summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* tests: update with the CURLOPT_BUFFERSIZE changebagder/curl-larger-bufferDaniel Stenberg2017-04-249-0/+9
|
* curl: set a 100K buffer size by defaultDaniel Stenberg2017-04-241-3/+7
| | | | | | | | | | | | | | | | | Test command 'time curl http://localhost/80GB -so /dev/null' on a Debian Linux. Before (middle performing run out 9): real 0m28.078s user 0m11.240s sys 0m12.876s After (middle performing run out 9) real 0m26.356s (93.9%) user 0m5.324s (47.4%) sys 0m8.368s (65.0%)
* RELEASE-NOTES: synced with c68fed875Daniel Stenberg2017-04-241-2/+18
|
* configure: fix the -ldl check for openssl, add -lpthread checkDaniel Stenberg2017-04-241-44/+42
| | | | | | | | | | | The check for if -ldl is needed to build with (a statically built) openssl was broken. This repairs the check, and adds a check for -lpthread as well since OpenSSL 1.1.0+ does in fact require -lpthread so only adding -ldl for a static openssl build is no longer enough. Reported-by: Jay Satiro Ref: #1426 Closes #1427
* llist: fix a comment after cbae73e1dd9Daniel Stenberg2017-04-241-2/+0
| | | | | Pointed-it-by: Kevin Ji URL: https://github.com/curl/curl/commit/cbae73e1dd95946597ea74ccb580c30f78e3fa73#commitcomment-21872622
* schannel: Don't treat encrypted partial record as pending dataJay Satiro2017-04-222-2/+15
| | | | | | | | | | | | | - Track when the cached encrypted data contains only a partial record that can't be decrypted without more data (SEC_E_INCOMPLETE_MESSAGE). - Change Curl_schannel_data_pending to return false in such a case. Other SSL libraries have pending data functions that behave similarly. Ref: https://github.com/curl/curl/pull/1387 Closes https://github.com/curl/curl/pull/1392
* multi: clarify condition in curl_multi_waitAlan Jenkins2017-04-221-1/+1
| | | | | | | | | | | | | | | `if(nfds || extra_nfds) {` is followed by `malloc(nfds * ...)`. If `extra_fs` could be non-zero when `nfds` was zero, then we have `malloc(0)` which is allowed to return `NULL`. But, malloc returning NULL can be confusing. In this code, the next line would treat the NULL as an allocation failure. It turns out, if `nfds` is zero then `extra_nfds` must also be zero. The final value of `nfds` includes `extra_nfds`. So the test for `extra_nfds` is redundant. It can only confuse the reader. Closes #1439
* lib: fix maybe-uninitialized warningsMarcel Raad2017-04-222-3/+3
| | | | | | | | | | | | | | With -Og, GCC complains: easy.c:628:7: error: ‘mcode’ may be used uninitialized in this function [-Werror=maybe-uninitialized] ../lib/strcase.h:35:29: error: ‘tok_buf’ may be used uninitialized in this function [-Werror=maybe-uninitialized] vauth/digest.c:208:9: note: ‘tok_buf’ was declared here ../lib/strcase.h:35:29: error: ‘tok_buf’ may be used uninitialized in this function [-Werror=maybe-uninitialized] vauth/digest.c:566:15: note: ‘tok_buf’ was declared here Fix this by initializing the variables.
* gnutls: removed some code when --disable-verbose is configuredDan Fandrich2017-04-221-4/+8
| | | | This reduces the binary size and fixes a compile warning.
* llist: no longer uses mallocDaniel Stenberg2017-04-2213-208/+170
| | | | | | | | | | | | The 'list element' struct now has to be within the data that is being added to the list. Removes 16.6% (tiny) mallocs from a simple HTTP transfer. (96 => 80) Also removed return codes since the llist functions can't fail now. Test 1300 updated accordingly. Closes #1435
* typecheck-gcc: handle function pointers properlyMarcel Raad2017-04-211-53/+54
| | | | | | | | | | | | | | | | | | | All the callbacks passed to curl_easy_setopt are defined as function pointers. The possibility to pass both functions and function pointers was handled for the callbacks that typecheck-gcc.h defined as compatible, but not for the public callback types themselves. This makes all compatible callback types defined in typecheck-gcc.h function pointers too and checks all functions uniformly with _curl_callback_compatible, which handles both functions and function pointers. A symptom of the problem was a warning in tool_operate.c with --disable-libcurl-option and without --enable-debug as that file passes the callback functions to curl_easy_setopt directly. Fixes https://github.com/curl/curl/issues/1403 Closes https://github.com/curl/curl/pull/1404
* mbedtls: enable NTLM (& SMB) even if MD4 support is unavailableDan Fandrich2017-04-214-14/+20
| | | | | | In that case, use libcurl's internal MD4 routine. This fixes tests 1013 and 1014 which were failing due to configure assuming NTLM and SMB were always available whenever mbed TLS was in use (which is now true).
* tests: remove the html and PDF versions from the tarballDaniel Stenberg2017-04-211-1/+0
|
* openssl: fix memory leak in servercertDaniel Stenberg2017-04-201-0/+1
| | | | ... when failing to get the server certificate.
* Revert "src/Makefile.am: avoid explicit $<"Daniel Stenberg2017-04-201-4/+6
| | | | | | This reverts commit 5b4cbcf11d5100ff793a8e9edbaa6fe1fc7495f5. Since it broke out-of-tree builds from tarballs. See discussion in #1432
* bump: start working on next releaseDaniel Stenberg2017-04-192-215/+9
|
* src/Makefile.am: avoid explicit $<Daniel Stenberg2017-04-191-6/+4
| | | | | | | ... since apparently "BSD make" doesn't support it. Reported-by: Thomas Klausner Fixes #1432
* THANKS: add contributors from 7.54.0 release notescurl-7_54_0Daniel Stenberg2017-04-191-0/+31
|
* RELEASE-NOTES: curl 7.54.0Daniel Stenberg2017-04-191-6/+23
|
* nss: fix MinGW compiler warningsMarcel Raad2017-04-181-5/+5
| | | | | | | | | | | | | | | | This fixes 3 warnings issued by MinGW: 1. PR_ImportTCPSocket actually has a paramter of type PROsfd instead of PRInt32, which is 64 bits on Windows. Fixed this by including the corresponding header file instead of redeclaring the function, which is supported even though it is in the private include folder. [1] 2. In 64-bit mode, size_t is 64 bits while CK_ULONG is 32 bits, so an explicit narrowing cast is needed. 3. Curl_timeleft returns time_t instead of long since commit 21aa32d30dbf319f2d336e0cb68d3a3235869fbb. [1] https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSPR/Reference/PR_ImportTCPSocket Closes https://github.com/curl/curl/pull/1393
* TLS: Fix switching off SSL session id when client cert is usedJay Satiro2017-04-1812-22/+26
| | | | | | | | | | | | | | Move the sessionid flag to ssl_primary_config so that ssl and proxy_ssl will each have their own sessionid flag. Regression since HTTPS-Proxy support was added in cb4e2be. Prior to that this issue had been fixed in 247d890, CVE-2016-5419. Bug: https://github.com/curl/curl/issues/1341 Reported-by: lijian996@users.noreply.github.com The new incarnation of this bug is called CVE-2017-7468 and is documented here: https://curl.haxx.se/docs/adv_20170419.html
* openssl: don't try to print nonexistant peer private keysDavid Benjamin2017-04-171-29/+3
| | | | | | | X.509 certificates carry public keys, not private keys. Fields corresponding to the private half of the key will always be NULL. Closes #1425
* openssl: fix thread-safety bugs in error-handlingDavid Benjamin2017-04-171-25/+27
| | | | | | | | | | | | | | | ERR_error_string with NULL parameter is not thread-safe. The library writes the string into some static buffer. Two threads doing this at once may clobber each other and run into problems. Switch to ERR_error_string_n which avoids this problem and is explicitly bounds-checked. Also clean up some remnants of OpenSSL 0.9.5 around here. A number of comments (fixed buffer size, explaining that ERR_error_string_n was added in a particular version) date to when ossl_strerror tried to support pre-ERR_error_string_n OpenSSLs. Closes #1424
* openssl: make SSL_ERROR_to_str more future-proofDavid Benjamin2017-04-171-16/+34
| | | | | | Rather than making assumptions about the values, use a switch-case. Closes #1424
* code: fix typos and style in commentsDaniel Gustafsson2017-04-173-9/+9
| | | | | | | A few random typos, and minor whitespace cleanups, found in comments while reading code. Closes #1423
* extern-scan.pl: strip trailing CRMarcel Raad2017-04-171-1/+3
| | | | | | | This makes test 1135 pass with CRLF checkouts. Ref: https://github.com/curl/curl/pull/1344#issuecomment-289243166 Closes https://github.com/curl/curl/pull/1422
* configure.ac: ignore CR after version numbersMarcel Raad2017-04-171-2/+2
| | | | | | | | | Ignore everything after the version numbers in LIBCURL_VERSION and LIBCURL_VERSION_NUM to ged rid of the extra CR character. This makes tests 1022 and 1023 pass on Linux with a CRLF checkout. Ref: https://github.com/curl/curl/pull/1344#issuecomment-289243166 Closes https://github.com/curl/curl/pull/1422
* .gitattributes: force shell scripts to LFMarcel Raad2017-04-172-0/+2
| | | | | | | | Bash on Linux errors out on CR characters. This makes tests 1221 and 1222 pass on Linux with a CRLF checkout. Ref: https://github.com/curl/curl/pull/1344#issuecomment-289243166 Closes https://github.com/curl/curl/pull/1422
* unit1303: fix compiler warningMarcel Raad2017-04-161-2/+2
| | | | | | | MinGW-w64 complains: warning: conversion to 'long int' from 'time_t {aka long long int}' may alter its value [-Wconversion] Fix this by using the correct type.
* RELEASE-NOTES: synced with 1451271e0Daniel Stenberg2017-04-161-6/+22
|
* http2: fix handle leak in error pathLarry Stefani2017-04-151-0/+1
| | | | | | Add missing newhandle free call in push_promise(). Closes #1416
* mbedtls: fix memory leak in error pathLarry Stefani2017-04-151-0/+1
| | | | | | Add missing our_ssl_sessionid free call in mbed_connect_step3(). Closes #1417
* curl-compilers.m4: turn implicit function declarations into errorsMarcel Raad2017-04-151-2/+5
| | | | | | | | | | | | | This adds -Werror-implicit-function-declaration for GCC 2.95+ so that these errors are visible at the point where they occur instead of only at link time. Implicit function declarations are illegal in C99 and C++ anyway, and the same warning has been turned into an error for ICC in commit 3072c5b8a127057aa922b7c51051bbb4a630b091. Ref: https://gcc.gnu.org/onlinedocs/gcc-2.95.2/gcc_2.html#SEC8 Ref: https://curl.haxx.se/mail/lib-2017-04/0001.html Closes https://github.com/curl/curl/pull/1419
* test1541: also test for CURL_PULL_WS2TCPIP_HMarcel Raad2017-04-121-2/+14
| | | | | Ref: https://github.com/curl/curl/issues/1408 Closes https://github.com/curl/curl/pull/1412
* tests/server/util: prefer <poll.h> over <sys/poll.h>Marcel Raad2017-04-121-3/+3
| | | | | | Follow-up to aa573c3c55cda72ec5ef677d87f6f46a53385f0c Ref: https://github.com/curl/curl/pull/1406
* Curl_expire_latest: ignore already expired timersDaniel Stenberg2017-04-112-4/+7
| | | | | | | | | If the existing timer is still in there but has expired, the new timer should be added. Reported-by: Rainer Canavan Bug: https://curl.haxx.se/mail/lib-2017-04/0030.html Closes #1407
* system.h: fix mingw sectionDaniel Stenberg2017-04-111-1/+14
| | | | | | Reported-by: Marcel Raad Fixes #1408 Closes #1409
* polarssl: unbreak build with versions < 1.3.8Marcel Raad2017-04-111-1/+1
| | | | | | | | ssl_session_init was only introduced in version 1.3.8, the penultimate version. The function only contains a memset, so replace it with that. Suggested-by: Jay Satiro Fixes https://github.com/curl/curl/issues/1401
* poll: prefer <poll.h> over <sys/poll.h>Marcel Raad2017-04-112-6/+6
| | | | | | | The POSIX standard location is <poll.h>. Using <sys/poll.h> results in warning spam when using the musl standard library. Closes https://github.com/curl/curl/pull/1406
* openssl: fix this statement may fall through [-Wimplicit-fallthrough=]Alexis La Goutte2017-04-101-0/+2
| | | | Closes #1402
* nss: load CA certificates even with --insecureKamil Dudka2017-04-101-2/+5
| | | | | | | | | ... because they may include an intermediate certificate for a client certificate and the intermediate certificate needs to be presented to the server, no matter if we verify the peer or not. Reported-by: thraidh Closes #851
* RELEASE-NOTES: synced with f9d1e9a27f7e1Daniel Stenberg2017-04-101-9/+30
|
* libcurl-thread.3: fixed a bad macro that caused test 1140 to failDan Fandrich2017-04-101-1/+1
|
* libcurl-thread.3: also mention threaded-resolverDaniel Stenberg2017-04-091-4/+5
| | | | | Reported-by: Alex Bligh Bug: https://curl.haxx.se/mail/lib-2017-04/0044.html
* .github/stale.yml: enable the stale botDaniel Stenberg2017-04-091-0/+17
| | | | | | | | | | | Issues and PRs with no activity for 180 days will get marked as stale, and if no further activity happens within 14 more days, the issue gets closed. This follows our established policy of not letting stalled bugs "get in the way": https://curl.haxx.se/docs/bugs.html#Closing_off_stalled_bugs Closes #1398
* CURLINFO_SCHEME.3: fix variable typeJay Satiro2017-04-081-6/+9
| | | | - Change documented param type to char ** from incorrect long *.
* INSTALL.md: fix secure transport configure argumentsMarcel Raad2017-04-081-1/+1
| | | | --without-ssl is needed instead of --with-winssl.
* vtls: fix unreferenced variable warningsMarcel Raad2017-04-082-2/+4
| | | | ... by moving the variables into the correct #ifdef block.
* BUGS: "Bugs in old versions"Daniel Stenberg2017-04-071-0/+33
|
* system.h: add section for tccDaniel Stenberg2017-04-071-0/+13
| | | | Closes #1397
View Lorry Controller Status