- May 21, 2019
-
-
Marcel Raad authored
Fixes Codacy/CppCheck warnings. Closes
-
Daniel Gustafsson authored
When compiling without getpeername() or getsockname(), the sockfd paramter to Curl_udpateconninfo() became unused after commit e91e4816 added ifdef guards. Closes #3910 Fixes https://curl.haxx.se/dev/log.cgi?id=20190520172441-32196 Reviewed-by: Marcel Raad, Daniel Stenberg
-
Daniel Gustafsson authored
Commit e91e4816 moved ftp_ccc in under the FTP featureflag in the UserDefined struct, but vtls callsites were still using it unprotected. Closes #3912 Fixes: https://curl.haxx.se/dev/log.cgi?id=20190520044705-29865 Reviewed-by: Daniel Stenberg, Marcel Raad
-
- May 20, 2019
-
-
Daniel Stenberg authored
Reported-by: Olen Andoni Fixes #3906 Closes #3907
-
Guy Poizat authored
Closes #3892
-
Daniel Stenberg authored
Ref: #3905
-
Omar Ramadan authored
The longest currently registered URI scheme at IANA is 36 bytes long. Closes #3905 Closes #3900
-
Marcel Raad authored
Fixes Codacy/CppCheck warnings. Closes https://github.com/curl/curl/pull/3872
-
Marcel Raad authored
Just initialize word_begin with the correct value. Closes https://github.com/curl/curl/pull/3873
-
Marcel Raad authored
This way, we need only one call to free. Closes https://github.com/curl/curl/pull/3873
-
Marcel Raad authored
sock was only used to be assigned to fd_read. Closes https://github.com/curl/curl/pull/3873
-
Daniel Stenberg authored
-
Daniel Stenberg authored
bug: https://curl.haxx.se/docs/CVE-2019-5436.html Reported-by: l00p3r on hackerone CVE-2019-5436
-
- May 19, 2019
-
-
Daniel Gustafsson authored
When running a multi TLS backend build the version string needs more buffer space. Make the internal ssl_buffer stack buffer match the one in Curl_multissl_version() to allow for the longer string. For single TLS backend builds there is no use in extended to buffer. This is a fallout from #3863 which fixes up the multi_ssl string generation to avoid a buffer overflow when the buffer is too small. Closes #3875 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
- May 18, 2019
-
-
Steve Holme authored
Currently when the server responds with 401 on NTLM authenticated connection (re-used) we consider it to have failed. However this is legitimate and may happen when for example IIS is set configured to 'authPersistSingleRequest' or when the request goes thru a proxy (with 'via' header). Implemented by imploying an additional state once a connection is re-used to indicate that if we receive 401 we need to restart authentication. Missed in fe6049f0.
-
Steve Holme authored
Missed in 50b87c4e.
-
Steve Holme authored
Missed in fe20826b as it wasn't implemented in http.c in b4d6db83. Closes #3894
-
Daniel Stenberg authored
Closes #3844
-
- May 17, 2019
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
- May 16, 2019
-
-
Viktor Szakats authored
Approved-by: Daniel Stenberg Closes #3896
-
Viktor Szakats authored
Ref: https://github.com/curl/curl/commit/0af41b40b2c7bd379b2251cbe7cd618e21fa0ea1#commitcomment-33563135 Approved-by: Daniel Stenberg Closes #3895
-
Daniel Stenberg authored
Closes #3887
-
Daniel Stenberg authored
They serve very little purpose and mostly just add noise. Most of them have been around for a very long time. I read them all before removing or rephrasing them. Ref: #3876 Closes #3883
-
Daniel Stenberg authored
... since libcurl has started to be totally unaware of options for disabled protocols they now return error. Bug: https://github.com/curl/curl/commit/c9c5304dd4747cbe75d2f24be85920d572fcb5b8#commitcomment-33533937 Reported-by: Marcel Raad Closes #3886
-
- May 15, 2019
-
-
Steve Holme authored
This brings the code inline with the other HTTP authentication mechanisms. Closes #3890
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
Reported-by: Roy Bellingan Bug: #3885
-
Daniel Stenberg authored
As we treat a given proxy as a URL we should use the unified URL parser to extract the parts out of it. Closes #3878
-
- May 14, 2019
-
-
Steve Holme authored
Given that this member variable is not used by the SASL based protocols there is no need to have it here. Closes #3882
-
Steve Holme authored
Given that this member variable is not used by the SASL based protocols there is no need to have it here.
-
Steve Holme authored
-
Steve Holme authored
Given that Curl_disconnect() calls Curl_http_auth_cleanup_ntlm() prior to calling conn_shutdown() and it in turn performs this, there is no need to perform the same action in conn_shutdown(). Closes #3881
-
Daniel Stenberg authored
Updated test 1560 to verify. Closes #3880
-
Daniel Stenberg authored
If --with-ssl is used and configure still couldn't enable SSL this creates an error instead of just silently ignoring the fact. Suggested-by: Isaiah Norton Fixes #3824 Closes #3830
-
Daniel Gustafsson authored
-
Steve Holme authored
No need to set variables to zero as calloc() does this for us. Closes #3879
-