summaryrefslogtreecommitdiff
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* cookie: fix declaration of 'dup' shadows a global declarationDaniel Stenberg2017-02-211-11/+11
|
* TLS: make SSL_VERIFYSTATUS work againDaniel Stenberg2017-02-211-0/+3
| | | | | | | | | | | | | The CURLOPT_SSL_VERIFYSTATUS option was not properly handled by libcurl and thus even if the status couldn't be verified, the connection would be allowed and the user would not be told about the failed verification. Regression since cb4e2be7c6d42ca CVE-2017-2629 Bug: https://curl.haxx.se/docs/adv_20170222.html Reported-by: Marcus Hoffmann
* digest_sspi: Handle 'stale=TRUE' directive in HTTP digestJay Satiro2017-02-211-7/+36
| | | | | | | | | | | | | | - If the server has provided another challenge use it as the replacement input token if stale=TRUE. Otherwise previous credentials have failed so return CURLE_LOGIN_DENIED. Prior to this change the stale directive was ignored and if another challenge was received it would cause error CURLE_BAD_CONTENT_ENCODING. Ref: https://tools.ietf.org/html/rfc2617#page-10 Bug: https://github.com/curl/curl/issues/928 Reported-by: tarek112@users.noreply.github.com
* smb: use getpid replacement for windows UWP buildsDaniel Stenberg2017-02-201-1/+5
| | | | Source: https://github.com/Microsoft/vcpkg/blob/7676b8780db1e1e591c4fc7eba4f96f73c428cb4/ports/curl/0002_fix_uwp.patch
* sftp: improved checks for create dir failuresJean Gressmann2017-02-201-1/+9
| | | | | | | Since negative values are errors and not only -1. This makes SFTP upload with --create-dirs work (again). Closes #1269
* digest_sspi: Fix nonce-count generation in HTTP digestMax Khon2017-02-202-99/+145
| | | | | | | | | | | | | - on the first invocation: keep security context returned by InitializeSecurityContext() - on subsequent invocations: use MakeSignature() instead of InitializeSecurityContext() to generate HTTP digest response Bug: https://github.com/curl/curl/issues/870 Reported-by: Andreas Roth Closes https://github.com/curl/curl/pull/1251
* string formatting: fix 4 printf-style format stringsMichael Kaufmann2017-02-192-2/+4
|
* speed caps: update the timeouts if the speed is too low/highMichael Kaufmann2017-02-181-36/+48
| | | | | | | Follow-up to 4b86113 Fixes https://github.com/curl/curl/issues/793 Fixes https://github.com/curl/curl/issues/942
* proxy: fix hostname resolution and IDN conversionMichael Kaufmann2017-02-184-26/+34
| | | | | | | | | | | Properly resolve, convert and log the proxy host names. Support the "--connect-to" feature for SOCKS proxies and for passive FTP data transfers. Follow-up to cb4e2be Reported-by: Jay Satiro Fixes https://github.com/curl/curl/issues/1248
* http: fix missing 'Content-Length: 0' while negotiating authIsaac Boukris2017-02-171-2/+2
| | | | | | | | | | | | | | | | - While negotiating auth during PUT/POST if a user-specified Content-Length header is set send 'Content-Length: 0'. This is what we do already in HTTPREQ_POST_FORM and what we did in the HTTPREQ_POST case (regression since afd288b). Prior to this change no Content-Length header would be sent in such a case. Bug: https://curl.haxx.se/mail/lib-2017-02/0006.html Reported-by: Dominik Hölzl Closes https://github.com/curl/curl/pull/1242
* axtls: adapt to API changesDaniel Stenberg2017-02-151-5/+5
| | | | | | | | | Builds with axTLS 2.1.2. This then also breaks compatibility with axTLS < 2.1.0 (the older API) ... and fix the session_id mixup brought in 04b4ee549 Fixes #1220
* smb: code indentDaniel Stenberg2017-02-141-16/+17
|
* http2: fix memory-leak when denying push streamsDaniel Stenberg2017-02-131-11/+19
| | | | | Reported-by: zelinchen@users.noreply.github.com Fixes #1229
* URL: only accept ";options" in SMTP/POP3/IMAP URL schemesDaniel Stenberg2017-02-105-13/+25
| | | | Fixes #1252
* nss: make FTPS work with --proxytunnelKamil Dudka2017-02-091-12/+11
| | | | | | | | | If the NSS code was in the middle of a non-blocking handshake and it was asked to finish the handshake in blocking mode, it unexpectedly continued in the non-blocking mode, which caused a FTPS connection over CONNECT to fail with "(81) Socket not ready for send/recv". Bug: https://bugzilla.redhat.com/1420327
* http_proxy: avoid freeing static memoryDaniel Stenberg2017-02-091-3/+3
| | | | Follow up to 7fe81ec298e0: make sure 'host' is either NULL or malloced.
* http_proxy: Fix tiny memory leak upon edge case connecting to proxyCameron MacMinn2017-02-091-1/+1
| | | | Fixes #1255
* polarssl, mbedtls: Fix detection of pending dataMichael Kaufmann2017-02-082-6/+2
| | | | | Reported-by: Dan Fandrich Bug: https://curl.haxx.se/mail/lib-2017-02/0032.html
* http2: reset push header counter fixes crashDaniel Stenberg2017-02-071-0/+1
| | | | | | | | | When removing an easy handler from a multi before it completed its transfer, and it had pushed streams, it would segfault due to the pushed counted not being cleared. Fixed-by: zelinchen@users.noreply.github.com Fixes #1249
* transfer: only retry nobody-requests for HTTPMarkus Westerlind2017-02-071-6/+11
| | | | | | | | | Using sftp to delete a file with CURLOPT_NOBODY set with a reused connection would fail as curl expected to get some data. Thus it would retry the command again which fails as the file has already been deleted. Fixes #1243
* telnet: Fix typosDaniel Gustafsson2017-02-071-2/+2
| | | | Ref: https://github.com/curl/curl/pull/1245
* darwinssl: Avoid parsing certificates when not in verbose modeDaniel Gustafsson2017-02-071-6/+27
| | | | | | | | | | The information extracted from the server certificates in step 3 is only used when in verbose mode, and there is no error handling or validation performed as that has already been done. Only run the certificate information extraction when in verbose mode and libcurl was built with verbose strings. Closes https://github.com/curl/curl/pull/1246
* schannel: Remove incorrect SNI disabled messageJDepooter2017-02-071-1/+9
| | | | | | | | | | - Remove the SNI disabled when host verification disabled message since that is incorrect. - Show a message for legacy versions of Windows <= XP that connections may fail since those versions of WinSSL lack SNI, algorithms, etc. Bug: https://github.com/curl/curl/pull/1240
* use *.sourceforge.io and misc URL updatesViktor Szakats2017-02-066-7/+7
| | | | | Ref: https://sourceforge.net/blog/introducing-https-for-project-websites/ Closes: https://github.com/curl/curl/pull/1247
* cmake: Support curl --xattr when built with cmakeSean Burford2017-02-011-0/+9
| | | | | | | - Test for and set HAVE_FSETXATTR when support for extended file attributes is present. Closes https://github.com/curl/curl/pull/1176
* openssl: Don't use certificate after transferring ownershipAdam Langley2017-01-311-10/+8
| | | | | | | | | | SSL_CTX_add_extra_chain_cert takes ownership of the given certificate while, despite the similar name, SSL_CTX_add_client_CA does not. Thus it's best to call SSL_CTX_add_client_CA before SSL_CTX_add_extra_chain_cert, while the code still has ownership of the argument. Closes https://github.com/curl/curl/pull/1236
* mbedtls: implement CTR-DRBG and HAVEGE random generatorsAntoine Aubert2017-01-292-6/+54
| | | | closes #1227
* mbedtls: disable TLS session ticketsMichael Kaufmann2017-01-281-0/+5
| | | | | | | SSL session reuse with TLS session tickets is not supported yet. Use SSL session IDs instead. See https://github.com/curl/curl/issues/1109
* gnutls: disable TLS session ticketsMichael Kaufmann2017-01-281-1/+9
| | | | | | | SSL session reuse with TLS session tickets is not supported yet. Use SSL session IDs instead. Fixes https://github.com/curl/curl/issues/1109
* polarssl: fix hangsMichael Kaufmann2017-01-282-1/+10
| | | | This bugfix is similar to commit c111178bd4.
* cookies: do not assume a valid domain has a dotDaniel Stenberg2017-01-271-7/+16
| | | | | | | | | | | This repairs cookies for localhost. Non-PSL builds will now only accept "localhost" without dots, while PSL builds okeys everything not listed as PSL. Added test 1258 to verify. This was a regression brought in a76825a5efa6b4
* telnet: fix windows compiler warningsDaniel Stenberg2017-01-241-2/+2
| | | | | | Thumbs-up-by: Jay Satiro Closes #1225
* VC: remove the makefile.vc6 build infraDaniel Stenberg2017-01-233-694/+2
| | | | | | The winbuild/ build files is now the single MSVC makefile build choice. Closes #1215
* vtls: source indentation fixDaniel Stenberg2017-01-221-8/+8
|
* vtls: fix PolarSSL non-blocking handlingDaniel Stenberg2017-01-201-3/+2
| | | | | | | A regression brought in cb4e2be Reported-by: Michael Kaufmann Bug: https://github.com/curl/curl/issues/1174#issuecomment-274018791
* vtls: fix mbedtls multi non blocking handshake.Antoine Aubert2017-01-201-2/+3
| | | | | | | When using multi, mbedtls handshake is in non blocking mode. vtls must set wait for read/write flags for the socket. Closes #1223
* CURLOPT_BUFFERSIZE: support enlarging receive bufferRichy Kim2017-01-197-11/+42
| | | | | | | | | | Replace use of fixed macro BUFSIZE to define the size of the receive buffer. Reappropriate CURLOPT_BUFFERSIZE to include enlarging receive buffer size. Upon setting, resize buffer if larger than the current default size up to a MAX_BUFSIZE (512KB). This can benefit protocols like SFTP. Closes #1222
* *.rc: escape non-ASCII/non-UTF-8 character for clarityViktor Szakats2017-01-191-2/+2
| | | | Closes https://github.com/curl/curl/pull/1217
* CURLOPT_CONNECT_TO: Fix compile warningsMichael Kaufmann2017-01-181-15/+11
| | | | | Fix compile warnings that appeared only when curl has been configured with '--disable-verbose'.
* parseurl: move back buffer to function scopeDaniel Stenberg2017-01-181-1/+1
| | | | | | | | | Regression since 1d4202ad, which moved the buffer into a more narrow scope, but the data in that buffer was used outside of that more narrow scope. Reported-by: Dan Fandrich Bug: https://curl.haxx.se/mail/lib-2017-01/0093.html
* openssl: Fix random generationJay Satiro2017-01-171-1/+1
| | | | | | - Fix logic error in Curl_ossl_random. Broken a few days ago in 807698d.
* nss: use the correct lock in nss_find_slot_by_name()Kamil Dudka2017-01-151-2/+2
|
* http2: disable server push if not requestedAlessandro Ghedini2017-01-152-16/+30
| | | | Ref: https://github.com/curl/curl/pull/1160
* http: print correct HTTP string in verbose output when using HTTP/2http2_outputAlessandro Ghedini2017-01-141-3/+15
| | | | | | | | | | | | | | | | | | | | | | | | | Before: ``` % src/curl https://sigsegv.ninja/ -v --http2 ... > GET / HTTP/1.1 > Host: sigsegv.ninja > User-Agent: curl/7.52.2-DEV > Accept: */* > ... ``` After: ``` % src/curl https://sigsegv.ninja/ -v --http2 ... > GET / HTTP/2 > Host: sigsegv.ninja > User-Agent: curl/7.52.2-DEV > Accept: */* > ```
* addrinfo: fix compiler warning on offsetof() useDaniel Stenberg2017-01-141-2/+3
| | | | | | | | curl_addrinfo.c:519:20: error: conversion to ‘curl_socklen_t {aka unsigned int}’ from ‘long unsigned int’ may alter its value [-Werror=conversion] Follow-up to 1d786faee1046f
* unix_socket: add support for abstract unix domain socketIsaac Boukris2017-01-134-11/+35
| | | | | | | | | | | | | | | | | | | | | In addition to unix domain sockets, Linux also supports an abstract namespace which is independent of the filesystem. In order to support it, add new CURLOPT_ABSTRACT_UNIX_SOCKET option which uses the same storage as CURLOPT_UNIX_SOCKET_PATH internally, along with a flag to specify abstract socket. On non-supporting platforms, the abstract address will be interpreted as an empty string and fail gracefully. Also add new --abstract-unix-socket tool parameter. Signed-off-by: Isaac Boukris <iboukris@gmail.com> Reported-by: Chungtsun Li (typeless) Reviewed-by: Daniel Stenberg Reviewed-by: Peter Wu Closes #1197 Fixes #1061
* IDN: Use TR46 non-transitionalDaniel Stenberg2017-01-131-3/+10
| | | | Assisted-by: Tim Rühsen
* IDN: revert use of the transitional optionDaniel Stenberg2017-01-131-6/+2
| | | | | | | It made the german ß get converted to ss, IDNA2003 style, and we can't have that for the .de TLD - a primary reason for our switch to IDNA2008. Test 165 verifies.
* IDN: Fix compile time detection of linidn2 TR46Tim Rühsen2017-01-131-1/+1
| | | | | | Follow-up to f30cbcac1 Closes #1207
* url: --noproxy option overrides NO_PROXY environment variableERAMOTO Masaya2017-01-131-2/+1
| | | | | | | | | Under condition using http_proxy env var, noproxy list was the combination of --noproxy option and NO_PROXY env var previously. Since this commit, --noproxy option overrides NO_PROXY environment variable even if use http_proxy env var. Closes #1140
View Lorry Controller Status