| fdcb0f40 | 16-Jul-2019 |
Stefano Simonelli |
CURLOPT_SEEKDATA.3: fix variable name
Closes https://github.com/curl/curl/pull/4118 |
| fea01203 | 10-Jul-2019 |
georgeok |
CIPHERS.md: Explain Schannel error SEC_E_ALGORITHM_MISMATCH
If the SSL backend is Schannel and the user specifies an Schannel CALG_
that is not supported by the protocol or the server th
CIPHERS.md: Explain Schannel error SEC_E_ALGORITHM_MISMATCH
If the SSL backend is Schannel and the user specifies an Schannel CALG_
that is not supported by the protocol or the server then curl returns
CURLE_SSL_CONNECT_ERROR (35) SEC_E_ALGORITHM_MISMATCH.
Fixes https://github.com/curl/curl/issues/3389
Closes https://github.com/curl/curl/pull/4106
show more ...
|
| e5b371dc | 12-Jul-2019 |
Daniel Gustafsson |
nss: inspect returnvalue of token check
PK11_IsPresent() checks for the token for the given slot is available,
and sets needlogin flags for the PK11_Authenticate() call. Should it
r
nss: inspect returnvalue of token check
PK11_IsPresent() checks for the token for the given slot is available,
and sets needlogin flags for the PK11_Authenticate() call. Should it
return false, we should however treat it as an error and bail out.
Closes https://github.com/curl/curl/pull/4110
show more ...
|
| c7f3c073 | 16-Jul-2019 |
Jay Satiro |
docs: Explain behavior change in --tlsv1. options since 7.54
Since 7.54 --tlsv1. options use the specified version or later, however
older versions of curl documented it as using just th
docs: Explain behavior change in --tlsv1. options since 7.54
Since 7.54 --tlsv1. options use the specified version or later, however
older versions of curl documented it as using just the specified version
which may or may not have happened depending on the TLS library.
Document this discrepancy to allay confusion for users familiar with the
old documentation that expect just the specified version.
Fixes https://github.com/curl/curl/issues/4097
Closes https://github.com/curl/curl/pull/4119
show more ...
|
| e8442e4f | 16-Jul-2019 |
Jay Satiro |
libcurl: Restrict redirect schemes (follow-up)
- Allow FTPS on redirect.
- Update default allowed redirect protocols in documentation.
Follow-up to 6080ea0.
Ref: h
libcurl: Restrict redirect schemes (follow-up)
- Allow FTPS on redirect.
- Update default allowed redirect protocols in documentation.
Follow-up to 6080ea0.
Ref: https://github.com/curl/curl/pull/4094
Closes https://github.com/curl/curl/pull/4115
show more ...
|
| 647e726d | 16-Jul-2019 |
Daniel Stenberg |
test1173: make it also check all libcurl option man pages
... and adjust those that cause errors
Closes #4116 |
| 952998cb | 15-Jul-2019 |
Daniel Stenberg |
curl: only accept COLUMNS less than 10000
... as larger values would rather indicate something silly (and could
potentially cause buffer problems).
Reported-by: pendrek at hacke
curl: only accept COLUMNS less than 10000
... as larger values would rather indicate something silly (and could
potentially cause buffer problems).
Reported-by: pendrek at hackerone
Closes #4114
show more ...
|
| 275b74a5 | 15-Jul-2019 |
Daniel Stenberg |
dist: add manpage-syntax.pl
follow-up to 7fb66c403 |
| 7fb66c40 | 14-Jul-2019 |
Daniel Stenberg |
test1173: detect some basic man page format mistakes
Triggered by PR #4111
Closes #4113 |
| 4c91ab7b | 02-Apr-2019 |
Bjarni Ingi Gislason |
docs: Fix missing lines caused by undefined macros
- Escape apostrophes at line start.
Some lines begin with a "'" (apostrophe, single quote), which is then
interpreted as a con
docs: Fix missing lines caused by undefined macros
- Escape apostrophes at line start.
Some lines begin with a "'" (apostrophe, single quote), which is then
interpreted as a control character in *roff.
Such lines are interpreted as being a call to a macro, and if
undefined, the lines are removed from the output.
Bug: https://bugs.debian.org/926352
Signed-off-by: Bjarni Ingi Gislason <bjarniig@rhi.hi.is>
Submitted-by: Alessandro Ghedini
Closes https://github.com/curl/curl/pull/4111
show more ...
|
| 02a62074 | 14-Jul-2019 |
Daniel Stenberg |
libcurl-security.3: update to new CURLOPT_REDIR_PROTOCOLS defaults
follow-up to 6080ea098 |
| 797e549d | 10-Jul-2019 |
Linos Giannopoulos |
libcurl: Add testcase for gopher redirects
The testcase ensures that redirects to CURLPROTO_GOPHER won't be
allowed, by default, in the future. Also, curl is being used
for convenien
libcurl: Add testcase for gopher redirects
The testcase ensures that redirects to CURLPROTO_GOPHER won't be
allowed, by default, in the future. Also, curl is being used
for convenience while keeping the testcases DRY.
The expected error code is CURLE_UNSUPPORTED_PROTOCOL when the client is
redirected to CURLPROTO_GOPHER
Signed-off-by: Linos Giannopoulos <lgian@skroutz.gr>
show more ...
|
| 6080ea09 | 05-Jul-2019 |
Linos Giannopoulos |
libcurl: Restrict redirect schemes
All protocols except for CURLPROTO_FILE/CURLPROTO_SMB and their TLS
counterpart were allowed for redirect. This vastly broadens the
exploitation su
libcurl: Restrict redirect schemes
All protocols except for CURLPROTO_FILE/CURLPROTO_SMB and their TLS
counterpart were allowed for redirect. This vastly broadens the
exploitation surface in case of a vulnerability such as SSRF [1], where
libcurl-based clients are forced to make requests to arbitrary hosts.
For instance, CURLPROTO_GOPHER can be used to smuggle any TCP-based
protocol by URL-encoding a payload in the URI. Gopher will open a TCP
connection and send the payload.
Only HTTP/HTTPS and FTP are allowed. All other protocols have to be
explicitly enabled for redirects through CURLOPT_REDIR_PROTOCOLS.
[1]: https://www.acunetix.com/blog/articles/server-side-request-forgery-vulnerability/
Signed-off-by: Linos Giannopoulos <lgian@skroutz.gr>
Closes #4094
show more ...
|
| 7e8f1916 | 09-Jul-2019 |
Zenju |
openssl: define HAVE_SSL_GET_SHUTDOWN based on version number
Closes #4100 |
| 855887af | 10-Jul-2019 |
Peter Simonyi |
http: allow overriding timecond with custom header
With CURLOPT_TIMECONDITION set, a header is automatically added (e.g.
If-Modified-Since). Allow this to be replaced or suppressed with
http: allow overriding timecond with custom header
With CURLOPT_TIMECONDITION set, a header is automatically added (e.g.
If-Modified-Since). Allow this to be replaced or suppressed with
CURLOPT_HTTPHEADER.
Fixes #4103
Closes #4109
show more ...
|
| ac3d19a2 | 07-Jul-2019 |
Juergen Hoetzel |
smb: Use the correct error code for access denied on file open
- Return CURLE_REMOTE_ACCESS_DENIED for SMB access denied on file open.
Prior to this change CURLE_REMOTE_FILE_NOT_FOU
smb: Use the correct error code for access denied on file open
- Return CURLE_REMOTE_ACCESS_DENIED for SMB access denied on file open.
Prior to this change CURLE_REMOTE_FILE_NOT_FOUND was returned instead.
Closes https://github.com/curl/curl/pull/4095
show more ...
|
| 0428852c | 10-Jul-2019 |
Daniel Gustafsson |
DEPRECATE: fixup versions and spelling
Correctly set the July 17 version to 7.65.2, and update spelling to
be consistent. Also fix a typo.
Closes https://github.com/curl/curl/pu
DEPRECATE: fixup versions and spelling
Correctly set the July 17 version to 7.65.2, and update spelling to
be consistent. Also fix a typo.
Closes https://github.com/curl/curl/pull/4107
show more ...
|
| 26da21c8 | 11-Jul-2019 |
Gisle Vanem |
system_win32: fix clang warning
- Declare variable in header as extern.
Bug: https://github.com/curl/curl/commit/48b9ea4#commitcomment-34084597 |
| 11d7fe11 | 10-Jul-2019 |
Daniel Gustafsson |
headers: Remove no longer exported functions
There were a leftover few prototypes of Curl_ functions that we used to
export but no longer do, this removes those prototypes and cleans up
headers: Remove no longer exported functions
There were a leftover few prototypes of Curl_ functions that we used to
export but no longer do, this removes those prototypes and cleans up any
comments still referring to them.
Curl_write32_le(), Curl_strcpy_url(), Curl_strlen_url(), Curl_up_free()
Curl_concat_url(), Curl_detach_connnection(), Curl_http_setup_conn()
were made static in 05b100aee247bb9bec8e9a1b0166496aa4248d1c.
Curl_http_perhapsrewind() made static in 574aecee208f79d391f10d57520b3.
For the remainder, I didn't trawl the Git logs hard enough to capture
their exact time of deletion, but they were all gone: Curl_splayprint(),
Curl_http2_send_request(), Curl_global_host_cache_dtor(),
Curl_scan_cache_used(), Curl_hostcache_destroy(), Curl_second_connect(),
Curl_http_auth_stage() and Curl_close_connections().
Closes #4096
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
show more ...
|
| abfef948 | 09-Jul-2019 |
Daniel Gustafsson |
CMake: fix typos and spelling |
| 9d182175 | 09-Jul-2019 |
Kyle Edwards |
CMake: Convert errant elseif() to else()
CMake interprets an elseif() with no arguments as elseif(FALSE),
resulting in the elseif() block not being executed. That is not what
was int
CMake: Convert errant elseif() to else()
CMake interprets an elseif() with no arguments as elseif(FALSE),
resulting in the elseif() block not being executed. That is not what
was intended here. Change the empty elseif() to an else() as it was
intended.
Closes #4101
Reported-by: Artalus <artalus-mail@yandex.ru>
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
show more ...
|
| 8dc21dbb | 09-Jul-2019 |
Daniel Gustafsson |
buildconf: fix header filename
The header file inclusion had a typo, it should be .h and not .hd.
Fix by renaming.
Fixes #4102
Reported-by: AceCrow on Github |
| 5fecc4d6 | 08-Jul-2019 |
Jan Chren |
configure: fix --disable-code-coverage
This fixes the case when --disable-code-coverage supplied to ./configure
would result in coverage="yes" being set.
Closes #4099
Review
configure: fix --disable-code-coverage
This fixes the case when --disable-code-coverage supplied to ./configure
would result in coverage="yes" being set.
Closes #4099
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
show more ...
|
| efc55b89 | 08-Jul-2019 |
Daniel Gustafsson |
cleanup: fix typo in comment |
| 0dc3be9a | 08-Jul-2019 |
Daniel Gustafsson |
RELEASE-NOTES: synced |
