- Sep 14, 2016
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
CVE-2016-7167 Bug: https://curl.haxx.se/docs/adv_20160914.html
-
Daniel Stenberg authored
CVE-2016-7167 Bug: https://curl.haxx.se/docs/adv_20160914.html
-
Daniel Stenberg authored
Reported-by: Ryan Scott Fixes #1007
-
- Sep 13, 2016
-
-
Daniel Stenberg authored
-
- Sep 12, 2016
-
-
Tony Kelman authored
NTLM support with mbedTLS was added in 497e7c9d but requires that mbedTLS is built with the MD4 functions available, which it isn't in default builds. This now adapts if the funtion isn't there and builds libcurl without NTLM support if so. Fixes #1004
-
Jay Satiro authored
- Change maximum allowed line length from 80 to 79.
-
- Sep 11, 2016
-
-
Jay Satiro authored
Note that since the added examples are for column alignment I had to encapsulate with ~~~c markdown to preserve their alignment.
-
Peter Wu authored
The `curl-config --static-libs` command should not output paths like -l/usr/lib/libssl.so, instead print the absolute path without `-l`. This also removes the confusing message "Static linking is broken" which was printed because curl-config --static-libs was disfunctional even though the static libcurl.a library works properly. Fixes https://github.com/curl/curl/issues/841
-
Daniel Stenberg authored
... like when a HTTP/0.9 response comes back without any headers at all and just a body this now prevents that body from being sent to the callback etc. Adapted test 1144 to verify. Fixes #973 Assisted-by: Ray Satiro
-
- Sep 10, 2016
-
-
Daniel Stenberg authored
-
- Sep 09, 2016
-
-
Jakub Zakrzewski authored
This only excludes building unit tests from default build ( 'all' Make target or "Build Solution" in VisualStudio). The projects and Make targets will still be generated and shown in supporting IDEs. Fixes https://github.com/curl/curl/issues/981 Reported-by: Randy Armstrong Closes https://github.com/curl/curl/pull/990
-
Jakub Zakrzewski authored
Detect support for compiler symbol visibility flags and apply those according to CURL_HIDDEN_SYMBOLS option. It should work true to the autotools build except it tries to unhide symbols on Windows when requested and prints warning if it fails. Ref: https://github.com/curl/curl/issues/981#issuecomment-242665951 Reported-by: Daniel Stenberg
-
Daniel Stenberg authored
... by partially reverting f975f060. The allocation could be made by OpenSSL so the free must be made with OPENSSL_free() to avoid problems. Reported-by: Harold Stuart Fixes #1005
-
Daniel Stenberg authored
... by making sure we don't count down the "upload left" counter when the uploaded size is unknown and then it can be allowed to continue forever. Fixes #996
-
- Sep 08, 2016
-
-
Jay Satiro authored
Since we're using CURLE_FTP_WEIRD_SERVER_REPLY in imap, pop3 and smtp as more of a generic "failed to parse" introduce an alias without FTP in the name. Closes https://github.com/curl/curl/pull/975
-
- Sep 07, 2016
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
... as that function slipped through once before.
-
Viktor Szakats authored
This hash is used to verify the original downloaded certificate bundle and also included in the generated bundle's comment header. Also rename related internal symbols to algorithm-agnostic names.
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
- Sep 06, 2016
-
-
Gaurav Malhotra authored
CURLINFO_SSL_VERIFYRESULT does not get the certificate verification result when SSL_connect fails because of a certificate verification error. This fix saves the result of SSL_get_verify_result so that it is returned by CURLINFO_SSL_VERIFYRESULT. Closes https://github.com/curl/curl/pull/995
-
Daniel Gustafsson authored
While noErr and errSecSuccess are defined as the same value, the API documentation states that SecPKCS12Import() returns errSecSuccess if there were no errors in importing. Ensure that a future change of the defined value doesn't break (however unlikely) and be consistent with the API docs.
-
Daniel Gustafsson authored
-
- Sep 05, 2016
-
-
Marcel Raad authored
With OPENSSL_API_COMPAT=0x10100000L (OpenSSL 1.1 API), the cleanup functions are unavailable (they're no-ops anyway in OpenSSL 1.1). The replacements for SSL_load_error_strings, SSLeay_add_ssl_algorithms, and OpenSSL_add_all_algorithms are called automatically [1][2]. SSLeay() is now called OpenSSL_version_num(). [1]: https://www.openssl.org/docs/man1.1.0/ssl/OPENSSL_init_ssl.html [2]: https://www.openssl.org/docs/man1.1.0/crypto/OPENSSL_init_crypto.html Closes #992
-
Daniel Stenberg authored
-
Daniel Stenberg authored
Fixes #982
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Craig Davison authored
CPPPFLAGS is now CPPPFLAG. Fixes CURL_CHECK_DEF. Fixes #958
-
- Sep 04, 2016
-
-
Olivier Brunel authored
Speed limits (from CURLOPT_MAX_RECV_SPEED_LARGE & CURLOPT_MAX_SEND_SPEED_LARGE) were applied simply by comparing limits with the cumulative average speed of the entire transfer; While this might work at times with good/constant connections, in other cases it can result to the limits simply being "ignored" for more than "short bursts" (as told in man page). Consider a download that goes on much slower than the limit for some time (because bandwidth is used elsewhere, server is slow, whatever the reason), then once things get better, curl would simply ignore the limit up until the average speed (since the beginning of the transfer) reached the limit. This could prove the limit useless to effectively avoid using the entire bandwidth (at least for quite some time). So instead, we now use a "moving starting point" as reference, and every time at least as much as the limit as been transferred, we can reset this starting point to the current position. This gets a good limiting effect that applies to the "current speed" with instant reactivity (in case of sudden speed burst). Closes #971
-
- Sep 03, 2016
-
-
Daniel Stenberg authored
-
Mark Hamilton authored
-
Mark Hamilton authored
-
- Sep 01, 2016
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
Especially in regards to the multiplexing part.
-