| 4f209d88 | 07-May-2021 |
theawless |
cmake: add CURL_DISABLE_NTLM option
Closes #7028 |
| 0e7638db | 07-May-2021 |
theawless |
configure: add --disable-ntlm option
Closes #7028 |
| ee8c4f76 | 07-May-2021 |
theawless |
define: re-add CURL_DISABLE_NTLM and corresponding ifdefs
This flag will be further exposed by adding build options.
Reverts #6809
Closes #7028 |
| 68c71126 | 02-Jun-2021 |
Daniel Stenberg |
RELEASE-NOTES: synced |
| f48aee35 | 01-Jun-2021 |
Viktor Szakats |
travis: delete --enable-hsts option (it is the default now) [ci skip]
Reviewed-by: Daniel Stenberg
Closes #7167 |
| e1fcaf57 | 01-Jun-2021 |
Daniel Stenberg |
hostip: fix 3 coverity complaints
Follow-up to 1a0ebf6632f889eed
- Check the return code to Curl_inet_pton() in two instances, even
though we know the input is valid so the fu
hostip: fix 3 coverity complaints
Follow-up to 1a0ebf6632f889eed
- Check the return code to Curl_inet_pton() in two instances, even
though we know the input is valid so the functions won't fail.
- Clear the 'struct sockaddr_in' struct before use so that the
'sin_zero' field isn't left uninitialized.
Detected by Coverity.
Assisted-by: Harry Sintonen
Closes #7163
show more ...
|
| 83036d86 | 31-May-2021 |
Daniel Stenberg |
c-hyper: fix NTLM on closed connection tested with test159
Closes #7154 |
| dddad339 | 01-Jun-2021 |
Daniel Stenberg |
conncache: lowercase the hash key for better match
As host names are case insensitive, the use of case sensitive hashing
caused unnecesary cache misses and therefore lost performance. Th
conncache: lowercase the hash key for better match
As host names are case insensitive, the use of case sensitive hashing
caused unnecesary cache misses and therefore lost performance. This
lowercases the hash key.
Reported-by: Harry Sintonen
Fixes #7159
Closes #7161
show more ...
|
| a2b1bbee | 01-Jun-2021 |
Daniel Stenberg |
mbedtls: make mbedtls_strerror always work
If the function doesn't exist, provide a macro that just clears the
error message. Removes #ifdef uses from the code.
Closes #7162 |
| c7b93a76 | 01-Jun-2021 |
Daniel Stenberg |
vtls: exit addsessionid if no cache is inited
Follow-up to b249592d29ae0
Avoids NULL pointer derefs.
Closes #7165 |
| f1cd5004 | 01-Jun-2021 |
Harry Sintonen |
Curl_ntlm_core_mk_nt_hash: fix OOM in error path
Closes #7164 |
| b249592d | 18-May-2021 |
Michael Kaufmann |
ssl: read pending close notify alert before closing the connection
This avoids a TCP reset (RST) if the server initiates a connection
shutdown by sending an SSL close notify alert and th
ssl: read pending close notify alert before closing the connection
This avoids a TCP reset (RST) if the server initiates a connection
shutdown by sending an SSL close notify alert and then closes the TCP
connection.
For SSL connections, usually the server announces that it will close the
connection with an SSL close notify alert. curl should read this alert.
If curl does not read this alert and just closes the connection, some
operating systems close the TCP connection with an RST flag.
See RFC 1122, section 4.2.2.13
If curl reads the close notify alert, the TCP connection is closed
normally with a FIN flag.
The new code is similar to existing code in the "SSL shutdown" function:
try to read an alert (non-blocking), and ignore any read errors.
Closes #7095
show more ...
|
| 8cc1fee5 | 31-May-2021 |
Laurent Dufresne |
setopt: fix incorrect comments
Closes #7157 |
| 05e04530 | 31-May-2021 |
Laurent Dufresne |
mbedtls: add support for cert and key blob options
CURLOPT_SSLCERT_BLOB and CURLOPT_SSLKEY_BLOB weren't usable with
mbedtls backend, so the support was added.
Closes #7157 |
| e5dfc88e | 31-May-2021 |
Gregor Jasny |
cmake: try well-known send/recv signature for Apple
The CMake `try_compile` command is especially slow for
the Xcode generator. With this patch applied it first tests
for the current
cmake: try well-known send/recv signature for Apple
The CMake `try_compile` command is especially slow for
the Xcode generator. With this patch applied it first tests
for the currently used (and Open Group specified) send/recv
signature. In case this fails testing falls-back to the
permutations.
speed-up:
```
time cmake .. -GNinja -DCMAKE_USE_SECTRANSP=ON -DHTTP_ONLY=ON -DCMAKE_USE_LIBSSH2=OFF
before: 11.64s user 11.09s system 55% cpu 40.754 total
after: 7.84s user 6.57s system 51% cpu 28.074 total
```
```
time cmake .. -GXcode -DCMAKE_USE_SECTRANSP=ON -DHTTP_ONLY=ON -DCMAKE_USE_LIBSSH2=OFF
before: 217.07s user 104.15s system 60% cpu 8:51.79 total
after: 108.76s user 51.80s system 58% cpu 4:32.58 total
```
Closes #7158
show more ...
|
| ef1a917a | 31-May-2021 |
Daniel Stenberg |
http2: init recvbuf struct for pushed streams
Debug builds would warn that these structs were not initialized properly
for pushed streams.
Ref: #7148
Closes #7153 |
| 894c7473 | 31-May-2021 |
Daniel Stenberg |
Curl_ssl_getsessionid: fail if no session cache exists
This function might get called for an easy handle for which the session
cache hasn't been setup. It now just returns a "miss" in th
Curl_ssl_getsessionid: fail if no session cache exists
This function might get called for an easy handle for which the session
cache hasn't been setup. It now just returns a "miss" in that case.
Reported-by: Christoph M. Becker
Fixes #7148
Closes #7153
show more ...
|
| 5e1e4dbf | 31-May-2021 |
Daniel Stenberg |
GOVERNANCE: add 'user', 'committer' and 'contributor'
As those are commonly used terms in the project.
Closes #7151 |
| c61ca433 | 31-May-2021 |
Daniel Stenberg |
URL-SYNTAX.md: document the new 'localhost' treatment |
| 1a0ebf66 | 31-May-2021 |
Daniel Stenberg |
hostip: make 'localhost' return fixed values
Resolving the case insensitive host name 'localhost' now returns the
addresses 127.0.0.1 and (if IPv6 is enabled) ::1 without using any
r
hostip: make 'localhost' return fixed values
Resolving the case insensitive host name 'localhost' now returns the
addresses 127.0.0.1 and (if IPv6 is enabled) ::1 without using any
resolver.
This removes the risk that users accidentally resolves 'localhost' to
something else. By making sure 'localhost' is always local, we can
assume a "secure context" for such transfers (for cookies etc).
Closes #7039
show more ...
|
| 772eacb2 | 31-May-2021 |
Daniel Gustafsson |
docs: fix typos |
| 1c1d9f1a | 29-May-2021 |
Daniel Stenberg |
hsts: ignore numberical IP address hosts
Also, use a single function library-wide for detecting if a given hostname is
a numerical IP address.
Reported-by: Harry Sintonen
Fi
hsts: ignore numberical IP address hosts
Also, use a single function library-wide for detecting if a given hostname is
a numerical IP address.
Reported-by: Harry Sintonen
Fixes #7146
Closes #7149
show more ...
|
| 9097843e | 28-May-2021 |
Daniel Stenberg |
test178: adjust for hyper
Hyper returns the same error for wrong HTTP version as for negative
content-length. Test 178 verifies that negative content-length is
rejected but the hyper
test178: adjust for hyper
Hyper returns the same error for wrong HTTP version as for negative
content-length. Test 178 verifies that negative content-length is
rejected but the hyper backend will return a different error for it (and
without any helpful message telling why the message was bad). It will
also not return any headers at all for the response, not even the ones
that arrived before the error.
Closes #7147
show more ...
|
| a43e1da1 | 28-May-2021 |
Daniel Stenberg |
HYPER: remove mentions of deprecated development branch |
| f2619b17 | 28-May-2021 |
Daniel Stenberg |
c-hyper: handle NULL from hyper_buf_copy()
Closes #7143 |
