Skip to content
  1. Nov 25, 2018
    • Jay Satiro's avatar
      schannel: allow verifyhost independently of verifypeer · 84943742
      Jay Satiro authored
      Prior to this change if the user disabled the verify peer check then no
      host check was done. Empirical testing shows
      SCH_CRED_MANUAL_CRED_VALIDATION, which we use when peer verification is
      disabled, also disables hostname verification.
      
      In Windows < 8 our manual host verification check (ie the check used
      when CA info is specified, or peer verification is disabled, or WinCE is
      the OS) for schannel continues to only check the first subject alternate
      name, and not all the names, since there is no easy way supported by the
      API. It looks possible to do just more work, and should be addressed
      separately.
      
      Assisted-by: Daniel Stenberg
      Reported-by: Martin Galvan
      
      Fixes #3284
      Closes #3285
      Closes #xxxx
      84943742
  2. Nov 18, 2018
    • Daniel Gustafsson's avatar
      tool_doswin: Fix uninitialized field warning · b88bf6e6
      Daniel Gustafsson authored
      The partial struct initialization in 397664a0
      
       caused
      a warning on uninitialized MODULEENTRY32 struct members:
      
        /src/tool_doswin.c:681:3: warning: missing initializer for field
        'th32ModuleID' of 'MODULEENTRY32 {aka struct tagMODULEENTRY32}'
        [-Wmissing-field-initializers]
      
      This is sort of a bogus warning as the remaining members will be set
      to zero by the compiler, as all omitted members are. Nevertheless,
      remove the warning by omitting all members and setting the dwSize
      members explicitly.
      
      Closes #3254
      Reviewed-by: default avatarMarcel Raad <Marcel.Raad@teamviewer.com>
      Reviewed-by: default avatarJay Satiro <raysatiro@yahoo.com>
      b88bf6e6
  3. Nov 17, 2018
  4. Nov 16, 2018
  5. Nov 15, 2018
  6. Nov 13, 2018
  7. Nov 12, 2018
  8. Nov 10, 2018
  9. Nov 09, 2018
  10. Nov 08, 2018
  11. Nov 07, 2018
  12. Nov 06, 2018
    • Daniel Stenberg's avatar
      url: a short host name + port is not a scheme · 9df8dc10
      Daniel Stenberg authored
      The function identifying a leading "scheme" part of the URL considered a
      few letters ending with a colon to be a scheme, making something like
      "short:80" to become an unknown scheme instead of a short host name and
      a port number.
      
      Extended test 1560 to verify.
      
      Also fixed test203 to use file_pwd to make it get the correct path on
      windows. Removed test 2070 since it was a duplicate of 203.
      
      Assisted-by: Marcel Raad
      Reported-by: Hagai Auro
      Fixes #3220
      Fixes #3233
      Closes #3223
      Closes #3235
      9df8dc10
    • Sangamkar's avatar
      libcurl: stop reading from paused transfers · 74f47823
      Sangamkar authored
      In the transfer loop it would previously not acknwledge the pause bit
      and continue until drained or loop ended.
      
      Closes #3240
      74f47823
    • Jay Satiro's avatar
      tool: add undocumented option --dump-module-paths for win32 · 397664a0
      Jay Satiro authored
      - Add an undocumented diagnostic option for Windows to show the full
        paths of all loaded modules regardless of whether or not libcurl
        initialization succeeds.
      
      This is needed so that in the CI we can get a list of all DLL
      dependencies after initialization (when they're most likely to have
      finished loading) and then package them as artifacts so that a
      functioning build can be downloaded. Also I imagine it may have some use
      as a diagnostic for help requests.
      
      Ref: https://github.com/curl/curl/pull/3103
      
      Closes https://github.com/curl/curl/pull/3208
      397664a0
    • Jay Satiro's avatar
      curl_multibyte: fix a malloc overcalculation · 28429fb1
      Jay Satiro authored
      Prior to this change twice as many bytes as necessary were malloc'd when
      converting wchar to UTF8. To allay confusion in the future I also
      changed the variable name for the amount of bytes from len to bytes.
      
      Closes https://github.com/curl/curl/pull/3209
      28429fb1
  13. Nov 05, 2018
  14. Nov 04, 2018
  15. Nov 03, 2018
    • Daniel Gustafsson's avatar
      infof: clearly indicate truncation · c37b66aa
      Daniel Gustafsson authored
      
      
      The internal buffer in infof() is limited to 2048 bytes of payload plus
      an additional byte for NULL termination. Servers with very long error
      messages can however cause truncation of the string, which currently
      isn't very clear, and leads to badly formatted output.
      
      This appends a "...\n" (or just "..." in case the format didn't with a
      newline char) marker to the end of the string to clearly show
      that it has been truncated.
      
      Also include a unittest covering infof() to try and catch any bugs
      introduced in this quite important function.
      
      Closes #3216
      Reviewed-by: default avatarDaniel Stenberg <daniel@haxx.se>
      Reviewed-by: default avatarMarcel Raad <Marcel.Raad@teamviewer.com>
      c37b66aa