| 5d2c3844 | 03-Apr-2021 |
Muhammed Yavuz Nuzumlalı |
configure: disable min version set for Darwin
Fixes #6838
Closes #6860 |
| 3be5ebf3 | 07-Apr-2021 |
David Hu <81270448+D4v1dH03@users.noreply.github.com> |
docs/HTTP3.md: update the build instruction using gnutls
In ngtcp2 the `with-gnutls` option is disabled by default, which will
cause `curl` unable to be `make` because of lacking the lib
docs/HTTP3.md: update the build instruction using gnutls
In ngtcp2 the `with-gnutls` option is disabled by default, which will
cause `curl` unable to be `make` because of lacking the libraries
needed.
Closes #6857
show more ...
|
| 719baefc | 07-Apr-2021 |
Daniel Stenberg |
RELEASE-NOTES: synced |
| 77db2a0c | 31-Mar-2021 |
Daniel Stenberg |
typecheck-gcc: make the ssl-ctx-cb check use SSL_CTX pointers
... and not values.
Reported-by: locpyl-tidnyd on github
Fixes #6818
Closes #6819 |
| 33ddef36 | 06-Apr-2021 |
Daniel Stenberg |
ngtcp2+gnutls: clear credentials when freed
... to avoid double-free.
Reported-by: Kenneth Davidson
Fixes #6824
Closes #6856 |
| 4b4401e2 | 02-Apr-2021 |
Cherish98 <66007047+Cherish98@users.noreply.github.com> |
tool_progress: Fix progress meter in parallel mode
Make sure the total amount of DL/UL bytes are counted before the
transfer finalizes. Otherwise if a transfer finishes too quick, its
tool_progress: Fix progress meter in parallel mode
Make sure the total amount of DL/UL bytes are counted before the
transfer finalizes. Otherwise if a transfer finishes too quick, its
total numbers are not added, and results in a DL%/UL% that goes above
100%.
Detail:
progress_meter() is called periodically, and it may not catch a
transfer's total bytes if the value was unknown during the last call,
and the transfer is finished and deleted (i.e., lost) during the next
call.
Closes https://github.com/curl/curl/pull/6840
show more ...
|
| c1abc662 | 01-Apr-2021 |
Emil Engler |
libssh: get rid of PATH_MAX
This removes the last occurrence of PATH_MAX inside our libssh
implementation by calculating the path length from the string length of
the two components.
libssh: get rid of PATH_MAX
This removes the last occurrence of PATH_MAX inside our libssh
implementation by calculating the path length from the string length of
the two components.
Closes #6829
show more ...
|
| 605aa03a | 05-Apr-2021 |
Daniel Stenberg |
http_proxy: only loop on 407 + close if we have credentials
... to fix the retry-loop.
Add test 718 to verify.
Reported-by: Daniel Kurečka
Fixes #6828
Closes #6850 |
| 00b89ec6 | 05-Apr-2021 |
Daniel Stenberg |
h2: allow 100 streams by default
instead of 13, before the server has told how many streams it
accepts. The server can always reject new streams anyway if we go above
what it accepts
h2: allow 100 streams by default
instead of 13, before the server has told how many streams it
accepts. The server can always reject new streams anyway if we go above
what it accepts.
Ref: #6826
Closes #6852
show more ...
|
| 6d930d73 | 03-Apr-2021 |
Luke Granger-Brown |
file: support GETing directories again
After 957bc1881e686f9714c4e6a01bf33535091f0e21, we no longer compute an
expected_size for directories. This has the upshot that when we compare
file: support GETing directories again
After 957bc1881e686f9714c4e6a01bf33535091f0e21, we no longer compute an
expected_size for directories. This has the upshot that when we compare
even an empty Range with the available size, we fail.
This brings back the previous behaviour, which was to succeed, but with
empty content. This also removes the "Accept-ranges: bytes" header,
which is nonsensical on directories.
Adds test 3016
Fixes #6845
Closes #6846
show more ...
|
| f6bbc340 | 04-Apr-2021 |
Daniel Stenberg |
RELEASE-NOTES: synced
and bumped to 7.76.1 |
| f573998c | 01-Apr-2021 |
Daniel Stenberg |
TLS: fix HTTP/2 selection
for GnuTLS, BearSSL, mbedTLS, NSS, SChannnel, Secure Transport and
wolfSSL...
Regression since 88dd1a8a115b1f5ece (shipped in 7.76.0)
Reported-by:
TLS: fix HTTP/2 selection
for GnuTLS, BearSSL, mbedTLS, NSS, SChannnel, Secure Transport and
wolfSSL...
Regression since 88dd1a8a115b1f5ece (shipped in 7.76.0)
Reported-by: Kenneth Davidson
Reported-by: romamik om github
Fixes #6825
Closes #6827
show more ...
|
| 3085ccfa | 01-Apr-2021 |
Jay Satiro |
hostip: Fix for builds that disable all asynchronous DNS
- Define Curl_resolver_error function only when USE_CURL_ASYNC.
Prior to this change building curl without an asynchronous r
hostip: Fix for builds that disable all asynchronous DNS
- Define Curl_resolver_error function only when USE_CURL_ASYNC.
Prior to this change building curl without an asynchronous resolver
backend (c-ares or threaded) and without DoH (DNS-over-HTTPS, which is
also asynchronous but independent of resolver backend) would cause a
build error since Curl_resolver_error is called by and evaluates
variables only available in asynchronous builds.
Reported-by: Benbuck Nason
Fixes https://github.com/curl/curl/issues/6831
Closes https://github.com/curl/curl/pull/6832
show more ...
|
| 06a7f274 | 31-Mar-2021 |
Gilles Vollant |
openssl: Fix CURLOPT_SSLCERT_BLOB without CURLOPT_SSLCERT_KEY
Reported-by: Christian Schmitz
Fixes #6816
Closes #6820 |
| 3266b35b | 30-Mar-2021 |
Daniel Stenberg |
RELEASE-NOTES: synced
curl 7.76.0 release |
| e1c51916 | 30-Mar-2021 |
Daniel Stenberg |
THANKS: added names from 7.76.0 |
| 5a80a869 | 30-Mar-2021 |
Daniel Stenberg |
CURLOPT_AUTOREFERER.3: clarify that it sets the full URL
... some users may not want that! |
| 33ba0ecf | 28-Mar-2021 |
Daniel Stenberg |
define: remove CURL_DISABLE_NTLM ifdefs
It was never defined anywhere. Fixed disable-scan (test 1165) to also
scan headers, which found this issue.
Closes #6809 |
| 2c26eeef | 29-Mar-2021 |
Daniel Stenberg |
vtls: fix addsessionid for non-proxy builds
Follow-up to b09c8ee15771c61
Fixes #6812
Closes #6811 |
| 9d4f21b1 | 29-Mar-2021 |
Li Xinwei <1326710505@qq.com> |
cmake: support WinIDN
Closes #6807 |
| 6bb028db | 29-Mar-2021 |
Daniel Stenberg |
transfer: clear 'referer' in declaration
To silence (false positive) compiler warnings about it.
Follow-up to 7214288898f5625
Reviewed-by: Marcel Raad
Closes #6810 |
| d6fba0ca | 28-Mar-2021 |
Marc Hoersken |
config: fix SSPI enabling NTLM if crypto auth is disabled
Avoid enabling NTLM feature based upon Windows SSPI
being enabled in case that crypto auth is disabled.
Reported-by: Ma
config: fix SSPI enabling NTLM if crypto auth is disabled
Avoid enabling NTLM feature based upon Windows SSPI
being enabled in case that crypto auth is disabled.
Reported-by: Marcel Raad
Follow-up to #6277
Fixes #6803
Closes #6808
show more ...
|
| ce2d5fb7 | 29-Mar-2021 |
Daniel Stenberg |
HISTORY: add two 2021 events |
| b09c8ee1 | 19-Mar-2021 |
Daniel Stenberg |
vtls: add 'isproxy' argument to Curl_ssl_get/addsessionid()
To make sure we set and extract the correct session.
Reported-by: Mingtao Yang
Bug: https://curl.se/docs/CVE-2021-228
vtls: add 'isproxy' argument to Curl_ssl_get/addsessionid()
To make sure we set and extract the correct session.
Reported-by: Mingtao Yang
Bug: https://curl.se/docs/CVE-2021-22890.html
CVE-2021-22890
show more ...
|
| 72142888 | 23-Feb-2021 |
Viktor Szakats |
transfer: strip credentials from the auto-referer header field
Added test 2081 to verify.
CVE-2021-22876
Bug: https://curl.se/docs/CVE-2021-22876.html |
