summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* vtls: fix addsessionid for non-proxy buildsbagder/noproxy-fixDaniel Stenberg2021-03-291-1/+0
| | | | Follow-up to b09c8ee15771c61
* cmake: support WinIDNLi Xinwei2021-03-292-1/+15
| | | | Closes #6807
* transfer: clear 'referer' in declarationDaniel Stenberg2021-03-291-2/+2
| | | | | | | | | To silence (false positive) compiler warnings about it. Follow-up to 7214288898f5625 Reviewed-by: Marcel Raad Closes #6810
* config: fix SSPI enabling NTLM if crypto auth is disabledMarc Hoersken2021-03-292-15/+19
| | | | | | | | | | | Avoid enabling NTLM feature based upon Windows SSPI being enabled in case that crypto auth is disabled. Reported-by: Marcel Raad Follow-up to #6277 Fixes #6803 Closes #6808
* HISTORY: add two 2021 eventsDaniel Stenberg2021-03-291-2/+8
|
* vtls: add 'isproxy' argument to Curl_ssl_get/addsessionid()Daniel Stenberg2021-03-2810-44/+103
| | | | | | | | | To make sure we set and extract the correct session. Reported-by: Mingtao Yang Bug: https://curl.se/docs/CVE-2021-22890.html CVE-2021-22890
* transfer: strip credentials from the auto-referer header fieldViktor Szakats2021-03-283-3/+90
| | | | | | | | Added test 2081 to verify. CVE-2021-22876 Bug: https://curl.se/docs/CVE-2021-22876.html
* curl_sasl: fix compiler error with --disable-crypto-authDaniel Stenberg2021-03-281-2/+1
| | | | | | ... if libgsasl was found. Closes #6806
* ldap: only set the callback ptr for TLS context when TLS is usedPatrick Monnerat2021-03-281-4/+5
| | | | | | Follow-up to a5eee22e594c2460f Fixes #6804 Closes #6805
* copyright: update copyright year ranges to 2021Daniel Stenberg2021-03-2735-35/+36
| | | | | Reviewed-by: Emil Engler Closes #6802
* send_speed: simplify the checks for if a speed limit is setDaniel Stenberg2021-03-273-7/+7
| | | | | ... as we know the value cannot be set to negative: enforced by setopt()
* http: cap body data amount during send speed limitingDaniel Stenberg2021-03-272-11/+40
| | | | | | | | | By making sure never to send off more than the allowed number of bytes per second the speed limit logic is given more room to actually work. Reported-by: Fabian Keil Bug: https://curl.se/mail/lib-2021-03/0042.html Closes #6797
* urldata: merge "struct DynamicStatic" into "struct UrlState"Daniel Stenberg2021-03-2616-141/+127
| | | | | | | | Both were used for the same purposes and there was no logical separation between them. Combined, this also saves 16 bytes in less holes in my test build. Closes #6798
* tests/README.md: mentioned that en_US.UTF-8 is requiredDaniel Stenberg2021-03-261-0/+1
| | | | | Reported-by: Oumph on github Fixes #6768
* HISTORY: fixed the Mac OS X 10.1 release dateDaniel Stenberg2021-03-261-5/+7
| | | | Based on what Wikipedia says
* examples: Remove threaded-shared-conn.c due to bugJay Satiro2021-03-262-157/+0
| | | | | | | | | | Known bug 11.11 is the shared object's connection cache is not thread safe, so we should not have an example for it. Ref: https://github.com/curl/curl/issues/4915 Ref: https://curl.se/docs/knownbugs.html#A_shared_connection_cache_is_not Closes https://github.com/curl/curl/pull/6795
* KNOWN_BUGS: Update 11.9 - DoH option inheritanceJay Satiro2021-03-261-1/+11
| | | | | | | | | | | | | | | | | | | - Add description: Explain that some options aren't inherited because they are not relevant for the DoH SSL connections or may result in unexpected behavior. - Remove the reference to #4578 (SSL verify options not inherited) since that was fixed by #6597 (separate DoH-specific options for verify). - Explain that DoH-specific options (those created by #6597) are available: CURLOPT_DOH_SSL_VERIFYHOST, CURLOPT_DOH_SSL_VERIFYPEER and CURLOPT_DOH_SSL_VERIFYSTATUS. - Add a reference to #6605 and explain that the user's debug function is not inherited because it would be unexpected to pass internal handles (ie DoH handles) to the user's callback. Closes https://github.com/curl/curl/issues/6605
* curl_easy_setopt.3: add curl_easy_option* functions to SEE ALSODaniel Stenberg2021-03-261-1/+3
|
* openssl: ensure to check SSL_CTX_set_alpn_protos return valuesJean-Philippe Menil2021-03-251-1/+4
| | | | | | | | SSL_CTX_set_alpn_protos() return 0 on success, and non-0 on failure Signed-off-by: Jean-Philippe Menil <jpmenil@gmail.com> Closes #6794
* multi: close the connection when h2=>h1 downgradingDaniel Stenberg2021-03-251-0/+1
| | | | | | | | | | Otherwise libcurl is likely to reuse the connection again in the next attempt since the connection reuse logic doesn't take downgrades into account. Reported-by: Anthony Ramine Fixes #6788 Closes #6793
* openssl: set the transfer pointer for logging earlyDaniel Stenberg2021-03-251-0/+1
| | | | | | | | | | | Otherwise, the transfer will be NULL in the trace function when the early handshake details arrive and then curl won't show them. Regresssion in 7.75.0 Reported-by: David Hu Fixes #6783 Closes #6792
* RELEASE-NOTES: syncedDaniel Stenberg2021-03-251-10/+25
|
* TODO: Custom progress meter update intervalDaniel Stenberg2021-03-251-0/+7
| | | | Ref: https://stackoverflow.com/q/66789977/93747
* docs/ABI: tighten up the languageDaniel Stenberg2021-03-241-9/+8
| | | | | | Make the promises more firm Closes #6786
* openldap: disconnect betterDaniel Stenberg2021-03-241-1/+1
| | | | | | | | | Instead of clearing the callback argument in disconnect, set it to the (new) transfer to make sure the correct data is passed to the callbacks. Follow-up to e467ea3bd937f38 Assisted-by: Patrick Monnerat Closes #6787
* libssh2: kdb_callback: get the right struct pointerDaniel Stenberg2021-03-231-2/+2
| | | | | | | | | | | | After the recent conn/data refactor in this source file, this function was mistakenly still getting the old struct pointer which would lead to crash on servers with keyboard-interactive auth enabled. Follow-up to a304051620b92e12b (shipped in 7.75.0) Reported-by: Christian Schmitz Fixes #6691 Closes #6782
* tftp: remove unused struct fieldsDaniel Stenberg2021-03-231-7/+0
| | | | | | Follow-up to d3d90ad9c00530d Closes #6781
* openldap: avoid NULL pointer dereferencesDaniel Stenberg2021-03-231-15/+25
| | | | | | | Follow-up to a59c33ceffb8f78 Reported-by: Patrick Monnerat Fixes #6676 Closes #6780
* http: strip default port from URL sent to proxyDaniel Stenberg2021-03-232-2/+2
| | | | | | | | | | To make sure the Host: header and the URL provide the same authority portion when sent to the proxy, strip the default port number from the URL if one was provided. Reported-by: Michael Brown Fixes #6769 Closes #6778
* azure: disable test 433 on azure-ubuntuDaniel Stenberg2021-03-231-2/+2
| | | | | | | | | Something in that environment sets XDG_CONFIG_HOME for us in a way that breaks the test. Reported-by: Marc Hörsken Fixes #6739 Closes #6777
* tftp: remove the 3600 second default timeoutDaniel Stenberg2021-03-221-38/+22
| | | | | | | | ... it was never meant to be there. Reported-by: Tomas Berger Fixes #6774 Closes #6776
* docs: make gen.pl support *italic* and **bold**Daniel Stenberg2021-03-2221-41/+53
| | | | | | | Remove some nroffisms from the cmdline doc files to simplify editing, and instead support this markdown style. Closes #6771
* ngtcp2: sync with recent API updatesDaniel Stenberg2021-03-221-2/+4
| | | | Closes #6770
* RELEASE-NOTES: syncedDaniel Stenberg2021-03-211-12/+26
|
* libssh2:ssh_connect: clear session pointer after freeDaniel Stenberg2021-03-211-0/+1
| | | | | | | | | If libssh2_knownhost_init() returns NULL, like in an OOM situation, the ssh session was freed but the pointer wasn't cleared which made libcurl later call libssh2 to cleanup using the stale pointer. Fixes #6764 Closes #6766
* docs: document version of crustls dependencyJacob Hoffman-Andrews2021-03-215-3/+36
| | | | | | | | | | | | | This also pins a specific release in the Travis test so future API-breaking changins in crustls won't break curl builds. Add RUSTLS documentation to release tarball. Enable running tests for rustls, minus FTP tests (require connect_blocking, which rustls doesn't implement) and 313 (requires CRL handling). Closes #6763
* rustls: Handle close_notify.Jacob Hoffman-Andrews2021-03-211-2/+6
| | | | | | | | If we get a close_notify, treat that as EOF. If we get an EOF from the TCP stream, treat that as an error (because we should have ended the connection earlier, when we got a close_notify). Closes #6763
* docs: clarify timeouts for queued transfers in multi APIDaniel Stenberg2021-03-192-3/+21
| | | | Closes #6758
* ftpserver: only load the preprocessed test fileDaniel Stenberg2021-03-191-12/+6
| | | | | | We always preprocess and tests are no longer sensible to load "raw" Closes #6738
* tests: use %TESTNUMBER instead of fixed numberDaniel Stenberg2021-03-191292-4389/+4386
| | | | | | | This makes the tests easier to copy and relocate to other test numbers without having to update content. Closes #6738
* KNOWN_BUGS: CURLOPT_OPENSOCKETPAIRFUNCTION is missingDaniel Stenberg2021-03-181-0/+10
| | | | Closes #5747
* TODO: provide timing info for each redirectDaniel Stenberg2021-03-181-0/+10
| | | | Closes #6743
* docs: Add SSL backend names to CURL_SSL_BACKENDJay Satiro2021-03-172-3/+9
| | | | | | | | | | | - Document the names that can be used with CURL_SSL_BACKEND: bearssl, gnutls, gskit, mbedtls, mesalink, nss, openssl, rustls, schannel, secure-transport, wolfssl Ref: https://github.com/curl/curl/issues/2209#issuecomment-360623286 Ref: https://github.com/curl/curl/issues/6717#issuecomment-800745201 Closes https://github.com/curl/curl/pull/6755
* docs: Explain DOH transfers inherit some SSL settingsJay Satiro2021-03-174-1/+24
| | | | | | | | | | | - Document in DOH that some SSL settings are inherited but DOH hostname and peer verification are not and are controlled separately. - Document that CURLOPT_SSL_CTX_FUNCTION is inherited by DOH handles but we're considering changing behavior to no longer inherit it. Request feedback. Closes https://github.com/curl/curl/pull/6688
* http: make 416 not fail with resume + CURLOPT_FAILONERRRORDaniel Stenberg2021-03-175-21/+110
| | | | | | | | | | | | | When asked to resume a download, libcurl will convert that to HTTP logic and if then the entire file is already transferred it will result in a 416 response from the HTTP server. With CURLOPT_FAILONERRROR set in that scenario, it should *not* lead to an error return. Updated test 1156, added test 1273 Reported-by: Jonathan Watt Fixes #6740 Closes #6753
* Curl_timeleft: check both timeouts during connectbagder/timeleftDaniel Stenberg2021-03-171-40/+38
| | | | | | | | | | | | | | | | | | | The duration of a connect and the total transfer are calculated from two different time-stamps. It can end up with the total timeout triggering before the connect timeout expires and we should make sure to acknowledge whichever timeout that is reached first. This is especially notable when a transfer first sits in PENDING, as that time is counted in the total time but the connect timeout is based on the time since the handle changed to the CONNECT state. The CONNECTTIMEOUT is per connect attempt. The TIMEOUT is for the entire operation. Fixes #6744 Closes #6745 Reported-by: Andrei Bica Assisted-by: Jay Satiro
* configure: remove use of deprecated macrosDaniel Stenberg2021-03-163-13/+1
| | | | AC_HEADER_TIME, AC_HEADER_STDC and AC_TYPE_SIGNAL
* configure: make AC_TRY_* into AC_*_IFELSEDaniel Stenberg2021-03-161-28/+33
| | | | ... as the former versions are deprecated.
* configure: s/AC_HELP_STRING/AS_HELP_STRINGDaniel Stenberg2021-03-164-182/+182
| | | | | | | | | AC_HELP_STRING is deprecated in 2.70+ and I believe AS_HELP_STRING works already since 2.59 so bump the minimum required version to that. Reported-by: Emil Engler Fixes #6647 Closes #6748
* RELEASE-NOTES: syncedDaniel Stenberg2021-03-161-7/+35
|
View Lorry Controller Status