ee52bead | 19-May-2022 |
Vincent Torri |
cmake: add libpsl support Fixes #8865 Closes #8867 |
9accb9a5 | 17-May-2022 |
Tatsuhiro Tsujikawa |
ngtcp2: extend QUIC transport parameters buffer Extend QUIC transport parameters buffer because 64 bytes are too short for the ever increasing parameters. Closes #8872 |
136ab928 | 17-May-2022 |
Tatsuhiro Tsujikawa |
ngtcp2: handle error from ngtcp2_conn_submit_crypto_data Closes #8871 |
fe1d00e7 | 15-May-2022 |
Tatsuhiro Tsujikawa |
ngtcp2: send appropriate connection close error code Closes #8870 |
b6487eb3 | 19-May-2022 |
Daniel Stenberg |
test1561: adjusted for the cookie fix |
9ec22e4f | 19-May-2022 |
Daniel Stenberg |
test414: verify secure cookie domain overlay |
e9a8451a | 19-May-2022 |
Harry Sintonen |
cookie: address secure domain overlay Bug: https://hackerone.com/reports/1560324 Co-authored-by: Daniel Stenberg Closes #8840 |
b12c2b91 | 18-May-2022 |
Frank Gevaerts |
strcase: some optimisations Lookup tables for toupper() and tolower() make Curl_strcasecompare() about 1.5 times faster. Reorganising Curl_strcasecompare() to fully exit early then a
strcase: some optimisations Lookup tables for toupper() and tolower() make Curl_strcasecompare() about 1.5 times faster. Reorganising Curl_strcasecompare() to fully exit early then also allows simplifying the check at the end, for another 15%. In total, the changes make Curl_strcasecompare() around 1.6 to 1.7 times faster. Note that these optimisation assume ASCII. The original Curl_raw_toupper() and raw_tolower() look like they already made that assumption. Closes #8875
show more ...
|
435acbd3 | 19-May-2022 |
Daniel Stenberg |
BUG-BOUNTY.md: mention the audit exception Dedicated - paid for - security audits that are performed in collaboration with curl developers are not eligible for bounties. (plus I
BUG-BOUNTY.md: mention the audit exception Dedicated - paid for - security audits that are performed in collaboration with curl developers are not eligible for bounties. (plus I changed the sub-titles to use ## instead of # in the markdown) Closes #8880
show more ...
|
08429362 | 17-May-2022 |
Daniel Stenberg |
lib/vssh/wolfssh.h: removed Unused header file Reported-by: Illarion Taev Fixes #8863 Closes #8866 |
835a2053 | 17-May-2022 |
Elms |
wolfSSL: explicitly use compatibility layer This change removes adding an include `$prefix/wolfssl` or similar to allow for openssl include aliasing. Include paths of `wolfssl/openssl/`
wolfSSL: explicitly use compatibility layer This change removes adding an include `$prefix/wolfssl` or similar to allow for openssl include aliasing. Include paths of `wolfssl/openssl/` are used to explicitly use wolfSSL includes. This fixes cmake builds as well as avoiding potentially using openSSL headers since include path order is not guaranteed. Closes #8864
show more ...
|
84052154 | 17-May-2022 |
Daniel Stenberg |
curl: deprecate --random-file and --egd-file As libcurl no longer has any functionality for them, the tool now does nothing with them. Closes #8670 |
8d86718f | 17-May-2022 |
Daniel Stenberg |
opts: deprecate RANDOM_FILE and EGDSOCKET These two options were only ever used for the OpenSSL backend for versions before 1.1.0. They were never used for other backends and they ar
opts: deprecate RANDOM_FILE and EGDSOCKET These two options were only ever used for the OpenSSL backend for versions before 1.1.0. They were never used for other backends and they are not used with recent OpenSSL versions. They were never used much by applications. The defines RANDOM_FILE and EGD_SOCKET can still be set at build-time for ancient EOL OpenSSL versions. Closes #8670
show more ...
|
1b3dcaed | 16-May-2022 |
Harry Sintonen |
bindlocal: don't use a random port if port number would wrap Earlier if CURLOPT_LOCALPORT + CURLOPT_LOCALPORTRANGE would go past port 65535 the code would fall back to random port rather
bindlocal: don't use a random port if port number would wrap Earlier if CURLOPT_LOCALPORT + CURLOPT_LOCALPORTRANGE would go past port 65535 the code would fall back to random port rather than giving up. Closes #8862
show more ...
|
542c78dd | 16-May-2022 |
Daniel Gustafsson |
transfer: Fix potential NULL pointer dereference Commit 0ef54abf5208 accidentally used the conn variable before the assertion for it being NULL. Fix by moving the assignment which use
transfer: Fix potential NULL pointer dereference Commit 0ef54abf5208 accidentally used the conn variable before the assertion for it being NULL. Fix by moving the assignment which use conn to after the assertion. Closes: #8857 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
show more ...
|
2df67e93 | 16-May-2022 |
Daniel Gustafsson |
docs: clarify data replacement policy for MIME API The API documentation for the MIME functions specify that the parts can be set twice, with the last call winning. While true, the user
docs: clarify data replacement policy for MIME API The API documentation for the MIME functions specify that the parts can be set twice, with the last call winning. While true, the user can set the parts n times for n > 2, reword to specify multiple API calls instead. Closes: #8860 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
show more ...
|
adde9f0e | 03-May-2022 |
vvb2060 on github |
ngtcp2: support boringssl crypto backend Closes #8789 |
6fcd3e6f | 12-Apr-2022 |
Tatsuhiro Tsujikawa |
quic: add Curl_quic_idle Add Curl_quic_idle which is called when no HTTP level read or write is performed. It is a good place to handle timer expiry for QUIC transport (.e.g, retran
quic: add Curl_quic_idle Add Curl_quic_idle which is called when no HTTP level read or write is performed. It is a good place to handle timer expiry for QUIC transport (.e.g, retransmission). Closes #8698
show more ...
|
53678992 | 24-Apr-2022 |
Gregor Jasny |
mprintf: ignore clang non-literal format string Closes #8740 |
e0b43c8e | 15-May-2022 |
Nick Zitzmann |
sectransp: check for a function defined when __BLOCKS__ is undefined SecTrustEvaluateAsync() is defined in the macOS 10.7 SDK, but it requires Grand Central Dispatch to be supported by t
sectransp: check for a function defined when __BLOCKS__ is undefined SecTrustEvaluateAsync() is defined in the macOS 10.7 SDK, but it requires Grand Central Dispatch to be supported by the compiler, and some third-party macOS compilers do not support Grand Central Dispatch. SecTrustCopyPublicKey() is not present in macOS 10.6, so this shouldn't adversely affect anything. Fixes #8846 Reported-by: Egor Pugin Closes #8854
show more ...
|
d17db571 | 16-May-2022 |
Daniel Gustafsson |
test412/413: Use version macro for User-Agent Commit 46d45ea3a incorrectly hardcoded the User-Agent in the test output file which breaks when curlver is updated. Shift to using the %
test412/413: Use version macro for User-Agent Commit 46d45ea3a incorrectly hardcoded the User-Agent in the test output file which breaks when curlver is updated. Shift to using the %VERSION macro instead. Closes: #8856
show more ...
|
bf327a9d | 16-May-2022 |
Daniel Gustafsson |
macos9: remove partial support The support for compiling on Mac OS 9 hasn't been modified since 2001 and has no active maintainer or packager, so it's time to remove it as it's incre
macos9: remove partial support The support for compiling on Mac OS 9 hasn't been modified since 2001 and has no active maintainer or packager, so it's time to remove it as it's incredibly unlikely to work. If a maintainer re-emerges it can be resurrected from Git history. Closes: #8836 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
show more ...
|
3ead9143 | 16-May-2022 |
Daniel Stenberg |
test1635: verify --fail-with-body with --retry Almost a dupe of 1634 Closes #8847 |
0356804d | 16-May-2022 |
Daniel Stenberg |
tool_operate: make sure --fail-with-body works with --retry ... in the same way --fail already does. Reported-by: Jakub Bochenski Fixes #8845 Closes #8847 |
5980068c | 15-May-2022 |
Tatsuhiro Tsujikawa |
ngtcp2: Correct use of ngtcp2 and nghttp3 signed integer types Closes #8851 |