93d09286 | 31-Aug-2022 |
Daniel Stenberg |
RELEASE-NOTES: synced curl 7.85.0 release |
9b2f89b9 | 31-Aug-2022 |
Daniel Stenberg |
THANKS: add contributors from the 7.85.0 release |
5b059ba8 | 30-Aug-2022 |
Daniel Stenberg |
getparam: correctly clean args Follow-up to bf7e887b2442783ab52 The previous fix for #9128 was incomplete and caused #9397. Fixes #9397 Closes #9399 |
e43c3b3e | 30-Aug-2022 |
Daniel Stenberg |
zuul: remove the clang-tidy job Turns out we don't see the warnings, but the warnings right now are plain ridiculous and unhelpful so we can just as well just kill this job.
zuul: remove the clang-tidy job Turns out we don't see the warnings, but the warnings right now are plain ridiculous and unhelpful so we can just as well just kill this job. Closes #9390
show more ...
|
cafb356e | 30-Aug-2022 |
Daniel Stenberg |
cmake: set feature PSL if present ... make test 1014 pass when libpsl is used. Closes #9391 |
592290ed | 30-Aug-2022 |
Daniel Stenberg |
lib530: simplify realloc failure exit path To make code analyzers happier Closes #9392 |
56f1bbdd | 05-Aug-2022 |
Orgad Shaneh |
tests: add tests for netrc login/password combinations Covers the following PRs: - #9066 - #9247 - #9248 Closes #9256 |
c40ec317 | 03-Aug-2022 |
Orgad Shaneh |
url: really use the user provided in the url when netrc entry exists If the user is specified as part of the URL, and the same user exists in .netrc, Authorization header was not sent at
url: really use the user provided in the url when netrc entry exists If the user is specified as part of the URL, and the same user exists in .netrc, Authorization header was not sent at all. The user and password fields were assigned in conn->user and password but the user was not assigned to data->state.aptr, which is the field that is used in output_auth_headers and friends. Fix by assigning the user also to aptr. Amends commit d1237ac906ae7e3cd7a22c3a2d3a135a97edfbf5. Fixes #9243
show more ...
|
943fb2b2 | 04-Aug-2022 |
Orgad Shaneh |
netrc: Use the password from lines without login If netrc entry has password with empty login, use it for any username. Example: .netrc: machine example.com password 123456
netrc: Use the password from lines without login If netrc entry has password with empty login, use it for any username. Example: .netrc: machine example.com password 123456 curl -vn http://user@example.com/ Fix it by initializing state_our_login to TRUE, and reset it only when finding an entry with the same host and different login. Closes #9248
show more ...
|
8bd03516 | 29-Jun-2022 |
Jay Satiro |
url: treat missing usernames in netrc as empty - If, after parsing netrc, there is a password with no username then set a blank username. This used to be the case prior to 7d6
url: treat missing usernames in netrc as empty - If, after parsing netrc, there is a password with no username then set a blank username. This used to be the case prior to 7d600ad (precedes 7.82). Note parseurlandfillconn already does the same thing for URLs. Reported-by: Raivis <standsed@users.noreply.github.com> Testing-by: Domen Kožar Fixes https://github.com/curl/curl/issues/8653 Closes #9334 Closes #9066
show more ...
|
2fc031d8 | 28-Aug-2022 |
Daniel Stenberg |
test8: verify that "ctrl-byte cookies" are ignored |
8dfc93e5 | 28-Aug-2022 |
Daniel Stenberg |
cookie: reject cookies with "control bytes" Rejects 0x01 - 0x1f (except 0x09) plus 0x7f Reported-by: Axel Chong Bug: https://curl.se/docs/CVE-2022-35252.html CVE-2
cookie: reject cookies with "control bytes" Rejects 0x01 - 0x1f (except 0x09) plus 0x7f Reported-by: Axel Chong Bug: https://curl.se/docs/CVE-2022-35252.html CVE-2022-35252 Closes #9381
show more ...
|
74e156d0 | 29-Aug-2022 |
Daniel Stenberg |
libssh: ignore deprecation warnings libssh 0.10.0 marks all SCP functions as "deprecated" which causes compiler warnings and errors in our CI jobs and elsewhere. Ignore deprecation w
libssh: ignore deprecation warnings libssh 0.10.0 marks all SCP functions as "deprecated" which causes compiler warnings and errors in our CI jobs and elsewhere. Ignore deprecation warnings if 0.10.0 or later is found in the build. If they actually remove the functions at a later point, then someone can deal with that pain and functionality break then. Fixes #9382 Closes #9383
show more ...
|
aec8d306 | 29-Aug-2022 |
Daniel Stenberg |
Revert "schannel: when importing PFX, disable key persistence" This reverts commit 70d010d285315e5f1cad6bdb4953e167b069b692. Due to further reports in #9300 that indicate this commi
Revert "schannel: when importing PFX, disable key persistence" This reverts commit 70d010d285315e5f1cad6bdb4953e167b069b692. Due to further reports in #9300 that indicate this commit might introduce problems.
show more ...
|
7632c0d2 | 27-Aug-2022 |
Daniel Stenberg |
multi: use larger dns hash table for multi interface Have curl_multi_init() use a much larger DNS hash table than used for the easy interface to scale and perform better when used with _
multi: use larger dns hash table for multi interface Have curl_multi_init() use a much larger DNS hash table than used for the easy interface to scale and perform better when used with _many_ host names. curl_share_init() sets an in-between size. Inspired-by: Ivan Tsybulin See #9340 Closes #9376
show more ...
|
c5c6e867 | 24-Aug-2022 |
Marc Hoersken |
CI/runtests.pl: add param for dedicated curl to talk to APIs This should make it possible to also report test failures if our freshly build curl binary is not fully functional.
CI/runtests.pl: add param for dedicated curl to talk to APIs This should make it possible to also report test failures if our freshly build curl binary is not fully functional. Reviewed-by: Daniel Stenberg Closes #9360
show more ...
|
65bbb5e6 | 22-Aug-2022 |
Jacob Tolar |
openssl: add cert path in error message Closes #9349 |
74af81ca | 22-Aug-2022 |
Jacob Tolar |
cert.d: clarify that escape character works for file paths Closes #9349 |
313e606d | 17-Aug-2022 |
Daniel Stenberg |
gha: move over ngtcp2-gnutls CI job from zuul Closes #9331 |
109e9730 | 14-Aug-2022 |
Marc Hoersken |
cmake: add detection of threadsafe feature Avoids failing test 1014 by replicating configure checks for HAVE_ATOMIC and _WIN32_WINNT with custom CMake tests. Reviewed-by: Marcel
cmake: add detection of threadsafe feature Avoids failing test 1014 by replicating configure checks for HAVE_ATOMIC and _WIN32_WINNT with custom CMake tests. Reviewed-by: Marcel Raad Follow up to #8680 Closes #9312
show more ...
|
8c98d14b | 26-Aug-2022 |
Daniel Stenberg |
RELEASE-NOTES: synced |
d80b4f1e | 25-Aug-2022 |
Marc Hoersken |
CI/azure: align torture shallowness with GHA There 25 is used with FTP tests skipped, and 20 for FTP tests. This should make torture tests stay within the 60min timeout. Reviewe
CI/azure: align torture shallowness with GHA There 25 is used with FTP tests skipped, and 20 for FTP tests. This should make torture tests stay within the 60min timeout. Reviewed-by: Daniel Stenberg Closes #9371
show more ...
|
bc25c9e3 | 25-Aug-2022 |
Marc Hoersken |
multi_wait: fix and improve Curl_poll error handling on Windows First check for errors and return CURLM_UNRECOVERABLE_POLL before moving forward and waiting on socket readiness events.
multi_wait: fix and improve Curl_poll error handling on Windows First check for errors and return CURLM_UNRECOVERABLE_POLL before moving forward and waiting on socket readiness events. Reviewed-by: Jay Satiro Reviewed-by: Marcel Raad Reported-by: Daniel Stenberg Ref: #9361 Follow up to #8961 Closes #9372
show more ...
|
a71fe41d | 25-Jul-2022 |
Marc Hoersken |
multi_wait: fix skipping to populate revents for extra_fds On Windows revents was not populated for extra_fds if multi_wait had to wait due to the Curl_poll pre-check not signalling
multi_wait: fix skipping to populate revents for extra_fds On Windows revents was not populated for extra_fds if multi_wait had to wait due to the Curl_poll pre-check not signalling any readiness. This commit fixes that. Reviewed-by: Marcel Raad Reviewed-by: Jay Satiro Closes #9361
show more ...
|
52484bf3 | 25-Aug-2022 |
Marc Hoersken |
CI/appveyor: disable TLS in msys2-native autotools builds Schannel cannot be used from msys2-native Linux-emulated builds. Reviewed-by: Marcel Raad Reviewed-by: Daniel Stenberg
CI/appveyor: disable TLS in msys2-native autotools builds Schannel cannot be used from msys2-native Linux-emulated builds. Reviewed-by: Marcel Raad Reviewed-by: Daniel Stenberg Follow up to #9367 Closes #9370
show more ...
|