- Jun 10, 2019
-
-
Daniel Stenberg authored
Brief security policy description for use/display on github.
-
Daniel Gustafsson authored
Commit 61faa0b4 fixed the progress bar width calculation to avoid integer overflow, but failed to account for the fact that initial_size is initialized to -1 when the file size is retrieved from the remote on an upload, causing another signed integer overflow. Fix by separately checking for this case before the width calculation. Closes #3984 Reported-by: Brian Carpenter (Geeknik Labs) Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
Daniel Stenberg authored
Remove support for, references to and use of "cyaSSL" from the source and docs. wolfSSL is the current name and there's no point in keeping references to ancient history. Assisted-by: Daniel Gustafsson Closes #3903
-
Daniel Stenberg authored
-
Daniel Stenberg authored
Reported-by: Alex Grebenschikov Fixes #3993 Closes #4002
-
- Jun 09, 2019
-
-
Daniel Stenberg authored
Since more than one socket can be used by each transfer at a given time, each sockhash entry how has its own hash table with transfers using that socket. In addition, the sockhash entry can now be marked 'blocked = TRUE'" which then makes the delete function just set 'removed = TRUE' instead of removing it "for real", as a way to not rip out the carpet under the feet of a parent function that iterates over the transfers of that same sockhash entry. Reported-by: Tom van der Woerdt Fixes #3961 Fixes #3986 Fixes #3995 Fixes #4004 Closes #3997
-
Sorcus authored
Fixed-by: MrSorcus on github Closes #4000
-
Daniel Stenberg authored
... so that timeouts or other state machine actions get going again after a changing pause state. For example, if the last delivery was paused there's no pending socket activity. Reported-by: sstruchtrup on github Fixes #3994 Closes #4001
-
Marcel Raad authored
I missed that in commit 99a49d66.
-
Marcel Raad authored
Closes https://github.com/curl/curl/pull/3999
-
- Jun 08, 2019
-
-
Daniel Stenberg authored
-
- Jun 05, 2019
-
-
Marcel Raad authored
Compilers and static analyzers warn about using C-style casts here. Closes https://github.com/curl/curl/pull/3975
-
Marcel Raad authored
As want is size_t, (file->buffer_pos - want) is unsigned, so checking if it's less than zero makes no sense. Check if file->buffer_pos is less than want instead to avoid the unsigned integer wraparound. Closes https://github.com/curl/curl/pull/3975
-
Marcel Raad authored
Reduce variable scopes and remove redundant variable stores. Closes https://github.com/curl/curl/pull/3975
-
Marcel Raad authored
Unused since commit 2f44e94e. Closes https://github.com/curl/curl/pull/3975
-
- Jun 04, 2019
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Frank Gevaerts authored
These are for features that used to be openssl-only but were expanded over time to support other SSL backends. Closes #3985
-
Daniel Stenberg authored
Reported-by: Carlos ORyan
-
Steve Holme authored
GetModuleFileName() returns a DWORD which is a typedef of an unsigned long and not an int. Closes #3980
-
- Jun 03, 2019
-
-
Daniel Stenberg authored
Suggested-by: dkwolfe4 on github Closes #3920
-
- Jun 02, 2019
-
-
Steve Holme authored
Missed in 04fd6755. Closes #3978
-
Steve Holme authored
Follow-up to 8144ba38. Detected by Coverity CID 1445663 Closes #3976
-
Sergey Ogryzkov authored
Closes #3972
-
Daniel Stenberg authored
Verifies that a bodyless response don't parse this content-related header.
-
Michael Kaufmann authored
Responses with status codes 1xx, 204 or 304 don't have a response body. For these, don't parse these headers: - Content-Encoding - Content-Length - Content-Range - Last-Modified - Transfer-Encoding This change ensures that HTTP/2 upgrades work even if a "Content-Length: 0" or a "Transfer-Encoding: chunked" header is present. Co-authored-by: Daniel Stenberg Closes #3702 Fixes #3968 Closes #3977
-
Daniel Stenberg authored
Reported-by: Jay Satiro Co-authored-by: Jay Satiro Fixes #3938 Closes #3946
-
- Jun 01, 2019
-
-
Daniel Stenberg authored
Reported-by: wesinator at github Fixes #3964 Closes #3974
-
Daniel Stenberg authored
An inner loop within the singlesocket() function wrongly re-used the variable for the outer loop which then could cause an infinite loop. Change to using a separate variable! Reported-by: Eric Wu Fixes #3970 Closes #3973
-
- May 31, 2019
-
-
Daniel Stenberg authored
-
- May 29, 2019
-
-
Josie Huddleston authored
Various functions called within Curl_http2_done() can have the side-effect of setting the Easy connection into drain mode (by calling drain_this()). However, the last time we unset this for a transfer (by calling drained_transfer()) is at the beginning of Curl_http2_done(). If the Curl_easy is reused for another transfer, it is then stuck in drain mode permanently, which in practice makes it unable to write any data in the new transfer. This fix moves the last call to drained_transfer() to later in Curl_http2_done(), after the functions that could potentially call for a drain. Fixes #3966 Closes #3967 Reported-by: Josie-H
-
Steve Holme authored
We trust the calling code as this is an internal function. Closes #3962
-
Gisle Vanem authored
- Change if_nametoindex parameter type from char * to const char *. Follow-up to 09eef8af from this morning. Bug: https://github.com/curl/curl/commit/09eef8af#r33716067
-
Marcel Raad authored
Closes https://github.com/curl/curl/pull/3941
-
Marcel Raad authored
Introduce BUILD_SYSTEM variable, which is currently always CMake. Closes https://github.com/curl/curl/pull/3941
-
Steve Holme authored
This fixes the static dependency on iphlpapi.lib and allows curl to build for targets prior to Windows Vista. This partially reverts 170bd047. Fixes #3960 Closes #3958
-
Daniel Stenberg authored
-
- May 28, 2019
-
-
Daniel Stenberg authored
Reported-by: Benbuck Nason fixes #3959
-
Daniel Stenberg authored
... so that it has a sensible value when ConnectionExists() is called which needs it set to differentiate host "bundles" correctly on port number! Also, make conncache:hashkey() use correct port for bundles that are proxy vs host connections. Probably a regression from 7.62.0 Reported-by: Tom van der Woerdt Fixes #3956 Closes #3957
-
Daniel Stenberg authored
Only HTTP proxy use where multiple host names can be used over the same connection should use the proxy host name for bundles. Reported-by: Tom van der Woerdt Fixes #3951 Closes #3955
-