Skip to content
  1. Jun 21, 2016
    • Kamil Dudka's avatar
      curl-compilers.m4: improve detection of GCC's -fvisibility= flag · b2dcf034
      Kamil Dudka authored
      Some builds of GCC produce output on both stdout and stderr when --help
      --verbose is used.  The 2>&1 redirection caused them to be arbitrarily
      interleaved with each other because of stream buffering.  Consequently,
      grep failed to match the fvisibility= string in the mixed output, even
      though the string was present in GCC's standard output.
      
      This led to silently disabling symbol hiding in some builds of curl.
      b2dcf034
  2. Jun 19, 2016
  3. Jun 17, 2016
  4. Jun 16, 2016
  5. Jun 15, 2016
  6. Jun 11, 2016
  7. Jun 09, 2016
  8. Jun 08, 2016
  9. Jun 07, 2016
  10. Jun 06, 2016
  11. Jun 05, 2016
  12. Jun 04, 2016
  13. Jun 03, 2016
  14. Jun 01, 2016
    • Benjamin Kircher's avatar
      libcurl-multi.3: fix small typo · 873b4346
      Benjamin Kircher authored
      Closes #850
      873b4346
    • Viktor Szakats's avatar
      makefile.m32: add crypt32 for winssl builds · 55ab64ed
      Viktor Szakats authored
      Dependency added by 6cabd785
      
      Closes #849
      55ab64ed
    • Ivan Avdeev's avatar
      vtls: fix ssl session cache race condition · 31c521b0
      Ivan Avdeev authored
      Sessionid cache management is inseparable from managing individual
      session lifetimes. E.g. for reference-counted sessions (like those in
      SChannel and OpenSSL engines) every session addition and removal
      should be accompanied with refcount increment and decrement
      respectively. Failing to do so synchronously leads to a race condition
      that causes symptoms like use-after-free and memory corruption.
      This commit:
       - makes existing session cache locking explicit, thus allowing
         individual engines to manage lock's scope.
       - fixes OpenSSL and SChannel engines by putting refcount management
         inside this lock's scope in relevant places.
       - adds these explicit locking calls to other engines that use
         sessionid cache to accommodate for this change. Note, however,
         that it is unknown whether any of these engines could also have
         this race.
      
      Bug: https://github.com/curl/curl/issues/815
      Fixes #815
      Closes #847
      31c521b0
    • Andrew Kurushin's avatar
      schannel: add CURLOPT_CERTINFO support · 6cabd785
      Andrew Kurushin authored
      Closes #822
      6cabd785
  15. May 31, 2016
  16. May 30, 2016