summaryrefslogtreecommitdiff
path: root/lib/hsts.c
Commit message (Collapse)AuthorAgeFilesLines
* checksrc: fix SPACEBEFOREPAREN for conditions starting with "*"Daniel Stenberg2023-04-271-1/+1
| | | | | | | | | | | | | | | The open paren check wants to warn for spaces before open parenthesis for if/while/for but also for any function call. In order to avoid catching function pointer declarations, the logic allows a space if the first character after the open parenthesis is an asterisk. I also spotted what we did not include "switch" in the check but we should. This check is a little lame, but we reduce this problem by not allowing that space for if/while/for/switch. Reported-by: Emanuele Torre Closes #11044
* copyright: update all copyright lines and remove year rangesDaniel Stenberg2023-01-031-1/+1
| | | | | | | | | | | | - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - saves us from pointless churn - git keeps history for us - the year range is kept in COPYING checksrc is updated to allow non-year using copyright statements Closes #10205
* hsts: handle adding the same host name againDaniel Stenberg2022-12-271-2/+11
| | | | It will then use the largest expire time of the two entries.
* share: add sharing of HSTS cache among handlesDaniel Stenberg2022-12-271-0/+15
| | | | Closes #10138
* strcase: use curl_str(n)equal for case insensitive matchesDaniel Stenberg2022-11-011-4/+4
| | | | | | | | | No point in having two entry points for the same functions. Also merged the *safe* function treatment into these so that they can also be used when one or both pointers are NULL. Closes #9837
* misc: remove duplicated include filesDaniel Stenberg2022-10-261-1/+0
| | | | Closes #9796
* misc: ISSPACE() => ISBLANK()Daniel Stenberg2022-09-061-3/+3
| | | | | | | | | | | Instances of ISSPACE() use that should rather use ISBLANK(). I think somewhat carelessly used because it sounds as if it checks for space or whitespace, but also includes %0a to %0d. For parsing purposes, we should only accept what we must and not be overly liberal. It leads to surprises and surprises lead to bad things. Closes #9432
* hsts: use Curl_fopen()Daniel Stenberg2022-06-261-16/+6
|
* copyright: make repository REUSE compliantmax.mehl2022-06-131-0/+2
| | | | | | | | | | | Add licensing and copyright information for all files in this repository. This either happens in the file itself as a comment header or in the file `.reuse/dep5`. This commit also adds a Github workflow to check pull requests and adapts copyright.pl to the changes. Closes #8869
* links: update dead linksDaniel Stenberg2022-05-231-2/+1
| | | | | | The wiki pages are gone, remove and link to more long-living docs. Closes #8897
* hsts: ignore trailing dots when comparing hosts namesDaniel Stenberg2022-05-091-5/+25
| | | | | | | | CVE-2022-30115 Reported-by: Axel Chong Bug: https://curl.se/docs/CVE-2022-30115.html Closes #8821
* docs: update IETF links to use datatrackerlucas2022-01-211-2/+2
| | | | | | | | | | The tools.ietf.org domain has been deprecated a while now, with the links being redirected to datatracker.ietf.org. Rather than make people eat that redirect time, this change switches the URL to a more canonical source. Closes #8317
* hsts: CURLSTS_FAIL from hsts read callback should fail transferDaniel Stenberg2021-09-161-1/+1
| | | | | | | | | | ... and have CURLE_ABORTED_BY_CALLBACK returned. Extended test 1915 to verify. Reported-by: Jonathan Cardoso Fixes #7726 Closes #7729
* hsts: handle unlimited expiryDaniel Stenberg2021-09-151-15/+25
| | | | | | | | | | | | | | | | | | | When setting a blank expire string, meaning unlimited, curl would pass TIME_T_MAX to getime_r() when creating the output, while on 64 bit systems such a large value cannot be convetered to a tm struct making curl to exit the loop with an error instead. It can't be converted because the year it would represent doesn't fit in the 'int tm_year' field! Starting now, unlimited expiry is instead handled differently by using a human readable expiry date spelled out as "unlimited" instead of trying to use a distant actual date. Test 1660 and 1915 have been updated to help verify this change. Reported-by: Jonathan Cardoso Fixes #7720 Closes #7721
* Curl_hsts_loadcb: don't attempt to load if hsts wasn't initedDaniel Stenberg2021-09-121-1/+3
| | | | | | Reported-by: Jonathan Cardoso Fixes #7710 Closes #7711
* hsts: ignore numberical IP address hostsDaniel Stenberg2021-05-301-0/+5
| | | | | | | | | Also, use a single function library-wide for detecting if a given hostname is a numerical IP address. Reported-by: Harry Sintonen Fixes #7146 Closes #7149
* hsts: enable by defaultDaniel Stenberg2021-04-191-6/+13
| | | | | | No longer considered experimental. Closes #6700
* hsts: remove unused definesDaniel Gustafsson2021-03-141-2/+0
| | | | | | | | | MAX_HSTS_SUBLEN and MAX_HSTS_SUBLENSTR were unused from the initial commit, and mostly likely leftovers from early development. Remove as they're not used for anything. Closes #6741 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
* copyright: fix missing year (range) updatesDaniel Stenberg2021-01-291-1/+1
|
* misc: fix typosFabian Keil2021-01-111-2/+2
| | | | | Bug: https://curl.se/mail/lib-2021-01/0063.html Closes #6434
* hsts: remove debug code leftoversDaniel Stenberg2020-11-061-2/+0
| | | | Closes #6175
* hsts: Remove pointless call to free in errorpathDaniel Gustafsson2020-11-051-1/+0
| | | | | | | | The line variable will always be NULL in the error path, so remove the free call since it's pointless. Closes #6170 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
* curl.se: new homeDaniel Stenberg2020-11-041-2/+2
| | | | Closes #6172
* hsts: add read/write callbacksDaniel Stenberg2020-11-031-7/+102
| | | | | | | | - read/write callback options - man pages for the 4 new setopts - test 1915 verifies the callbacks Closes #5896
* hsts: add support for Strict-Transport-SecurityDaniel Stenberg2020-11-031-0/+430
- enable in the build (configure) - header parsing - host name lookup - unit tests for the above - CI build - CURL_VERSION_HSTS bit - curl_version_info support - curl -V output - curl-config --features - CURLOPT_HSTS_CTRL - man page for CURLOPT_HSTS_CTRL - curl --hsts (sets CURLOPT_HSTS_CTRL and works with --libcurl) - man page for --hsts - save cache to disk - load cache from disk - CURLOPT_HSTS - man page for CURLOPT_HSTS - added docs/HSTS.md - fixed --version docs - adjusted curl_easy_duphandle Closes #5896
View Lorry Controller Status