- May 23, 2016
-
-
Jay Satiro authored
Prior to this change if a GitHub contributor's real name was unknown they would be omitted from the list. Bug: https://github.com/curl/curl/issues/824
-
- May 21, 2016
-
-
Daniel Stenberg authored
-
- May 20, 2016
-
-
Jay Satiro authored
- Free compression methods if OpenSSL 1.0.2 to avoid a memory leak. Bug: https://github.com/curl/curl/issues/817 Reported-by: <jveazey@users.noreply.github.com>
-
Gisle Vanem authored
While compiling lib/curl_multibyte.c with '-DUSE_WIN32_IDN' etc. I was getting: f:\mingw32\src\inet\curl\lib\memdebug.h(38): error C2054: expected '(' to follow 'CURL_EXTERN' f:\mingw32\src\inet\curl\lib\memdebug.h(38): error C2085: 'curl_domalloc': not in formal parameter list
-
Daniel Stenberg authored
-
Jan Ehrhardt authored
Closes #818
-
Alexander Traud authored
Closes #821
-
Michael Kaufmann authored
The connect-to list isn't copied so as long as the handle may be used for a transfer the list must be valid. Bug: https://github.com/curl/curl/pull/819 Reported-by: Michael Kaufmann
-
- May 19, 2016
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
See OpenSSL commit 21e001747d4a
-
Daniel Stenberg authored
... when generating them, not "2.0" as the protocol is called just HTTP/2 and nothing else.
-
Jay Satiro authored
Closes https://github.com/curl/curl/pull/816
-
- May 18, 2016
-
-
Steve Holme authored
-
Daniel Stenberg authored
The preprocessor check that sets up the 32bit defines for non-configure builds didn't work properly for MIPS systems as __mips__ is defined for both 32bit and 64bit. Now __LP64__ is also checked and indicates 64bit. Reported-by: Tomas Jakobsson Fixes #813
-
Marcel Raad authored
For the Windows XP toolset of Visual C++ 2013/2015, the old Windows SDK 7.1 is used. In this case, _USING_V110_SDK71_ is defined. Closes #812
-
Daniel Stenberg authored
Reported-by: Paul Howarth Bug: https://curl.haxx.se/mail/lib-2016-05/0116.html
-
Daniel Stenberg authored
Reported-by: Ray Satiro Bug: https://curl.haxx.se/mail/lib-2016-05/0113.html
-
- May 17, 2016
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
...as otherwise the TLS libs will skip the CN/SAN check and just allow connection to any server. curl previously skipped this function when SNI wasn't used or when connecting to an IP address specified host. CVE-2016-3739 Bug: https://curl.haxx.se/docs/adv_20160518A.html Reported-by: Moti Avrahami
-
Frank Gevaerts authored
Closes #811
-
Daniel Stenberg authored
-
Daniel Stenberg authored
Closes #762
-
Daniel Stenberg authored
-
Daniel Stenberg authored
CID 1361815: Explicit null dereferenced (FORWARD_NULL)
-
Daniel Stenberg authored
CID 1361811: Explicit null dereferenced (FORWARD_NULL)
-
Daniel Stenberg authored
CID 1024412: Memory - illegal accesses (OVERRUN). Claimed to happen when we run over 'workend' but the condition says <= workend and for all I can see it should be safe. Compensating for the warning by adding a byte margin in the buffer. Also, removed the extra brace level indentation in the code and made it so that 'workend' is only assigned once within the function.
-
- May 16, 2016
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Jay Satiro authored
- Return value type must match function type. s/CURLM_OUT_OF_MEMORY/CURLE_OUT_OF_MEMORY/ Caught by Travis CI
-
- May 14, 2016
-
-
Daniel Stenberg authored
The proper FTP wildcard init is now more properly done in Curl_pretransfer() and the corresponding cleanup in Curl_close(). The previous place of init/cleanup code made the internal pointer to be NULL when this feature was used with the multi_socket() API, as it was made within the curl_multi_perform() function. Reported-by: Jonathan Cardoso Machado Fixes #800
-
- May 13, 2016
-
-
Jay Satiro authored
Because the old OpenSSL link now redirects to their master documentation (currently 1.1.0), which does not document the required actions for OpenSSL <= 1.0.2.
-
Viktor Szakats authored
-
- May 12, 2016
-
-
Daniel Stenberg authored
Added 8 bug fixes and 5 more contrbutors
-
Jay Satiro authored
Prior to this change a width arg could be erroneously output, and also width and precision args could not be used together without crashing. "%0*d%s", 2, 9, "foo" Before: "092" After: "09foo" "%*.*s", 5, 2, "foo" Before: crash After: " fo" Test 557 is updated to verify this and more
-
Michael Kaufmann authored
Follow-up commit to 58231795 Closes #648
-
Per Malmberg authored
The new way of disabling certificate verification doesn't work on Mountain Lion (OS X 10.8) so we need to use the old way in that version too. I've tested this solution on versions 10.7.5, 10.8, 10.9, 10.10.2 and 10.11. Closes #802
-
Cory Benfield authored
curl's representation of HTTP/2 responses involves transforming the response to a format that is similar to HTTP/1.1. Prior to this change, curl would do this by separating header names and values with only a colon, without introducing a space after the colon. While this is technically a valid way to represent a HTTP/1.1 header block, it is much more common to see a space following the colon. This change introduces that space, to ensure that incautious tools are safely able to parse the header block. This also ensures that the difference between the HTTP/1.1 and HTTP/2 response layout is as minimal as possible. Bug: https://github.com/curl/curl/issues/797 Closes #798 Fixes #797
-
Kamil Dudka authored
... introduced in curl-7_48_0-293-g2968c83: Error: COMPILER_WARNING: lib/vtls/openssl.c: scope_hint: In function ‘Curl_ossl_check_cxn’ lib/vtls/openssl.c:767:15: warning: conversion to ‘int’ from ‘ssize_t’ may alter its value [-Wconversion]
-
Jay Satiro authored
- In the case of recv error, limit returning 'connection still in place' to EINPROGRESS, EAGAIN and EWOULDBLOCK. This is an improvement on the parent commit which changed the openssl connection check to use recv MSG_PEEK instead of SSL_peek. Ref: https://github.com/curl/curl/commit/856baf5#comments
-