| 9accb9a5 | 17-May-2022 |
Tatsuhiro Tsujikawa |
ngtcp2: extend QUIC transport parameters buffer
Extend QUIC transport parameters buffer because 64 bytes are too
short for the ever increasing parameters.
Closes #8872 |
| 136ab928 | 17-May-2022 |
Tatsuhiro Tsujikawa |
ngtcp2: handle error from ngtcp2_conn_submit_crypto_data
Closes #8871 |
| fe1d00e7 | 15-May-2022 |
Tatsuhiro Tsujikawa |
ngtcp2: send appropriate connection close error code
Closes #8870 |
| b6487eb3 | 19-May-2022 |
Daniel Stenberg |
test1561: adjusted for the cookie fix |
| 9ec22e4f | 19-May-2022 |
Daniel Stenberg |
test414: verify secure cookie domain overlay |
| e9a8451a | 19-May-2022 |
Harry Sintonen |
cookie: address secure domain overlay
Bug: https://hackerone.com/reports/1560324
Co-authored-by: Daniel Stenberg
Closes #8840 |
| b12c2b91 | 18-May-2022 |
Frank Gevaerts |
strcase: some optimisations
Lookup tables for toupper() and tolower() make Curl_strcasecompare()
about 1.5 times faster. Reorganising Curl_strcasecompare() to fully exit
early then a
strcase: some optimisations
Lookup tables for toupper() and tolower() make Curl_strcasecompare()
about 1.5 times faster. Reorganising Curl_strcasecompare() to fully exit
early then also allows simplifying the check at the end, for another
15%. In total, the changes make Curl_strcasecompare() around 1.6 to 1.7
times faster.
Note that these optimisation assume ASCII. The original
Curl_raw_toupper() and raw_tolower() look like they already made that
assumption.
Closes #8875
show more ...
|
| 435acbd3 | 19-May-2022 |
Daniel Stenberg |
BUG-BOUNTY.md: mention the audit exception
Dedicated - paid for - security audits that are performed in
collaboration with curl developers are not eligible for bounties.
(plus I
BUG-BOUNTY.md: mention the audit exception
Dedicated - paid for - security audits that are performed in
collaboration with curl developers are not eligible for bounties.
(plus I changed the sub-titles to use ## instead of # in the markdown)
Closes #8880
show more ...
|
| 08429362 | 17-May-2022 |
Daniel Stenberg |
lib/vssh/wolfssh.h: removed
Unused header file
Reported-by: Illarion Taev
Fixes #8863
Closes #8866 |
| 835a2053 | 17-May-2022 |
Elms |
wolfSSL: explicitly use compatibility layer
This change removes adding an include `$prefix/wolfssl` or similar to
allow for openssl include aliasing. Include paths of `wolfssl/openssl/`
wolfSSL: explicitly use compatibility layer
This change removes adding an include `$prefix/wolfssl` or similar to
allow for openssl include aliasing. Include paths of `wolfssl/openssl/`
are used to explicitly use wolfSSL includes. This fixes cmake builds as
well as avoiding potentially using openSSL headers since include path
order is not guaranteed.
Closes #8864
show more ...
|
| 84052154 | 17-May-2022 |
Daniel Stenberg |
curl: deprecate --random-file and --egd-file
As libcurl no longer has any functionality for them, the tool now does
nothing with them.
Closes #8670 |
| 8d86718f | 17-May-2022 |
Daniel Stenberg |
opts: deprecate RANDOM_FILE and EGDSOCKET
These two options were only ever used for the OpenSSL backend for
versions before 1.1.0. They were never used for other backends and they
ar
opts: deprecate RANDOM_FILE and EGDSOCKET
These two options were only ever used for the OpenSSL backend for
versions before 1.1.0. They were never used for other backends and they
are not used with recent OpenSSL versions. They were never used much by
applications.
The defines RANDOM_FILE and EGD_SOCKET can still be set at build-time
for ancient EOL OpenSSL versions.
Closes #8670
show more ...
|
| 1b3dcaed | 16-May-2022 |
Harry Sintonen |
bindlocal: don't use a random port if port number would wrap
Earlier if CURLOPT_LOCALPORT + CURLOPT_LOCALPORTRANGE would go past port
65535 the code would fall back to random port rather
bindlocal: don't use a random port if port number would wrap
Earlier if CURLOPT_LOCALPORT + CURLOPT_LOCALPORTRANGE would go past port
65535 the code would fall back to random port rather than giving up.
Closes #8862
show more ...
|
| 542c78dd | 16-May-2022 |
Daniel Gustafsson |
transfer: Fix potential NULL pointer dereference
Commit 0ef54abf5208 accidentally used the conn variable before the
assertion for it being NULL. Fix by moving the assignment which use
transfer: Fix potential NULL pointer dereference
Commit 0ef54abf5208 accidentally used the conn variable before the
assertion for it being NULL. Fix by moving the assignment which use
conn to after the assertion.
Closes: #8857
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
show more ...
|
| 2df67e93 | 16-May-2022 |
Daniel Gustafsson |
docs: clarify data replacement policy for MIME API
The API documentation for the MIME functions specify that the parts
can be set twice, with the last call winning. While true, the user
docs: clarify data replacement policy for MIME API
The API documentation for the MIME functions specify that the parts
can be set twice, with the last call winning. While true, the user
can set the parts n times for n > 2, reword to specify multiple API
calls instead.
Closes: #8860
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
show more ...
|
| adde9f0e | 03-May-2022 |
vvb2060 on github |
ngtcp2: support boringssl crypto backend
Closes #8789 |
| 6fcd3e6f | 12-Apr-2022 |
Tatsuhiro Tsujikawa |
quic: add Curl_quic_idle
Add Curl_quic_idle which is called when no HTTP level read or write is
performed. It is a good place to handle timer expiry for QUIC transport
(.e.g, retran
quic: add Curl_quic_idle
Add Curl_quic_idle which is called when no HTTP level read or write is
performed. It is a good place to handle timer expiry for QUIC transport
(.e.g, retransmission).
Closes #8698
show more ...
|
| 53678992 | 24-Apr-2022 |
Gregor Jasny |
mprintf: ignore clang non-literal format string
Closes #8740 |
| e0b43c8e | 15-May-2022 |
Nick Zitzmann |
sectransp: check for a function defined when __BLOCKS__ is undefined
SecTrustEvaluateAsync() is defined in the macOS 10.7 SDK, but it
requires Grand Central Dispatch to be supported by t
sectransp: check for a function defined when __BLOCKS__ is undefined
SecTrustEvaluateAsync() is defined in the macOS 10.7 SDK, but it
requires Grand Central Dispatch to be supported by the compiler, and
some third-party macOS compilers do not support Grand Central Dispatch.
SecTrustCopyPublicKey() is not present in macOS 10.6, so this shouldn't
adversely affect anything.
Fixes #8846
Reported-by: Egor Pugin
Closes #8854
show more ...
|
| d17db571 | 16-May-2022 |
Daniel Gustafsson |
test412/413: Use version macro for User-Agent
Commit 46d45ea3a incorrectly hardcoded the User-Agent in the test
output file which breaks when curlver is updated. Shift to using
the %
test412/413: Use version macro for User-Agent
Commit 46d45ea3a incorrectly hardcoded the User-Agent in the test
output file which breaks when curlver is updated. Shift to using
the %VERSION macro instead.
Closes: #8856
show more ...
|
| bf327a9d | 16-May-2022 |
Daniel Gustafsson |
macos9: remove partial support
The support for compiling on Mac OS 9 hasn't been modified since 2001
and has no active maintainer or packager, so it's time to remove it as
it's incre
macos9: remove partial support
The support for compiling on Mac OS 9 hasn't been modified since 2001
and has no active maintainer or packager, so it's time to remove it as
it's incredibly unlikely to work. If a maintainer re-emerges it can be
resurrected from Git history.
Closes: #8836
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
show more ...
|
| 3ead9143 | 16-May-2022 |
Daniel Stenberg |
test1635: verify --fail-with-body with --retry
Almost a dupe of 1634
Closes #8847 |
| 0356804d | 16-May-2022 |
Daniel Stenberg |
tool_operate: make sure --fail-with-body works with --retry
... in the same way --fail already does.
Reported-by: Jakub Bochenski
Fixes #8845
Closes #8847 |
| 5980068c | 15-May-2022 |
Tatsuhiro Tsujikawa |
ngtcp2: Correct use of ngtcp2 and nghttp3 signed integer types
Closes #8851 |
| 33e819d7 | 15-May-2022 |
Tatsuhiro Tsujikawa |
ngtcp2: Fix alert_read_func return value
Closes #8852 |
