summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* libssh: The expression is excessive or contains a misprintDaniel Stenberg2019-09-231-1/+1
| | | | | PVS-Studio warning Fixes #4402
* quiche: The expression must be surrounded by parenthesesDaniel Stenberg2019-09-231-1/+1
| | | | | PVS-Studio warning Fixes #4402
* vauth: The parameter 'status' must be surrounded by parenthesesDaniel Stenberg2019-09-231-1/+1
| | | | | PVS-Studio warning Fixes #4402
* doh: allow only http and https in debug modePaul Dreik2019-09-231-0/+3
| | | | | | | | | | Otherwise curl may be told to use for instance pop3 to communicate with the doh server, which most likely is not what you want. Found through fuzzing. Closes #4406
* doh: return early if there is no time leftPaul Dreik2019-09-231-1/+4
| | | | Closes #4406
* http: lowercase headernames for HTTP/2 and HTTP/3Barry Pollard2019-09-235-3/+95
| | | | | Closes #4401 Fixes #4400
* vtls: fix narrowing conversion warningsMarcel Raad2019-09-239-19/+20
| | | | | | | Curl_timeleft returns `timediff_t`, which is 64 bits wide also on 32-bit systems since commit b1616dad8f0. Closes https://github.com/curl/curl/pull/4398
* winbuild: Add manifest to curl.exe for proper OS version detectionJoel Depooter2019-09-231-2/+2
| | | | | | | | | | This is a small fix to commit ebd213270a017a6830928ee2e1f4a9cabc799898 in pull request #1221. That commit added the CURL_EMBED_MANIFEST flag to CURL_RC_FLAGS. However, later in the file CURL_RC_FLAGS is overwritten. The fix is to append values to CURL_RC_FLAGS instead of overwriting Closes #4399
* RELEASE-NOTES: syncedDaniel Stenberg2019-09-221-5/+33
|
* openssl: fix compiler warning with LibreSSLMarcel Raad2019-09-221-1/+1
| | | | | | | | | | It was already fixed for BoringSSL in commit a0f8fccb1e0. LibreSSL has had the second argument to SSL_CTX_set_min_proto_version as uint16_t ever since the function was added in [0]. [0] https://github.com/libressl-portable/openbsd/commit/56f107201baefb5533486d665a58d8f57fd3aeda Closes https://github.com/curl/curl/pull/4397
* curl: exit the create_transfers loop on errorsDaniel Stenberg2019-09-221-8/+5
| | | | | | | | | | When looping around the ranges and given URLs to create transfers, all errors should exit the loop and return. Previously it would keep looping. Reported-by: SumatraPeter on github Bug: #4393 Closes #4396
* socks: Fix destination host shown on SOCKS5 errorJay Satiro2019-09-211-44/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Prior to this change when a server returned a socks5 connect error then curl would parse the destination address:port from that data and show it to the user as the destination: curld -v --socks5 10.0.3.1:1080 http://google.com:99 * SOCKS5 communication to google.com:99 * SOCKS5 connect to IPv4 172.217.12.206 (locally resolved) * Can't complete SOCKS5 connection to 253.127.0.0:26673. (1) curl: (7) Can't complete SOCKS5 connection to 253.127.0.0:26673. (1) That's incorrect because the address:port included in the connect error is actually a bind address:port (typically unused) and not the destination address:port. This fix changes curl to show the destination information that curl sent to the server instead: curld -v --socks5 10.0.3.1:1080 http://google.com:99 * SOCKS5 communication to google.com:99 * SOCKS5 connect to IPv4 172.217.7.14:99 (locally resolved) * Can't complete SOCKS5 connection to 172.217.7.14:99. (1) curl: (7) Can't complete SOCKS5 connection to 172.217.7.14:99. (1) curld -v --socks5-hostname 10.0.3.1:1080 http://google.com:99 * SOCKS5 communication to google.com:99 * SOCKS5 connect to google.com:99 (remotely resolved) * Can't complete SOCKS5 connection to google.com:99. (1) curl: (7) Can't complete SOCKS5 connection to google.com:99. (1) Ref: https://tools.ietf.org/html/rfc1928#section-6 Closes https://github.com/curl/curl/pull/4394
* travis: enable ngtcp2 h3-23 buildsDaniel Stenberg2019-09-211-16/+16
|
* altsvc: both backends run h3-23 nowDaniel Stenberg2019-09-212-3/+3
| | | | Closes #4395
* http: fix warning on conversion from int to bitDaniel Stenberg2019-09-211-3/+4
| | | | Follow-up from 03ebe66d70
* urldata: use 'bool' for the bit type on MSVC compilersDaniel Stenberg2019-09-211-193/+197
| | | | | Closes #4387 Fixes #4379
* appveyor: upgrade VS2017 to VS2019Daniel Stenberg2019-09-211-8/+13
| | | | Closes #4383
* FTP: FTPFILE_NOCWD: avoid redundant CWDsZenju2019-09-212-59/+62
| | | | Closes #4382
* cookie: pass in the correct cookie amount to qsort()Daniel Stenberg2019-09-211-6/+6
| | | | | | | | | As the loop discards cookies without domain set. This bug would lead to qsort() trying to sort uninitialized pointers. We have however not found it a security problem. Reported-by: Paul Dreik Closes #4386
* urlapi: avoid index underflow for short ipv6 hostnamesPaul Dreik2019-09-211-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the input hostname is "[", hlen will underflow to max of size_t when it is subtracted with 2. hostname[hlen] will then cause a warning by ubsanitizer: runtime error: addition of unsigned offset to 0x<snip> overflowed to 0x<snip> I think that in practice, the generated code will work, and the output of hostname[hlen] will be the first character "[". This can be demonstrated by the following program (tested in both clang and gcc, with -O3) int main() { char* hostname=strdup("["); size_t hlen = strlen(hostname); hlen-=2; hostname++; printf("character is %d\n",+hostname[hlen]); free(hostname-1); } I found this through fuzzing, and even if it seems harmless, the proper thing is to return early with an error. Closes #4389
* ngtcp2: compile with latest ngtcp2 + nghttp3 draft-23Tatsuhiro Tsujikawa2019-09-211-14/+13
| | | | Closes #4392
* THANKS-filter: deal with my typos 'Jat' => 'Jay'Daniel Stenberg2019-09-201-1/+1
|
* travis: use go masterDaniel Stenberg2019-09-201-2/+5
| | | | | | | ... as the boringssl builds needs a very recent version Co-authored-by: Jat Satiro Closes #4361
* tool_operate: removed unused variable 'done'Daniel Stenberg2019-09-201-2/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* tool_operate: Expression 'config->resume_from' is always trueDaniel Stenberg2019-09-201-2/+2
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* tool_getparam: remove duplicate switch caseDaniel Stenberg2019-09-201-5/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* libssh2: part of conditional expression is always true: !resultDaniel Stenberg2019-09-201-1/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* urlapi: Expression 'storep' is always trueDaniel Stenberg2019-09-201-1/+2
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* urlapi: 'scheme' is always trueDaniel Stenberg2019-09-201-16/+15
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* urlapi: part of conditional expression is always true: (relurl[0] == '/')Daniel Stenberg2019-09-201-1/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* setopt: store CURLOPT_RTSP_SERVER_CSEQ correctlyDaniel Stenberg2019-09-201-1/+1
| | | | | Fixes bug detected by PVS-Studio Fixes #4374
* mime: make Curl_mime_duppart() assert if called without valid dstDaniel Stenberg2019-09-201-6/+6
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* http_proxy: part of conditional expression is always true: !errorDaniel Stenberg2019-09-201-1/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* imap: merged two case-branches performing the same actionDaniel Stenberg2019-09-201-4/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* multi: value '2L' is assigned to a booleanDaniel Stenberg2019-09-201-1/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* easy: part of conditional expression is always true: !resultDaniel Stenberg2019-09-201-3/+2
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* netrc: part of conditional expression is always true: !doneDaniel Stenberg2019-09-201-1/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* version: Expression 'left > 1' is always trueDaniel Stenberg2019-09-201-7/+5
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* url: remove dead codeDaniel Stenberg2019-09-201-7/+0
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* url: part of expression is always true: (bundle->multiuse == 0)Daniel Stenberg2019-09-201-1/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* ftp: the conditional expression is always trueDaniel Stenberg2019-09-201-4/+2
| | | | | | | ... both !result and (ftp->transfer != FTPTRANSFER_BODY)! Fixes warning detected by PVS-Studio Fixes #4374
* ftp: Expression 'ftpc->wait_data_conn' is always falseDaniel Stenberg2019-09-201-7/+2
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* ftp: Expression 'ftpc->wait_data_conn' is always trueDaniel Stenberg2019-09-201-6/+5
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* ftp: part of conditional expression is always true: !resultDaniel Stenberg2019-09-201-1/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* http: fix Expression 'http->postdata' is always falseDaniel Stenberg2019-09-201-2/+1
| | | | | | Fixes warning detected by PVS-Studio Fixes #4374 Reported-by: Valerii Zapodovnikov
* doh: avoid truncating DNS QTYPE to lower octetNiall O'Reilly2019-09-191-2/+4
| | | | Closes #4381
* urlapi: CURLU_NO_AUTHORITY allows empty authority/host partJens Finkhaeuser2019-09-195-11/+57
| | | | | | | CURLU_NO_AUTHORITY is intended for use with unknown schemes (i.e. not "file:///") to override cURL's default demand that an authority exists. Closes #4349
* version: next release will be 7.67.0Daniel Stenberg2019-09-192-5/+5
|
* RELEASE-NOTES: syncedDaniel Stenberg2019-09-191-6/+42
|
* url: only reuse TLS connections with matching pinningDaniel Stenberg2019-09-193-1/+9
| | | | | | | | | | If the requests have different CURLOPT_PINNEDPUBLICKEY strings set, the connection should not be reused. Bug: https://curl.haxx.se/mail/lib-2019-09/0061.html Reported-by: Sebastian Haglund Closes #4347