- Feb 21, 2017
-
-
Daniel Stenberg authored
The CURLOPT_SSL_VERIFYSTATUS option was not properly handled by libcurl and thus even if the status couldn't be verified, the connection would be allowed and the user would not be told about the failed verification. Regression since cb4e2be7 CVE-2017-2629 Bug: https://curl.haxx.se/docs/adv_20170222.html Reported-by: Marcus Hoffmann
-
Jay Satiro authored
- If the server has provided another challenge use it as the replacement input token if stale=TRUE. Otherwise previous credentials have failed so return CURLE_LOGIN_DENIED. Prior to this change the stale directive was ignored and if another challenge was received it would cause error CURLE_BAD_CONTENT_ENCODING. Ref: https://tools.ietf.org/html/rfc2617#page-10 Bug: https://github.com/curl/curl/issues/928 Reported-by: <tarek112@users.noreply.github.com>
-
- Feb 20, 2017
-
-
Daniel Stenberg authored
Closes #1264
-
Daniel Stenberg authored
-
Jean Gressmann authored
Since negative values are errors and not only -1. This makes SFTP upload with --create-dirs work (again). Closes #1269
-
Max Khon authored
- on the first invocation: keep security context returned by InitializeSecurityContext() - on subsequent invocations: use MakeSignature() instead of InitializeSecurityContext() to generate HTTP digest response Bug: https://github.com/curl/curl/issues/870 Reported-by: Andreas Roth Closes https://github.com/curl/curl/pull/1251
-
Jay Satiro authored
- Feb 19, 2017
-
-
Michael Kaufmann authored
-
- Feb 18, 2017
-
-
Dan Fandrich authored
-
Michael Kaufmann authored
Follow-up to 4b86113f Fixes https://github.com/curl/curl/issues/793 Fixes https://github.com/curl/curl/issues/942
-
Michael Kaufmann authored
-
Michael Kaufmann authored
Properly resolve, convert and log the proxy host names. Support the "--connect-to" feature for SOCKS proxies and for passive FTP data transfers. Follow-up to cb4e2be7 Reported-by: Jay Satiro Fixes https://github.com/curl/curl/issues/1248
-
- Feb 17, 2017
-
-
Isaac Boukris authored
- While negotiating auth during PUT/POST if a user-specified Content-Length header is set send 'Content-Length: 0'. This is what we do already in HTTPREQ_POST_FORM and what we did in the HTTPREQ_POST case (regression since afd288b2). Prior to this change no Content-Length header would be sent in such a case. Bug: https://curl.haxx.se/mail/lib-2017-02/0006.html Reported-by: Dominik Hölzl Closes https://github.com/curl/curl/pull/1242
-
- Feb 16, 2017
-
-
Simon Warta authored
Closes #1265
-
Daniel Stenberg authored
-
- Feb 15, 2017
-
-
Daniel Stenberg authored
It isn't easily solved, but with some thinking someone could probably come up with a working approach? Closes #1241
-
Jay Satiro authored
For example allow ranges like [1-1] and [a-a] etc. Regression since 5ca96cb8. Bug: https://github.com/curl/curl/issues/1238 Reported-by: R. Dennis Steed
-
Daniel Stenberg authored
Builds with axTLS 2.1.2. This then also breaks compatibility with axTLS < 2.1.0 (the older API) ... and fix the session_id mixup brought in 04b4ee54 Fixes #1220
-
- Feb 14, 2017
-
-
Daniel Stenberg authored
-
Nick Draffen authored
The warning message had a typo. The argument long form is --time-cond not --timecond Closes #1263
-
Daniel Stenberg authored
-
Jay Satiro authored
When the threaded resolver option is specified for configure the default thread library is pthreads. This change makes it possible to --disable-pthreads and then configure can fall back on Win32 threads for native Windows builds. Closes https://github.com/curl/curl/pull/1260
-
- Feb 13, 2017
-
-
Daniel Stenberg authored
Reported-by: <zelinchen@users.noreply.github.com> Fixes #1229
-
- Feb 11, 2017
-
-
Jay Satiro authored
When CURLE_SSL_CACERT occurs the tool shows a lengthy error message to the user explaining possible solutions such as --cacert and --insecure. This change appends to that message similar options --proxy-cacert and --proxy-insecure when there's a specified HTTPS proxy. Closes https://github.com/curl/curl/issues/1258
-
- Feb 10, 2017
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
Fixes #1252
-
- Feb 09, 2017
-
-
Jay Satiro authored
- Document in --socks* opts they're still mutually exclusive of --proxy. Partial revert of 423a93ce; I had misinterpreted the SOCKS proxy + HTTP/HTTPS proxy combination. - Document in --socks* opts that --preproxy can be used to specify a SOCKS proxy at the same time --proxy is used with an HTTP/HTTPS proxy.
-
Daniel Stenberg authored
-
Kamil Dudka authored
If the NSS code was in the middle of a non-blocking handshake and it was asked to finish the handshake in blocking mode, it unexpectedly continued in the non-blocking mode, which caused a FTPS connection over CONNECT to fail with "(81) Socket not ready for send/recv". Bug: https://bugzilla.redhat.com/1420327
-
Daniel Stenberg authored
... instead of the OpenSSL mutex page.
-
Daniel Stenberg authored
Follow up to 7fe81ec2: make sure 'host' is either NULL or malloced.
-
Cameron MacMinn authored
Fixes #1255
-
- Feb 08, 2017
-
-
Michael Kaufmann authored
Reported-by: Dan Fandrich Bug: https://curl.haxx.se/mail/lib-2017-02/0032.html
-
- Feb 07, 2017
-
-
Dan Fandrich authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
When removing an easy handler from a multi before it completed its transfer, and it had pushed streams, it would segfault due to the pushed counted not being cleared. Fixed-by: <zelinchen@users.noreply.github.com> Fixes #1249
-
Markus Westerlind authored
Using sftp to delete a file with CURLOPT_NOBODY set with a reused connection would fail as curl expected to get some data. Thus it would retry the command again which fails as the file has already been deleted. Fixes #1243
-
Daniel Gustafsson authored
Ref: https://github.com/curl/curl/pull/1245
-