| e43c3b3e | 30-Aug-2022 |
Daniel Stenberg |
zuul: remove the clang-tidy job
Turns out we don't see the warnings, but the warnings right now are
plain ridiculous and unhelpful so we can just as well just kill this
job.
zuul: remove the clang-tidy job
Turns out we don't see the warnings, but the warnings right now are
plain ridiculous and unhelpful so we can just as well just kill this
job.
Closes #9390
show more ...
|
| cafb356e | 30-Aug-2022 |
Daniel Stenberg |
cmake: set feature PSL if present
... make test 1014 pass when libpsl is used.
Closes #9391 |
| 592290ed | 30-Aug-2022 |
Daniel Stenberg |
lib530: simplify realloc failure exit path
To make code analyzers happier
Closes #9392 |
| 56f1bbdd | 05-Aug-2022 |
Orgad Shaneh |
tests: add tests for netrc login/password combinations
Covers the following PRs:
- #9066
- #9247
- #9248
Closes #9256 |
| c40ec317 | 03-Aug-2022 |
Orgad Shaneh |
url: really use the user provided in the url when netrc entry exists
If the user is specified as part of the URL, and the same user exists
in .netrc, Authorization header was not sent at
url: really use the user provided in the url when netrc entry exists
If the user is specified as part of the URL, and the same user exists
in .netrc, Authorization header was not sent at all.
The user and password fields were assigned in conn->user and password
but the user was not assigned to data->state.aptr, which is the field
that is used in output_auth_headers and friends.
Fix by assigning the user also to aptr.
Amends commit d1237ac906ae7e3cd7a22c3a2d3a135a97edfbf5.
Fixes #9243
show more ...
|
| 943fb2b2 | 04-Aug-2022 |
Orgad Shaneh |
netrc: Use the password from lines without login
If netrc entry has password with empty login, use it for any username.
Example:
.netrc:
machine example.com password 123456
netrc: Use the password from lines without login
If netrc entry has password with empty login, use it for any username.
Example:
.netrc:
machine example.com password 123456
curl -vn http://user@example.com/
Fix it by initializing state_our_login to TRUE, and reset it only when
finding an entry with the same host and different login.
Closes #9248
show more ...
|
| 8bd03516 | 29-Jun-2022 |
Jay Satiro |
url: treat missing usernames in netrc as empty
- If, after parsing netrc, there is a password with no username then
set a blank username.
This used to be the case prior to 7d6
url: treat missing usernames in netrc as empty
- If, after parsing netrc, there is a password with no username then
set a blank username.
This used to be the case prior to 7d600ad (precedes 7.82). Note
parseurlandfillconn already does the same thing for URLs.
Reported-by: Raivis <standsed@users.noreply.github.com>
Testing-by: Domen Kožar
Fixes https://github.com/curl/curl/issues/8653
Closes #9334
Closes #9066
show more ...
|
| 2fc031d8 | 28-Aug-2022 |
Daniel Stenberg |
test8: verify that "ctrl-byte cookies" are ignored |
| 8dfc93e5 | 28-Aug-2022 |
Daniel Stenberg |
cookie: reject cookies with "control bytes"
Rejects 0x01 - 0x1f (except 0x09) plus 0x7f
Reported-by: Axel Chong
Bug: https://curl.se/docs/CVE-2022-35252.html
CVE-2
cookie: reject cookies with "control bytes"
Rejects 0x01 - 0x1f (except 0x09) plus 0x7f
Reported-by: Axel Chong
Bug: https://curl.se/docs/CVE-2022-35252.html
CVE-2022-35252
Closes #9381
show more ...
|
| 74e156d0 | 29-Aug-2022 |
Daniel Stenberg |
libssh: ignore deprecation warnings
libssh 0.10.0 marks all SCP functions as "deprecated" which causes
compiler warnings and errors in our CI jobs and elsewhere. Ignore
deprecation w
libssh: ignore deprecation warnings
libssh 0.10.0 marks all SCP functions as "deprecated" which causes
compiler warnings and errors in our CI jobs and elsewhere. Ignore
deprecation warnings if 0.10.0 or later is found in the build.
If they actually remove the functions at a later point, then someone can
deal with that pain and functionality break then.
Fixes #9382
Closes #9383
show more ...
|
| aec8d306 | 29-Aug-2022 |
Daniel Stenberg |
Revert "schannel: when importing PFX, disable key persistence"
This reverts commit 70d010d285315e5f1cad6bdb4953e167b069b692.
Due to further reports in #9300 that indicate this commi
Revert "schannel: when importing PFX, disable key persistence"
This reverts commit 70d010d285315e5f1cad6bdb4953e167b069b692.
Due to further reports in #9300 that indicate this commit might
introduce problems.
show more ...
|
| 7632c0d2 | 27-Aug-2022 |
Daniel Stenberg |
multi: use larger dns hash table for multi interface
Have curl_multi_init() use a much larger DNS hash table than used for
the easy interface to scale and perform better when used with _
multi: use larger dns hash table for multi interface
Have curl_multi_init() use a much larger DNS hash table than used for
the easy interface to scale and perform better when used with _many_
host names.
curl_share_init() sets an in-between size.
Inspired-by: Ivan Tsybulin
See #9340
Closes #9376
show more ...
|
| c5c6e867 | 24-Aug-2022 |
Marc Hoersken |
CI/runtests.pl: add param for dedicated curl to talk to APIs
This should make it possible to also report test failures
if our freshly build curl binary is not fully functional.
CI/runtests.pl: add param for dedicated curl to talk to APIs
This should make it possible to also report test failures
if our freshly build curl binary is not fully functional.
Reviewed-by: Daniel Stenberg
Closes #9360
show more ...
|
| 65bbb5e6 | 22-Aug-2022 |
Jacob Tolar |
openssl: add cert path in error message
Closes #9349 |
| 74af81ca | 22-Aug-2022 |
Jacob Tolar |
cert.d: clarify that escape character works for file paths
Closes #9349 |
| 313e606d | 17-Aug-2022 |
Daniel Stenberg |
gha: move over ngtcp2-gnutls CI job from zuul
Closes #9331 |
| 109e9730 | 14-Aug-2022 |
Marc Hoersken |
cmake: add detection of threadsafe feature
Avoids failing test 1014 by replicating configure checks
for HAVE_ATOMIC and _WIN32_WINNT with custom CMake tests.
Reviewed-by: Marcel
cmake: add detection of threadsafe feature
Avoids failing test 1014 by replicating configure checks
for HAVE_ATOMIC and _WIN32_WINNT with custom CMake tests.
Reviewed-by: Marcel Raad
Follow up to #8680
Closes #9312
show more ...
|
| 8c98d14b | 26-Aug-2022 |
Daniel Stenberg |
RELEASE-NOTES: synced |
| d80b4f1e | 25-Aug-2022 |
Marc Hoersken |
CI/azure: align torture shallowness with GHA
There 25 is used with FTP tests skipped, and 20 for FTP tests.
This should make torture tests stay within the 60min timeout.
Reviewe
CI/azure: align torture shallowness with GHA
There 25 is used with FTP tests skipped, and 20 for FTP tests.
This should make torture tests stay within the 60min timeout.
Reviewed-by: Daniel Stenberg
Closes #9371
show more ...
|
| bc25c9e3 | 25-Aug-2022 |
Marc Hoersken |
multi_wait: fix and improve Curl_poll error handling on Windows
First check for errors and return CURLM_UNRECOVERABLE_POLL
before moving forward and waiting on socket readiness events.
multi_wait: fix and improve Curl_poll error handling on Windows
First check for errors and return CURLM_UNRECOVERABLE_POLL
before moving forward and waiting on socket readiness events.
Reviewed-by: Jay Satiro
Reviewed-by: Marcel Raad
Reported-by: Daniel Stenberg
Ref: #9361
Follow up to #8961
Closes #9372
show more ...
|
| a71fe41d | 25-Jul-2022 |
Marc Hoersken |
multi_wait: fix skipping to populate revents for extra_fds
On Windows revents was not populated for extra_fds if
multi_wait had to wait due to the Curl_poll pre-check
not signalling
multi_wait: fix skipping to populate revents for extra_fds
On Windows revents was not populated for extra_fds if
multi_wait had to wait due to the Curl_poll pre-check
not signalling any readiness. This commit fixes that.
Reviewed-by: Marcel Raad
Reviewed-by: Jay Satiro
Closes #9361
show more ...
|
| 52484bf3 | 25-Aug-2022 |
Marc Hoersken |
CI/appveyor: disable TLS in msys2-native autotools builds
Schannel cannot be used from msys2-native Linux-emulated builds.
Reviewed-by: Marcel Raad
Reviewed-by: Daniel Stenberg
CI/appveyor: disable TLS in msys2-native autotools builds
Schannel cannot be used from msys2-native Linux-emulated builds.
Reviewed-by: Marcel Raad
Reviewed-by: Daniel Stenberg
Follow up to #9367
Closes #9370
show more ...
|
| ef121401 | 25-Aug-2022 |
Jay Satiro |
tests: fix http2 tests to use CRLF headers
Prior to this change some tests that rely on nghttpx proxy did not use
CRLF headers everywhere. A recent change in nghttp2, which updated its
tests: fix http2 tests to use CRLF headers
Prior to this change some tests that rely on nghttpx proxy did not use
CRLF headers everywhere. A recent change in nghttp2, which updated its
version of llhttp (HTTP parser), requires curl's HTTP/1.1 test server to
use CRLF headers.
Ref: https://github.com/nghttp2/nghttp2/commit/9d389e8
Fixes https://github.com/curl/curl/issues/9364
Closes https://github.com/curl/curl/pull/9365
show more ...
|
| 07f80f96 | 25-Aug-2022 |
rcombs |
multi: use a pipe instead of a socketpair on apple platforms
Sockets may be shut down by the kernel when the app is moved to the
background, but pipes are not.
Removed from KNOW
multi: use a pipe instead of a socketpair on apple platforms
Sockets may be shut down by the kernel when the app is moved to the
background, but pipes are not.
Removed from KNOWN_BUGS
Fixes #6132
Closes #9368
show more ...
|
| 89d20403 | 25-Aug-2022 |
Somnath Kundu |
libssh2: provide symlink name in SFTP dir listing
When reading the symbolic link name for a file, we need to add the file
name to base path name.
Closes #9369 |
