summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* fixup CURLOPT_ERRORBUFFER.3 docsbagder/clear-errorbuffer-add-handleJay Satiro2018-03-161-5/+7
| | | | [skip ci]
* fixup the easy_perform errorbuffer clearingDaniel Stenberg2018-03-131-3/+3
|
* curl_multi_add_handle/easy_perform: clear errorbuffer if setDaniel Stenberg2018-03-132-0/+6
| | | | | | | To offer applications a more defined behavior, we clear the buffer as early as possible. Bug #2190
* Revert "hostip: fix compiler warning: 'variable set but not used'"Daniel Stenberg2018-03-121-1/+1
| | | | | | | This reverts commit a577059f92fc65bd6b81717f0737f897a5b34248. The assignment really needs to be there or we risk working with an uninitialized pointer.
* limit-rate: fix compiler warningMichael Kaufmann2018-03-121-1/+1
| | | | follow-up to 72a0f62
* checksrc.pl: add -i and -m optionsViktor Szakats2018-03-121-6/+18
| | | | | To sync it with changes made for the libssh2 project. Also cleanup some whitespace.
* curl-openssl.m4: fix spelling [ci skip]Viktor Szakats2018-03-121-1/+1
|
* FAQ: fix a broken URL [ci skip]Viktor Szakats2018-03-121-1/+1
|
* http2: mark the connection for close on GOAWAYDaniel Stenberg2018-03-123-21/+26
| | | | | | | | | ... don't consider it an error! Assisted-by: Jay Satiro Reported-by: Łukasz Domeradzki Fixes #2365 Closes #2375
* credits: Viktor prefers without accentDaniel Stenberg2018-03-122-2/+2
|
* openldap: white space changes, fixed up the copyright yearsDaniel Stenberg2018-03-121-18/+19
|
* openldap: check ldap_get_attribute_ber() results for NULL before usingDaniel Stenberg2018-03-121-4/+4
| | | | | | CVE-2018-1000121 Reported-by: Dario Weisser Bug: https://curl.haxx.se/docs/adv_2018-97a2.html
* FTP: reject path components with control codesDaniel Stenberg2018-03-123-4/+47
| | | | | | | | | | | | | | | Refuse to operate when given path components featuring byte values lower than 32. Previously, inserting a %00 sequence early in the directory part when using the 'singlecwd' ftp method could make curl write a zero byte outside of the allocated buffer. Test case 340 verifies. CVE-2018-1000120 Reported-by: Duy Phan Thanh Bug: https://curl.haxx.se/docs/adv_2018-9cd6.html
* readwrite: make sure excess reads don't go beyond buffer endDaniel Stenberg2018-03-121-2/+7
| | | | | | | CVE-2018-1000122 Bug: https://curl.haxx.se/docs/adv_2018-b047.html Detected by OSS-fuzz
* BUGS: updated link to security processDaniel Stenberg2018-03-121-1/+1
|
* limit-rate: kick in even before "limit" data has been receivedDaniel Stenberg2018-03-112-23/+29
| | | | | | | | ... and make sure to avoid integer overflows with really large values. Reported-by: 刘佩东 Fixes #2371 Closes #2373
* docs/SECURITY.md -> docs/SECURITY-PROCESS.mdDaniel Stenberg2018-03-112-2/+2
|
* SECURITY.md: call it the security processDaniel Stenberg2018-03-111-4/+4
|
* Curl_range: fix FTP-only and FILE-only buildsMichael Kaufmann2018-03-111-1/+1
| | | | follow-up to e04417d
* hostip: fix compiler warning: 'variable set but not used'Michael Kaufmann2018-03-111-1/+1
|
* HTTP: allow "header;" to replace an internal header with a blank oneDaniel Stenberg2018-03-119-86/+285
| | | | | | Reported-by: Michael Kaufmann Fixes #2357 Closes #2362
* http2: verbose output new MAX_CONCURRENT_STREAMS valuesDaniel Stenberg2018-03-101-1/+2
| | | | ... as it is interesting for many users.
* SECURITY: distros' max embargo time is 14 days nowDaniel Stenberg2018-03-091-1/+1
|
* curl tool: accept --compressed also if Brotli is enabled and zlib is not.Patrick Monnerat2018-03-081-2/+3
|
* THANKS + mailmap: remove duplicates, fixup full namesDaniel Stenberg2018-03-052-1/+5
|
* WolfSSL: adding TLSv1.3sergii.kavunenko2018-03-051-1/+11
| | | | Closes #2349
* RELEASE-NOTES/THANKS: synced with cc1d4c505Daniel Stenberg2018-03-042-9/+52
|
* winbuild: prefer documented zlib library namesrichardthe3rd2018-03-041-0/+14
| | | | | | | | | | | | Check for existence of import and static libraries with documented names and use them if they do. Fallback to previous names. According to https://github.com/madler/zlib/blob/master/win32/README-WIN32.txt on Windows, the names of the import library is "zdll.lib" and static library is "zlib.lib". closes #2354
* krb5: use nondeprecated functionsMarcel Raad2018-03-041-3/+3
| | | | | | | | | | | | | | | gss_seal/gss_unseal have been deprecated in favor of gss_wrap/gss_unwrap with GSS-API v2 from January 1997 [1]. The first version of "The Kerberos Version 5 GSS-API Mechanism" [2] from June 1996 already says "GSS_Wrap() (formerly GSS_Seal())" and "GSS_Unwrap() (formerly GSS_Unseal())". Use the nondeprecated functions to avoid deprecation warnings. [1] https://tools.ietf.org/html/rfc2078 [2] https://tools.ietf.org/html/rfc1964 Closes https://github.com/curl/curl/pull/2356
* curl.1: mention how to add numerical IP addresses in NO_PROXYDaniel Stenberg2018-03-041-3/+6
|
* CURLOPT_NOPROXY.3: mention how to list numerical IPv6 addressesDaniel Stenberg2018-03-041-1/+6
|
* NO_PROXY: fix for IPv6 numericals in the URLDaniel Stenberg2018-03-043-2/+63
| | | | | | | | Added test 1265 that verifies. Reported-by: steelman on github Fixes #2353 Closes #2355
* build: get CFLAGS (including -werror) used for examples and testsDaniel Stenberg2018-03-045-6/+13
| | | | | | ... so that the CI and more detects compiler warnings/errors properly! Closes #2337
* curl_ctype: fix macro redefinition warningsMarcel Raad2018-03-031-0/+8
| | | | | | | | | On MinGW and Cygwin, GCC and clang have been complaining about macro redefinitions since 4272a0b0fc49a1ac0ceab5c4a365c9f6ab8bf8e2. Fix this by undefining the macros before redefining them as suggested in https://github.com/curl/curl/pull/2269. Suggested-by: Daniel Stenberg
* unit1307: proper cleanup on OOM to fix torture testsDan Fandrich2018-03-021-8/+18
|
* unit1309: fix warning on Windows x64Marcel Raad2018-02-283-17/+17
| | | | | | | | | | When targeting x64, MinGW-w64 complains about conversions between 32-bit long and 64-bit pointers. Fix this by reusing the GNUTLS_POINTER_TO_SOCKET_CAST / GNUTLS_SOCKET_TO_POINTER_CAST logic from gtls.c, moving it to warnless.h as CURLX_POINTER_TO_INTEGER_CAST / CURLX_INTEGER_TO_POINTER_CAST. Closes https://github.com/curl/curl/pull/2341
* travis: update compiler versionsMarcel Raad2018-02-281-9/+9
| | | | | | Update clang to version 3.9 and GCC to version 6. Closes https://github.com/curl/curl/pull/2345
* docs/MANUAL: formfind.pl is not accessible on the site anymoreDaniel Stenberg2018-02-261-2/+1
| | | | Fixes #2342
* curl-openssl.m4: Fix version check for OpenSSL 1.1.1Jay Satiro2018-02-241-1/+10
| | | | | | | | | | - Add OpenSSL 1.1.1 to the header/library version lists. - Detect OpenSSL 1.1.1 library using its function ERR_clear_last_mark, which was added in that version. Prior to this change an erroneous header/library mismatch was caused by lack of OpenSSL 1.1.1 detection. I tested using openssl-1.1.1-pre1.
* lib655: silence compiler warningViktor Szakats2018-02-231-1/+1
| | | | Closes https://github.com/curl/curl/pull/2335
* spelling fixesViktor Szakats2018-02-2332-48/+49
| | | | | | | | Detected using the `codespell` tool. Also contains one URL protocol upgrade. Closes https://github.com/curl/curl/pull/2334
* projects/README: remove reference to dead IDN link/packageDaniel Stenberg2018-02-241-7/+4
| | | | | | Reported-by: Stefan Kanthak and Rod Widdowson Fixes #2325
* winbuild: Use macros for the names of some build utilitiesRod Widdowson2018-02-231-2/+7
| | | | | | | | | | - Add macros to the top of the makefile for rc and mt utilities so that it is easier to change their locations. Bug: https://curl.haxx.se/mail/lib-2018-02/0075.html Reported-by: Stefan Kanthak Closes https://github.com/curl/curl/issues/2329
* TODO: remove "sha-256 digest", added in 2b5b37cb9109e7c2Daniel Stenberg2018-02-231-10/+0
|
* curl_share_setopt.3: connection cache is shared within multi handlesDaniel Stenberg2018-02-231-3/+6
|
* winbuild: Use CALL to run batch scriptsRod Widdowson2018-02-221-2/+2
| | | | | | | Co-authored-by: Stefan Kanthak Closes https://github.com/curl/curl/issues/2330 Closes https://github.com/curl/curl/pull/2331
* os400: add curl_resolver_start_callback type to ILE/RPG bindingPatrick Monnerat2018-02-221-0/+3
|
* form.d: rephrased somewhat, added two example command linesDaniel Stenberg2018-02-221-16/+26
|
* url: Add option CURLOPT_RESOLVER_START_FUNCTIONFrancisco Sedano2018-02-2116-3/+379
| | | | | | | | | | | | - Add new option CURLOPT_RESOLVER_START_FUNCTION to set a callback that will be called every time before a new resolve request is started (ie before a host is resolved) with a pointer to backend-specific resolver data. Currently this is only useful for ares. - Add new option CURLOPT_RESOLVER_START_DATA to set a user pointer to pass to the resolver start callback. Closes https://github.com/curl/curl/pull/2311
* lib: CURLOPT_HAPPY_EYEBALLS_TIMEOUT => CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MSJay Satiro2018-02-219-14/+14
| | | | | | | | | | | | | | | | - In keeping with the naming of our other connect timeout options rename CURLOPT_HAPPY_EYEBALLS_TIMEOUT to CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS. This change adds the _MS suffix since the option expects milliseconds. This is more intuitive for our users since other connect timeout options that expect milliseconds use _MS such as CURLOPT_TIMEOUT_MS, CURLOPT_CONNECTTIMEOUT_MS, CURLOPT_ACCEPTTIMEOUT_MS. The tool option already uses an -ms suffix, --happy-eyeballs-timeout-ms. Follow-up to 2427d94 which added the lib and tool option yesterday. Ref: https://github.com/curl/curl/pull/2260
View Lorry Controller Status