summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* asyn-thread: s/AF_LOCAL/AF_UNIX for Solarisbagder/af-unixDaniel Stenberg2019-09-111-2/+2
| | | | | Reported-By: Dagobert Michelsen Fixes #4328
* winbuild/MakefileBuild.vc: Add vsshBernhard Walle2019-09-111-0/+4
| | | | | | | | | | Without that modification, the Windows build using the makefiles doesn't work. Signed-off-by: Bernhard Walle <bernhard.walle@posteo.eu> Fixes #4322 Closes #4323
* winbuild/MakefileBuild.vc: Fix line endingsBernhard Walle2019-09-111-7/+7
| | | | | | The file had mixed line endings. Signed-off-by: Bernhard Walle <bernhard.walle@posteo.eu>
* ldap: Stop using wide char version of ldapp_err2stringJay Satiro2019-09-111-0/+6
| | | | | | | | | | | | | Despite ldapp_err2string being documented by MS as returning a PCHAR (char *), when UNICODE it is mapped to ldap_err2stringW and returns PWCHAR (wchar_t *). We have lots of code that expects ldap_err2string to return char *, most of it failf used like this: failf(data, "LDAP local: Some error: %s", ldap_err2string(rc)); Closes https://github.com/curl/curl/pull/4272
* RELEASE-NOTES: curl 7.66.0curl-7_66_0Daniel Stenberg2019-09-101-9/+25
|
* THANKS: from the 7.66.0 releaseDaniel Stenberg2019-09-101-0/+24
|
* curl: make sure the parallel transfers do them allDaniel Stenberg2019-09-101-5/+24
| | | | | | | | | The logic could erroneously break the loop too early before all transfers had been transferred. Reported-by: Tom van der Woerdt Fixes #4316 Closes #4317
* urlapi: one colon is enough for the strspn() input (typo)Daniel Stenberg2019-09-101-1/+1
|
* urlapi: verify the IPv6 numerical addressDaniel Stenberg2019-09-102-4/+17
| | | | | | | | | It needs to parse correctly. Otherwise it could be tricked into letting through a-f using host names that libcurl would then resolve. Like '[ab.be]'. Reported-by: Thomas Vegas Closes #4315
* openssl: use SSL_CTX_set_<min|max>_proto_version() when availableClément Notin2019-09-101-11/+105
| | | | | | | | OpenSSL 1.1.0 adds SSL_CTX_set_<min|max>_proto_version() that we now use when available. Existing code is preserved for older versions of OpenSSL. Closes #4304
* openssl: indent, re-organize and add commentsClément Notin2019-09-101-32/+38
|
* sspi: fix memory leaksmigueljcrum2019-09-104-0/+21
| | | | Closes #4299
* travis: disable ngtcp2 builds (again)Daniel Stenberg2019-09-101-14/+14
|
* Curl_fillreadbuffer: avoid double-free trailer buf on errorbagder/trailer-buf-freeDaniel Stenberg2019-09-093-12/+17
| | | | | | | Reviewed-by: Jay Satiro Reported-by: Thomas Vegas Closes #4307
* tool_setopt: handle a libcurl build without netrc supportDaniel Stenberg2019-09-091-0/+10
| | | | | | Reported-by: codesniffer13 on github Fixes #4302 Closes #4305
* security:read_data fix bad realloc()Daniel Stenberg2019-09-091-4/+2
| | | | | | | ... that could end up a double-free CVE-2019-5481 Bug: https://curl.haxx.se/docs/CVE-2019-5481.html
* tftp: Alloc maximum blksize, and use default unless OACK is receivedThomas Vegas2019-09-091-3/+9
| | | | | | | | Fixes potential buffer overflow from 'recvfrom()', should the server return an OACK without blksize. Bug: https://curl.haxx.se/docs/CVE-2019-5482.html CVE-2019-5482
* tftp: return error when packet is too small for optionsThomas Vegas2019-09-091-20/+33
|
* KNOWN_BUGS/TODO: cleanup and remove outdated issuesDaniel Stenberg2019-09-052-258/+32
|
* RELEASE-NOTES: syncedDaniel Stenberg2019-09-041-5/+20
|
* netrc: free 'home' on errorDaniel Stenberg2019-09-031-7/+12
| | | | | | | | Follow-up to f9c7ba9096ec2 Coverity CID 1453474 Closes #4291
* urldata: avoid 'generic', use dedicated pointersDaniel Stenberg2019-09-033-22/+25
| | | | | | For the 'proto' union within the connectdata struct. Closes #4290
* cleanup: move functions out of url.c and make them staticDaniel Stenberg2019-09-035-229/+220
| | | | Closes #4289
* smtp: check for and bail out on too short EHLO responseDaniel Stenberg2019-09-031-1/+5
| | | | | | | | | | | | Otherwise, a three byte response would make the smtp_state_ehlo_resp() function misbehave. Credit to OSS-Fuzz Bug: https://crbug.com/oss-fuzz/16918 Assisted-by: Max Dymond Closes #4287
* smb: init *msg to NULL in smb_send_and_recv()Daniel Stenberg2019-09-021-0/+1
| | | | | | | | | ... it might otherwise return OK from this function leaving that pointer uninitialized. Bug: https://crbug.com/oss-fuzz/16907 Closes #4286
* ROADMAP: updated after recent user pollDaniel Stenberg2019-09-021-16/+33
| | | | In rough prio order
* THANKS: remove duplicateDaniel Stenberg2019-08-312-1/+1
|
* Curl_addr2string: take an addrlen argument tooDaniel Stenberg2019-08-315-16/+24
| | | | | | | | | | | This allows the function to figure out if a unix domain socket has a file name or not associated with it! When a socket is created with socketpair(), as done in the fuzzer testing, the path struct member is uninitialized and must not be accessed. Bug: https://crbug.com/oss-fuzz/16699 Closes #4283
* CMake: remove needless newlines at end of gss variablesRolf Eike Beer2019-08-311-0/+4
|
* CI: remove duplicate configure flag for LGTM.comRolf Eike Beer2019-08-311-1/+1
|
* CMake: use platform dependent name for dlopen() libraryRolf Eike Beer2019-08-311-1/+1
| | | | Closes #4279
* quiche: expire when poll returned dataDaniel Stenberg2019-08-301-0/+3
| | | | | | ... to make sure we continue draining the queue until empty Closes #4281
* quiche: decrease available buffer size, don't assign it!Daniel Stenberg2019-08-301-1/+1
| | | | Found-by: Jeremy Lainé
* RELEASE-NOTES: syncedDaniel Stenberg2019-08-291-9/+15
|
* curl: fix include conditionslufia2019-08-292-1/+5
|
* plan9: fix installation instructionslufia2019-08-291-4/+4
| | | | Closes #4276
* ngtcp2: on h3 stream close, call expireDaniel Stenberg2019-08-291-1/+1
| | | | | | ... to trigger a new read to detect the stream close! Closes #4275
* ngtcp2: build latest ngtcp2 and ngtcp2_crypto_opensslTatsuhiro Tsujikawa2019-08-292-140/+8
| | | | Closes #4278
* ngtcp2: set flow control window to stream buffer sizeDaniel Stenberg2019-08-281-3/+4
| | | | Closes #4274
* CURLOPT_HEADERFUNCTION.3: clarifyChristopher Head2019-08-281-1/+4
| | | | Closes #4273
* CURLINFO docs: mention that in redirects times are addedDaniel Stenberg2019-08-2812-12/+37
| | | | | | Suggested-by: Brandon Dong Fixes #4250 Closes #4269
* travis: enable ngtcp2 builds againDaniel Stenberg2019-08-281-15/+15
| | | | | | Switched to the openssl-quic-draft-22 openssl branch. Closes #4271
* HTTP3: switched openssl branch to useDaniel Stenberg2019-08-271-1/+1
|
* ngtcp2: Build with latest ngtcp2 and ngtcp2_crypto_opensslTatsuhiro Tsujikawa2019-08-276-1189/+218
| | | | Closes #4270
* http2: when marked for closure and wanted to close == OKDaniel Stenberg2019-08-261-0/+5
| | | | | | | | | It could otherwise return an error even when closed correctly if GOAWAY had been received previously. Reported-by: Tom van der Woerdt Fixes #4267 Closes #4268
* RELEASE-NOTES: syncedDaniel Stenberg2019-08-261-6/+26
|
* build-openssl: fix build with Visual Studio 2019Daniel Stenberg2019-08-261-1/+18
| | | | | | | Reviewed-by: Marcel Raad Contributed-by: osabc on github Fixes #4188 Closes #4266
* vauth: return CURLE_AUTH_ERROR on gss_init_sec_context() failureKamil Dudka2019-08-263-3/+3
| | | | | | This is a follow-up to https://github.com/curl/curl/pull/3864 . Closes #4224
* KNOWN_BUGS: USE_UNIX_SOCKETS on WindowsDaniel Stenberg2019-08-261-0/+8
| | | | Closes #4040
* quiche: send the HTTP body correctly on callback uploadsDaniel Stenberg2019-08-261-1/+10
| | | | Closes #4265