summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* vtls: compare blobs when finding a connection to reusebagder/ssl-compare-blobsDaniel Stenberg2020-06-283-1/+46
| | | | | | Reported-by: Gergely Nagy Fixes #5617 Closes #5619
* RELEASE-NOTES: syncedDaniel Stenberg2020-06-281-3/+28
|
* terminology: call them null-terminated stringsDaniel Stenberg2020-06-28107-139/+139
| | | | | | | | | | | Updated terminology in docs, comments and phrases to refer to C strings as "null-terminated". Done to unify with how most other C oriented docs refer of them and what users in general seem to prefer (based on a single highly unscientific poll on twitter). Reported-by: coinhubs on github Fixes #5598 Closes #5608
* http: fix proxy auth with blank passwordDaniel Stenberg2020-06-283-2/+62
| | | | | | | | | | Regression in 7.71.0 Added test case 346 to verify. Reported-by: Kristoffer Gleditsch Fixes #5613 Closes #5616
* .dcignore: ignore tests and docs directoriesDaniel Stenberg2020-06-271-0/+3
| | | | This is a config file for deepcode.ai, a static code analyzer.
* tool_cb_hdr: Fix etag warning output and return codeJay Satiro2020-06-261-4/+4
| | | | | | | | | | - Return 'failure' on failure, to follow the existing style. - Put Warning: and the warning message on the same line. Ref: https://github.com/curl/curl/issues/5610 Closes https://github.com/curl/curl/pull/5612
* CURLOPT_READFUNCTION.3: provide the upload data size up frontDaniel Stenberg2020-06-261-1/+6
| | | | | Assisted-by: Jay Satiro Closes #5607
* test1539: do a HTTP 1.0 POST without a set size (fails)Daniel Stenberg2020-06-264-8/+58
| | | | | | | Attempt to reproduce #5593. Test case 1514 is very similar but uses HTTP/1.1 and thus switches to chunked. Closes #5595
* mbedtls: fix build with disabled proxy supportBaruch Siach2020-06-261-0/+10
| | | | | | | | | Don't reference fields that do not exist. Fixes build failure: vtls/mbedtls.c: In function 'mbed_connect_step1': vtls/mbedtls.c:249:54: error: 'struct connectdata' has no member named 'http_proxy' Closes #5615
* codeql-analysis.yml: fix the 'languages' settingDaniel Stenberg2020-06-261-2/+3
| | | | It needs a 'with:' in front of it.
* gtihub: codeql-analysis.ymlDaniel Stenberg2020-06-261-0/+49
| | | enables code security scanning with github actions
* tests: verify newline in username and password for HTTPDaniel Stenberg2020-06-255-2/+178
| | | | | | test 1296 is a simply command line test test 1910 is a libcurl test including a redirect
* url: allow user + password to contain "control codes" for HTTP(S)Daniel Stenberg2020-06-253-12/+25
| | | | | | Reported-by: Jon Johnson Jr Fixes #5582 Closes #5592
* escape: make the URL decode able to reject only %00 bytesDaniel Stenberg2020-06-2516-34/+60
| | | | | | ... or all "control codes" or nothing. Assisted-by: Nicolas Sterchele
* http2: set the correct URL in pushed transfersDaniel Stenberg2020-06-251-0/+44
| | | | | | | | | ...previously CURLINFO_EFFECTIVE_URL would report the URL of the original "mother transfer", not the actually pushed resource. Reported-by: Jonathan Cardoso Machado Fixes #5589 Closes #5591
* openssl: Fix compilation on Windows when ngtcp2 is enabledJavier Blazquez2020-06-251-4/+5
| | | | | | | - Include wincrypt before OpenSSL includes so that the latter can properly handle any conflicts between the two. Closes https://github.com/curl/curl/pull/5606
* test543: extended to verify zero length inputDaniel Stenberg2020-06-252-2/+14
| | | | As was reported in #5601
* escape: zero length input should return a zero length outputDaniel Stenberg2020-06-251-0/+3
| | | | | | | | Regression added in 7.71.0. Fixes #5601 Reported-by: Kristoffer Gleditsch Closes #5602
* Curl_inet_ntop: always check the return codeDaniel Stenberg2020-06-242-7/+13
| | | | | | Reported-by: Siva Sivaraman Fixes #5412 Closes #5597
* sendf: improve the message on client write errorsDaniel Stenberg2020-06-241-1/+1
| | | | | | | | | Replace "Failed writing body (X != Y)" with "Failure writing output to destination". Possibly slightly less cryptic. Reported-by: coinhubs on github Fixes #5594 Closes #5596
* RELEASE-NOTES: syncedDaniel Stenberg2020-06-241-274/+7
|
* curlver: start working on 7.71.1Daniel Stenberg2020-06-241-3/+3
|
* DYNBUF.md: fix a typo: trail => tailDenis Baručić2020-06-241-1/+1
| | | | Closes #5599
* RELEASE-NOTES: curl 7.71.0 releasecurl-7_71_0Daniel Stenberg2020-06-231-14/+30
|
* THANKS: curl 7.71.0 additionsDaniel Stenberg2020-06-231-0/+33
|
* url: make sure pushed streams get an allocated download bufferDaniel Stenberg2020-06-233-4/+11
| | | | | | | | | Follow-up to c4e6968127e876b0 When a new transfer is created, as a resuly of an acknowledged push, that transfer needs a download buffer allocated. Closes #5590
* openssl: Don't ignore CA paths when using Windows CA storeJay Satiro2020-06-223-15/+13
| | | | | | | | | | | | | This commit changes the behavior of CURLSSLOPT_NATIVE_CA so that it does not override CURLOPT_CAINFO / CURLOPT_CAPATH, or the hardcoded default locations. Instead the CA store can now be used at the same time. The change is due to the impending release. The issue is still being discussed. The behavior of CURLSSLOPT_NATIVE_CA is subject to change and is now documented as experimental. Ref: bc052cc (parent commit) Ref: https://github.com/curl/curl/issues/5585
* tool_operate: Don't use Windows CA store as a fallbackJay Satiro2020-06-221-8/+0
| | | | | | | | | | | | | | | | | | | | | | | Background: 148534d added CURLSSLOPT_NATIVE_CA to use the Windows OS certificate store in libcurl w/ OpenSSL on Windows. CURLSSLOPT_NATIVE_CA overrides CURLOPT_CAINFO if both are set. The curl tool will fall back to CURLSSLOPT_NATIVE_CA if it could not find a certificate bundle to set via CURLOPT_CAINFO. Problem: libcurl may be built with hardcoded paths to a certificate bundle or directory, and if CURLSSLOPT_NATIVE_CA is used then those paths are ignored. Solution: A solution is still being discussed but since there's an impending release this commit removes using CURLSSLOPT_NATIVE_CA in the curl tool. Ref: https://github.com/curl/curl/issues/5585
* openssl: Fix CA fallback logic for OpenSSL 3.0 buildJay Satiro2020-06-221-1/+1
| | | | | | | Prior to this change I assume a build error would occur when CURL_CA_FALLBACK was used. Closes https://github.com/curl/curl/pull/5587
* copyright: update mismatched copyright yearsDaniel Stenberg2020-06-224-4/+4
|
* test1460: verify that -Ji is not okDaniel Stenberg2020-06-222-1/+65
|
* tool_getparam: -i is not OK if -J is usedDaniel Stenberg2020-06-222-18/+9
| | | | | Reported-by: sn on hackerone Bug: https://curl.haxx.se/docs/CVE-2020-8177.html
* CMake: ignore INTERFACE_LIBRARY targets for pkg-config filePeter Wu2020-06-211-1/+9
| | | | | | Reviewed-by: Marcel Raad Fixes #5512 Closes #5517
* multibyte: Fixed access-> waccess to file for Windows PlarformValentyn Korniienko2020-06-212-0/+25
| | | | | Reviewed-by: Marcel Raad Closes #5580
* altsvc: bump to h3-29Daniel Stenberg2020-06-191-2/+2
| | | | Closes #5584
* urlglob: treat literal IPv6 addresses with zone IDs as a host nameDaniel Stenberg2020-06-181-20/+27
| | | | | | | | | | ... and not as a "glob". Now done by passing the supposed host to the URL parser which supposedly will do a better job at identifying "real" numerical IPv6 addresses. Reported-by: puckipedia on github Fixes #5576 Closes #5579
* test1179: verify error message for non-existing cmdline optionDaniel Stenberg2020-06-182-1/+44
|
* tool_getparam: repair the error message for unknown flagDaniel Stenberg2020-06-181-1/+2
| | | | | | | Follow-up to 9e5669f3880674 Detected by Coverity CID 1464582 ("Logically dead code") Closes #5577
* FILEFORMAT: describe verify/stderrDaniel Stenberg2020-06-181-0/+9
|
* connect: improve happy eyeballs handlingDaniel Stenberg2020-06-185-58/+84
| | | | | | | | For QUIC but also for regular TCP when the second family runs out of IPs with a failure while the first family is still trying to connect. Separated the timeout handling for IPv4 and IPv6 connections when they both have a number of addresses to iterate over.
* ngtcp2: never call fprintf() in lib code in release versionDaniel Stenberg2020-06-181-12/+14
|
* ngtcp2: fix happy eyeballs quic connect crashDaniel Stenberg2020-06-181-1/+2
| | | | | | Reported-by: Peter Wu Fixes #5565 Closes #5568
* select: remove the unused ELAPSED_MS() macroDaniel Stenberg2020-06-181-3/+0
| | | | Closes #5573
* multi: implement wait using winsock eventsrcombs2020-06-172-4/+122
| | | | | | | | | | | | This avoids using a pair of TCP ports to provide wakeup functionality for every multi instance on Windows, where socketpair() is emulated using a TCP socket on loopback which could in turn lead to socket resource exhaustion. Reviewed-by: Gergely Nagy Reviewed-by: Marc Hörsken Closes #5397
* manpage: add three missing environment variablesDaniel Stenberg2020-06-171-1/+17
| | | | | | CURL_SSL_BACKEND, QLOGDIR and SSLKEYLOGFILE Closes #5571
* RELEASE-NOTES: syncedDaniel Stenberg2020-06-161-13/+28
|
* configure: for wolfSSL, check for the DES func needed for NTLMDaniel Stenberg2020-06-161-6/+50
| | | | Also adds pkg-config support for the wolfSSL detection.
* ntlm: enable NTLM support with wolfSSLRuurd Beerstra2020-06-165-19/+24
| | | | | | | | | When wolfSSL is built with its OpenSSL API layer, it fetures the same DES* functions that OpenSSL has. This change take advantage of that. Co-authored-by: Daniel Stenberg Closes #5556 Fixes #5548
* http: move header storage to Curl_easy from connectdataDaniel Stenberg2020-06-1510-130/+137
| | | | | | | | | | | | Since the connection can be used by many independent requests (using HTTP/2 or HTTP/3), things like user-agent and other transfer-specific data MUST NOT be kept connection oriented as it could lead to requests getting the wrong string for their requests. This struct data was lingering like this due to old HTTP1 legacy thinking where it didn't mattered.. Fixes #5566 Closes #5567
* CODE_REVIEW.md: how to do code reviews in curlDaniel Stenberg2020-06-132-0/+169
| | | | | | | | | | | Assisted-by: Daniel Gustafsson Assisted-by: Rich Salz Assisted-by: Hugo van Kemenade Assisted-by: James Fuller Assisted-by: Marc Hörsken Assisted-by: Jay Satiro Closes #5555
View Lorry Controller Status