Skip to content
  1. May 12, 2016
    • Jay Satiro's avatar
      mprintf: Fix processing of width and prec args · 68701e51
      Jay Satiro authored
      Prior to this change a width arg could be erroneously output, and also
      width and precision args could not be used together without crashing.
      
      "%0*d%s", 2, 9, "foo"
      
      Before: "092"
      After: "09foo"
      
      "%*.*s", 5, 2, "foo"
      
      Before: crash
      After: "   fo"
      
      Test 557 is updated to verify this and more
      68701e51
    • Michael Kaufmann's avatar
      ConnectionExists: follow-up fix for proxy re-use · 117a0ffe
      Michael Kaufmann authored
      Follow-up commit to 58231795
      
      Closes #648
      117a0ffe
    • Per Malmberg's avatar
      darwinssl: fix certificate verification disable on OS X 10.8 · 3cf33990
      Per Malmberg authored
      The new way of disabling certificate verification doesn't work on
      Mountain Lion (OS X 10.8) so we need to use the old way in that version
      too. I've tested this solution on versions 10.7.5, 10.8, 10.9, 10.10.2
      and 10.11.
      
      Closes #802
      3cf33990
    • Cory Benfield's avatar
      http2: Add space between colon and header value · 0761a51e
      Cory Benfield authored
      curl's representation of HTTP/2 responses involves transforming the
      response to a format that is similar to HTTP/1.1. Prior to this change,
      curl would do this by separating header names and values with only a
      colon, without introducing a space after the colon.
      
      While this is technically a valid way to represent a HTTP/1.1 header
      block, it is much more common to see a space following the colon. This
      change introduces that space, to ensure that incautious tools are safely
      able to parse the header block.
      
      This also ensures that the difference between the HTTP/1.1 and HTTP/2
      response layout is as minimal as possible.
      
      Bug: https://github.com/curl/curl/issues/797
      
      Closes #798
      Fixes #797
      0761a51e
    • Kamil Dudka's avatar
      openssl: fix compile-time warning in Curl_ossl_check_cxn() · ea06ad2e
      Kamil Dudka authored
      ... introduced in curl-7_48_0-293-g2968c83:
      
      Error: COMPILER_WARNING:
      lib/vtls/openssl.c: scope_hint: In function ‘Curl_ossl_check_cxn’
      lib/vtls/openssl.c:767:15: warning: conversion to ‘int’ from ‘ssize_t’
      may alter its value [-Wconversion]
      ea06ad2e
    • Jay Satiro's avatar
      openssl: stricter connection check function · 2968c839
      Jay Satiro authored
      - In the case of recv error, limit returning 'connection still in place'
      to EINPROGRESS, EAGAIN and EWOULDBLOCK.
      
      This is an improvement on the parent commit which changed the openssl
      connection check to use recv MSG_PEEK instead of SSL_peek.
      
      Ref: https://github.com/curl/curl/commit/856baf5#comments
      2968c839
  2. May 10, 2016
    • Anders Bakken's avatar
      TLS: SSL_peek is not a const operation · 856baf5a
      Anders Bakken authored
      Calling SSL_peek can cause bytes to be read from the raw socket which in
      turn can upset the select machinery that determines whether there's data
      available on the socket.
      
      Since Curl_ossl_check_cxn only tries to determine whether the socket is
      alive and doesn't actually need to see the bytes SSL_peek seems like
      the wrong function to call.
      
      We're able to occasionally reproduce a connect timeout due to this
      bug. What happens is that Curl doesn't know to call SSL_connect again
      after the peek happens since data is buffered in the SSL buffer and thus
      select won't fire for this socket.
      
      Closes #795
      856baf5a
  3. May 09, 2016
    • Daniel Stenberg's avatar
      TLS: move the ALPN/NPN enable bits to the connection · f6767f54
      Daniel Stenberg authored
      Only protocols that actually have a protocol registered for ALPN and NPN
      should try to get that negotiated in the TLS handshake. That is only
      HTTPS (well, http/1.1 and http/2) right now. Previously ALPN and NPN
      would wrongly be used in all handshakes if libcurl was built with it
      enabled.
      
      Reported-by: Jay Satiro
      
      Fixes #789
      f6767f54
  4. May 08, 2016
  5. May 05, 2016
  6. May 03, 2016
  7. May 02, 2016
  8. May 01, 2016
  9. Apr 29, 2016
  10. Apr 28, 2016