- Nov 19, 2018
-
-
Patrick Monnerat authored
-
Patrick Monnerat authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
The license for the impacket package was not in our tree. Imported now from upstream's https://github.com/SecureAuthCorp/impacket/blob/master/LICENSE Reported-by: infinnovation-dev on github Fixes #3276 Closes #3277
-
- Nov 18, 2018
-
-
Daniel Gustafsson authored
The partial struct initialization in 397664a0 caused a warning on uninitialized MODULEENTRY32 struct members: /src/tool_doswin.c:681:3: warning: missing initializer for field 'th32ModuleID' of 'MODULEENTRY32 {aka struct tagMODULEENTRY32}' [-Wmissing-field-initializers] This is sort of a bogus warning as the remaining members will be set to zero by the compiler, as all omitted members are. Nevertheless, remove the warning by omitting all members and setting the dwSize members explicitly. Closes #3254 Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com> Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
-
- Nov 17, 2018
-
-
Daniel Gustafsson authored
Commit 709cf76f deprecated USE_SSLEAY, as curl since long isn't compatible with the SSLeay library. This removes the few leftovers that were omitted in the less frequently used platform targets. Closes #3270 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
- Nov 16, 2018
-
-
Elia Tufarolo authored
Fix HTTP POST using CURLAUTH_NEGOTIATE. Closes #3275
-
Daniel Stenberg authored
Brought-by: bobmitchell1956 on github Fixes #3278 Closes #3279
-
Peter Wu authored
The SSL_CTX_set_msg_callback callback is not just called for the Handshake or Alert protocols, but also for the raw record header (SSL3_RT_HEADER) and the decrypted inner record type (SSL3_RT_INNER_CONTENT_TYPE). Be sure to ignore the latter to avoid excess debug spam when using `curl -v` against a TLSv1.3-enabled server: * TLSv1.3 (IN), TLS app data, [no content] (0): (Following this message, another callback for the decrypted handshake/alert messages will be be present anyway.) Closes https://github.com/curl/curl/pull/3281
-
- Nov 15, 2018
-
-
Marc Hoersken authored
SO_EXCLUSIVEADDRUSE is on by default on Vista or newer, but does not work together with SO_REUSEADDR being on. The default changes were made with stunnel 5.34 and 5.35.
-
- Nov 13, 2018
-
-
Kamil Dudka authored
Closes #3262
-
Daniel Stenberg authored
Fixes #3261
-
Daniel Gustafsson authored
Commit 5bfaa86c introduced a new compiler warning on Windows cross compilation with GCC. See below for an example of the warning from the autobuild logs (whitespace edited to fit): /src/tool_cb_wrt.c:175:9: warning: cast from function call of type 'intptr_t {aka long long int}' to non-matching type 'void *' [-Wbad-function-cast] (HANDLE) _get_osfhandle(fileno(outs->stream)), ^ Store the return value from _get_osfhandle() in an intermediate variable and cast the variable in WriteConsoleW() rather than the function call directly to avoid a compiler warning. In passing, also add inspection of the MultiByteToWideChar() return value and return failure in case an error is reported. Closes #3263 Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com> Reviewed-by: Viktor Szakats <commit@vszakats.net>
-
- Nov 12, 2018
-
-
Daniel Stenberg authored
-
- Nov 10, 2018
-
-
Daniel Stenberg authored
-
- Nov 09, 2018
-
-
Tim Rühsen authored
Curl_ftp_parselist: avoid unsigned integer overflows The overflow has no real world impact, just avoid it for "best practice". Closes #3225
-
Daniel Stenberg authored
The end port number in a given range was not included in the range used, as it is documented to be. Reported-by: infinnovation-dev on github Fixes #3251 Closes #3255
-
Jérémy Rocher authored
As per BoringSSL porting documentation [1], BoringSSL rejects peer renegotiations by default. curl fails when trying to authenticate to server through client certificate if it is requested by server after the initial TLS handshake. Enable renegotiation by default with BoringSSL to get same behavior as with OpenSSL. This is done by calling SSL_set_renegotiate_mode [2] which was introduced in commit 1d5ef3bb1eb9 [3]. 1 - https://boringssl.googlesource.com/boringssl/+/HEAD/PORTING.md#tls-renegotiation 2 - https://boringssl.googlesource.com/boringssl/+/master/include/openssl/ssl.h#3482 3 - https://boringssl.googlesource.com/boringssl/+/1d5ef3bb1eb97848617db5e7d633d735a401df86 Signed-off-by: Jérémy Rocher <rocher.jeremy@gmail.com> Fixes #3258 Closes #3259
-
Daniel Stenberg authored
Added a few of the more notable milestones in curl history that were missing. Primarily more recent ones but I also noted some older that could be worth mentioning. [ci skip] Closes #3257
-
Daniel Gustafsson authored
Add the identified issue with --proxy-any and proxy servers which advertise authentication schemes other than the supported one. Closes #876 Closes #3250 Reported-by: NTMan on Github Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
Jim Fuller authored
Allows an application to pass in a pre-parsed URL via a URL handle. Closes #3227
-
Gisle Vanem authored
Groff / Troff will display a: printaf("Errno: %ld\n", error); as: printf("Errno: %ld0, error); when a "\n" is not escaped. Use "\\n" instead. Closes #3246
-
- Nov 08, 2018
-
-
Daniel Stenberg authored
Regression by 52db5486. Reported-by: infinnovation-dev on github Fixes #3248 Closes #3249
-
- Nov 07, 2018
-
-
Gisle Vanem authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
The tool's local port command line range parser didn't check for integer overflows and could pass "weird" data to libcurl for this option. libcurl however, has a strict range check for the values so it rejects anything outside of the accepted range. Reported-by: Brian Carpenter Closes #3242
-
Daniel Stenberg authored
Follow-up to e431daf0, as I did the wrong correction for a compiler warning. It should be a break and not a fall-through. Pointed-out-by: Frank Gevaerts
-
Frank Gevaerts authored
Closes #3115
-
Daniel Gustafsson authored
The productname from Microsoft is "Schannel", but in infof/failf reporting we use "schannel". This removes different versions. Closes #3243 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
Daniel Stenberg authored
Similar to how URL decoding/encoding is done, we could have URL functions to convert IDN host names to punycode. Suggested-by: Alexey Melnichuk Closes #3232
-
Daniel Stenberg authored
APPENDQUERY + URLENCODE would skip all equals signs but now it only skip encoding the first to better allow "name=content" for any content. Reported-by: Alexey Melnichuk Fixes #3231 Closes #3231
-
- Nov 06, 2018
-
-
Daniel Stenberg authored
The function identifying a leading "scheme" part of the URL considered a few letters ending with a colon to be a scheme, making something like "short:80" to become an unknown scheme instead of a short host name and a port number. Extended test 1560 to verify. Also fixed test203 to use file_pwd to make it get the correct path on windows. Removed test 2070 since it was a duplicate of 203. Assisted-by: Marcel Raad Reported-by: Hagai Auro Fixes #3220 Fixes #3233 Closes #3223 Closes #3235
-
Sangamkar authored
In the transfer loop it would previously not acknwledge the pause bit and continue until drained or loop ended. Closes #3240
-
Jay Satiro authored
- Add an undocumented diagnostic option for Windows to show the full paths of all loaded modules regardless of whether or not libcurl initialization succeeds. This is needed so that in the CI we can get a list of all DLL dependencies after initialization (when they're most likely to have finished loading) and then package them as artifacts so that a functioning build can be downloaded. Also I imagine it may have some use as a diagnostic for help requests. Ref: https://github.com/curl/curl/pull/3103 Closes https://github.com/curl/curl/pull/3208
-
Jay Satiro authored
Prior to this change twice as many bytes as necessary were malloc'd when converting wchar to UTF8. To allay confusion in the future I also changed the variable name for the amount of bytes from len to bytes. Closes https://github.com/curl/curl/pull/3209
-
- Nov 05, 2018
-
-
Michael Kaufmann authored
- for "--netrc", don't ignore the login/password specified with "--user", only ignore the login/password in the URL. This restores the netrc behaviour of curl 7.61.1 and earlier. - fix the documentation of CURL_NETRC_REQUIRED - improve the detection of login/password changes when reading .netrc - don't read .netrc if both login and password are already set Fixes #3213 Closes #3224
-
Patrick Monnerat authored
-
Yasuhiro Matsumoto authored
Fixes #3211 Fixes #3175 Closes #3212
-
Daniel Stenberg authored
Closes #3199
-
Daniel Gustafsson authored
The previous coding used a format string whose output depended on the current locale of the environment running the test. Since the gist of the test is to have a format string, with the actual formatting being less important, switch to a more stable formatstring with decimals. Reported-by: Marcel Raad Closes #3234 Reviewed-by: Daniel Stenberg <daniel@haxx.se> Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
-