| 6f8d9cc4 | 29-Aug-2023 |
Patrick Monnerat |
os400: implement CLI tool
This is provided as a QADRT (ascii) program, a link to it in the IFS and
a minimal CL command.
Closes #11547 |
| b137634b | 28-Aug-2023 |
Matthias Gatto |
lib: fix aws-sigv4 having date header twice in some cases
When the user was providing the header X-XXX-Date, the header was
re-added during signature computation, and we had it twice in
lib: fix aws-sigv4 having date header twice in some cases
When the user was providing the header X-XXX-Date, the header was
re-added during signature computation, and we had it twice in the
request.
Reported-by: apparentorder@users.noreply.github.com
Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>
Fixes: https://github.com/curl/curl/issues/11738
Closes: https://github.com/curl/curl/pull/11754
show more ...
|
| 7f597ca1 | 30-Aug-2023 |
Jay Satiro |
multi: remove 'processing: <url>' debug message
- Remove debug message added by e024d566.
Closes https://github.com/curl/curl/pull/11759 |
| 2fe97dc2 | 28-Aug-2023 |
Jay Satiro |
ftp: fix temp write of ipv6 address
- During the check to differentiate between a port and IPv6 address
without brackets, write the binary IPv6 address to an in6_addr.
Prior t
ftp: fix temp write of ipv6 address
- During the check to differentiate between a port and IPv6 address
without brackets, write the binary IPv6 address to an in6_addr.
Prior to this change the binary IPv6 address was erroneously written to
a sockaddr_in6 'sa6' when it should have been written to its in6_addr
member 'sin6_addr'. There's no fallout because no members of 'sa6' are
accessed before it is later overwritten.
Closes https://github.com/curl/curl/pull/11747
show more ...
|
| aacbeae7 | 20-Aug-2023 |
Jay Satiro |
tool: change some fopen failures from warnings to errors
- Error on missing input file for --data, --data-binary,
--data-urlencode, --header, --variable, --write-out.
Prior to
tool: change some fopen failures from warnings to errors
- Error on missing input file for --data, --data-binary,
--data-urlencode, --header, --variable, --write-out.
Prior to this change if a user of the curl tool specified an input file
for one of the above options and that file could not be opened then it
would be treated as zero length data instead of an error. For example, a
POST using `--data @filenametypo` would cause a zero length POST which
is probably not what the user intended.
Closes https://github.com/curl/curl/pull/11677
show more ...
|
| 2fe26a7c | 29-Aug-2023 |
Jay Satiro |
hostip: fix typo |
| 226d042a | 25-Aug-2023 |
Davide Masserut |
tool: avoid including leading spaces in the Location hyperlink
Co-authored-by: Dan Fandrich <dan@coneharvesters.com>
Closes #11735 |
| 86bbb57e | 29-Aug-2023 |
Daniel Stenberg |
SECURITY-PROCESS.md: not a sec issue: Tricking user to run a cmdline
Closes #11757 |
| 748da39b | 18-Aug-2023 |
Daniel Stenberg |
connect: stop halving the remaining timeout when less than 600 ms left
When curl wants to connect to a host, it always has a TIMEOUT. The
maximum time it is allowed to spend until a conn
connect: stop halving the remaining timeout when less than 600 ms left
When curl wants to connect to a host, it always has a TIMEOUT. The
maximum time it is allowed to spend until a connect is confirmed.
curl will try to connect to each of the IP adresses returned for the
host. Two loops, one for each IP family.
During the connect loop, while curl has more than one IP address left to
try within a single address family, curl has traditionally allowed (time
left/2) for *this* connect attempt. This, to not get stuck on the
initial addresses in case the timeout but still allow later addresses to
get attempted.
This has the downside that when users set a very short timeout and the
host has a large number of IP addresses, the effective result might be
that every attempt gets a little too short time.
This change stop doing the divided-by-two if the total time left is
below a threshold. This threshold is 600 milliseconds.
Closes #11693
show more ...
|
| a181b4a0 | 28-Aug-2023 |
Daniel Stenberg |
asyn-ares: reduce timeout to 2000ms
When UDP packets get lost this makes for slightly faster retries. This
lower timeout is used by @c-ares itself by default starting next
release.
asyn-ares: reduce timeout to 2000ms
When UDP packets get lost this makes for slightly faster retries. This
lower timeout is used by @c-ares itself by default starting next
release.
Closes #11753
show more ...
|
| 7378f9cc | 26-Aug-2023 |
John Bampton |
misc: remove duplicate words
Closes #11740 |
| 67890d69 | 29-Aug-2023 |
Daniel Stenberg |
RELEASE-NOTES: synced |
| c0998fa9 | 28-Aug-2023 |
Daniel Stenberg |
wolfSSL: avoid the OpenSSL compat API when not needed
... and instead call wolfSSL functions directly.
Closes #11752 |
| d50fe6be | 25-Aug-2023 |
Viktor Szakats |
lib: fix null ptr derefs and uninitialized vars (h2/h3)
Fixing compiler warnings with gcc 13.2.0 in unity builds.
Assisted-by: Jay Satiro
Assisted-by: Stefan Eissing
Closes
lib: fix null ptr derefs and uninitialized vars (h2/h3)
Fixing compiler warnings with gcc 13.2.0 in unity builds.
Assisted-by: Jay Satiro
Assisted-by: Stefan Eissing
Closes #11739
show more ...
|
| 51686e00 | 23-Aug-2023 |
Jay Satiro |
secureserver.pl: fix stunnel version parsing
- Allow the stunnel minor-version version part to be zero.
Prior to this change with the stunnel version scheme of <major>.<minor>
i
secureserver.pl: fix stunnel version parsing
- Allow the stunnel minor-version version part to be zero.
Prior to this change with the stunnel version scheme of <major>.<minor>
if either part was 0 then version parsing would fail, causing
secureserver.pl to fail with error "No stunnel", causing tests that use
the SSL protocol to be skipped. As a practical matter this bug can only
be caused by a minor-version part of 0, since the major-version part is
always greater than 0.
Closes https://github.com/curl/curl/pull/11722
show more ...
|
| f2bc51a0 | 23-Aug-2023 |
Jay Satiro |
secureserver.pl: fix stunnel path quoting
- Store the stunnel path in the private variable $stunnel unquoted and
instead quote it in the command strings.
Prior to this change
secureserver.pl: fix stunnel path quoting
- Store the stunnel path in the private variable $stunnel unquoted and
instead quote it in the command strings.
Prior to this change the quoted stunnel path was passed to perl's file
operators which cannot handle quoted paths. For example:
$stunnel = "\"/C/Program Files (x86)/stunnel/bin/tstunnel\"";
if(-x $stunnel or -x "$stunnel")
# false even if path exists and is executable
Our other test scripts written in perl, unlike this one, use servers.pm
which has a global $stunnel variable with the path stored unquoted and
therefore those scripts don't have this problem.
Closes https://github.com/curl/curl/pull/11721
show more ...
|
| 25ca79df | 26-Aug-2023 |
Daniel Stenberg |
altsvc: accept and parse IPv6 addresses in response headers
Store numerical IPv6 addresses in the alt-svc file with the brackets
present.
Verify with test 437 and 438
F
altsvc: accept and parse IPv6 addresses in response headers
Store numerical IPv6 addresses in the alt-svc file with the brackets
present.
Verify with test 437 and 438
Fixes #11737
Reported-by: oliverpool on github
Closes #11743
show more ...
|
| a06de2b7 | 28-Aug-2023 |
Daniel Stenberg |
libtest: use curl_free() to free libcurl allocated data
In several test programs. These mistakes are not detected or a problem
as long as memdebug.h is included, as that provides the deb
libtest: use curl_free() to free libcurl allocated data
In several test programs. These mistakes are not detected or a problem
as long as memdebug.h is included, as that provides the debug wrappers
for all memory functions in the same style libcurl internals do it,
which makes curl_free and free effectively the same call.
Reported-by: Nicholas Nethercote
Closes #11746
show more ...
|
| 89b3cbd0 | 22-Aug-2023 |
Jay Satiro |
disable.d: explain --disable not implemented prior to 7.50.0
Option -q/--disable was added in 5.0 but only -q was actually
implemented. Later --disable was implemented in e200034 (preced
disable.d: explain --disable not implemented prior to 7.50.0
Option -q/--disable was added in 5.0 but only -q was actually
implemented. Later --disable was implemented in e200034 (precedes
7.49.0), but incorrectly, and fixed in 6dbc23c (precedes 7.50.0).
Reported-by: pszlazak@users.noreply.github.com
Fixes https://github.com/curl/curl/issues/11710
Closes #11712
show more ...
|
| 9b84f274 | 28-Aug-2023 |
Nicholas Nethercote |
hyper: fix ownership problems
Some of these changes come from comparing `Curl_http` and
`start_CONNECT`, which are similar, and adding things to them that are
present in one and miss
hyper: fix ownership problems
Some of these changes come from comparing `Curl_http` and
`start_CONNECT`, which are similar, and adding things to them that are
present in one and missing in another.
The most important changes:
- In `start_CONNECT`, add a missing `hyper_clientconn_free` call on the
happy path.
- In `start_CONNECT`, add a missing `hyper_request_free` on the error
path.
- In `bodysend`, add a missing `hyper_body_free` on an early-exit path.
- In `bodysend`, remove an unnecessary `hyper_body_free` on a different
error path that would cause a double-free.
https://docs.rs/hyper/latest/hyper/ffi/fn.hyper_request_set_body.html
says of `hyper_request_set_body`: "This takes ownership of the
hyper_body *, you must not use it or free it after setting it on the
request." This is true even if `hyper_request_set_body` returns an
error; I confirmed this by looking at the hyper source code.
Other changes are minor but make things slightly nicer.
Closes #11745
show more ...
|
| a43511bf | 28-Aug-2023 |
Daniel Stenberg |
multi.h: the 'revents' field of curl_waitfd is supported
Since 6d30f8ebed34e7276
Reported-by: Nicolás Ojeda Bär
Ref: #11748
Closes #11749 |
| 458c70db | 27-Aug-2023 |
Gerome Fournier |
tool_paramhlp: improve str2num(): avoid unnecessary call to strlen()
Closes #11742 |
| 864090ca | 21-Aug-2023 |
Daniel Stenberg |
docs: mention critical files in same directories as curl saves
... cannot be fully protected. Don't do it.
Co-authored-by: Jay Satiro
Reported-by: Harry Sintonen
Fixes #1153
docs: mention critical files in same directories as curl saves
... cannot be fully protected. Don't do it.
Co-authored-by: Jay Satiro
Reported-by: Harry Sintonen
Fixes #11530
Closes #11701
show more ...
|
| 6d446253 | 25-Aug-2023 |
John Hawthorn |
OpenSSL: clear error queue after SSL_shutdown
We've seen errors left in the OpenSSL error queue (specifically,
"shutdown while in init") by adding some logging it revealed that the
s
OpenSSL: clear error queue after SSL_shutdown
We've seen errors left in the OpenSSL error queue (specifically,
"shutdown while in init") by adding some logging it revealed that the
source was this file.
Since we call SSL_read and SSL_shutdown here, but don't check the return
code for an error, we should clear the OpenSSL error queue in case one
was raised.
This didn't affect curl because we call ERR_clear_error before every
write operation (a0dd9df9ab35528eb9eb669e741a5df4b1fb833c), but when
libcurl is used in a process with other OpenSSL users, they may detect
an OpenSSL error pushed by libcurl's SSL_shutdown as if it was their
own.
Co-authored-by: Satana de Sant'Ana <satana@skylittlesystem.org>
Closes #11736
show more ...
|
| c2212c05 | 04-Aug-2023 |
Alexander Kanavin |
tests: update cookie expiry dates to far in the future
This allows testing Y2038 with system time set to after that, so that
actual Y2038 issues can be exposed, and not masked by expiry
tests: update cookie expiry dates to far in the future
This allows testing Y2038 with system time set to after that, so that
actual Y2038 issues can be exposed, and not masked by expiry errors.
Fixes #11576
Closes #11610
show more ...
|
