Commits · 6ba2e88a642434bd0ffa95465e4a7d034d03ea10 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP curl

28 Apr, 2015 4 commits
- CURLOPT_HEADEROPT: default to separate · 6ba2e88a
  Daniel Stenberg authored Apr 23, 2015
```
Make the HTTP headers separated by default for improved security and
reduced risk for information leakage.

Bug: http://curl.haxx.se/docs/adv_20150429.html
Reported-by: Yehezkel Horowitz, Oren Souroujon
```
  6ba2e88a
- docs/libcurl: Corrected a typo in the CURLOPT_PROXY_SERVICE_NAME documentation · 1f8a337e
  Linus Nielsen authored Apr 28, 2015
  
  1f8a337e
- dist: ship CURLOPT_PROXY_SERVICE_NAME and CURLOPT_SERVICE_NAME · 07412711
  Daniel Stenberg authored Apr 28, 2015
  
  07412711
- Negotiate: custom service names for SPNEGO. · 97c272e5
  Linus Nielsen authored Mar 29, 2015
```
* Add new options, CURLOPT_PROXY_SERVICE_NAME and CURLOPT_SERVICE_NAME.
* Add new curl options, --proxy-service-name and --service-name.
```
  97c272e5
26 Apr, 2015 1 commit
- curl_easy_getinfo.3: document 'internals' in CURLINFO_TLS_SESSION · b55cb2ee
  Daniel Stenberg authored Apr 27, 2015
```
... as it was previouly undocumented what the pointer was.
```
  b55cb2ee
25 Apr, 2015 1 commit

tool: New option --data-raw to HTTP POST data, '@' allowed. · 6a726135

Anthony Avina authored Apr 25, 2015

Add new option --data-raw which is almost the same as --data but does
not have a special interpretation of the @ character.

Prior to this change there was no (easy) way to pass the @ character as
the first character in POST data without it being interpreted as a
special character.

Bug: https://github.com/bagder/curl/issues/198
Reported-by: Jens Rantil

6a726135

24 Apr, 2015 1 commit

ROADMAP.md: extended the HTTP/2 section, reformatted · 49726926

Daniel Stenberg authored Apr 24, 2015

Elaborated on several of the remaining HTTP/2 parts and made document
use a format that ends up nicer on the web page:
http://curl.haxx.se/dev/roadmap.html

49726926

22 Apr, 2015 6 commits
- cyassl: Implement public key pinning · 0675abbc
  Jay Satiro authored Apr 05, 2015
```
Also add public key extraction example to CURLOPT_PINNEDPUBLICKEY doc.
```
  0675abbc
- curl.1: fix typo · 26cbd7a1
  Alessandro Ghedini authored Apr 22, 2015
  
  26cbd7a1
- docs: distribute the CURLOPT_PINNEDPUBLICKEY(3) man page, too · ba474184
  Kamil Dudka authored Apr 22, 2015
  
  ba474184
- nss: implement public key pinning for NSS backend · b47c17d6
  Kamil Dudka authored Mar 25, 2015
```
Bug: https://bugzilla.redhat.com/1195771
```
  b47c17d6
- THANKS: added contributors from 7.42.0 release notes · 00e01fc0
  Daniel Stenberg authored Apr 21, 2015
  
  00e01fc0
- THANKS-filter: a few more alterations to squash · aadda65f
  Daniel Stenberg authored Apr 21, 2015
  
  aadda65f
20 Apr, 2015 1 commit
- CURLOPT_HEADERFUNCTION.3: match parameter name in synopsis and desc · cf2d21d8
  Daniel Stenberg authored Apr 20, 2015
```
Bug: https://github.com/bagder/curl/issues/229
Reported-by: bsammon
```
  cf2d21d8
19 Apr, 2015 1 commit
- CURLMOPT_TIMERFUNCTION.3: Clarify, add an example · cc0e7ebc
  Michael Stapelberg authored Apr 11, 2015
  
  cc0e7ebc
18 Apr, 2015 1 commit
- curl_version_info.3: fixed the 'protocols' variable type · 63c64e05
  Daniel Stenberg authored Apr 18, 2015
```
Reported-by: John Marshall
Bug: https://github.com/bagder/curl/issues/225
```
  63c64e05
17 Apr, 2015 1 commit
- TheArtOfHttpScripting: Multiple URLs + Multiple HTTP methods · b6e47789
  Daniel Stenberg authored Apr 17, 2015
```
... and some minor edits
```
  b6e47789
15 Apr, 2015 5 commits
- TODO: 17.9 Choose the name of file in braces for complex URLs · 1ba6e4c8
  Daniel Stenberg authored Apr 15, 2015
  
  1ba6e4c8
- TODO: a little caution that maybe not all ideas are still good · 8f78794f
  Daniel Stenberg authored Apr 15, 2015
  
  8f78794f
- TODO: 17.8 offer color-coded HTTP header output · 0cbbbbdc
  Daniel Stenberg authored Apr 15, 2015
  
  0cbbbbdc
- TODO: 17.7 warning when sending binary output to terminal · 78843afb
  Daniel Stenberg authored Apr 15, 2015
  
  78843afb
- KNOWN_BUGS: #90 IMAP "SEARCH ALL" truncates output on large boxes · ad48b177
  Daniel Stenberg authored Apr 15, 2015
  
  ad48b177
13 Apr, 2015 1 commit
- BUGS: refer to the github issue tracker now as primary · 9e7125a1
  Daniel Stenberg authored Apr 13, 2015
  
  9e7125a1
31 Mar, 2015 1 commit

CURLOPT_HTTP200ALIASES.3: Mainly SHOUTcast servers use "ICY 200" · c84f0250

Thomas Ruecker authored Mar 31, 2015

Icecast versions 1.3.0 through 1.3.12 would reply with "ICY 200"
under certain conditions:

    client_wants_icy_headers (connection_t *con)
    {
            const char *val;

            if (!con)
                    return 1;

            val = get_user_agent (con);
            if (!val || !val[0] || strcmp (val, "(null)") == 0)
                    return 1;

            if (con->food.client->use_icy)
                    return 1;
            if (strncasecmp (val, "winamp", 6) == 0)
                    return 1;
            if (strncasecmp (val, "Shoutcast", 9) == 0)
                    return 1;

            return 0;
    }

So mainly if there is no 'user agent' or it is '(null)' or contains
'winamp' or 'Shoutcast'.

No mainstream distribution carries Icecast 1.3.x anymore, after all
it was released in 2002 and superseded by Icecast 2.x.

c84f0250

29 Mar, 2015 1 commit

KNOWN_BUGS: 89 is bug #1411 · 31987c34

Daniel Stenberg authored Mar 29, 2015

Disabling pipelining on multi handle with in-progress pipelined requests
leads to heap corruption and crash

31987c34

28 Mar, 2015 1 commit

cyassl: CTX callback cosmetic changes and doc fix · fcdc597b

Jay Satiro authored Mar 28, 2015

- More descriptive fail message for NO_FILESYSTEM builds.
- Cosmetic changes.
- Change more of CURLOPT_SSL_CTX_* doc to not be OpenSSL specific.

fcdc597b

27 Mar, 2015 1 commit

cyassl: add SSL context callback support for CyaSSL · d2feb717

Kyle L. Huff authored Mar 27, 2015

Adds support for CURLOPT_SSL_CTX_FUNCTION when using CyaSSL, and better
handles CyaSSL instances using NO_FILESYSTEM.

d2feb717

24 Mar, 2015 6 commits
- symbols-in-versions: added CURLOPT_PATH_AS_IS · aa5808b5
  Dan Fandrich authored Mar 24, 2015
  
  aa5808b5
- curl_easy_setopt.3: Fix misspelling in CURLOPT_PATH_AS_IS description · 9edf28e1
  Jay Satiro authored Mar 24, 2015
  
  9edf28e1
- CURLOPT_HTTPHEADER.3: fix typo in recent commit · bbd0dd3f
  Viktor Szakáts authored Mar 24, 2015
  
  bbd0dd3f
- CURLOPT_PATH_AS_IS.3: add type 'long' to prototype · e438a9e2
  Viktor Szakáts authored Mar 24, 2015
  
  e438a9e2
- curl_easy_setopt.3: Add CURLOPT_PATH_AS_IS · f6878609
  Daniel Stenberg authored Mar 24, 2015
  
  f6878609
- CURLOPT_PATH_AS_IS: added · 5d232792
  Daniel Stenberg authored Mar 23, 2015
```
--path-as-is is the command line option

Added docs in curl.1 and CURLOPT_PATH_AS_IS.3

Added test in test 1241
```
  5d232792
23 Mar, 2015 1 commit
- curl_easy_recv/send: make them work with the multi interface · ecc4940d
  Yamada Yasuharu authored Mar 23, 2015
```
By making sure Curl_getconnectinfo() uses the correct connection cache
to find the last connection.
```
  ecc4940d
21 Mar, 2015 1 commit
- darwinsssl: add support for TLS False Start · 7f5a1704
  Nick Zitzmann authored Mar 21, 2015
```
TLS False Start support requires iOS 7.0 or later, or OS X 10.9 or later.
```
  7f5a1704
20 Mar, 2015 5 commits
- curl: add --false-start option · 1f651d1d
  Alessandro Ghedini authored Feb 14, 2015
  
  1f651d1d
- url: add CURLOPT_SSL_FALSESTART option · 4dcd25e1
  Alessandro Ghedini authored Feb 14, 2015
```
This option can be used to enable/disable TLS False Start defined in the RFC
draft-bmoeller-tls-falsestart.
```
  4dcd25e1
- gtls: implement CURLOPT_CERTINFO · a332922a
  Alessandro Ghedini authored Mar 20, 2015
  
  a332922a
- CURLOPT_URL.3: spelling! · 9e8f9dbd
  Daniel Stenberg authored Mar 20, 2015
```
Reported-by: Frank Gevaerts
```
  9e8f9dbd
- CURLOPT_URL.3: Added "SECURITY CONCERNS" · 620e0b23
  Daniel Stenberg authored Mar 20, 2015
  
  620e0b23