History log of /curl/ (Results 5251 – 5275 of 33763)
Revision (<<< Hide revision tags) (Show revision tags >>>)Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
a3cf94f329-Apr-2022 Christian Weisgerber

openssl: define HAVE_SSL_CTX_SET_EC_CURVES for libressl

SSL_CTX_set1_curves_list() has been available since LibreSSL 2.5.3,
released five years ago.

Bug: https://curl.se/mail/li

openssl: define HAVE_SSL_CTX_SET_EC_CURVES for libressl

SSL_CTX_set1_curves_list() has been available since LibreSSL 2.5.3,
released five years ago.

Bug: https://curl.se/mail/lib-2022-04/0059.html
Closes #8773

show more ...

d7b970e429-Apr-2022 Daniel Stenberg

http: move Curl_allow_auth_to_host()

It was mistakenly put within the CURL_DISABLE_HTTP_AUTH #ifdef

Reported-by: Michael Olbrich
Fixes #8772
Closes #8775

59d8928629-Apr-2022 Daniel Gustafsson

msh3: print boolean value as text representation

Print the boolean value as its string representation instead of with
%hhu which isn't a format we typically use.

Closes: #8763

msh3: print boolean value as text representation

Print the boolean value as its string representation instead of with
%hhu which isn't a format we typically use.

Closes: #8763
Reviewed-by: Nick Banks <nibanks@microsoft.com>

show more ...

685170b729-Apr-2022 Daniel Stenberg

data/test376: set a proper name

fa40e15a28-Apr-2022 Daniel Stenberg

GHA/mbedtls: enabled nghttp2 in the build

Closes #8767

6eb7fb3728-Apr-2022 Daniel Stenberg

mbedtls: fix compile when h2-enabled

Fixes #8766
Reported-by: LigH-de on github
Closes #8768

3fd1d8df28-Apr-2022 Daniel Stenberg

RELEASE-NOTES: synced

bumped curlver to 7.83.1-dev

ba34290927-Apr-2022 Daniel Stenberg

SECURITY-PROCESS: extended

Also clarify BUG-BOUNTY.md with IBB details.

Closes #8754

e07a9b6627-Apr-2022 Adam Rosenfield

conn: fix typo 'connnection' -> 'connection' in two function names

Closes #8759

1669b17d27-Apr-2022 Daniel Stenberg

RELEASE-NOTES: synced

The 7.83.0 release

0ea2456a27-Apr-2022 Daniel Stenberg

docs/THANKS: contributors from 7.83.0

cb60b2cc26-Apr-2022 Daniel Stenberg

test 898/974/976: require proxy to run

Fixes #8755
Reported-by: Marc Hörsken
Closes #8756

0935315526-Apr-2022 Daniel Stenberg

gnutls: don't leak the SRP credentials in redirects

Follow-up to 620ea21410030 and 139a54ed0a172a

Reported-by: Harry Sintonen
Closes #8752

d2a36bee25-Apr-2022 Daniel Stenberg

CURLOPT*TLSAUTH: they only work with OpenSSL or GnuTLS

Closes #8753

139a54ed25-Apr-2022 Daniel Stenberg

openssl: don't leak the SRP credentials in redirects either

Follow-up to 620ea21410030

Reported-by: Harry Sintonen
Closes #8751

aad7d9f914-Apr-2022 Liam Warfield

hyper: fix tests 580 and 581 for hyper

Hyper now has the ability to preserve header order. This commit adds a
few lines setting the connection options for this feature.

Related

hyper: fix tests 580 and 581 for hyper

Hyper now has the ability to preserve header order. This commit adds a
few lines setting the connection options for this feature.

Related to issue #8617
Closes #8707

show more ...

030adbce25-Apr-2022 Daniel Stenberg

conncache: remove name arg from Curl_conncache_find_bundle

To simplify, and also since the returned name is not the full actual
name used for the check. The port number and zone id is al

conncache: remove name arg from Curl_conncache_find_bundle

To simplify, and also since the returned name is not the full actual
name used for the check. The port number and zone id is also involved,
so just showing the name is misleading.

Closes #8750

show more ...

5295e8d625-Apr-2022 Daniel Stenberg

tests: verify the fix for CVE-2022-27774

- Test 973 redirects from HTTP to FTP, clear auth
- Test 974 redirects from HTTP to HTTP different port, clear auth
- Test 975 redirects f

tests: verify the fix for CVE-2022-27774

- Test 973 redirects from HTTP to FTP, clear auth
- Test 974 redirects from HTTP to HTTP different port, clear auth
- Test 975 redirects from HTTP to FTP, permitted to keep auth
- Test 976 redirects from HTTP to HTTP different port, permitted to keep
auth

show more ...

620ea21425-Apr-2022 Daniel Stenberg

transfer: redirects to other protocols or ports clear auth

... unless explicitly permitted.

Bug: https://curl.se/docs/CVE-2022-27774.html
Reported-by: Harry Sintonen
Closes

transfer: redirects to other protocols or ports clear auth

... unless explicitly permitted.

Bug: https://curl.se/docs/CVE-2022-27774.html
Reported-by: Harry Sintonen
Closes #8748

show more ...

08b8ef4e25-Apr-2022 Daniel Stenberg

connect: store "conn_remote_port" in the info struct

To make it available after the connection ended.

c126299625-Apr-2022 Daniel Stenberg

cookie.d: clarify when cookies are always sent

afe752e025-Apr-2022 Daniel Stenberg

test898: verify the fix for CVE-2022-27776

Do not pass on Authorization headers on redirects to another port

6e65999325-Apr-2022 Daniel Stenberg

http: avoid auth/cookie on redirects same host diff port

CVE-2022-27776

Reported-by: Harry Sintonen
Bug: https://curl.se/docs/CVE-2022-27776.html
Closes #8749

8f20791525-Apr-2022 Daniel Stenberg

libssh2: make the md5 comparison fail if wrong length

Making it just skip the check unless exactly 32 is too brittle. Even if
the docs says it needs to be exactly 32, it is be safer to m

libssh2: make the md5 comparison fail if wrong length

Making it just skip the check unless exactly 32 is too brittle. Even if
the docs says it needs to be exactly 32, it is be safer to make the
comparison fail here instead.

Reported-by: Harry Sintonen
Bug: https://hackerone.com/reports/1549461
Closes #8745

show more ...

058f98dc25-Apr-2022 Daniel Stenberg

conncache: include the zone id in the "bundle" hashkey

Make connections to two separate IPv6 zone ids create separate
connections.

Reported-by: Harry Sintonen
Bug: https://c

conncache: include the zone id in the "bundle" hashkey

Make connections to two separate IPv6 zone ids create separate
connections.

Reported-by: Harry Sintonen
Bug: https://curl.se/docs/CVE-2022-27775.html
Closes #8747

show more ...

1...<<211212213214215216217218219220>>...1351