- Jun 11, 2019
-
-
sergey-raevskiy authored
Reviewed-by: Jakub Zakrzewski Closes #3770
-
Daniel Stenberg authored
-
Daniel Stenberg authored
... in http2-less builds as it served no use.
-
Daniel Stenberg authored
... actual support in the code for disabling these has already landed. Closes #4009
-
Daniel Stenberg authored
follow-up from deb9462f
-
- Jun 10, 2019
-
-
Daniel Stenberg authored
Moved away the callback explanation from curl_multi_socket_action.3 and expanded it somewhat. Closes #4006
-
Daniel Stenberg authored
follow-up from deb9462f Closes #4007
-
Daniel Stenberg authored
Clarify the functionality when built to use Schannel and Secure Transport and stop calling it the "recommended" or "preferred" way and instead rather call it the default. Removed the reference to the ssl comparison table as it isn't necessary. Reported-by: Richard Alcock Bug: https://curl.haxx.se/mail/lib-2019-06/0019.html Closes #4005
-
Daniel Stenberg authored
Brief security policy description for use/display on github.
-
Daniel Gustafsson authored
Commit 61faa0b4 fixed the progress bar width calculation to avoid integer overflow, but failed to account for the fact that initial_size is initialized to -1 when the file size is retrieved from the remote on an upload, causing another signed integer overflow. Fix by separately checking for this case before the width calculation. Closes #3984 Reported-by: Brian Carpenter (Geeknik Labs) Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
Daniel Stenberg authored
Remove support for, references to and use of "cyaSSL" from the source and docs. wolfSSL is the current name and there's no point in keeping references to ancient history. Assisted-by: Daniel Gustafsson Closes #3903
-
Daniel Stenberg authored
-
Daniel Stenberg authored
Reported-by: Alex Grebenschikov Fixes #3993 Closes #4002
-
- Jun 09, 2019
-
-
Daniel Stenberg authored
Since more than one socket can be used by each transfer at a given time, each sockhash entry how has its own hash table with transfers using that socket. In addition, the sockhash entry can now be marked 'blocked = TRUE'" which then makes the delete function just set 'removed = TRUE' instead of removing it "for real", as a way to not rip out the carpet under the feet of a parent function that iterates over the transfers of that same sockhash entry. Reported-by: Tom van der Woerdt Fixes #3961 Fixes #3986 Fixes #3995 Fixes #4004 Closes #3997
-
Sorcus authored
Fixed-by: MrSorcus on github Closes #4000
-
Daniel Stenberg authored
... so that timeouts or other state machine actions get going again after a changing pause state. For example, if the last delivery was paused there's no pending socket activity. Reported-by: sstruchtrup on github Fixes #3994 Closes #4001
-
Marcel Raad authored
I missed that in commit 99a49d66.
-
Marcel Raad authored
Closes https://github.com/curl/curl/pull/3999
-
- Jun 08, 2019
-
-
Daniel Stenberg authored
-
- Jun 05, 2019
-
-
Marcel Raad authored
Compilers and static analyzers warn about using C-style casts here. Closes https://github.com/curl/curl/pull/3975
-
Marcel Raad authored
As want is size_t, (file->buffer_pos - want) is unsigned, so checking if it's less than zero makes no sense. Check if file->buffer_pos is less than want instead to avoid the unsigned integer wraparound. Closes https://github.com/curl/curl/pull/3975
-
Marcel Raad authored
Reduce variable scopes and remove redundant variable stores. Closes https://github.com/curl/curl/pull/3975
-
Marcel Raad authored
Unused since commit 2f44e94e. Closes https://github.com/curl/curl/pull/3975
-
- Jun 04, 2019
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Frank Gevaerts authored
These are for features that used to be openssl-only but were expanded over time to support other SSL backends. Closes #3985
-
Daniel Stenberg authored
Reported-by: Carlos ORyan
-
Steve Holme authored
GetModuleFileName() returns a DWORD which is a typedef of an unsigned long and not an int. Closes #3980
-
- Jun 03, 2019
-
-
Daniel Stenberg authored
Suggested-by: dkwolfe4 on github Closes #3920
-
- Jun 02, 2019
-
-
Steve Holme authored
Missed in 04fd6755. Closes #3978
-
Steve Holme authored
Follow-up to 8144ba38. Detected by Coverity CID 1445663 Closes #3976
-
Sergey Ogryzkov authored
Closes #3972
-
Daniel Stenberg authored
Verifies that a bodyless response don't parse this content-related header.
-
Michael Kaufmann authored
Responses with status codes 1xx, 204 or 304 don't have a response body. For these, don't parse these headers: - Content-Encoding - Content-Length - Content-Range - Last-Modified - Transfer-Encoding This change ensures that HTTP/2 upgrades work even if a "Content-Length: 0" or a "Transfer-Encoding: chunked" header is present. Co-authored-by: Daniel Stenberg Closes #3702 Fixes #3968 Closes #3977
-
Daniel Stenberg authored
Reported-by: Jay Satiro Co-authored-by: Jay Satiro Fixes #3938 Closes #3946
-
- Jun 01, 2019
-
-
Daniel Stenberg authored
Reported-by: wesinator at github Fixes #3964 Closes #3974
-
Daniel Stenberg authored
An inner loop within the singlesocket() function wrongly re-used the variable for the outer loop which then could cause an infinite loop. Change to using a separate variable! Reported-by: Eric Wu Fixes #3970 Closes #3973
-
- May 31, 2019
-
-
Daniel Stenberg authored
-
- May 29, 2019
-
-
Josie Huddleston authored
Various functions called within Curl_http2_done() can have the side-effect of setting the Easy connection into drain mode (by calling drain_this()). However, the last time we unset this for a transfer (by calling drained_transfer()) is at the beginning of Curl_http2_done(). If the Curl_easy is reused for another transfer, it is then stuck in drain mode permanently, which in practice makes it unable to write any data in the new transfer. This fix moves the last call to drained_transfer() to later in Curl_http2_done(), after the functions that could potentially call for a drain. Fixes #3966 Closes #3967 Reported-by: Josie-H
-
Steve Holme authored
We trust the calling code as this is an internal function. Closes #3962
-