| 2c33105d | 12-Jul-2018 |
Marcel Raad |
schannel: enable CALG_TLS1PRF for w32api >= 5.1
The definition of CALG_TLS1PRF has been fixed in the 5.1 branch:
https://osdn.net/projects/mingw/scm/git/mingw-org-wsl/commits/73aedcc0f2e
schannel: enable CALG_TLS1PRF for w32api >= 5.1
The definition of CALG_TLS1PRF has been fixed in the 5.1 branch:
https://osdn.net/projects/mingw/scm/git/mingw-org-wsl/commits/73aedcc0f2e6ba370de0d86ab878ad76a0dda7b5
show more ...
|
| 29b78a53 | 12-Jul-2018 |
Daniel Stenberg |
docs/SECURITY-PROCESS: mention bounty, drop pre-notify
+ The hackerone bounty and its process
- We don't and can't handle pre-notification |
| acefdd0c | 04-Jul-2018 |
Daniel Stenberg |
multi: always do the COMPLETED procedure/state
It was previously erroneously skipped in some situations.
libtest/libntlmconnect.c wrongly depended on wrong behavior (that it
wou
multi: always do the COMPLETED procedure/state
It was previously erroneously skipped in some situations.
libtest/libntlmconnect.c wrongly depended on wrong behavior (that it
would get a zero timeout) when no handles are "running" in a multi
handle. That behavior is no longer present with this fix. Now libcurl
will always return a -1 timeout when all handles are completed.
Closes #2733
show more ...
|
| 151d3c56 | 03-Jul-2018 |
Daniel Stenberg |
Curl_getoff_all_pipelines: improved for multiplexed
On multiplexed connections, transfers can be removed from anywhere not
just at the head as for pipelines. |
| c8373e3d | 03-Jul-2018 |
Daniel Stenberg |
ares: check for NULL in completed-callback |
| 1b76c389 | 03-Jul-2018 |
Daniel Stenberg |
conn: remove the boolean 'inuse' field
... as the usage needs to be counted. |
| d6417f6c | 11-Jul-2018 |
Paul Howarth |
openssl: assume engine support in 1.0.0 or later
Commit 38203f1585da changed engine detection to be version-based,
with a baseline of openssl 1.0.1. This does in fact break builds
wi
openssl: assume engine support in 1.0.0 or later
Commit 38203f1585da changed engine detection to be version-based,
with a baseline of openssl 1.0.1. This does in fact break builds
with openssl 1.0.0, which has engine support - the configure script
detects that ENGINE_cleanup() is available - but <openssl/engine.h>
doesn't get included to declare it.
According to upstream documentation, engine support was added to
mainstream openssl builds as of version 0.9.7:
https://github.com/openssl/openssl/blob/master/README.ENGINE
This commit drops the version test down to 1.0.0 as version 1.0.0d
is the oldest version I have to test with.
Closes #2732
show more ...
|
| 48cf45c5 | 10-Jul-2018 |
Marcel Raad |
schannel: fix MinGW compile break
Original MinGW's w32api has a sytax error in its definition of
CALG_TLS1PRF [0]. Don't use original MinGW w32api's CALG_TLS1PRF
until this bug [1] i
schannel: fix MinGW compile break
Original MinGW's w32api has a sytax error in its definition of
CALG_TLS1PRF [0]. Don't use original MinGW w32api's CALG_TLS1PRF
until this bug [1] is fixed.
[0] https://osdn.net/projects/mingw/scm/git/mingw-org-wsl/blobs/d1d4a17e51a2b78e252ef0147d483267d56c90cc/w32api/include/wincrypt.h
[1] https://osdn.net/projects/mingw/ticket/38391
Fixes https://github.com/curl/curl/pull/2721#issuecomment-403636043
Closes https://github.com/curl/curl/pull/2728
show more ...
|
| 1f6e38e6 | 11-Jul-2018 |
Daniel Stenberg |
examples/crawler.c: move #ifdef to column 0
Apparently the C => HTML converter on the web site doesn't quite like it
otherwise.
Reported-by: Jeroen Ooms |
| eb813840 | 11-Jul-2018 |
Daniel Stenberg |
release: 7.61.0 |
| d3bd7cb3 | 10-Jul-2018 |
Daniel Stenberg |
TODO: Configurable loading of OpenSSL configuration file
Closes #2724 |
| 522236f5 | 09-Jul-2018 |
Daniel Stenberg |
post303.d: clarify that this is an RFC violation
... and not the other way around, which this previously said.
Reported-by: Vasiliy Faronov
Fixes #2723
Closes #2726 |
| e0a4bba7 | 05-Jul-2018 |
Ruslan Baratov |
CMake: remove redundant and old end-of-block syntax
Reviewed-by: Jakub Zakrzewski
Closes #2715 |
| 685dc3c0 | 09-Jul-2018 |
Jay Satiro |
lib/curl_setup.h: remove unicode character
Follow-up to 82ce416.
Ref: https://github.com/curl/curl/commit/8272ec5#commitcomment-29646818 |
| 82ce4162 | 09-Jul-2018 |
Daniel Stenberg |
lib/curl_setup.h: remove unicode bom from 8272ec50f02 |
| 424f1cfe | 08-Jul-2018 |
Marcel Raad |
schannel: fix -Wsign-compare warning
MinGW warns:
/lib/vtls/schannel.c:219:64: warning: signed and unsigned type in
conditional expression [-Wsign-compare]
Fix this by casti
schannel: fix -Wsign-compare warning
MinGW warns:
/lib/vtls/schannel.c:219:64: warning: signed and unsigned type in
conditional expression [-Wsign-compare]
Fix this by casting the ptrdiff_t to size_t as we know it's positive.
Closes https://github.com/curl/curl/pull/2721
show more ...
|
| 07f7c93f | 08-Jul-2018 |
Marcel Raad |
schannel: workaround for wrong function signature in w32api
Original MinGW's w32api has CryptHashData's second parameter as BYTE *
instead of const BYTE *.
Closes https://github
schannel: workaround for wrong function signature in w32api
Original MinGW's w32api has CryptHashData's second parameter as BYTE *
instead of const BYTE *.
Closes https://github.com/curl/curl/pull/2721
show more ...
|
| a189ab91 | 08-Jul-2018 |
Marcel Raad |
schannel: make more cipher options conditional
They are not defined in the original MinGW's <wincrypt.h>.
Closes https://github.com/curl/curl/pull/2721 |
| 8272ec50 | 08-Jul-2018 |
Marcel Raad |
curl_setup: include <winerror.h> before <windows.h>
Otherwise, only part of it gets pulled in through <windows.h> on
original MinGW.
Fixes https://github.com/curl/curl/issues/23
curl_setup: include <winerror.h> before <windows.h>
Otherwise, only part of it gets pulled in through <windows.h> on
original MinGW.
Fixes https://github.com/curl/curl/issues/2361
Closes https://github.com/curl/curl/pull/2721
show more ...
|
| 5bd8c389 | 08-Jul-2018 |
Marcel Raad |
examples: fix -Wformat warnings
When size_t is not a typedef for unsigned long (as usually the case on
Windows), GCC emits -Wformat warnings when using lu and lx format
specifiers wi
examples: fix -Wformat warnings
When size_t is not a typedef for unsigned long (as usually the case on
Windows), GCC emits -Wformat warnings when using lu and lx format
specifiers with size_t. Silence them with explicit casts to
unsigned long.
Closes https://github.com/curl/curl/pull/2721
show more ...
|
| ba1dbd78 | 13-Jun-2018 |
Daniel Stenberg |
smtp: use the upload buffer size for scratch buffer malloc
... not the read buffer size, as that can be set smaller and thus cause
a buffer overflow! CVE-2018-0500
Reported-by:
smtp: use the upload buffer size for scratch buffer malloc
... not the read buffer size, as that can be set smaller and thus cause
a buffer overflow! CVE-2018-0500
Reported-by: Peter Wu
Bug: https://curl.haxx.se/docs/adv_2018-70a2.html
show more ...
|
| 0b4ccc97 | 07-Jul-2018 |
Dave Reisner |
scripts: include _curl as part of CLEANFILES
Closes #2718 |
| b78d1a3d | 01-Jul-2018 |
Nick Zitzmann |
darwinssl: allow High Sierra users to build the code using GCC
...but GCC users lose out on TLS 1.3 support, since we can't weak-link
enumeration constants.
Fixes #2656
Clos
darwinssl: allow High Sierra users to build the code using GCC
...but GCC users lose out on TLS 1.3 support, since we can't weak-link
enumeration constants.
Fixes #2656
Closes #2703
show more ...
|
| b4db3a8a | 05-Jul-2018 |
Ruslan Baratov |
CMake: Remove unused 'output_var' from 'collect_true'
Variable 'output_var' is not used and can be removed.
Function 'collect_true' renamed to 'count_true'. |
| fac400da | 05-Jul-2018 |
Ruslan Baratov |
CMake: Remove unused functions
Closes #2711 |
