| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
... and remove the wording about entries from before 2019 as the "within
12 months" is still there and covers that.
Closes #6318
|
| |
|
|
|
|
|
|
|
| |
Fix regression from commit fc813f80e1bcac (#6248) that changed the unit
to microseconds instead of seconds with fractions
Reported-by: 不确定
Fixes #6321
Closes #6322
|
| | |
|
| |
|
|
| |
Closes https://github.com/curl/curl/issues/6302
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The error is shown with infof rather than failf so that the user will
see the extended error message information only in verbose mode, and
will still see the standard CURLE_AUTH_ERROR message. For example:
---
* schannel: InitializeSecurityContext failed: SEC_E_QOP_NOT_SUPPORTED
(0x8009030A) - The per-message Quality of Protection is not supported by
the security package
* multi_done
* Connection #1 to host 127.0.0.1 left intact
curl: (94) An authentication function returned an error
---
Ref: https://github.com/curl/curl/issues/6302
Closes https://github.com/curl/curl/pull/6315
|
| |
|
|
| |
Closes #6316
|
| |
|
|
| |
Closes #6314
|
| |
|
|
|
|
|
| |
Note that ports 25 and 587 are common ports for smtp, the former being
the default.
Closes https://github.com/curl/curl/pull/6310
|
| |
|
|
|
|
| |
... that are now found in URL-SYNTAX.md
Closes #6307
|
| |
|
|
| |
[skip ci]
|
| |
|
|
| |
Closes #6311
|
| |
|
|
| |
Closes #6308
|
| |
|
|
| |
Closes #6285
|
| |
|
|
|
|
| |
... for better readability
Closes #6286
|
| |
|
|
|
|
| |
Fixes #6299
Fixes #6300
Closes #6301
|
| | |
|
| |
|
|
|
| |
To allow the test suite to know if wakeup support is disabled in the
build.
|
| | |
|
| |
|
|
|
|
|
|
| |
Adjust six --libcurl tests to only check the FTP option if FTP is
actually present in the build.
Fixes #6303
Closes #6305
|
| |
|
|
| |
follow-up to e12825c642a88774
|
| |
|
|
|
|
|
|
|
| |
... to make tests run differently or expect different results depending
on what features that are present or not in curl.
Bonus: initial minor 'Hyper' awareness but nothing is using that yet
Closes #6304
|
| |
|
|
|
|
|
|
| |
Add 'struct' to cast and declaration of cfcdata to fix compilation
error.
Fixes #6292
Closes #6297
|
| |
|
|
| |
Closes #6296
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If supported, defer port selection until connect() time
if --interface is given and source port is 0.
Reproducer:
* start fast webserver on port 80
* starve system of ephemeral ports
$ sysctl net.ipv4.ip_local_port_range="60990 60999"
* start a curl/libcurl "crawler"
$curl --keepalive --parallel --parallel-immediate --head --interface
127.0.0.2 "http://127.0.0.[1-254]/file[001-002].txt"
current result:
(possible some successful data)
curl: (45) bind failed with errno 98: Address already in use
result after patch:
(complete success or few connections failing, higlhy depending on load)
Fail only when all the possible 4-tuple combinations are exhausted,
which is impossible to do when port is selected at bind() time becuse
the kernel does not know if socket will be listen()'ed on or connect'ed
yet.
Closes #6295
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Valgrind will complain that ssrem buffer usage if not explicit
initialized, hence initialize it to zero.
This completes the change intially started in commit 2c0d7212151 ('ftp:
retry getpeername for FTP with TCP_FASTOPEN') where the ssloc buffer has
a similar memset to zero.
Signed-off-by: Hans-Christian Noren Egtvedt <hegtvedt@cisco.com>
Closes #6289
|
| |
|
|
| |
start over on the next release cycle
|
| |
|
|
| |
for 7.74.0
|
| |
|
|
|
|
|
| |
This comment was originally on the `use` field, but was separated from
its field in 62a2534.
Closes https://github.com/curl/curl/pull/6287
|
| |
|
|
|
| |
We always use the patch number these days: all releases are
"major.minor.patch"
|
| |
|
|
|
|
|
| |
CMake up to 3.10 always reserves this name
Fixes #6257
Closes #6258
|
| |
|
|
|
|
|
|
| |
CVE-2020-8286
Reported by anonymous
Bug: https://curl.se/docs/CVE-2020-8286.html
|
| |
|
|
|
|
|
|
| |
CVE-2020-8285
Fixes #6255
Bug: https://curl.se/docs/CVE-2020-8285.html
Reported-by: xnynx on github
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The command line tool also independently sets --ftp-skip-pasv-ip by
default.
Ten test cases updated to adapt the modified --libcurl output.
Bug: https://curl.se/docs/CVE-2020-8284.html
CVE-2020-8284
Reported-by: Varnavas Papaioannou
|
| |
|
|
|
|
|
|
|
|
| |
... as it makes the URL parser accept "very-long-hostname://" as a valid
host name and we don't want that. The parser now only accepts a blank
(no digits) after the colon if the URL starts with a scheme.
Reported-by: d4d on hackerone
Closes #6283
|
| |
|
|
|
|
|
|
|
|
|
| |
This reverts commit d2a7d7c185f98df8f3e585e5620cbc0482e45fac.
This commit also reverts the subsequent follow-ups to that commit, which
were all done within windows #ifdefs that are removed in this
change. Marc helped me verify this.
Fixes #6146
Closes #6281
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In the case of TFO, the remote host name is not resolved at the
connetion time.
For FTP that has lead to missing hostname for the secondary connection.
Therefore the name resolution is done at the time, when FTP requires it.
Fixes #6252
Closes #6265
Closes #6282
|
| |
|
|
|
|
|
| |
For tab-completion it may be preferable to include all the
available options.
Closes #6280
|
| | |
|
| |
|
|
|
|
|
| |
Reported-by: Kovalkov Dmitrii and Per Nilsson
Fixes #6254
Fixes #6256
Closes #6260
|
| |
|
|
|
|
|
| |
Once a vulnerability has been published, the hackerone issue should be
disclosed. For tranparency.
Closes #6275
|
| |
|
|
|
|
|
|
|
|
| |
Backporting the Python 3 implementation of setStream
to ClosingFileHandler as a fallback within Python 2.
Reported-by: Jay Satiro
Fixes #6259
Closes #6270
|
| |
|
|
|
| |
Reported-by: emanruse on github
Fixes #6273
|
| |
|
|
|
|
| |
Reported-by: Junho Choi
Fixes #6213
Closes #6217
|
| |
|
|
|
|
|
|
|
|
| |
- NGTCP2_CRYPTO_LEVEL_APP -> NGTCP2_CRYPTO_LEVEL_APPLICATION
ngtcp2/ngtcp2@76232e9 changed the name.
ngtcp2 master is required to build curl with http3 support.
Closes https://github.com/curl/curl/pull/6271
|
| |
|
|
|
|
| |
The HAVE_LINUX_TCP_H define was not set by cmake.
Closes #6252
|
| |
|
|
| |
Closes #6263
|
| |
|
|
|
|
|
| |
... and remove the old unused proto for the old Curl_splayremove
version.
Closes #6269
|
| |
|
|
|
|
| |
To fix a memory-leak.
Closes #6267
|
| |
|
|
|
|
| |
Follow-up to 4c9768565ec3a9 (from Sep 2008)
Closes #6268
|
| |
|
|
|
|
|
|
| |
... and simplify the too-long checks somewhat.
Detected by OSS-Fuzz
Closes #6264
|
