summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* test1173: make it also check all libcurl option man pagesbagder/expand-test1173Daniel Stenberg2019-07-167-39/+35
| | | | ... and adjust those that causes errors
* dist: add manpage-syntax.plDaniel Stenberg2019-07-151-1/+1
| | | | follow-up to 7fb66c403
* test1173: detect some basic man page format mistakesDaniel Stenberg2019-07-153-1/+90
| | | | | | Triggered by PR #4111 Closes #4113
* docs: Fix missing lines caused by undefined macrosBjarni Ingi Gislason2019-07-153-3/+3
| | | | | | | | | | | | | | | | | - Escape apostrophes at line start. Some lines begin with a "'" (apostrophe, single quote), which is then interpreted as a control character in *roff. Such lines are interpreted as being a call to a macro, and if undefined, the lines are removed from the output. Bug: https://bugs.debian.org/926352 Signed-off-by: Bjarni Ingi Gislason <bjarniig@rhi.hi.is> Submitted-by: Alessandro Ghedini Closes https://github.com/curl/curl/pull/4111
* libcurl-security.3: update to new CURLOPT_REDIR_PROTOCOLS defaultsDaniel Stenberg2019-07-141-3/+3
| | | | follow-up to 6080ea098
* libcurl: Add testcase for gopher redirectsLinos Giannopoulos2019-07-142-1/+52
| | | | | | | | | | | The testcase ensures that redirects to CURLPROTO_GOPHER won't be allowed, by default, in the future. Also, curl is being used for convenience while keeping the testcases DRY. The expected error code is CURLE_UNSUPPORTED_PROTOCOL when the client is redirected to CURLPROTO_GOPHER Signed-off-by: Linos Giannopoulos <lgian@skroutz.gr>
* libcurl: Restrict redirect schemesLinos Giannopoulos2019-07-141-3/+1
| | | | | | | | | | | | | | | | | | | | All protocols except for CURLPROTO_FILE/CURLPROTO_SMB and their TLS counterpart were allowed for redirect. This vastly broadens the exploitation surface in case of a vulnerability such as SSRF [1], where libcurl-based clients are forced to make requests to arbitrary hosts. For instance, CURLPROTO_GOPHER can be used to smuggle any TCP-based protocol by URL-encoding a payload in the URI. Gopher will open a TCP connection and send the payload. Only HTTP/HTTPS and FTP are allowed. All other protocols have to be explicitly enabled for redirects through CURLOPT_REDIR_PROTOCOLS. [1]: https://www.acunetix.com/blog/articles/server-side-request-forgery-vulnerability/ Signed-off-by: Linos Giannopoulos <lgian@skroutz.gr> Closes #4094
* openssl: define HAVE_SSL_GET_SHUTDOWN based on version numberZenju2019-07-146-27/+5
| | | | Closes #4100
* http: allow overriding timecond with custom headerPeter Simonyi2019-07-147-8/+145
| | | | | | | | | With CURLOPT_TIMECONDITION set, a header is automatically added (e.g. If-Modified-Since). Allow this to be replaced or suppressed with CURLOPT_HTTPHEADER. Fixes #4103 Closes #4109
* smb: Use the correct error code for access denied on file openJuergen Hoetzel2019-07-111-0/+2
| | | | | | | | - Return CURLE_REMOTE_ACCESS_DENIED for SMB access denied on file open. Prior to this change CURLE_REMOTE_FILE_NOT_FOUND was returned instead. Closes https://github.com/curl/curl/pull/4095
* DEPRECATE: fixup versions and spellingDaniel Gustafsson2019-07-111-3/+4
| | | | | | | Correctly set the July 17 version to 7.65.2, and update spelling to be consistent. Also fix a typo. Closes https://github.com/curl/curl/pull/4107
* system_win32: fix clang warningGisle Vanem2019-07-111-1/+1
| | | | | | - Declare variable in header as extern. Bug: https://github.com/curl/curl/commit/48b9ea4#commitcomment-34084597
* headers: Remove no longer exported functionsDaniel Gustafsson2019-07-1011-37/+6
| | | | | | | | | | | | | | | | | | | | There were a leftover few prototypes of Curl_ functions that we used to export but no longer do, this removes those prototypes and cleans up any comments still referring to them. Curl_write32_le(), Curl_strcpy_url(), Curl_strlen_url(), Curl_up_free() Curl_concat_url(), Curl_detach_connnection(), Curl_http_setup_conn() were made static in 05b100aee247bb9bec8e9a1b0166496aa4248d1c. Curl_http_perhapsrewind() made static in 574aecee208f79d391f10d57520b3. For the remainder, I didn't trawl the Git logs hard enough to capture their exact time of deletion, but they were all gone: Curl_splayprint(), Curl_http2_send_request(), Curl_global_host_cache_dtor(), Curl_scan_cache_used(), Curl_hostcache_destroy(), Curl_second_connect(), Curl_http_auth_stage() and Curl_close_connections(). Closes #4096 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
* CMake: fix typos and spellingDaniel Gustafsson2019-07-092-3/+3
|
* CMake: Convert errant elseif() to else()Kyle Edwards2019-07-091-1/+1
| | | | | | | | | | | CMake interprets an elseif() with no arguments as elseif(FALSE), resulting in the elseif() block not being executed. That is not what was intended here. Change the empty elseif() to an else() as it was intended. Closes #4101 Reported-by: Artalus <artalus-mail@yandex.ru> Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
* buildconf: fix header filenameDaniel Gustafsson2019-07-091-1/+1
| | | | | | | | The header file inclusion had a typo, it should be .h and not .hd. Fix by renaming. Fixes #4102 Reported-by: AceCrow on Github
* configure: fix --disable-code-coverageJan Chren2019-07-091-2/+1
| | | | | | | | This fixes the case when --disable-code-coverage supplied to ./configure would result in coverage="yes" being set. Closes #4099 Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
* cleanup: fix typo in commentDaniel Gustafsson2019-07-081-1/+1
|
* RELEASE-NOTES: syncedDaniel Gustafsson2019-07-081-6/+31
|
* nss: support using libnss on macOSDaniel Gustafsson2019-07-061-1/+4
| | | | | | | | The file suffix for dynamically loadable objects on macOS is .dylib, which need to be added for the module definitions in order to get the NSS TLS backend to work properly on macOS. Closes https://github.com/curl/curl/pull/4046
* nss: don't set unused parameterDaniel Gustafsson2019-07-061-1/+1
| | | | | | | | | | | The value of the maxPTDs parameter to PR_Init() has since at least NSPR 2.1, which was released sometime in 1998, been marked ignored as is accordingly not used in the initialization code. Setting it to a value when calling PR_Init() is thus benign, but indicates an intent which may be misleading. Reset the value to zero to improve clarity. Closes https://github.com/curl/curl/pull/4054
* nss: only cache valid CRL entriesDaniel Gustafsson2019-07-061-6/+8
| | | | | | | | | Change the logic around such that we only keep CRLs that NSS actually ended up caching around for later deletion. If CERT_CacheCRL() fails then there is little point in delaying the freeing of the CRL as it is not used. Closes https://github.com/curl/curl/pull/4053
* lib: Use UTF-8 encoding in commentsGergely Nagy2019-07-064-5/+5
| | | | | | | | | | Some editors and IDEs assume that source files use UTF-8 file encodings. It also fixes the build with MSVC when /utf-8 command line option is used (this option is mandatory for some other open-source projects, this is useful when using the same options is desired for building all libraries of a project). Closes https://github.com/curl/curl/pull/4087
* CURLOPT_HEADEROPT.3: Fix exampleCaleb Raitto2019-07-061-0/+2
| | | | | | | Fix an issue where example builds a curl_slist, but fails to actually use it, or free it. Closes https://github.com/curl/curl/pull/4090
* winbuild: Change Makefile to honor ENABLE_OPENSSL_AUTO_LOAD_CONFIGShankar Jadhavar2019-07-061-3/+9
| | | | | | | | | | | | - Made changes so that ENABLE_OPENSSL_AUTO_LOAD_CONFIG will be honored. - Also removed some ^M chars from file. Prior to this change while building on Windows platform even if we pass the ENABLE_OPENSSL_AUTO_LOAD_CONFIG option with value as "no" it does not set the CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG flag. Closes https://github.com/curl/curl/pull/4086
* doh-url.d: added in 7.62.0Daniel Stenberg2019-07-041-0/+1
|
* docs: Fix links to OpenSSL docsJay Satiro2019-06-303-7/+6
| | | | | | | | OpenSSL changed their manual locations and does not redirect to the new locations. Bug: https://curl.haxx.se/mail/lib-2019-06/0056.html Reported-by: Daniel Stenberg
* curl_multi_wait.3: escape backslash in exampleGaël PORTAY2019-06-261-1/+1
| | | | | | | | | | | | | | The backslash in the character Line Feed must be escaped. The current man-page outputs the code as following: fprintf(stderr, "curl_multi failed, code %d.0, mc); The commit fixes it as follow: fprintf(stderr, "curl_multi failed, code %d\n", mc); Closes #4079
* openssl: disable engine if OPENSSL_NO_UI_CONSOLE is definedDaniel Stenberg2019-06-261-1/+1
| | | | | | | | | | ... since that needs UI_OpenSSL() which isn't provided when OpenSSL is built with OPENSSL_NO_UI_CONSOLE which happens when OpenSSL is built for UWP (with "VC-WIN32-UWP"). Reported-by: Vasily Lobaskin Fixes #4073 Closes #4077
* test1521: adapt to SLISTPOINTDaniel Stenberg2019-06-251-12/+4
| | | | | | | | | The header now has the slist-using options marked as SLISTPOINT so this makes sure test 1521 understands that. Follow-up to ae99b4de1c443ae989 Closes #4074
* win32: make DLL loading a no-op for UWPDaniel Stenberg2019-06-251-1/+6
| | | | | | Reported-by: Michael Brehm Fixes #4060 Closes #4072
* configure: fix typo '--disable-http-uath'1ocalhost2019-06-251-1/+1
| | | | Closes #4076
* docs: fix string suggesting HTTP/2 is not the defaultNiklas Hambüchen2019-06-251-3/+1
| | | | | | | | | | Commit 25fd1057c9c86e3 made HTTP2 the default, and further down in the man page that new default is mentioned, but the section at the top contradicted it until now. Also remove claim that setting the HTTP version is not sensible. Closes #4075
* RELEASE-NOTES: syncedDaniel Stenberg2019-06-251-5/+18
|
* tests: update fixed IP for hostip/clientip splitStephan Szabo2019-06-254-8/+8
| | | | | | | These tests give differences for me on linux when using a hostip pointing to the external ip address for the local machine. Closes #4070
* http: clarify header buffer size calculationDaniel Gustafsson2019-06-241-0/+3
| | | | | | | | | | | The header buffer size calculation can from static analysis seem to overlow as it performs an addition between two size_t variables and stores the result in a size_t variable. Overflow is however guarded against elsewhere since the input to the addition is regulated by the maximum read buffer size. Clarify this with a comment since the question was asked. Reviewed-by: Daniel Stenberg <daniel@haxx.se>
* KNOWN_BUGS: Don't clear digest for single realmDaniel Stenberg2019-06-241-0/+5
| | | | Closes #3267
* KNOWN_BUGS: Schannel disable CURLOPT_SSL_VERIFYPEER and verify hostnameDaniel Stenberg2019-06-241-0/+6
| | | | Closes #3284
* http2: call done_sending on end of uploadDaniel Stenberg2019-06-244-6/+15
| | | | | | | | | To make sure a HTTP/2 stream registers the end of stream. Bug #4043 made me find this problem but this fix doesn't correct the reported issue. Closes #4068
* c-ares: honor port numbers in CURLOPT_DNS_SERVERSJames Brown2019-06-241-0/+4
| | | | | | | By using ares_set_servers_ports_csv on new enough c-ares. Fixes #4066 Closes #4067
* CURLMOPT_SOCKETFUNCTION.3: fix typoDaniel Gustafsson2019-06-241-1/+1
|
* curl: skip CURLOPT_PROXY_CAPATH for disabled-proxy buildsKoen Dergent2019-06-241-1/+2
| | | | Closes #4061
* test153: fix content-length to avoid occasional hangDaniel Stenberg2019-06-241-2/+2
| | | | Closes #4065
* RELEASE-NOTES: syncedDaniel Stenberg2019-06-241-4/+43
|
* multi: enable multiplexing by default (again)Daniel Stenberg2019-06-231-0/+2
| | | | | | | It was originally made default in d7c4213bd0c (7.62.0) but mistakenly reverted in commit 2f44e94efb3d (7.65.0). Now enabled again. Closes #4051
* typecheck: add 3 missing strings and a callback data pointerDaniel Stenberg2019-06-221-2/+5
| | | | Closes #4050
* tests: add disable-scan.pl to distDaniel Stenberg2019-06-211-1/+1
| | | | | | follow-up from 29177f422a5 Closes #4059
* http2: don't call stream-close on already closed streamsDaniel Stenberg2019-06-211-4/+3
| | | | Closes #4055
* travis: enable alt-svc for coverage buildMarcel Raad2019-06-201-1/+1
| | | | Closes
* travis: enable libssh2 for coverage buildMarcel Raad2019-06-201-2/+3
| | | | | | | | | It was enabled by default before commit c92d2e14cfb. Disable torture tests 600 and 601 because of https://github.com/curl/curl/issues/1678. Closes
View Lorry Controller Status