summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* non-ascii: fix build errors from strerror fixbagder/iconv-strerrorDaniel Stenberg2021-09-101-2/+3
| | | | Follow-up to 2f0bb864c12
* docs: the security list is reached at security at curl.se nowDaniel Stenberg2021-09-102-5/+9
| | | | | | | Also update the FAQ section a bit to encourage users to rather submit security issues on hackerone than sending email. Closes #7689
* runtests: add option -u to error on server unexpectedly aliveMarc Hoersken2021-09-095-30/+102
| | | | | | | | | | | | | | | Let's try to actually handle the server unexpectedly alive case by first making them visible on CI builds as failures. This is needed to detect issues with killing of the test servers completely including nested process chains with multiple PIDs per test server (including bash and perl). On Windows/cygwin platforms this is especially helpful with debugging PID mixups due to cygwin using its own PID space. Reviewed-by: Daniel Stenberg Closes #7180
* opts docs: unify phrasing in NAME headerDaniel Stenberg2021-09-09134-246/+246
| | | | | | | | | | | | | - avoid writing "set ..." or "enable/disable ..." or "specify ..." *All* options for curl_easy_setopt() are about setting or enabling things and most of the existing options didn't use that way of description. - start with lowercase letter, unless abbreviation. For consistency. - Some additional touch-ups Closes #7688
* strerror.h: remove the #include from files not using itDaniel Stenberg2021-09-0912-13/+1
|
* lib: don't use strerror()Daniel Stenberg2021-09-098-22/+71
| | | | | | | | | | We have and provide Curl_strerror() internally for a reason: strerror() is not necessarily thread-safe so we should always try to avoid it. Extended checksrc to warn for this, but feature the check disabled by default and only enable it in lib/ Closes #7685
* cirrus: Add FreeBSD 13.0 job and disable sanitizer buildDaniel Gustafsson2021-09-081-9/+11
| | | | | | | | | | | | | As alluded to the in the now removed comment, a 13.0 image became available and is now ready to be used. The sanitizer builds were running on the 12.1 image which since has been removed from the config, leaving the builds not running at all. When enabled it turns out that they don't actually work due to very long timeouts in executing the tests, so keep the disabled for now but a bit more controlled. Closes #7592
* copyrights: update copyright year rangesDaniel Stenberg2021-09-089-9/+9
|
* RELEASE-NOTES: syncedDaniel Stenberg2021-09-081-11/+28
|
* INTERNALS: c-ares has a new home: c-ares.orgDaniel Stenberg2021-09-071-1/+1
|
* docs: remove experimental mentions from HSTS and MQTTDaniel Stenberg2021-09-077-38/+8
| | | | | | Reported-by: Jonathan Cardoso Bug: https://github.com/curl/curl/pull/6700#issuecomment-913792863 Closes #7681
* curl: add warning for incompatible parameters usageCao ZhenXiang2021-09-061-10/+13
| | | | | | --continue-at - and --remote-header-name are known incompatible parameters Closes #7674
* examples/*hiperfifo.c: fix calloc arguments to match function protogit-bruh2021-09-063-3/+3
| | | | Closes #7678
* INTERNALS: bump c-ares requirement to 1.16.0Daniel Stenberg2021-09-061-1/+1
| | | | Since ba904db0705c93 we use ares_getaddrinfo, added in c-ares 1.16.0
* curl: stop retry if Retry-After: is longer than allowedDaniel Stenberg2021-09-063-1/+66
| | | | | | | | | | | If Retry-After: specifies a period that is longer than what fits within --retry-max-time, then stop retrying immediately. Added test 366 to verify. Reported-by: Kari Pahula Fixes #7675 Closes #7676
* mbedtls: avoid using a large buffer on the stackMAntoniak2021-09-061-13/+17
| | | | | | | | | Use dynamic memory allocation for the buffer used in checking "pinned public key". The PUB_DER_MAX_BYTES parameter with default settings is set to a value greater than 2kB. Co-authored-by: Daniel Stenberg Closes #7586
* configure: make --disable-hsts workDaniel Stenberg2021-09-051-7/+7
| | | | | | | | | | | | The AC_ARG_ENABLE() macro itself uses a variable called 'enable_[option]', so when our script also used a variable with that name for the purpose of storing what the user wants, it also accidentally made it impossible to switch off the feature with --disable-hsts. Fix this by renaming our variable. Reported-by: Michał Antoniak Fixes #7669 Closes #7672
* config.d: note that curlrc is used even when --configJay Satiro2021-09-051-2/+2
| | | | | | | Bug: https://github.com/curl/curl/pull/7666#issuecomment-912214751 Reported-by: Viktor Szakats Closes https://github.com/curl/curl/pull/7667
* RELEASE-NOTES: syncedDaniel Stenberg2021-09-041-7/+33
|
* test1173: check references to libcurl optionsDaniel Stenberg2021-09-042-17/+65
| | | | | | | ... that they refer to actual existing libcurl options. Reviewed-by: Daniel Gustafsson Closes #7656
* CURLOPT_UNIX_SOCKET_PATH.3: remove nginx reference, add see alsoDaniel Stenberg2021-09-041-4/+5
| | | | Closes #7656
* opt-docs: verify man page sections + orderDaniel Stenberg2021-09-0416-59/+149
| | | | | | | | | | | | | | | | | | | | In every libcurl option man page there are now 8 mandatory sections that must use the right name in the correct order and test 1173 verifies this. Only 14 man pages needed adjustments. The sections and the order is as follows: - NAME - SYNOPSIS - DESCRIPTION - PROTOCOLS - EXAMPLE - AVAILABILITY - RETURN VALUE - SEE ALSO Reviewed-by: Daniel Gustafsson Closes #7656
* opt-docs: make sure all man pages have examplesDaniel Stenberg2021-09-0411-16/+237
| | | | | | | | | Extended manpage-syntax.pl (run by test 1173) to check that every man page for a libcurl option has an EXAMPLE section that is more than two lines. Then fixed all errors it found and added examples. Reviewed-by: Daniel Gustafsson Closes #7656
* get.d: provide more useful examplesDaniel Stenberg2021-09-041-0/+2
| | | | Closes #7668
* page-header: add GOPHERS, simplify wording in the 1st paraDaniel Stenberg2021-09-031-6/+5
| | | | Closes #7665
* connect: get local port + ip also when reusing connectionsDaniel Stenberg2021-09-023-4/+74
| | | | | | | | | | | | Regression. In d6a37c23a3c (7.75.0) we removed the duplicated storage (connection + easy handle), so this info needs be extracted again even for re-used connections. Add test 435 to verify Reported-by: Max Dymond Fixes #7660 Closes #7662
* multi: fix compiler warning with `CURL_DISABLE_WAKEUP`Marcel Raad2021-09-021-0/+3
| | | | | | `use_wakeup` is unused in this case. Closes https://github.com/curl/curl/pull/7661
* tests: adjust the tftpd output to work with hyper modeDaniel Stenberg2021-09-0120-126/+123
| | | | | | | | | | By making them look less like http headers, the hyper mode "tweak" doesn't interfere. Enable test 2002 and 2003 in hyper builds (and 1280 which is unrelated but should be enabled). Closes #7658
* openssl: annotate SSL3_MT_SUPPLEMENTAL_DATAGisle Vanem2021-09-011-0/+4
| | | | | | | | | | | | | | This adds support for the previously unhandled supplemental data which in -v output was printed like: TLSv1.2 (IN), TLS header, Unknown (23): These will now be printed with proper annotation: TLSv1.2 (OUT), TLS header, Supplemental data (23): Closes #7652 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
* curl.1: provide examples for each optionDaniel Stenberg2021-09-01245-53/+348
| | | | | | | | | | | The file format for each option now features a "Example:" header that can provide one or more examples that get rendered appropriately in the output. All options MUST have at least one example or gen.pl complains at build-time. This fix also does a few other minor format and consistency cleanups. Closes #7654
* progress: make trspeed avoid floatsDaniel Stenberg2021-09-011-1/+6
| | | | | | | | and compiler warnings for data conversions. Reported-by: Michał Antoniak Fixes #7645 Closes #7653
* test365: verify response with chunked AND Content-Length headersDaniel Stenberg2021-08-312-1/+66
|
* http: ignore content-length if any transfer-encoding is usedDaniel Stenberg2021-08-3110-71/+80
| | | | | Fixes #7643 Closes #7649
* RELEASE-NOTES: syncedDaniel Stenberg2021-08-311-7/+25
|
* Revert "http2: skip immediate parsing of payload following protocol switch"Daniel Stenberg2021-08-301-9/+2
| | | | | | | | This reverts commit 455a63c66f188598275e87d32de2c4e8e26b80cb. Reported-by: Tk Xiong Fixes #7633 Closes #7648
* KNOWN_BUGS: HTTP/3 doesn't support client certsDaniel Stenberg2021-08-301-0/+7
| | | | Closes #7625
* mailing lists: move from cool.haxx.se to lists.haxx.seDaniel Stenberg2021-08-305-10/+7
|
* http_proxy: only wait for writable socket while sending requestDaniel Stenberg2021-08-271-1/+1
| | | | | | | | | | | | | Otherwise it would wait socket writability even after the entire CONNECT request has sent and make curl basically busy-loop while waiting for a response to come back. The previous fix attempt in #7484 (c27a70a591a4) was inadequate. Reported-by: zloi-user on github Reported-by: Oleguer Llopart Fixes #7589 Closes #7647
* http: disallow >3-digit response codesDaniel Stenberg2021-08-264-30/+41
| | | | | | | | | | Make the built-in HTTP parser behave similar to hyper and reject any HTTP response using more than 3 digits for the response code. Updated test 1432 accordingly. Enabled test 1432 in the hyper builds. Closes #7641
* ngtcp2: stop buffering crypto dataTatsuhiro Tsujikawa2021-08-262-30/+1
| | | | | | | Stop buffering crypto data because libngtcp2 now buffers submitted crypto data. Closes #7637
* test1280: CRLFify the response to please hyperDaniel Stenberg2021-08-261-5/+5
| | | | Closes #7639
* tests: enable test 1129 for hyper buildsDaniel Stenberg2021-08-261-1/+0
| | | | Closes #7638
* curl: better error message when -O fails to get a good nameDaniel Stenberg2021-08-261-1/+4
| | | | | | | | | | Due to how this currently works internally, it needs a working initial file name to store contents in, so it may still fail even with -J is used (and thus accepting a name from content-disposition:) if the file name part of the URL isn't "good enough". Fixes #7628 Closes #7635
* curl_easy_setopt: tweak the string copy wordingDaniel Stenberg2021-08-261-5/+5
| | | | | | Reported-by: Yaobin Wen Fixes #7632 Closes #7634
* RELEASE-NOTES: syncedDaniel Stenberg2021-08-252-11/+51
|
* cmake: sync CURL_DISABLE optionsDon2021-08-253-69/+117
| | | | | | | | | | | | Adds the full listing of CURL_DISABLE options to the CMake build. Moves all option code, except for CURL_DISABLE_OPENSSL_AUTO_LOA_CONFIG which resides near OpenSSL configuration, to the same block of code. Also sorts the options here and in the cmake config header. Additionally sorted the CURL-DISABLE listing and fixed the CURL_DISABLE_POP3 option. Closes #7624
* KNOWN_BUGS: FTPS upload data loss with TLS 1.3Jay Satiro2021-08-251-0/+18
| | | | | | | Bug: https://github.com/curl/curl/issues/6149 Reported-by: Bylon2@users.noreply.github.com Closes https://github.com/curl/curl/pull/7623
* cmake: avoid poll() on macOSDaniel Stenberg2021-08-241-0/+4
| | | | | | | | | ... like we do in configure builds. Since poll() on macOS is not reliable enough. Reported-by: marc-groundctl Fixes #7595 Closes #7619
* c-hyper: handle HTTP/1.1 => HTTP/1.0 downgrade on reused connectionDaniel Stenberg2021-08-234-7/+11
| | | | | | Enable test 1074 Closes #7617
* c-hyper: deal with Expect: 100-continue combined with POSTFIELDSDaniel Stenberg2021-08-232-5/+11
| | | | | | Enable test 1130 and 1131 Closes #7616
View Lorry Controller Status