| 01159b36 | 19-Jun-2024 |
Daniel Stenberg |
KNOWN_BUGS: TFTP tests fail on OpenBSD
Closes #13623
Closes #13975 |
| b715bb37 | 19-Jun-2024 |
Daniel Stenberg |
VULN-DISCLOSURE-POLICY: NULL dereferences and crashes
If a malicious server can trigger a NULL dereference in curl or
otherwise cause curl to crash (and nothing worse), chances are big t
VULN-DISCLOSURE-POLICY: NULL dereferences and crashes
If a malicious server can trigger a NULL dereference in curl or
otherwise cause curl to crash (and nothing worse), chances are big that
we do not consider that a security problem.
Closes #13974
show more ...
|
| b4ccf3fc | 19-Jun-2024 |
Daniel Stenberg |
RELEASE-NOTES: synced |
| 35c0117f | 13-Mar-2024 |
Sergey Markelov |
mbedtls: support CURLOPT_CERTINFO
Closes #13113 |
| cb96ca1b | 19-Jun-2024 |
Daniel Stenberg |
x509asn1: ASN1tostr() should fail when 'constructed' is set
This is a regression from my refactor in 623c3a8fa0bdb (#12808)
Follow-up to 623c3a8fa0bdb2751f14b37417
Closes #
x509asn1: ASN1tostr() should fail when 'constructed' is set
This is a regression from my refactor in 623c3a8fa0bdb (#12808)
Follow-up to 623c3a8fa0bdb2751f14b37417
Closes #13972
show more ...
|
| dc497d7b | 19-Jun-2024 |
Daniel Stenberg |
x509asn1: remove two static variables
cnOID and sanOID were not used outside of the OID table anyway
Closes #13971 |
| 04739054 | 18-Jun-2024 |
brian m. carlson |
TODO: TLS channel binding
Closes #13483 |
| 66bf995d | 14-Jun-2024 |
Tal Regev |
cmake: add CURL_USE_GSASL option with detection + CI test
Reviewed-by: Viktor Szakats
Closes #13948 |
| 8dc4493d | 16-Jun-2024 |
Daniel Stenberg |
x509asn1: make Curl_extract_certinfo store error message
To help us all better understand where the error actually comes from.
Ref: #13958
Closes #13959 |
| 92f42761 | 14-Jun-2024 |
Viktor Szakats |
appveyor: dump build logs on failure in VS2008 jobs
This seems to be the only way to see what actual toolchain commands were
run, and with what arguments.
Without `dos2unix`, `c
appveyor: dump build logs on failure in VS2008 jobs
This seems to be the only way to see what actual toolchain commands were
run, and with what arguments.
Without `dos2unix`, `cat` output comes out empty.
Closes #13957
show more ...
|
| b37040dd | 14-Jun-2024 |
Viktor Szakats |
cmake: fix quotes when appending multiple options (SecureTransport)
Copied from a vcpkg distro patch:
https://github.com/microsoft/vcpkg/blob/02745e0f4749d1f51d2025824209408f5a6c3614/por
cmake: fix quotes when appending multiple options (SecureTransport)
Copied from a vcpkg distro patch:
https://github.com/microsoft/vcpkg/blob/02745e0f4749d1f51d2025824209408f5a6c3614/ports/curl/dependencies.patch#L43C38-L44
Ref: https://github.com/microsoft/vcpkg/pull/38847
Ref: https://github.com/microsoft/vcpkg/commit/795f2f137e6cf6d985fcc927bffcaf9c0a96e4ac
Ref: https://github.com/microsoft/vcpkg/pull/38847/commits/36f0c917de5319e95361451fc0aef0698b264874#diff-ab5c23e5dc5df412539cc93e24b37abbc588e1918236f8abc019d676b270c85fR39 (sub-commit)
Authored-by: Kai Pastor
Closes #13953
show more ...
|
| 66c4a398 | 15-Jun-2024 |
Daniel Stenberg |
CURLOPT_NETRC.md: clarify what it does on Windows
Closes #13956 |
| 4adeb520 | 14-Jun-2024 |
Daniel Stenberg |
KNOWN_BUGS: "HTTP/2 + TLS spends a lot of time in recv"
Closes #13416
Closes #13955 |
| aab0c169 | 14-Jun-2024 |
Daniel Stenberg |
RELEASE-NOTES: synced |
| 6e2d3db9 | 14-Jun-2024 |
Yedaya Katsman |
examples: add missing binaries to .gitignore
They were showing as changed when built. Add them sorted alphabetically,
while also moving a few more entries to sorted order.
Close
examples: add missing binaries to .gitignore
They were showing as changed when built. Add them sorted alphabetically,
while also moving a few more entries to sorted order.
Closes #13952
show more ...
|
| 9d09f9ec | 14-Jun-2024 |
Yedaya Katsman |
docs: reference non deprecated libcurl options
There are a places where man pages reference deprecated CURLOPT options,
where it doesn't make sense, replace them with the reccomended
docs: reference non deprecated libcurl options
There are a places where man pages reference deprecated CURLOPT options,
where it doesn't make sense, replace them with the reccomended
replacement option.
also remove reference to the removed mesalink TLS backend
Closes #13951
show more ...
|
| 6b93190f | 14-Jun-2024 |
Daniel Stenberg |
gnutls: pass in SNI name, not hostname when checking cert
The function we use is called 'gnutls_x509_crt_check_hostname()' but if
we pass in the hostname with a trailing dot, the check f
gnutls: pass in SNI name, not hostname when checking cert
The function we use is called 'gnutls_x509_crt_check_hostname()' but if
we pass in the hostname with a trailing dot, the check fails. If we pass
in the SNI name, which cannot have a trailing dot, it succeeds for
https://pyropus.ca./
I consider this as a flaw in GnuTLS and have submitted this issue
upstream:
https://gitlab.com/gnutls/gnutls/-/issues/1548
In order to work with old and existing GnuTLS versions, we still need
this change no matter how they view the issue or might change it in the
future.
Fixes #13428
Reported-by: Ryan Carsten Schmidt
Closes #13949
show more ...
|
| b41a1624 | 14-Jun-2024 |
Daniel Stenberg |
BINDINGS: update java link to one that exists
The previous java binding seems to have vanished. Link to one that still
exists.
Bug: https://github.com/curl/everything-curl/issue
BINDINGS: update java link to one that exists
The previous java binding seems to have vanished. Link to one that still
exists.
Bug: https://github.com/curl/everything-curl/issues/456
Reported-by: Jiang Wenjian
Closes #13950
show more ...
|
| 8b368fa3 | 13-Jun-2024 |
renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
GHA: update pinned actions
- github/codeql-action digest to 23acc5c
- actions/checkout digest to 692973e
- rojopolis/spellcheck-github-actions digest to d354a4d
Closes #1393
GHA: update pinned actions
- github/codeql-action digest to 23acc5c
- actions/checkout digest to 692973e
- rojopolis/spellcheck-github-actions digest to d354a4d
Closes #13935
Closes #13945
Closes #13946
show more ...
|
| 85efbb92 | 26-Apr-2024 |
Jay Satiro |
tool_cb_hdr: allow etag and content-disposition for 3xx reply
- Parse etag and content-disposition headers for 3xx replies.
For example, a server may send a content-disposition file
tool_cb_hdr: allow etag and content-disposition for 3xx reply
- Parse etag and content-disposition headers for 3xx replies.
For example, a server may send a content-disposition filename header
with a redirect reply (3xx) but not with the final response (2xx).
Without this change curl would ignore the server's specified filename
and continue to use the filename extracted from the user-specified URL.
Prior to this change, 75d79a4 had limited etag and content-disposition
to 2xx replies only.
Tests-by: Daniel Stenberg
Reported-by: Morgan Willcock
Fixes https://github.com/curl/curl/issues/13302
Closes #13484
show more ...
|
| cb5c7039 | 13-Jun-2024 |
Daniel Stenberg |
transfer: set CSELECT_IN if there is data pending
When aborting the transfer loop early, like when there is rate limiting
in effect, there might be buffered data already read off the soc
transfer: set CSELECT_IN if there is data pending
When aborting the transfer loop early, like when there is rate limiting
in effect, there might be buffered data already read off the socket so
the socket might not signal reability. Therefore we must set the
CSELECT_IN manually if data_pending_() suggests there might be more data
to get. This is particularly noticeable with SSH when the underlying
library has drained the socket and holds pending data in its buffer.
Reported-by: alervd on github
Fixes #13695
Closes #13943
show more ...
|
| e5a35b49 | 13-Jun-2024 |
Viktor Szakats |
cmake: enable SOVERSION for Cygwin and `CMAKE_DLL_NAME_WITH_SOVERSION`
- enable SOVERSION when `CMAKE_DLL_NAME_WITH_SOVERSION=ON` is set.
Ref: https://cmake.org/cmake/help/v3.27/variab
cmake: enable SOVERSION for Cygwin and `CMAKE_DLL_NAME_WITH_SOVERSION`
- enable SOVERSION when `CMAKE_DLL_NAME_WITH_SOVERSION=ON` is set.
Ref: https://cmake.org/cmake/help/v3.27/variable/CMAKE_DLL_NAME_WITH_SOVERSION.html
Use: https://github.com/search?q=-DCMAKE_DLL_NAME_WITH_SOVERSION&type=code
- enable SOVERSION for Cygwin builds by default.
Ref: #13936
Ref: #13944
Closes #13898
show more ...
|
| bd2d5db5 | 13-Jun-2024 |
Viktor Szakats |
cmake: allow SOVERSION override with `CURL_LIBCURL_SOVERSION`
Allow overriding SOVERSION with the new CMake option:
`CURL_LIBCURL_SOVERSION=ON/OFF`
For certain target platforms
cmake: allow SOVERSION override with `CURL_LIBCURL_SOVERSION`
Allow overriding SOVERSION with the new CMake option:
`CURL_LIBCURL_SOVERSION=ON/OFF`
For certain target platforms the shared libcurl library filename
contains the SOVERSION. This new option allows to enable/disable
this behavior manually. If set, it takes precedence over the default
setting.
Ref: #13898
Closes #13944
show more ...
|
| e9507bd8 | 13-Jun-2024 |
renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
Dockerfile: update debian:bookworm-slim to 84d83b2
Closes #13934 |
| 7ddc355a | 13-Jun-2024 |
Daniel Stenberg |
configure: use AC_MSG_WARN for TLS/experimental warning texts
- no longer warns for mbedtls
- warns for each item on individual lines
- no longer shows irrelevant TLS libraries when
configure: use AC_MSG_WARN for TLS/experimental warning texts
- no longer warns for mbedtls
- warns for each item on individual lines
- no longer shows irrelevant TLS libraries when multiple are selected
- removes ech repetition
Closes #13941
show more ...
|
