- Sep 22, 2016
-
-
Michael Kaufmann authored
Add the new option CURLOPT_KEEP_SENDING_ON_ERROR to control whether sending the request body shall be completed when the server responds early with an error status code. This is suitable for manual NTLM authentication. Reviewed-by: Jay Satiro Closes https://github.com/curl/curl/pull/904
-
Kamil Dudka authored
-
Kamil Dudka authored
-
Kamil Dudka authored
As it seems to be a rarely used cipher suite (for securely established but _unencrypted_ connections), I believe it is fine not to provide an alias for the misspelled variant.
-
- Sep 21, 2016
-
-
Jay Satiro authored
.. and add that --proto-redir and CURLOPT_REDIR_PROTOCOLS do not override protocols denied by --proto and CURLOPT_PROTOCOLS. - Add a test to enforce: --proto deny must override --proto-redir allow Closes https://github.com/curl/curl/pull/1031
-
Daniel Stenberg authored
Follow-up to 6140dfcf Reported-by: Alexander Sinditskiy
-
- Sep 20, 2016
-
-
Daniel Stenberg authored
Discussed in #997 Assisted-by: Jay Satiro
-
Daniel Stenberg authored
-
Jay Satiro authored
Bug: https://github.com/curl/curl/issues/1017 Reported-by: Jeroen Ooms
-
- Sep 19, 2016
-
-
Daniel Stenberg authored
-
Daniel Gustafsson authored
Closes https://github.com/curl/curl/pull/1028
-
Bernard Spil authored
LibreSSL defines `OPENSSL_VERSION_NUMBER` as `0x20000000L` for all versions returning `LibreSSL/2.0.0` for any LibreSSL version. This change provides a local OpenSSL_version_num function replacement returning LIBRESSL_VERSION_NUMBER instead. Closes #1029
-
rugk authored
Closes #1025 Closes #1026 Closes #1027
-
Daniel Stenberg authored
Follow-up fix to d9321562
-
Daniel Stenberg authored
The OpenSSL function CRYTPO_cleanup_all_ex_data() cannot be called multiple times without crashing - and other libs might call it! We basically cannot call it without risking a crash. The function is a no-op since OpenSSL 1.1.0. Not calling this function only risks a small memory leak with OpenSSL < 1.1.0. Bug: https://curl.haxx.se/mail/lib-2016-09/0045.html Reported-by: Todd Short
-
Daniel Stenberg authored
-
- Sep 18, 2016
-
-
Jay Satiro authored
-
Nick Zitzmann authored
RC4 was a nice alternative to CBC back in the days of BEAST, but it's insecure and obsolete now.
-
Nick Zitzmann authored
Since I first wrote that text, Apple introduced tvOS and watchOS, and renamed "Mac OS X" to "macOS." Let's make the text a little more inclusive, since curl can be built for all four operating systems.
-
Jay Satiro authored
-
Jay Satiro authored
Prior to this commit this example failed with error 'Cannot APPEND with unknown input file size'. Bug: https://github.com/curl/curl/issues/1008 Reported-by: <lukaszgn@users.noreply.github.com> Closes https://github.com/curl/curl/pull/1011
-
- Sep 16, 2016
-
-
Tony Kelman authored
Recent versions of mbedTLS are available under either Apache 2.0 or GPL 2.0, see https://tls.mbed.org/how-to-get Closes #1019
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
... but don't send the actual header over the wire as it isn't accepted. Chunked uploading is still triggered using this method. Fixes #1013 Fixes #662
-
- Sep 14, 2016
-
-
Daniel Stenberg authored
OpenSSL 1.0.1 and 1.0.2 build an error queue that is stored per-thread so we need to clean it when easy handles are freed, in case the thread will be killed in which the easy handle was used. All OpenSSL code in libcurl should extract the error in association with the error already so clearing this queue here should be harmless at worst. Fixes #964
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
CVE-2016-7167 Bug: https://curl.haxx.se/docs/adv_20160914.html
-
Daniel Stenberg authored
CVE-2016-7167 Bug: https://curl.haxx.se/docs/adv_20160914.html
-
Daniel Stenberg authored
Reported-by: Ryan Scott Fixes #1007
-
- Sep 13, 2016
-
-
Daniel Stenberg authored
-
- Sep 12, 2016
-
-
Tony Kelman authored
NTLM support with mbedTLS was added in 497e7c9d but requires that mbedTLS is built with the MD4 functions available, which it isn't in default builds. This now adapts if the funtion isn't there and builds libcurl without NTLM support if so. Fixes #1004
-
Jay Satiro authored
- Change maximum allowed line length from 80 to 79.
-
- Sep 11, 2016
-
-
Jay Satiro authored
Note that since the added examples are for column alignment I had to encapsulate with ~~~c markdown to preserve their alignment.
-
Peter Wu authored
The `curl-config --static-libs` command should not output paths like -l/usr/lib/libssl.so, instead print the absolute path without `-l`. This also removes the confusing message "Static linking is broken" which was printed because curl-config --static-libs was disfunctional even though the static libcurl.a library works properly. Fixes https://github.com/curl/curl/issues/841
-
Daniel Stenberg authored
... like when a HTTP/0.9 response comes back without any headers at all and just a body this now prevents that body from being sent to the callback etc. Adapted test 1144 to verify. Fixes #973 Assisted-by: Ray Satiro
-
- Sep 10, 2016
-
-
Daniel Stenberg authored
-