- May 21, 2018
-
-
Daniel Stenberg authored
The feature is only enabled if the output is believed to be a tty. -J: There's some minor differences and improvements in -J handling, as now J should work with -i and it actually creates a file first using the initial name and then *renames* that to the one found in Content-Disposition (if any). -i: only shows headers for HTTP transfers now (as documented). Previously it would also show for pieces of the transfer that were HTTP (for example when doing FTP over a HTTP proxy). -i: now shows trailers as well. Previously they were not shown at all. --libcurl: the CURLOPT_HEADER is no longer set, as the header output is now done in the header callback.
-
Daniel Stenberg authored
... instead of exeucting code to get the size. Removes the use of LD_LIBRARY_PATH for this. Fixes #2586 Closes #2589 Reported-by: Bernhard Walle
-
Daniel Stenberg authored
... and export LD_LIBRARY_PATH properly. This is a follow-up from 2d4c2152. Fixes #2586 Reported-by: Bernhard Walle
-
Daniel Stenberg authored
Reported-by: bsammon on github Fixes #2590
-
- May 18, 2018
-
-
Daniel Stenberg authored
The previous limit of 5 can still end up in situation that takes a very long time and consumes a lot of CPU. If there is still a rare use case for this, a user can provide their own fnmatch callback for a version that allows a larger set of wildcards. This commit was triggered by yet another OSS-Fuzz timeout due to this. Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8369 Closes #2587
-
Daniel Stenberg authored
follow-up to e05ad5dd
-
Aleks authored
...as there's also a version 2. Closes #2579
-
Daniel Stenberg authored
This example was changed in ce2140a8 to use the new microsecond based getinfo option. This change makes it conditionally keep using the older option so that the example still builds with older libcurl versions. Closes #2584
-
- May 17, 2018
-
-
Daniel Stenberg authored
follow-up to d9e92fd9
-
Philip Prindeville authored
Provide a set of new timers that return the time intervals using integer number of microseconds instead of floats. The new info names are as following: CURLINFO_APPCONNECT_TIME_T CURLINFO_CONNECT_TIME_T CURLINFO_NAMELOOKUP_TIME_T CURLINFO_PRETRANSFER_TIME_T CURLINFO_REDIRECT_TIME_T CURLINFO_STARTTRANSFER_TIME_T CURLINFO_TOTAL_TIME_T Closes #2495
-
Daniel Stenberg authored
... previously it only used the max setting if a TLS version was also explicitly asked for. Reported-by: byte_bucket Fixes #2571 Closes #2572
-
Daniel Stenberg authored
-
- May 16, 2018
-
-
Dagobert Michelsen authored
The warning flag leads e.g. Sun Studio compiler to bail out. Closes #2576
-
Daniel Stenberg authored
-
Jay Satiro authored
-
Jay Satiro authored
.. because original MinGW and old compilers do not have the Windows API definitions needed to support manual verification.
-
Archangel_SDY authored
Original MinGW targets Windows 2000 by default, which lacks some APIs and definitions for this feature. Disable it if these APIs are not available. Closes https://github.com/curl/curl/pull/2522
-
- May 15, 2018
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
The HTML files are long gone from the dist, now remove the last HTML file pointing to those missing files. d
-
- May 14, 2018
-
-
steini2000 authored
Closes #2570
-
steini2000 authored
-
Daniel Stenberg authored
Reported-by: Rikard Falkeborn Bug: #2560 Closes #2569
-
Daniel Stenberg authored
Fixes gcc-8 picky compiler warnings Reported-by: Rikard Falkeborn Bug: #2560 Closes #2568
-
Daniel Stenberg authored
... and remove the github markdown syntax so that it renders better on the web site. Also, don't use back-ticks inlined to allow the CSS to highlight source code better.
-
Rikard Falkeborn authored
Closes #2561
-
Rikard Falkeborn authored
-
Rikard Falkeborn authored
-
Rikard Falkeborn authored
-
Rikard Falkeborn authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
When there's an upload in progress, make sure to wait for the socket to become writable. Detected-by: steini2000 on github Bug: #2520 Closes #2567
-
Daniel Stenberg authored
Response data for a handle with a large buffer might be cached and then used with the "closure" handle when it has a smaller buffer and then the larger cache will be copied and overflow the new smaller heap based buffer. Reported-by: Dario Weisser CVE: CVE-2018-1000300 Bug: https://curl.haxx.se/docs/adv_2018-82c2.html
-
Daniel Stenberg authored
... leaving the k->str could lead to buffer over-reads later on. CVE: CVE-2018-1000301 Assisted-by: Max Dymond Detected by OSS-Fuzz. Bug: https://curl.haxx.se/docs/adv_2018-b138.html Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7105
-
- May 12, 2018
-
-
Patrick Monnerat authored
RFC 6265 section 4.2.1 does not set restrictions on cookie names. This is a follow-up to commit 7f7fcd0d. Also explicitly check proper syntax of cookie name/value pair. New test 1155 checks that cookie names are not reserved words. Reported-By: anshnd at github Fixes #2564 Closes #2566
-
Daniel Stenberg authored
Assisted-by: Max Dymond Detected by OSS-Fuzz Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8245
-
- May 11, 2018
-
-
Daniel Stenberg authored
Detected by Coverity; CID 1435559. Follow-up to f8d608f3. It would index the array with -1 if neither index was a socket.
-
- May 10, 2018
-
-
Daniel Stenberg authored
Closes #2558
-
Sunny Purushe authored
To make builds with VS2015 work. Recent changes in VS2015 _IOB_ENTRIES handling is causing problems. This fix changes the OpenSSL backend code to use BIO functions instead of FILE I/O functions to circumvent those problems. Closes #2512
-
- May 09, 2018
-
-
Daniel Stenberg authored
Assisted-by: Dan Fandrich Closes #2528
-