- Oct 01, 2018
-
-
Daniel Stenberg authored
Follow-up to 570008c9 as it gets link errors. Reported-by: Michael Kaufmann Closes #3068
-
Nate Prewitt authored
Noticed a typo reading through the docs. Closes #3069
-
- Sep 30, 2018
-
-
Daniel Stenberg authored
The DoH spec says "HTTP/2 [RFC7540] is the minimum RECOMMENDED version of HTTP for use with DoH". Reported-by: Marcel Raad Closes #3066
-
- Sep 29, 2018
-
-
Daniel Stenberg authored
Reported-by: Marcel Raad Fixes #3064 Closes #3065
-
Daniel Stenberg authored
... a missing multi_done() call. Credit to OSS-Fuzz Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10728 Closes #3063
-
Daniel Stenberg authored
Due to an issue with travis (https://github.com/travis-ci/travis-ci/issues/9956) we've been using Xcode 9.2 for darwinssl builds for a while. Now xcode 10 is offered as an alternative and as it builds curl+darwinssl fine that seems like a better choice. Closes #3062
-
Rich Turner authored
Enabled Console VT support (if running OS supports VT) in tool_main.c. Fixes #3008 Closes #3011
-
- Sep 28, 2018
-
-
Daniel Stenberg authored
Follow-up to #3044 - fix a leak OSS-Fuzz detected Closes #3057
-
Sergei Nikulov authored
-
Brad King authored
Changes in commit 7867aaa9 (cmake: link curl to the OpenSSL targets instead of lib absolute paths, 2018-07-17) and commit f826b4ce (cmake: bumped minimum version to 3.4, 2018-07-19) required CMake 3.4 to fix issue #2746. This broke support for users on older versions of CMake even if they just want to build curl and do not care whether transitive dependencies work. Backport the logic to work with CMake 3.0 again by implementing the fix only when the version of CMake is at least 3.4.
-
- Sep 27, 2018
-
-
Marcel Raad authored
Classic MinGW still has _beginthreadex's return type as unsigned long instead of uintptr_t [0]. uintptr_t is not even defined because of [1]. [0] https://sourceforge.net/p/mingw/mingw-org-wsl/ci/wsl-5.1-release/tree/mingwrt/include/process.h#l167 [1] https://sourceforge.net/p/mingw/mingw-org-wsl/ci/wsl-5.1-release/tree/mingwrt/include/process.h#l90 Bug: https://github.com/curl/curl/issues/2924#issuecomment-424334807 Closes https://github.com/curl/curl/pull/3051
-
- Sep 26, 2018
-
-
Daniel Stenberg authored
fix a few leftovers Fixes #3006 Closes #3049
-
Doron Behar authored
Closes #3050
-
Daniel Stenberg authored
-
- Sep 25, 2018
-
-
Daniel Stenberg authored
Free 'header_recvbuf' unconditionally even if 'h2' isn't (yet) set, for early failures. Detected by OSS-Fuzz Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10669 Closes #3046
-
Daniel Stenberg authored
If the rewind would fail, a strdup() would not get freed. Detected by OSS-Fuzz Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10665 Closes #3044
-
- Sep 24, 2018
-
-
Viktor Szakats authored
The value in question is coming directly from `gnutls-serv`, so it cannot be modified freely. Reported-by: Marcel Raad Ref: https://github.com/curl/curl/commit/6ae6b2a533e8630afbb21f570305bd4ceece6348#commitcomment-30621004
-
Daniel Stenberg authored
Detected by OSS-Fuzz Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10648 Closes #3042
-
Daniel Stenberg authored
Regression since 38203f15 Reported-by: Jean Fabrice Fixes #3023 Closes #3040
-
Christian Heimes authored
OpenSSL 1.1.1 requires clients to opt-in for post-handshake authentication. Fixes: https://github.com/curl/curl/issues/3026 Signed-off-by: Christian Heimes <christian@python.org> Closes https://github.com/curl/curl/pull/3027
-
Even Rouault authored
This fixes potential out-of-buffer access on "file:./" URL $ valgrind curl "file:./" ==24516== Memcheck, a memory error detector ==24516== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. ==24516== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info ==24516== Command: /home/even/install-curl-git/bin/curl file:./ ==24516== ==24516== Conditional jump or move depends on uninitialised value(s) ==24516== at 0x4C31F9C: strcmp (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==24516== by 0x4EBB315: seturl (urlapi.c:801) ==24516== by 0x4EBB568: parseurl (urlapi.c:861) ==24516== by 0x4EBC509: curl_url_set (urlapi.c:1199) ==24516== by 0x4E644C6: parseurlandfillconn (url.c:2044) ==24516== by 0x4E67AEF: create_conn (url.c:3613) ==24516== by 0x4E68A4F: Curl_connect (url.c:4119) ==24516== by 0x4E7F0A4: multi_runsingle (multi.c:1440) ==24516== by 0x4E808E5: curl_multi_perform (multi.c:2173) ==24516...
-
- Sep 23, 2018
-
-
Viktor Szakats authored
- and one in docs/MANUAL as well Closes https://github.com/curl/curl/pull/3038
-
Viktor Szakats authored
- replace tabs with spaces where possible - remove line ending spaces - remove double/triple newlines at EOF - fix a non-UTF-8 character - cleanup a few indentations/line continuations in manual examples Closes https://github.com/curl/curl/pull/3037
-
Daniel Stenberg authored
Detected by Coverity. CID 1439610. Follow-up from 46e16406 Closes #3034
-
Daniel Stenberg authored
Detected by Coverity. CID 1439611. Follow-up from 46e16406
-
Daniel Stenberg authored
Fixes #2987 Closes #3035
-
Viktor Szakats authored
- also update two URLs outside of docs/examples - fix spelling of filename persistant.c - fix three long lines that started failing checksrc.pl Closes https://github.com/curl/curl/pull/3036
-
- Sep 22, 2018
-
-
Viktor Szakats authored
also: - fix two warnings in synctime.c (one of them Windows-specific) - upgrade URLs in synctime.c and remove a broken one Closes https://github.com/curl/curl/pull/3033
-
Daniel Stenberg authored
Closes #3030
-
Daniel Stenberg authored
Closes #3032
-
Daniel Stenberg authored
... to make it a truly unified URL parser. Closes #3017
-
Viktor Szakats authored
Closes https://github.com/curl/curl/pull/3031
-
- Sep 21, 2018
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
When trying to detect pthreads use on HPUX the checks will succeed without the correct -l option but then end up failing at run-time. Reported-by: Eason-Yu on github Fixes #2697 Closes #3025
-
Erik Minekus authored
Closes #3029
-
Daniel Stenberg authored
Closes #3024
-
Loganaden Velvindron authored
Closes #2971
-
- Sep 20, 2018
-
-
Daniel Stenberg authored
Removed DoH. Closes #2734
-
Jay Satiro authored
- Treat CURL_SSLVERSION_MAX_NONE the same as CURL_SSLVERSION_MAX_DEFAULT. Prior to this change NONE would mean use the minimum version also as the maximum. This is a follow-up to 6015cefb which changed the behavior of setting the SSL version so that the requested version would only be the minimum and not the maximum. It appears it was (mostly) implemented in OpenSSL but not other backends. In other words CURL_SSLVERSION_TLSv1_0 used to mean use just TLS v1.0 and now it means use TLS v1.0 *or later*. - Fix CURL_SSLVERSION_MAX_DEFAULT for OpenSSL. Prior to this change CURL_SSLVERSION_MAX_DEFAULT with OpenSSL was erroneously treated as always TLS 1.3, and would cause an error if OpenSSL was built without TLS 1.3 support. Co-authored-by: Daniel Gustafsson Fixes https://github.com/curl/curl/issues/2969 Closes https://github.com/curl/curl/pull/3012
-
Daniel Stenberg authored
As OpenSSL 1.1.1 starts to complain and fail on sha1 CAs: "SSL certificate problem: CA signature digest algorithm too weak" Closes #3014
-