- Feb 09, 2016
-
-
Jay Satiro authored
For example something like --output \\?\C:\foo
-
Daniel Stenberg authored
-
David Benjamin authored
As of https://boringssl-review.googlesource.com/#/c/6980/, almost all of BoringSSL #ifdefs in cURL should be unnecessary: - BoringSSL provides no-op stubs for compatibility which replaces most #ifdefs. - DES_set_odd_parity has been in BoringSSL for nearly a year now. Remove the compatibility codepath. - With a small tweak to an extend_key_56_to_64 call, the NTLM code builds fine. - Switch OCSP-related #ifdefs to the more generally useful OPENSSL_NO_OCSP. The only #ifdefs which remain are Curl_ossl_version and the #undefs to work around OpenSSL and wincrypt.h name conflicts. (BoringSSL leaves that to the consumer. The in-header workaround makes things sensitive to include order.) This change errs on the side of removing conditionals despite many of the restored codepaths being no-ops. (BoringSSL generally adds no-op compatibility stubs when possible. OPENSSL_VERSION_NUMBER #ifdefs are bad enough!) Closes #640
-
- Feb 08, 2016
-
-
Jay Satiro authored
-
Jay Satiro authored
Allow --output to reserved dos device names without the device prefix for backwards compatibility. Example: --output NUL can be used instead of --output \\.\NUL Bug: https://github.com/curl/curl/commit/4520534#commitcomment-15954863 Reported-by: Gisle Vanem
-
Daniel Stenberg authored
It turns out Firefox and Chrome both allow spaces in cookie names and there are sites out there using that. Turned out the code meant to strip off trailing space from cookie names didn't work. Fixed now. Test case 8 modified to verify both these changes. Closes #639
-
Patrick Monnerat authored
-
Patrick Monnerat authored
-
Ludwig Nussel authored
-
Ludwig Nussel authored
When trying to verify a peer without having any root CA certificates set, this makes libcurl use the TLS library's built in default as fallback. Closes #569
-
Daniel Stenberg authored
RFC 7230 says we should stop. Firefox already stopped. Bug: https://github.com/curl/curl/issues/633 Reported-By: Brad Fitzpatrick Closes #633
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
... as we're HTTPS on the main site now, there's no point in that extra step
-
Daniel Stenberg authored
-
Jay Satiro authored
Extract the filename from the last slash or backslash. Prior to this change backslashes could be part of the filename. This change needed for the curl tool built for Cygwin. Refer to the CYGWIN addendum in advisory 20160127B. Bug: https://curl.haxx.se/docs/adv_20160127B.html
-
- Feb 07, 2016
-
-
Daniel Stenberg authored
-
Jay Satiro authored
sk_X509_EXTENSION_num may return an unsigned integer, however the value will fit in an int. Bug: https://github.com/curl/curl/commit/dd1b44c#commitcomment-15913896 Reported-by: Gisle Vanem
-
- Feb 06, 2016
-
-
Daniel Stenberg authored
-
Michael Kaufmann authored
.. also fix a conversion bug in the unused function curl_win32_ascii_to_idn(). And remove wprintfs on error (Jay). Bug: https://github.com/curl/curl/pull/637
-
Gisle Vanem authored
closesocket => close_socket Winsock already has the former. Bug: https://curl.haxx.se/mail/lib-2016-02/0016.html
-
Gisle Vanem authored
Bug: https://curl.haxx.se/mail/lib-2016-02/0017.html
-
Daniel Stenberg authored
... done on request and as it is a fair point.
-
- Feb 05, 2016
-
-
Jay Satiro authored
-
Jay Satiro authored
-
Jay Satiro authored
- Add unit test 1604 to test the sanitize_file_name function. - Use -DCURL_STATICLIB when building libcurltool for unit testing. - Better detection of reserved DOS device names. - New flags to modify sanitize behavior: SANITIZE_ALLOW_COLONS: Allow colons SANITIZE_ALLOW_PATH: Allow path separators and colons SANITIZE_ALLOW_RESERVED: Allow reserved device names SANITIZE_ALLOW_TRUNCATE: Allow truncating a long filename - Restore sanitization of banned characters from user-specified outfile. Prior to this commit sanitization of a user-specified outfile was temporarily disabled in 2b6dadc5 because there was no way to allow path separators and colons through while replacing other banned characters. Now in such a case we call the sanitize function with SANITIZE_ALLOW_PATH which allows path separators and colons to pass through. Closes https://github.com/curl/curl/issues/624 Reported-by: Octavio Schroeder
-
- Feb 04, 2016
-
-
Viktor Szakats authored
-
Jay Satiro authored
Free an existing domain before replacing it. Bug: https://github.com/curl/curl/issues/635 Reported-by: <silveja1@users.noreply.github.com>
-
Viktor Szakats authored
Closes #632
-
- Feb 03, 2016
-
-
Daniel Stenberg authored
I removed the scheme prefix from the URLs references this host name, as we don't own/run that anymore but the name is kept for historic reasons.
-
Daniel Stenberg authored
-
Viktor Szakats authored
-
Dan Fandrich authored
-
- Feb 02, 2016
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
It isn't used by the code in current conditions but for safety it seems sensible to at least not crash on such input. Extended unit test 1395 to verify this too as well as a plain "/" input.
-
- Feb 01, 2016
-
-
Daniel Stenberg authored
-
Sergei Nikulov authored
Closes #621
-
Jay Satiro authored
Due to path separators being incorrectly sanitized in --output pathnames, eg -o c:\foo => c__foo This is a partial revert of 3017d8a8 until I write a proper fix. The remote-name will continue to be sanitized, but if the user specified an --output with string replacement (#1, #2, etc) that data is unsanitized until I finish a fix. Bug: https://github.com/bagder/curl/issues/624 Reported-by: Octavio Schroeder
-