- Jan 25, 2018
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
An idea that popped up in discussions on twitter.
-
- Jan 24, 2018
-
-
Daniel Stenberg authored
Reported-By: Gisle Vanem Bug: https://github.com/curl/curl/commit/993dd5651a6c853bfe3870f6a69c7b329fa4e8ce#commitcomment-27070080
-
Gisle Vanem authored
djgpp do have 'mkdir(dir, mode)'. Other DOS-compilers does not But djgpp seems the only choice for MSDOS anyway. PellesC do have a 'F_OK' defined in it's <unistd.h>. Update year in Copyright.
-
Gisle Vanem authored
-
- Jan 23, 2018
-
-
Daniel Stenberg authored
-
Gisle Vanem authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
Bug: https://curl.haxx.se/mail/lib-2018-01/0087.html Reported-by: John Hascall Closes #2257
-
Daniel Stenberg authored
-
- Jan 22, 2018
-
-
Daniel Stenberg authored
... unless CURLOPT_UNRESTRICTED_AUTH is set to allow them. This matches how curl already handles Authorization headers created internally. Note: this changes behavior slightly, for the sake of reducing mistakes. Added test 317 and 318 to verify. Reported-by: Craig de Stigter Bug: https://curl.haxx.se/docs/adv_2018-b3bf.html
-
Daniel Stenberg authored
Get screen width from the environment variable COLUMNS first, if set. If not, use ioctl(). If nether works, assume 79. Closes #2242 The "refresh" is for the -# output when no total transfer size is known. It will now only use a single updated line even for this case: The "-=O=-" ship moves when data is transferred. The four flying "hashes" move (on a sine wave) on each refresh, independent of data.
-
- Jan 20, 2018
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
- Jan 18, 2018
-
-
Kartik Mahajan authored
Fixes #2237 Closes #2249
-
Daniel Stenberg authored
vtls.c:multissl_init() might do a curl_free() call so strip that out to make this work with more builds. We just want to verify that memorytracking works so skipping one line is no harm.
-
Daniel Stenberg authored
Reported-by: XhstormR on github Fixes #2245
-
Michael Gmelin authored
In case an identity didn't match[0], the state machine would fail in state SSH_AUTH_AGENT instead of progressing to the next identity in ssh-agent. As a result, ssh-agent authentication only worked if the identity required happened to be the first added to ssh-agent. This was introduced as part of commit c4eb10e2, which stated that the "else" statement was required to prevent getting stuck in state SSH_AUTH_AGENT. Given the state machine's logic and libssh2's interface I couldn't see how this could happen or reproduce it and I also couldn't find a more detailed description of the problem which would explain a test case to reproduce the problem this was supposed to fix. [0] libssh2_agent_userauth returning LIBSSH2_ERROR_AUTHENTICATION_FAILED Closes #2248
-
Daniel Stenberg authored
Coverity CID 1427646.
-
Daniel Stenberg authored
Follow-up to 84fcaa2e. libressl does not have the API even if it says it is late OpenSSL version... Fixes #2246 Closes #2247 Reported-by: jungle-boogie on github
-
- Jan 17, 2018
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
... to avoid excessive recursive calls. The number 5 is totally arbitrary and could be modified if someone has a good motivation.
-
Daniel Stenberg authored
.... and avoid advancing the pointer to trigger an out of buffer read. Detected by OSS-fuzz Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5251 Assisted-by: Max Dymond
-
- Jan 16, 2018
-
-
Daniel Stenberg authored
1. don't use "ULL" suffix since unsupported in older MSVC 2. use curl_off_t instead of custom long long ifdefs 3. make get_posix_time() not do unaligned data access Fixes #2211 Closes #2240 Reported-by: Chester Liu
-
- Jan 15, 2018
-
-
rouzier authored
Closes #2239
-
Daniel Stenberg authored
Follow-up commit to 615edc1f which was incomplete. Assisted-by: Max Dymond Detected by OSS-fuzz Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5206
-
Daniel Stenberg authored
Fixes #2210 Closes #2236
-
- Jan 14, 2018
-
-
Patrick Monnerat authored
A mime tree attached to an easy handle using CURLOPT_MIMEPOST is strongly bound to the handle: there is a pointer to the easy handle in each item of the mime tree and following the parent pointer list of mime items ends in a dummy part stored within the handle. Because of this binding, a mime tree cannot be shared between different easy handles, thus it needs to be cloned upon easy handle duplication. There is no way for the caller to get the duplicated mime tree handle: it is then set to be automatically destroyed upon freeing the new easy handle. New test 654 checks proper mime structure duplication/release. Add a warning note in curl_mime_data_cb() documentation about sharing user data between duplicated handles. Closes #2235
-
Patrick Monnerat authored
-
- Jan 13, 2018
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
... and make the max filesize check trigger if the value is too big. Updates test 178. Reported-by: Brad Spencer Fixes #2212 Closes #2223
-
Dan Johnson authored
Link order should list libraries after the libraries that use them, so when we're guessing that we might also need to add -ldl in order to use -lssl, we should add -ldl after -lssl. Closes https://github.com/curl/curl/pull/2234
-
Daniel Stenberg authored
-
Jay Satiro authored
Broken since f121575c (precedes 7.56.1). Bug: https://github.com/curl/curl/issues/2225 Reported-by: <cmfrolick@users.noreply.github.com> Closes https://github.com/curl/curl/pull/2227
-
Patrick Monnerat authored
This also upgrades ILE/RPG bindings with latest setopt options. Reported-By: jonrumsey on github Fixes #2230 Closes #2233
-
- Jan 11, 2018
-
-
Zhouyihai Ding authored
Prior to this change the stored byte count of each trailer was miscalculated and 1 less than required. It appears any trailer after the first that was passed to Curl_client_write would be truncated or corrupted as well as the size. Potentially the size of some subsequent trailer could be erroneously extracted from the contents of that trailer, and since that size is used by client write an out-of-bounds read could occur and cause a crash or be otherwise processed by client write. The bug appears to have been born in 0761a51e (precedes 7.49.0). Closes https://github.com/curl/curl/pull/2231
-
- Jan 09, 2018
-
-
Basuke Suzuki authored
Before calling Curl_client_chop_write(), change the owner of connection to the current Curl_easy handle. This will fix the issue #2217. Fixes https://github.com/curl/curl/issues/2217 Closes https://github.com/curl/curl/pull/2221
-