| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is done by having native code do the haproxy header output before
hyper issues its request. The little downside with this approach is that
we need the entire Curl_buffer_send() function built, which is otherwise
not used for hyper builds.
If hyper ends up getting native support for the haproxy protocols we can
backpedal on this.
Enables test 1455 and 1456
Closes #8034
|
|
|
|
|
|
|
|
|
|
|
|
| |
With a non-standard installation of openssl we get this error:
checking run-time libs availability... failed
configure: error: one or more libs available at link-time are not available run-time. Libs used at link-time: -lnghttp2 -lssl -lcrypto -lssl -lcrypto -lz
There's already code to set LD_LIBRARY_PATH on Linux, so set
DYLD_LIBRARY_PATH equivalent on macOS.
Closes #8028
|
|
|
|
| |
Closes #8030
|
|
|
|
|
|
| |
... that curl might use.
Closes #8027
|
|
|
|
|
|
| |
Works nicely thanks to d1828b470f43d
Closes #8025
|
|
|
|
|
|
|
|
|
| |
... and make connect_init() refusing trying to tunnel protocols marked
as not working. Avoids a double-free.
Reported-by: Even Rouault
Fixes #8018
Closes #8020
|
|
|
|
|
|
|
|
| |
Remove the lines saying "protocols: all". It makes the output in the
manpage look funny, and the expectation is probably by default that if
not anything is mentioned about protocols the option apply to them all.
Closes #8021
|
|
|
|
|
|
|
|
|
|
| |
gen.pl now generates a warning if the "See Also" field is not filled in for a
command line option
All command line options now provide one or more related options. 167
"See alsos" added!
Closes #8019
|
|
|
|
| |
Closes #8017
|
|
|
|
|
|
|
|
|
| |
Treat consecutive lines that start with a space to be "examples". They
are output enclosed by .nf and .fi
Updated form.d to use this new fanciness
Closes #8016
|
|
|
|
|
|
| |
This reverts commit a2d8eac04a4eb1d5a98cf24b4e5cec5cec565d27.
silly me, it was intended to be one backslash!
|
| |
|
| |
|
|
|
|
| |
and bump to 7.81.0-DEV
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Until now, form field and file names where escaped using the
backslash-escaping algorithm defined for multipart mails. This commit
replaces this with the percent-escaping method for URLs.
As this may introduce incompatibilities with server-side applications, a
new libcurl option CURLOPT_MIME_OPTIONS with bitmask
CURLMIMEOPT_FORMESCAPE is introduced to revert to legacy use of
backslash-escaping. This is controlled by new cli tool option
--form-escape.
New tests and documentation are provided for this feature.
Reported by: Ryan Sleevi
Fixes #7789
Closes #7805
|
|
|
|
|
|
|
|
| |
This version fixes errors with ALPN negotiation in rustls, which is
necessary for HTTP/2 support. For more information see the rustls-ffi
changelog.
Closes #8013
|
|
|
|
|
|
|
|
|
|
| |
If hyper is indeed present in the specified directory but couldn't be
used to find the correct symbol, then offer a different error message to
better help the user understand the issue.
Suggested-by: Jacob Hoffman-Andrews
Fixes #8001
Closes #8005
|
|
|
|
|
|
| |
Follow-up to f0b7099a10d1a
Closes #8011
|
|
|
|
|
|
|
|
| |
... as the others don't support --hostpubsha256
Reported-by: Paul Howarth
Fixes #8009
Closes #8010
|
|
|
|
| |
libssh2, libssh and wolfssh
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we're reading out plaintext from rustls' internal buffers, we might
get a read of zero bytes (meaning a clean TCP close, including
close_notify). However, we shouldn't return immediately when that
happens, since we may have already copied out some plaintext bytes.
Break out of the loop when we get a read of zero bytes, and figure out
which path we're dealing with.
Acked-by: Kevin Burke
Closes #8003
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The update to rustls-ffi 0.8.0 changed handling of EOF and close_notify.
From the CHANGELOG:
> Handling of unclean close and the close_notify TLS alert. Mirroring
> upstream changes, a rustls_connection now tracks TCP closed state like
> so: rustls_connection_read_tls considers a 0-length read from its
> callback to mean "TCP stream was closed by peer." If that happens
> before the peer sent close_notify, rustls_connection_read will return
> RUSTLS_RESULT_UNEXPECTED_EOF once the available plaintext bytes are
> exhausted. This is useful to protect against truncation attacks. Note:
> some TLS implementations don't send close_notify. If you are already
> getting length information from your protocol (e.g. Content-Length in
> HTTP) you may choose to ignore UNEXPECTED_EOF so long as the number of
> plaintext bytes was as expected.
That means we don't need to check for unclean EOF in `cr_recv()`,
because `process_new_packets()` will give us an error if appropriate.
Closes #8003
|
|
|
|
|
|
| |
Follow-up to f0b7099a10d1a
Closes #8007
|
|
|
|
|
|
|
|
|
|
| |
The configure line would previously depend on a configure mistake using
--without-openssl that is fixed and now this configure line needs
adjusting to use --without-ssl.
Follow-up to b589696f0312d
Closes #8006
|
|
|
|
|
|
|
|
|
| |
Note: The list of libraries that rustc tells us we need to include is
longer, but also includes some more platform-specific libraries that I
am not sure how to effectively incorporate. Adding just -lm seems to
solve an immediate problem, so I'm adding just that.
Closes #8002
|
| |
|
|
|
|
|
|
|
|
|
|
| |
CURLSHOPT_LOCKFUNC.3
CURLSHOPT_SHARE.3
CURLSHOPT_UNLOCKFUNC.3
CURLSHOPT_UNSHARE.3
CURLSHOPT_USERDATA.3
Closes #7998
|
|
|
|
|
|
|
|
|
| |
... by making it an empty macro then.
Follow-up to f0b7099a10d1a
Reported-by: Vincent Grande
Fixes #7995
Closes #7996
|
|
|
|
|
|
|
|
|
|
| |
Follow-up to f0b7099a10d1a7c
When torture testing 1021, it turns out the Curl_connect_done function
might be called twice and that previously then wrongly cleared the HTTP
pointer in the second invoke.
Closes #7999
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously specifying `--without-gnutls` would unexpectedly attempt to
compile with GnuTLS, effectively interpreting this as
`--with-gnutls`. This caused a significant amount of confusion when
`libcurl` was built with SSL disabled since GnuTLS wasn't present.
68d89f24 dropped the `--without-*` options from the configure help, but
`AC_ARG_WITH` still defines these flags automatically. As
https://www.gnu.org/software/autoconf/manual/autoconf-2.60/html_node/External-Software.html
describes, the `action-if-given` is called when the user specifies
`--with-*` or `--without-*` options.
To prevent this confusion, we make the `--without` flag do the right
thing by ignoring the value if it set to "no".
Closes #7994
|
|
|
|
| |
Closes #7991
|
|
|
|
| |
Closes #7956
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously we'd return CURLE_READ_ERROR if we received this, instead
of triggering the error handling logic that's present in the next if
block down.
After this change, curl requests to https://go.googlesource.com using
HTTP/2 complete successfully.
Fixes #7949
Closes #7948
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some method names, as well as the generated library name, were changed
in a recent refactoring.
Further, change the default configuration instructions to check for
Hyper in either "target/debug" or "target/release" - the latter
contains an optimized build configuration.
Fixes #7947
Closes #7948
|
|
|
|
| |
and bump the version to 7.80.1
|
|
|
|
|
|
|
|
|
|
| |
... to prevent a lingering pointer that would lead to a double-free.
Added test 1939 to verify.
Reported-by: Stephen M. Coakley
Fixes #7982
Closes #7986
|
|
|
|
|
|
|
|
|
| |
Easy handles that are used by the multi interface should be removed from
the multi handle before they are cleaned up.
Reported-by: Stephen M. Coakley
Ref: #7982
Closes #7983
|
|
|
|
| |
Closes #7984
|
|
|
|
| |
for curl 7.80.0
|
| |
|
|
|
|
|
|
|
| |
Advertise h3 as well as h3-29 since some servers out there require h3
for QUIC v1.
Closes #7979
|
|
|
|
|
|
|
| |
Since we switched to v1 quic_transport_parameters codepoint in #7960
with quictls, lets use QUIC v1 consistently.
Closes #7979
|
|
|
|
| |
Closes #7978
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds Schannel variants of SSLpinning tests that include the option
--ssl-revoke-best-effort to ignore certificate revocation check
failures which is required due to our custom test CA certificate.
Disable the original variants if the Schannel backend is enabled.
Also skip all IDN tests which are broken while using an msys shell.
This is a step to simplify test exclusions for Windows and MinGW.
Reviewed-by: Jay Satiro
Reviewed-by: Marcel Raad
Reviewed-by: Daniel Stenberg
Closes #7968
|
|
|
|
| |
Closes #7975
|
|
|
|
|
|
| |
Reported-by: Roger Young
Fixes #7967
Closes #7976
|
|
|
|
|
|
|
|
|
|
| |
tool_operate.c(889) : warning C4701: potentially uninitialized local
variable 'per' use
Follow-up to cc71d352651a0d95
Reported-by: Marc Hörsken
Bug: https://github.com/curl/curl/pull/7922#issuecomment-963042676
Closes #7971
|
|
|
|
|
|
| |
Reported-by: Godwin Stewart
Fixes #7973
Closes #7974
|
|
|
|
|
|
|
| |
Fixes torture test failures
Follow-up to cc71d352651
Closes #7972
|