a2d8eac0 | 15-Nov-2021 |
Daniel Stenberg |
form-escape.d: double the back-slashes for proper man page output |
59617143 | 15-Nov-2021 |
Daniel Stenberg |
page-footer: add a mention of how to report bugs to the man page |
808d8394 | 15-Nov-2021 |
Daniel Stenberg |
RELEASE-NOTES: synced and bump to 7.81.0-DEV |
b20b3647 | 25-Oct-2021 |
Patrick Monnerat |
mime: use percent-escaping for multipart form field and file names Until now, form field and file names where escaped using the backslash-escaping algorithm defined for multipart mails.
mime: use percent-escaping for multipart form field and file names Until now, form field and file names where escaped using the backslash-escaping algorithm defined for multipart mails. This commit replaces this with the percent-escaping method for URLs. As this may introduce incompatibilities with server-side applications, a new libcurl option CURLOPT_MIME_OPTIONS with bitmask CURLMIMEOPT_FORMESCAPE is introduced to revert to legacy use of backslash-escaping. This is controlled by new cli tool option --form-escape. New tests and documentation are provided for this feature. Reported by: Ryan Sleevi Fixes #7789 Closes #7805
show more ...
|
6ec28eb6 | 15-Nov-2021 |
Kevin Burke |
zuul.d: update rustls-ffi to version 0.8.2 This version fixes errors with ALPN negotiation in rustls, which is necessary for HTTP/2 support. For more information see the rustls-ffi c
zuul.d: update rustls-ffi to version 0.8.2 This version fixes errors with ALPN negotiation in rustls, which is necessary for HTTP/2 support. For more information see the rustls-ffi changelog. Closes #8013
show more ...
|
9492d338 | 13-Nov-2021 |
Daniel Stenberg |
configure: better diagnostics if hyper is built wrong If hyper is indeed present in the specified directory but couldn't be used to find the correct symbol, then offer a different error
configure: better diagnostics if hyper is built wrong If hyper is indeed present in the specified directory but couldn't be used to find the correct symbol, then offer a different error message to better help the user understand the issue. Suggested-by: Jacob Hoffman-Andrews Fixes #8001 Closes #8005
show more ...
|
b7e1443a | 13-Nov-2021 |
Daniel Stenberg |
test1939: require proxy support to run Follow-up to f0b7099a10d1a Closes #8011 |
4825d0cd | 13-Nov-2021 |
Daniel Stenberg |
test302[12]: run only with the libssh2 backend ... as the others don't support --hostpubsha256 Reported-by: Paul Howarth Fixes #8009 Closes #8010 |
f4cafa4f | 13-Nov-2021 |
Daniel Stenberg |
runtests: make the SSH library a testable feature libssh2, libssh and wolfssh |
00f4ed2a | 13-Nov-2021 |
Jacob Hoffman-Andrews |
rustls: read of zero bytes might be okay When we're reading out plaintext from rustls' internal buffers, we might get a read of zero bytes (meaning a clean TCP close, including close
rustls: read of zero bytes might be okay When we're reading out plaintext from rustls' internal buffers, we might get a read of zero bytes (meaning a clean TCP close, including close_notify). However, we shouldn't return immediately when that happens, since we may have already copied out some plaintext bytes. Break out of the loop when we get a read of zero bytes, and figure out which path we're dealing with. Acked-by: Kevin Burke Closes #8003
show more ...
|
be8d77b1 | 13-Nov-2021 |
Jacob Hoffman-Andrews |
rustls: remove incorrect EOF check The update to rustls-ffi 0.8.0 changed handling of EOF and close_notify. From the CHANGELOG: > Handling of unclean close and the close_notify
rustls: remove incorrect EOF check The update to rustls-ffi 0.8.0 changed handling of EOF and close_notify. From the CHANGELOG: > Handling of unclean close and the close_notify TLS alert. Mirroring > upstream changes, a rustls_connection now tracks TCP closed state like > so: rustls_connection_read_tls considers a 0-length read from its > callback to mean "TCP stream was closed by peer." If that happens > before the peer sent close_notify, rustls_connection_read will return > RUSTLS_RESULT_UNEXPECTED_EOF once the available plaintext bytes are > exhausted. This is useful to protect against truncation attacks. Note: > some TLS implementations don't send close_notify. If you are already > getting length information from your protocol (e.g. Content-Length in > HTTP) you may choose to ignore UNEXPECTED_EOF so long as the number of > plaintext bytes was as expected. That means we don't need to check for unclean EOF in `cr_recv()`, because `process_new_packets()` will give us an error if appropriate. Closes #8003
show more ...
|
26247a0d | 13-Nov-2021 |
Daniel Stenberg |
lib1939: make it endure torture tests Follow-up to f0b7099a10d1a Closes #8007 |
ca847ba5 | 13-Nov-2021 |
Daniel Stenberg |
azure: make the "w/o HTTP/SMTP/IMAP" build disable SSL proper The configure line would previously depend on a configure mistake using --without-openssl that is fixed and now this configu
azure: make the "w/o HTTP/SMTP/IMAP" build disable SSL proper The configure line would previously depend on a configure mistake using --without-openssl that is fixed and now this configure line needs adjusting to use --without-ssl. Follow-up to b589696f0312d Closes #8006
show more ...
|
72a63aa4 | 13-Nov-2021 |
Jacob Hoffman-Andrews |
configure: add -lm to configure for rustls build. Note: The list of libraries that rustc tells us we need to include is longer, but also includes some more platform-specific libraries th
configure: add -lm to configure for rustls build. Note: The list of libraries that rustc tells us we need to include is longer, but also includes some more platform-specific libraries that I am not sure how to effectively incorporate. Adding just -lm seems to solve an immediate problem, so I'm adding just that. Closes #8002
show more ...
|
541adbe2 | 12-Nov-2021 |
Daniel Stenberg |
curl_share_setopt.3: refer to CURLSHOPT_USERDATA(3) properly |
ec1d4e64 | 12-Nov-2021 |
Daniel Stenberg |
curl_share_setopt.3: split out options into their own manpages CURLSHOPT_LOCKFUNC.3 CURLSHOPT_SHARE.3 CURLSHOPT_UNLOCKFUNC.3 CURLSHOPT_UNSHARE.3 CURLSHOPT_USERDATA.3
curl_share_setopt.3: split out options into their own manpages CURLSHOPT_LOCKFUNC.3 CURLSHOPT_SHARE.3 CURLSHOPT_UNLOCKFUNC.3 CURLSHOPT_UNSHARE.3 CURLSHOPT_USERDATA.3 Closes #7998
show more ...
|
2989b113 | 12-Nov-2021 |
Daniel Stenberg |
http_proxy: make Curl_connect_done() work for proxy disabled builds ... by making it an empty macro then. Follow-up to f0b7099a10d1a Reported-by: Vincent Grande Fixes #7995
http_proxy: make Curl_connect_done() work for proxy disabled builds ... by making it an empty macro then. Follow-up to f0b7099a10d1a Reported-by: Vincent Grande Fixes #7995 Closes #7996
show more ...
|
b89a4b51 | 12-Nov-2021 |
Daniel Stenberg |
Curl_connect_done: handle being called twice Follow-up to f0b7099a10d1a7c When torture testing 1021, it turns out the Curl_connect_done function might be called twice and that p
Curl_connect_done: handle being called twice Follow-up to f0b7099a10d1a7c When torture testing 1021, it turns out the Curl_connect_done function might be called twice and that previously then wrongly cleared the HTTP pointer in the second invoke. Closes #7999
show more ...
|
b589696f | 12-Nov-2021 |
Stan Hu |
configure: don't enable TLS when --without-* flags are used Previously specifying `--without-gnutls` would unexpectedly attempt to compile with GnuTLS, effectively interpreting this as
configure: don't enable TLS when --without-* flags are used Previously specifying `--without-gnutls` would unexpectedly attempt to compile with GnuTLS, effectively interpreting this as `--with-gnutls`. This caused a significant amount of confusion when `libcurl` was built with SSL disabled since GnuTLS wasn't present. 68d89f24 dropped the `--without-*` options from the configure help, but `AC_ARG_WITH` still defines these flags automatically. As https://www.gnu.org/software/autoconf/manual/autoconf-2.60/html_node/External-Software.html describes, the `action-if-given` is called when the user specifies `--with-*` or `--without-*` options. To prevent this confusion, we make the `--without` flag do the right thing by ignoring the value if it set to "no". Closes #7994
show more ...
|
4d58a94c | 11-Nov-2021 |
Rikard Falkeborn |
docs/checksrc: Add documentation for STRERROR Closes #7991 |
76d9e07c | 04-Nov-2021 |
Daniel Stenberg |
vtls/rustls: adapt to the updated rustls_version proto Closes #7956 |
1fef5922 | 03-Nov-2021 |
Kevin Burke |
vtls/rustls: handle RUSTLS_RESULT_PLAINTEXT_EMPTY Previously we'd return CURLE_READ_ERROR if we received this, instead of triggering the error handling logic that's present in the next i
vtls/rustls: handle RUSTLS_RESULT_PLAINTEXT_EMPTY Previously we'd return CURLE_READ_ERROR if we received this, instead of triggering the error handling logic that's present in the next if block down. After this change, curl requests to https://go.googlesource.com using HTTP/2 complete successfully. Fixes #7949 Closes #7948
show more ...
|
d5d1d59a | 09-Nov-2021 |
Kevin Burke |
zuul: update build environment for rustls-ffi 0.8.0 |
b7757c2b | 03-Nov-2021 |
Kevin Burke |
vtls/rustls: update to compile with rustls-ffi v0.8.0 Some method names, as well as the generated library name, were changed in a recent refactoring. Further, change the default
vtls/rustls: update to compile with rustls-ffi v0.8.0 Some method names, as well as the generated library name, were changed in a recent refactoring. Further, change the default configuration instructions to check for Hyper in either "target/debug" or "target/release" - the latter contains an optimized build configuration. Fixes #7947 Closes #7948
show more ...
|
eed7473e | 11-Nov-2021 |
Daniel Stenberg |
RELEASE-NOTES: synced and bump the version to 7.80.1 |