| 3a63c190 | 11-Dec-2020 |
Daniel Stenberg |
tests: make --libcurl tests only test FTP options if ftp enabled
Adjust six --libcurl tests to only check the FTP option if FTP is
actually present in the build.
Fixes #6303
tests: make --libcurl tests only test FTP options if ftp enabled
Adjust six --libcurl tests to only check the FTP option if FTP is
actually present in the build.
Fixes #6303
Closes #6305
show more ...
|
| 3e927991 | 11-Dec-2020 |
Daniel Stenberg |
runtests.pl: fix "uninitialized value" warning
follow-up to e12825c642a88774 |
| e12825c6 | 11-Dec-2020 |
Daniel Stenberg |
runtests: add support for %if [feature] conditions
... to make tests run differently or expect different results depending
on what features that are present or not in curl.
Bonu
runtests: add support for %if [feature] conditions
... to make tests run differently or expect different results depending
on what features that are present or not in curl.
Bonus: initial minor 'Hyper' awareness but nothing is using that yet
Closes #6304
show more ...
|
| 117b94eb | 10-Dec-2020 |
Jon Rumsey |
OS400: update ccsidcurl.c
Add 'struct' to cast and declaration of cfcdata to fix compilation
error.
Fixes #6292
Closes #6297 |
| 32793b2c | 09-Dec-2020 |
Daniel Stenberg |
ngtcp2: make it build it current master again
Closes #6296 |
| 25b4e158 | 09-Dec-2020 |
Cristian Rodríguez |
connect: defer port selection until connect() time
If supported, defer port selection until connect() time
if --interface is given and source port is 0.
Reproducer:
* s
connect: defer port selection until connect() time
If supported, defer port selection until connect() time
if --interface is given and source port is 0.
Reproducer:
* start fast webserver on port 80
* starve system of ephemeral ports
$ sysctl net.ipv4.ip_local_port_range="60990 60999"
* start a curl/libcurl "crawler"
$curl --keepalive --parallel --parallel-immediate --head --interface
127.0.0.2 "http://127.0.0.[1-254]/file[001-002].txt"
current result:
(possible some successful data)
curl: (45) bind failed with errno 98: Address already in use
result after patch:
(complete success or few connections failing, higlhy depending on load)
Fail only when all the possible 4-tuple combinations are exhausted,
which is impossible to do when port is selected at bind() time becuse
the kernel does not know if socket will be listen()'ed on or connect'ed
yet.
Closes #6295
show more ...
|
| 8a10abaf | 09-Dec-2020 |
Hans-Christian Noren Egtvedt |
connect: zero variable on stack to silence valgrind complaint
Valgrind will complain that ssrem buffer usage if not explicit
initialized, hence initialize it to zero.
This compl
connect: zero variable on stack to silence valgrind complaint
Valgrind will complain that ssrem buffer usage if not explicit
initialized, hence initialize it to zero.
This completes the change intially started in commit 2c0d7212151 ('ftp:
retry getpeername for FTP with TCP_FASTOPEN') where the ssloc buffer has
a similar memset to zero.
Signed-off-by: Hans-Christian Noren Egtvedt <hegtvedt@cisco.com>
Closes #6289
show more ...
|
| 98dc9178 | 09-Dec-2020 |
Daniel Stenberg |
RELEASE-NOTES: synced
start over on the next release cycle |
| e0528597 | 09-Dec-2020 |
Daniel Stenberg |
RELEASE-NOTES: synced
for 7.74.0 |
| 6d338a87 | 07-Dec-2020 |
Jacob Hoffman-Andrews |
urldata: restore comment on ssl_connect_data.use
This comment was originally on the `use` field, but was separated from
its field in 62a2534.
Closes https://github.com/curl/curl
urldata: restore comment on ssl_connect_data.use
This comment was originally on the `use` field, but was separated from
its field in 62a2534.
Closes https://github.com/curl/curl/pull/6287
show more ...
|
| 0611fded | 07-Dec-2020 |
Daniel Stenberg |
VERSIONS: refreshed
We always use the patch number these days: all releases are
"major.minor.patch" |
| cfea4f2f | 27-Nov-2020 |
Jakub Zakrzewski |
cmake: don't use reserved target name 'test'
CMake up to 3.10 always reserves this name
Fixes #6257
Closes #6258 |
| d9d01672 | 02-Dec-2020 |
Daniel Stenberg |
openssl: make the OCSP verification verify the certificate id
CVE-2020-8286
Reported by anonymous
Bug: https://curl.se/docs/CVE-2020-8286.html |
| 69a358f2 | 27-Nov-2020 |
Daniel Stenberg |
ftp: make wc_statemach loop instead of recurse
CVE-2020-8285
Fixes #6255
Bug: https://curl.se/docs/CVE-2020-8285.html
Reported-by: xnynx on github |
| ec9cc725 | 24-Nov-2020 |
Daniel Stenberg |
ftp: CURLOPT_FTP_SKIP_PASV_IP by default
The command line tool also independently sets --ftp-skip-pasv-ip by
default.
Ten test cases updated to adapt the modified --libcurl outp
ftp: CURLOPT_FTP_SKIP_PASV_IP by default
The command line tool also independently sets --ftp-skip-pasv-ip by
default.
Ten test cases updated to adapt the modified --libcurl output.
Bug: https://curl.se/docs/CVE-2020-8284.html
CVE-2020-8284
Reported-by: Varnavas Papaioannou
show more ...
|
| abd846c3 | 04-Dec-2020 |
Daniel Stenberg |
urlapi: don't accept blank port number field without scheme
... as it makes the URL parser accept "very-long-hostname://" as a valid
host name and we don't want that. The parser now only
urlapi: don't accept blank port number field without scheme
... as it makes the URL parser accept "very-long-hostname://" as a valid
host name and we don't want that. The parser now only accepts a blank
(no digits) after the colon if the URL starts with a scheme.
Reported-by: d4d on hackerone
Closes #6283
show more ...
|
| 2260e0eb | 05-Dec-2020 |
Daniel Stenberg |
Revert "multi: implement wait using winsock events"
This reverts commit d2a7d7c185f98df8f3e585e5620cbc0482e45fac.
This commit also reverts the subsequent follow-ups to that commit,
Revert "multi: implement wait using winsock events"
This reverts commit d2a7d7c185f98df8f3e585e5620cbc0482e45fac.
This commit also reverts the subsequent follow-ups to that commit, which
were all done within windows #ifdefs that are removed in this
change. Marc helped me verify this.
Fixes #6146
Closes #6281
show more ...
|
| 2c0d7212 | 28-Nov-2020 |
Klaus Crusius |
ftp: retry getpeername for FTP with TCP_FASTOPEN
In the case of TFO, the remote host name is not resolved at the
connetion time.
For FTP that has lead to missing hostname for th
ftp: retry getpeername for FTP with TCP_FASTOPEN
In the case of TFO, the remote host name is not resolved at the
connetion time.
For FTP that has lead to missing hostname for the secondary connection.
Therefore the name resolution is done at the time, when FTP requires it.
Fixes #6252
Closes #6265
Closes #6282
show more ...
|
| 7a6fdd50 | 05-Dec-2020 |
Thomas Danielsson |
scripts/completion.pl: parse all opts
For tab-completion it may be preferable to include all the
available options.
Closes #6280 |
| b2bde86b | 04-Dec-2020 |
Daniel Stenberg |
RELEASE-NOTES: synced |
| 1835cb91 | 28-Nov-2020 |
Daniel Stenberg |
openssl: use OPENSSL_init_ssl() with >= 1.1.0
Reported-by: Kovalkov Dmitrii and Per Nilsson
Fixes #6254
Fixes #6256
Closes #6260 |
| 6703eb2f | 03-Dec-2020 |
Daniel Stenberg |
SECURITY-PROCESS: disclose on hackerone
Once a vulnerability has been published, the hackerone issue should be
disclosed. For tranparency.
Closes #6275 |
| 753a2c75 | 30-Nov-2020 |
Marc Hoersken |
tests/util.py: fix compatibility with Python 2
Backporting the Python 3 implementation of setStream
to ClosingFileHandler as a fallback within Python 2.
Reported-by: Jay Satiro
tests/util.py: fix compatibility with Python 2
Backporting the Python 3 implementation of setStream
to ClosingFileHandler as a fallback within Python 2.
Reported-by: Jay Satiro
Fixes #6259
Closes #6270
show more ...
|
| 41b3b830 | 03-Dec-2020 |
Daniel Gustafsson |
docs: fix typos and markup in ETag manpage sections
Reported-by: emanruse on github
Fixes #6273 |
| 26f682bc | 18-Nov-2020 |
Daniel Stenberg |
quiche: close the connection
Reported-by: Junho Choi
Fixes #6213
Closes #6217 |
