| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
| |
Based on what Wikipedia says
|
|
|
|
|
|
|
|
|
|
| |
Known bug 11.11 is the shared object's connection cache is not thread
safe, so we should not have an example for it.
Ref: https://github.com/curl/curl/issues/4915
Ref: https://curl.se/docs/knownbugs.html#A_shared_connection_cache_is_not
Closes https://github.com/curl/curl/pull/6795
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Add description: Explain that some options aren't inherited because
they are not relevant for the DoH SSL connections or may result in
unexpected behavior.
- Remove the reference to #4578 (SSL verify options not inherited) since
that was fixed by #6597 (separate DoH-specific options for verify).
- Explain that DoH-specific options (those created by #6597) are
available: CURLOPT_DOH_SSL_VERIFYHOST, CURLOPT_DOH_SSL_VERIFYPEER and
CURLOPT_DOH_SSL_VERIFYSTATUS.
- Add a reference to #6605 and explain that the user's debug function is
not inherited because it would be unexpected to pass internal handles
(ie DoH handles) to the user's callback.
Closes https://github.com/curl/curl/issues/6605
|
| |
|
|
|
|
|
|
|
|
| |
SSL_CTX_set_alpn_protos() return 0 on success, and non-0 on failure
Signed-off-by: Jean-Philippe Menil <jpmenil@gmail.com>
Closes #6794
|
|
|
|
|
|
|
|
|
|
| |
Otherwise libcurl is likely to reuse the connection again in the next
attempt since the connection reuse logic doesn't take downgrades into
account.
Reported-by: Anthony Ramine
Fixes #6788
Closes #6793
|
|
|
|
|
|
|
|
|
|
|
| |
Otherwise, the transfer will be NULL in the trace function when the
early handshake details arrive and then curl won't show them.
Regresssion in 7.75.0
Reported-by: David Hu
Fixes #6783
Closes #6792
|
| |
|
|
|
|
| |
Ref: https://stackoverflow.com/q/66789977/93747
|
|
|
|
|
|
| |
Make the promises more firm
Closes #6786
|
|
|
|
|
|
|
|
|
| |
Instead of clearing the callback argument in disconnect, set it to the
(new) transfer to make sure the correct data is passed to the callbacks.
Follow-up to e467ea3bd937f38
Assisted-by: Patrick Monnerat
Closes #6787
|
|
|
|
|
|
|
|
|
|
|
|
| |
After the recent conn/data refactor in this source file, this function
was mistakenly still getting the old struct pointer which would lead to
crash on servers with keyboard-interactive auth enabled.
Follow-up to a304051620b92e12b (shipped in 7.75.0)
Reported-by: Christian Schmitz
Fixes #6691
Closes #6782
|
|
|
|
|
|
| |
Follow-up to d3d90ad9c00530d
Closes #6781
|
|
|
|
|
|
|
| |
Follow-up to a59c33ceffb8f78
Reported-by: Patrick Monnerat
Fixes #6676
Closes #6780
|
|
|
|
|
|
|
|
|
|
| |
To make sure the Host: header and the URL provide the same authority
portion when sent to the proxy, strip the default port number from the
URL if one was provided.
Reported-by: Michael Brown
Fixes #6769
Closes #6778
|
|
|
|
|
|
|
|
|
| |
Something in that environment sets XDG_CONFIG_HOME for us in a way that
breaks the test.
Reported-by: Marc Hörsken
Fixes #6739
Closes #6777
|
|
|
|
|
|
|
|
| |
... it was never meant to be there.
Reported-by: Tomas Berger
Fixes #6774
Closes #6776
|
|
|
|
|
|
|
| |
Remove some nroffisms from the cmdline doc files to simplify editing,
and instead support this markdown style.
Closes #6771
|
|
|
|
| |
Closes #6770
|
| |
|
|
|
|
|
|
|
|
|
| |
If libssh2_knownhost_init() returns NULL, like in an OOM situation, the
ssh session was freed but the pointer wasn't cleared which made libcurl
later call libssh2 to cleanup using the stale pointer.
Fixes #6764
Closes #6766
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This also pins a specific release in the Travis test so future
API-breaking changins in crustls won't break curl builds.
Add RUSTLS documentation to release tarball.
Enable running tests for rustls, minus FTP tests (require
connect_blocking, which rustls doesn't implement) and 313 (requires CRL
handling).
Closes #6763
|
|
|
|
|
|
|
|
| |
If we get a close_notify, treat that as EOF. If we get an EOF from the
TCP stream, treat that as an error (because we should have ended the
connection earlier, when we got a close_notify).
Closes #6763
|
|
|
|
| |
Closes #6758
|
|
|
|
|
|
| |
We always preprocess and tests are no longer sensible to load "raw"
Closes #6738
|
|
|
|
|
|
|
| |
This makes the tests easier to copy and relocate to other test numbers
without having to update content.
Closes #6738
|
|
|
|
| |
Closes #5747
|
|
|
|
| |
Closes #6743
|
|
|
|
|
|
|
|
|
|
|
| |
- Document the names that can be used with CURL_SSL_BACKEND:
bearssl, gnutls, gskit, mbedtls, mesalink, nss, openssl, rustls,
schannel, secure-transport, wolfssl
Ref: https://github.com/curl/curl/issues/2209#issuecomment-360623286
Ref: https://github.com/curl/curl/issues/6717#issuecomment-800745201
Closes https://github.com/curl/curl/pull/6755
|
|
|
|
|
|
|
|
|
|
|
| |
- Document in DOH that some SSL settings are inherited but DOH hostname
and peer verification are not and are controlled separately.
- Document that CURLOPT_SSL_CTX_FUNCTION is inherited by DOH handles but
we're considering changing behavior to no longer inherit it. Request
feedback.
Closes https://github.com/curl/curl/pull/6688
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When asked to resume a download, libcurl will convert that to HTTP logic
and if then the entire file is already transferred it will result in a
416 response from the HTTP server. With CURLOPT_FAILONERRROR set in that
scenario, it should *not* lead to an error return.
Updated test 1156, added test 1273
Reported-by: Jonathan Watt
Fixes #6740
Closes #6753
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The duration of a connect and the total transfer are calculated from two
different time-stamps. It can end up with the total timeout triggering
before the connect timeout expires and we should make sure to
acknowledge whichever timeout that is reached first.
This is especially notable when a transfer first sits in PENDING, as
that time is counted in the total time but the connect timeout is based
on the time since the handle changed to the CONNECT state.
The CONNECTTIMEOUT is per connect attempt. The TIMEOUT is for the entire
operation.
Fixes #6744
Closes #6745
Reported-by: Andrei Bica
Assisted-by: Jay Satiro
|
|
|
|
| |
AC_HEADER_TIME, AC_HEADER_STDC and AC_TYPE_SIGNAL
|
|
|
|
| |
... as the former versions are deprecated.
|
|
|
|
|
|
|
|
|
| |
AC_HELP_STRING is deprecated in 2.70+ and I believe AS_HELP_STRING works
already since 2.59 so bump the minimum required version to that.
Reported-by: Emil Engler
Fixes #6647
Closes #6748
|
| |
|
|
|
|
| |
Closes #6751
|
| |
|
|
|
|
| |
Closes #6751
|
|
|
|
|
|
|
|
|
| |
Previously, rustls was using an on-stack array for TLS data. However,
crustls has an (unusual) requirement that buffers it deals with are
initialized before writing to them. By using calloc, we can ensure the
buffer is initialized once and then reuse it across calls.
Closes #6742
|
|
|
|
|
|
| |
... that doesn't run any tests (yet)
Closes #6750
|
| |
|
|
|
|
|
|
|
| |
this should fix an issue where curl sometimes doesn't send out a request
with authorization info after a 401 is received over http2
Closes #6747
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Align conditions for NTLM features between CMake and configure
builds by differentiating between USE_NTLM and USE_CURL_NTLM_CORE,
just like curl_setup.h does internally to detect support of:
- USE_NTLM: required for NTLM crypto authentication feature
- USE_CURL_NTLM_CORE: required for SMB protocol
Implement USE_WIN32_CRYPTO detection by checking for Crypt functions
in wincrypt.h which are not available in the Windows App environment.
Link advapi32 and crypt32 for Crypto API and Schannel SSL backend.
Fix condition of Schannel SSL backend in CMake build accordingly.
Reviewed-by: Marcel Raad
Closes #6277
|
|
|
|
|
|
|
|
|
|
| |
Move the detection of the restricted Windows App environment
in curl_setup.h before the definition of USE_WIN32_CRYPTO
via included config-win32.h in case no build system is used.
Reviewed-by: Marcel Raad
Part of #6277
|
| |
|
|
|
|
|
|
| |
Reported-by: Alejandro Colomar
Fixes #6698
Closes #6722
|
|
|
|
|
|
|
|
|
| |
MAX_HSTS_SUBLEN and MAX_HSTS_SUBLENSTR were unused from the initial commit,
and mostly likely leftovers from early development. Remove as they're not
used for anything.
Closes #6741
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
|
|
|
|
| |
and at 20% to try to keep the run-time reasonable
Closes #6728
|
|
|
|
|
|
|
|
|
| |
Run torture without FTP and reducing coverage to 20%
For some reason the torture tests now run a lot slower on travis and run
into the 50 minute limit all the time.
Closes #6728
|