Skip to content
  1. Jun 22, 2016
  2. Jun 21, 2016
  3. Jun 19, 2016
  4. Jun 17, 2016
  5. Jun 16, 2016
  6. Jun 15, 2016
  7. Jun 11, 2016
  8. Jun 09, 2016
  9. Jun 08, 2016
  10. Jun 07, 2016
  11. Jun 06, 2016
  12. Jun 05, 2016
  13. Jun 04, 2016
  14. Jun 03, 2016
  15. Jun 01, 2016
    • Benjamin Kircher's avatar
      libcurl-multi.3: fix small typo · 873b4346
      Benjamin Kircher authored
      Closes #850
      873b4346
    • Viktor Szakats's avatar
      makefile.m32: add crypt32 for winssl builds · 55ab64ed
      Viktor Szakats authored
      Dependency added by 6cabd785
      
      Closes #849
      55ab64ed
    • Ivan Avdeev's avatar
      vtls: fix ssl session cache race condition · 31c521b0
      Ivan Avdeev authored
      Sessionid cache management is inseparable from managing individual
      session lifetimes. E.g. for reference-counted sessions (like those in
      SChannel and OpenSSL engines) every session addition and removal
      should be accompanied with refcount increment and decrement
      respectively. Failing to do so synchronously leads to a race condition
      that causes symptoms like use-after-free and memory corruption.
      This commit:
       - makes existing session cache locking explicit, thus allowing
         individual engines to manage lock's scope.
       - fixes OpenSSL and SChannel engines by putting refcount management
         inside this lock's scope in relevant places.
       - adds these explicit locking calls to other engines that use
         sessionid cache to accommodate for this change. Note, however,
         that it is unknown whether any of these engines could also have
         this race.
      
      Bug: https://github.com/curl/curl/issues/815
      Fixes #815
      Closes #847
      31c521b0