- May 20, 2016
-
-
Jan Ehrhardt authored
Closes #818
-
Alexander Traud authored
Closes #821
-
Michael Kaufmann authored
The connect-to list isn't copied so as long as the handle may be used for a transfer the list must be valid. Bug: https://github.com/curl/curl/pull/819 Reported-by: Michael Kaufmann
-
- May 19, 2016
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
See OpenSSL commit 21e001747d4a
-
Daniel Stenberg authored
... when generating them, not "2.0" as the protocol is called just HTTP/2 and nothing else.
-
Jay Satiro authored
Closes https://github.com/curl/curl/pull/816
-
- May 18, 2016
-
-
Steve Holme authored
-
Daniel Stenberg authored
The preprocessor check that sets up the 32bit defines for non-configure builds didn't work properly for MIPS systems as __mips__ is defined for both 32bit and 64bit. Now __LP64__ is also checked and indicates 64bit. Reported-by: Tomas Jakobsson Fixes #813
-
Marcel Raad authored
For the Windows XP toolset of Visual C++ 2013/2015, the old Windows SDK 7.1 is used. In this case, _USING_V110_SDK71_ is defined. Closes #812
-
Daniel Stenberg authored
Reported-by: Paul Howarth Bug: https://curl.haxx.se/mail/lib-2016-05/0116.html
-
Daniel Stenberg authored
Reported-by: Ray Satiro Bug: https://curl.haxx.se/mail/lib-2016-05/0113.html
-
- May 17, 2016
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
...as otherwise the TLS libs will skip the CN/SAN check and just allow connection to any server. curl previously skipped this function when SNI wasn't used or when connecting to an IP address specified host. CVE-2016-3739 Bug: https://curl.haxx.se/docs/adv_20160518A.html Reported-by: Moti Avrahami
-
Frank Gevaerts authored
Closes #811
-
Daniel Stenberg authored
-
Daniel Stenberg authored
Closes #762
-
Daniel Stenberg authored
-
Daniel Stenberg authored
CID 1361815: Explicit null dereferenced (FORWARD_NULL)
-
Daniel Stenberg authored
CID 1361811: Explicit null dereferenced (FORWARD_NULL)
-
Daniel Stenberg authored
CID 1024412: Memory - illegal accesses (OVERRUN). Claimed to happen when we run over 'workend' but the condition says <= workend and for all I can see it should be safe. Compensating for the warning by adding a byte margin in the buffer. Also, removed the extra brace level indentation in the code and made it so that 'workend' is only assigned once within the function.
-
- May 16, 2016
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Jay Satiro authored
- Return value type must match function type. s/CURLM_OUT_OF_MEMORY/CURLE_OUT_OF_MEMORY/ Caught by Travis CI
-
- May 14, 2016
-
-
Daniel Stenberg authored
The proper FTP wildcard init is now more properly done in Curl_pretransfer() and the corresponding cleanup in Curl_close(). The previous place of init/cleanup code made the internal pointer to be NULL when this feature was used with the multi_socket() API, as it was made within the curl_multi_perform() function. Reported-by: Jonathan Cardoso Machado Fixes #800
-
- May 13, 2016
-
-
Jay Satiro authored
Because the old OpenSSL link now redirects to their master documentation (currently 1.1.0), which does not document the required actions for OpenSSL <= 1.0.2.
-
Viktor Szakats authored
-
- May 12, 2016
-
-
Daniel Stenberg authored
Added 8 bug fixes and 5 more contrbutors
-
Jay Satiro authored
Prior to this change a width arg could be erroneously output, and also width and precision args could not be used together without crashing. "%0*d%s", 2, 9, "foo" Before: "092" After: "09foo" "%*.*s", 5, 2, "foo" Before: crash After: " fo" Test 557 is updated to verify this and more
-
Michael Kaufmann authored
Follow-up commit to 58231795 Closes #648
-
Per Malmberg authored
The new way of disabling certificate verification doesn't work on Mountain Lion (OS X 10.8) so we need to use the old way in that version too. I've tested this solution on versions 10.7.5, 10.8, 10.9, 10.10.2 and 10.11. Closes #802
-
Cory Benfield authored
curl's representation of HTTP/2 responses involves transforming the response to a format that is similar to HTTP/1.1. Prior to this change, curl would do this by separating header names and values with only a colon, without introducing a space after the colon. While this is technically a valid way to represent a HTTP/1.1 header block, it is much more common to see a space following the colon. This change introduces that space, to ensure that incautious tools are safely able to parse the header block. This also ensures that the difference between the HTTP/1.1 and HTTP/2 response layout is as minimal as possible. Bug: https://github.com/curl/curl/issues/797 Closes #798 Fixes #797
-
Kamil Dudka authored
... introduced in curl-7_48_0-293-g2968c83: Error: COMPILER_WARNING: lib/vtls/openssl.c: scope_hint: In function ‘Curl_ossl_check_cxn’ lib/vtls/openssl.c:767:15: warning: conversion to ‘int’ from ‘ssize_t’ may alter its value [-Wconversion]
-
Jay Satiro authored
- In the case of recv error, limit returning 'connection still in place' to EINPROGRESS, EAGAIN and EWOULDBLOCK. This is an improvement on the parent commit which changed the openssl connection check to use recv MSG_PEEK instead of SSL_peek. Ref: https://github.com/curl/curl/commit/856baf5#comments
-
- May 10, 2016
-
-
Anders Bakken authored
Calling SSL_peek can cause bytes to be read from the raw socket which in turn can upset the select machinery that determines whether there's data available on the socket. Since Curl_ossl_check_cxn only tries to determine whether the socket is alive and doesn't actually need to see the bytes SSL_peek seems like the wrong function to call. We're able to occasionally reproduce a connect timeout due to this bug. What happens is that Curl doesn't know to call SSL_connect again after the peek happens since data is buffered in the SSL buffer and thus select won't fire for this socket. Closes #795
-
- May 09, 2016
-
-
Daniel Stenberg authored
Only protocols that actually have a protocol registered for ALPN and NPN should try to get that negotiated in the TLS handshake. That is only HTTPS (well, http/1.1 and http/2) right now. Previously ALPN and NPN would wrongly be used in all handshakes if libcurl was built with it enabled. Reported-by: Jay Satiro Fixes #789
-
- May 08, 2016
-
-
Daniel Stenberg authored
-
Antonio Larrosa authored
Sometimes, in systems with both ipv4 and ipv6 addresses but where the network doesn't support ipv6, Curl_is_connected returns an error (intermittently) even if the ipv4 socket connects successfully. This happens because there's a for-loop that iterates on the sockets but the error variable is not resetted when the ipv4 is checked and is ok. This patch fixes this problem by setting error to 0 when checking the second socket and not having a result yet. Fixes #794
-
- May 05, 2016
-
-
Jay Satiro authored
-