summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* urlapi: only skip encoding the first '=' with APPENDQUERY setbagder/urlapi-query-encode-equalsDaniel Stenberg2018-11-063-7/+13
| | | | Fixes #3231
* url: a short host name + port is not a schemeDaniel Stenberg2018-11-068-45/+33
| | | | | | | | | | | | | | | | | | | The function identifying a leading "scheme" part of the URL considered a few letters ending with a colon to be a scheme, making something like "short:80" to become an unknown scheme instead of a short host name and a port number. Extended test 1560 to verify. Also fixed test203 to use file_pwd to make it get the correct path on windows. Removed test 2070 since it was a duplicate of 203. Assisted-by: Marcel Raad Reported-by: Hagai Auro Fixes #3220 Fixes #3233 Closes #3223 Closes #3235
* libcurl: stop reading from paused transfersSangamkar2018-11-061-0/+5
| | | | | | | In the transfer loop it would previously not acknwledge the pause bit and continue until drained or loop ended. Closes #3240
* tool: add undocumented option --dump-module-paths for win32Jay Satiro2018-11-063-0/+70
| | | | | | | | | | | | | | | | - Add an undocumented diagnostic option for Windows to show the full paths of all loaded modules regardless of whether or not libcurl initialization succeeds. This is needed so that in the CI we can get a list of all DLL dependencies after initialization (when they're most likely to have finished loading) and then package them as artifacts so that a functioning build can be downloaded. Also I imagine it may have some use as a diagnostic for help requests. Ref: https://github.com/curl/curl/pull/3103 Closes https://github.com/curl/curl/pull/3208
* curl_multibyte: fix a malloc overcalculationJay Satiro2018-11-061-6/+6
| | | | | | | | Prior to this change twice as many bytes as necessary were malloc'd when converting wchar to UTF8. To allay confusion in the future I also changed the variable name for the amount of bytes from len to bytes. Closes https://github.com/curl/curl/pull/3209
* netrc: don't ignore the login name specified with "--user"Michael Kaufmann2018-11-056-55/+83
| | | | | | | | | | | | - for "--netrc", don't ignore the login/password specified with "--user", only ignore the login/password in the URL. This restores the netrc behaviour of curl 7.61.1 and earlier. - fix the documentation of CURL_NETRC_REQUIRED - improve the detection of login/password changes when reading .netrc - don't read .netrc if both login and password are already set Fixes #3213 Closes #3224
* OS400: add URL API ccsid wrappers and sync ILE/RPG bindingsPatrick Monnerat2018-11-054-4/+189
|
* curl: fixed UTF-8 in current console code page (Windows)Yasuhiro Matsumoto2018-11-052-7/+31
| | | | | | Fixes #3211 Fixes #3175 Closes #3212
* TODO: 2.6 multi upkeepDaniel Stenberg2018-11-051-0/+10
| | | | Closes #3199
* unittest: make 1652 stable across collationsDaniel Gustafsson2018-11-051-2/+2
| | | | | | | | | | | | The previous coding used a format string whose output depended on the current locale of the environment running the test. Since the gist of the test is to have a format string, with the actual formatting being less important, switch to a more stable formatstring with decimals. Reported-by: Marcel Raad Closes #3234 Reviewed-by: Daniel Stenberg <daniel@haxx.se> Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
* Revert "url: a short host name + port is not a scheme"Daniel Stenberg2018-11-052-4/+1
| | | | | | | This reverts commit 226cfa8264cd979eff3fd52c0f3585ef095e7cf2. This commit caused test failures on appveyor/windows. Work on fixing them is in #3235.
* symbols-in-versions: add missing CURLU_ symbolsDaniel Stenberg2018-11-042-12/+24
| | | | | | | | ...and fix symbol-scan.pl to also scan urlapi.h Reported-by: Alexey Melnichuk Fixes #3226 Closes #3230
* infof: clearly indicate truncationDaniel Gustafsson2018-11-035-3/+173
| | | | | | | | | | | | | | | | | | The internal buffer in infof() is limited to 2048 bytes of payload plus an additional byte for NULL termination. Servers with very long error messages can however cause truncation of the string, which currently isn't very clear, and leads to badly formatted output. This appends a "...\n" (or just "..." in case the format didn't with a newline char) marker to the end of the string to clearly show that it has been truncated. Also include a unittest covering infof() to try and catch any bugs introduced in this quite important function. Closes #3216 Reviewed-by: Daniel Stenberg <daniel@haxx.se> Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
* tool_getparam: fix some commentsMichael Kaufmann2018-11-031-13/+5
|
* url: a short host name + port is not a schemeDaniel Stenberg2018-11-032-1/+4
| | | | | | | | | | | | The function identifying a leading "scheme" part of the URL considered a few letters ending with a colon to be a scheme, making something like "short:80" to become an unknown scheme instead of a short host name and a port number. Extended test 1560 to verify. Reported-by: Hagai Auro Fixes #3220 Closes #3223
* URL: fix IPv6 numeral address parserDaniel Stenberg2018-11-032-2/+15
| | | | | | | | Regression from 46e164069d1a52. Extended test 1560 to verify. Reported-by: tpaukrt on github Fixes #3218 Closes #3219
* travis: remove curl before a normal buildDaniel Stenberg2018-11-021-0/+5
| | | | | | | | on Linux. To make sure the test suite runs with its newly build tool and doesn't require an external one present. Bug: #3198 Closes #3200
* mprintf: avoid unsigned integer overflow warningTim Rühsen2018-11-021-1/+1
| | | | | | | | The overflow has no real world impact. Just avoid it for "best practice". Code change suggested by "The Infinnovation Team" and Daniel Stenberg. Closes #3184
* Curl_follow: accept non-supported schemes for "fake" redirectsDaniel Stenberg2018-11-023-2/+61
| | | | | | | | | | When not actually following the redirect and the target URL is only stored for later retrieval, curl always accepted "non-supported" schemes. This was a regression from 46e164069d1a5230. Reported-by: Brad King Fixes #3210 Closes #3215
* openvms: fix example nameDaniel Gustafsson2018-11-022-2/+2
| | | | | | | | | | Commit efc696a2e09225bfeab4 renamed persistant.c to persistent.c to fix the typo in the name, but missed to update the OpenVMS package files which still looked for the old name. Closes #3217 Reviewed-by: Daniel Stenberg <daniel@haxx.se> Reviewed-by: Viktor Szakats <commit@vszakats.net>
* configure: show CFLAGS, LDFLAGS etc in summaryDaniel Stenberg2018-11-011-1/+6
| | | | | | To make it easier to understand other people's and remote builds etc. Closes #3207
* version: bump for next cycleDaniel Stenberg2018-11-012-259/+21
|
* axtls: removedDaniel Stenberg2018-11-0131-996/+24
| | | | | | | | | | As has been outlined in the DEPRECATE.md document, the axTLS code has been disabled for 6 months and is hereby removed. Use a better supported TLS library! Assisted-by: Daniel Gustafsson Closes #3194
* schannel: make CURLOPT_CERTINFO support using Issuer chainmarcosdiazr2018-11-012-9/+65
| | | | Closes #3197
* travis: build with sanitize=address,undefined,signed-integer-overflowDaniel Stenberg2018-11-011-5/+17
| | | | | | ... using clang Closes #3190
* schannel: use Curl_ prefix for global private symbolsDaniel Stenberg2018-11-013-4/+4
| | | | | | | Curl_verify_certificate() must use the Curl_ prefix since it is globally available in the lib and otherwise steps outside of our namespace! Closes #3201
* tests: drop http_pipe.py script no longer usedKamil Dudka2018-11-012-442/+1
| | | | | | It is unused since commit f7208df7d9d5cd5e15e2d89237e828f32b63f135. Closes #3204
* runtests: use the local curl for verifyingDaniel Stenberg2018-10-311-1/+1
| | | | | | | | | ... revert the mistaken change brought in commit 8440616f53. Reported-by: Alessandro Ghedini Bug: https://curl.haxx.se/mail/lib-2018-10/0118.html Closes #3198
* RELEASE-NOTES: 7.62.0curl-7_62_0Daniel Stenberg2018-10-301-9/+31
|
* THANKS: 7.62.0 statusDaniel Stenberg2018-10-302-1/+24
|
* vtls: add MesaLink to curl_sslbackend enumDaniel Gustafsson2018-10-306-6/+13
| | | | | | | | | MesaLink support was added in commit 57348eb97d1b8fc3742e02c but the backend was never added to the curl_sslbackend enum in curl/curl.h. This adds the new backend to the enum and updates the relevant docs. Closes #3195 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
* cmake: Remove unused CURL_CONFIG_HAS_BEEN_RUN_BEFORE variableRuslan Baratov2018-10-301-5/+0
| | | | Closes #3191
* test2080: verify the fix for CVE-2018-16842Daniel Stenberg2018-10-302-4/+2
|
* voutf: fix bad arethmetic when outputting warnings to stderrDaniel Stenberg2018-10-301-1/+1
| | | | | | CVE-2018-16842 Reported-by: Brian Carpenter Bug: https://curl.haxx.se/docs/CVE-2018-16842.html
* cmake: uniform ZLIB to use USE_ variable and clean curl-config.cmake.inTuomo Rinne2018-10-292-11/+8
| | | | Closes #3123
* cmake: add find_dependency call for ZLIB to CMake config fileTuomo Rinne2018-10-291-2/+8
|
* cmake: add support for transitive ZLIB targetTuomo Rinne2018-10-291-2/+10
|
* unit1650: fix "null pointer passed as argument 1 to memcmp"Daniel Stenberg2018-10-291-1/+1
| | | | | | Detected by UndefinedBehaviorSanitizer Closes #3187
* travis: add a "make tidy" build that runs clang-tidyDaniel Stenberg2018-10-291-0/+11
| | | | Closes #3182
* unit1300: fix stack-use-after-scope AddressSanitizer warningDaniel Stenberg2018-10-291-3/+4
| | | | Closes #3186
* Curl_auth_create_plain_message: fix too-large-input-checkDaniel Stenberg2018-10-291-1/+1
| | | | | | CVE-2018-16839 Reported-by: Harry Sintonen Bug: https://curl.haxx.se/docs/CVE-2018-16839.html
* Curl_close: clear data->multi_easy on free to avoid use-after-freeDaniel Stenberg2018-10-291-1/+3
| | | | | | | | Regression from b46cfbc068 (7.59.0) CVE-2018-16840 Reported-by: Brian Carpenter (Geeknik Labs) Bug: https://curl.haxx.se/docs/CVE-2018-16840.html
* system.h: use proper setting with Sun C++ as wellrandomswdev2018-10-271-1/+1
| | | | | | | | | system.h selects the proper Sun settings when __SUNPRO_C is defined. The Sun compiler does not define it when compiling C++ files. I'm adding a check also on __SUNPRO_CC to allow curl to work properly also when used in a C++ project on Sun Solaris. Closes #3181
* rand: add comment to skip a clang-tidy false positiveDaniel Stenberg2018-10-271-1/+3
|
* test1651: unit test Curl_extract_certinfo()Daniel Stenberg2018-10-274-2/+417
| | | | The version used for Gskit, NSS, GnuTLS, WolfSSL and schannel.
* x509asn1: always check return code from getASN1Element()Daniel Stenberg2018-10-271-32/+102
|
* Makefile: add 'tidy' target that runs clang-tidyDaniel Stenberg2018-10-273-1/+21
| | | | | | Available in the root, src and lib dirs. Closes #3163
* RELEASE-PROCEDURE: adjust the release datesDaniel Stenberg2018-10-271-7/+5
| | | | See: https://curl.haxx.se/mail/lib-2018-10/0107.html
* x509asn1: suppress left shift on signed valuePatrick Monnerat2018-10-271-2/+2
| | | | | | | | Use an unsigned variable: as the signed operation behavior is undefined, this change silents clang-tidy about it. Ref: https://github.com/curl/curl/pull/3163 Reported-By: Daniel Stenberg
* multi: Fix error handling in the SENDPROTOCONNECT stateMichael Kaufmann2018-10-271-1/+1
| | | | | | | If Curl_protocol_connect() returns an error code, handle the error instead of switching to the next state. Closes #3170
View Lorry Controller Status