History log of /curl/ (Results 5476 – 5500 of 33763)
Revision (<<< Hide revision tags) (Show revision tags >>>)Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
e9e7962221-Feb-2022 MAntoniak <47522782+MAntoniak@users.noreply.github.com>

vtls: fix socket check conditions

fix condition to check the second socket during associate and
disassociate connection

Closes #8493

999c217921-Feb-2022 Daniel Stenberg

libssh2: don't typecast socket to int for libssh2_session_handshake

Since libssh2_socket_t uses SOCKET on windows which can be larger than
int.

Closes #8492

441db46521-Feb-2022 Daniel Stenberg

RELEASE-NOTES: fix typo and make one desc shorter

e8f6e27421-Feb-2022 Daniel Stenberg

RELEASE-NOTES: synced

a63c91ad21-Feb-2022 Daniel Stenberg

CURLOPT_XFERINFOFUNCTION.3: fix typo in example

Reported-by: coralw on github
Fixes #8487
Closes #8488

754ee8e021-Feb-2022 Daniel Stenberg

README: disable linkchecks for the sponsor links

Closes #8489

f7ba0ecc20-Feb-2022 Jay Satiro

openssl: check if sessionid flag is enabled before retrieving session

Ideally, Curl_ssl_getsessionid should not be called unless sessionid
caching is enabled. There is a debug assertion

openssl: check if sessionid flag is enabled before retrieving session

Ideally, Curl_ssl_getsessionid should not be called unless sessionid
caching is enabled. There is a debug assertion in the function to help
ensure that. Therefore, the pattern in all vtls is basically:

if(primary.sessionid) {lock(); Curl_ssl_getsessionid(...); unlock();}

There was one instance in openssl.c where sessionid was not checked
beforehand and this change fixes that.

Prior to this change an assertion would occur in openssl debug builds
during connection stage if session caching was disabled.

Reported-by: Jim Beveridge

Fixes https://github.com/curl/curl/issues/8472
Closes https://github.com/curl/curl/pull/8484

show more ...

e0dc976520-Feb-2022 Jay Satiro

multi: allow user callbacks to call curl_multi_assign

Several years ago a change was made to block user callbacks from calling
back into the API when not supported (recursive calls). One

multi: allow user callbacks to call curl_multi_assign

Several years ago a change was made to block user callbacks from calling
back into the API when not supported (recursive calls). One of the calls
blocked was curl_multi_assign. Recently the blocking was extended to the
multi interface API, however curl_multi_assign may need to be called
from within those user callbacks (eg CURLMOPT_SOCKETFUNCTION).

I can't think of any callback where it would be unsafe to call
curl_multi_assign so I removed the restriction entirely.

Reported-by: Michael Wallner

Ref: https://github.com/curl/curl/commit/b46cfbc
Ref: https://github.com/curl/curl/commit/340bb19

Fixes https://github.com/curl/curl/issues/8480
Closes https://github.com/curl/curl/pull/8483

show more ...

ccc2752c17-Feb-2022 MAntoniak <47522782+MAntoniak@users.noreply.github.com>

ssl: reduce allocated space for ssl backend when FTP is disabled

Add assert() for the backend pointer in many places

Closes #8471

9fff7feb20-Feb-2022 MAntoniak <47522782+MAntoniak@users.noreply.github.com>

checkprefix: remove strlen calls

Closes #8481

d60fa59b20-Feb-2022 1337vt <32816722+1337vt@users.noreply.github.com>

curl.h: fix typo

Closes https://github.com/curl/curl/pull/8482

14d9358a19-Feb-2022 Jan Venekamp <1422460+jan2000@users.noreply.github.com>

sectransp: mark a 3DES cipher as weak

- Change TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA strength to weak.

All other 3DES ciphers are already marked as weak.

Closes https://gith

sectransp: mark a 3DES cipher as weak

- Change TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA strength to weak.

All other 3DES ciphers are already marked as weak.

Closes https://github.com/curl/curl/pull/8479

show more ...

f36e32b506-Dec-2021 Jan Venekamp <1422460+jan2000@users.noreply.github.com>

bearssl: fix EXC_BAD_ACCESS on incomplete CA cert

- Do not create trust anchor object for a CA certificate until after it
is processed.

Prior to this change the object was cre

bearssl: fix EXC_BAD_ACCESS on incomplete CA cert

- Do not create trust anchor object for a CA certificate until after it
is processed.

Prior to this change the object was created at state BR_PEM_BEGIN_OBJ
(certificate processing begin state). An incomplete certificate (for
example missing a newline at the end) never reaches BR_PEM_END_OBJ
(certificate processing end state) and therefore the trust anchor data
was not set in those objects, which caused EXC_BAD_ACCESS.

Ref: https://github.com/curl/curl/pull/8106

Closes https://github.com/curl/curl/pull/8476

show more ...

8af1cef206-Dec-2021 Jan Venekamp <1422460+jan2000@users.noreply.github.com>

bearssl: fix connect error on expired cert and no verify

- When peer verification is disabled use the x509_decode engine instead
of the x509_minimal engine to parse and extract the pub

bearssl: fix connect error on expired cert and no verify

- When peer verification is disabled use the x509_decode engine instead
of the x509_minimal engine to parse and extract the public key from
the first cert of the chain.

Prior to this change in such a case no key was extracted and that caused
CURLE_SSL_CONNECT_ERROR. The x509_minimal engine will stop parsing if
any validity check fails but the x509_decode won't.

Ref: https://github.com/curl/curl/pull/8106

Closes https://github.com/curl/curl/pull/8475

show more ...

b844371906-Dec-2021 Jan Venekamp <1422460+jan2000@users.noreply.github.com>

bearssl: fix session resumption (session id)

Prior to this change br_ssl_client_reset was mistakenly called with
resume_session param set to 0, which disabled session resumption.

bearssl: fix session resumption (session id)

Prior to this change br_ssl_client_reset was mistakenly called with
resume_session param set to 0, which disabled session resumption.

Ref: https://github.com/curl/curl/pull/8106

Closes https://github.com/curl/curl/pull/8474

show more ...

bbe7042117-Feb-2022 MAntoniak <47522782+MAntoniak@users.noreply.github.com>

openssl: fix build for version < 1.1.0

Closes #8470

df957e1017-Feb-2022 Joel Depooter

schannel: move the algIds array out of schannel.h

This array is only used by the SCHANNEL_CRED struct in the
schannel_acquire_credential_handle function. It can therefore be kept as

schannel: move the algIds array out of schannel.h

This array is only used by the SCHANNEL_CRED struct in the
schannel_acquire_credential_handle function. It can therefore be kept as
a local variable. This is a minor update to
bbb71507b7bab52002f9b1e0880bed6a32834511.

This change also updates the NUM_CIPHERS value to accurately count the
number of ciphers options listed in schannel.c, which is 47 instead of
45. It is unlikely that anyone tries to set all 47 values, but if they
had tried, the last two would not have been set.

Closes #8469

show more ...

161cbc5016-Feb-2022 Alejandro R. Sedeño

configure.ac: use user-specified gssapi dir when using pkg-config

Using the system pkg-config path in the face of a user-specified
library path is asking to link the wrong library.

configure.ac: use user-specified gssapi dir when using pkg-config

Using the system pkg-config path in the face of a user-specified
library path is asking to link the wrong library.

Reported-by: Michael Kaufmann
Fixes #8289
Closes #8456

show more ...

6a595e1224-Jan-2022 Kevin Adler

os400: Add link to QADRT devkit to README.OS400

Closes #8455

86ad624c24-Jan-2022 Kevin Adler

os400: Add function wrapper for system command

The wrapper will exit if the system command failed instead of blindly
continuing on.

In addition, only copy docs which exist, sinc

os400: Add function wrapper for system command

The wrapper will exit if the system command failed instead of blindly
continuing on.

In addition, only copy docs which exist, since now the copy failure will
cause the build to stop.

Closes #8455

show more ...

a70600ca24-Jan-2022 Kevin Adler

os400: Default build to target current release

V6R1M0 is not available as a target release since IBM i 7.2. To keep
from having to keep this up to date in git, default to the current

os400: Default build to target current release

V6R1M0 is not available as a target release since IBM i 7.2. To keep
from having to keep this up to date in git, default to the current
release. Users can configure this to whatever release they want to
actually build for.

Closes #8455

show more ...

d324ac8117-Feb-2022 Daniel Stenberg

docs/INTERNALS.md: clean up, refer to the book

The explanatory parts are now in the everything curl book (which can
also use images etc). This document now refers to that resource and on

docs/INTERNALS.md: clean up, refer to the book

The explanatory parts are now in the everything curl book (which can
also use images etc). This document now refers to that resource and only
leaves listings of supported versions of libs, tools and operating
systems. See https://everything.curl.dev/internals

Closes #8467

show more ...

049f376516-Feb-2022 Marcel Raad

des: fix compile break for OpenSSL without DES

When `USE_OPENSSL` was defined but OpenSSL had no DES support and a
different crypto library was used for that, `Curl_des_set_odd_parity`

des: fix compile break for OpenSSL without DES

When `USE_OPENSSL` was defined but OpenSSL had no DES support and a
different crypto library was used for that, `Curl_des_set_odd_parity`
was called but not defined. This could for example happen on Windows
and macOS when using OpenSSL v3 with deprecated features disabled.

Use the same condition for the function definition as used at the
caller side, but leaving out the OpenSSL part to avoid including
OpenSSL headers.

Closes https://github.com/curl/curl/pull/8459

show more ...

a9bc534a17-Feb-2022 Daniel Stenberg

RELEASE-NOTES: synced

eb75459616-Feb-2022 Daniel Stenberg

docs/DEPRECATE: remove NPN support in August 2022

Closes #8458

1...<<211212213214215216217218219220>>...1351