGH

... as no other comments are accepted since 014ed7c22f51463

test1148: disable if decimal separator is not point

Modifying the locale with environment variables doesn't work for native
Windows applications. Just disable the test in this case if th

test1148: disable if decimal separator is not point

Modifying the locale with environment variables doesn't work for native
Windows applications. Just disable the test in this case if the decimal
separator is something different than a point. Use a precheck with a
small C program to achieve that.

Closes https://github.com/curl/curl/pull/2786

show more ...

Enable more GCC warnings

This enables the following additional warnings:
-Wold-style-definition
-Warray-bounds=2 instead of the default 1
-Wformat=2, but only for GCC 4.8+ as Wno

Enable more GCC warnings

This enables the following additional warnings:
-Wold-style-definition
-Warray-bounds=2 instead of the default 1
-Wformat=2, but only for GCC 4.8+ as Wno-format-nonliteral is not
respected for older versions
-Wunused-const-variable, which enables level 2 instead of the default 1
-Warray-bounds also in debug mode through -ftree-vrp
-Wnull-dereference also in debug mode through
-fdelete-null-pointer-checks

Closes https://github.com/curl/curl/pull/2747

show more ...

curl-compilers: enable -Wimplicit-fallthrough=4 for GCC

This enables level 4 instead of the default level 3, which of the
currently used comments only allows /* FALLTHROUGH */ to silence

curl-compilers: enable -Wimplicit-fallthrough=4 for GCC

This enables level 4 instead of the default level 3, which of the
currently used comments only allows /* FALLTHROUGH */ to silence the
warning.

Closes https://github.com/curl/curl/pull/2747

show more ...

curl-compilers: enable -Wbad-function-cast on GCC

This warning used to be enabled only for clang as it's a bit stricter
on GCC. Silence the remaining occurrences and enable it on GCC too

curl-compilers: enable -Wbad-function-cast on GCC

This warning used to be enabled only for clang as it's a bit stricter
on GCC. Silence the remaining occurrences and enable it on GCC too.

Closes https://github.com/curl/curl/pull/2747

show more ...

configure: conditionally enable pedantic-errors

Enable pedantic-errors for GCC >= 5 with --enable-werror. Before GCC 5,
pedantic-errors was synonymous to -Werror=pedantic [0], which is s

configure: conditionally enable pedantic-errors

Enable pedantic-errors for GCC >= 5 with --enable-werror. Before GCC 5,
pedantic-errors was synonymous to -Werror=pedantic [0], which is still
the case for clang [1]. With GCC 5, it became complementary [2].

Also fix a resulting error in acinclude.m4 as main's return type was
missing, which is illegal in C99.

[0] https://gcc.gnu.org/onlinedocs/gcc-4.9.0/gcc/Warning-Options.html
[1] https://clang.llvm.org/docs/UsersManual.html#options-to-control-error-and-warning-messages
[2] https://gcc.gnu.org/onlinedocs/gcc-5.1.0/gcc/Warning-Options.html

Closes https://github.com/curl/curl/pull/2747

show more ...

Remove unused definitions

Closes https://github.com/curl/curl/pull/2747