[164] | 1 | _ _ ____ _
|
---|
| 2 | ___| | | | _ \| |
|
---|
| 3 | / __| | | | |_) | |
|
---|
| 4 | | (__| |_| | _ <| |___
|
---|
| 5 | \___|\___/|_| \_\_____|
|
---|
| 6 |
|
---|
| 7 | Changelog
|
---|
| 8 |
|
---|
| 9 | Version 7.47.1 (8 Feb 2016)
|
---|
| 10 |
|
---|
| 11 | Daniel Stenberg (8 Feb 2016)
|
---|
| 12 | - RELEASE-NOTES: curl 7.47.1 time!
|
---|
| 13 |
|
---|
| 14 | Jay Satiro (8 Feb 2016)
|
---|
| 15 | - tool_operhlp: Check for backslashes in get_url_file_name
|
---|
| 16 |
|
---|
| 17 | Extract the filename from the last slash or backslash. Prior to this
|
---|
| 18 | change backslashes could be part of the filename.
|
---|
| 19 |
|
---|
| 20 | This change needed for the curl tool built for Cygwin. Refer to the
|
---|
| 21 | CYGWIN addendum in advisory 20160127B.
|
---|
| 22 |
|
---|
| 23 | Bug: https://curl.haxx.se/docs/adv_20160127B.html
|
---|
| 24 |
|
---|
| 25 | Daniel Stenberg (7 Feb 2016)
|
---|
| 26 | - RELEASE-NOTES: synced with d6a8869ea34
|
---|
| 27 |
|
---|
| 28 | Jay Satiro (6 Feb 2016)
|
---|
| 29 | - openssl: Fix signed/unsigned mismatch warning in X509V3_ext
|
---|
| 30 |
|
---|
| 31 | sk_X509_EXTENSION_num may return an unsigned integer, however the value
|
---|
| 32 | will fit in an int.
|
---|
| 33 |
|
---|
| 34 | Bug: https://github.com/curl/curl/commit/dd1b44c#commitcomment-15913896
|
---|
| 35 | Reported-by: Gisle Vanem
|
---|
| 36 |
|
---|
| 37 | Daniel Stenberg (7 Feb 2016)
|
---|
| 38 | - TODO: 17.11 -w output to stderr
|
---|
| 39 |
|
---|
| 40 | Jay Satiro (6 Feb 2016)
|
---|
| 41 | - [Michael Kaufmann brought this change]
|
---|
| 42 |
|
---|
| 43 | idn_win32: Better error checking
|
---|
| 44 |
|
---|
| 45 | .. also fix a conversion bug in the unused function
|
---|
| 46 | curl_win32_ascii_to_idn().
|
---|
| 47 |
|
---|
| 48 | And remove wprintfs on error (Jay).
|
---|
| 49 |
|
---|
| 50 | Bug: https://github.com/curl/curl/pull/637
|
---|
| 51 |
|
---|
| 52 | - [Gisle Vanem brought this change]
|
---|
| 53 |
|
---|
| 54 | examples/asiohiper: Avoid function name collision on Windows
|
---|
| 55 |
|
---|
| 56 | closesocket => close_socket
|
---|
| 57 | Winsock already has the former.
|
---|
| 58 |
|
---|
| 59 | Bug: https://curl.haxx.se/mail/lib-2016-02/0016.html
|
---|
| 60 |
|
---|
| 61 | - [Gisle Vanem brought this change]
|
---|
| 62 |
|
---|
| 63 | examples/htmltitle: Use _stricmp on Windows
|
---|
| 64 |
|
---|
| 65 | Bug: https://curl.haxx.se/mail/lib-2016-02/0017.html
|
---|
| 66 |
|
---|
| 67 | Daniel Stenberg (6 Feb 2016)
|
---|
| 68 | - COPYING: clarify that Daniel is not the sole author
|
---|
| 69 |
|
---|
| 70 | ... done on request and as it is a fair point.
|
---|
| 71 |
|
---|
| 72 | Jay Satiro (5 Feb 2016)
|
---|
| 73 | - unit1604: Fix unit setup return code
|
---|
| 74 |
|
---|
| 75 | - tool_doswin: Use type SANITIZEcode in sanitize_file_name
|
---|
| 76 |
|
---|
| 77 | - tool_doswin: Improve sanitization processing
|
---|
| 78 |
|
---|
| 79 | - Add unit test 1604 to test the sanitize_file_name function.
|
---|
| 80 |
|
---|
| 81 | - Use -DCURL_STATICLIB when building libcurltool for unit testing.
|
---|
| 82 |
|
---|
| 83 | - Better detection of reserved DOS device names.
|
---|
| 84 |
|
---|
| 85 | - New flags to modify sanitize behavior:
|
---|
| 86 |
|
---|
| 87 | SANITIZE_ALLOW_COLONS: Allow colons
|
---|
| 88 | SANITIZE_ALLOW_PATH: Allow path separators and colons
|
---|
| 89 | SANITIZE_ALLOW_RESERVED: Allow reserved device names
|
---|
| 90 | SANITIZE_ALLOW_TRUNCATE: Allow truncating a long filename
|
---|
| 91 |
|
---|
| 92 | - Restore sanitization of banned characters from user-specified outfile.
|
---|
| 93 |
|
---|
| 94 | Prior to this commit sanitization of a user-specified outfile was
|
---|
| 95 | temporarily disabled in 2b6dadc because there was no way to allow path
|
---|
| 96 | separators and colons through while replacing other banned characters.
|
---|
| 97 | Now in such a case we call the sanitize function with
|
---|
| 98 | SANITIZE_ALLOW_PATH which allows path separators and colons to pass
|
---|
| 99 | through.
|
---|
| 100 |
|
---|
| 101 |
|
---|
| 102 | Closes https://github.com/curl/curl/issues/624
|
---|
| 103 | Reported-by: Octavio Schroeder
|
---|
| 104 |
|
---|
| 105 | - [Viktor Szakats brought this change]
|
---|
| 106 |
|
---|
| 107 | URLs: change more http to https
|
---|
| 108 |
|
---|
| 109 | - sasl_sspi: Fix memory leak in domain populate
|
---|
| 110 |
|
---|
| 111 | Free an existing domain before replacing it.
|
---|
| 112 |
|
---|
| 113 | Bug: https://github.com/curl/curl/issues/635
|
---|
| 114 | Reported-by: silveja1@users.noreply.github.com
|
---|
| 115 |
|
---|
| 116 | Daniel Stenberg (4 Feb 2016)
|
---|
| 117 | - [Viktor Szakats brought this change]
|
---|
| 118 |
|
---|
| 119 | URLs: follow GitHub project rename (also Travis CI)
|
---|
| 120 |
|
---|
| 121 | Closes #632
|
---|
| 122 |
|
---|
| 123 | - CHANGES.o: fix references to curl.haxx.nu
|
---|
| 124 |
|
---|
| 125 | I removed the scheme prefix from the URLs references this host name, as
|
---|
| 126 | we don't own/run that anymore but the name is kept for historic reasons.
|
---|
| 127 |
|
---|
| 128 | - HISTORY: add some info about when we used which host names
|
---|
| 129 |
|
---|
| 130 | Jay Satiro (2 Feb 2016)
|
---|
| 131 | - [Viktor Szakats brought this change]
|
---|
| 132 |
|
---|
| 133 | URLs: change more http to https
|
---|
| 134 |
|
---|
| 135 | Dan Fandrich (3 Feb 2016)
|
---|
| 136 | - URLs: Change more haxx.se URLs from http: to https:
|
---|
| 137 |
|
---|
| 138 | Daniel Stenberg (3 Feb 2016)
|
---|
| 139 | - RELEASE-NOTES: synced with 4af40b364
|
---|
| 140 |
|
---|
| 141 | - URLs: change all http:// URLs to https://
|
---|
| 142 |
|
---|
| 143 | - configure: update the copyright year range in output
|
---|
| 144 |
|
---|
| 145 | - dotdot: allow an empty input string too
|
---|
| 146 |
|
---|
| 147 | It isn't used by the code in current conditions but for safety it seems
|
---|
| 148 | sensible to at least not crash on such input.
|
---|
| 149 |
|
---|
| 150 | Extended unit test 1395 to verify this too as well as a plain "/" input.
|
---|
| 151 |
|
---|
| 152 | - HTTPS: update a bunch of URLs from HTTP to HTTPS
|
---|
| 153 |
|
---|
| 154 | - [Sergei Nikulov brought this change]
|
---|
| 155 |
|
---|
| 156 | AppVeyor: updated to handle OpenSSL/WinSSL builds
|
---|
| 157 |
|
---|
| 158 | Closes #621
|
---|
| 159 |
|
---|
| 160 | Jay Satiro (1 Feb 2016)
|
---|
| 161 | - tool_operate: Don't sanitize --output path (Windows)
|
---|
| 162 |
|
---|
| 163 | Due to path separators being incorrectly sanitized in --output
|
---|
| 164 | pathnames, eg -o c:\foo => c__foo
|
---|
| 165 |
|
---|
| 166 | This is a partial revert of 3017d8a until I write a proper fix. The
|
---|
| 167 | remote-name will continue to be sanitized, but if the user specified an
|
---|
| 168 | --output with string replacement (#1, #2, etc) that data is unsanitized
|
---|
| 169 | until I finish a fix.
|
---|
| 170 |
|
---|
| 171 | Bug: https://github.com/bagder/curl/issues/624
|
---|
| 172 | Reported-by: Octavio Schroeder
|
---|
| 173 |
|
---|
| 174 | - curl.1: Explain remote-name behavior if file already exists
|
---|
| 175 |
|
---|
| 176 | .. also warn about letting the server pick the filename.
|
---|
| 177 |
|
---|
| 178 | - [Gisle Vanem brought this change]
|
---|
| 179 |
|
---|
| 180 | urldata: Error on missing SSL backend-specific connect info
|
---|
| 181 |
|
---|
| 182 | Daniel Stenberg (28 Jan 2016)
|
---|
| 183 | - bump: towards the next (7.47.1 ?)
|
---|
| 184 |
|
---|
| 185 | - [Sergei Nikulov brought this change]
|
---|
| 186 |
|
---|
| 187 | cmake: fixed when OpenSSL enabled on Windows and schannel detected
|
---|
| 188 |
|
---|
| 189 | Closes #617
|
---|
| 190 |
|
---|
| 191 | Jay Satiro (28 Jan 2016)
|
---|
| 192 | - [Sergei Nikulov brought this change]
|
---|
| 193 |
|
---|
| 194 | urldata: moved common variable out of ifdef
|
---|
| 195 |
|
---|
| 196 | Closes https://github.com/bagder/curl/pull/618
|
---|
| 197 |
|
---|
| 198 | - [Viktor Szakats brought this change]
|
---|
| 199 |
|
---|
| 200 | tool_doswin: silence unused function warning
|
---|
| 201 |
|
---|
| 202 | tool_doswin.c:185:14: warning: 'msdosify' defined but not used
|
---|
| 203 | [-Wunused-function]
|
---|
| 204 |
|
---|
| 205 | Closes https://github.com/bagder/curl/pull/616
|
---|
| 206 |
|
---|
| 207 | Daniel Stenberg (27 Jan 2016)
|
---|
| 208 | - getredirect.c: fix variable name
|
---|
| 209 |
|
---|
| 210 | Reported-by: Bernard Spil
|
---|
| 211 |
|
---|
| 212 | Version 7.47.0 (27 Jan 2016)
|
---|
| 213 |
|
---|
| 214 | Daniel Stenberg (27 Jan 2016)
|
---|
| 215 | - examples/Makefile.inc: specify programs without .c!
|
---|
| 216 |
|
---|
| 217 | - THANKS: 6 new contributors from 7.47.0 release notes
|
---|
| 218 |
|
---|
| 219 | - [Isaac Boukris brought this change]
|
---|
| 220 |
|
---|
| 221 | NTLM: Fix ConnectionExists to compare Proxy credentials
|
---|
| 222 |
|
---|
| 223 | Proxy NTLM authentication should compare credentials when
|
---|
| 224 | re-using a connection similar to host authentication, as it
|
---|
| 225 | authenticate the connection.
|
---|
| 226 |
|
---|
| 227 | Example:
|
---|
| 228 | curl -v -x http://proxy:port http://host/ -U good_user:good_pwd
|
---|
| 229 | --proxy-ntlm --next -x http://proxy:port http://host/
|
---|
| 230 | [-U fake_user:fake_pwd --proxy-ntlm]
|
---|
| 231 |
|
---|
| 232 | CVE-2016-0755
|
---|
| 233 |
|
---|
| 234 | Bug: http://curl.haxx.se/docs/adv_20160127A.html
|
---|
| 235 |
|
---|
| 236 | - [Ray Satiro brought this change]
|
---|
| 237 |
|
---|
| 238 | curl: avoid local drive traversal when saving file (Windows)
|
---|
| 239 |
|
---|
| 240 | curl does not sanitize colons in a remote file name that is used as the
|
---|
| 241 | local file name. This may lead to a vulnerability on systems where the
|
---|
| 242 | colon is a special path character. Currently Windows/DOS is the only OS
|
---|
| 243 | where this vulnerability applies.
|
---|
| 244 |
|
---|
| 245 | CVE-2016-0754
|
---|
| 246 |
|
---|
| 247 | Bug: http://curl.haxx.se/docs/adv_20160127B.html
|
---|
| 248 |
|
---|
| 249 | - RELEASE-NOTES: 7.47.0
|
---|
| 250 |
|
---|
| 251 | - FAQ: language fix in 4.19
|
---|
| 252 |
|
---|
| 253 | - [paulehoffman brought this change]
|
---|
| 254 |
|
---|
| 255 | FAQ: Update to point to GitHub
|
---|
| 256 |
|
---|
| 257 | Current FAQ didn't make it clear where the main repo is.
|
---|
| 258 |
|
---|
| 259 | Closes #612
|
---|
| 260 |
|
---|
| 261 | - maketgz: generate date stamp with LC_TIME=C
|
---|
| 262 |
|
---|
| 263 | bug: http://curl.haxx.se/mail/lib-2016-01/0123.html
|
---|
| 264 |
|
---|
| 265 | - curl_multi_socket_action.3: line wrap
|
---|
| 266 |
|
---|
| 267 | - RELEASE-NOTES: synced with d58ba66eeceb
|
---|
| 268 |
|
---|
| 269 | Steve Holme (21 Jan 2016)
|
---|
| 270 | - TODO: "Create remote directories" for SMB
|
---|
| 271 |
|
---|
| 272 | Jay Satiro (18 Jan 2016)
|
---|
| 273 | - mbedtls: Fix pinned key return value on fail
|
---|
| 274 |
|
---|
| 275 | - Switch from verifying a pinned public key in a callback during the
|
---|
| 276 | certificate verification to inline after the certificate verification.
|
---|
| 277 |
|
---|
| 278 | The callback method had three problems:
|
---|
| 279 |
|
---|
| 280 | 1. If a pinned public key didn't match, CURLE_SSL_PINNEDPUBKEYNOTMATCH
|
---|
| 281 | was not returned.
|
---|
| 282 |
|
---|
| 283 | 2. If peer certificate verification was disabled the pinned key
|
---|
| 284 | verification did not take place as it should.
|
---|
| 285 |
|
---|
| 286 | 3. (related to #2) If there was no certificate of depth 0 the callback
|
---|
| 287 | would not have checked the pinned public key.
|
---|
| 288 |
|
---|
| 289 | Though all those problems could have been fixed it would have made the
|
---|
| 290 | code more complex. Instead we now verify inline after the certificate
|
---|
| 291 | verification in mbedtls_connect_step2.
|
---|
| 292 |
|
---|
| 293 | Ref: http://curl.haxx.se/mail/lib-2016-01/0047.html
|
---|
| 294 | Ref: https://github.com/bagder/curl/pull/601
|
---|
| 295 |
|
---|
| 296 | - tests: Add a test for pinnedpubkey fail even when insecure
|
---|
| 297 |
|
---|
| 298 | Because disabling the peer verification (--insecure) must not disable
|
---|
| 299 | the public key pinning check (--pinnedpubkey).
|
---|
| 300 |
|
---|
| 301 | - [Daniel Schauenberg brought this change]
|
---|
| 302 |
|
---|
| 303 | CURLINFO_RESPONSE_CODE.3: add example
|
---|
| 304 |
|
---|
| 305 | Kamil Dudka (15 Jan 2016)
|
---|
| 306 | - ssh: make CURLOPT_SSH_PUBLIC_KEYFILE treat "" as NULL
|
---|
| 307 |
|
---|
| 308 | The CURLOPT_SSH_PUBLIC_KEYFILE option has been documented to handle
|
---|
| 309 | empty strings specially since curl-7_25_0-31-g05a443a but the behavior
|
---|
| 310 | was unintentionally removed in curl-7_38_0-47-gfa7d04f.
|
---|
| 311 |
|
---|
| 312 | This commit restores the original behavior and clarifies it in the
|
---|
| 313 | documentation that NULL and "" have both the same meaning when passed
|
---|
| 314 | to CURLOPT_SSH_PUBLIC_KEYFILE.
|
---|
| 315 |
|
---|
| 316 | Bug: http://curl.haxx.se/mail/lib-2016-01/0072.html
|
---|
| 317 |
|
---|
| 318 | Daniel Stenberg (14 Jan 2016)
|
---|
| 319 | - RELEASE-NOTES: synced with 35083ca60ed035a
|
---|
| 320 |
|
---|
| 321 | - openssl: improved error detection/reporting
|
---|
| 322 |
|
---|
| 323 | ... by extracting the LIB + REASON from the OpenSSL error code. OpenSSL
|
---|
| 324 | 1.1.0+ returned a new func number of another cerfificate fail so this
|
---|
| 325 | required a fix and this is the better way to catch this error anyway.
|
---|
| 326 |
|
---|
| 327 | - openssl: for 1.1.0+ they now provide a SSLeay() macro of their own
|
---|
| 328 |
|
---|
| 329 | - CURLOPT_RESOLVE.3: minor language polish
|
---|
| 330 |
|
---|
| 331 | - configure: assume IPv6 works when cross-compiled
|
---|
| 332 |
|
---|
| 333 | The configure test uses AC_TRY_RUN to figure out if an ipv6 socket
|
---|
| 334 | works, and testing like that doesn't work for cross-compiles. These days
|
---|
| 335 | IPv6 support is widespread so a blind guess is probably more likely to
|
---|
| 336 | be 'yes' than 'no' now.
|
---|
| 337 |
|
---|
| 338 | Further: anyone who cross-compiles can use configure's --disable-ipv6 to
|
---|
| 339 | explicitly disable IPv6 and that also works for cross-compiles.
|
---|
| 340 |
|
---|
| 341 | Made happen after discussions in issue #594
|
---|
| 342 |
|
---|
| 343 | - TODO: "Try to URL encode given URL"
|
---|
| 344 |
|
---|
| 345 | Closes #514
|
---|
| 346 |
|
---|
| 347 | - ConnectionExists: only do pipelining/multiplexing when asked
|
---|
| 348 |
|
---|
| 349 | When an HTTP/2 upgrade request fails (no protocol switch), it would
|
---|
| 350 | previously detect that as still possible to pipeline on (which is
|
---|
| 351 | acorrect) and do that when PIPEWAIT was enabled even if pipelining was
|
---|
| 352 | not explictily enabled.
|
---|
| 353 |
|
---|
| 354 | It should only pipelined if explicitly asked to.
|
---|
| 355 |
|
---|
| 356 | Closes #584
|
---|
| 357 |
|
---|
| 358 | - [Mohammad AlSaleh brought this change]
|
---|
| 359 |
|
---|
| 360 | lib: Prefix URLs with lower-case protocol names/schemes
|
---|
| 361 |
|
---|
| 362 | Before this patch, if a URL does not start with the protocol
|
---|
| 363 | name/scheme, effective URLs would be prefixed with upper-case protocol
|
---|
| 364 | names/schemes. This behavior might not be expected by library users or
|
---|
| 365 | end users.
|
---|
| 366 |
|
---|
| 367 | For example, if `CURLOPT_DEFAULT_PROTOCOL` is set to "https". And the
|
---|
| 368 | URL is "hostname/path". The effective URL would be
|
---|
| 369 | "HTTPS://hostname/path" instead of "https://hostname/path".
|
---|
| 370 |
|
---|
| 371 | After this patch, effective URLs would be prefixed with a lower-case
|
---|
| 372 | protocol name/scheme.
|
---|
| 373 |
|
---|
| 374 | Closes #597
|
---|
| 375 |
|
---|
| 376 | Signed-off-by: Mohammad AlSaleh <CE.Mohammad.AlSaleh@gmail.com>
|
---|
| 377 |
|
---|
| 378 | - [Alessandro Ghedini brought this change]
|
---|
| 379 |
|
---|
| 380 | scripts: don't generate and install zsh completion when cross-compiling
|
---|
| 381 |
|
---|
| 382 | - [Alessandro Ghedini brought this change]
|
---|
| 383 |
|
---|
| 384 | scripts: fix zsh completion generation
|
---|
| 385 |
|
---|
| 386 | The script should use the just-built curl, not the system one. This fixes
|
---|
| 387 | zsh completion generation when no system curl is installed.
|
---|
| 388 |
|
---|
| 389 | - [Alessandro Ghedini brought this change]
|
---|
| 390 |
|
---|
| 391 | zsh.pl: fail if no curl is found
|
---|
| 392 |
|
---|
| 393 | Instead of generation a broken completion file.
|
---|
| 394 |
|
---|
| 395 | - [Michael Kaufmann brought this change]
|
---|
| 396 |
|
---|
| 397 | IDN host names: Remove the port number before converting to ACE
|
---|
| 398 |
|
---|
| 399 | Closes #596
|
---|
| 400 |
|
---|
| 401 | Jay Satiro (10 Jan 2016)
|
---|
| 402 | - runtests: Add mbedTLS to the SSL backends
|
---|
| 403 |
|
---|
| 404 | .. and enable SSLpinning tests for mbedTLS, BoringSSL and LibreSSL.
|
---|
| 405 |
|
---|
| 406 | Daniel Stenberg (10 Jan 2016)
|
---|
| 407 | - [Thomas Glanzmann brought this change]
|
---|
| 408 |
|
---|
| 409 | mbedtls: implement CURLOPT_PINNEDPUBLICKEY
|
---|
| 410 |
|
---|
| 411 | Jay Satiro (9 Jan 2016)
|
---|
| 412 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 413 |
|
---|
| 414 | url: Fix compile error with --enable-werror
|
---|
| 415 |
|
---|
| 416 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 417 |
|
---|
| 418 | http2: Ensure that http2_handle_stream_close is called
|
---|
| 419 |
|
---|
| 420 | Previously, when HTTP/2 is enabled and used, and stream has content
|
---|
| 421 | length known, Curl_read was not called when there was no bytes left to
|
---|
| 422 | read. Because of this, we could not make sure that
|
---|
| 423 | http2_handle_stream_close was called for every stream. Since we use
|
---|
| 424 | http2_handle_stream_close to emit trailer fields, they were
|
---|
| 425 | effectively ignored. This commit changes the code so that Curl_read is
|
---|
| 426 | called even if no bytes left to read, to ensure that
|
---|
| 427 | http2_handle_stream_close is called for every stream.
|
---|
| 428 |
|
---|
| 429 | Discussed in https://github.com/bagder/curl/pull/564
|
---|
| 430 |
|
---|
| 431 | Daniel Stenberg (8 Jan 2016)
|
---|
| 432 | - http2: handle the received SETTINGS frame
|
---|
| 433 |
|
---|
| 434 | This regression landed in 5778e6f5 and made libcurl not act on received
|
---|
| 435 | settings and instead stayed with its internal defaults.
|
---|
| 436 |
|
---|
| 437 | Bug: http://curl.haxx.se/mail/lib-2016-01/0031.html
|
---|
| 438 | Reported-by: Bankde
|
---|
| 439 |
|
---|
| 440 | - Revert "multiplex: allow only once HTTP/2 is actually used"
|
---|
| 441 |
|
---|
| 442 | This reverts commit 46cb70e9fa81c9a56de484cdd7c5d9d0d9fbec36.
|
---|
| 443 |
|
---|
| 444 | Bug: http://curl.haxx.se/mail/lib-2016-01/0031.html
|
---|
| 445 |
|
---|
| 446 | Jay Satiro (8 Jan 2016)
|
---|
| 447 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 448 |
|
---|
| 449 | http2: Fix PUSH_PROMISE headers being treated as trailers
|
---|
| 450 |
|
---|
| 451 | Discussed in https://github.com/bagder/curl/pull/564
|
---|
| 452 |
|
---|
| 453 | Daniel Stenberg (8 Jan 2016)
|
---|
| 454 | - [Michael Kaufmann brought this change]
|
---|
| 455 |
|
---|
| 456 | connection reuse: IDN host names fixed
|
---|
| 457 |
|
---|
| 458 | Use the ACE form of IDN hostnames as key in the connection cache. Add
|
---|
| 459 | new tests.
|
---|
| 460 |
|
---|
| 461 | Closes #592
|
---|
| 462 |
|
---|
| 463 | - tests: mark IPv6 FTP and FTPS tests with the FTP keyword
|
---|
| 464 |
|
---|
| 465 | Jay Satiro (7 Jan 2016)
|
---|
| 466 | - mbedtls: Fix ALPN support
|
---|
| 467 |
|
---|
| 468 | - Fix ALPN reply detection.
|
---|
| 469 |
|
---|
| 470 | - Wrap nghttp2 code in ifdef USE_NGHTTP2.
|
---|
| 471 |
|
---|
| 472 |
|
---|
| 473 | Prior to this change ALPN and HTTP/2 did not work properly in mbedTLS.
|
---|
| 474 |
|
---|
| 475 | - http2: Fix client write for trailers on stream close
|
---|
| 476 |
|
---|
| 477 | Check that the trailer buffer exists before attempting a client write
|
---|
| 478 | for trailers on stream close.
|
---|
| 479 |
|
---|
| 480 | Refer to comments in https://github.com/bagder/curl/pull/564
|
---|
| 481 |
|
---|
| 482 | Daniel Stenberg (7 Jan 2016)
|
---|
| 483 | - COPYING: update general copyright year range
|
---|
| 484 |
|
---|
| 485 | - ConnectionExists: add missing newline in infof() call
|
---|
| 486 |
|
---|
| 487 | Mistake from commit a464f33843ee1
|
---|
| 488 |
|
---|
| 489 | - multiplex: allow only once HTTP/2 is actually used
|
---|
| 490 |
|
---|
| 491 | To make sure curl doesn't allow multiplexing before a connection is
|
---|
| 492 | upgraded to HTTP/2 (like when Upgrade: h2c fails), we must make sure the
|
---|
| 493 | connection uses HTTP/2 as well and not only check what's wanted.
|
---|
| 494 |
|
---|
| 495 | Closes #584
|
---|
| 496 |
|
---|
| 497 | Patch-by: c0ff
|
---|
| 498 |
|
---|
| 499 | Jay Satiro (4 Jan 2016)
|
---|
| 500 | - curl_global_init.3: Add Windows-specific info for init via DLL
|
---|
| 501 |
|
---|
| 502 | - Add to both curl_global_init.3 and libcurl.3 the caveat for Windows
|
---|
| 503 | that initializing libcurl via a DLL's DllMain or static initializer
|
---|
| 504 | could cause a deadlock.
|
---|
| 505 |
|
---|
| 506 | Bug: https://github.com/bagder/curl/issues/586
|
---|
| 507 | Reported-by: marc-groundctl@users.noreply.github.com
|
---|
| 508 |
|
---|
| 509 | Daniel Stenberg (4 Jan 2016)
|
---|
| 510 | - FAQ: clarify who to mail about ECCN clarifications
|
---|
| 511 |
|
---|
| 512 | - progressfunc.c: spellfix description
|
---|
| 513 |
|
---|
| 514 | - docs/examples/multi-app.c: fix bad desc formatting
|
---|
| 515 |
|
---|
| 516 | - examples: added descriptions
|
---|
| 517 |
|
---|
| 518 | - example/simple.c: add description
|
---|
| 519 |
|
---|
| 520 | - getredirect.c: a new example
|
---|
| 521 |
|
---|
| 522 | Marc Hoersken (27 Dec 2015)
|
---|
| 523 | - RELEASE-NOTES: add 5e0e81a9c4e35f04ca
|
---|
| 524 |
|
---|
| 525 | Daniel Stenberg (26 Dec 2015)
|
---|
| 526 | - RELEASE-NOTES: synced with 2aec4359db1088b10d
|
---|
| 527 |
|
---|
| 528 | Marc Hoersken (26 Dec 2015)
|
---|
| 529 | - test 1515: add data check
|
---|
| 530 |
|
---|
| 531 | - test 1515: add MSYS support by passing a relative path
|
---|
| 532 |
|
---|
| 533 | MSYS would otherwise turn a /-style path into a C:\-style path.
|
---|
| 534 |
|
---|
| 535 | - test 539: use datacheck mode text for ASCII-mode LISTings
|
---|
| 536 |
|
---|
| 537 | While still using datacheck mode binary for the inline reply data.
|
---|
| 538 |
|
---|
| 539 | - runtests.pl: check up to 5 data parts with different text modes
|
---|
| 540 |
|
---|
| 541 | Move the text-mode conversion for reply/replycheck from the verify
|
---|
| 542 | section into the load section and add support for 4 more check parts.
|
---|
| 543 |
|
---|
| 544 | Daniel Stenberg (24 Dec 2015)
|
---|
| 545 | - CURLOPT_RANGE: for HTTP servers, range support is optional
|
---|
| 546 |
|
---|
| 547 | Marc Hoersken (24 Dec 2015)
|
---|
| 548 | - tests 1048 and 1050: use datacheck mode text for ASCII-mode LISTings
|
---|
| 549 |
|
---|
| 550 | - tests 706 and 707: use datacheck mode text for ASCII-mode LISTings
|
---|
| 551 |
|
---|
| 552 | - tests 400,403,406: use datacheck mode text for ASCII-mode LISTings
|
---|
| 553 |
|
---|
| 554 | - sockfilt.c: fix calculation of sleep timeout on Windows
|
---|
| 555 |
|
---|
| 556 | Not converting to double caused small timeouts to be skipped.
|
---|
| 557 |
|
---|
| 558 | - tests first.c: fix calculation of sleep timeout on Windows
|
---|
| 559 |
|
---|
| 560 | Not converting to double caused small timeouts to be skipped.
|
---|
| 561 |
|
---|
| 562 | - test 573: add more debug output
|
---|
| 563 |
|
---|
| 564 | - ftplistparser.c: fix handling of file LISTings using Windows EOL
|
---|
| 565 |
|
---|
| 566 | Previously file.txt[CR][LF] would have been returned as file.tx
|
---|
| 567 | (without the last t) if filetype is symlink. Now the t is
|
---|
| 568 | included and the internal item_length includes the zero byte.
|
---|
| 569 |
|
---|
| 570 | Spotted using test 576 on Windows.
|
---|
| 571 |
|
---|
| 572 | - test 16: fix on Linux (and Windows) by using plain ASCII characters
|
---|
| 573 |
|
---|
| 574 | Follow up on b064ff0c351bb287557228575ef4c1d079b866fb, thanks Daniel.
|
---|
| 575 |
|
---|
| 576 | - tftpd server: add Windows support by writing files in binary mode
|
---|
| 577 |
|
---|
| 578 | - tests 252-255: use datacheck mode text for ASCII-mode LISTings
|
---|
| 579 |
|
---|
| 580 | - test 16: fix on Windows by converting data file from ANSI to UTF-8
|
---|
| 581 |
|
---|
| 582 | Daniel Stenberg (23 Dec 2015)
|
---|
| 583 | - Makefile.inc: s/curl_SOURCES/CURL_FILES
|
---|
| 584 |
|
---|
| 585 | This allows the root Makefile.am to include the Makefile.inc without
|
---|
| 586 | causing automake to warn on it (variables named *_SOURCES are
|
---|
| 587 | magic). curl_SOURCES is then instead assigned properly in
|
---|
| 588 | src/Makefile.am only.
|
---|
| 589 |
|
---|
| 590 | Closes #577
|
---|
| 591 |
|
---|
| 592 | - [Anders Bakken brought this change]
|
---|
| 593 |
|
---|
| 594 | ConnectionExists: with *PIPEWAIT, wait for connections
|
---|
| 595 |
|
---|
| 596 | Try harder to prevent libcurl from opening up an additional socket when
|
---|
| 597 | CURLOPT_PIPEWAIT is set. Accomplished by letting ongoing TCP and TLS
|
---|
| 598 | handshakes complete first before the decision is made.
|
---|
| 599 |
|
---|
| 600 | Closes #575
|
---|
| 601 |
|
---|
| 602 | - [Anders Bakken brought this change]
|
---|
| 603 |
|
---|
| 604 | Add .dir-locals and set c-basic-offset to 2.
|
---|
| 605 |
|
---|
| 606 | This makes it easier for emacs users to automatically get the right
|
---|
| 607 | 2-space indentation when they edit curl source files.
|
---|
| 608 |
|
---|
| 609 | c++-mode is in there as well because Emacs can't easily know if
|
---|
| 610 | something is a C or C++ header.
|
---|
| 611 |
|
---|
| 612 | Closes #574
|
---|
| 613 |
|
---|
| 614 | - [Johannes Schindelin brought this change]
|
---|
| 615 |
|
---|
| 616 | configure: detect IPv6 support on Windows
|
---|
| 617 |
|
---|
| 618 | This patch was "nicked" from the MINGW-packages project by Daniel.
|
---|
| 619 |
|
---|
| 620 | https://github.com/Alexpux/MINGW-packages/commit/9253d0bf58a1486e91f7efb5316e7fdb48fa4007
|
---|
| 621 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 622 |
|
---|
| 623 | - configure: allow static builds on mingw
|
---|
| 624 |
|
---|
| 625 | This patch is adopted from the MINGW-packages project. It makes it
|
---|
| 626 | possible to build curl both shared and static again.
|
---|
| 627 |
|
---|
| 628 | URL: https://github.com/Alexpux/MINGW-packages/tree/master/mingw-w64-curl
|
---|
| 629 |
|
---|
| 630 | Marc Hoersken (17 Dec 2015)
|
---|
| 631 | - test 1326: fix file check since curl is outputting binary data
|
---|
| 632 |
|
---|
| 633 | - test 1326: fix getting stuck on Windows due to incomplete request
|
---|
| 634 |
|
---|
| 635 | The request needs to be read and send in binary mode in order to use
|
---|
| 636 | CRLF instead of LF. Adding --upload-file - causes curl to read stdin
|
---|
| 637 | in binary mode.
|
---|
| 638 |
|
---|
| 639 | Daniel Stenberg (17 Dec 2015)
|
---|
| 640 | - RELEASE-NOTES: command line option recount
|
---|
| 641 |
|
---|
| 642 | Dan Fandrich (16 Dec 2015)
|
---|
| 643 | - scripts/Makefile: build zsh script even in an out-of-tree build
|
---|
| 644 |
|
---|
| 645 | Marc Hoersken (16 Dec 2015)
|
---|
| 646 | - sockfilt.c: added some debug output to select_ws
|
---|
| 647 |
|
---|
| 648 | - sockfilt.c: keep lines shorter than 80 chars
|
---|
| 649 |
|
---|
| 650 | - sockfilt.c: do not wait on unreliable file or pipe handle
|
---|
| 651 |
|
---|
| 652 | The previous implementation caused issues on modern MSYS2 runtimes.
|
---|
| 653 |
|
---|
| 654 | Daniel Stenberg (16 Dec 2015)
|
---|
| 655 | - cyassl: deal with lack of *get_peer_certificate
|
---|
| 656 |
|
---|
| 657 | The function is only present in wolfssl/cyassl if it was built with
|
---|
| 658 | --enable-opensslextra. With these checks added, pinning support is disabled
|
---|
| 659 | unless the TLS lib has that function available.
|
---|
| 660 |
|
---|
| 661 | Also fix the mistake in configure that checks for the wrong lib name.
|
---|
| 662 |
|
---|
| 663 | Closes #566
|
---|
| 664 |
|
---|
| 665 | - wolfssl: handle builds without SSLv3 support
|
---|
| 666 |
|
---|
| 667 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 668 |
|
---|
| 669 | http2: Support trailer fields
|
---|
| 670 |
|
---|
| 671 | This commit adds trailer support in HTTP/2. In HTTP/1.1, chunked
|
---|
| 672 | encoding must be used to send trialer fields. HTTP/2 deprecated any
|
---|
| 673 | trandfer-encoding, including chunked. But trailer fields are now
|
---|
| 674 | always available.
|
---|
| 675 |
|
---|
| 676 | Since trailer fields are relatively rare these days (gRPC uses them
|
---|
| 677 | extensively though), allocating buffer for trailer fields is done when
|
---|
| 678 | we detect that HEADERS frame containing trailer fields is started. We
|
---|
| 679 | use Curl_add_buffer_* functions to buffer all trailers, just like we
|
---|
| 680 | do for regular header fields. And then deliver them when stream is
|
---|
| 681 | closed. We have to be careful here so that all data are delivered to
|
---|
| 682 | upper layer before sending trailers to the application.
|
---|
| 683 |
|
---|
| 684 | We can deliver trailer field one by one using NGHTTP2_ERR_PAUSE
|
---|
| 685 | mechanism, but current method is far more simple.
|
---|
| 686 |
|
---|
| 687 | Another possibility is use chunked encoding internally for HTTP/2
|
---|
| 688 | traffic. I have not tested it, but it could add another overhead.
|
---|
| 689 |
|
---|
| 690 | Closes #564
|
---|
| 691 |
|
---|
| 692 | - RELEASE-NOTES: synced with 6c2c019654e658a
|
---|
| 693 |
|
---|
| 694 | Jay Satiro (15 Dec 2015)
|
---|
| 695 | - x509asn1: Fix host altname verification
|
---|
| 696 |
|
---|
| 697 | - In Curl_verifyhost check all altnames in the certificate.
|
---|
| 698 |
|
---|
| 699 | Prior to this change only the first altname was checked. Only the GSKit
|
---|
| 700 | SSL backend was affected by this bug.
|
---|
| 701 |
|
---|
| 702 | Bug: http://curl.haxx.se/mail/lib-2015-12/0062.html
|
---|
| 703 | Reported-by: John Kohl
|
---|
| 704 |
|
---|
| 705 | Daniel Stenberg (15 Dec 2015)
|
---|
| 706 | - curl --expect100-timeout: added
|
---|
| 707 |
|
---|
| 708 | This is the new command line option to set the value for the existing
|
---|
| 709 | libcurl option CURLOPT_EXPECT_100_TIMEOUT_MS
|
---|
| 710 |
|
---|
| 711 | - cyassl: fix compiler warning on type conversion
|
---|
| 712 |
|
---|
| 713 | - curlver: the pending release will become 7.47.0
|
---|
| 714 |
|
---|
| 715 | - [Anders Bakken brought this change]
|
---|
| 716 |
|
---|
| 717 | setstropt: const-correctness
|
---|
| 718 |
|
---|
| 719 | Closes #565
|
---|
| 720 |
|
---|
| 721 | - ROADMAP: implemented HTTP2 for HTTPS-only
|
---|
| 722 |
|
---|
| 723 | - HTTP2.md: spell fix and remove TODO now implemented
|
---|
| 724 |
|
---|
| 725 | - libressl: the latest openssl x509 funcs are not in libressl
|
---|
| 726 |
|
---|
| 727 | - curl: use 2TLS by default
|
---|
| 728 |
|
---|
| 729 | Make this the default for the curl tool (if built with HTTP/2 powers
|
---|
| 730 | enabled) unless a specific HTTP version is requested on the command
|
---|
| 731 | line.
|
---|
| 732 |
|
---|
| 733 | This should allow more users to get HTTP/2 powers without having to
|
---|
| 734 | change anything.
|
---|
| 735 |
|
---|
| 736 | - http: add libcurl option to allow HTTP/2 for HTTPS only
|
---|
| 737 |
|
---|
| 738 | ... and stick to 1.1 for HTTP. This is in line with what browsers do and
|
---|
| 739 | should have very little risk.
|
---|
| 740 |
|
---|
| 741 | - openssl: adapt to openssl >= 1.1.0 X509 opaque structs
|
---|
| 742 |
|
---|
| 743 | Closes #491
|
---|
| 744 |
|
---|
| 745 | - openssl: avoid BIO_reset() warnings since it returns a value
|
---|
| 746 |
|
---|
| 747 | - openssl: adapt to 1.1.0+ name changes
|
---|
| 748 |
|
---|
| 749 | - scripts/makefile: add standard header
|
---|
| 750 |
|
---|
| 751 | - scripts/Makefile: fix GNUism and survive no perl
|
---|
| 752 |
|
---|
| 753 | Closes #555
|
---|
| 754 |
|
---|
| 755 | Reported-by: Thomas Klausner
|
---|
| 756 |
|
---|
| 757 | - fix b6d5cb40d7038fe
|
---|
| 758 |
|
---|
| 759 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 760 |
|
---|
| 761 | http2: Fix hanging paused stream
|
---|
| 762 |
|
---|
| 763 | When NGHTTP2_ERR_PAUSE is returned from data_source_read_callback, we
|
---|
| 764 | might not process DATA frame fully. Calling nghttp2_session_mem_recv()
|
---|
| 765 | again will continue to process DATA frame, but if there is no incoming
|
---|
| 766 | frames, then we have to call it again with 0-length data. Without this,
|
---|
| 767 | on_stream_close callback will not be called, and stream could be hanged.
|
---|
| 768 |
|
---|
| 769 | Bug: http://curl.haxx.se/mail/lib-2015-11/0103.html
|
---|
| 770 | Reported-by: Francisco Moraes
|
---|
| 771 |
|
---|
| 772 | - [Christian Stewart brought this change]
|
---|
| 773 |
|
---|
| 774 | build: fix compilation error with CURL_DISABLE_VERBOSE_STRINGS
|
---|
| 775 |
|
---|
| 776 | With curl disable verbose strings in http.c the compilation fails due to
|
---|
| 777 | the data variable being undefined later on in the function.
|
---|
| 778 |
|
---|
| 779 | Closes #558
|
---|
| 780 |
|
---|
| 781 | Jay Satiro (7 Dec 2015)
|
---|
| 782 | - [Gisle Vanem brought this change]
|
---|
| 783 |
|
---|
| 784 | config-win32: Fix warning HAVE_WINSOCK2_H undefined
|
---|
| 785 |
|
---|
| 786 | - [Gisle Vanem brought this change]
|
---|
| 787 |
|
---|
| 788 | openssl: BoringSSL doesn't have CONF_modules_free
|
---|
| 789 |
|
---|
| 790 | - [Gisle Vanem brought this change]
|
---|
| 791 |
|
---|
| 792 | lwip: Fix compatibility issues with later versions
|
---|
| 793 |
|
---|
| 794 | The name of the header guard in lwIP's <lwip/opt.h> has changed from
|
---|
| 795 | '__LWIP_OPT_H__' to 'LWIP_HDR_OPT_H' (bug #35874 in May 2015).
|
---|
| 796 |
|
---|
| 797 | Other fixes:
|
---|
| 798 |
|
---|
| 799 | - In curl_setup.h, the problem with an old PSDK doesn't apply if lwIP is
|
---|
| 800 | used.
|
---|
| 801 |
|
---|
| 802 | - In memdebug.h, the 'socket' should be undefined first due to lwIP's
|
---|
| 803 | lwip_socket() macro.
|
---|
| 804 |
|
---|
| 805 | - In curl_addrinfo.c lwIP's getaddrinfo() + freeaddrinfo() macros need
|
---|
| 806 | special handling because they were undef'ed in memdebug.h.
|
---|
| 807 |
|
---|
| 808 | - In select.c we can't use preprocessor conditionals inside select if
|
---|
| 809 | MSVC and select is a macro, as it is with lwIP.
|
---|
| 810 |
|
---|
| 811 | http://curl.haxx.se/mail/lib-2015-12/0023.html
|
---|
| 812 | http://curl.haxx.se/mail/lib-2015-12/0024.html
|
---|
| 813 |
|
---|
| 814 | Patrick Monnerat (7 Dec 2015)
|
---|
| 815 | - os400: define CURL_VERSION_PSL in ILE/RPG binding
|
---|
| 816 |
|
---|
| 817 | Jay Satiro (7 Dec 2015)
|
---|
| 818 | - [Gisle Vanem brought this change]
|
---|
| 819 |
|
---|
| 820 | version: Add flag CURL_VERSION_PSL for libpsl
|
---|
| 821 |
|
---|
| 822 | - formdata: Check if length is too large for memory
|
---|
| 823 |
|
---|
| 824 | - If the size of the length type (curl_off_t) is greater than the size
|
---|
| 825 | of the size_t type then check before allocating memory to make sure the
|
---|
| 826 | value of length will fit in a size_t without overflow. If it doesn't
|
---|
| 827 | then return CURLE_BAD_FUNCTION_ARGUMENT.
|
---|
| 828 |
|
---|
| 829 | Bug: https://github.com/bagder/curl/issues/425#issuecomment-154518679
|
---|
| 830 | Reported-by: Steve Holme
|
---|
| 831 |
|
---|
| 832 | Steve Holme (3 Dec 2015)
|
---|
| 833 | - tests: Corrected copy and pasted comments from commit e643c5c908
|
---|
| 834 |
|
---|
| 835 | Daniel Stenberg (3 Dec 2015)
|
---|
| 836 | - curl: remove keepalive #ifdef checks done on libcurl's behalf
|
---|
| 837 |
|
---|
| 838 | They didn't match the ifdef logic used within libcurl anyway so they
|
---|
| 839 | could indeed warn for the wrong case - plus the tool cannot know how the
|
---|
| 840 | lib actually performs at that level.
|
---|
| 841 |
|
---|
| 842 | Steve Holme (2 Dec 2015)
|
---|
| 843 | - test947: Corrected typo in test name
|
---|
| 844 |
|
---|
| 845 | - tests: Disable the OAUTHBEARER tests when using a non-default port number
|
---|
| 846 |
|
---|
| 847 | Tests 842, 843, 844, 845, 887, 888, 889, 890, 946, 947, 948 and 949 fail
|
---|
| 848 | if a custom port number is specified via the -b option of runtests.pl.
|
---|
| 849 |
|
---|
| 850 | Suggested by: Kamil Dudka
|
---|
| 851 | Bug: http://curl.haxx.se/mail/lib-2015-12/0003.html
|
---|
| 852 |
|
---|
| 853 | Daniel Stenberg (2 Dec 2015)
|
---|
| 854 | - bump: towards next release
|
---|
| 855 |
|
---|
| 856 | for all we know now, it might be called 7.46.1
|
---|
| 857 |
|
---|
| 858 | Version 7.46.0 (1 Dec 2015)
|
---|
| 859 |
|
---|
| 860 | Daniel Stenberg (1 Dec 2015)
|
---|
| 861 | - RELEASE-NOTES: updated contributor count for 7.46.0
|
---|
| 862 |
|
---|
| 863 | - THANKS: new contributors from the 7.46.0 release
|
---|
| 864 |
|
---|
| 865 | - THANKS-filter: single Tim Rühsen spelling
|
---|
| 866 |
|
---|
| 867 | - docs/examples: gitignore some more built examples
|
---|
| 868 |
|
---|
| 869 | - RELEASE-NOTES; this bug was never released
|
---|
| 870 |
|
---|
| 871 | - RELEASE-NOTES: synced with e55f15454efacb0
|
---|
| 872 |
|
---|
| 873 | - [Flavio Medeiros brought this change]
|
---|
| 874 |
|
---|
| 875 | Curl_read_plain: clean up ifdefs that break statements
|
---|
| 876 |
|
---|
| 877 | Closes #546
|
---|
| 878 |
|
---|
| 879 | - http2: convert some verbose output into debug-only output
|
---|
| 880 |
|
---|
| 881 | - http2 push: add missing inits of new stream
|
---|
| 882 |
|
---|
| 883 | - set the correct stream_id for pushed streams
|
---|
| 884 | - init maxdownload and size properly
|
---|
| 885 |
|
---|
| 886 | - http2 push: set weight for new stream
|
---|
| 887 |
|
---|
| 888 | give the new stream the old one's stream_weight internally to avoid
|
---|
| 889 | sending a PRIORITY frame unless asked for it
|
---|
| 890 |
|
---|
| 891 | - curl_setup.h: undef freeaddrinfo in c-ares block to fix build
|
---|
| 892 |
|
---|
| 893 | Fixes warnings 78c25c854a added.
|
---|
| 894 |
|
---|
| 895 | - nonblock: fix setting non-blocking mode for Amiga
|
---|
| 896 |
|
---|
| 897 | IoctlSocket() apparently wants a pointer to a long, passed as a char *
|
---|
| 898 | in its third parameter. This bug was introduced already back in commit
|
---|
| 899 | c5fdeef41d from October 1 2001!
|
---|
| 900 |
|
---|
| 901 | Bug: http://curl.haxx.se/mail/lib-2015-11/0088.html
|
---|
| 902 | Reported-by: Norbert Kett
|
---|
| 903 |
|
---|
| 904 | - zsh install: fix DESTDIR support
|
---|
| 905 |
|
---|
| 906 | Reported-by: Mohammad AlSaleh
|
---|
| 907 |
|
---|
| 908 | Dan Fandrich (27 Nov 2015)
|
---|
| 909 | - lib: Only define curl_dofreeaddrinfo if struct addrinfo is available
|
---|
| 910 |
|
---|
| 911 | Steve Holme (27 Nov 2015)
|
---|
| 912 | - tool_paramhlp: Fixed display of URL index in password prompt for --next
|
---|
| 913 |
|
---|
| 914 | Commit f3bae6ed73 added the URL index to the password prompt when using
|
---|
| 915 | --next. Unfortunately, because the size_t specifier (%zu) is not
|
---|
| 916 | supported by all sprintf() implementations we use the curl_off_t format
|
---|
| 917 | specifier instead. The display of an incorrect value arises on platforms
|
---|
| 918 | where size_t and curl_off_t are of a different size.
|
---|
| 919 |
|
---|
| 920 | Daniel Stenberg (25 Nov 2015)
|
---|
| 921 | - timecond: do not add if-modified-since without timecondition
|
---|
| 922 |
|
---|
| 923 | The RTSP code path didn't skip adding the if-modified-since for certain
|
---|
| 924 | RTSP code paths, even if CURLOPT_TIMECONDITION was set to
|
---|
| 925 | CURL_TIMECOND_NONE.
|
---|
| 926 |
|
---|
| 927 | Also, an unknown non-zero CURLOPT_TIMECONDITION value no longer equals
|
---|
| 928 | CURL_TIMECOND_IFMODSINCE.
|
---|
| 929 |
|
---|
| 930 | Bug: http://stackoverflow.com/questions/33903982/curl-timecond-none-doesnt-work-how-to-remove-if-modified-since-header
|
---|
| 931 |
|
---|
| 932 | - RELEASE-NOTES: synced with 99d17a5e2ba77e58
|
---|
| 933 |
|
---|
| 934 | - examples/README: cut out the incomplete list
|
---|
| 935 |
|
---|
| 936 | ... and add a generic explanation for them instead. Each example file
|
---|
| 937 | should contain its own description these days.
|
---|
| 938 |
|
---|
| 939 | - test1513: make sure the callback is only called once
|
---|
| 940 |
|
---|
| 941 | - [Daniel Shahaf brought this change]
|
---|
| 942 |
|
---|
| 943 | build: Install zsh completion
|
---|
| 944 |
|
---|
| 945 | Fixes #534
|
---|
| 946 | Closes #537
|
---|
| 947 |
|
---|
| 948 | - done: make sure the final progress update is made
|
---|
| 949 |
|
---|
| 950 | It would previously be skipped if an existing error was returned, but
|
---|
| 951 | would lead to a previous value being left there and later used.
|
---|
| 952 | CURLINFO_TOTAL_TIME for example.
|
---|
| 953 |
|
---|
| 954 | Still it avoids that final progress update if we reached DONE as the
|
---|
| 955 | result of a callback abort to avoid another callback to be called after
|
---|
| 956 | an abort-by-callback.
|
---|
| 957 |
|
---|
| 958 | Reported-by: Lukas Ruzicka
|
---|
| 959 |
|
---|
| 960 | Closes #538
|
---|
| 961 |
|
---|
| 962 | - curl: expanded the -XHEAD warning text
|
---|
| 963 |
|
---|
| 964 | ... to also mention the specific options used.
|
---|
| 965 |
|
---|
| 966 | - Revert "cleanup: general removal of TODO (and similar) comments"
|
---|
| 967 |
|
---|
| 968 | This reverts commit 64e959ffe37c436503f9fed1ce2d6ee6ae50bd9a.
|
---|
| 969 |
|
---|
| 970 | Feedback-by: Dan Fandrich
|
---|
| 971 | URL: http://curl.haxx.se/mail/lib-2015-11/0062.html
|
---|
| 972 |
|
---|
| 973 | - CURLOPT_HEADERFUNCTION.3: fix typo
|
---|
| 974 |
|
---|
| 975 | Refer to _HEADERDATA not _WRITEDATA.
|
---|
| 976 |
|
---|
| 977 | Reported-by: MichaÅ Piechowski
|
---|
| 978 |
|
---|
| 979 | - TODO: TCP Fast Open
|
---|
| 980 |
|
---|
| 981 | Steve Holme (22 Nov 2015)
|
---|
| 982 | - examples: Added website parse-able descriptions to the e-mail examples
|
---|
| 983 |
|
---|
| 984 | - TODO: Added another 'multi-interface' idea
|
---|
| 985 |
|
---|
| 986 | - smb.c: Fixed compilation warnings
|
---|
| 987 |
|
---|
| 988 | smb.c:134:3: warning: conversion to 'short unsigned int' from 'int' may
|
---|
| 989 | alter its value
|
---|
| 990 | smb.c:146:42: warning: conversion to 'unsigned int' from 'long long
|
---|
| 991 | unsigned int' may alter its value
|
---|
| 992 | smb.c:146:65: warning: conversion to 'unsigned int' from 'long long
|
---|
| 993 | unsigned int' may alter its value
|
---|
| 994 |
|
---|
| 995 | - schannel: Corrected copy/paste error in commit 8d17117683
|
---|
| 996 |
|
---|
| 997 | - schannel: Use GetVersionEx() when VerifyVersionInfo() isn't available
|
---|
| 998 |
|
---|
| 999 | Regression from commit 7a8e861a5 as highlighted in the msys autobuilds.
|
---|
| 1000 |
|
---|
| 1001 | - examples: Fixed compilation warnings
|
---|
| 1002 |
|
---|
| 1003 | pop3-multi.c:96:5: warning: implicit declaration of function 'memset'
|
---|
| 1004 | imap-multi.c:96:5: warning: implicit declaration of function 'memset'
|
---|
| 1005 | http2-download.c:226:5: warning: implicit declaration of function 'memset'
|
---|
| 1006 | http2-upload.c:290:5: warning: implicit declaration of function 'memset'
|
---|
| 1007 | http2-upload.c:290:5: warning: implicit declaration of function 'memset'
|
---|
| 1008 |
|
---|
| 1009 | - Makefile.inc: Fixed test run error
|
---|
| 1010 |
|
---|
| 1011 | test845 not present in tests/data/Makefile.inc
|
---|
| 1012 |
|
---|
| 1013 | Daniel Stenberg (20 Nov 2015)
|
---|
| 1014 | - TODO: remove duplicated title
|
---|
| 1015 |
|
---|
| 1016 | - TODO: added two more libcurl ideas
|
---|
| 1017 |
|
---|
| 1018 | Moved some ideas from "next major" to just ordinary ideas since we can
|
---|
| 1019 | always add new things while keeping the old without doing a "next
|
---|
| 1020 | major".
|
---|
| 1021 |
|
---|
| 1022 | Steve Holme (20 Nov 2015)
|
---|
| 1023 | - tests: Re-enabled tests 889 and 890 following POP3 fix
|
---|
| 1024 |
|
---|
| 1025 | - pop3: Differentiate between success and continuation responses
|
---|
| 1026 |
|
---|
| 1027 | - pop3: Added clarity on some server response codes
|
---|
| 1028 |
|
---|
| 1029 | Daniel Stenberg (20 Nov 2015)
|
---|
| 1030 | - [Daniel Shahaf brought this change]
|
---|
| 1031 |
|
---|
| 1032 | build: Fix theoretical infinite loops
|
---|
| 1033 |
|
---|
| 1034 | Add error-checking to 'cd' in a few cases where omitting the checks
|
---|
| 1035 | might result in an infinite loop.
|
---|
| 1036 |
|
---|
| 1037 | Closes #535
|
---|
| 1038 |
|
---|
| 1039 | Patrick Monnerat (19 Nov 2015)
|
---|
| 1040 | - curl.h: s/#defien/#define/
|
---|
| 1041 |
|
---|
| 1042 | - os400: synchronize ILE/RPG header file
|
---|
| 1043 |
|
---|
| 1044 | - os400: Provide options for libssh2 use in compile scripts. Adjust README.
|
---|
| 1045 |
|
---|
| 1046 | Daniel Stenberg (19 Nov 2015)
|
---|
| 1047 | - [danielsh@apache.org brought this change]
|
---|
| 1048 |
|
---|
| 1049 | zsh completion: Preserve single quotes in output
|
---|
| 1050 |
|
---|
| 1051 | When an option's help string contains literal single quotes, those
|
---|
| 1052 | single quotes would be stripped from the option's description in the
|
---|
| 1053 | completion output (unless the zsh RC_QUOTES option were set while the
|
---|
| 1054 | completion function was being sourced, which is not the default). This
|
---|
| 1055 | patch makes the completion output contain single quotes where the --help
|
---|
| 1056 | output does.
|
---|
| 1057 |
|
---|
| 1058 | Closes #532
|
---|
| 1059 |
|
---|
| 1060 | Jay Satiro (18 Nov 2015)
|
---|
| 1061 | - [MaxGiting brought this change]
|
---|
| 1062 |
|
---|
| 1063 | FAQ: Grammar changes
|
---|
| 1064 |
|
---|
| 1065 | Closes https://github.com/bagder/curl/pull/533
|
---|
| 1066 |
|
---|
| 1067 | Daniel Stenberg (17 Nov 2015)
|
---|
| 1068 | - http2: http_done: don't free already-freed push headers
|
---|
| 1069 |
|
---|
| 1070 | The push headers are freed after the push callback has been invoked,
|
---|
| 1071 | meaning this code should only free the headers if the callback was never
|
---|
| 1072 | invoked and thus the headers weren't freed at that time.
|
---|
| 1073 |
|
---|
| 1074 | Reported-by: Davey Shafik
|
---|
| 1075 |
|
---|
| 1076 | - [Anders Bakken brought this change]
|
---|
| 1077 |
|
---|
| 1078 | getconnectinfo: Don't call recv(2) if socket == -1
|
---|
| 1079 |
|
---|
| 1080 | Closes #528
|
---|
| 1081 |
|
---|
| 1082 | - CURLMOPT_PUSHFUNCTION.3: *_byname() returns only the first header
|
---|
| 1083 |
|
---|
| 1084 | ... if there are more than one using the same name
|
---|
| 1085 |
|
---|
| 1086 | - http2: minor comment typo
|
---|
| 1087 |
|
---|
| 1088 | - sasl; fix checksrc warnings
|
---|
| 1089 |
|
---|
| 1090 | Steve Holme (15 Nov 2015)
|
---|
| 1091 | - RELEASE-NOTES: Adjusted for the recent OAuth 2.0 activity
|
---|
| 1092 |
|
---|
| 1093 | - tests: Disabled 889 and 890 until we support POP3 continuation responses
|
---|
| 1094 |
|
---|
| 1095 | As POP3 final and continuation responses both begin with a + character,
|
---|
| 1096 | and both the finalcode and contcode variables in SASLprotoc are set as
|
---|
| 1097 | such, we cannot tell the difference between them when we are expecting
|
---|
| 1098 | an optional continuation from the server such as the following:
|
---|
| 1099 |
|
---|
| 1100 | + something else from the server
|
---|
| 1101 | +OK final response
|
---|
| 1102 |
|
---|
| 1103 | Disabled these tests until such a time we can tell the responses apart.
|
---|
| 1104 |
|
---|
| 1105 | - tests: Corrected typos from commit ba4d8f7eba
|
---|
| 1106 |
|
---|
| 1107 | - tests: Added OAUTHBEARER failure response tests
|
---|
| 1108 |
|
---|
| 1109 | - oauth2: Support OAUTHBEARER failures sent as continuation responses
|
---|
| 1110 |
|
---|
| 1111 | According to RFC7628 a failure message may be sent by the server in a
|
---|
| 1112 | base64 encoded JSON string as a continuation response.
|
---|
| 1113 |
|
---|
| 1114 | Currently only implemented for OAUTHBEARER and not XAUTH2.
|
---|
| 1115 |
|
---|
| 1116 | Daniel Stenberg (15 Nov 2015)
|
---|
| 1117 | - RELEASE-NOTES: synced with 808a17ee675
|
---|
| 1118 |
|
---|
| 1119 | Steve Holme (14 Nov 2015)
|
---|
| 1120 | - tests: Renamed existing OAuth 2.0 (XOAUTH) tests
|
---|
| 1121 |
|
---|
| 1122 | - tests: Added OAuth 2.0 (OAUTHBEARER) tests
|
---|
| 1123 |
|
---|
| 1124 | - oauth2: Added support for OAUTHBEARER SASL mechanism to IMAP, POP3 and SNMP
|
---|
| 1125 |
|
---|
| 1126 | OAUTHBEARER is now the official "registered" SASL mechanism name for
|
---|
| 1127 | OAuth 2.0. However, we don't want to drop support for XOAUTH2 as some
|
---|
| 1128 | servers won't support the new mechanism yet.
|
---|
| 1129 |
|
---|
| 1130 | Daniel Stenberg (13 Nov 2015)
|
---|
| 1131 | - RELEASE-NOTES: recounted curl_easy_setopt() options
|
---|
| 1132 |
|
---|
| 1133 | - typecheck-gcc.h: add missing slist-using options
|
---|
| 1134 |
|
---|
| 1135 | CURLOPT_RESOLVE and CURLOPT_PROXYHEADER were missing
|
---|
| 1136 |
|
---|
| 1137 | Also sorted the list.
|
---|
| 1138 |
|
---|
| 1139 | - typecheck-gcc.h: added CURLOPT_CLOSESOCKETDATA
|
---|
| 1140 |
|
---|
| 1141 | ... and sorted curl_is_cb_data_option alphabetically
|
---|
| 1142 |
|
---|
| 1143 | Jay Satiro (13 Nov 2015)
|
---|
| 1144 | - [Sebastian Pohlschmidt brought this change]
|
---|
| 1145 |
|
---|
| 1146 | openssl: Free modules on cleanup
|
---|
| 1147 |
|
---|
| 1148 | Curl_ossl_init calls OPENSSL_load_builtin_modules() but
|
---|
| 1149 | Curl_ossl_cleanup doesn't make a call to free these modules.
|
---|
| 1150 |
|
---|
| 1151 | Bug: https://github.com/bagder/curl/issues/526
|
---|
| 1152 |
|
---|
| 1153 | Steve Holme (13 Nov 2015)
|
---|
| 1154 | - symbols-in-versions: Added new CURLOPTTYPE_STRINGPOINT alias
|
---|
| 1155 |
|
---|
| 1156 | ...following commit aba281e762 to fix test 1119.
|
---|
| 1157 |
|
---|
| 1158 | Daniel Stenberg (13 Nov 2015)
|
---|
| 1159 | - curl: mark two more options strings for --libcurl output
|
---|
| 1160 |
|
---|
| 1161 | - typecheck-gcc.h: add some missing string types
|
---|
| 1162 |
|
---|
| 1163 | Also sorted that list alphabetically
|
---|
| 1164 |
|
---|
| 1165 | - curl.h: introducing the STRINGPOINT alias
|
---|
| 1166 |
|
---|
| 1167 | As an alias for OBJECTPOINT. Provided to allow us to grep for all string
|
---|
| 1168 | options easier.
|
---|
| 1169 |
|
---|
| 1170 | - cleanup: general removal of TODO (and similar) comments
|
---|
| 1171 |
|
---|
| 1172 | They tend to never get updated anyway so they're frequently inaccurate
|
---|
| 1173 | and we never go back to revisit them anyway. We document issues to work
|
---|
| 1174 | on properly in KNOWN_BUGS and TODO instead.
|
---|
| 1175 |
|
---|
| 1176 | - ftplistparser: remove empty function
|
---|
| 1177 |
|
---|
| 1178 | - openssl: remove #if check for 0.9.7 for ENGINE_load_private_key
|
---|
| 1179 |
|
---|
| 1180 | - openssl: all supported versions have X509_STORE_set_flags
|
---|
| 1181 |
|
---|
| 1182 | Simplify by removing #ifdefs and macros
|
---|
| 1183 |
|
---|
| 1184 | - openssl: remove 0.9.3 check
|
---|
| 1185 |
|
---|
| 1186 | - openssl: remove #ifdefs for < 0.9.5 support
|
---|
| 1187 |
|
---|
| 1188 | We only support >= 0.9.7
|
---|
| 1189 |
|
---|
| 1190 | - lib/vtls/openssl: remove unused traces of yassl ifdefs
|
---|
| 1191 |
|
---|
| 1192 | Dan Fandrich (12 Nov 2015)
|
---|
| 1193 | - [dfandrich brought this change]
|
---|
| 1194 |
|
---|
| 1195 | unit1603: Demote hash mismatch failure to a warning
|
---|
| 1196 |
|
---|
| 1197 | The hashes can vary between architectures (e.g. Sparc differs from x86_64).
|
---|
| 1198 | This is not a fatal problem but just reduces the coverage of these white-box
|
---|
| 1199 | tests, as the assumptions about into which hash bucket each key falls are no
|
---|
| 1200 | longer valid.
|
---|
| 1201 |
|
---|
| 1202 | - [dfandrich brought this change]
|
---|
| 1203 |
|
---|
| 1204 | unit1603: Added unit tests for hash functions
|
---|
| 1205 |
|
---|
| 1206 | - [dfandrich brought this change]
|
---|
| 1207 |
|
---|
| 1208 | unit1602: Fixed failure in torture test
|
---|
| 1209 |
|
---|
| 1210 | Steve Holme (12 Nov 2015)
|
---|
| 1211 | - sasl: Re-introduced XOAUTH2 in the default enabled authentication mechanism
|
---|
| 1212 |
|
---|
| 1213 | Following the fix in commit d6d58dd558 it is necessary to re-introduce
|
---|
| 1214 | XOAUTH2 in the default enabled authentication mechanism, which was
|
---|
| 1215 | removed in commit 7b2012f262, otherwise users will have to specify
|
---|
| 1216 | AUTH=XOAUTH2 in the URL.
|
---|
| 1217 |
|
---|
| 1218 | Note: OAuth 2.0 will only be used when the bearer is specified.
|
---|
| 1219 |
|
---|
| 1220 | - [Stefan Bühler brought this change]
|
---|
| 1221 |
|
---|
| 1222 | sasl_sspi: fix identity memory leak in digest authentication
|
---|
| 1223 |
|
---|
| 1224 | - [Stefan Bühler brought this change]
|
---|
| 1225 |
|
---|
| 1226 | sasl_sspi: fixed unicode build for digest authentication
|
---|
| 1227 |
|
---|
| 1228 | Closes #525
|
---|
| 1229 |
|
---|
| 1230 | - oauth2: Re-factored OAuth 2.0 state variable
|
---|
| 1231 |
|
---|
| 1232 | - sasl: Don't choose OAuth 2.0 if mechanism not advertised
|
---|
| 1233 |
|
---|
| 1234 | Regression from commit 9e8ced9890 which meant if --oauth2-bearer was
|
---|
| 1235 | specified but the SASL mechanism wasn't supported by the server then
|
---|
| 1236 | the mechanism would be chosen.
|
---|
| 1237 |
|
---|
| 1238 | Daniel Stenberg (12 Nov 2015)
|
---|
| 1239 | - runtests: more compact "System characteristics" output
|
---|
| 1240 |
|
---|
| 1241 | - no point in repeating curl features that is already listed as features
|
---|
| 1242 | from the curl -V output
|
---|
| 1243 |
|
---|
| 1244 | - remove the port numbers/unix domain path from the output unless
|
---|
| 1245 | verbose is used, as that is rarely interesting to users.
|
---|
| 1246 |
|
---|
| 1247 | - runtests: rename conditional curl-features to $has_[name]
|
---|
| 1248 |
|
---|
| 1249 | Steve Holme (11 Nov 2015)
|
---|
| 1250 | - oauth2: Introduced support for host and port details
|
---|
| 1251 |
|
---|
| 1252 | Added support to the OAuth 2.0 message function for host and port, in
|
---|
| 1253 | order to accommodate the official OAUTHBEARER SASL mechanism which is
|
---|
| 1254 | to be added shortly.
|
---|
| 1255 |
|
---|
| 1256 | - curl_setup.h: Removed duplicate CURL_DISABLE_RTSP when HTTP_ONLY defined
|
---|
| 1257 |
|
---|
| 1258 | - cmake: Add missing feature macros in config header (Part 2)
|
---|
| 1259 |
|
---|
| 1260 | In addition to commit a215381c94 added the RTSP, RTMP and SMB protocols.
|
---|
| 1261 |
|
---|
| 1262 | Daniel Stenberg (10 Nov 2015)
|
---|
| 1263 | - [Douglas Creager brought this change]
|
---|
| 1264 |
|
---|
| 1265 | cmake: Add missing feature macros in config header
|
---|
| 1266 |
|
---|
| 1267 | The curl_config.h file can be generated either from curl_config.h.cmake
|
---|
| 1268 | or curl_config.h.in, depending on whether you're building using CMake or
|
---|
| 1269 | the autotools. The CMake template header doesn't include entries for
|
---|
| 1270 | all of the protocols that you can disable, which (I think) means that
|
---|
| 1271 | you can't actually disable those protocols when building via CMake.
|
---|
| 1272 |
|
---|
| 1273 | Closes #523
|
---|
| 1274 |
|
---|
| 1275 | - [Douglas Creager brought this change]
|
---|
| 1276 |
|
---|
| 1277 | BoringSSL: Work with stricter BIO_get_mem_data()
|
---|
| 1278 |
|
---|
| 1279 | BoringSSL implements `BIO_get_mem_data` as a function, instead of a
|
---|
| 1280 | macro, and expects the output pointer to be a `char **`. We have to add
|
---|
| 1281 | an explicit cast to grab the pointer as a `const char **`.
|
---|
| 1282 |
|
---|
| 1283 | Closes #524
|
---|
| 1284 |
|
---|
| 1285 | - http2: rectify the http2 version #if check
|
---|
| 1286 |
|
---|
| 1287 | We need 1.0.0 or later. Also verified by configure.
|
---|
| 1288 |
|
---|
| 1289 | Steve Holme (9 Nov 2015)
|
---|
| 1290 | - oauth2: Don't use XAUTH2 in OAuth 2.0 function name
|
---|
| 1291 |
|
---|
| 1292 | - oauth2: Don't use XOAUTH2 in OAuth 2.0 variables
|
---|
| 1293 |
|
---|
| 1294 | - oauth2: Use OAuth 2.0 rather than XOAUTH2 in comments
|
---|
| 1295 |
|
---|
| 1296 | When referring to OAuth 2.0 we should use the official name rather the
|
---|
| 1297 | SASL mechanism name.
|
---|
| 1298 |
|
---|
| 1299 | Daniel Stenberg (9 Nov 2015)
|
---|
| 1300 | - imap: avoid freeing constant string
|
---|
| 1301 |
|
---|
| 1302 | The fix in 1a614c6c3 was wrong and would leed to free() of a fixed
|
---|
| 1303 | string.
|
---|
| 1304 |
|
---|
| 1305 | Pointed-out-by: Kamil Dudka
|
---|
| 1306 |
|
---|
| 1307 | - ROADMAP: remove two items already done
|
---|
| 1308 |
|
---|
| 1309 | - RELEASE-NOTES: synced with 2200bf62054
|
---|
| 1310 |
|
---|
| 1311 | Jay Satiro (9 Nov 2015)
|
---|
| 1312 | - acinclude: Remove check for 16-bit curl_off_t
|
---|
| 1313 |
|
---|
| 1314 | Because it's illogical to check for a 16-bit curl_off_t.
|
---|
| 1315 |
|
---|
| 1316 | Ref: https://github.com/bagder/curl/issues/425#issuecomment-154964205
|
---|
| 1317 |
|
---|
| 1318 | Dan Fandrich (8 Nov 2015)
|
---|
| 1319 | - tool: Fixed a memory leak on OOM introduced in 19cb0c4a
|
---|
| 1320 |
|
---|
| 1321 | Steve Holme (8 Nov 2015)
|
---|
| 1322 | - [Justin Ehlert brought this change]
|
---|
| 1323 |
|
---|
| 1324 | imap: Don't check for continuation when executing a CUSTOMREQUEST
|
---|
| 1325 |
|
---|
| 1326 | Bug: https://github.com/bagder/curl/issues/486
|
---|
| 1327 | Closes https://github.com/bagder/curl/pull/487
|
---|
| 1328 |
|
---|
| 1329 | Daniel Stenberg (7 Nov 2015)
|
---|
| 1330 | - imap: checksrc: remove space after while before paren
|
---|
| 1331 |
|
---|
| 1332 | - checksrc.whitelist: "missing space after close paren"
|
---|
| 1333 |
|
---|
| 1334 | ... when it was within a string!
|
---|
| 1335 |
|
---|
| 1336 | Steve Holme (7 Nov 2015)
|
---|
| 1337 | - opts: Corrected TLS protocols list to include POP3S rather than POP3
|
---|
| 1338 |
|
---|
| 1339 | - imap: Quote other 'atom-specials' and not just the space character
|
---|
| 1340 |
|
---|
| 1341 | Closes #517
|
---|
| 1342 |
|
---|
| 1343 | - imap: Fixed double quote in LIST command when mailbox contains spaces
|
---|
| 1344 |
|
---|
| 1345 | Daniel Stenberg (6 Nov 2015)
|
---|
| 1346 | - imap: fix compiler warning
|
---|
| 1347 |
|
---|
| 1348 | imap.c:657:13: error: assignment discards 'const' qualifier from pointer
|
---|
| 1349 | target type [-Werror=discarded-qualifiers]
|
---|
| 1350 |
|
---|
| 1351 | Steve Holme (6 Nov 2015)
|
---|
| 1352 | - imap: Don't call imap_atom() when no mailbox specified in LIST command
|
---|
| 1353 |
|
---|
| 1354 | Daniel Stenberg (6 Nov 2015)
|
---|
| 1355 | - curl.1: remove the overlap --range example
|
---|
| 1356 |
|
---|
| 1357 | ... it is just weird to include by default even if it still works.
|
---|
| 1358 |
|
---|
| 1359 | - tftp tests: verify sent options too
|
---|
| 1360 |
|
---|
| 1361 | The tftpd test server now logs all received options and thus all TFTP
|
---|
| 1362 | test cases need to match them exactly.
|
---|
| 1363 |
|
---|
| 1364 | Extended test 283 to use and verify --tftp-blksize.
|
---|
| 1365 |
|
---|
| 1366 | Jay Satiro (6 Nov 2015)
|
---|
| 1367 | - getinfo: CURLINFO_ACTIVESOCKET: fix bad socket value
|
---|
| 1368 |
|
---|
| 1369 | - Set user info param to the socket returned by Curl_getconnectinfo,
|
---|
| 1370 | regardless of if the socket is bad. Effectively this means the user info
|
---|
| 1371 | param now will receive CURL_SOCKET_BAD instead of -1 on bad socket.
|
---|
| 1372 |
|
---|
| 1373 | - Remove incorrect comments.
|
---|
| 1374 |
|
---|
| 1375 | CURLINFO_ACTIVESOCKET is documented to write CURL_SOCKET_BAD to user
|
---|
| 1376 | info param but prior to this change it wrote -1.
|
---|
| 1377 |
|
---|
| 1378 | Bug: https://github.com/bagder/curl/pull/518
|
---|
| 1379 | Reported-by: Marcel Raad
|
---|
| 1380 |
|
---|
| 1381 | Patrick Monnerat (5 Nov 2015)
|
---|
| 1382 | - curl_ntlm_core: fix 2 curl_off_t constant overflows.
|
---|
| 1383 |
|
---|
| 1384 | - os400: adjust specific code to support new options.
|
---|
| 1385 |
|
---|
| 1386 | Daniel Stenberg (2 Nov 2015)
|
---|
| 1387 | - [Lauri Kasanen brought this change]
|
---|
| 1388 |
|
---|
| 1389 | rawstr: Speed up Curl_raw_toupper by 40%
|
---|
| 1390 |
|
---|
| 1391 | Rationale: when starting up a curl-using app, all cookies from the jar
|
---|
| 1392 | are checked against each other. This was causing a startup delay in the
|
---|
| 1393 | Fifth browser.
|
---|
| 1394 |
|
---|
| 1395 | All tests pass.
|
---|
| 1396 |
|
---|
| 1397 | Signed-off-by: Lauri Kasanen <cand@gmx.com>
|
---|
| 1398 |
|
---|
| 1399 | - http redirects: %-encode bytes outside of ascii range
|
---|
| 1400 |
|
---|
| 1401 | Apparently there are sites out there that do redirects to URLs they
|
---|
| 1402 | provide in plain UTF-8 or similar. Browsers and wget %-encode such
|
---|
| 1403 | headers when doing a subsequent request. Now libcurl does too.
|
---|
| 1404 |
|
---|
| 1405 | Added test 1138 to verify.
|
---|
| 1406 |
|
---|
| 1407 | Closes #473
|
---|
| 1408 |
|
---|
| 1409 | - RELEASE-NOTES: synced with cba5bc585410
|
---|
| 1410 |
|
---|
| 1411 | - symbols-in-version: add all CURL_HTTPPOST_* symbols
|
---|
| 1412 |
|
---|
| 1413 | - formadd: support >2GB files on windows
|
---|
| 1414 |
|
---|
| 1415 | Closes #425
|
---|
| 1416 |
|
---|
| 1417 | - curl.h: s/HTTPPOST_/CURL_HTTPOST_
|
---|
| 1418 |
|
---|
| 1419 | Fixes a name space pollution at the cost of programs using one of these
|
---|
| 1420 | defines will no longer compile. However, the vast majority of libcurl
|
---|
| 1421 | programs that do multipart formposts use curl_formadd() to build this
|
---|
| 1422 | list.
|
---|
| 1423 |
|
---|
| 1424 | Closes #506
|
---|
| 1425 |
|
---|
| 1426 | - mbedtls: fix "Structurally dead code"
|
---|
| 1427 |
|
---|
| 1428 | CID 1332129
|
---|
| 1429 |
|
---|
| 1430 | - mbedtls: fix "Logically dead code"
|
---|
| 1431 |
|
---|
| 1432 | CID 1332128
|
---|
| 1433 |
|
---|
| 1434 | - Revert "openssl: engine: remove double-free"
|
---|
| 1435 |
|
---|
| 1436 | This reverts commit 370ee919b37cc9a46c36428b2bb1527eae5db2bd.
|
---|
| 1437 |
|
---|
| 1438 | Issue #509 has all the details but it was confirmed that the crash was
|
---|
| 1439 | not due to this, so the previous commit was wrong.
|
---|
| 1440 |
|
---|
| 1441 | - curl.1: -E: s/private certificate/client certificate
|
---|
| 1442 |
|
---|
| 1443 | ... as the certificate is strictly speaking not private.
|
---|
| 1444 |
|
---|
| 1445 | Reported-by: John Levon
|
---|
| 1446 |
|
---|
| 1447 | - openssl: engine: remove double-free
|
---|
| 1448 |
|
---|
| 1449 | After a successful call to SSL_CTX_use_PrivateKey(), we must not call
|
---|
| 1450 | EVP_PKEY_free() on the key.
|
---|
| 1451 |
|
---|
| 1452 | Reported-by: nased0
|
---|
| 1453 | Closes #509
|
---|
| 1454 |
|
---|
| 1455 | Jay Satiro (27 Oct 2015)
|
---|
| 1456 | - socks: Fix incorrect port numbers in failed connect messages
|
---|
| 1457 |
|
---|
| 1458 | Daniel Stenberg (26 Oct 2015)
|
---|
| 1459 | - DISTRO-DILEMMA: removed
|
---|
| 1460 |
|
---|
| 1461 | Out of date and not kept accurate. It was sort of a problem of the past
|
---|
| 1462 | anyway.
|
---|
| 1463 |
|
---|
| 1464 | - [xiangbin li brought this change]
|
---|
| 1465 |
|
---|
| 1466 | MacOSX-Framework: sdk regex fix for sdk 10.10 and later
|
---|
| 1467 |
|
---|
| 1468 | closes #507
|
---|
| 1469 |
|
---|
| 1470 | Jay Satiro (24 Oct 2015)
|
---|
| 1471 | - build: Fix support for PKG_CONFIG
|
---|
| 1472 |
|
---|
| 1473 | - Allow the user to use PKG_CONFIG but not PKGCONFIG.
|
---|
| 1474 |
|
---|
| 1475 | Background:
|
---|
| 1476 |
|
---|
| 1477 | Last week in 14d5a86 a change was made to allow the user to set the
|
---|
| 1478 | PKGCONFIG variable. Today in 72d99f2 I supplemented that to allow the
|
---|
| 1479 | more common PKG_CONFIG as an alternative if PKGCONFIG is not set.
|
---|
| 1480 |
|
---|
| 1481 | Neither of those changes worked as expected because PKGCONFIG is
|
---|
| 1482 | occasionally reset in configure and by the CURL_CHECK_PKGCONFIG macro.
|
---|
| 1483 | Instead in this commit I take the approach that the user may set
|
---|
| 1484 | PKG_CONFIG only.
|
---|
| 1485 |
|
---|
| 1486 | - build: Fix mingw ssl gdi32 order
|
---|
| 1487 |
|
---|
| 1488 | - If mingw ssl make sure -lgdi32 comes after ssl libs
|
---|
| 1489 |
|
---|
| 1490 | - Allow PKG_CONFIG to set pkg-config location and options
|
---|
| 1491 |
|
---|
| 1492 | Bug: https://github.com/bagder/curl/pull/501
|
---|
| 1493 | Reported-by: Kang Lin
|
---|
| 1494 |
|
---|
| 1495 | Daniel Stenberg (23 Oct 2015)
|
---|
| 1496 | - RELEASE-NOTES: synced with 03b6e078163f
|
---|
| 1497 |
|
---|
| 1498 | - polarssl/mbedtls: fix name space pollution
|
---|
| 1499 |
|
---|
| 1500 | Global private symbols MUST start with Curl_!
|
---|
| 1501 |
|
---|
| 1502 | - [Dmitry S. Baikov brought this change]
|
---|
| 1503 |
|
---|
| 1504 | mbedTLS: THREADING_SUPPORT compilation fix
|
---|
| 1505 |
|
---|
| 1506 | Closes #505
|
---|
| 1507 |
|
---|
| 1508 | - test1137: verify --ignore-content-length for FTP
|
---|
| 1509 |
|
---|
| 1510 | - curl.1: --ignore-content-length now works for FTP too
|
---|
| 1511 |
|
---|
| 1512 | - [Kurt Fankhauser brought this change]
|
---|
| 1513 |
|
---|
| 1514 | ftp: allow CURLOPT_IGNORE_CONTENT_LENGTH to ignore size
|
---|
| 1515 |
|
---|
| 1516 | This allows FTP transfers with growing (or shrinking) files without
|
---|
| 1517 | causing a transfer error.
|
---|
| 1518 |
|
---|
| 1519 | Closes #480
|
---|
| 1520 |
|
---|
| 1521 | - CURLOPT_STREAM_WEIGHT.3: call argument 'weight' too
|
---|
| 1522 |
|
---|
| 1523 | ... and add a little example of what the weight actually means. "Relative
|
---|
| 1524 | proportion of bandwidth".
|
---|
| 1525 |
|
---|
| 1526 | - http2: add stream options to dist and curl_easy_setopt.3
|
---|
| 1527 |
|
---|
| 1528 | - http2: s/priority/weight
|
---|
| 1529 |
|
---|
| 1530 | - http2: on_frame_recv: trust the conn/data input
|
---|
| 1531 |
|
---|
| 1532 | Removed wrong assert()s
|
---|
| 1533 |
|
---|
| 1534 | The 'conn' passed in as userdata can be used and there can be other
|
---|
| 1535 | sessionhandles ('data') than the single one this checked for.
|
---|
| 1536 |
|
---|
| 1537 | - http2: added three stream prio/deps options
|
---|
| 1538 |
|
---|
| 1539 | CURLOPT_STREAM_DEPENDS
|
---|
| 1540 |
|
---|
| 1541 | CURLOPT_STREAM_DEPENDS_E
|
---|
| 1542 |
|
---|
| 1543 | CURLOPT_STREAM_PRIORITY
|
---|
| 1544 |
|
---|
| 1545 | - RELEASE-NOTES: synced with ace68fdc0cfed83d
|
---|
| 1546 |
|
---|
| 1547 | - [m-gardet brought this change]
|
---|
| 1548 |
|
---|
| 1549 | mbedtls:new profile with RSA min key len = 1024.
|
---|
| 1550 |
|
---|
| 1551 | Closes #502
|
---|
| 1552 |
|
---|
| 1553 | - checksrc: add crude // detection
|
---|
| 1554 |
|
---|
| 1555 | Jay Satiro (21 Oct 2015)
|
---|
| 1556 | - [Gisle Vanem brought this change]
|
---|
| 1557 |
|
---|
| 1558 | build: fix for MSDOS/djgpp
|
---|
| 1559 |
|
---|
| 1560 | - Add a VPATH-statement for the vtls/*.c files.
|
---|
| 1561 |
|
---|
| 1562 | - Due to 'vtls/*.c', remove that subdir part from $(OBJECTS).
|
---|
| 1563 |
|
---|
| 1564 | Daniel Stenberg (20 Oct 2015)
|
---|
| 1565 | - copyrights: update Gisle Vanem's email
|
---|
| 1566 |
|
---|
| 1567 | - vtls: fix compiler warning for TLS backends without sha256
|
---|
| 1568 |
|
---|
| 1569 | ... noticed with mbedTLS.
|
---|
| 1570 |
|
---|
| 1571 | - [Jonas Minnberg brought this change]
|
---|
| 1572 |
|
---|
| 1573 | vtls: added support for mbedTLS
|
---|
| 1574 |
|
---|
| 1575 | closes #496
|
---|
| 1576 |
|
---|
| 1577 | Jay Satiro (19 Oct 2015)
|
---|
| 1578 | - [Javier G. Sogo brought this change]
|
---|
| 1579 |
|
---|
| 1580 | cmake: Fix for add_subdirectory(curl) use-case
|
---|
| 1581 |
|
---|
| 1582 | - Use CURL_BINARY_DIR instead of CMAKE_BINARY_DIR.
|
---|
| 1583 |
|
---|
| 1584 | When including CURL using add_subdirectory the variables
|
---|
| 1585 | CMAKE_BINARY_DIR and CURL_BINARY_DIR hold different paths.
|
---|
| 1586 |
|
---|
| 1587 | Closes https://github.com/bagder/curl/pull/488
|
---|
| 1588 | Closes https://github.com/bagder/curl/pull/498
|
---|
| 1589 |
|
---|
| 1590 | Daniel Stenberg (18 Oct 2015)
|
---|
| 1591 | - RELEASE-NOTES: synced with 4c773bcb474e
|
---|
| 1592 |
|
---|
| 1593 | - tests/FILEFORMAT: mention PSL as a valid feture to check for
|
---|
| 1594 |
|
---|
| 1595 | For example in test 1136
|
---|
| 1596 |
|
---|
| 1597 | - teste1136: only run when PSL is enabled
|
---|
| 1598 |
|
---|
| 1599 | - curl: slist_wc: remove curl_memory.h inclusion
|
---|
| 1600 |
|
---|
| 1601 | ... that's for the library only.
|
---|
| 1602 |
|
---|
| 1603 | - configure: add PSL to the list of features
|
---|
| 1604 |
|
---|
| 1605 | ... to make test 1014 work again after e77b5b7453.
|
---|
| 1606 |
|
---|
| 1607 | - [Daniel Hwang brought this change]
|
---|
| 1608 |
|
---|
| 1609 | tool: Generate easysrc with last cache linked-list
|
---|
| 1610 |
|
---|
| 1611 | Using a last cache linked-list improves the performance of easysrc
|
---|
| 1612 | generation.
|
---|
| 1613 |
|
---|
| 1614 | Bug: https://github.com/bagder/curl/issues/444
|
---|
| 1615 | Ref: https://github.com/bagder/curl/issues/429
|
---|
| 1616 |
|
---|
| 1617 | Closes #452
|
---|
| 1618 |
|
---|
| 1619 | - [Tim Rühsen brought this change]
|
---|
| 1620 |
|
---|
| 1621 | cookies: Add support for Mozilla's Publix Suffix List
|
---|
| 1622 |
|
---|
| 1623 | Use libpsl to check the domain value of Set-Cookie headers (and cookie
|
---|
| 1624 | jar entries) for not being a Publix Suffix.
|
---|
| 1625 |
|
---|
| 1626 | The configure script checks for "libpsl" by default. Disable the check
|
---|
| 1627 | with --without-libpsl.
|
---|
| 1628 |
|
---|
| 1629 | Ref: https://publicsuffix.org/
|
---|
| 1630 | Ref: https://github.com/publicsuffix/list
|
---|
| 1631 | Ref: https://github.com/rockdaboot/libpsl
|
---|
| 1632 |
|
---|
| 1633 | - [Richard Hosking brought this change]
|
---|
| 1634 |
|
---|
| 1635 | curlbuild.h: Fix non-configure compiling to mips and sh4 targets
|
---|
| 1636 |
|
---|
| 1637 | - [Anders Bakken brought this change]
|
---|
| 1638 |
|
---|
| 1639 | http2: Don't pass unitialized name+len pairs to nghttp2_submit_request
|
---|
| 1640 |
|
---|
| 1641 | bug introduced by 18691642931e5c7ac8af83ac3a84fbcb36000f96.
|
---|
| 1642 |
|
---|
| 1643 | Closes #493
|
---|
| 1644 |
|
---|
| 1645 | Dan Fandrich (16 Oct 2015)
|
---|
| 1646 | - test1601: fix compilation with --enable-debug and --disable-crypto-auth
|
---|
| 1647 |
|
---|
| 1648 | Daniel Stenberg (16 Oct 2015)
|
---|
| 1649 | - multi: fix off-by-one finit[] array size
|
---|
| 1650 |
|
---|
| 1651 | introduced in c6aedf680f6. It needs to be CURLM_STATE_LAST big since it
|
---|
| 1652 | must hande the range 0 .. CURLM_STATE_MSGSENT (18) and CURLM_STATE_LAST
|
---|
| 1653 | is 19 right now.
|
---|
| 1654 |
|
---|
| 1655 | Reported-by: Dan Fandrich
|
---|
| 1656 | Bug: http://curl.haxx.se/mail/lib-2015-10/0069.html
|
---|
| 1657 |
|
---|
| 1658 | - fread_func: move callback pointer from set to state struct
|
---|
| 1659 |
|
---|
| 1660 | ... and assign it from the set.fread_func_set pointer in the
|
---|
| 1661 | Curl_init_CONNECT function. This A) avoids that we have code that
|
---|
| 1662 | assigns fields in the 'set' struct (which we always knew was bad) and
|
---|
| 1663 | more importantly B) it makes it impossibly to accidentally leave the
|
---|
| 1664 | wrong value for when the handle is re-used etc.
|
---|
| 1665 |
|
---|
| 1666 | Introducing a state-init functionality in multi.c, so that we can set a
|
---|
| 1667 | specific function to get called when we enter a state. The
|
---|
| 1668 | Curl_init_CONNECT is thus called when switching to the CONNECT state.
|
---|
| 1669 |
|
---|
| 1670 | Bug: https://github.com/bagder/curl/issues/346
|
---|
| 1671 |
|
---|
| 1672 | Closes #346
|
---|
| 1673 |
|
---|
| 1674 | Dan Fandrich (14 Oct 2015)
|
---|
| 1675 | - test1531: case the size to fix the test on non-largefile builds
|
---|
| 1676 |
|
---|
| 1677 | Daniel Stenberg (13 Oct 2015)
|
---|
| 1678 | - acinclude: remove PKGCONFIG override
|
---|
| 1679 |
|
---|
| 1680 | ... and allow it to get set by a caller easier.
|
---|
| 1681 |
|
---|
| 1682 | Reported-by: Rainer Jung
|
---|
| 1683 | Bug: http://curl.haxx.se/mail/lib-2015-10/0035.html
|
---|
| 1684 |
|
---|
| 1685 | Dan Fandrich (12 Oct 2015)
|
---|
| 1686 | - docs/INSTALL: Updated example minimal binary sizes
|
---|
| 1687 |
|
---|
| 1688 | Daniel Stenberg (11 Oct 2015)
|
---|
| 1689 | - [Erik Johansson brought this change]
|
---|
| 1690 |
|
---|
| 1691 | openssl: Fix set up of pkcs12 certificate verification chain
|
---|
| 1692 |
|
---|
| 1693 | sk_X509_pop will decrease the size of the stack which means that the loop would
|
---|
| 1694 | end after having added only half of the certificates.
|
---|
| 1695 |
|
---|
| 1696 | Also make sure that the X509 certificate is freed in case
|
---|
| 1697 | SSL_CTX_add_extra_chain_cert fails.
|
---|
| 1698 |
|
---|
| 1699 | - ntlm: error out without 64bit support as the code needs it
|
---|
| 1700 |
|
---|
| 1701 | It makes it a clearer message for developers reaching that point without
|
---|
| 1702 | the necessary support.
|
---|
| 1703 |
|
---|
| 1704 | Thanks-by: Jay Satiro
|
---|
| 1705 |
|
---|
| 1706 | Closes #78
|
---|
| 1707 |
|
---|
| 1708 | - curl_global_init: set the memory function pointers correct
|
---|
| 1709 |
|
---|
| 1710 | follow-up from 6f8ecea0
|
---|
| 1711 |
|
---|
| 1712 | - curl_global_init_mem: set function pointers before doing init
|
---|
| 1713 |
|
---|
| 1714 | ... as in the polarssl TLS backend for example it uses memory functions.
|
---|
| 1715 |
|
---|
| 1716 | Jay Satiro (9 Oct 2015)
|
---|
| 1717 | - http2: Fix http2_recv to return -1 if recv returned -1
|
---|
| 1718 |
|
---|
| 1719 | If the underlying recv called by http2_recv returns -1 then that is the
|
---|
| 1720 | value http2_recv returns to the caller.
|
---|
| 1721 |
|
---|
| 1722 | Daniel Stenberg (8 Oct 2015)
|
---|
| 1723 | - [Svyatoslav Mishyn brought this change]
|
---|
| 1724 |
|
---|
| 1725 | curl_easy_recv.3: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET
|
---|
| 1726 |
|
---|
| 1727 | Closes #479
|
---|
| 1728 |
|
---|
| 1729 | - [Svyatoslav Mishyn brought this change]
|
---|
| 1730 |
|
---|
| 1731 | curl_easy_send.3: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET
|
---|
| 1732 |
|
---|
| 1733 | - [Svyatoslav Mishyn brought this change]
|
---|
| 1734 |
|
---|
| 1735 | CURLOPT_CONNECT_ONLY.3: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET
|
---|
| 1736 |
|
---|
| 1737 | - CURLOPT_CERTINFO.3: fix reference to CURLINFO_CERTINFO
|
---|
| 1738 |
|
---|
| 1739 | - ntlm: get rid of unconditional use of long long
|
---|
| 1740 |
|
---|
| 1741 | ... since some compilers don't have it and instead use other types, such
|
---|
| 1742 | as __int64.
|
---|
| 1743 |
|
---|
| 1744 | Reported by: gkinseyhpw
|
---|
| 1745 | Closes #478
|
---|
| 1746 |
|
---|
| 1747 | Jay Satiro (8 Oct 2015)
|
---|
| 1748 | - [Anders Bakken brought this change]
|
---|
| 1749 |
|
---|
| 1750 | des: Fix header conditional for Curl_des_set_odd_parity
|
---|
| 1751 |
|
---|
| 1752 | Follow up to 613e502.
|
---|
| 1753 |
|
---|
| 1754 | Daniel Stenberg (7 Oct 2015)
|
---|
| 1755 | - configure: build silently by default
|
---|
| 1756 |
|
---|
| 1757 | 'make V=1' will make the build verbose like before
|
---|
| 1758 |
|
---|
| 1759 | - bump: start climbing toward 7.46.0
|
---|
| 1760 |
|
---|
| 1761 | - RELEASE-PROCEDURE: add the github HTTPS download step
|
---|
| 1762 |
|
---|
| 1763 | Version 7.45.0 (7 Oct 2015)
|
---|
| 1764 |
|
---|
| 1765 | Daniel Stenberg (7 Oct 2015)
|
---|
| 1766 | - THANKS: 19 new contributors from the 7.45.0 announcement
|
---|
| 1767 |
|
---|
| 1768 | - RELEASE-NOTES: synced with 69ea57970080
|
---|
| 1769 |
|
---|
| 1770 | Jay Satiro (4 Oct 2015)
|
---|
| 1771 | - getinfo: Fix return code for unknown CURLINFO options
|
---|
| 1772 |
|
---|
| 1773 | - If a CURLINFO option is unknown return CURLE_UNKNOWN_OPTION.
|
---|
| 1774 |
|
---|
| 1775 | Prior to this change CURLE_BAD_FUNCTION_ARGUMENT was returned on
|
---|
| 1776 | unknown. That return value is contradicted by the CURLINFO option
|
---|
| 1777 | documentation which specifies a return of CURLE_UNKNOWN_OPTION on
|
---|
| 1778 | unknown.
|
---|
| 1779 |
|
---|
| 1780 | - [rouzier brought this change]
|
---|
| 1781 |
|
---|
| 1782 | hiperfifo: fix the pointer passed to WRITEDATA
|
---|
| 1783 |
|
---|
| 1784 | Closes https://github.com/bagder/curl/pull/471
|
---|
| 1785 |
|
---|
| 1786 | - [Maksim Stsepanenka brought this change]
|
---|
| 1787 |
|
---|
| 1788 | tool_setopt: fix c_escape truncated octal
|
---|
| 1789 |
|
---|
| 1790 | Closes https://github.com/bagder/curl/pull/469
|
---|
| 1791 |
|
---|
| 1792 | Daniel Stenberg (1 Oct 2015)
|
---|
| 1793 | - [Orange Tsai brought this change]
|
---|
| 1794 |
|
---|
| 1795 | gopher: don't send NUL byte
|
---|
| 1796 |
|
---|
| 1797 | Closes #466
|
---|
| 1798 |
|
---|
| 1799 | Jay Satiro (29 Sep 2015)
|
---|
| 1800 | - runtests: Fix pid check in checkdied
|
---|
| 1801 |
|
---|
| 1802 | Because the 'not' operator has a very low precedence and as a result the
|
---|
| 1803 | entire statement was erroneously negated and could never be true.
|
---|
| 1804 |
|
---|
| 1805 | Daniel Stenberg (30 Sep 2015)
|
---|
| 1806 | - [Thorsten Schöning brought this change]
|
---|
| 1807 |
|
---|
| 1808 | win32: make recent Borland compilers use long long
|
---|
| 1809 |
|
---|
| 1810 | - RELEASE-NOTES: synced with 69b89050d4
|
---|
| 1811 |
|
---|
| 1812 | Jay Satiro (28 Sep 2015)
|
---|
| 1813 | - [Michael Kalinin brought this change]
|
---|
| 1814 |
|
---|
| 1815 | openssl: Fix algorithm init
|
---|
| 1816 |
|
---|
| 1817 | - Change algorithm init to happen after OpenSSL config load.
|
---|
| 1818 |
|
---|
| 1819 | Additional algorithms may be available due to the user's config so we
|
---|
| 1820 | initialize the algorithms after the user's config is loaded.
|
---|
| 1821 |
|
---|
| 1822 | Bug: https://github.com/bagder/curl/issues/447
|
---|
| 1823 | Reported-by: Denis Feklushkin
|
---|
| 1824 |
|
---|
| 1825 | - [Svyatoslav Mishyn brought this change]
|
---|
| 1826 |
|
---|
| 1827 | docs: fix unescaped '\n' in man pages
|
---|
| 1828 |
|
---|
| 1829 | Closes https://github.com/bagder/curl/pull/459
|
---|
| 1830 |
|
---|
| 1831 | Daniel Stenberg (27 Sep 2015)
|
---|
| 1832 | - http2: set TCP_NODELAY unconditionally
|
---|
| 1833 |
|
---|
| 1834 | For a single-stream download from localhost, we managed to increase
|
---|
| 1835 | transfer speed from 1.6MB/sec to around 400MB/sec, mostly because of
|
---|
| 1836 | this single fix.
|
---|
| 1837 |
|
---|
| 1838 | - http2: avoid superfluous Curl_expire() calls
|
---|
| 1839 |
|
---|
| 1840 | ... only call it when there is data arriving for another handle than the
|
---|
| 1841 | one that is currently driving it.
|
---|
| 1842 |
|
---|
| 1843 | Improves single-stream download performance quite a lot.
|
---|
| 1844 |
|
---|
| 1845 | Thanks-to: Tatsuhiro Tsujikawa
|
---|
| 1846 | Bug: http://curl.haxx.se/mail/lib-2015-09/0097.html
|
---|
| 1847 |
|
---|
| 1848 | - readwrite_data: set a max number of loops
|
---|
| 1849 |
|
---|
| 1850 | ... as otherwise a really fast pipe can "lock" one transfer for some
|
---|
| 1851 | protocols, like with HTTP/2.
|
---|
| 1852 |
|
---|
| 1853 | - [Sergei Nikulov brought this change]
|
---|
| 1854 |
|
---|
| 1855 | CI: Added AppVeyor-CI for curl
|
---|
| 1856 |
|
---|
| 1857 | Closes #439
|
---|
| 1858 |
|
---|
| 1859 | - FTP: fix uploading ASCII with unknown size
|
---|
| 1860 |
|
---|
| 1861 | ... don't try to increase the supposed file size on newlines if we don't
|
---|
| 1862 | know what file size it is!
|
---|
| 1863 |
|
---|
| 1864 | Patch-by: lzsiga
|
---|
| 1865 |
|
---|
| 1866 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 1867 |
|
---|
| 1868 | build: fix failures with -Wcast-align and -Werror
|
---|
| 1869 |
|
---|
| 1870 | Closes #457
|
---|
| 1871 |
|
---|
| 1872 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 1873 |
|
---|
| 1874 | curl-confopts.m4: Add missing ')'
|
---|
| 1875 |
|
---|
| 1876 | ... for CURL_CHECK_OPTION_RT
|
---|
| 1877 |
|
---|
| 1878 | Closes #456
|
---|
| 1879 |
|
---|
| 1880 | Jay Satiro (25 Sep 2015)
|
---|
| 1881 | - curl_easy_getinfo.3: Add brief description for each CURLINFO
|
---|
| 1882 |
|
---|
| 1883 | Daniel Stenberg (23 Sep 2015)
|
---|
| 1884 | - [Jakub Zakrzewski brought this change]
|
---|
| 1885 |
|
---|
| 1886 | CMake: Ensure discovered include dirs are considered
|
---|
| 1887 |
|
---|
| 1888 | ...during header checks. Otherwise some following header tests
|
---|
| 1889 | (incorrectly) fail.
|
---|
| 1890 |
|
---|
| 1891 | Closes #436
|
---|
| 1892 |
|
---|
| 1893 | - [Jakub Zakrzewski brought this change]
|
---|
| 1894 |
|
---|
| 1895 | CMake: Put "winsock2.h" before "windows.h" during configure checks
|
---|
| 1896 |
|
---|
| 1897 | "windows.h" includes "winsock.h" what causes many redefinition errors
|
---|
| 1898 | if "winsock2.h" is included afterwards and can cause build to fail.
|
---|
| 1899 |
|
---|
| 1900 | - tests: disable 1510 due to CI-problems on github
|
---|
| 1901 |
|
---|
| 1902 | - [Mike Crowe brought this change]
|
---|
| 1903 |
|
---|
| 1904 | gnutls: Report actual GnuTLS error message for certificate errors
|
---|
| 1905 |
|
---|
| 1906 | If GnuTLS fails to read the certificate then include whatever reason it
|
---|
| 1907 | provides in the failure message reported to the client.
|
---|
| 1908 |
|
---|
| 1909 | Signed-off-by: Mike Crowe <mac@mcrowe.com>
|
---|
| 1910 |
|
---|
| 1911 | - RELEASE-NOTES: synced with 6b56901b56e
|
---|
| 1912 |
|
---|
| 1913 | - [Mike Crowe brought this change]
|
---|
| 1914 |
|
---|
| 1915 | gnutls: Support CURLOPT_KEYPASSWD
|
---|
| 1916 |
|
---|
| 1917 | The gnutls vtls back-end was previously ignoring any password set via
|
---|
| 1918 | CURLOPT_KEYPASSWD. Presumably this was because
|
---|
| 1919 | gnutls_certificate_set_x509_key_file did not support encrypted keys.
|
---|
| 1920 |
|
---|
| 1921 | gnutls now has a gnutls_certificate_set_x509_key_file2 function that
|
---|
| 1922 | does support encrypted keys. Let's determine at compile time whether the
|
---|
| 1923 | available gnutls supports this new function. If it does then use it to
|
---|
| 1924 | pass the password. If it does not then emit a helpful diagnostic if a
|
---|
| 1925 | password is set. This is preferable to the previous behaviour of just
|
---|
| 1926 | failing to read the certificate without giving a reason in that case.
|
---|
| 1927 |
|
---|
| 1928 | Signed-off-by: Mike Crowe <mac@mcrowe.com>
|
---|
| 1929 |
|
---|
| 1930 | - CURLINFO_TLS_SESSION: always return backend info
|
---|
| 1931 |
|
---|
| 1932 | ... even for those that don't support providing anything in the
|
---|
| 1933 | 'internals' struct member since it offers a convenient way for
|
---|
| 1934 | applications to figure this out.
|
---|
| 1935 |
|
---|
| 1936 | - [Daniel Hwang brought this change]
|
---|
| 1937 |
|
---|
| 1938 | tool: remove redundant libcurl check
|
---|
| 1939 |
|
---|
| 1940 | The easysrc generation is run only when --libcurl is initialized.
|
---|
| 1941 |
|
---|
| 1942 | Ref: https://github.com/bagder/curl/issues/429
|
---|
| 1943 |
|
---|
| 1944 | Closes #448
|
---|
| 1945 |
|
---|
| 1946 | - [Richard van den Berg brought this change]
|
---|
| 1947 |
|
---|
| 1948 | CURLOPT_PROXY.3: A proxy given as env variable gets no special treatment
|
---|
| 1949 |
|
---|
| 1950 | Closes #449
|
---|
| 1951 |
|
---|
| 1952 | - TODO: 5.7 More compressions
|
---|
| 1953 |
|
---|
| 1954 | Like for example brotli, as being implemented in Firefox now.
|
---|
| 1955 |
|
---|
| 1956 | Jay Satiro (21 Sep 2015)
|
---|
| 1957 | - tool_operate: Don't call easysrc cleanup unless --libcurl
|
---|
| 1958 |
|
---|
| 1959 | - Review of 4d95491.
|
---|
| 1960 |
|
---|
| 1961 | The author changed it so easysrc only initializes when --libcurl but did
|
---|
| 1962 | not do the same for the call to easysrc cleanup.
|
---|
| 1963 |
|
---|
| 1964 | Ref: https://github.com/bagder/curl/issues/429
|
---|
| 1965 |
|
---|
| 1966 | Daniel Stenberg (20 Sep 2015)
|
---|
| 1967 | - [Viktor Szakats brought this change]
|
---|
| 1968 |
|
---|
| 1969 | CURLOPT_PINNEDPUBLICKEY.3: replace test.com with example.com
|
---|
| 1970 |
|
---|
| 1971 | closes #443
|
---|
| 1972 |
|
---|
| 1973 | - KNOWN_BUGS: 91 "curl_easy_perform hangs with imap and PolarSSL"
|
---|
| 1974 |
|
---|
| 1975 | Closes #334
|
---|
| 1976 |
|
---|
| 1977 | - KNOWN_BUGS: add link to #85
|
---|
| 1978 |
|
---|
| 1979 | - tests: disable 1801 until fixed
|
---|
| 1980 |
|
---|
| 1981 | It is unreliable and causes CI problems on github
|
---|
| 1982 |
|
---|
| 1983 | Closes #380
|
---|
| 1984 |
|
---|
| 1985 | - RELEASE-NOTES: synced with 4d95491636ee
|
---|
| 1986 |
|
---|
| 1987 | - [Daniel Lee Hwang brought this change]
|
---|
| 1988 |
|
---|
| 1989 | tool: generate easysrc only on --libcurl
|
---|
| 1990 |
|
---|
| 1991 | Code should only be generated when --libcurl is used.
|
---|
| 1992 |
|
---|
| 1993 | Bug: https://github.com/bagder/curl/issues/429
|
---|
| 1994 | Reported-by: @greafhe, Jay Satiro
|
---|
| 1995 |
|
---|
| 1996 | Closes #429
|
---|
| 1997 | Closes #442
|
---|
| 1998 |
|
---|
| 1999 | Jay Satiro (19 Sep 2015)
|
---|
| 2000 | - vtls: Change designator name for server's pubkey hash
|
---|
| 2001 |
|
---|
| 2002 | - Change the designator name we use to show the base64 encoded sha256
|
---|
| 2003 | hash of the server's public key from 'pinnedpubkey' to
|
---|
| 2004 | 'public key hash'.
|
---|
| 2005 |
|
---|
| 2006 | Though the server's public key hash is only shown when comparing pinned
|
---|
| 2007 | public key hashes, the server's hash may not match one of the pinned.
|
---|
| 2008 |
|
---|
| 2009 | Daniel Stenberg (19 Sep 2015)
|
---|
| 2010 | - [Isaac Boukris brought this change]
|
---|
| 2011 |
|
---|
| 2012 | NTLM: Reset auth-done when using a fresh connection
|
---|
| 2013 |
|
---|
| 2014 | With NTLM a new connection will always require authentication.
|
---|
| 2015 | Fixes #435
|
---|
| 2016 |
|
---|
| 2017 | - [Daniel Hwang brought this change]
|
---|
| 2018 |
|
---|
| 2019 | ssl: add server cert's "sha256//" hash to verbose
|
---|
| 2020 |
|
---|
| 2021 | Add a "pinnedpubkey" section to the "Server Certificate" verbose
|
---|
| 2022 |
|
---|
| 2023 | Bug: https://github.com/bagder/curl/issues/410
|
---|
| 2024 | Reported-by: W. Mark Kubacki
|
---|
| 2025 |
|
---|
| 2026 | Closes #430
|
---|
| 2027 | Closes #410
|
---|
| 2028 |
|
---|
| 2029 | - [Jakub Zakrzewski brought this change]
|
---|
| 2030 |
|
---|
| 2031 | openldap: only part of LDAP query results received
|
---|
| 2032 |
|
---|
| 2033 | Introduced with commit 65d141e6da5c6003a1592bbc87ee550b0ad75c2f
|
---|
| 2034 |
|
---|
| 2035 | Closes #440
|
---|
| 2036 |
|
---|
| 2037 | - [Alessandro Ghedini brought this change]
|
---|
| 2038 |
|
---|
| 2039 | openssl: don't output certinfo data
|
---|
| 2040 |
|
---|
| 2041 | - [Alessandro Ghedini brought this change]
|
---|
| 2042 |
|
---|
| 2043 | openssl: refactor certificate parsing to use OpenSSL memory BIO
|
---|
| 2044 |
|
---|
| 2045 | Fixes #427
|
---|
| 2046 |
|
---|
| 2047 | Kamil Dudka (18 Sep 2015)
|
---|
| 2048 | - nss: prevent NSS from incorrectly re-using a session
|
---|
| 2049 |
|
---|
| 2050 | Without this workaround, NSS re-uses a session cache entry despite the
|
---|
| 2051 | server name does not match. This causes SNI host name to differ from
|
---|
| 2052 | the actual host name. Consequently, certain servers (e.g. github.com)
|
---|
| 2053 | respond by 400 to such requests.
|
---|
| 2054 |
|
---|
| 2055 | Bug: https://bugzilla.mozilla.org/1202264
|
---|
| 2056 |
|
---|
| 2057 | - nss: check return values of NSS functions
|
---|
| 2058 |
|
---|
| 2059 | Daniel Stenberg (17 Sep 2015)
|
---|
| 2060 | - CURLOPT_PINNEDPUBLICKEY.3: mention error code
|
---|
| 2061 |
|
---|
| 2062 | - openssl: build with < 0.9.8
|
---|
| 2063 |
|
---|
| 2064 | ... without sha256 support and no define saying so.
|
---|
| 2065 |
|
---|
| 2066 | Reported-by: Rajkumar Mandal
|
---|
| 2067 |
|
---|
| 2068 | - libcurl-errors.3: add two missing error codes
|
---|
| 2069 |
|
---|
| 2070 | CURLE_SSL_PINNEDPUBKEYNOTMATCH and CURLE_SSL_INVALIDCERTSTATUS
|
---|
| 2071 |
|
---|
| 2072 | Jay Satiro (14 Sep 2015)
|
---|
| 2073 | - CURLOPT_PINNEDPUBLICKEY.3: Improve pubkey extraction example
|
---|
| 2074 |
|
---|
| 2075 | - Show how a certificate can be obtained using OpenSSL.
|
---|
| 2076 |
|
---|
| 2077 | Bug: https://github.com/bagder/curl/pull/430
|
---|
| 2078 | Reported-by: Daniel Hwang
|
---|
| 2079 |
|
---|
| 2080 | Daniel Stenberg (13 Sep 2015)
|
---|
| 2081 | - http2: removed unused function
|
---|
| 2082 |
|
---|
| 2083 | - CURLINFO_ACTIVESOCKET.3: mention it replaces *LASTSOCKET
|
---|
| 2084 |
|
---|
| 2085 | - opts: add CURLINFO_* man pages to dist
|
---|
| 2086 |
|
---|
| 2087 | - opts: 19 more CURLINFO_* options made into stand-alone man pages
|
---|
| 2088 |
|
---|
| 2089 | - RELEASE-NOTES: synced with fad9604613
|
---|
| 2090 |
|
---|
| 2091 | - curl: customrequest_helper: deal with NULL custom method
|
---|
| 2092 |
|
---|
| 2093 | - [Svyatoslav Mishyn brought this change]
|
---|
| 2094 |
|
---|
| 2095 | CURLOPT_FNMATCH_FUNCTION.3: fix typo
|
---|
| 2096 |
|
---|
| 2097 | s => is
|
---|
| 2098 |
|
---|
| 2099 | Closes #428
|
---|
| 2100 |
|
---|
| 2101 | - curl: point out unnecessary uses of -X in verbose mode
|
---|
| 2102 |
|
---|
| 2103 | It uses 'Note:' as a prefix as opposed to the common 'Warning:' to take
|
---|
| 2104 | down the tone a bit.
|
---|
| 2105 |
|
---|
| 2106 | It adds a warning for using -XHEAD on other methods becasue that may
|
---|
| 2107 | lead to a hanging connection.
|
---|
| 2108 |
|
---|
| 2109 | Jay Satiro (10 Sep 2015)
|
---|
| 2110 | - curl_sspi: fix possibly undefined CRYPT_E_REVOKED
|
---|
| 2111 |
|
---|
| 2112 | Bug: https://github.com/bagder/curl/pull/411
|
---|
| 2113 | Reported-by: Viktor Szakats
|
---|
| 2114 |
|
---|
| 2115 | - buildconf.bat: fix syntax error
|
---|
| 2116 |
|
---|
| 2117 | - [Benjamin Kircher brought this change]
|
---|
| 2118 |
|
---|
| 2119 | winbuild: run buildconf.bat if necessary
|
---|
| 2120 |
|
---|
| 2121 | - [Svyatoslav Mishyn brought this change]
|
---|
| 2122 |
|
---|
| 2123 | docs: fix argument type for CURLINFO_SPEED_*, CURLINFO_SIZE_*
|
---|
| 2124 |
|
---|
| 2125 | long => double
|
---|
| 2126 |
|
---|
| 2127 | Daniel Stenberg (8 Sep 2015)
|
---|
| 2128 | - [Sergei Nikulov brought this change]
|
---|
| 2129 |
|
---|
| 2130 | cmake: IPv6 : disable Unix header check on Windows platform
|
---|
| 2131 |
|
---|
| 2132 | Closes #409
|
---|
| 2133 |
|
---|
| 2134 | - parse_proxy: reject illegal port numbers
|
---|
| 2135 |
|
---|
| 2136 | If the port number in the proxy string ended weirdly or the number is
|
---|
| 2137 | too large, skip it. Mostly as a means to bail out early if a "bare" IPv6
|
---|
| 2138 | numerical address is used without enclosing brackets.
|
---|
| 2139 |
|
---|
| 2140 | Also mention the bracket requirement for IPv6 numerical addresses to the
|
---|
| 2141 | man page for CURLOPT_PROXY.
|
---|
| 2142 |
|
---|
| 2143 | Closes #415
|
---|
| 2144 |
|
---|
| 2145 | Reported-by: Marcel Raad
|
---|
| 2146 |
|
---|
| 2147 | - FTP: do_more: add check for wait_data_conn in upload case
|
---|
| 2148 |
|
---|
| 2149 | In some timing-dependnt cases when a 4xx response immediately followed
|
---|
| 2150 | after a 150 when a STOR was issued, this function would wrongly return
|
---|
| 2151 | 'complete == true' while 'wait_data_conn' was still set.
|
---|
| 2152 |
|
---|
| 2153 | Closes #405
|
---|
| 2154 |
|
---|
| 2155 | Reported-by: Patricia Muscalu
|
---|
| 2156 |
|
---|
| 2157 | - [Svyatoslav Mishyn brought this change]
|
---|
| 2158 |
|
---|
| 2159 | CURLOPT_TLSAUTH_TYPE.3: update description
|
---|
| 2160 |
|
---|
| 2161 | Closes #414
|
---|
| 2162 | Closes #413
|
---|
| 2163 |
|
---|
| 2164 | - [Svyatoslav Mishyn brought this change]
|
---|
| 2165 |
|
---|
| 2166 | CURLOPT_PATH_AS_IS.3: fix typo
|
---|
| 2167 |
|
---|
| 2168 | leavit => leaveit
|
---|
| 2169 |
|
---|
| 2170 | closes #412
|
---|
| 2171 |
|
---|
| 2172 | - [Svyatoslav Mishyn brought this change]
|
---|
| 2173 |
|
---|
| 2174 | CURLINFO_SSL_VERIFYRESULT.3: add short description
|
---|
| 2175 |
|
---|
| 2176 | - [Svyatoslav Mishyn brought this change]
|
---|
| 2177 |
|
---|
| 2178 | CURLINFO_SSL_ENGINES.3: add short description
|
---|
| 2179 |
|
---|
| 2180 | - [Svyatoslav Mishyn brought this change]
|
---|
| 2181 |
|
---|
| 2182 | CURLINFO_CONTENT_LENGTH_UPLOAD.3: replace "receive" with "get" for consistency
|
---|
| 2183 |
|
---|
| 2184 | - [Svyatoslav Mishyn brought this change]
|
---|
| 2185 |
|
---|
| 2186 | CURLINFO_REDIRECT_TIME.3: remove redundant '!'
|
---|
| 2187 |
|
---|
| 2188 | Kamil Dudka (4 Sep 2015)
|
---|
| 2189 | - Revert "has: generate the curl/has.h header"
|
---|
| 2190 |
|
---|
| 2191 | This reverts commit a60bde79f9adeb135d5c642a07f0d783fbfbbc25 I have
|
---|
| 2192 | pushed by mistake. Apologies for my incompetent use of the git repo!
|
---|
| 2193 |
|
---|
| 2194 | - nss: do not directly access SSL_ImplementedCiphers[]
|
---|
| 2195 |
|
---|
| 2196 | It causes dynamic linking issues at run-time after an update of NSS.
|
---|
| 2197 |
|
---|
| 2198 | Bug: https://lists.fedoraproject.org/pipermail/devel/2015-September/214117.html
|
---|
| 2199 |
|
---|
| 2200 | - [Daniel Stenberg brought this change]
|
---|
| 2201 |
|
---|
| 2202 | has: generate the curl/has.h header
|
---|
| 2203 |
|
---|
| 2204 | changed macro name, moved and renamed script to become docs/libcurl/has.pl,
|
---|
| 2205 | generate code that is checksrc compliant
|
---|
| 2206 |
|
---|
| 2207 | Daniel Stenberg (3 Sep 2015)
|
---|
| 2208 | - gitignore: ignore more generated VC Makefiles
|
---|
| 2209 |
|
---|
| 2210 | - projects/Windows/.gitignore: ignore generated files for release
|
---|
| 2211 |
|
---|
| 2212 | - http2: don't pass on Connection: headers
|
---|
| 2213 |
|
---|
| 2214 | RFC 7540 section 8.1.2.2 states: "An endpoint MUST NOT generate an
|
---|
| 2215 | HTTP/2 message containing connection-specific header fields; any message
|
---|
| 2216 | containing connection-specific header fields MUST be treated as
|
---|
| 2217 | malformed"
|
---|
| 2218 |
|
---|
| 2219 | Closes #401
|
---|
| 2220 |
|
---|
| 2221 | - curl.1: update RFC references
|
---|
| 2222 |
|
---|
| 2223 | - CURLOPT_POSTREDIR.3: update RFC number and section
|
---|
| 2224 |
|
---|
| 2225 | - CURLOPT_FOLLOWLOCATION.3: mention methods for redirects
|
---|
| 2226 |
|
---|
| 2227 | and some general cleaning up
|
---|
| 2228 |
|
---|
| 2229 | - [Marcel Raad brought this change]
|
---|
| 2230 |
|
---|
| 2231 | inet_pton.c: Fix MSVC run-time check failure (2)
|
---|
| 2232 |
|
---|
| 2233 | This fixes another run-time check failure because of a narrowing cast on
|
---|
| 2234 | Visual C++.
|
---|
| 2235 |
|
---|
| 2236 | Closes #408
|
---|
| 2237 |
|
---|
| 2238 | Jay Satiro (3 Sep 2015)
|
---|
| 2239 | - docs: Warn about any-domain cookies and multiple transfers
|
---|
| 2240 |
|
---|
| 2241 | - Warn that cookies without a domain are sent to any domain:
|
---|
| 2242 | CURLOPT_COOKIELIST, CURLOPT_COOKIEFILE, --cookie
|
---|
| 2243 |
|
---|
| 2244 | - Note that imported Set-Cookie cookies without a domain are no longer
|
---|
| 2245 | exported:
|
---|
| 2246 | CURLINFO_COOKIELIST, CURLOPT_COOKIEJAR, --cookie-jar
|
---|
| 2247 |
|
---|
| 2248 | Steve Holme (2 Sep 2015)
|
---|
| 2249 | - tool_sdecls.h: Fixed compilation warning from commit 4a889441d3
|
---|
| 2250 |
|
---|
| 2251 | tool_sdecls.h:139 warning: comma at end of enumerator list
|
---|
| 2252 |
|
---|
| 2253 | Daniel Stenberg (2 Sep 2015)
|
---|
| 2254 | - opts: 8 more CURLINFO* options as stand-alone man pages
|
---|
| 2255 |
|
---|
| 2256 | - RELEASE-NOTES: synced with c764cb4add1a8
|
---|
| 2257 |
|
---|
| 2258 | - man-pages: more SEE ALSO links
|
---|
| 2259 |
|
---|
| 2260 | - opts: more CURLINFO_* options as stand-alone man pages
|
---|
| 2261 |
|
---|
| 2262 | Steve Holme (31 Aug 2015)
|
---|
| 2263 | - sasl: Only define Curl_sasl_digest_get_pair() when CRYPTO_AUTH enabled
|
---|
| 2264 |
|
---|
| 2265 | Introduced in commit 59f3f92ba6 this function is only implemented when
|
---|
| 2266 | CURL_DISABLE_CRYPTO_AUTH is not defined. As such we shouldn't define
|
---|
| 2267 | the function in the header file either.
|
---|
| 2268 |
|
---|
| 2269 | - sasl: Updated SPN variables and comments for consistency
|
---|
| 2270 |
|
---|
| 2271 | In places the "host name" and "realm" variable was referred to as
|
---|
| 2272 | "instance" whilst in others it was referred to as "host".
|
---|
| 2273 |
|
---|
| 2274 | Daniel Stenberg (30 Aug 2015)
|
---|
| 2275 | - configure: check for HMAC_Update in openssl
|
---|
| 2276 |
|
---|
| 2277 | Turns out HMAC_Init is now deprecated in openssl master (and I spelled
|
---|
| 2278 | HMAC_Init_ex wrong in previous commit)
|
---|
| 2279 |
|
---|
| 2280 | Steve Holme (30 Aug 2015)
|
---|
| 2281 | - win32: Use DES_set_odd_parity() from OpenSSL/BoringSSL by default
|
---|
| 2282 |
|
---|
| 2283 | Set HAVE_DES_SET_ODD_PARITY when using OpenSSL/BoringSSL as native
|
---|
| 2284 | Windows builds don't use the autoconf tools.
|
---|
| 2285 |
|
---|
| 2286 | - des: Fixed compilation warning from commit 613e5022fe
|
---|
| 2287 |
|
---|
| 2288 | curl_ntlm_core.c:150: warning 'Curl_des_set_odd_parity' undefined;
|
---|
| 2289 | assuming extern returning int
|
---|
| 2290 |
|
---|
| 2291 | - buildconf.bat: Fixed double blank line in 'curl manual' warning output
|
---|
| 2292 |
|
---|
| 2293 | - makefiles: Added our standard copyright header
|
---|
| 2294 |
|
---|
| 2295 | But kept the original author, when they were specified in a comment, as
|
---|
| 2296 | the initial copyright holder.
|
---|
| 2297 |
|
---|
| 2298 | Jay Satiro (29 Aug 2015)
|
---|
| 2299 | - CURLOPT_FILETIME.3: CURLINFO_FILETIME has its own manpage now
|
---|
| 2300 |
|
---|
| 2301 | Daniel Stenberg (29 Aug 2015)
|
---|
| 2302 | - CURLINFO_RESPONSE_CODE.3: added short description
|
---|
| 2303 |
|
---|
| 2304 | - opts: 7 initial CURLINFO_* options as stand-alone man pages
|
---|
| 2305 |
|
---|
| 2306 | - [Nikolai Kondrashov brought this change]
|
---|
| 2307 |
|
---|
| 2308 | libcurl.m4: Put braces around empty if body
|
---|
| 2309 |
|
---|
| 2310 | Put braces around empty "if" body in libcurl.m4 check to avoid warning:
|
---|
| 2311 |
|
---|
| 2312 | suggest braces around empty body in an 'if' statement
|
---|
| 2313 |
|
---|
| 2314 | and make it work with -Werror builds.
|
---|
| 2315 |
|
---|
| 2316 | Closes #402
|
---|
| 2317 |
|
---|
| 2318 | - [Svyatoslav Mishyn brought this change]
|
---|
| 2319 |
|
---|
| 2320 | curl_easy_escape.3: escape '\n'
|
---|
| 2321 |
|
---|
| 2322 | Closes #398
|
---|
| 2323 |
|
---|
| 2324 | - [Svyatoslav Mishyn brought this change]
|
---|
| 2325 |
|
---|
| 2326 | curl_easy_{escape,setopt}.3: fix example
|
---|
| 2327 |
|
---|
| 2328 | remove redundant '}'
|
---|
| 2329 |
|
---|
| 2330 | - [Sergei Nikulov brought this change]
|
---|
| 2331 |
|
---|
| 2332 | cmake: added Windows SSL support
|
---|
| 2333 |
|
---|
| 2334 | Closes #399
|
---|
| 2335 |
|
---|
| 2336 | - curl: point out the conflicting HTTP methods if used
|
---|
| 2337 |
|
---|
| 2338 | It isn't always clear to the user which options that cause the HTTP
|
---|
| 2339 | methods to conflict so by spelling them out it should hopefully be
|
---|
| 2340 | easier to understand why curl complains.
|
---|
| 2341 |
|
---|
| 2342 | - curl: clarify that users can only specify one _METHOD_
|
---|
| 2343 |
|
---|
| 2344 | - [Svyatoslav Mishyn brought this change]
|
---|
| 2345 |
|
---|
| 2346 | curl_easy_{escape,unescape}.3: "char *" vs. "const char *"
|
---|
| 2347 |
|
---|
| 2348 | Closes #395
|
---|
| 2349 |
|
---|
| 2350 | Patrick Monnerat (24 Aug 2015)
|
---|
| 2351 | - os400: include new options in wrappers and update ILE/RPG binding.
|
---|
| 2352 |
|
---|
| 2353 | Daniel Stenberg (24 Aug 2015)
|
---|
| 2354 | - KNOWN_BUGS: #2, not reading a HEAD response-body is not a bug
|
---|
| 2355 |
|
---|
| 2356 | ... since HTTP is forbidden to return any such.
|
---|
| 2357 |
|
---|
| 2358 | - KNOWN_BUGS: #78 zero-length files is already fixed!
|
---|
| 2359 |
|
---|
| 2360 | - [Razvan Cojocaru brought this change]
|
---|
| 2361 |
|
---|
| 2362 | getinfo: added CURLINFO_ACTIVESOCKET
|
---|
| 2363 |
|
---|
| 2364 | This patch addresses known bug #76, where on 64-bit Windows SOCKET is 64
|
---|
| 2365 | bits wide, but long is only 32, making CURLINFO_LASTSOCKET unreliable.
|
---|
| 2366 |
|
---|
| 2367 | Signed-off-by: Razvan Cojocaru <rcojocaru@bitdefender.com>
|
---|
| 2368 |
|
---|
| 2369 | - http2: remove dead code
|
---|
| 2370 |
|
---|
| 2371 | Leftovers from when we removed the private socket hash.
|
---|
| 2372 |
|
---|
| 2373 | Coverity CID 1317365, "Logically dead code"
|
---|
| 2374 |
|
---|
| 2375 | - ntlm: mark deliberate switch case fall-through
|
---|
| 2376 |
|
---|
| 2377 | Coverity CID 1317367, "Missing break in switch"
|
---|
| 2378 |
|
---|
| 2379 | - http2: on_frame_recv: get a proper 'conn' for the debug logging
|
---|
| 2380 |
|
---|
| 2381 | "Explicit null dereferenced (FORWARD_NULL)"
|
---|
| 2382 |
|
---|
| 2383 | Coverity CID 1317366
|
---|
| 2384 |
|
---|
| 2385 | - RELEASE-NOTES: synced with 2acaf3c804
|
---|
| 2386 |
|
---|
| 2387 | Dan Fandrich (23 Aug 2015)
|
---|
| 2388 | - tool: fix memory leak with --proto-default option
|
---|
| 2389 |
|
---|
| 2390 | Jay Satiro (22 Aug 2015)
|
---|
| 2391 | - [Nathaniel Waisbrot brought this change]
|
---|
| 2392 |
|
---|
| 2393 | CURLOPT_DEFAULT_PROTOCOL: added
|
---|
| 2394 |
|
---|
| 2395 | - Add new option CURLOPT_DEFAULT_PROTOCOL to allow specifying a default
|
---|
| 2396 | protocol for schemeless URLs.
|
---|
| 2397 |
|
---|
| 2398 | - Add new tool option --proto-default to expose
|
---|
| 2399 | CURLOPT_DEFAULT_PROTOCOL.
|
---|
| 2400 |
|
---|
| 2401 | In the case of schemeless URLs libcurl will behave in this way:
|
---|
| 2402 |
|
---|
| 2403 | When the option is used libcurl will use the supplied default.
|
---|
| 2404 |
|
---|
| 2405 | When the option is not used, libcurl will follow its usual plan of
|
---|
| 2406 | guessing from the hostname and falling back to 'http'.
|
---|
| 2407 |
|
---|
| 2408 | - runtests: Allow for spaces in server-verify curl custom path
|
---|
| 2409 |
|
---|
| 2410 | Daniel Stenberg (22 Aug 2015)
|
---|
| 2411 | - NTLM: recent boringssl brought DES_set_odd_parity back
|
---|
| 2412 |
|
---|
| 2413 | ... so improve the #ifdefs for using our local implementation.
|
---|
| 2414 |
|
---|
| 2415 | - configure: detect latest boringssl
|
---|
| 2416 |
|
---|
| 2417 | Since boringssl brought back DES_set_odd_parity again, it cannot be used
|
---|
| 2418 | to differentiate from boringssl. Using the OPENSSL_IS_BORINGSSL define
|
---|
| 2419 | seems better anyway.
|
---|
| 2420 |
|
---|
| 2421 | URL: https://android.googlesource.com/platform/external/curl/+/f551028d5caab29d4b4a4ae8c159c76c3cfd4887%5E!/
|
---|
| 2422 | Original-patch-by: Bertrand Simonnet
|
---|
| 2423 |
|
---|
| 2424 | Closes #393
|
---|
| 2425 |
|
---|
| 2426 | - configure: change functions to detect openssl (clones)
|
---|
| 2427 |
|
---|
| 2428 | ... since boringssl moved the former ones and the check started to fail.
|
---|
| 2429 |
|
---|
| 2430 | URL: https://android.googlesource.com/platform/external/curl/+/f551028d5caab29d4b4a4ae8c159c76c3cfd4887%5E!/
|
---|
| 2431 | Original-patch-by: Bertrand Simonnet
|
---|
| 2432 |
|
---|
| 2433 | - [Alessandro Ghedini brought this change]
|
---|
| 2434 |
|
---|
| 2435 | openssl: handle lack of server cert when strict checking disabled
|
---|
| 2436 |
|
---|
| 2437 | If strict certificate checking is disabled (CURLOPT_SSL_VERIFYPEER
|
---|
| 2438 | and CURLOPT_SSL_VERIFYHOST are disabled) do not fail if the server
|
---|
| 2439 | doesn't present a certificate at all.
|
---|
| 2440 |
|
---|
| 2441 | Closes #392
|
---|
| 2442 |
|
---|
| 2443 | - ftp: clear the do_more bit when the server has connected
|
---|
| 2444 |
|
---|
| 2445 | The multi state machine would otherwise go into the DO_MORE state after
|
---|
| 2446 | DO, even for the case when the FTP state machine had already performed
|
---|
| 2447 | those duties, which caused libcurl to get stuck in that state and fail
|
---|
| 2448 | miserably. This occured for for active ftp uploads.
|
---|
| 2449 |
|
---|
| 2450 | Reported-by: Patricia Muscalu
|
---|
| 2451 |
|
---|
| 2452 | - [Jactry Zeng brought this change]
|
---|
| 2453 |
|
---|
| 2454 | travis.yml: Add OS X testbot.
|
---|
| 2455 |
|
---|
| 2456 | - [Rémy Léone brought this change]
|
---|
| 2457 |
|
---|
| 2458 | travis: Upgrading to container based build
|
---|
| 2459 |
|
---|
| 2460 | http://docs.travis-ci.com/user/migrating-from-legacy
|
---|
| 2461 |
|
---|
| 2462 | Closes #388
|
---|
| 2463 |
|
---|
| 2464 | - RELEASE-NOTES: synced with 14ff86256b13e
|
---|
| 2465 |
|
---|
| 2466 | - [Erik Janssen brought this change]
|
---|
| 2467 |
|
---|
| 2468 | rtsp: stop reading empty DESCRIBE responses
|
---|
| 2469 |
|
---|
| 2470 | Based-on-patch-by: Jim Hollinger
|
---|
| 2471 |
|
---|
| 2472 | - [Erik Janssen brought this change]
|
---|
| 2473 |
|
---|
| 2474 | rtsp: support basic/digest authentication
|
---|
| 2475 |
|
---|
| 2476 | - [Sam Roth brought this change]
|
---|
| 2477 |
|
---|
| 2478 | CURLMOPT_PUSHFUNCTION.3: fix argument types
|
---|
| 2479 |
|
---|
| 2480 | Closes #389
|
---|
| 2481 | Closes #386
|
---|
| 2482 |
|
---|
| 2483 | - [Marcel Raad brought this change]
|
---|
| 2484 |
|
---|
| 2485 | inet_pton.c: Fix MSVC run-time check failure
|
---|
| 2486 |
|
---|
| 2487 | Visual Studio complains with a message box:
|
---|
| 2488 |
|
---|
| 2489 | "Run-Time Check Failure #1 - A cast to a smaller data type has caused a
|
---|
| 2490 | loss of data. If this was intentional, you should mask the source of
|
---|
| 2491 | the cast with the appropriate bitmask.
|
---|
| 2492 |
|
---|
| 2493 | For example:
|
---|
| 2494 | char c = (i & 0xFF);
|
---|
| 2495 |
|
---|
| 2496 | Changing the code in this way will not affect the quality of the
|
---|
| 2497 | resulting optimized code."
|
---|
| 2498 |
|
---|
| 2499 | This is because only 'val' is cast to unsigned char, so the "& 0xff" has
|
---|
| 2500 | no effect.
|
---|
| 2501 |
|
---|
| 2502 | Closes #387
|
---|
| 2503 |
|
---|
| 2504 | Jay Satiro (18 Aug 2015)
|
---|
| 2505 | - docs: Update the redirect protocols disabled by default
|
---|
| 2506 |
|
---|
| 2507 | - Clarify that FILE and SCP are disabled by default since 7.19.4
|
---|
| 2508 | - Add that SMB and SMBS are disabled by default since 7.40.0
|
---|
| 2509 | - Add CURLPROTO_SMBS to the list of protocols
|
---|
| 2510 |
|
---|
| 2511 | - gitignore: Sort for readability
|
---|
| 2512 |
|
---|
| 2513 | find . -name .gitignore -print0 | xargs -i -0 sort -o '{}' '{}'
|
---|
| 2514 |
|
---|
| 2515 | Daniel Stenberg (15 Aug 2015)
|
---|
| 2516 | - curl_easy_getinfo.3: fix superfluous space
|
---|
| 2517 |
|
---|
| 2518 | ... and changed "oriented" to "related"
|
---|
| 2519 |
|
---|
| 2520 | Closes #378
|
---|
| 2521 |
|
---|
| 2522 | - CURLOPT_HTTP_VERSION.3: connection re-use goes before version
|
---|
| 2523 |
|
---|
| 2524 | - [Daniel Kahn Gillmor brought this change]
|
---|
| 2525 |
|
---|
| 2526 | curl.1: Document weaknesses in SSLv2 and SSLv3
|
---|
| 2527 |
|
---|
| 2528 | Acknowledge that SSLv3 is also widely considered to be insecure.
|
---|
| 2529 |
|
---|
| 2530 | Also, provide references for people who want to know more about why it's
|
---|
| 2531 | insecure.
|
---|
| 2532 |
|
---|
| 2533 | Steve Holme (14 Aug 2015)
|
---|
| 2534 | - generate.bat: Added support for generating only the prerequisite files
|
---|
| 2535 |
|
---|
| 2536 | - generate.bat: Only call buildconf.bat if it exists
|
---|
| 2537 |
|
---|
| 2538 | - generate.bat: Fixed issues when ran in directories with special chars
|
---|
| 2539 |
|
---|
| 2540 | Daniel Stenberg (14 Aug 2015)
|
---|
| 2541 | - [Brad King brought this change]
|
---|
| 2542 |
|
---|
| 2543 | cmake: Fix CurlTests check for gethostbyname_r with 5 arguments
|
---|
| 2544 |
|
---|
| 2545 | Fix the check code to pass 5 arguments instead of 6. This typo was
|
---|
| 2546 | introduced by commit aebfd4cfbf (cmake: fix gethostby{addr,name}_r in
|
---|
| 2547 | CurlTests, 2014-10-31).
|
---|
| 2548 |
|
---|
| 2549 | Steve Holme (14 Aug 2015)
|
---|
| 2550 | - * buildconf.bat: Fixed issues when ran in directories with special chars
|
---|
| 2551 |
|
---|
| 2552 | Bug: https://github.com/bagder/curl/pull/379
|
---|
| 2553 | Reported-by: Daniel Seither
|
---|
| 2554 |
|
---|
| 2555 | Jay Satiro (13 Aug 2015)
|
---|
| 2556 | - curl_global_init_mem.3: Stronger thread safety warning
|
---|
| 2557 |
|
---|
| 2558 | Bug: http://curl.haxx.se/mail/lib-2015-08/0016.html
|
---|
| 2559 | Reported-by: Eric Ridge
|
---|
| 2560 |
|
---|
| 2561 | Daniel Stenberg (12 Aug 2015)
|
---|
| 2562 | - [Svyatoslav Mishyn brought this change]
|
---|
| 2563 |
|
---|
| 2564 | curl_multi_add_handle.3: fix a typo
|
---|
| 2565 |
|
---|
| 2566 | "can not" => "cannot"
|
---|
| 2567 |
|
---|
| 2568 | closes #377
|
---|
| 2569 |
|
---|
| 2570 | - [Alessandro Ghedini brought this change]
|
---|
| 2571 |
|
---|
| 2572 | docs: fix typos
|
---|
| 2573 |
|
---|
| 2574 | closes #376
|
---|
| 2575 |
|
---|
| 2576 | - bump: start working toward 7.45.0
|
---|
| 2577 |
|
---|
| 2578 | - THANKS: remove duplicate name
|
---|
| 2579 |
|
---|
| 2580 | - THANKS-filter: merge Todd's names
|
---|
| 2581 |
|
---|
| 2582 | - THANKS: 13 new contributors from the 7.44.0 RELEASE-NOTES
|
---|
| 2583 |
|
---|
| 2584 | Version 7.44.0 (11 Aug 2015)
|
---|
| 2585 |
|
---|
| 2586 | Daniel Stenberg (11 Aug 2015)
|
---|
| 2587 | - RELEASE-NOTES: synced with c75a1e775061
|
---|
| 2588 |
|
---|
| 2589 | - [Svyatoslav Mishyn brought this change]
|
---|
| 2590 |
|
---|
| 2591 | curl_formget.3: correct return code
|
---|
| 2592 |
|
---|
| 2593 | Closes #375
|
---|
| 2594 |
|
---|
| 2595 | - [Svyatoslav Mishyn brought this change]
|
---|
| 2596 |
|
---|
| 2597 | libcurl-tutorial.3: fix formatting
|
---|
| 2598 |
|
---|
| 2599 | Closes #374
|
---|
| 2600 |
|
---|
| 2601 | - [Svyatoslav Mishyn brought this change]
|
---|
| 2602 |
|
---|
| 2603 | curl_easy_recv.3: fix formatting
|
---|
| 2604 |
|
---|
| 2605 | - [Anders Bakken brought this change]
|
---|
| 2606 |
|
---|
| 2607 | http2: discard frames with no SessionHandle
|
---|
| 2608 |
|
---|
| 2609 | Return 0 instead of NGHTTP2_ERR_CALLBACK_FAILURE if we can't locate the
|
---|
| 2610 | SessionHandle. Apparently mod_h2 will sometimes send a frame for a
|
---|
| 2611 | stream_id we're finished with.
|
---|
| 2612 |
|
---|
| 2613 | Use nghttp2_session_get_stream_user_data and
|
---|
| 2614 | nghttp2_session_set_stream_user_data to identify SessionHandles instead
|
---|
| 2615 | of a hash.
|
---|
| 2616 |
|
---|
| 2617 | Closes #372
|
---|
| 2618 |
|
---|
| 2619 | - RELEASE-NOTES: synced with 9ee40ce2aba
|
---|
| 2620 |
|
---|
| 2621 | - [Viktor Szakats brought this change]
|
---|
| 2622 |
|
---|
| 2623 | build: refer to fixed libidn versions
|
---|
| 2624 |
|
---|
| 2625 | closes #371
|
---|
| 2626 |
|
---|
| 2627 | - Revert "configure: disable libidn by default"
|
---|
| 2628 |
|
---|
| 2629 | This reverts commit e6749055d65398315fd77f5b5b8234c5552ac2d3.
|
---|
| 2630 |
|
---|
| 2631 | ... since libidn has since been fixed.
|
---|
| 2632 |
|
---|
| 2633 | - [Jakub Zakrzewski brought this change]
|
---|
| 2634 |
|
---|
| 2635 | CMake: s/HAVE_GSS_API/HAVE_GSSAPI/ to match header define
|
---|
| 2636 |
|
---|
| 2637 | Otherwise the build only pretended to use GSS-API
|
---|
| 2638 |
|
---|
| 2639 | Closes #370
|
---|
| 2640 |
|
---|
| 2641 | - SFTP: fix range request off-by-one in size check
|
---|
| 2642 |
|
---|
| 2643 | Reported-by: Tim Stack
|
---|
| 2644 |
|
---|
| 2645 | Closes #359
|
---|
| 2646 |
|
---|
| 2647 | - test46: update cookie expire time
|
---|
| 2648 |
|
---|
| 2649 | ... since it went old and thus was expired and caused the test to fail!
|
---|
| 2650 |
|
---|
| 2651 | Steve Holme (9 Aug 2015)
|
---|
| 2652 | - generate.bat: Use buildconf.bat for prerequisite file generation
|
---|
| 2653 |
|
---|
| 2654 | - buildconf.bat: Tidy up of comments after recent commits
|
---|
| 2655 |
|
---|
| 2656 | - buildconf.bat: Added full generation of src\tool_hugehelp.c
|
---|
| 2657 |
|
---|
| 2658 | Added support for generating the full man page based on code from
|
---|
| 2659 | generate.bat.
|
---|
| 2660 |
|
---|
| 2661 | - buildconf.bat: Added detection of groff, nroff, perl and gzip
|
---|
| 2662 |
|
---|
| 2663 | To allow for the full generation of tool_hugehelp.c added detection of
|
---|
| 2664 | the required programs - based on code from generate.bat.
|
---|
| 2665 |
|
---|
| 2666 | - buildconf.bat: Move DOS variable clean-up code to separate function
|
---|
| 2667 |
|
---|
| 2668 | Rather than duplicate future variables, during clean-up of both success
|
---|
| 2669 | and error conditions, use a common function that can be called by both.
|
---|
| 2670 |
|
---|
| 2671 | - RELEASE-NOTES: Synced with 39dcf352d2
|
---|
| 2672 |
|
---|
| 2673 | - buildconf.bat: Added error messages on failure
|
---|
| 2674 |
|
---|
| 2675 | - buildconf.bat: Generate and clean files in the same order
|
---|
| 2676 |
|
---|
| 2677 | - buildconf.bat: Maintain compatibility with DOS based systems
|
---|
| 2678 |
|
---|
| 2679 | Commit f08e30d7bc broke compatibility with DOS and non Windows NT based
|
---|
| 2680 | versions of Windows due to the use of the setlocal command.
|
---|
| 2681 |
|
---|
| 2682 | Jay Satiro (9 Aug 2015)
|
---|
| 2683 | - CURLOPT_RESOLVE.3: Note removal support was added in 7.42
|
---|
| 2684 |
|
---|
| 2685 | Bug: http://curl.haxx.se/mail/lib-2015-08/0019.html
|
---|
| 2686 | Reported-by: Inca R
|
---|
| 2687 |
|
---|
| 2688 | Steve Holme (8 Aug 2015)
|
---|
| 2689 | - checksrc.bat: Fixed error when missing *.c and *.h files
|
---|
| 2690 |
|
---|
| 2691 | File Not Found
|
---|
| 2692 |
|
---|
| 2693 | - checksrc.bat: Fixed incorrect 'lib\vtls' path check in commit 333c36b276
|
---|
| 2694 |
|
---|
| 2695 | - checksrc.bat: Fixed error when [directory] isn't a curl source directory
|
---|
| 2696 |
|
---|
| 2697 | The system cannot find the file specified.
|
---|
| 2698 |
|
---|
| 2699 | - checksrc.bat: Added check for unknown arguments
|
---|
| 2700 |
|
---|
| 2701 | - scripts: Added missing comments
|
---|
| 2702 |
|
---|
| 2703 | - scripts: Always perform setlocal and endlocal calls in pairs
|
---|
| 2704 |
|
---|
| 2705 | Ensure that there isn't a mismatch between setlocal and endlocal calls,
|
---|
| 2706 | which could have happened due to setlocal being called after certain
|
---|
| 2707 | error conditions were checked for.
|
---|
| 2708 |
|
---|
| 2709 | - scripts: Allow -help to be specified in any argument
|
---|
| 2710 |
|
---|
| 2711 | Allow the -help command line argument to be specified in any argument
|
---|
| 2712 | and not just as the first.
|
---|
| 2713 |
|
---|
| 2714 | Daniel Stenberg (6 Aug 2015)
|
---|
| 2715 | - [juef brought this change]
|
---|
| 2716 |
|
---|
| 2717 | curl_multi_remove_handle.3: fix formatting
|
---|
| 2718 |
|
---|
| 2719 | closes #366
|
---|
| 2720 |
|
---|
| 2721 | Steve Holme (6 Aug 2015)
|
---|
| 2722 | - README: Added notes about 'Running DLL based configurations'
|
---|
| 2723 |
|
---|
| 2724 | ...as well as a TODO for a future enhancement to the project files.
|
---|
| 2725 |
|
---|
| 2726 | Thanks-to: Jay Satiro
|
---|
| 2727 |
|
---|
| 2728 | - RELEASE-NOTES: Synced with cf8975387f
|
---|
| 2729 |
|
---|
| 2730 | - buildconf.bat: Synchronise no repository error with generate.bat
|
---|
| 2731 |
|
---|
| 2732 | - generate.bat: Added a check for the presence of a git repository
|
---|
| 2733 |
|
---|
| 2734 | - [Jay Satiro brought this change]
|
---|
| 2735 |
|
---|
| 2736 | build: Added wolfSSL configurations to VC10+ project files
|
---|
| 2737 |
|
---|
| 2738 | URL: https://github.com/bagder/curl/pull/174
|
---|
| 2739 |
|
---|
| 2740 | - [Jay Satiro brought this change]
|
---|
| 2741 |
|
---|
| 2742 | build: Added wolfSSL build script for Visual Studio projects
|
---|
| 2743 |
|
---|
| 2744 | Added the wolfSSL build script, based on build-openssl.bat, as well as
|
---|
| 2745 | the property sheet and header file required for the upcoming additions
|
---|
| 2746 | to the Visual Studio project files.
|
---|
| 2747 |
|
---|
| 2748 | Daniel Stenberg (6 Aug 2015)
|
---|
| 2749 | - CHANGES: refer to the online changelog
|
---|
| 2750 |
|
---|
| 2751 | Suggested-by: mc0e
|
---|
| 2752 |
|
---|
| 2753 | - [Isaac Boukris brought this change]
|
---|
| 2754 |
|
---|
| 2755 | NTLM: handle auth for only a single request
|
---|
| 2756 |
|
---|
| 2757 | Currently when the server responds with 401 on NTLM authenticated
|
---|
| 2758 | connection (re-used) we consider it to have failed. However this is
|
---|
| 2759 | legitimate and may happen when for example IIS is set configured to
|
---|
| 2760 | 'authPersistSingleRequest' or when the request goes thru a proxy (with
|
---|
| 2761 | 'via' header).
|
---|
| 2762 |
|
---|
| 2763 | Implemented by imploying an additional state once a connection is
|
---|
| 2764 | re-used to indicate that if we receive 401 we need to restart
|
---|
| 2765 | authentication.
|
---|
| 2766 |
|
---|
| 2767 | Closes #363
|
---|
| 2768 |
|
---|
| 2769 | Steve Holme (5 Aug 2015)
|
---|
| 2770 | - RELEASE-NOTES: Synced with 473807b95f
|
---|
| 2771 |
|
---|
| 2772 | - generate.bat: Use buildconf.bat for prerequisite file clean-up
|
---|
| 2773 |
|
---|
| 2774 | - buildconf.bat: Added support for file clean-up via -clean
|
---|
| 2775 |
|
---|
| 2776 | - buildconf.bat: Added progress output
|
---|
| 2777 |
|
---|
| 2778 | - buildconf.bat: Avoid using goto for file not in repository
|
---|
| 2779 |
|
---|
| 2780 | Daniel Stenberg (5 Aug 2015)
|
---|
| 2781 | - curl_slist_append.3: add error checking to the example
|
---|
| 2782 |
|
---|
| 2783 | Steve Holme (5 Aug 2015)
|
---|
| 2784 | - buildconf.bat: Added display of usage text with -help
|
---|
| 2785 |
|
---|
| 2786 | - buildconf.bat: Added exit codes for error handling
|
---|
| 2787 |
|
---|
| 2788 | - buildconf.bat: Added our standard copyright header
|
---|
| 2789 |
|
---|
| 2790 | - buildconf.bat: Use lower-case for commands and reserved keywords
|
---|
| 2791 |
|
---|
| 2792 | - generate.bat: Only clean prerequisite files when in ALL mode
|
---|
| 2793 |
|
---|
| 2794 | - generate.bat: Moved error messages out of sub-routines
|
---|
| 2795 |
|
---|
| 2796 | - generate.bat: More use of lower-case for commands and reserved keywords
|
---|
| 2797 |
|
---|
| 2798 | Daniel Stenberg (3 Aug 2015)
|
---|
| 2799 | - libcurl.3: fix a single typo
|
---|
| 2800 |
|
---|
| 2801 | Closes #361
|
---|
| 2802 |
|
---|
| 2803 | - RELEASE-NOTES: synced with c4eb10e2f06f
|
---|
| 2804 |
|
---|
| 2805 | - SSH: three state machine fixups
|
---|
| 2806 |
|
---|
| 2807 | The SSH state machine didn't clear the 'rc' variable appropriately in a
|
---|
| 2808 | two places which prevented it from looping the way it should. And it
|
---|
| 2809 | lacked an 'else' statement that made it possible to erroneously get
|
---|
| 2810 | stuck in the SSH_AUTH_AGENT state.
|
---|
| 2811 |
|
---|
| 2812 | Reported-by: Tim Stack
|
---|
| 2813 |
|
---|
| 2814 | Closes #357
|
---|
| 2815 |
|
---|
| 2816 | - curl_gssapi: remove 'const' to fix compiler warnings
|
---|
| 2817 |
|
---|
| 2818 | initialization discards 'const' qualifier from pointer target type
|
---|
| 2819 |
|
---|
| 2820 | - docs: formpost needs the full size at start of upload
|
---|
| 2821 |
|
---|
| 2822 | Closes #360
|
---|
| 2823 |
|
---|
| 2824 | Steve Holme (1 Aug 2015)
|
---|
| 2825 | - sspi: Fix typo from left over from old code which referenced NTLM
|
---|
| 2826 |
|
---|
| 2827 | References to NTLM in the identity generation should have been removed
|
---|
| 2828 | in commit c469941293 but not all were.
|
---|
| 2829 |
|
---|
| 2830 | - win32: Fix compilation warnings from commit 40c921f8b8
|
---|
| 2831 |
|
---|
| 2832 | connect.c:953:5: warning: initializer element is not computable at load
|
---|
| 2833 | time
|
---|
| 2834 | connect.c:953:5: warning: missing initializer for field 'dwMinorVersion'
|
---|
| 2835 | of 'OSVERSIONINFOEX'
|
---|
| 2836 | curl_sspi.c:97:5: warning: initializer element is not computable at load
|
---|
| 2837 | time
|
---|
| 2838 | curl_sspi.c:97:5: warning: missing initializer for field 'szCSDVersion'
|
---|
| 2839 | of 'OSVERSIONINFOEX'
|
---|
| 2840 |
|
---|
| 2841 | - schannel: Fix compilation warning from commit 7a8e861a56
|
---|
| 2842 |
|
---|
| 2843 | schannel.c:1125:5: warning: missing initializer for field 'dwMinorVersion'
|
---|
| 2844 | of 'OSVERSIONINFOEX' [-Wmissing-field-initializers
|
---|
| 2845 |
|
---|
| 2846 | Daniel Stenberg (31 Jul 2015)
|
---|
| 2847 | - libcurl-thread.3: minor reformatting
|
---|
| 2848 |
|
---|
| 2849 | Jay Satiro (31 Jul 2015)
|
---|
| 2850 | - curl_global_init_mem.3: Warn threaded resolver needs thread safe funcs
|
---|
| 2851 |
|
---|
| 2852 | Bug: http://curl.haxx.se/mail/lib-2015-07/0149.html
|
---|
| 2853 | Reported-by: Eric Ridge
|
---|
| 2854 |
|
---|
| 2855 | - libcurl-thread.3: Warn memory functions must be thread safe
|
---|
| 2856 |
|
---|
| 2857 | Bug: http://curl.haxx.se/mail/lib-2015-07/0149.html
|
---|
| 2858 | Reported-by: Eric Ridge
|
---|
| 2859 |
|
---|
| 2860 | Steve Holme (31 Jul 2015)
|
---|
| 2861 | - RELEASE-NOTES: Synced with 8b1d00ac1a
|
---|
| 2862 |
|
---|
| 2863 | - INSTALL: Minor formatting correction in 'Legacy Windows and SSL' section
|
---|
| 2864 |
|
---|
| 2865 | ...as well as some rewording.
|
---|
| 2866 |
|
---|
| 2867 | Kamil Dudka (30 Jul 2015)
|
---|
| 2868 | - http: move HTTP/2 cleanup code off http_disconnect()
|
---|
| 2869 |
|
---|
| 2870 | Otherwise it would never be called for an HTTP/2 connection, which has
|
---|
| 2871 | its own disconnect handler.
|
---|
| 2872 |
|
---|
| 2873 | I spotted this while debugging <https://bugzilla.redhat.com/1248389>
|
---|
| 2874 | where the http_disconnect() handler was called on an FTP session handle
|
---|
| 2875 | causing 'dnf' to crash. conn->data->req.protop of type (struct FTP *)
|
---|
| 2876 | was reinterpreted as type (struct HTTP *) which resulted in SIGSEGV in
|
---|
| 2877 | Curl_add_buffer_free() after printing the "Connection cache is full,
|
---|
| 2878 | closing the oldest one." message.
|
---|
| 2879 |
|
---|
| 2880 | A previously working version of libcurl started to crash after it was
|
---|
| 2881 | recompiled with the HTTP/2 support despite the HTTP/2 protocol was not
|
---|
| 2882 | actually used. This commit makes it work again although I suspect the
|
---|
| 2883 | root cause (reinterpreting session handle data of incompatible protocol)
|
---|
| 2884 | still has to be fixed. Otherwise the same will happen when mixing FTP
|
---|
| 2885 | and HTTP/2 connections and exceeding the connection cache limit.
|
---|
| 2886 |
|
---|
| 2887 | Reported-by: Tomas Tomecek
|
---|
| 2888 | Bug: https://bugzilla.redhat.com/1248389
|
---|
| 2889 |
|
---|
| 2890 | Daniel Stenberg (30 Jul 2015)
|
---|
| 2891 | - [Viktor Szakats brought this change]
|
---|
| 2892 |
|
---|
| 2893 | ABI doc: use secure URL
|
---|
| 2894 |
|
---|
| 2895 | - ABI: remove the ascii logo
|
---|
| 2896 |
|
---|
| 2897 | and made the indent level to 1
|
---|
| 2898 |
|
---|
| 2899 | - libcurl-multi.3: mention curl_multi_wait
|
---|
| 2900 |
|
---|
| 2901 | ... and some general rewordings to improve this docs.
|
---|
| 2902 |
|
---|
| 2903 | Reported-by: Tim Stack
|
---|
| 2904 |
|
---|
| 2905 | Closes #356
|
---|
| 2906 |
|
---|
| 2907 | Steve Holme (30 Jul 2015)
|
---|
| 2908 | - maketgz: Fixed some VC makefiles missing from the release tarball
|
---|
| 2909 |
|
---|
| 2910 | VC7, VC11, VC12 and VC14 makefiles were missing from the release
|
---|
| 2911 | tarball.
|
---|
| 2912 |
|
---|
| 2913 | - RELEASE-NOTES: Synced with 2d7e165761
|
---|
| 2914 |
|
---|
| 2915 | - build: Added VC14 project files to Makefile.am
|
---|
| 2916 |
|
---|
| 2917 | - build: Added VC14 project files
|
---|
| 2918 |
|
---|
| 2919 | Updates to Makefile.am for the generation of the project files in
|
---|
| 2920 | the tarball to follow.
|
---|
| 2921 |
|
---|
| 2922 | Jay Satiro (29 Jul 2015)
|
---|
| 2923 | - libcurl-thread.3: Clarify CURLOPT_NOSIGNAL takes long value 1L
|
---|
| 2924 |
|
---|
| 2925 | Steve Holme (28 Jul 2015)
|
---|
| 2926 | - generate.bat: Use lower-case for commands and reserved keywords
|
---|
| 2927 |
|
---|
| 2928 | Whilst there are no coding standards for the batch files used in curl,
|
---|
| 2929 | most tend to use lower-case for keywords and upper-case for variables.
|
---|
| 2930 |
|
---|
| 2931 | - build: Added initial VC14 support to generate.bat
|
---|
| 2932 |
|
---|
| 2933 | Visual Studio project files and updates to makefile.am to follow.
|
---|
| 2934 |
|
---|
| 2935 | - build: Fixed missing .opensdf files from VC10+ .gitignore files
|
---|
| 2936 |
|
---|
| 2937 | - build: Use $(ProjectName) macro for curl.exe and curld.exe filenames
|
---|
| 2938 |
|
---|
| 2939 | This wasn't possible with the old curlsrc project filenames, but like
|
---|
| 2940 | commit 2a615a2b64 and 11397eb6dd for libcurl use the built in Visual
|
---|
| 2941 | Studio macros for the output filenames.
|
---|
| 2942 |
|
---|
| 2943 | - build: Renamed curl src Visual Studio project files
|
---|
| 2944 |
|
---|
| 2945 | Following commit 957fcd9049 and in preparation for adding the VC14
|
---|
| 2946 | project files renamed the curl source project files.
|
---|
| 2947 |
|
---|
| 2948 | Daniel Stenberg (28 Jul 2015)
|
---|
| 2949 | - [Jay Satiro brought this change]
|
---|
| 2950 |
|
---|
| 2951 | libcurl-thread.3: Revert to stricter handle wording
|
---|
| 2952 |
|
---|
| 2953 | .. also update formatting and add WinSSL and wolfSSL to the SSL/TLS
|
---|
| 2954 | handlers list.
|
---|
| 2955 |
|
---|
| 2956 | - [Jay Satiro brought this change]
|
---|
| 2957 |
|
---|
| 2958 | libcurl-thread.3: Consolidate thread safety info
|
---|
| 2959 |
|
---|
| 2960 | This is a new document to consolidate our thread safety information from
|
---|
| 2961 | several documents (curl-www:features, libcurl.3, libcurl-tutorial.3).
|
---|
| 2962 | Each document's section on multi-threading will now point to this one.
|
---|
| 2963 |
|
---|
| 2964 | Steve Holme (27 Jul 2015)
|
---|
| 2965 | - README: Corrected formatting for 'Legacy Windows and SSL' section
|
---|
| 2966 |
|
---|
| 2967 | ...as well as some wording.
|
---|
| 2968 |
|
---|
| 2969 | - build-openssl.bat: Added support for VC14
|
---|
| 2970 |
|
---|
| 2971 | Daniel Stenberg (26 Jul 2015)
|
---|
| 2972 | - RELEASE-NOTES: synced with 0f645adc95390e8
|
---|
| 2973 |
|
---|
| 2974 | - test1902: attempt to make the test more reliable
|
---|
| 2975 |
|
---|
| 2976 | Closes #355
|
---|
| 2977 |
|
---|
| 2978 | - comment: fix comment about adding new option support
|
---|
| 2979 |
|
---|
| 2980 | Jay Satiro (25 Jul 2015)
|
---|
| 2981 | - build-openssl.bat: Show syntax if required args are missing
|
---|
| 2982 |
|
---|
| 2983 | Daniel Stenberg (26 Jul 2015)
|
---|
| 2984 | - TODO: improve how curl works in a windows console window
|
---|
| 2985 |
|
---|
| 2986 | Closes #322 for now
|
---|
| 2987 |
|
---|
| 2988 | - 1.11 minimize dependencies with dynamicly loaded modules
|
---|
| 2989 |
|
---|
| 2990 | Closes #349 for now
|
---|
| 2991 |
|
---|
| 2992 | Jay Satiro (25 Jul 2015)
|
---|
| 2993 | - tool_operate: Fix CURLOPT_SSL_OPTIONS for builds without HTTPS
|
---|
| 2994 |
|
---|
| 2995 | - Set CURLOPT_SSL_OPTIONS only if the tool enabled an SSL option.
|
---|
| 2996 |
|
---|
| 2997 | Broken by me several days ago in 172b2be.
|
---|
| 2998 | https://github.com/bagder/curl/commit/172b2be#diff-70b44ee478e58d4e1ddcf9c9a73d257b
|
---|
| 2999 |
|
---|
| 3000 | Bug: http://curl.haxx.se/mail/lib-2015-07/0119.html
|
---|
| 3001 | Reported-by: Dan Fandrich
|
---|
| 3002 |
|
---|
| 3003 | Daniel Stenberg (25 Jul 2015)
|
---|
| 3004 | - configure: check if OpenSSL linking wants -ldl
|
---|
| 3005 |
|
---|
| 3006 | To make it easier to link with static versions of OpenSSL, the configure
|
---|
| 3007 | script now checks if -ldl is needed for linking.
|
---|
| 3008 |
|
---|
| 3009 | Help-by: TJ Saunders
|
---|
| 3010 |
|
---|
| 3011 | - [Michael Kaufmann brought this change]
|
---|
| 3012 |
|
---|
| 3013 | HTTP: ignore "Content-Encoding: compress"
|
---|
| 3014 |
|
---|
| 3015 | Currently, libcurl rejects responses with "Content-Encoding: compress"
|
---|
| 3016 | when CURLOPT_ACCEPT_ENCODING is set to "". I think that libcurl should
|
---|
| 3017 | treat the Content-Encoding "compress" the same as other
|
---|
| 3018 | Content-Encodings that it does not support, e.g. "bzip2". That means
|
---|
| 3019 | just ignoring it.
|
---|
| 3020 |
|
---|
| 3021 | - [Marcel Raad brought this change]
|
---|
| 3022 |
|
---|
| 3023 | openssl: work around MSVC warning
|
---|
| 3024 |
|
---|
| 3025 | MSVC 12 complains:
|
---|
| 3026 |
|
---|
| 3027 | lib\vtls\openssl.c(1554): warning C4701: potentially uninitialized local
|
---|
| 3028 | variable 'verstr' used It's a false positive, but as it's normally not,
|
---|
| 3029 | I have enabled warning-as-error for that warning.
|
---|
| 3030 |
|
---|
| 3031 | - [MichaÅ Fita brought this change]
|
---|
| 3032 |
|
---|
| 3033 | configure: add --disable-rt option
|
---|
| 3034 |
|
---|
| 3035 | This option disables any attempts in configure to create dependency on
|
---|
| 3036 | stuff requiring linking to librt.so and libpthread.so, in this case this
|
---|
| 3037 | means clock_gettime(CLOCK_MONOTONIC, &mt).
|
---|
| 3038 |
|
---|
| 3039 | We were in need to build curl which doesn't link libpthread.so to avoid
|
---|
| 3040 | the following bug:
|
---|
| 3041 | https://sourceware.org/bugzilla/show_bug.cgi?id=16628.
|
---|
| 3042 |
|
---|
| 3043 | Kamil Dudka (23 Jul 2015)
|
---|
| 3044 | - http2: verify success of strchr() in http2_send()
|
---|
| 3045 |
|
---|
| 3046 | Detected by Coverity.
|
---|
| 3047 |
|
---|
| 3048 | Error: NULL_RETURNS:
|
---|
| 3049 | lib/http2.c:1301: returned_null: "strchr" returns null (checked 103 out of 109 times).
|
---|
| 3050 | lib/http2.c:1301: var_assigned: Assigning: "hdbuf" = null return value from "strchr".
|
---|
| 3051 | lib/http2.c:1302: dereference: Incrementing a pointer which might be null: "hdbuf".
|
---|
| 3052 | 1300|
|
---|
| 3053 | 1301| hdbuf = strchr(hdbuf, 0x0a);
|
---|
| 3054 | 1302|-> ++hdbuf;
|
---|
| 3055 | 1303|
|
---|
| 3056 | 1304| authority_idx = 0;
|
---|
| 3057 |
|
---|
| 3058 | Jay Satiro (22 Jul 2015)
|
---|
| 3059 | - Windows: Fix VerifyVersionInfo calls
|
---|
| 3060 |
|
---|
| 3061 | - Fix the VerifyVersionInfo calls, which we use to test for the OS major
|
---|
| 3062 | version, to also test for the minor version as well as the service pack
|
---|
| 3063 | major and minor versions.
|
---|
| 3064 |
|
---|
| 3065 | MSDN: "If you are testing the major version, you must also test the
|
---|
| 3066 | minor version and the service pack major and minor versions."
|
---|
| 3067 |
|
---|
| 3068 | https://msdn.microsoft.com/en-us/library/windows/desktop/ms725492.aspx
|
---|
| 3069 |
|
---|
| 3070 | Bug: https://github.com/bagder/curl/pull/353#issuecomment-123493098
|
---|
| 3071 | Reported-by: Marcel Raad <MarcelRaad@users.noreply.github.com>
|
---|
| 3072 |
|
---|
| 3073 | - [Marcel Raad brought this change]
|
---|
| 3074 |
|
---|
| 3075 | schannel: Replace deprecated GetVersion with VerifyVersionInfo
|
---|
| 3076 |
|
---|
| 3077 | Steve Holme (21 Jul 2015)
|
---|
| 3078 | - makefile: Added support for VC14
|
---|
| 3079 |
|
---|
| 3080 | Patrick Monnerat (21 Jul 2015)
|
---|
| 3081 | - os400: ebcdic wrappers for new functions. Upgrade ILE/RPG bindings.
|
---|
| 3082 |
|
---|
| 3083 | - libcurl: VERSIONINFO update
|
---|
| 3084 | Addition of new procedures curl_pushheader_bynum and curl_pushheader_byname
|
---|
| 3085 | requires VERSIONINFO updating.
|
---|
| 3086 |
|
---|
| 3087 | - http2: satisfy external references even if http2 is not compiled in.
|
---|
| 3088 |
|
---|
| 3089 | Daniel Stenberg (20 Jul 2015)
|
---|
| 3090 | - http2: add stream != NULL checks for reliability
|
---|
| 3091 |
|
---|
| 3092 | They should not trigger, but in case of internal problems we at least
|
---|
| 3093 | avoid crashes this way.
|
---|
| 3094 |
|
---|
| 3095 | Jay Satiro (18 Jul 2015)
|
---|
| 3096 | - symbols-in-versions: Add new CURLSSLOPT_NO_REVOKE symbol
|
---|
| 3097 |
|
---|
| 3098 | - SSL: Add an option to disable certificate revocation checks
|
---|
| 3099 |
|
---|
| 3100 | New tool option --ssl-no-revoke.
|
---|
| 3101 | New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS.
|
---|
| 3102 |
|
---|
| 3103 | Currently this option applies only to WinSSL where we have automatic
|
---|
| 3104 | certificate revocation checking by default. According to the
|
---|
| 3105 | ssl-compared chart there are other backends that have automatic checking
|
---|
| 3106 | (NSS, wolfSSL and DarwinSSL) so we could possibly accommodate them at
|
---|
| 3107 | some later point.
|
---|
| 3108 |
|
---|
| 3109 | Bug: https://github.com/bagder/curl/issues/264
|
---|
| 3110 | Reported-by: zenden2k <zenden2k@gmail.com>
|
---|
| 3111 |
|
---|
| 3112 | - runtests: Allow for spaces in curl custom path
|
---|
| 3113 |
|
---|
| 3114 | .. also fix some typos in test's FILEFORMAT spec.
|
---|
| 3115 |
|
---|
| 3116 | - [David Woodhouse brought this change]
|
---|
| 3117 |
|
---|
| 3118 | ntlm_wb: Fix theoretical memory leak
|
---|
| 3119 |
|
---|
| 3120 | Static analysis indicated that my commit 9008f3d564 ("ntlm_wb: Fix
|
---|
| 3121 | hard-coded limit on NTLM auth packet size") introduced a potential
|
---|
| 3122 | memory leak on an error path, because we forget to free the buffer
|
---|
| 3123 | before returning an error.
|
---|
| 3124 |
|
---|
| 3125 | Fix this.
|
---|
| 3126 |
|
---|
| 3127 | Although actually, it never happens in practice because we never *get*
|
---|
| 3128 | here with state == NTLMSTATE_TYPE1. The state is always zero. That
|
---|
| 3129 | might want cleaning up in a separate patch.
|
---|
| 3130 |
|
---|
| 3131 | Reported-by: Terri Oda
|
---|
| 3132 |
|
---|
| 3133 | - strerror: Add CRYPT_E_REVOKED to SSPI error strings
|
---|
| 3134 |
|
---|
| 3135 | Kamil Dudka (14 Jul 2015)
|
---|
| 3136 | - libtest: call PR_Cleanup() on exit if NSPR is used
|
---|
| 3137 |
|
---|
| 3138 | This prevents valgrind from reporting possibly lost memory that NSPR
|
---|
| 3139 | uses for file descriptor cache and other globally allocated internal
|
---|
| 3140 | data structures.
|
---|
| 3141 |
|
---|
| 3142 | Reported-by: Å tefan KremeÅ
|
---|
| 3143 |
|
---|
| 3144 | Jay Satiro (14 Jul 2015)
|
---|
| 3145 | - [John Malmberg brought this change]
|
---|
| 3146 |
|
---|
| 3147 | openssl: VMS support for SHA256
|
---|
| 3148 |
|
---|
| 3149 | setup-vms.h: More symbols for SHA256, hacks for older VAX
|
---|
| 3150 |
|
---|
| 3151 | openssl.h: Use OpenSSL OPENSSL_NO_SHA256 macro to allow building on VAX.
|
---|
| 3152 |
|
---|
| 3153 | openssl.c: Use OpenSSL version checks and OPENSSL_NO_SHA256 macro to
|
---|
| 3154 | allow building on VAX and 64 bit VMS.
|
---|
| 3155 |
|
---|
| 3156 | - examples: Fix typo in multi-single.c
|
---|
| 3157 |
|
---|
| 3158 | Daniel Stenberg (7 Jul 2015)
|
---|
| 3159 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 3160 |
|
---|
| 3161 | http2: Fix memory leak in push header array
|
---|
| 3162 |
|
---|
| 3163 | Dan Fandrich (2 Jul 2015)
|
---|
| 3164 | - test2041: fixed line endings in protocol part
|
---|
| 3165 |
|
---|
| 3166 | - cyassl: fixed mismatched sha256sum function prototype
|
---|
| 3167 |
|
---|
| 3168 | Daniel Stenberg (1 Jul 2015)
|
---|
| 3169 | - [moparisthebest brought this change]
|
---|
| 3170 |
|
---|
| 3171 | SSL: Pinned public key hash support
|
---|
| 3172 |
|
---|
| 3173 | - examples: provide <DESC> sections
|
---|
| 3174 |
|
---|
| 3175 | - [John Malmberg brought this change]
|
---|
| 3176 |
|
---|
| 3177 | OpenVMS: VMS Software, Inc now the supplier.
|
---|
| 3178 |
|
---|
| 3179 | setup-vms.h: Symbol case fixups submitted by Michael Steve
|
---|
| 3180 |
|
---|
| 3181 | build_gnv_curl_pcsi_desc.com: VSI aka as VMS Software, is now the
|
---|
| 3182 | supplier of new versions of VMS. The install kit needs to accept
|
---|
| 3183 | VSI as a producer.
|
---|
| 3184 |
|
---|
| 3185 | Jay Satiro (30 Jun 2015)
|
---|
| 3186 | - multi: Move http2 push function declarations to header end
|
---|
| 3187 |
|
---|
| 3188 | This change necessary for binary compatibility.
|
---|
| 3189 |
|
---|
| 3190 | Prior to this change test 1135 failed due to the order of functions.
|
---|
| 3191 |
|
---|
| 3192 | - symbols-in-versions: Add new http2 push symbols
|
---|
| 3193 |
|
---|
| 3194 | Prior to this change test 1119 failed due to the missing symbols.
|
---|
| 3195 |
|
---|
| 3196 | Daniel Stenberg (30 Jun 2015)
|
---|
| 3197 | - RELEASE-NOTES: synced with e6749055d653
|
---|
| 3198 |
|
---|
| 3199 | - configure: disable libidn by default
|
---|
| 3200 |
|
---|
| 3201 | For security reasons, until there is a fix.
|
---|
| 3202 |
|
---|
| 3203 | Bug: http://curl.haxx.se/mail/lib-2015-06/0143.html
|
---|
| 3204 | Reported-by: Gustavo Grieco, Feist Josselin
|
---|
| 3205 |
|
---|
| 3206 | - SSL-PROBLEMS: mention WinSSL problems in WinXP
|
---|
| 3207 |
|
---|
| 3208 | - CODE_OF_CONDUCT.md: added
|
---|
| 3209 |
|
---|
| 3210 | Just to underscore how we treat each other in this project. Nothing new
|
---|
| 3211 | really, but could be useful for newcomers and outsiders to see our
|
---|
| 3212 | values.
|
---|
| 3213 |
|
---|
| 3214 | - tool_header_cb: fflush the header stream
|
---|
| 3215 |
|
---|
| 3216 | Flush the header stream when -D is used so that they are sent off
|
---|
| 3217 | earlier.
|
---|
| 3218 |
|
---|
| 3219 | Bug: https://github.com/bagder/curl/issues/324
|
---|
| 3220 | Reported-by: Cédric Connes
|
---|
| 3221 |
|
---|
| 3222 | - [Roger Leigh brought this change]
|
---|
| 3223 |
|
---|
| 3224 | tests: Distribute CMakeLists.txt files in subdirectories
|
---|
| 3225 |
|
---|
| 3226 | - CURLOPT_FAILONERROR.3: mention that it closes the connection
|
---|
| 3227 |
|
---|
| 3228 | Reported-by: bemoody
|
---|
| 3229 | Bug: https://github.com/bagder/curl/issues/325
|
---|
| 3230 |
|
---|
| 3231 | - curl_multi_setopt.3: alpha sort the options
|
---|
| 3232 |
|
---|
| 3233 | - curl_multi_setopt.3: add the new push options
|
---|
| 3234 |
|
---|
| 3235 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 3236 |
|
---|
| 3237 | http2: Use nghttp2 library error code for error return value
|
---|
| 3238 |
|
---|
| 3239 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 3240 |
|
---|
| 3241 | http2: Harden header validation for curl_pushheader_byname
|
---|
| 3242 |
|
---|
| 3243 | Since we do prefix match using given header by application code
|
---|
| 3244 | against header name pair in format "NAME:VALUE", and VALUE part can
|
---|
| 3245 | contain ":", we have to careful about existence of ":" in header
|
---|
| 3246 | parameter. ":" should be allowed to match HTTP/2 pseudo-header field,
|
---|
| 3247 | and other use of ":" in header must be treated as error, and
|
---|
| 3248 | curl_pushheader_byname should return NULL. This commit implements
|
---|
| 3249 | this behaviour.
|
---|
| 3250 |
|
---|
| 3251 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 3252 |
|
---|
| 3253 | CURLMOPT_PUSHFUNCTION.3: Remove unused variable
|
---|
| 3254 |
|
---|
| 3255 | - CURLMOPT_PUSHFUNCTION.3: added example
|
---|
| 3256 |
|
---|
| 3257 | - http2: curl_pushheader_byname now takes a const char *
|
---|
| 3258 |
|
---|
| 3259 | - http2-serverpush.c: example code
|
---|
| 3260 |
|
---|
| 3261 | - http2: free all header memory after the push callback
|
---|
| 3262 |
|
---|
| 3263 | - http2: init the pushed transfer properly
|
---|
| 3264 |
|
---|
| 3265 | - http2: fixed the header accessor functions for the push callback
|
---|
| 3266 |
|
---|
| 3267 | - http2: setup the new pushed stream properly
|
---|
| 3268 |
|
---|
| 3269 | - http2: initial implementation of the push callback
|
---|
| 3270 |
|
---|
| 3271 | - http2: initial HTTP/2 server push types/docs
|
---|
| 3272 |
|
---|
| 3273 | - test1531: verify POSTFIELDSIZE set after add_handle
|
---|
| 3274 |
|
---|
| 3275 | Following the fix made in 903b6e05565bf.
|
---|
| 3276 |
|
---|
| 3277 | - pretransfer: init state.infilesize here, not in add_handle
|
---|
| 3278 |
|
---|
| 3279 | ... to properly support that options are set to the handle after it is
|
---|
| 3280 | added to the multi handle.
|
---|
| 3281 |
|
---|
| 3282 | Bug: http://curl.haxx.se/mail/lib-2015-06/0122.html
|
---|
| 3283 | Reported-by: Stefan Bühler
|
---|
| 3284 |
|
---|
| 3285 | Jay Satiro (21 Jun 2015)
|
---|
| 3286 | - [Lior Kaplan brought this change]
|
---|
| 3287 |
|
---|
| 3288 | tool_help: fix --tlsv1 help text to use >= for TLSv1
|
---|
| 3289 |
|
---|
| 3290 | - INSTALL: Advise use of non-native SSL for Windows <= XP
|
---|
| 3291 |
|
---|
| 3292 | Advise that WinSSL in versions <= XP will not be able to connect to
|
---|
| 3293 | servers that no longer support the legacy handshakes and algorithms used
|
---|
| 3294 | by those versions, and to use an alternate backend like OpenSSL instead.
|
---|
| 3295 |
|
---|
| 3296 | Bug: https://github.com/bagder/curl/issues/253
|
---|
| 3297 | Reported-by: zenden2k <zenden2k@gmail.com>
|
---|
| 3298 |
|
---|
| 3299 | Kamil Dudka (19 Jun 2015)
|
---|
| 3300 | - curl_easy_setopt.3: restore contents removed by mistake
|
---|
| 3301 |
|
---|
| 3302 | ... in commit curl-7_43_0-18-g570076e
|
---|
| 3303 |
|
---|
| 3304 | Daniel Stenberg (19 Jun 2015)
|
---|
| 3305 | - curl_easy_setopt.3: mention CURLOPT_PIPEWAIT
|
---|
| 3306 |
|
---|
| 3307 | Jay Satiro (18 Jun 2015)
|
---|
| 3308 | - cookie: Fix bug in export if any-domain cookie is present
|
---|
| 3309 |
|
---|
| 3310 | In 3013bb6 I had changed cookie export to ignore any-domain cookies,
|
---|
| 3311 | however the logic I used to do so was incorrect, and would lead to a
|
---|
| 3312 | busy loop in the case of exporting a cookie list that contained
|
---|
| 3313 | any-domain cookies. The result of that is worse though, because in that
|
---|
| 3314 | case the other cookies would not be written resulting in an empty file
|
---|
| 3315 | once the application is terminated to stop the busy loop.
|
---|
| 3316 |
|
---|
| 3317 | Dan Fandrich (18 Jun 2015)
|
---|
| 3318 | - FTP: fixed compiling with --disable-proxy, broken in b88f980a
|
---|
| 3319 |
|
---|
| 3320 | Daniel Stenberg (18 Jun 2015)
|
---|
| 3321 | - tool: always provide negotiate/kerberos options
|
---|
| 3322 |
|
---|
| 3323 | libcurl can still be built with it, even if the tool is not. Maintain
|
---|
| 3324 | independence!
|
---|
| 3325 |
|
---|
| 3326 | - TODO: Support IDNA2008
|
---|
| 3327 |
|
---|
| 3328 | - [Viktor Szakats brought this change]
|
---|
| 3329 |
|
---|
| 3330 | Makefile.m32: add support for CURL_LDFLAG_EXTRAS
|
---|
| 3331 |
|
---|
| 3332 | It is similar to existing CURL_CFLAG_EXTRAS, but for
|
---|
| 3333 | extra linker option.
|
---|
| 3334 |
|
---|
| 3335 | - RTSP: removed another piece of dead code
|
---|
| 3336 |
|
---|
| 3337 | Coverity CID 1306668
|
---|
| 3338 |
|
---|
| 3339 | - openssl: fix use of uninitialized buffer
|
---|
| 3340 |
|
---|
| 3341 | Make sure that the error buffer is always initialized and simplify the
|
---|
| 3342 | use of it to make the logic easier.
|
---|
| 3343 |
|
---|
| 3344 | Bug: https://github.com/bagder/curl/issues/318
|
---|
| 3345 | Reported-by: sneis
|
---|
| 3346 |
|
---|
| 3347 | - examples: more descriptions
|
---|
| 3348 |
|
---|
| 3349 | - examples: add descriptions with <DESC>
|
---|
| 3350 |
|
---|
| 3351 | Using this fixed format for example descriptions, we can generate a
|
---|
| 3352 | better list on the web site.
|
---|
| 3353 |
|
---|
| 3354 | - libcurl-errors.3: fix typo
|
---|
| 3355 |
|
---|
| 3356 | - curl_easy_setopt.3: option order doesn't matter
|
---|
| 3357 |
|
---|
| 3358 | - openssl: fix build with BoringSSL
|
---|
| 3359 |
|
---|
| 3360 | OPENSSL_load_builtin_modules does not exist in BoringSSL. Regression
|
---|
| 3361 | from cae43a1
|
---|
| 3362 |
|
---|
| 3363 | - [Paul Howarth brought this change]
|
---|
| 3364 |
|
---|
| 3365 | openssl: Fix build with openssl < ~ 0.9.8f
|
---|
| 3366 |
|
---|
| 3367 | The symbol SSL3_MT_NEWSESSION_TICKET appears to have been introduced at
|
---|
| 3368 | around openssl 0.9.8f, and the use of it in lib/vtls/openssl.c breaks
|
---|
| 3369 | builds with older openssls (certainly with 0.9.8b, which is the latest
|
---|
| 3370 | older version I have to try with).
|
---|
| 3371 |
|
---|
| 3372 | - FTP: do the HTTP CONNECT for data connection blocking
|
---|
| 3373 |
|
---|
| 3374 | ** WORK-AROUND **
|
---|
| 3375 |
|
---|
| 3376 | The introduced non-blocking general behaviour for Curl_proxyCONNECT()
|
---|
| 3377 | didn't work for the data connection establishment unless it was very
|
---|
| 3378 | fast. The newly introduced function argument makes it operate in a more
|
---|
| 3379 | blocking manner, more like it used to work in the past. This blocking
|
---|
| 3380 | approach is only used when the FTP data connecting through HTTP proxy.
|
---|
| 3381 |
|
---|
| 3382 | Blocking like this is bad. A better fix would make it work more
|
---|
| 3383 | asynchronously.
|
---|
| 3384 |
|
---|
| 3385 | Bug: https://github.com/bagder/curl/issues/278
|
---|
| 3386 |
|
---|
| 3387 | - bump: start the journey toward 7.44.0
|
---|
| 3388 |
|
---|
| 3389 | Jay Satiro (17 Jun 2015)
|
---|
| 3390 | - CURLOPT_ERRORBUFFER.3: Fix example, escape backslashes
|
---|
| 3391 |
|
---|
| 3392 | - CURLOPT_ERRORBUFFER.3: Improve example
|
---|
| 3393 |
|
---|
| 3394 | Version 7.43.0 (17 Jun 2015)
|
---|
| 3395 |
|
---|
| 3396 | Daniel Stenberg (17 Jun 2015)
|
---|
| 3397 | - RELEASE-NOTES: 7.43.0 release
|
---|
| 3398 |
|
---|
| 3399 | - THANKS: updated with 7.43.0 names
|
---|
| 3400 |
|
---|
| 3401 | - [Kamil Dudka brought this change]
|
---|
| 3402 |
|
---|
| 3403 | http: do not leak basic auth credentials on re-used connections
|
---|
| 3404 |
|
---|
| 3405 | CVE-2015-3236
|
---|
| 3406 |
|
---|
| 3407 | This partially reverts commit curl-7_39_0-237-g87c4abb
|
---|
| 3408 |
|
---|
| 3409 | Reported-by: Tomas Tomecek, Kamil Dudka
|
---|
| 3410 | Bug: http://curl.haxx.se/docs/adv_20150617A.html
|
---|
| 3411 |
|
---|
| 3412 | - [Kamil Dudka brought this change]
|
---|
| 3413 |
|
---|
| 3414 | test2040: verify basic auth on re-used connections
|
---|
| 3415 |
|
---|
| 3416 | - SMB: rangecheck values read off incoming packet
|
---|
| 3417 |
|
---|
| 3418 | CVE-2015-3237
|
---|
| 3419 |
|
---|
| 3420 | Detected by Coverity. CID 1299430.
|
---|
| 3421 |
|
---|
| 3422 | Bug: http://curl.haxx.se/docs/adv_20150617B.html
|
---|
| 3423 |
|
---|
| 3424 | Jay Satiro (17 Jun 2015)
|
---|
| 3425 | - schannel: schannel_recv overhaul
|
---|
| 3426 |
|
---|
| 3427 | This commit is several drafts squashed together. The changes from each
|
---|
| 3428 | draft are noted below. If any changes are similar and possibly
|
---|
| 3429 | contradictory the change in the latest draft takes precedence.
|
---|
| 3430 |
|
---|
| 3431 | Bug: https://github.com/bagder/curl/issues/244
|
---|
| 3432 | Reported-by: Chris Araman
|
---|
| 3433 |
|
---|
| 3434 | %%
|
---|
| 3435 | %% Draft 1
|
---|
| 3436 | %%
|
---|
| 3437 | - return 0 if len == 0. that will have to be documented.
|
---|
| 3438 | - continue on and process the caches regardless of raw recv
|
---|
| 3439 | - if decrypted data will be returned then set the error code to CURLE_OK
|
---|
| 3440 | and return its count
|
---|
| 3441 | - if decrypted data will not be returned and the connection has closed
|
---|
| 3442 | (eg nread == 0) then return 0 and CURLE_OK
|
---|
| 3443 | - if decrypted data will not be returned and the connection *hasn't*
|
---|
| 3444 | closed then set the error code to CURLE_AGAIN --only if an error code
|
---|
| 3445 | isn't already set-- and return -1
|
---|
| 3446 | - narrow the Win2k workaround to only Win2k
|
---|
| 3447 |
|
---|
| 3448 | %%
|
---|
| 3449 | %% Draft 2
|
---|
| 3450 | %%
|
---|
| 3451 | - Trying out a change in flow to handle corner cases.
|
---|
| 3452 |
|
---|
| 3453 | %%
|
---|
| 3454 | %% Draft 3
|
---|
| 3455 | %%
|
---|
| 3456 | - Back out the lazier decryption change made in draft2.
|
---|
| 3457 |
|
---|
| 3458 | %%
|
---|
| 3459 | %% Draft 4
|
---|
| 3460 | %%
|
---|
| 3461 | - Some formatting and branching changes
|
---|
| 3462 | - Decrypt all encrypted cached data when len == 0
|
---|
| 3463 | - Save connection closed state
|
---|
| 3464 | - Change special Win2k check to use connection closed state
|
---|
| 3465 |
|
---|
| 3466 | %%
|
---|
| 3467 | %% Draft 5
|
---|
| 3468 | %%
|
---|
| 3469 | - Default to CURLE_AGAIN in cleanup if an error code wasn't set and the
|
---|
| 3470 | connection isn't closed.
|
---|
| 3471 |
|
---|
| 3472 | %%
|
---|
| 3473 | %% Draft 6
|
---|
| 3474 | %%
|
---|
| 3475 | - Save the last error only if it is an unrecoverable error.
|
---|
| 3476 |
|
---|
| 3477 | Prior to this I saved the last error state in all cases; unfortunately
|
---|
| 3478 | the logic to cover that in all cases would lead to some muddle and I'm
|
---|
| 3479 | concerned that could then lead to a bug in the future so I've replaced
|
---|
| 3480 | it by only recording an unrecoverable error and that state will persist.
|
---|
| 3481 |
|
---|
| 3482 | - Do not recurse on renegotiation.
|
---|
| 3483 |
|
---|
| 3484 | Instead we'll continue on to process any trailing encrypted data
|
---|
| 3485 | received during the renegotiation only.
|
---|
| 3486 |
|
---|
| 3487 | - Move the err checks in cleanup after the check for decrypted data.
|
---|
| 3488 |
|
---|
| 3489 | In either case decrypted data is always returned but I think it's easier
|
---|
| 3490 | to understand when those err checks come after the decrypted data check.
|
---|
| 3491 |
|
---|
| 3492 | %%
|
---|
| 3493 | %% Draft 7
|
---|
| 3494 | %%
|
---|
| 3495 | - Regardless of len value go directly to cleanup if there is an
|
---|
| 3496 | unrecoverable error or a close_notify was already received. Prior to
|
---|
| 3497 | this change we only acknowledged those two states if len != 0.
|
---|
| 3498 |
|
---|
| 3499 | - Fix a bug in connection closed behavior: Set the error state in the
|
---|
| 3500 | cleanup, because we don't know for sure it's an error until that time.
|
---|
| 3501 |
|
---|
| 3502 | - (Related to above) In the case the connection is closed go "greedy"
|
---|
| 3503 | with the decryption to make sure all remaining encrypted data has been
|
---|
| 3504 | decrypted even if it is not needed at that time by the caller. This is
|
---|
| 3505 | necessary because we can only tell if the connection closed gracefully
|
---|
| 3506 | (close_notify) once all encrypted data has been decrypted.
|
---|
| 3507 |
|
---|
| 3508 | - Do not renegotiate when an unrecoverable error is pending.
|
---|
| 3509 |
|
---|
| 3510 | %%
|
---|
| 3511 | %% Draft 8
|
---|
| 3512 | %%
|
---|
| 3513 | - Don't show 'server closed the connection' info message twice.
|
---|
| 3514 |
|
---|
| 3515 | - Show an info message if server closed abruptly (missing close_notify).
|
---|
| 3516 |
|
---|
| 3517 | Daniel Stenberg (16 Jun 2015)
|
---|
| 3518 | - [Paul Oliver brought this change]
|
---|
| 3519 |
|
---|
| 3520 | Fix typo in docs
|
---|
| 3521 |
|
---|
| 3522 | s/curret/current/
|
---|
| 3523 |
|
---|
| 3524 | - [Viktor Szakats brought this change]
|
---|
| 3525 |
|
---|
| 3526 | docs: update URLs
|
---|
| 3527 |
|
---|
| 3528 | - RELEASE-NOTES: synced with f29f2cbd00dbe5f
|
---|
| 3529 |
|
---|
| 3530 | - [Viktor Szakats brought this change]
|
---|
| 3531 |
|
---|
| 3532 | README: use secure protocol for Git repository
|
---|
| 3533 |
|
---|
| 3534 | - [Viktor Szakats brought this change]
|
---|
| 3535 |
|
---|
| 3536 | HTTP2.md: use SSL/TLS IETF URLs
|
---|
| 3537 |
|
---|
| 3538 | - [Viktor Szakats brought this change]
|
---|
| 3539 |
|
---|
| 3540 | LICENSE-MIXING: update URLs
|
---|
| 3541 |
|
---|
| 3542 | * use SSL/TLS where available
|
---|
| 3543 | * follow permanent redirects
|
---|
| 3544 |
|
---|
| 3545 | - LICENSE-MIXING: refreshed
|
---|
| 3546 |
|
---|
| 3547 | - curl_easy_duphandle: see also *reset
|
---|
| 3548 |
|
---|
| 3549 | - rtsp_do: fix DEAD CODE
|
---|
| 3550 |
|
---|
| 3551 | "At condition p_request, the value of p_request cannot be NULL."
|
---|
| 3552 |
|
---|
| 3553 | Coverity CID 1306668.
|
---|
| 3554 |
|
---|
| 3555 | - security:choose_mech fix DEAD CODE warning
|
---|
| 3556 |
|
---|
| 3557 | ... by removing the "do {} while (0)" block.
|
---|
| 3558 |
|
---|
| 3559 | Coverity CID 1306669
|
---|
| 3560 |
|
---|
| 3561 | - curl.1: netrc is in man section 5
|
---|
| 3562 |
|
---|
| 3563 | - curl.1: small format fix
|
---|
| 3564 |
|
---|
| 3565 | use \fI-style instead of .BR for references
|
---|
| 3566 |
|
---|
| 3567 | - urldata: store POST size in state.infilesize too
|
---|
| 3568 |
|
---|
| 3569 | ... to simplify checking when PUT _or_ POST have completed.
|
---|
| 3570 |
|
---|
| 3571 | Reported-by: Frank Meier
|
---|
| 3572 | Bug: http://curl.haxx.se/mail/lib-2015-06/0019.html
|
---|
| 3573 |
|
---|
| 3574 | Dan Fandrich (14 Jun 2015)
|
---|
| 3575 | - test1530: added http to required features
|
---|
| 3576 |
|
---|
| 3577 | Jay Satiro (14 Jun 2015)
|
---|
| 3578 | - [Drake Arconis brought this change]
|
---|
| 3579 |
|
---|
| 3580 | build: Fix typo from OpenSSL 1.0.2 version detection fix
|
---|
| 3581 |
|
---|
| 3582 | - [Drake Arconis brought this change]
|
---|
| 3583 |
|
---|
| 3584 | build: Properly detect OpenSSL 1.0.2 when using configure
|
---|
| 3585 |
|
---|
| 3586 | - curl_multi_info_read.3: fix example formatting
|
---|
| 3587 |
|
---|
| 3588 | Daniel Stenberg (13 Jun 2015)
|
---|
| 3589 | - BINDINGS: there's a new R binding in town!
|
---|
| 3590 |
|
---|
| 3591 | - BINDINGS: added the Xojo binding
|
---|
| 3592 |
|
---|
| 3593 | Jay Satiro (11 Jun 2015)
|
---|
| 3594 | - [Joel Depooter brought this change]
|
---|
| 3595 |
|
---|
| 3596 | schannel: Add support for optional client certificates
|
---|
| 3597 |
|
---|
| 3598 | Some servers will request a client certificate, but not require one.
|
---|
| 3599 | This change allows libcurl to connect to such servers when using
|
---|
| 3600 | schannel as its ssl/tls backend. When a server requests a client
|
---|
| 3601 | certificate, libcurl will now continue the handshake without one,
|
---|
| 3602 | rather than terminating the handshake. The server can then decide
|
---|
| 3603 | if that is acceptable or not. Prior to this change, libcurl would
|
---|
| 3604 | terminate the handshake, reporting a SEC_I_INCOMPLETE_CREDENTIALS
|
---|
| 3605 | error.
|
---|
| 3606 |
|
---|
| 3607 | Daniel Stenberg (11 Jun 2015)
|
---|
| 3608 | - curl_easy_cleanup.3: provide more SEE ALSO
|
---|
| 3609 |
|
---|
| 3610 | - debug: remove http2 debug leftovers
|
---|
| 3611 |
|
---|
| 3612 | - VERSIONS: now using markdown
|
---|
| 3613 |
|
---|
| 3614 | - RELEASE-PROCEDURE: remove ascii logo at the top of file
|
---|
| 3615 |
|
---|
| 3616 | - INTERNALS: absorbed docs/LIBCURL-STRUCTS
|
---|
| 3617 |
|
---|
| 3618 | - INTERNALS: cat lib/README* >> INTERNALS
|
---|
| 3619 |
|
---|
| 3620 | and a conversion to markdown. Removed the lib/README.* files. The idea
|
---|
| 3621 | being to move toward having INTERNALS as the one and only "book" of
|
---|
| 3622 | internals documentation.
|
---|
| 3623 |
|
---|
| 3624 | Added a TOC to top of the document.
|
---|
| 3625 |
|
---|
| 3626 | Jay Satiro (8 Jun 2015)
|
---|
| 3627 | - openssl: LibreSSL and BoringSSL do not use TLS_client_method
|
---|
| 3628 |
|
---|
| 3629 | Although OpenSSL 1.1.0+ deprecated SSLv23_client_method in favor of
|
---|
| 3630 | TLS_client_method LibreSSL and BoringSSL didn't and still use
|
---|
| 3631 | SSLv23_client_method.
|
---|
| 3632 |
|
---|
| 3633 | Bug: https://github.com/bagder/curl/commit/49a6642#commitcomment-11578009
|
---|
| 3634 | Reported-by: asavah@users.noreply.github.com
|
---|
| 3635 |
|
---|
| 3636 | Daniel Stenberg (9 Jun 2015)
|
---|
| 3637 | - RELEASE-NOTES: synced with 20ac3458068
|
---|
| 3638 |
|
---|
| 3639 | - CURLOPT_OPENSOCKETFUNCTION: return error at once
|
---|
| 3640 |
|
---|
| 3641 | When CURL_SOCKET_BAD is returned in the callback, it should be treated
|
---|
| 3642 | as an error (CURLE_COULDNT_CONNECT) if no other socket is subsequently
|
---|
| 3643 | created when trying to connect to a server.
|
---|
| 3644 |
|
---|
| 3645 | Bug: http://curl.haxx.se/mail/lib-2015-06/0047.html
|
---|
| 3646 |
|
---|
| 3647 | - fopen.c: fix a few compiler warnings
|
---|
| 3648 |
|
---|
| 3649 | - [Ville Skyttä brought this change]
|
---|
| 3650 |
|
---|
| 3651 | docs: Spelling fixes
|
---|
| 3652 |
|
---|
| 3653 | - [Ville Skyttä brought this change]
|
---|
| 3654 |
|
---|
| 3655 | docs: man page indentation and syntax fixes
|
---|
| 3656 |
|
---|
| 3657 | Linus Nielsen (8 Jun 2015)
|
---|
| 3658 | - help: Add --proxy-service-name and --service-name to the --help output
|
---|
| 3659 |
|
---|
| 3660 | Jay Satiro (7 Jun 2015)
|
---|
| 3661 | - openssl: Fix verification of server-sent legacy intermediates
|
---|
| 3662 |
|
---|
| 3663 | - Try building a chain using issuers in the trusted store first to avoid
|
---|
| 3664 | problems with server-sent legacy intermediates.
|
---|
| 3665 |
|
---|
| 3666 | Prior to this change server-sent legacy intermediates with missing
|
---|
| 3667 | legacy issuers would cause verification to fail even if the client's CA
|
---|
| 3668 | bundle contained a valid replacement for the intermediate and an
|
---|
| 3669 | alternate chain could be constructed that would verify successfully.
|
---|
| 3670 |
|
---|
| 3671 | https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest
|
---|
| 3672 |
|
---|
| 3673 | Daniel Stenberg (5 Jun 2015)
|
---|
| 3674 | - BINDINGS: update several URLs
|
---|
| 3675 |
|
---|
| 3676 | Stop linking to the curl.haxx.se anchor pages, they are usually only
|
---|
| 3677 | themselves pointers to the real page so better point there directly
|
---|
| 3678 | instead.
|
---|
| 3679 |
|
---|
| 3680 | - BINDINGS: the curl-rust binding
|
---|
| 3681 |
|
---|
| 3682 | - curl.h: add CURL_HTTP_VERSION_2
|
---|
| 3683 |
|
---|
| 3684 | The protocol is named "HTTP/2" after all. It is an alias for the
|
---|
| 3685 | existing CURL_HTTP_VERSION_2_0 enum.
|
---|
| 3686 |
|
---|
| 3687 | - openssl: removed error string #ifdef
|
---|
| 3688 |
|
---|
| 3689 | ERR_error_string_n() was introduced in 0.9.6, no need to #ifdef anymore
|
---|
| 3690 |
|
---|
| 3691 | - openssl: removed USERDATA_IN_PWD_CALLBACK kludge
|
---|
| 3692 |
|
---|
| 3693 | Code for OpenSSL 0.9.4 serves no purpose anymore!
|
---|
| 3694 |
|
---|
| 3695 | - openssl: remove SSL_get_session()-using code
|
---|
| 3696 |
|
---|
| 3697 | It was present for OpenSSL 0.9.5 code but we only support 0.9.7 or
|
---|
| 3698 | later.
|
---|
| 3699 |
|
---|
| 3700 | - openssl: remove dummy callback use from SSL_CTX_set_verify()
|
---|
| 3701 |
|
---|
| 3702 | The existing callback served no purpose.
|
---|
| 3703 |
|
---|
| 3704 | - LIBCURL-STRUCTS: clarify for multiplexing
|
---|
| 3705 |
|
---|
| 3706 | Jay Satiro (3 Jun 2015)
|
---|
| 3707 | - cookie: Stop exporting any-domain cookies
|
---|
| 3708 |
|
---|
| 3709 | Prior to this change any-domain cookies (cookies without a domain that
|
---|
| 3710 | are sent to any domain) were exported with domain name "unknown".
|
---|
| 3711 |
|
---|
| 3712 | Bug: https://github.com/bagder/curl/issues/292
|
---|
| 3713 |
|
---|
| 3714 | Daniel Stenberg (3 Jun 2015)
|
---|
| 3715 | - RELEASE-PROCEDURE: refreshed 'coming dates'
|
---|
| 3716 |
|
---|
| 3717 | Jay Satiro (2 Jun 2015)
|
---|
| 3718 | - curl_setup: Change fopen text macros to use 't' for MSDOS
|
---|
| 3719 |
|
---|
| 3720 | Bug: https://github.com/bagder/curl/pull/258#issuecomment-107915198
|
---|
| 3721 | Reported-by: Gisle Vanem
|
---|
| 3722 |
|
---|
| 3723 | Daniel Stenberg (2 Jun 2015)
|
---|
| 3724 | - curl_multi_timeout.3: added example
|
---|
| 3725 |
|
---|
| 3726 | - curl_multi_perform.3: added example
|
---|
| 3727 |
|
---|
| 3728 | - curl_multi_info_read.3: added example
|
---|
| 3729 |
|
---|
| 3730 | - checksrc: detect fopen() for text without the FOPEN_* macros
|
---|
| 3731 |
|
---|
| 3732 | Follow-up to e8423f9ce150 with discussionis in
|
---|
| 3733 | https://github.com/bagder/curl/pull/258
|
---|
| 3734 |
|
---|
| 3735 | This check scans for fopen() with a mode string without 'b' present, as
|
---|
| 3736 | it may indicate that an FOPEN_* define should rather be used.
|
---|
| 3737 |
|
---|
| 3738 | - curl_getdate.3: update RFC reference
|
---|
| 3739 |
|
---|
| 3740 | Jay Satiro (1 Jun 2015)
|
---|
| 3741 | - curl_setup: Add macros for FOPEN_READTEXT, FOPEN_WRITETEXT
|
---|
| 3742 |
|
---|
| 3743 | - Change fopen calls to use FOPEN_READTEXT instead of "r" or "rt"
|
---|
| 3744 | - Change fopen calls to use FOPEN_WRITETEXT instead of "w" or "wt"
|
---|
| 3745 |
|
---|
| 3746 | This change is to explicitly specify when we need to read/write text.
|
---|
| 3747 | Unfortunately 't' is not part of POSIX fopen so we can't specify it
|
---|
| 3748 | directly. Instead we now have FOPEN_READTEXT, FOPEN_WRITETEXT.
|
---|
| 3749 |
|
---|
| 3750 | Prior to this change we had an issue on Windows if an application that
|
---|
| 3751 | uses libcurl overrides the default file mode to binary. The default file
|
---|
| 3752 | mode in Windows is normally text mode (translation mode) and that's what
|
---|
| 3753 | libcurl expects.
|
---|
| 3754 |
|
---|
| 3755 | Bug: https://github.com/bagder/curl/pull/258#issuecomment-107093055
|
---|
| 3756 | Reported-by: Orgad Shaneh
|
---|
| 3757 |
|
---|
| 3758 | Daniel Stenberg (1 Jun 2015)
|
---|
| 3759 | - http2-upload.c: use PIPEWAIT for playing HTTP/2 better
|
---|
| 3760 |
|
---|
| 3761 | - http2-download: check for CURLPIPE_MULTIPLEX properly
|
---|
| 3762 |
|
---|
| 3763 | Bug: http://curl.haxx.se/mail/lib-2015-06/0001.html
|
---|
| 3764 | Reported-by: Rafayel Mkrtchyan
|
---|
| 3765 |
|
---|
| 3766 | - [Isaac Boukris brought this change]
|
---|
| 3767 |
|
---|
| 3768 | HTTP-NTLM: fail auth on connection close instead of looping
|
---|
| 3769 |
|
---|
| 3770 | Bug: https://github.com/bagder/curl/issues/256
|
---|
| 3771 |
|
---|
| 3772 | - 5.6 Refuse "downgrade" redirects
|
---|
| 3773 |
|
---|
| 3774 | - README.pingpong: removed
|
---|
| 3775 |
|
---|
| 3776 | - ROADMAP: remove HTTP/2 multiplexing - its here now
|
---|
| 3777 |
|
---|
| 3778 | - HTTP2.md: formatted properly
|
---|
| 3779 |
|
---|
| 3780 | - HTTP2: moved docs into docs/ and make it markdown
|
---|
| 3781 |
|
---|
| 3782 | - README.http2: refreshed and added multiplexing info
|
---|
| 3783 |
|
---|
| 3784 | - dist: add the http2 examples
|
---|
| 3785 |
|
---|
| 3786 | - http2 examples: clean up some comments
|
---|
| 3787 |
|
---|
| 3788 | - examples: added two programs doing multiplexed HTTP/2
|
---|
| 3789 |
|
---|
| 3790 | - scripts: moved contributors.sh and contrithanks.sh into subdir
|
---|
| 3791 |
|
---|
| 3792 | - RELEASE-NOTES: synced with c005790ff1c0a
|
---|
| 3793 |
|
---|
| 3794 | - [Daniel Melani brought this change]
|
---|
| 3795 |
|
---|
| 3796 | openssl: typo in comment
|
---|
| 3797 |
|
---|
| 3798 | Jay Satiro (27 May 2015)
|
---|
| 3799 | - openssl: Use TLS_client_method for OpenSSL 1.1.0+
|
---|
| 3800 |
|
---|
| 3801 | SSLv23_client_method is deprecated starting in OpenSSL 1.1.0. The
|
---|
| 3802 | equivalent is TLS_client_method.
|
---|
| 3803 |
|
---|
| 3804 | https://github.com/openssl/openssl/commit/13c9bb3#diff-708d3ae0f2c2973b272b811315381557
|
---|
| 3805 |
|
---|
| 3806 | Daniel Stenberg (26 May 2015)
|
---|
| 3807 | - FAQ: How do I port libcurl to my OS?
|
---|
| 3808 |
|
---|
| 3809 | Jay Satiro (25 May 2015)
|
---|
| 3810 | - CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domain
|
---|
| 3811 |
|
---|
| 3812 | Document that if Set-Cookie is used without a domain then the cookie is
|
---|
| 3813 | sent for any domain and will not be modified.
|
---|
| 3814 |
|
---|
| 3815 | Bug: http://curl.haxx.se/mail/lib-2015-05/0137.html
|
---|
| 3816 | Reported-by: Alexander Dyagilev
|
---|
| 3817 |
|
---|
| 3818 | Daniel Stenberg (25 May 2015)
|
---|
| 3819 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 3820 |
|
---|
| 3821 | http2: Copy data passed in Curl_http2_switched into HTTP/2 connection buffer
|
---|
| 3822 |
|
---|
| 3823 | Previously, after seeing upgrade to HTTP/2, we feed data followed by
|
---|
| 3824 | upgrade response headers directly to nghttp2_session_mem_recv() in
|
---|
| 3825 | Curl_http2_switched(). But it turns out that passed buffer, mem, is
|
---|
| 3826 | part of stream->mem, and callbacks called by
|
---|
| 3827 | nghttp2_session_mem_recv() will write stream specific data into
|
---|
| 3828 | stream->mem, overwriting input data. This will corrupt input, and
|
---|
| 3829 | most likely frame length error is detected by nghttp2 library. The
|
---|
| 3830 | fix is first copy the passed data to HTTP/2 connection buffer,
|
---|
| 3831 | httpc->inbuf, and call nghttp2_session_mem_recv().
|
---|
| 3832 |
|
---|
| 3833 | Jay Satiro (24 May 2015)
|
---|
| 3834 | - CURLOPT_COOKIE.3: Explain that the cookies won't be modified
|
---|
| 3835 |
|
---|
| 3836 | The CURLOPT_COOKIE doc says it "sets the cookie header explicitly in the
|
---|
| 3837 | outgoing request(s)." However there seems to be some user confusion
|
---|
| 3838 | about cookie modification. Document that the cookies set by this option
|
---|
| 3839 | are not modified by the cookie engine.
|
---|
| 3840 |
|
---|
| 3841 | Bug: http://curl.haxx.se/mail/lib-2015-05/0115.html
|
---|
| 3842 | Reported-by: Alexander Dyagilev
|
---|
| 3843 |
|
---|
| 3844 | - CURLOPT_COOKIELIST.3: Add example
|
---|
| 3845 |
|
---|
| 3846 | Dan Fandrich (24 May 2015)
|
---|
| 3847 | - testcurl.pl: use rel2abs to make the source directory absolute
|
---|
| 3848 |
|
---|
| 3849 | This function makes a platform-specific absolute path which uses
|
---|
| 3850 | backslashes on Windows. This form works when passing it on the
|
---|
| 3851 | command-line, as well as if the source is on another drive.
|
---|
| 3852 |
|
---|
| 3853 | - conncache: fixed memory leak on OOM (torture tests)
|
---|
| 3854 |
|
---|
| 3855 | Daniel Stenberg (24 May 2015)
|
---|
| 3856 | - perl: remove subdir, not touched in 9 years
|
---|
| 3857 |
|
---|
| 3858 | - log2changes.pl: moved to scripts/
|
---|
| 3859 |
|
---|
| 3860 | - [Alessandro Ghedini brought this change]
|
---|
| 3861 |
|
---|
| 3862 | scripts: add zsh.pl for generating zsh completion
|
---|
| 3863 |
|
---|
| 3864 | Dan Fandrich (23 May 2015)
|
---|
| 3865 | - test1510: another flaky test
|
---|
| 3866 |
|
---|
| 3867 | Daniel Stenberg (22 May 2015)
|
---|
| 3868 | - security: fix "Unchecked return value" from sscanf()
|
---|
| 3869 |
|
---|
| 3870 | By (void) prefixing it and adding a comment. Did some minor related
|
---|
| 3871 | cleanups.
|
---|
| 3872 |
|
---|
| 3873 | Coverity CID 1299423.
|
---|
| 3874 |
|
---|
| 3875 | - security: simplify choose_mech
|
---|
| 3876 |
|
---|
| 3877 | Coverity CID 1299424 identified dead code because of checks that could
|
---|
| 3878 | never equal true (if the mechanism's name was NULL).
|
---|
| 3879 |
|
---|
| 3880 | Simplified the function by removing a level of pointers and removing the
|
---|
| 3881 | loop and array that weren't used.
|
---|
| 3882 |
|
---|
| 3883 | - RTSP: catch attempted unsupported requests better
|
---|
| 3884 |
|
---|
| 3885 | Replace use of assert with code that properly catches bad input at
|
---|
| 3886 | run-time even in non-debug builds.
|
---|
| 3887 |
|
---|
| 3888 | This flaw was sort of detected by Coverity CID 1299425 which claimed the
|
---|
| 3889 | "case RTSPREQ_NONE" was dead code.
|
---|
| 3890 |
|
---|
| 3891 | - share_init: fix OOM crash
|
---|
| 3892 |
|
---|
| 3893 | A failed calloc() would lead to NULL pointer use.
|
---|
| 3894 |
|
---|
| 3895 | Coverity CID 1299427.
|
---|
| 3896 |
|
---|
| 3897 | - parse_proxy: switch off tunneling if non-HTTP proxy
|
---|
| 3898 |
|
---|
| 3899 | non-HTTP proxy implies not using CURLOPT_HTTPPROXYTUNNEL
|
---|
| 3900 |
|
---|
| 3901 | Bug: http://curl.haxx.se/mail/lib-2015-05/0056.html
|
---|
| 3902 | Reported-by: Sean Boudreau
|
---|
| 3903 |
|
---|
| 3904 | - curl: fix potential NULL dereference
|
---|
| 3905 |
|
---|
| 3906 | Coverity CID 1299428: Dereference after null check (FORWARD_NULL)
|
---|
| 3907 |
|
---|
| 3908 | - http2: on_frame_recv: return early on stream 0
|
---|
| 3909 |
|
---|
| 3910 | Coverity CID 1299426 warned about possible NULL dereference otherwise,
|
---|
| 3911 | but that would only ever happen if we get invalid HTTP/2 data with
|
---|
| 3912 | frames for stream 0. Avoid this risk by returning early when stream 0 is
|
---|
| 3913 | used.
|
---|
| 3914 |
|
---|
| 3915 | - http: removed self assignment
|
---|
| 3916 |
|
---|
| 3917 | Follow-up fix from b0143a2a33f0
|
---|
| 3918 |
|
---|
| 3919 | Detected by coverity. CID 1299429
|
---|
| 3920 |
|
---|
| 3921 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 3922 |
|
---|
| 3923 | http2: Make HTTP Upgrade work
|
---|
| 3924 |
|
---|
| 3925 | This commit just add implicitly opened stream 1 to streams hash.
|
---|
| 3926 |
|
---|
| 3927 | Jay Satiro (22 May 2015)
|
---|
| 3928 | - strerror: Change SEC_E_ILLEGAL_MESSAGE description
|
---|
| 3929 |
|
---|
| 3930 | Prior to this change the description for SEC_E_ILLEGAL_MESSAGE was OS
|
---|
| 3931 | and language specific, and invariably translated to something not very
|
---|
| 3932 | helpful like: "The message received was unexpected or badly formatted."
|
---|
| 3933 |
|
---|
| 3934 | Bug: https://github.com/bagder/curl/issues/267
|
---|
| 3935 | Reported-by: Michael Osipov
|
---|
| 3936 |
|
---|
| 3937 | - telnet: Fix read-callback change for Windows builds
|
---|
| 3938 |
|
---|
| 3939 | Refer to b0143a2 for more information on the read-callback change.
|
---|
| 3940 |
|
---|
| 3941 | Daniel Stenberg (21 May 2015)
|
---|
| 3942 | - CURLOPT_HTTPPROXYTUNNEL.3: only works with a HTTP proxy!
|
---|
| 3943 |
|
---|
| 3944 | Dan Fandrich (21 May 2015)
|
---|
| 3945 | - testcurl.pl: allow source to be in an arbitrary directory
|
---|
| 3946 |
|
---|
| 3947 | This way, the build directory can be located on an entirely different
|
---|
| 3948 | filesystem from the source code (e.g. a tmpfs).
|
---|
| 3949 |
|
---|
| 3950 | Daniel Stenberg (20 May 2015)
|
---|
| 3951 | - read_callback: move to SessionHandle from connectdata
|
---|
| 3952 |
|
---|
| 3953 | With many easy handles using the same connection for multiplexing, it is
|
---|
| 3954 | important we store and keep the transfer-oriented stuff in the
|
---|
| 3955 | SessionHandle so that callbacks and callback data work fine even when
|
---|
| 3956 | many easy handles share the same physical connection.
|
---|
| 3957 |
|
---|
| 3958 | - http2: show stream IDs in decimal
|
---|
| 3959 |
|
---|
| 3960 | It makes them easier to match output from the nghttpd test server.
|
---|
| 3961 |
|
---|
| 3962 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 3963 |
|
---|
| 3964 | http2: Faster http2 upload
|
---|
| 3965 |
|
---|
| 3966 | Previously, when we send all given buffer in data_source_callback, we
|
---|
| 3967 | return NGHTTP2_ERR_DEFERRED, and nghttp2 library removes this stream
|
---|
| 3968 | temporarily for writing. This itself is good. If this is the sole
|
---|
| 3969 | stream in the session, nghttp2_session_want_write() returns zero,
|
---|
| 3970 | which means that libcurl does not check writeability of the underlying
|
---|
| 3971 | socket. This leads to very slow upload, because it seems curl only
|
---|
| 3972 | upload 16k something per 1 second. To fix this, if we still have data
|
---|
| 3973 | to send, call nghttp2_session_resume_data after nghttp2_session_send.
|
---|
| 3974 | This makes nghttp2_session_want_write() returns nonzero (if connection
|
---|
| 3975 | window still opens), and as a result, socket writeability is checked,
|
---|
| 3976 | and upload speed becomes normal.
|
---|
| 3977 |
|
---|
| 3978 | - [Dmitry Eremin-Solenikov brought this change]
|
---|
| 3979 |
|
---|
| 3980 | gtls: don't fail on non-fatal alerts during handshake
|
---|
| 3981 |
|
---|
| 3982 | Stop curl from failing when non-fatal alert is received during
|
---|
| 3983 | handshake. This e.g. fixes lots of problems when working with https
|
---|
| 3984 | sites through proxies.
|
---|
| 3985 |
|
---|
| 3986 | - curl_easy_unescape.3: update RFC reference
|
---|
| 3987 |
|
---|
| 3988 | Reported-by: bsammon
|
---|
| 3989 | Bug: https://github.com/bagder/curl/issues/282
|
---|
| 3990 |
|
---|
| 3991 | Jay Satiro (20 May 2015)
|
---|
| 3992 | - CURLOPT_POSTFIELDS.3: Mention curl_easy_escape
|
---|
| 3993 |
|
---|
| 3994 | .. also correct some variable naming in curl_easy_escape.3
|
---|
| 3995 |
|
---|
| 3996 | Bug: https://github.com/bagder/curl/issues/281
|
---|
| 3997 | Reported-by: bsammon@users.noreply.github.com
|
---|
| 3998 |
|
---|
| 3999 | Daniel Stenberg (19 May 2015)
|
---|
| 4000 | - [Brian Prodoehl brought this change]
|
---|
| 4001 |
|
---|
| 4002 | openssl: Use SSL_CTX_set_msg_callback and SSL_CTX_set_msg_callback_arg
|
---|
| 4003 |
|
---|
| 4004 | BoringSSL removed support for direct callers of SSL_CTX_callback_ctrl
|
---|
| 4005 | and SSL_CTX_ctrl, so move to a way that should work on BoringSSL and
|
---|
| 4006 | OpenSSL.
|
---|
| 4007 |
|
---|
| 4008 | re #275
|
---|
| 4009 |
|
---|
| 4010 | Jay Satiro (19 May 2015)
|
---|
| 4011 | - curl.1: fix missing space in section --data
|
---|
| 4012 |
|
---|
| 4013 | Daniel Stenberg (19 May 2015)
|
---|
| 4014 | - transfer: remove erroneous and misleading comment
|
---|
| 4015 |
|
---|
| 4016 | Kamil Dudka (19 May 2015)
|
---|
| 4017 | - http: silence compile-time warnings without USE_NGHTTP2
|
---|
| 4018 |
|
---|
| 4019 | Error: CLANG_WARNING:
|
---|
| 4020 | lib/http.c:173:16: warning: Value stored to 'http' during its initialization is never read
|
---|
| 4021 |
|
---|
| 4022 | Error: COMPILER_WARNING:
|
---|
| 4023 | lib/http.c: scope_hint: In function âhttp_disconnectâ
|
---|
| 4024 | lib/http.c:173:16: warning: unused variable âhttpâ [-Wunused-variable]
|
---|
| 4025 |
|
---|
| 4026 | Jay Satiro (19 May 2015)
|
---|
| 4027 | - transfer: Replace __func__ instances with function name
|
---|
| 4028 |
|
---|
| 4029 | .. also make __func__ replacement in multi.
|
---|
| 4030 |
|
---|
| 4031 | Prior to this change debug builds would fail to build if the compiler
|
---|
| 4032 | was building pre-c99 and didn't support __func__.
|
---|
| 4033 |
|
---|
| 4034 | Daniel Stenberg (19 May 2015)
|
---|
| 4035 | - [Viktor Szakats brought this change]
|
---|
| 4036 |
|
---|
| 4037 | build: bump version in default nghttp2 paths
|
---|
| 4038 |
|
---|
| 4039 | - INTERNALS: we require nghttp2 1.0.0+ now
|
---|
| 4040 |
|
---|
| 4041 | Jay Satiro (18 May 2015)
|
---|
| 4042 | - http: Add some include guards for the new HTTP/2 stuff
|
---|
| 4043 |
|
---|
| 4044 | Daniel Stenberg (18 May 2015)
|
---|
| 4045 | - http2: store upload state per stream
|
---|
| 4046 |
|
---|
| 4047 | Use a curl_off_t for upload left
|
---|
| 4048 |
|
---|
| 4049 | - http2: fix build when NOT h2-enabled
|
---|
| 4050 |
|
---|
| 4051 | - http2: switch to use Curl_hash_destroy()
|
---|
| 4052 |
|
---|
| 4053 | as after 4883f7019d3, the *_clean() function only flushes the hash.
|
---|
| 4054 |
|
---|
| 4055 | - curlver: restore LIBCURL_VERSION_NUM defined as a full number
|
---|
| 4056 |
|
---|
| 4057 | As it breaks configure, curl-config and test 1023 if not.
|
---|
| 4058 |
|
---|
| 4059 | - [Anthony Avina brought this change]
|
---|
| 4060 |
|
---|
| 4061 | hostip: fix unintended destruction of hash table
|
---|
| 4062 |
|
---|
| 4063 | .. and added unit1602 for hash.c
|
---|
| 4064 |
|
---|
| 4065 | - curlver: introducing new version number (checking) macros
|
---|
| 4066 |
|
---|
| 4067 | - runtests.pl: use 'h2c' now, no -14 anymore
|
---|
| 4068 |
|
---|
| 4069 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 4070 |
|
---|
| 4071 | http2: Ignore if we have stream ID not in hash in on_stream_close
|
---|
| 4072 |
|
---|
| 4073 | We could get stream ID not in the hash in on_stream_close. For
|
---|
| 4074 | example, if we decided to reject stream (e.g., PUSH_PROMISE), then we
|
---|
| 4075 | don't create stream and store it in hash with its stream ID.
|
---|
| 4076 |
|
---|
| 4077 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 4078 |
|
---|
| 4079 | Require nghttp2 v1.0.0
|
---|
| 4080 |
|
---|
| 4081 | This commit requires nghttp2 v1.0.0 to compile, and migrate to v1.0.0,
|
---|
| 4082 | and utilize recent version of nghttp2 to simplify the code,
|
---|
| 4083 |
|
---|
| 4084 | First we use nghttp2_option_set_no_recv_client_magic function to
|
---|
| 4085 | detect nghttp2 v1.0.0. That function only exists since v1.0.0.
|
---|
| 4086 |
|
---|
| 4087 | Since nghttp2 v0.7.5, nghttp2 ensures header field ordering, and
|
---|
| 4088 | validates received header field. If it found error, RST_STREAM with
|
---|
| 4089 | PROTOCOL_ERROR is issued. Since we require v1.0.0, we can utilize
|
---|
| 4090 | this feature to simplify libcurl code. This commit does this.
|
---|
| 4091 |
|
---|
| 4092 | Migration from 0.7 series are done based on nghttp2 migration
|
---|
| 4093 | document. For libcurl, we removed the code sending first 24 bytes
|
---|
| 4094 | client magic. It is now done by nghttp2 library.
|
---|
| 4095 | on_invalid_frame_recv callback signature changed, and is updated
|
---|
| 4096 | accordingly.
|
---|
| 4097 |
|
---|
| 4098 | - http2: infof length in on_frame_send()
|
---|
| 4099 |
|
---|
| 4100 | - pipeline: switch some code over to functions
|
---|
| 4101 |
|
---|
| 4102 | ... to "compartmentalize" a bit and make it easier to change behavior
|
---|
| 4103 | when multiplexing is used instead of good old pipelining.
|
---|
| 4104 |
|
---|
| 4105 | - symbols-in-versions: add CURLOPT_PIPEWAIT
|
---|
| 4106 |
|
---|
| 4107 | - CURLOPT_PIPEWAIT: added
|
---|
| 4108 |
|
---|
| 4109 | By setting this option to 1 libcurl will wait for a connection to reveal
|
---|
| 4110 | if it is possible to pipeline/multiplex on before it continues.
|
---|
| 4111 |
|
---|
| 4112 | - Curl_http_readwrite_headers: minor code simplification
|
---|
| 4113 |
|
---|
| 4114 | - IsPipeliningPossible: fixed for http2
|
---|
| 4115 |
|
---|
| 4116 | - http2: bump the h2 buffer size to 32K for speed
|
---|
| 4117 |
|
---|
| 4118 | - http2: remove the stream from the hash in stream_close callback
|
---|
| 4119 |
|
---|
| 4120 | ... and suddenly things work much better!
|
---|
| 4121 |
|
---|
| 4122 | - http2: if there is paused data, do not clear the drain field
|
---|
| 4123 |
|
---|
| 4124 | - http2: rename s/data/pausedata
|
---|
| 4125 |
|
---|
| 4126 | - http2: "stream %x" in all outputs to make it easier to search for
|
---|
| 4127 |
|
---|
| 4128 | - http2: Curl_expire() all handles with incoming traffic
|
---|
| 4129 |
|
---|
| 4130 | ... so that they'll get handled next in the multi loop.
|
---|
| 4131 |
|
---|
| 4132 | - http2: don't signal settings change for same values
|
---|
| 4133 |
|
---|
| 4134 | - http2: set default concurrency, fix ConnectionExists for multiplex
|
---|
| 4135 |
|
---|
| 4136 | - bundles: store no/default/pipeline/multiplex
|
---|
| 4137 |
|
---|
| 4138 | to allow code to act differently on the situation.
|
---|
| 4139 |
|
---|
| 4140 | Also added some more info message for the connection re-use function to
|
---|
| 4141 | make it clearer when connections are not re-used.
|
---|
| 4142 |
|
---|
| 4143 | - http2: lazy init header_recvbuf
|
---|
| 4144 |
|
---|
| 4145 | It makes us use less memory when not doing HTTP/2 and subsequently also
|
---|
| 4146 | makes us not have to cleanup HTTP/2 related data when not using HTTP/2!
|
---|
| 4147 |
|
---|
| 4148 | - http2: separate multiplex/pipelining + cleanup memory leaks
|
---|
| 4149 |
|
---|
| 4150 | - CURLMOPT_PIPELINE: bit 1 is for multiplexing
|
---|
| 4151 |
|
---|
| 4152 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 4153 |
|
---|
| 4154 | http2: Fix bug that data to be drained are overwritten by pending "paused" data
|
---|
| 4155 |
|
---|
| 4156 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 4157 |
|
---|
| 4158 | http2: Don't call nghttp2_session_mem_recv while it is paused by a stream
|
---|
| 4159 |
|
---|
| 4160 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 4161 |
|
---|
| 4162 | http2: Read data left in connection buffer after pause
|
---|
| 4163 |
|
---|
| 4164 | Previously when we do pause because of out of buffer, we just throw
|
---|
| 4165 | away unread data in connection buffer. This just broke protocol
|
---|
| 4166 | framing, and I saw occasional FRAME_SIZE_ERROR. This commit fix this
|
---|
| 4167 | issue by remembering how much data read, and in the next iteration, we
|
---|
| 4168 | process remaining data.
|
---|
| 4169 |
|
---|
| 4170 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 4171 |
|
---|
| 4172 | http2: Fix streams get stuck
|
---|
| 4173 |
|
---|
| 4174 | This commit fixes the bug that streams get stuck if stream gets some
|
---|
| 4175 | DATA, and stream->closed becomes true at the same time. Previously,
|
---|
| 4176 | in this condition, after we processed DATA, we are going to try to
|
---|
| 4177 | read data from underlying transport, but there is no data, and gets
|
---|
| 4178 | EAGAIN. There was no code path to evaludate stream->closed.
|
---|
| 4179 |
|
---|
| 4180 | - http2: store incoming h2 SETTINGS
|
---|
| 4181 |
|
---|
| 4182 | - pipeline: move function to pipeline.c and make static
|
---|
| 4183 |
|
---|
| 4184 | ... as it was only used from there.
|
---|
| 4185 |
|
---|
| 4186 | - IsPipeliningPossible: http2 can always "pipeline" (multiplex)
|
---|
| 4187 |
|
---|
| 4188 | - http2: remove debug logging from on_frame_recv
|
---|
| 4189 |
|
---|
| 4190 | - http2: remove the closed check in http2_recv
|
---|
| 4191 |
|
---|
| 4192 | With the "drained" functionality we can get here slightly asynchronously
|
---|
| 4193 | so the stream have have been closed but there is pending data left to
|
---|
| 4194 | read.
|
---|
| 4195 |
|
---|
| 4196 | - http2: bump the h2 buffer to 8K
|
---|
| 4197 |
|
---|
| 4198 | - http2: Curl_read should not use the single buffer
|
---|
| 4199 |
|
---|
| 4200 | ... as it does for pipelining when we're multiplexing, as we need the
|
---|
| 4201 | different buffers to store incoming data correctly for all streams.
|
---|
| 4202 |
|
---|
| 4203 | - http2: more debug outputs
|
---|
| 4204 |
|
---|
| 4205 | - http2: leave WAITPERFORM when conn is multiplexed
|
---|
| 4206 |
|
---|
| 4207 | No need to wait for our "spot" like for pipelining
|
---|
| 4208 |
|
---|
| 4209 | - http2: force "drainage" of streams
|
---|
| 4210 |
|
---|
| 4211 | ... which is necessary since the socket won't be readable but there is
|
---|
| 4212 | data waiting in the buffer.
|
---|
| 4213 |
|
---|
| 4214 | - http2: move the mem+len pair to the stream struct
|
---|
| 4215 |
|
---|
| 4216 | - http2: more stream-oriented data, stream ID 0 is for connections
|
---|
| 4217 |
|
---|
| 4218 | - http2: move lots of state data to the 'stream' struct
|
---|
| 4219 |
|
---|
| 4220 | ... from the connection struct. The stream one being the 'struct HTTP'
|
---|
| 4221 | which is kept in the SessionHandle struct (easy handle).
|
---|
| 4222 |
|
---|
| 4223 | lookup streams for incoming frames in the stream hash, hashing is based
|
---|
| 4224 | on the stream id and we get the SessionHandle for the incoming stream
|
---|
| 4225 | that way.
|
---|
| 4226 |
|
---|
| 4227 | - HTTP: partial start at fixing up hash-lookups on http2 frame receival
|
---|
| 4228 |
|
---|
| 4229 | - http: a stream hash for h2 multiplexing
|
---|
| 4230 |
|
---|
| 4231 | - http: a stream hash for h2 multiplexing
|
---|
| 4232 |
|
---|
| 4233 | - http2: debug log when receiving unexpected stream_id
|
---|
| 4234 |
|
---|
| 4235 | - http2: move stream_id to the HTTP struct (per-stream)
|
---|
| 4236 |
|
---|
| 4237 | - Curl_http2_setup: only do it once and enable multiplex on the server
|
---|
| 4238 |
|
---|
| 4239 | Once we know we are HTTP/2 enabled we know the server can multiplex.
|
---|
| 4240 |
|
---|
| 4241 | - http: switch on "pipelining" (multiplexing) for HTTP/2 servers
|
---|
| 4242 |
|
---|
| 4243 | ... and do not blacklist any.
|
---|
| 4244 |
|
---|
| 4245 | - README.pipelining: removed
|
---|
| 4246 |
|
---|
| 4247 | All the details mentioned here are better documented in man pages
|
---|
| 4248 |
|
---|
| 4249 | Dan Fandrich (14 May 2015)
|
---|
| 4250 | - build: removed bundles.c from make files
|
---|
| 4251 |
|
---|
| 4252 | This file was removed in commit fd137786
|
---|
| 4253 |
|
---|
| 4254 | Daniel Stenberg (14 May 2015)
|
---|
| 4255 | - Curl_conncache_add_conn: fix memory leak on OOM
|
---|
| 4256 |
|
---|
| 4257 | - CURLMOPT_MAX_HOST_CONNECTIONS: host = host name + port number
|
---|
| 4258 |
|
---|
| 4259 | - conncache: keep bundles on host+port bases, not only host names
|
---|
| 4260 |
|
---|
| 4261 | Previously we counted all connections to a specific host name and that
|
---|
| 4262 | would be used for the CURLMOPT_MAX_HOST_CONNECTIONS check for example,
|
---|
| 4263 | while servers on different port numbers are normally considered
|
---|
| 4264 | different "origins" on the web and should thus be considered different
|
---|
| 4265 | hosts.
|
---|
| 4266 |
|
---|
| 4267 | - bundles: merged into conncache.c
|
---|
| 4268 |
|
---|
| 4269 | All the existing Curl_bundle* functions were only ever used from within
|
---|
| 4270 | the conncache.c file, so I moved them over and made them static (and
|
---|
| 4271 | removed the Curl_ prefix).
|
---|
| 4272 |
|
---|
| 4273 | - hostcache: made all host caches use structs, not pointers
|
---|
| 4274 |
|
---|
| 4275 | This avoids unnecessary dynamic allocs and as this also removed the last
|
---|
| 4276 | users of *hash_alloc() and *hash_destroy(), those two functions are now
|
---|
| 4277 | removed.
|
---|
| 4278 |
|
---|
| 4279 | - multi: converted socket hash into non-allocated struct
|
---|
| 4280 |
|
---|
| 4281 | avoids extra dynamic allocation
|
---|
| 4282 |
|
---|
| 4283 | - connection cache: avoid Curl_hash_alloc()
|
---|
| 4284 |
|
---|
| 4285 | ... by using plain structs instead of pointers for the connection cache,
|
---|
| 4286 | we can avoid several dynamic allocations that weren't necessary.
|
---|
| 4287 |
|
---|
| 4288 | - proxy: add newline to info message
|
---|
| 4289 |
|
---|
| 4290 | Patrick Monnerat (8 May 2015)
|
---|
| 4291 | - FTP: fix dangling conn->ip_addr dereference on verbose EPSV.
|
---|
| 4292 |
|
---|
| 4293 | - FTP: Make EPSV use the control IP address rather than the original host.
|
---|
| 4294 | This ensures an alternate address is not used.
|
---|
| 4295 | Does not apply to proxy tunnel.
|
---|
| 4296 |
|
---|
| 4297 | Daniel Stenberg (8 May 2015)
|
---|
| 4298 | - [Alessandro Ghedini brought this change]
|
---|
| 4299 |
|
---|
| 4300 | tool_help: fix formatting for --next option
|
---|
| 4301 |
|
---|
| 4302 | - [Egon Eckert brought this change]
|
---|
| 4303 |
|
---|
| 4304 | opts: improved the TCP keepalive examples
|
---|
| 4305 |
|
---|
| 4306 | Jay Satiro (8 May 2015)
|
---|
| 4307 | - winbuild: Document the option used to statically link the CRT
|
---|
| 4308 |
|
---|
| 4309 | - Document option RTLIBCFG (runtime library configuration).
|
---|
| 4310 |
|
---|
| 4311 | Bug: https://github.com/bagder/curl/issues/254
|
---|
| 4312 | Reported-by: Bert Huijben
|
---|
| 4313 |
|
---|
| 4314 | - [Orgad Shaneh brought this change]
|
---|
| 4315 |
|
---|
| 4316 | netrc: Read in text mode when cygwin
|
---|
| 4317 |
|
---|
| 4318 | Use text mode when cygwin to eliminate trailing carriage returns.
|
---|
| 4319 |
|
---|
| 4320 | Bug: https://github.com/bagder/curl/pull/258
|
---|
| 4321 |
|
---|
| 4322 | Patrick Monnerat (5 May 2015)
|
---|
| 4323 | - OS400: Add SPNEGO service name options to ILE/RPG binding.
|
---|
| 4324 |
|
---|
| 4325 | Daniel Stenberg (4 May 2015)
|
---|
| 4326 | - curl_multi_info_read.3: fix typo
|
---|
| 4327 |
|
---|
| 4328 | Reported-by: Liviu Chircu
|
---|
| 4329 |
|
---|
| 4330 | - MANUAL: language fix
|
---|
| 4331 |
|
---|
| 4332 | Reported-by: Fred Stluka
|
---|
| 4333 | Bug: https://github.com/bagder/curl/issues/255
|
---|
| 4334 |
|
---|
| 4335 | - [Alessandro Ghedini brought this change]
|
---|
| 4336 |
|
---|
| 4337 | gtls: properly retrieve certificate status
|
---|
| 4338 |
|
---|
| 4339 | Also print the revocation reason if appropriate.
|
---|
| 4340 |
|
---|
| 4341 | - OpenSSL: conditional check for SSL3_RT_HEADER
|
---|
| 4342 |
|
---|
| 4343 | The symbol is fairly new.
|
---|
| 4344 |
|
---|
| 4345 | Reported-by: Kamil Dudka
|
---|
| 4346 |
|
---|
| 4347 | - openssl: skip trace outputs for ssl_ver == 0
|
---|
| 4348 |
|
---|
| 4349 | The OpenSSL trace callback is wonderfully undocumented but given a
|
---|
| 4350 | journey in the source code, it seems the cases were ssl_ver is zero
|
---|
| 4351 | doesn't follow the same pattern and thus turned out confusing and
|
---|
| 4352 | misleading. For now, we skip doing any CURLINFO_TEXT logging on those
|
---|
| 4353 | but keep sending them as CURLINFO_SSL_DATA_OUT/IN.
|
---|
| 4354 |
|
---|
| 4355 | Also, I added direction to the text info and I edited some functions
|
---|
| 4356 | slightly.
|
---|
| 4357 |
|
---|
| 4358 | Bug: https://github.com/bagder/curl/issues/219
|
---|
| 4359 | Reported-by: Jay Satiro, Ashish Shukla
|
---|
| 4360 |
|
---|
| 4361 | Marc Hoersken (2 May 2015)
|
---|
| 4362 | - schannel.c: Small changes
|
---|
| 4363 |
|
---|
| 4364 | - schannel.c: Improve code path and readability
|
---|
| 4365 |
|
---|
| 4366 | - schannel.c: Improve error and return code handling upon aa99a63f03
|
---|
| 4367 |
|
---|
| 4368 | - [Chris Araman brought this change]
|
---|
| 4369 |
|
---|
| 4370 | schannel: fix regression in schannel_recv
|
---|
| 4371 |
|
---|
| 4372 | https://github.com/bagder/curl/issues/244
|
---|
| 4373 |
|
---|
| 4374 | Commit 145c263 changed the behavior when Curl_read_plain returns
|
---|
| 4375 | CURLE_AGAIN. We now handle CURLE_AGAIN and SEC_I_CONTEXT_EXPIRED
|
---|
| 4376 | correctly.
|
---|
| 4377 |
|
---|
| 4378 | - Bug born in changes made several days ago 9a91e80.
|
---|
| 4379 |
|
---|
| 4380 | Commit: https://github.com/bagder/curl/commit/926cb9f
|
---|
| 4381 | Reported-by: Ray Satiro
|
---|
| 4382 |
|
---|
| 4383 | Daniel Stenberg (30 Apr 2015)
|
---|
| 4384 | - [Michael Osipov brought this change]
|
---|
| 4385 |
|
---|
| 4386 | configure: remove missing and make it autogenerate
|
---|
| 4387 |
|
---|
| 4388 | The missing file has not been autogenerated because a temporary fix was
|
---|
| 4389 | employed in acinclude.m4 which blocked update. Removed that fix and a recent
|
---|
| 4390 | version of missing is copied to build root.
|
---|
| 4391 |
|
---|
| 4392 | - [Michael Osipov brought this change]
|
---|
| 4393 |
|
---|
| 4394 | acinclude.m4: fix test for default CA cert bundle/path
|
---|
| 4395 |
|
---|
| 4396 | test(1) on HP-UX requires a single equals sign and fails with two.
|
---|
| 4397 | Let's use one and make every OS happy.
|
---|
| 4398 |
|
---|
| 4399 | - CONTRIBUTING.md: remove the sourceforge mention
|
---|
| 4400 |
|
---|
| 4401 | Reported-By: Michael Osipov
|
---|
| 4402 |
|
---|
| 4403 | Dan Fandrich (30 Apr 2015)
|
---|
| 4404 | - http_negotiate_sspi: added missing data variable
|
---|
| 4405 |
|
---|
| 4406 | Daniel Stenberg (30 Apr 2015)
|
---|
| 4407 | - [Michael Osipov brought this change]
|
---|
| 4408 |
|
---|
| 4409 | configure: remove --automake from libtoolize call
|
---|
| 4410 |
|
---|
| 4411 | That option is not mentioned in the man page of libtoolize 2.4.4.19-fda4.
|
---|
| 4412 | Moveover, a comment in line 2623 says "--automake is for 1.5 compatibility".
|
---|
| 4413 |
|
---|
| 4414 | This option is redundant now.
|
---|
| 4415 |
|
---|
| 4416 | - [Viktor Szakats brought this change]
|
---|
| 4417 |
|
---|
| 4418 | build: update depedency versions, urls, example makefiles
|
---|
| 4419 |
|
---|
| 4420 | - update default versions of dependencies (except for rare/old platforms)
|
---|
| 4421 | - update urls
|
---|
| 4422 | - sync examples makefiles with main ones
|
---|
| 4423 | - remove line ending space
|
---|
| 4424 |
|
---|
| 4425 | - [Michael Osipov brought this change]
|
---|
| 4426 |
|
---|
| 4427 | configure: remove autogenerated files by autoconf
|
---|
| 4428 |
|
---|
| 4429 | * install-sh is always regenerated
|
---|
| 4430 | * mkinstalldirs was already redudant years ago. Automake uses install for
|
---|
| 4431 | that. See: http://lists.gnu.org/archive/html/automake/2007-03/msg00015.html
|
---|
| 4432 |
|
---|
| 4433 | - [Anders Bakken brought this change]
|
---|
| 4434 |
|
---|
| 4435 | curl_multi_add_handle: next is already NULL
|
---|
| 4436 |
|
---|
| 4437 | Jay Satiro (30 Apr 2015)
|
---|
| 4438 | - schannel: Fix out of bounds array
|
---|
| 4439 |
|
---|
| 4440 | Bug born in changes made several days ago 9a91e80.
|
---|
| 4441 |
|
---|
| 4442 | Bug: http://curl.haxx.se/mail/lib-2015-04/0199.html
|
---|
| 4443 | Reported-by: Brian Chrisman
|
---|
| 4444 |
|
---|
| 4445 | - docs/libcurl: gitignore libcurl-symbols.3
|
---|
| 4446 |
|
---|
| 4447 | Bug: http://curl.haxx.se/mail/lib-2015-04/0191.html
|
---|
| 4448 | Reported-by: Michael Osipov
|
---|
| 4449 |
|
---|
| 4450 | - [Viktor Szakats brought this change]
|
---|
| 4451 |
|
---|
| 4452 | lib/makefile.m32: add arch -m32/-m64 to LDFLAGS
|
---|
| 4453 |
|
---|
| 4454 | This fixes using a multi-target mingw distro to build curl .dll for the
|
---|
| 4455 | non-default target.
|
---|
| 4456 | (mirroring the same patch present in src/makefile.m32)
|
---|
| 4457 |
|
---|
| 4458 | Daniel Stenberg (29 Apr 2015)
|
---|
| 4459 | - RELEASE-NOTES: synced with cd39b944afc
|
---|
| 4460 |
|
---|
| 4461 | I've not mentioned the bug fixes that were shipped in 7.42.1 from the
|
---|
| 4462 | 7_42 branch.
|
---|
| 4463 |
|
---|
| 4464 | - THANKS: merged from the 7.42.1 release
|
---|
| 4465 |
|
---|
| 4466 | - CURLOPT_HEADEROPT: default to separate
|
---|
| 4467 |
|
---|
| 4468 | Make the HTTP headers separated by default for improved security and
|
---|
| 4469 | reduced risk for information leakage.
|
---|
| 4470 |
|
---|
| 4471 | Bug: http://curl.haxx.se/docs/adv_20150429.html
|
---|
| 4472 | Reported-by: Yehezkel Horowitz, Oren Souroujon
|
---|
| 4473 |
|
---|
| 4474 | Linus Nielsen (28 Apr 2015)
|
---|
| 4475 | - docs/libcurl: Corrected a typo in the CURLOPT_PROXY_SERVICE_NAME documentation
|
---|
| 4476 |
|
---|
| 4477 | Daniel Stenberg (28 Apr 2015)
|
---|
| 4478 | - hash: simplify Curl_str_key_compare()
|
---|
| 4479 |
|
---|
| 4480 | - dist: ship CURLOPT_PROXY_SERVICE_NAME and CURLOPT_SERVICE_NAME
|
---|
| 4481 |
|
---|
| 4482 | - [Linus Nielsen brought this change]
|
---|
| 4483 |
|
---|
| 4484 | Negotiate: custom service names for SPNEGO.
|
---|
| 4485 |
|
---|
| 4486 | * Add new options, CURLOPT_PROXY_SERVICE_NAME and CURLOPT_SERVICE_NAME.
|
---|
| 4487 | * Add new curl options, --proxy-service-name and --service-name.
|
---|
| 4488 |
|
---|
| 4489 | - http2: unify http_conn variable names to 'c'
|
---|
| 4490 |
|
---|
| 4491 | - ConnectionExists: call it multi-use instead of pipelining
|
---|
| 4492 |
|
---|
| 4493 | So that it fits HTTP/2 as well
|
---|
| 4494 |
|
---|
| 4495 | Kamil Dudka (27 Apr 2015)
|
---|
| 4496 | - [Paul Howarth brought this change]
|
---|
| 4497 |
|
---|
| 4498 | nss: fix compilation failure with old versions of NSS
|
---|
| 4499 |
|
---|
| 4500 | Bug: http://curl.haxx.se/mail/lib-2015-04/0095.html
|
---|
| 4501 |
|
---|
| 4502 | Daniel Stenberg (27 Apr 2015)
|
---|
| 4503 | - sws: init http2 state properly
|
---|
| 4504 |
|
---|
| 4505 | It would otherwise cause problems when running tests after 1801 etc.
|
---|
| 4506 |
|
---|
| 4507 | - curl_easy_getinfo.3: document 'internals' in CURLINFO_TLS_SESSION
|
---|
| 4508 |
|
---|
| 4509 | ... as it was previouly undocumented what the pointer was.
|
---|
| 4510 |
|
---|
| 4511 | - runtests: use a DISABLED.local file too
|
---|
| 4512 |
|
---|
| 4513 | ... and have git ignore that. Allows for a dev to add tests to ignore in
|
---|
| 4514 | local tests and yet don't obstruct a normal git work flow.
|
---|
| 4515 |
|
---|
| 4516 | Marc Hoersken (26 Apr 2015)
|
---|
| 4517 | - schannel.c: Fix typo introduced with 3447c973d0
|
---|
| 4518 |
|
---|
| 4519 | - schannel.c: Fix possible SEC_E_BUFFER_TOO_SMALL error
|
---|
| 4520 |
|
---|
| 4521 | Reported-by: Brian Chrisman
|
---|
| 4522 |
|
---|
| 4523 | Daniel Stenberg (26 Apr 2015)
|
---|
| 4524 | - schannel: re-indented file to follow curl style better
|
---|
| 4525 |
|
---|
| 4526 | white space changes only
|
---|
| 4527 |
|
---|
| 4528 | - Curl_ossl_init: load builtin modules
|
---|
| 4529 |
|
---|
| 4530 | To have engine modules work, we must tell openssl to load builtin
|
---|
| 4531 | modules first.
|
---|
| 4532 |
|
---|
| 4533 | Bug: https://github.com/bagder/curl/pull/206
|
---|
| 4534 |
|
---|
| 4535 | - configure: follow-up fix for krb5-config
|
---|
| 4536 |
|
---|
| 4537 | commit 5b66860652 was incomplete so here's a follow-up fix
|
---|
| 4538 |
|
---|
| 4539 | Reported-by: Dagobert Michelsen
|
---|
| 4540 | Bug: https://github.com/bagder/curl/commit/5b668606527613179d0349f21b4ab0df2971e3d2#commitcomment-10473445
|
---|
| 4541 |
|
---|
| 4542 | - openssl: fix serial number output
|
---|
| 4543 |
|
---|
| 4544 | The code extracting the cert serial number was broken and didn't display
|
---|
| 4545 | it properly.
|
---|
| 4546 |
|
---|
| 4547 | Bug: https://github.com/bagder/curl/issues/235
|
---|
| 4548 | Reported-by: dkjjr89
|
---|
| 4549 |
|
---|
| 4550 | - [Grant Pannell brought this change]
|
---|
| 4551 |
|
---|
| 4552 | sasl_sspi: Populate domain from the realm in the challenge
|
---|
| 4553 |
|
---|
| 4554 | Without this, SSPI based digest auth was broken.
|
---|
| 4555 |
|
---|
| 4556 | Bug: https://github.com/bagder/curl/pull/141.patch
|
---|
| 4557 |
|
---|
| 4558 | Jay Satiro (25 Apr 2015)
|
---|
| 4559 | - [Anthony Avina brought this change]
|
---|
| 4560 |
|
---|
| 4561 | tool: New option --data-raw to HTTP POST data, '@' allowed.
|
---|
| 4562 |
|
---|
| 4563 | Add new option --data-raw which is almost the same as --data but does
|
---|
| 4564 | not have a special interpretation of the @ character.
|
---|
| 4565 |
|
---|
| 4566 | Prior to this change there was no (easy) way to pass the @ character as
|
---|
| 4567 | the first character in POST data without it being interpreted as a
|
---|
| 4568 | special character.
|
---|
| 4569 |
|
---|
| 4570 | Bug: https://github.com/bagder/curl/issues/198
|
---|
| 4571 | Reported-by: Jens Rantil
|
---|
| 4572 |
|
---|
| 4573 | Dan Fandrich (25 Apr 2015)
|
---|
| 4574 | - test2039: fixed line endings that caused a test failure
|
---|
| 4575 |
|
---|
| 4576 | Daniel Stenberg (24 Apr 2015)
|
---|
| 4577 | - [Viktor Szakats brought this change]
|
---|
| 4578 |
|
---|
| 4579 | netrc: add unit tests for 'default' support
|
---|
| 4580 |
|
---|
| 4581 | - [Viktor Szakats brought this change]
|
---|
| 4582 |
|
---|
| 4583 | netrc: support 'default' token
|
---|
| 4584 |
|
---|
| 4585 | The 'default' token has no argument and means to match _any_ domain.
|
---|
| 4586 | It must be placed last if there are 'machine <name>' tokens in the same file.
|
---|
| 4587 |
|
---|
| 4588 | See full description here:
|
---|
| 4589 | https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-File.html
|
---|
| 4590 |
|
---|
| 4591 | - ROADMAP.md: extended the HTTP/2 section, reformatted
|
---|
| 4592 |
|
---|
| 4593 | Elaborated on several of the remaining HTTP/2 parts and made document
|
---|
| 4594 | use a format that ends up nicer on the web page:
|
---|
| 4595 | http://curl.haxx.se/dev/roadmap.html
|
---|
| 4596 |
|
---|
| 4597 | Kamil Dudka (23 Apr 2015)
|
---|
| 4598 | - curl -z: do not write empty file on unmet condition
|
---|
| 4599 |
|
---|
| 4600 | This commit fixes a regression introduced in curl-7_41_0-186-g261a0fe.
|
---|
| 4601 | It also introduces a regression test 1424 based on tests 78 and 1423.
|
---|
| 4602 |
|
---|
| 4603 | Reported-by: Viktor Szakats
|
---|
| 4604 | Bug: https://github.com/bagder/curl/issues/237
|
---|
| 4605 |
|
---|
| 4606 | Dan Fandrich (23 Apr 2015)
|
---|
| 4607 | - tool: fixed a comment typo
|
---|
| 4608 |
|
---|
| 4609 | - README: convert to UTF-8
|
---|
| 4610 |
|
---|
| 4611 | Jay Satiro (22 Apr 2015)
|
---|
| 4612 | - cyassl: Implement public key pinning
|
---|
| 4613 |
|
---|
| 4614 | Also add public key extraction example to CURLOPT_PINNEDPUBLICKEY doc.
|
---|
| 4615 |
|
---|
| 4616 | Dan Fandrich (22 Apr 2015)
|
---|
| 4617 | - [Alessandro Ghedini brought this change]
|
---|
| 4618 |
|
---|
| 4619 | curl.1: fix typo
|
---|
| 4620 |
|
---|
| 4621 | Kamil Dudka (22 Apr 2015)
|
---|
| 4622 | - docs: distribute the CURLOPT_PINNEDPUBLICKEY(3) man page, too
|
---|
| 4623 |
|
---|
| 4624 | - tests/unit/.gitignore: hide unit1601 and above, too
|
---|
| 4625 |
|
---|
| 4626 | Daniel Stenberg (22 Apr 2015)
|
---|
| 4627 | - connectionexists: follow-up to fd9d3a1ef1f
|
---|
| 4628 |
|
---|
| 4629 | PROTOPT_CREDSPERREQUEST still needs to be checked even when NTLM is not
|
---|
| 4630 | enabled.
|
---|
| 4631 |
|
---|
| 4632 | Mistake-caught-by: Kamil Dudka
|
---|
| 4633 |
|
---|
| 4634 | - connectionexists: fix build without NTLM
|
---|
| 4635 |
|
---|
| 4636 | Do not access NTLM-specific struct fields when built without NTLM
|
---|
| 4637 | enabled!
|
---|
| 4638 |
|
---|
| 4639 | bug: http://curl.haxx.se/?i=231
|
---|
| 4640 | Reported-by: Patrick Rapin
|
---|
| 4641 |
|
---|
| 4642 | - bump: start working toward 7.43.0
|
---|
| 4643 |
|
---|
| 4644 | Kamil Dudka (22 Apr 2015)
|
---|
| 4645 | - nss: implement public key pinning for NSS backend
|
---|
| 4646 |
|
---|
| 4647 | Bug: https://bugzilla.redhat.com/1195771
|
---|
| 4648 |
|
---|
| 4649 | Daniel Stenberg (22 Apr 2015)
|
---|
| 4650 | - dist: include {src,lib}/checksrc.whitelist
|
---|
| 4651 |
|
---|
| 4652 | Version 7.42.0 (22 Apr 2015)
|
---|
| 4653 |
|
---|
| 4654 | Daniel Stenberg (22 Apr 2015)
|
---|
| 4655 | - RELEASE-NOTES: updated for 7.42.0
|
---|
| 4656 |
|
---|
| 4657 | - THANKS: added contributors from 7.42.0 release notes
|
---|
| 4658 |
|
---|
| 4659 | - THANKS-filter: a few more alterations to squash
|
---|
| 4660 |
|
---|
| 4661 | - contrithanks.sh: helper script for maintaining THANKS
|
---|
| 4662 |
|
---|
| 4663 | - http_done: close Negotiate connections when done
|
---|
| 4664 |
|
---|
| 4665 | When doing HTTP requests Negotiate authenticated, the entire connnection
|
---|
| 4666 | may become authenticated and not just the specific HTTP request which is
|
---|
| 4667 | otherwise how HTTP works, as Negotiate can basically use NTLM under the
|
---|
| 4668 | hood. curl was not adhering to this fact but would assume that such
|
---|
| 4669 | requests would also be authenticated per request.
|
---|
| 4670 |
|
---|
| 4671 | CVE-2015-3148
|
---|
| 4672 |
|
---|
| 4673 | Bug: http://curl.haxx.se/docs/adv_20150422B.html
|
---|
| 4674 | Reported-by: Isaac Boukris
|
---|
| 4675 |
|
---|
| 4676 | - fix_hostname: zero length host name caused -1 index offset
|
---|
| 4677 |
|
---|
| 4678 | If a URL is given with a zero-length host name, like in "http://:80" or
|
---|
| 4679 | just ":80", `fix_hostname()` will index the host name pointer with a -1
|
---|
| 4680 | offset (as it blindly assumes a non-zero length) and both read and
|
---|
| 4681 | assign that address.
|
---|
| 4682 |
|
---|
| 4683 | CVE-2015-3144
|
---|
| 4684 |
|
---|
| 4685 | Bug: http://curl.haxx.se/docs/adv_20150422D.html
|
---|
| 4686 | Reported-by: Hanno Böck
|
---|
| 4687 |
|
---|
| 4688 | - cookie: cookie parser out of boundary memory access
|
---|
| 4689 |
|
---|
| 4690 | The internal libcurl function called sanitize_cookie_path() that cleans
|
---|
| 4691 | up the path element as given to it from a remote site or when read from
|
---|
| 4692 | a file, did not properly validate the input. If given a path that
|
---|
| 4693 | consisted of a single double-quote, libcurl would index a newly
|
---|
| 4694 | allocated memory area with index -1 and assign a zero to it, thus
|
---|
| 4695 | destroying heap memory it wasn't supposed to.
|
---|
| 4696 |
|
---|
| 4697 | CVE-2015-3145
|
---|
| 4698 |
|
---|
| 4699 | Bug: http://curl.haxx.se/docs/adv_20150422C.html
|
---|
| 4700 | Reported-by: Hanno Böck
|
---|
| 4701 |
|
---|
| 4702 | - ConnectionExists: for NTLM re-use, require credentials to match
|
---|
| 4703 |
|
---|
| 4704 | CVE-2015-3143
|
---|
| 4705 |
|
---|
| 4706 | Bug: http://curl.haxx.se/docs/adv_20150422A.html
|
---|
| 4707 | Reported-by: Paras Sethia
|
---|
| 4708 |
|
---|
| 4709 | Jay Satiro (21 Apr 2015)
|
---|
| 4710 | - [byronhe brought this change]
|
---|
| 4711 |
|
---|
| 4712 | openssl: add OPENSSL_NO_SSL3_METHOD check
|
---|
| 4713 |
|
---|
| 4714 | Daniel Stenberg (20 Apr 2015)
|
---|
| 4715 | - CURLOPT_HEADERFUNCTION.3: match parameter name in synopsis and desc
|
---|
| 4716 |
|
---|
| 4717 | Bug: https://github.com/bagder/curl/issues/229
|
---|
| 4718 | Reported-by: bsammon
|
---|
| 4719 |
|
---|
| 4720 | Kamil Dudka (20 Apr 2015)
|
---|
| 4721 | - [Mostyn Bramley-Moore brought this change]
|
---|
| 4722 |
|
---|
| 4723 | configure --with-nss: remove unneeded libs from the fallback
|
---|
| 4724 |
|
---|
| 4725 | Daniel Stenberg (20 Apr 2015)
|
---|
| 4726 | - contributors.sh: fix help output, filter out (-prefix from names
|
---|
| 4727 |
|
---|
| 4728 | - RELEASE-NOTES: synced with cc0e7ebc3be0
|
---|
| 4729 |
|
---|
| 4730 | - [Michael Stapelberg brought this change]
|
---|
| 4731 |
|
---|
| 4732 | CURLMOPT_TIMERFUNCTION.3: Clarify, add an example
|
---|
| 4733 |
|
---|
| 4734 | - [Viktor Szakáts brought this change]
|
---|
| 4735 |
|
---|
| 4736 | vtls/openssl: use https in URLs and a comment typo fixed
|
---|
| 4737 |
|
---|
| 4738 | - curl_version_info.3: fixed the 'protocols' variable type
|
---|
| 4739 |
|
---|
| 4740 | Reported-by: John Marshall
|
---|
| 4741 | Bug: https://github.com/bagder/curl/issues/225
|
---|
| 4742 |
|
---|
| 4743 | Dan Fandrich (18 Apr 2015)
|
---|
| 4744 | - test1423: added missing "file" to server section
|
---|
| 4745 |
|
---|
| 4746 | Daniel Stenberg (17 Apr 2015)
|
---|
| 4747 | - TheArtOfHttpScripting: Multiple URLs + Multiple HTTP methods
|
---|
| 4748 |
|
---|
| 4749 | ... and some minor edits
|
---|
| 4750 |
|
---|
| 4751 | - Revert "HTTP: don't abort connections with pending Negotiate authentication"
|
---|
| 4752 |
|
---|
| 4753 | This reverts commit 5dc68dd6092a789bb5e0a67a1c1356ba87fdcbc6.
|
---|
| 4754 |
|
---|
| 4755 | Bug: https://github.com/bagder/curl/issues/223
|
---|
| 4756 | Reported-by: Michael Osipov
|
---|
| 4757 |
|
---|
| 4758 | Jay Satiro (17 Apr 2015)
|
---|
| 4759 | - cyassl: Fix include order
|
---|
| 4760 |
|
---|
| 4761 | Prior to this change CyaSSL's build options could redefine some generic
|
---|
| 4762 | build symbols.
|
---|
| 4763 |
|
---|
| 4764 | http://curl.haxx.se/mail/lib-2015-04/0069.html
|
---|
| 4765 |
|
---|
| 4766 | Kamil Dudka (17 Apr 2015)
|
---|
| 4767 | - configure --with-nss: drop redundant if statement
|
---|
| 4768 |
|
---|
| 4769 | - configure --with-nss=PATH: query pkg-config if available
|
---|
| 4770 |
|
---|
| 4771 | Bug: https://github.com/bagder/curl/pull/171
|
---|
| 4772 |
|
---|
| 4773 | Daniel Stenberg (17 Apr 2015)
|
---|
| 4774 | - parsecfg: do not continue past a zero termination
|
---|
| 4775 |
|
---|
| 4776 | When a config file line ends without newline, the parsing function could
|
---|
| 4777 | continue reading beyond that point in memory.
|
---|
| 4778 |
|
---|
| 4779 | Reported-by: Hanno Böck
|
---|
| 4780 |
|
---|
| 4781 | Jay Satiro (16 Apr 2015)
|
---|
| 4782 | - gitignore: Ignore Windows build output directories
|
---|
| 4783 |
|
---|
| 4784 | Daniel Stenberg (15 Apr 2015)
|
---|
| 4785 | - RELEASE-NOTES: synced with 1ba6e4c88e0
|
---|
| 4786 |
|
---|
| 4787 | - TODO: 17.9 Choose the name of file in braces for complex URLs
|
---|
| 4788 |
|
---|
| 4789 | - TODO: a little caution that maybe not all ideas are still good
|
---|
| 4790 |
|
---|
| 4791 | - TODO: 17.8 offer color-coded HTTP header output
|
---|
| 4792 |
|
---|
| 4793 | - TODO: 17.7 warning when sending binary output to terminal
|
---|
| 4794 |
|
---|
| 4795 | - KNOWN_BUGS: #90 IMAP "SEARCH ALL" truncates output on large boxes
|
---|
| 4796 |
|
---|
| 4797 | Jay Satiro (14 Apr 2015)
|
---|
| 4798 | - cyassl: Add support for TLS extension SNI
|
---|
| 4799 |
|
---|
| 4800 | Daniel Stenberg (13 Apr 2015)
|
---|
| 4801 | - [Matthew Hall brought this change]
|
---|
| 4802 |
|
---|
| 4803 | gitignore: ignore test-driver file
|
---|
| 4804 |
|
---|
| 4805 | - [Matthew Hall brought this change]
|
---|
| 4806 |
|
---|
| 4807 | vtls_openssl: improve PKCS#12 load failure error message
|
---|
| 4808 |
|
---|
| 4809 | - [Matthew Hall brought this change]
|
---|
| 4810 |
|
---|
| 4811 | vtls_openssl: fix minor typo in PKCS#12 load routine
|
---|
| 4812 |
|
---|
| 4813 | - [Matthew Hall brought this change]
|
---|
| 4814 |
|
---|
| 4815 | vtls_openssl: improve client certificate load failure error messages
|
---|
| 4816 |
|
---|
| 4817 | - [Matthew Hall brought this change]
|
---|
| 4818 |
|
---|
| 4819 | vtls_openssl: remove ambiguous SSL_CLIENT_CERT_ERR constant
|
---|
| 4820 |
|
---|
| 4821 | - BUGS: refer to the github issue tracker now as primary
|
---|
| 4822 |
|
---|
| 4823 | - firefox-db2pem: fix wildcard to find Firefox default profile
|
---|
| 4824 |
|
---|
| 4825 | At some point, Firefox has changed and generates different directory
|
---|
| 4826 | names for the default profile that made this script fail to find them.
|
---|
| 4827 |
|
---|
| 4828 | Bug: https://github.com/bagder/curl/issues/207
|
---|
| 4829 | Reported-by: sneakyimp
|
---|
| 4830 |
|
---|
| 4831 | Jay Satiro (11 Apr 2015)
|
---|
| 4832 | - cyassl: Include the CyaSSL build config
|
---|
| 4833 |
|
---|
| 4834 | CyaSSL >= 2.6.0 may have an options.h that was generated during
|
---|
| 4835 | its build by configure.
|
---|
| 4836 |
|
---|
| 4837 | - build: Generate source prerequisites for Visual Studio in generate.bat
|
---|
| 4838 |
|
---|
| 4839 | Prior to this change Visual Studio builds could fail due to missing
|
---|
| 4840 | prerequisites src/tool_hugehelp.c and include/curl/curlbuild.h.
|
---|
| 4841 |
|
---|
| 4842 | http://curl.haxx.se/mail/lib-2015-04/0034.html
|
---|
| 4843 |
|
---|
| 4844 | Daniel Stenberg (9 Apr 2015)
|
---|
| 4845 | - [Viktor Szakats brought this change]
|
---|
| 4846 |
|
---|
| 4847 | lib/makefile.m32: add missing libs to build libcurl.dll
|
---|
| 4848 |
|
---|
| 4849 | Add 'gdi32' and 'crypt32' Windows implibs to avoid failure
|
---|
| 4850 | while building libcurl.dll using the mingw compiler.
|
---|
| 4851 | The same logic is used in 'src/makefile.m32' when
|
---|
| 4852 | building curl.exe.
|
---|
| 4853 |
|
---|
| 4854 | Kamil Dudka (8 Apr 2015)
|
---|
| 4855 | - test142[23]: verify that an empty file is stored on success
|
---|
| 4856 |
|
---|
| 4857 | - src/tool_operate: create output file on successful download
|
---|
| 4858 |
|
---|
| 4859 | ... of an empty file
|
---|
| 4860 |
|
---|
| 4861 | Bug: https://github.com/bagder/curl/issues/183
|
---|
| 4862 |
|
---|
| 4863 | - src/tool_cb_wrt: separate fnc for output file creation
|
---|
| 4864 |
|
---|
| 4865 | Daniel Stenberg (7 Apr 2015)
|
---|
| 4866 | - [Da-Yoon Chung brought this change]
|
---|
| 4867 |
|
---|
| 4868 | lib/transfer.c: Remove factor of 8 from sleep time calculation
|
---|
| 4869 |
|
---|
| 4870 | The factor of 8 is a bytes-to-bits conversion factor, but pkt_size and
|
---|
| 4871 | rate_bps are both in bytes. When using the rate limiting option, curl
|
---|
| 4872 | waits 8 times too long, and then transfers very quickly until the
|
---|
| 4873 | average rate reaches the limit. The average rate follows the limit over
|
---|
| 4874 | time, but the actual traffic is bursty.
|
---|
| 4875 |
|
---|
| 4876 | Thanks-to: Benjamin Gilbert
|
---|
| 4877 |
|
---|
| 4878 | - [Jay Satiro brought this change]
|
---|
| 4879 |
|
---|
| 4880 | x509asn1: Silence x64 loss-of-data warning on RSA key length assignment
|
---|
| 4881 |
|
---|
| 4882 | The key length in bits will always fit in an unsigned long so the
|
---|
| 4883 | loss-of-data warning assigning the result of x64 pointer arithmetic to
|
---|
| 4884 | an unsigned long is unnecessary.
|
---|
| 4885 |
|
---|
| 4886 | - [Jay Satiro brought this change]
|
---|
| 4887 |
|
---|
| 4888 | cyassl: Use CYASSL_MAX_ERROR_SZ for error buffer size
|
---|
| 4889 |
|
---|
| 4890 | Also fix it so that all ERR_error_string calls use an error buffer.
|
---|
| 4891 | CyaSSL's implementation of ERR_error_string only writes the error when
|
---|
| 4892 | an error buffer is passed.
|
---|
| 4893 |
|
---|
| 4894 | http://www.yassl.com/forums/topic599-openssl-compatibility-and-errerrorstring.html
|
---|
| 4895 |
|
---|
| 4896 | - [Jay Satiro brought this change]
|
---|
| 4897 |
|
---|
| 4898 | cyassl: Remove 'Connecting to' message from cyassl_connect_step2
|
---|
| 4899 |
|
---|
| 4900 | Prior to this change libcurl could show multiple 'CyaSSL: Connecting to'
|
---|
| 4901 | messages since cyassl_connect_step2 is called multiple times, typically.
|
---|
| 4902 | The message is superfluous even once since libcurl already informs the
|
---|
| 4903 | user elsewhere in code that it is connecting.
|
---|
| 4904 |
|
---|
| 4905 | - [Viktor Szakats brought this change]
|
---|
| 4906 |
|
---|
| 4907 | checksrc.bat: quotes to support an SRC_DIR with spaces
|
---|
| 4908 |
|
---|
| 4909 | - hostip: fix compiler warnings
|
---|
| 4910 |
|
---|
| 4911 | introduced in the previous mini-series of 3 commits
|
---|
| 4912 |
|
---|
| 4913 | - [Stefan Bühler brought this change]
|
---|
| 4914 |
|
---|
| 4915 | actually implement CURLOPT_RESOLVE removals
|
---|
| 4916 |
|
---|
| 4917 | - also log when a CURLOPT_RESOLVE entry couldn't get parsed
|
---|
| 4918 |
|
---|
| 4919 | - [Stefan Bühler brought this change]
|
---|
| 4920 |
|
---|
| 4921 | move Curl_share_lock and ref counting into Curl_fetch_addr
|
---|
| 4922 |
|
---|
| 4923 | - [Stefan Bühler brought this change]
|
---|
| 4924 |
|
---|
| 4925 | fix refreshing of obsolete dns cache entries
|
---|
| 4926 |
|
---|
| 4927 | - cache entries must be also refreshed when they are in use
|
---|
| 4928 | - have the cache count as inuse reference too, freeing timestamp == 0 special
|
---|
| 4929 | value
|
---|
| 4930 | - use timestamp == 0 for CURLOPT_RESOLVE entries which don't get refreshed
|
---|
| 4931 | - remove CURLOPT_RESOLVE special inuse reference (timestamp == 0 will prevent refresh)
|
---|
| 4932 | - fix Curl_hostcache_clean - CURLOPT_RESOLVE entries don't have a special
|
---|
| 4933 | reference anymore, and it would also release non CURLOPT_RESOLVE references
|
---|
| 4934 | - fix locking in Curl_hostcache_clean
|
---|
| 4935 | - fix unit1305.c: hash now keeps a reference, need to set inuse = 1
|
---|
| 4936 |
|
---|
| 4937 | - RELEASE-NOTES: synced with abf6bddc14a
|
---|
| 4938 |
|
---|
| 4939 | - [Jay Satiro brought this change]
|
---|
| 4940 |
|
---|
| 4941 | checksrc.bat: Check lib\vtls source
|
---|
| 4942 |
|
---|
| 4943 | - [Jay Satiro brought this change]
|
---|
| 4944 |
|
---|
| 4945 | cyassl: Set minimum protocol version before CTX callback
|
---|
| 4946 |
|
---|
| 4947 | This change is to allow the user's CTX callback to change the minimum
|
---|
| 4948 | protocol version in the CTX without us later overriding it, as we did
|
---|
| 4949 | prior to this change.
|
---|
| 4950 |
|
---|
| 4951 | - [Jay Satiro brought this change]
|
---|
| 4952 |
|
---|
| 4953 | build-openssl.bat: Fix mixed line endings
|
---|
| 4954 |
|
---|
| 4955 | Use LF not CRLF, throughout. msysgit will only convert a file to CRLF
|
---|
| 4956 | on checkout if it's not mixed.
|
---|
| 4957 |
|
---|
| 4958 | - [Jay Satiro brought this change]
|
---|
| 4959 |
|
---|
| 4960 | cyassl: Fix certificate load check
|
---|
| 4961 |
|
---|
| 4962 | SSL_CTX_load_verify_locations can return negative values on fail,
|
---|
| 4963 | therefore to check for failure we check if load is != 1 (success)
|
---|
| 4964 | instead of if load is == 0 (failure), the latter being incorrect given
|
---|
| 4965 | that behavior.
|
---|
| 4966 |
|
---|
| 4967 | - [Tatsuhiro Tsujikawa brought this change]
|
---|
| 4968 |
|
---|
| 4969 | http2: Fix missing nghttp2_session_send call in Curl_http2_switched
|
---|
| 4970 |
|
---|
| 4971 | Previously in Curl_http2_switched, we called nghttp2_session_mem_recv to
|
---|
| 4972 | parse incoming data which were already received while curl was handling
|
---|
| 4973 | upgrade. But we didn't call nghttp2_session_send, and it led to make
|
---|
| 4974 | curl not send any response to the received frames. Most likely, we
|
---|
| 4975 | received SETTINGS from server at this point, so we missed opportunity to
|
---|
| 4976 | send SETTINGS + ACK. This commit adds missing nghttp2_session_send call
|
---|
| 4977 | in Curl_http2_switched to fix this issue.
|
---|
| 4978 |
|
---|
| 4979 | Bug: https://github.com/bagder/curl/issues/192
|
---|
| 4980 | Reported-by: Stefan Eissing
|
---|
| 4981 |
|
---|
| 4982 | - cookie: handle spaces after the name in Set-Cookie
|
---|
| 4983 |
|
---|
| 4984 | "name =value" is fine and the space should just be skipped.
|
---|
| 4985 |
|
---|
| 4986 | Updated test 31 to also test for this.
|
---|
| 4987 |
|
---|
| 4988 | Bug: https://github.com/bagder/curl/issues/195
|
---|
| 4989 | Reported-by: cromestant
|
---|
| 4990 | Help-by: Frank Gevaerts
|
---|
| 4991 |
|
---|
| 4992 | - [Jay Satiro brought this change]
|
---|
| 4993 |
|
---|
| 4994 | cyassl: Fix library initialization return value
|
---|
| 4995 |
|
---|
| 4996 | (Curl_cyassl_init)
|
---|
| 4997 | - Return 1 on success, 0 in failure.
|
---|
| 4998 |
|
---|
| 4999 | Prior to this change the fail path returned an incorrect value and the
|
---|
| 5000 | evaluation to determine whether CyaSSL_Init had succeeded was incorrect.
|
---|
| 5001 | Ironically that combined with the way curl_global_init tests SSL library
|
---|
| 5002 | initialization (!Curl_ssl_init()) meant that CyaSSL having been
|
---|
| 5003 | successfully initialized would be seen as that even though the code path
|
---|
| 5004 | and return value in Curl_cyassl_init were wrong.
|
---|
| 5005 |
|
---|
| 5006 | - [Thomas Ruecker brought this change]
|
---|
| 5007 |
|
---|
| 5008 | CURLOPT_HTTP200ALIASES.3: Mainly SHOUTcast servers use "ICY 200"
|
---|
| 5009 |
|
---|
| 5010 | Icecast versions 1.3.0 through 1.3.12 would reply with "ICY 200"
|
---|
| 5011 | under certain conditions:
|
---|
| 5012 |
|
---|
| 5013 | client_wants_icy_headers (connection_t *con)
|
---|
| 5014 | {
|
---|
| 5015 | const char *val;
|
---|
| 5016 |
|
---|
| 5017 | if (!con)
|
---|
| 5018 | return 1;
|
---|
| 5019 |
|
---|
| 5020 | val = get_user_agent (con);
|
---|
| 5021 | if (!val || !val[0] || strcmp (val, "(null)") == 0)
|
---|
| 5022 | return 1;
|
---|
| 5023 |
|
---|
| 5024 | if (con->food.client->use_icy)
|
---|
| 5025 | return 1;
|
---|
| 5026 | if (strncasecmp (val, "winamp", 6) == 0)
|
---|
| 5027 | return 1;
|
---|
| 5028 | if (strncasecmp (val, "Shoutcast", 9) == 0)
|
---|
| 5029 | return 1;
|
---|
| 5030 |
|
---|
| 5031 | return 0;
|
---|
| 5032 | }
|
---|
| 5033 |
|
---|
| 5034 | So mainly if there is no 'user agent' or it is '(null)' or contains
|
---|
| 5035 | 'winamp' or 'Shoutcast'.
|
---|
| 5036 |
|
---|
| 5037 | No mainstream distribution carries Icecast 1.3.x anymore, after all
|
---|
| 5038 | it was released in 2002 and superseded by Icecast 2.x.
|
---|
| 5039 |
|
---|
| 5040 | Dan Fandrich (31 Mar 2015)
|
---|
| 5041 | - axtls: add timeout within Curl_axtls_connect
|
---|
| 5042 |
|
---|
| 5043 | This allows test 405 to pass on axTLS.
|
---|
| 5044 |
|
---|
| 5045 | Daniel Stenberg (30 Mar 2015)
|
---|
| 5046 | - [Jay Satiro brought this change]
|
---|
| 5047 |
|
---|
| 5048 | checksrc: Windows-specific input fixes
|
---|
| 5049 |
|
---|
| 5050 | lib/config-win32ce.h
|
---|
| 5051 | - Fix whitespace for checksrc compliance.
|
---|
| 5052 |
|
---|
| 5053 | lib/checksrc.pl
|
---|
| 5054 | - Remove trailing carriage returns from input.
|
---|
| 5055 |
|
---|
| 5056 | projects/checksrc.bat
|
---|
| 5057 | - Ignore tool_hugehelp.c.
|
---|
| 5058 |
|
---|
| 5059 | - [Dagobert Michelsen brought this change]
|
---|
| 5060 |
|
---|
| 5061 | configure: Use KRB5CONFIG for krb5-config
|
---|
| 5062 |
|
---|
| 5063 | Allows the user to easier override its path.
|
---|
| 5064 |
|
---|
| 5065 | Bug: http://curl.haxx.se/bug/view.cgi?id=1486
|
---|
| 5066 |
|
---|
| 5067 | - multi: remove_handle: move pending connections
|
---|
| 5068 |
|
---|
| 5069 | If the handle removed from the multi handle happens to be the one
|
---|
| 5070 | "owning" the pipeline other transfers will be waiting indefinitely. Now
|
---|
| 5071 | we move such handles back to connect to have them race (again) for
|
---|
| 5072 | getting the connection and thus avoid hanging.
|
---|
| 5073 |
|
---|
| 5074 | Bug: http://curl.haxx.se/bug/view.cgi?id=1465
|
---|
| 5075 | Reported-by: Jiri Dvorak
|
---|
| 5076 |
|
---|
| 5077 | - KNOWN_BUGS: 89 is bug #1411
|
---|
| 5078 |
|
---|
| 5079 | Disabling pipelining on multi handle with in-progress pipelined requests
|
---|
| 5080 | leads to heap corruption and crash
|
---|
| 5081 |
|
---|
| 5082 | - [Jay Satiro brought this change]
|
---|
| 5083 |
|
---|
| 5084 | cyassl: CTX callback cosmetic changes and doc fix
|
---|
| 5085 |
|
---|
| 5086 | - More descriptive fail message for NO_FILESYSTEM builds.
|
---|
| 5087 | - Cosmetic changes.
|
---|
| 5088 | - Change more of CURLOPT_SSL_CTX_* doc to not be OpenSSL specific.
|
---|
| 5089 |
|
---|
| 5090 | - RELEASE-NOTES: synced with d2feb71752f
|
---|
| 5091 |
|
---|
| 5092 | Dan Fandrich (28 Mar 2015)
|
---|
| 5093 | - tool_operate: only set SSL options if SSL is enabled
|
---|
| 5094 |
|
---|
| 5095 | - runtests.pl: detect WolfSSL as yassl
|
---|
| 5096 |
|
---|
| 5097 | Daniel Stenberg (27 Mar 2015)
|
---|
| 5098 | - [Kyle L. Huff brought this change]
|
---|
| 5099 |
|
---|
| 5100 | cyassl: add SSL context callback support for CyaSSL
|
---|
| 5101 |
|
---|
| 5102 | Adds support for CURLOPT_SSL_CTX_FUNCTION when using CyaSSL, and better
|
---|
| 5103 | handles CyaSSL instances using NO_FILESYSTEM.
|
---|
| 5104 |
|
---|
| 5105 | - [Kyle L. Huff brought this change]
|
---|
| 5106 |
|
---|
| 5107 | cyassl: remove undefined reference to CyaSSL_no_filesystem_verify
|
---|
| 5108 |
|
---|
| 5109 | CyaSSL_no_filesystem_verify is not (or no longer) defined by cURL or
|
---|
| 5110 | CyaSSL. This reference causes build errors when compiling with
|
---|
| 5111 | NO_FILESYSTEM.
|
---|
| 5112 |
|
---|
| 5113 | - [Jay Satiro brought this change]
|
---|
| 5114 |
|
---|
| 5115 | build: Fix libcurl.sln erroneous mixed configurations
|
---|
| 5116 |
|
---|
| 5117 | Prior to this change some Release configurations had an active
|
---|
| 5118 | configuration assignment to their Debug counterpart.
|
---|
| 5119 |
|
---|
| 5120 | - [Jay Satiro brought this change]
|
---|
| 5121 |
|
---|
| 5122 | vtls: Don't accept unknown CURLOPT_SSLVERSION values
|
---|
| 5123 |
|
---|
| 5124 | - [Jay Satiro brought this change]
|
---|
| 5125 |
|
---|
| 5126 | url: Don't accept CURLOPT_SSLVERSION unless USE_SSL is defined
|
---|
| 5127 |
|
---|
| 5128 | - [Paul Howarth brought this change]
|
---|
| 5129 |
|
---|
| 5130 | build: link curl to openssl libraries when openssl support is enabled
|
---|
| 5131 |
|
---|
| 5132 | This fixes a build failure where openssl and libmetalink are used
|
---|
| 5133 | together and the system linker does not do implicit linking (e.g.
|
---|
| 5134 | Fedora 13 and later releases). The MD5 functions required for
|
---|
| 5135 | metalink support must be pulled in from the openssl crypto library.
|
---|
| 5136 |
|
---|
| 5137 | This is similar to commit c6e7cbb94e669b85d3eb8e015ec51d0072112133,
|
---|
| 5138 | which fixes the same sort of problem for NSS builds.
|
---|
| 5139 |
|
---|
| 5140 | - multi: on a request completion, check all CONNECT_PEND transfers
|
---|
| 5141 |
|
---|
| 5142 | ... even if they don't have an associated connection anymore. It could
|
---|
| 5143 | leave the waiting transfers pending with no active one on the
|
---|
| 5144 | connection.
|
---|
| 5145 |
|
---|
| 5146 | Bug: http://curl.haxx.se/bug/view.cgi?id=1465
|
---|
| 5147 | Reported-by: Jiri Dvorak
|
---|
| 5148 |
|
---|
| 5149 | - [Emil Lerner brought this change]
|
---|
| 5150 |
|
---|
| 5151 | globbing: fix url number calculation when using range with step
|
---|
| 5152 |
|
---|
| 5153 | In function glob_range, the number of urls was multiplied by (max - min
|
---|
| 5154 | + 1), regardless of step. The correct formula is (max - min) / step + 1
|
---|
| 5155 |
|
---|
| 5156 | - README.http2: refreshed and added TODO items
|
---|
| 5157 |
|
---|
| 5158 | - [Emil Lerner brought this change]
|
---|
| 5159 |
|
---|
| 5160 | globbing: fix step parsing for character globbing ranges
|
---|
| 5161 |
|
---|
| 5162 | The glob_range function used wrong offset (3 instead of 4) for parsing
|
---|
| 5163 | integer step inside character range specification, which led to 'bad
|
---|
| 5164 | range' error when using character ranges with explicitly specified step
|
---|
| 5165 | (such as '[a-z:2]')
|
---|
| 5166 |
|
---|
| 5167 | - polarssl: called mbedTLS in 1.3.10 and later
|
---|
| 5168 |
|
---|
| 5169 | - polarssl: remove dead code
|
---|
| 5170 |
|
---|
| 5171 | and simplify code by changing if-elses to a switch()
|
---|
| 5172 |
|
---|
| 5173 | CID 1291706: Logically dead code. Execution cannot reach this statement
|
---|
| 5174 |
|
---|
| 5175 | - polarssl: remove superfluous for(;;) loop
|
---|
| 5176 |
|
---|
| 5177 | "unreachable: Since the loop increment is unreachable, the loop body
|
---|
| 5178 | will never execute more than once."
|
---|
| 5179 |
|
---|
| 5180 | Coverity CID 1291707
|
---|
| 5181 |
|
---|
| 5182 | - Curl_ssl_md5sum: return CURLcode
|
---|
| 5183 |
|
---|
| 5184 | ... since the funciton can fail on OOM. Check this return code.
|
---|
| 5185 |
|
---|
| 5186 | Coverity CID 1291705.
|
---|
| 5187 |
|
---|
| 5188 | - [Jay Satiro brought this change]
|
---|
| 5189 |
|
---|
| 5190 | cyassl: default to highest possible TLS version
|
---|
| 5191 |
|
---|
| 5192 | (cyassl_connect_step1)
|
---|
| 5193 | - Use TLS 1.0-1.2 by default when available.
|
---|
| 5194 |
|
---|
| 5195 | CyaSSL/wolfSSL >= v3.3.0 supports setting a minimum protocol downgrade
|
---|
| 5196 | version.
|
---|
| 5197 |
|
---|
| 5198 | cyassl/cyassl@322f79f
|
---|
| 5199 |
|
---|
| 5200 | - [Jay Satiro brought this change]
|
---|
| 5201 |
|
---|
| 5202 | cyassl: Check for invalid length parameter in Curl_cyassl_random
|
---|
| 5203 |
|
---|
| 5204 | - [Jay Satiro brought this change]
|
---|
| 5205 |
|
---|
| 5206 | cyassl: If wolfSSL then identify as such in version string
|
---|
| 5207 |
|
---|
| 5208 | Dan Fandrich (24 Mar 2015)
|
---|
| 5209 | - symbols-in-versions: added CURLOPT_PATH_AS_IS
|
---|
| 5210 |
|
---|
| 5211 | - testcurl.pl: add the --notes option to supply more info about a build
|
---|
| 5212 |
|
---|
| 5213 | Support for notes has been in place for a while, but it required
|
---|
| 5214 | being added to the setup file manually.
|
---|
| 5215 |
|
---|
| 5216 | - curl_memory: make curl_memory.h the second-last header file loaded
|
---|
| 5217 |
|
---|
| 5218 | This header file must be included after all header files except
|
---|
| 5219 | memdebug.h, as it does similar memory function redefinitions and can be
|
---|
| 5220 | similarly affected by conflicting definitions in system or dependent
|
---|
| 5221 | library headers.
|
---|
| 5222 |
|
---|
| 5223 | Daniel Stenberg (24 Mar 2015)
|
---|
| 5224 | - openssl: do the OCSP work-around for libressl too
|
---|
| 5225 |
|
---|
| 5226 | I tested with libressl git master now (v2.1.4-27-g34bf96c) and it seems to
|
---|
| 5227 | still require the work-around for stapling to work.
|
---|
| 5228 |
|
---|
| 5229 | - openssl: verifystatus: only use the OCSP work-around <= 1.0.2a
|
---|
| 5230 |
|
---|
| 5231 | URL: http://curl.haxx.se/mail/lib-2015-03/0205.html
|
---|
| 5232 | Reported-by: Alessandro Ghedini
|
---|
| 5233 |
|
---|
| 5234 | - openssl: adapt to ASN1/X509 things gone opaque in 1.1
|
---|
| 5235 |
|
---|
| 5236 | Dan Fandrich (24 Mar 2015)
|
---|
| 5237 | - [Jay Satiro brought this change]
|
---|
| 5238 |
|
---|
| 5239 | curl_easy_setopt.3: Fix misspelling in CURLOPT_PATH_AS_IS description
|
---|
| 5240 |
|
---|
| 5241 | - [Viktor Szakáts brought this change]
|
---|
| 5242 |
|
---|
| 5243 | CURLOPT_HTTPHEADER.3: fix typo in recent commit
|
---|
| 5244 |
|
---|
| 5245 | - [Viktor Szakáts brought this change]
|
---|
| 5246 |
|
---|
| 5247 | CURLOPT_PATH_AS_IS.3: add type 'long' to prototype
|
---|
| 5248 |
|
---|
| 5249 | - vtls: fix compile with --disable-crypto-auth but with SSL
|
---|
| 5250 |
|
---|
| 5251 | This is a strange combination of options, but is allowed.
|
---|
| 5252 |
|
---|
| 5253 | Patrick Monnerat (24 Mar 2015)
|
---|
| 5254 | - os400: define new options in ILE/RPG binding.
|
---|
| 5255 |
|
---|
| 5256 | Daniel Stenberg (24 Mar 2015)
|
---|
| 5257 | - RELEASE-NOTES: synced with f6878609361
|
---|
| 5258 |
|
---|
| 5259 | - curl_easy_setopt.3: Add CURLOPT_PATH_AS_IS
|
---|
| 5260 |
|
---|
| 5261 | - CURLOPT_PATH_AS_IS: added
|
---|
| 5262 |
|
---|
| 5263 | --path-as-is is the command line option
|
---|
| 5264 |
|
---|
| 5265 | Added docs in curl.1 and CURLOPT_PATH_AS_IS.3
|
---|
| 5266 |
|
---|
| 5267 | Added test in test 1241
|
---|
| 5268 |
|
---|
| 5269 | - [Yamada Yasuharu brought this change]
|
---|
| 5270 |
|
---|
| 5271 | curl_easy_recv/send: make them work with the multi interface
|
---|
| 5272 |
|
---|
| 5273 | By making sure Curl_getconnectinfo() uses the correct connection cache
|
---|
| 5274 | to find the last connection.
|
---|
| 5275 |
|
---|
| 5276 | - http2: move the init too for when its actually needed
|
---|
| 5277 |
|
---|
| 5278 | ... it would otherwise lead to memory leakage if we never actually do
|
---|
| 5279 | the switch.
|
---|
| 5280 |
|
---|
| 5281 | Dan Fandrich (23 Mar 2015)
|
---|
| 5282 | - dict: rename byte to avoid compiler shadowed declaration warning
|
---|
| 5283 |
|
---|
| 5284 | This conflicted with a WolfSSL typedef.
|
---|
| 5285 |
|
---|
| 5286 | - cyassl: include version.h to ensure the version macros are defined
|
---|
| 5287 |
|
---|
| 5288 | - test1513: eliminated race condition in test run
|
---|
| 5289 |
|
---|
| 5290 | It seems that some systems (e.g. fairly consistently in some recent
|
---|
| 5291 | Solaris autobuilds) would manage to get to the connect phase before the
|
---|
| 5292 | progress callback was called, resulting in a CURLE_COULDNT_CONNECT
|
---|
| 5293 | error. Reworked the test to point at a test server that never returns a
|
---|
| 5294 | full result so the progress callback always gets a chance to be called
|
---|
| 5295 | before the transfer can complete in some other way.
|
---|
| 5296 |
|
---|
| 5297 | Nick Zitzmann (21 Mar 2015)
|
---|
| 5298 | - darwinsssl: add support for TLS False Start
|
---|
| 5299 |
|
---|
| 5300 | TLS False Start support requires iOS 7.0 or later, or OS X 10.9 or later.
|
---|
| 5301 |
|
---|
| 5302 | Daniel Stenberg (21 Mar 2015)
|
---|
| 5303 | - gtls: add check of return code
|
---|
| 5304 |
|
---|
| 5305 | Coverity CID 1291167 pointed out that 'rc' was received but never used when
|
---|
| 5306 | gnutls_credentials_set() was used. Added return code check now.
|
---|
| 5307 |
|
---|
| 5308 | - gtls: dereferencing NULL pointer
|
---|
| 5309 |
|
---|
| 5310 | Coverity CID 1291165 pointed out 'chainp' could be dereferenced when
|
---|
| 5311 | NULL if gnutls_certificate_get_peers() had previously failed.
|
---|
| 5312 |
|
---|
| 5313 | - gtls: avoid uninitialized variable.
|
---|
| 5314 |
|
---|
| 5315 | Coverity CID 1291166 pointed out that we could read this variable
|
---|
| 5316 | uninitialized.
|
---|
| 5317 |
|
---|
| 5318 | Dan Fandrich (21 Mar 2015)
|
---|
| 5319 | - tests/certs: rebuild certificates with modified key usage bits
|
---|
| 5320 |
|
---|
| 5321 | The certificates were missing the digitalSignature and keyAgreement
|
---|
| 5322 | usage types, of which at least digitalSignature was checked by CyaSSL.
|
---|
| 5323 | This caused the test server in test 310 (among others) to fail the
|
---|
| 5324 | startup verification and therefore run (see
|
---|
| 5325 | http://curl.haxx.se/mail/lib-2014-07/0303.html).
|
---|
| 5326 |
|
---|
| 5327 | - tests/certs: added make target to rebuild certificates
|
---|
| 5328 |
|
---|
| 5329 | The certificate generation scripts were also updated to better match the
|
---|
| 5330 | format of the certificates currently checked in.
|
---|
| 5331 |
|
---|
| 5332 | Daniel Stenberg (21 Mar 2015)
|
---|
| 5333 | - x509asn1: add /* fallthrough */ in switch() case
|
---|
| 5334 |
|
---|
| 5335 | - x509asn1: minor edit to unconfuse Coverity
|
---|
| 5336 |
|
---|
| 5337 | CID 1202732 warns on the previous use, although I cannot fine any
|
---|
| 5338 | problems with it. I'm doing this change only to make the code use a more
|
---|
| 5339 | familiar approach to accomplish the same thing.
|
---|
| 5340 |
|
---|
| 5341 | - [Dagobert Michelsen brought this change]
|
---|
| 5342 |
|
---|
| 5343 | testcurl: Allow '=' in values given on command line
|
---|
| 5344 |
|
---|
| 5345 | - nss: error: unused variable 'connssl'
|
---|
| 5346 |
|
---|
| 5347 | Dan Fandrich (21 Mar 2015)
|
---|
| 5348 | - test938: added missing closing tags
|
---|
| 5349 |
|
---|
| 5350 | - cyassl: use new library version macro when available
|
---|
| 5351 |
|
---|
| 5352 | Kamil Dudka (20 Mar 2015)
|
---|
| 5353 | - [Alessandro Ghedini brought this change]
|
---|
| 5354 |
|
---|
| 5355 | curl: add --false-start option
|
---|
| 5356 |
|
---|
| 5357 | - [Alessandro Ghedini brought this change]
|
---|
| 5358 |
|
---|
| 5359 | nss: add support for TLS False Start
|
---|
| 5360 |
|
---|
| 5361 | - [Alessandro Ghedini brought this change]
|
---|
| 5362 |
|
---|
| 5363 | url: add CURLOPT_SSL_FALSESTART option
|
---|
| 5364 |
|
---|
| 5365 | This option can be used to enable/disable TLS False Start defined in the RFC
|
---|
| 5366 | draft-bmoeller-tls-falsestart.
|
---|
| 5367 |
|
---|
| 5368 | Patrick Monnerat (20 Mar 2015)
|
---|
| 5369 | - [Alessandro Ghedini brought this change]
|
---|
| 5370 |
|
---|
| 5371 | gtls: implement CURLOPT_CERTINFO
|
---|
| 5372 |
|
---|
| 5373 | Daniel Stenberg (20 Mar 2015)
|
---|
| 5374 | - [Alessandro Ghedini brought this change]
|
---|
| 5375 |
|
---|
| 5376 | openssl: try to avoid accessing OCSP structs when possible
|
---|
| 5377 |
|
---|
| 5378 | - CURLOPT_URL.3: spelling!
|
---|
| 5379 |
|
---|
| 5380 | Reported-by: Frank Gevaerts
|
---|
| 5381 |
|
---|
| 5382 | - CURLOPT_URL.3: Added "SECURITY CONCERNS"
|
---|
| 5383 |
|
---|
| 5384 | - CURLOPT_HTTPHEADER.3: add a "SECURITY CONCERNS" section
|
---|
| 5385 |
|
---|
| 5386 | Dan Fandrich (19 Mar 2015)
|
---|
| 5387 | - cyassl: detect the library as renamed wolfssl
|
---|
| 5388 |
|
---|
| 5389 | This change was made in CyaSSL/WolfSSL ver. 3.4.0
|
---|
| 5390 |
|
---|
| 5391 | Daniel Stenberg (19 Mar 2015)
|
---|
| 5392 | - HTTP: don't switch to HTTP/2 from 1.1 until we get the 101
|
---|
| 5393 |
|
---|
| 5394 | We prematurely changed protocol handler to HTTP/2 which made things very
|
---|
| 5395 | slow (and wrong).
|
---|
| 5396 |
|
---|
| 5397 | Reported-by: Stefan Eissing
|
---|
| 5398 | Bug: https://github.com/bagder/curl/issues/169
|
---|
| 5399 |
|
---|
| 5400 | Dan Fandrich (19 Mar 2015)
|
---|
| 5401 | - axtls: version 1.5.2 now requires that config.h be manually included
|
---|
| 5402 |
|
---|
| 5403 | Daniel Stenberg (19 Mar 2015)
|
---|
| 5404 | - metalink: fix resource leak in OOM
|
---|
| 5405 |
|
---|
| 5406 | Coverity CID 1288826
|
---|
| 5407 |
|
---|
| 5408 | Dan Fandrich (18 Mar 2015)
|
---|
| 5409 | - docs/libcurl: clean up libcurl-symbols.3
|
---|
| 5410 |
|
---|
| 5411 | - docs/libcurl: check that all options with man pages are referenced
|
---|
| 5412 |
|
---|
| 5413 | If a man page exists in the opts/ directory, it must also be referenced
|
---|
| 5414 | either in curl_easy_setopt.3 or curl_multi_setopt.3
|
---|
| 5415 |
|
---|
| 5416 | - curl_easy_setopt.3: added a few missing options
|
---|
| 5417 |
|
---|
| 5418 | Kamil Dudka (18 Mar 2015)
|
---|
| 5419 | - nss: explicitly tell NSS to disable NPN/ALPN
|
---|
| 5420 |
|
---|
| 5421 | ... if disabled at libcurl level. Otherwise, we would allow to
|
---|
| 5422 | negotiate NPN despite curl was invoked with the --no-npn option.
|
---|
| 5423 |
|
---|
| 5424 | Daniel Stenberg (18 Mar 2015)
|
---|
| 5425 | - [Jay Satiro brought this change]
|
---|
| 5426 |
|
---|
| 5427 | mkhelp: Remove trailing carriage return from every line of input
|
---|
| 5428 |
|
---|
| 5429 | - Get rid of this flood of warnings in Windows mingw build:
|
---|
| 5430 | warning: missing terminating " character
|
---|
| 5431 |
|
---|
| 5432 | The warning is due to the carriage return. When msysgit checks out files
|
---|
| 5433 | from the repo by default it converts the line endings to CRLF. Prior to
|
---|
| 5434 | this change when mkhelp.pl processed the MANUAL and curl.1 in CRLF
|
---|
| 5435 | format the trailing carriage returns caused unnecessary CR in the
|
---|
| 5436 | output.
|
---|
| 5437 |
|
---|
| 5438 | - RELEASE-NOTES: synced with e539f01567
|
---|
| 5439 |
|
---|
| 5440 | - [Christian Weisgerber brought this change]
|
---|
| 5441 |
|
---|
| 5442 | docs/libcurl: make portability fix
|
---|
| 5443 |
|
---|
| 5444 | Using $< in a non-suffix rule context is a GNU make idiom. This bug was
|
---|
| 5445 | introduced in 7.41.0.
|
---|
| 5446 |
|
---|
| 5447 | Dan Fandrich (17 Mar 2015)
|
---|
| 5448 | - checksrc: Fix whitelist on out-of-tree builds
|
---|
| 5449 |
|
---|
| 5450 | Daniel Stenberg (17 Mar 2015)
|
---|
| 5451 | - [Stefan Bühler brought this change]
|
---|
| 5452 |
|
---|
| 5453 | Curl_sh_entry: remove unused 'timestamp'
|
---|
| 5454 |
|
---|
| 5455 | - HTTP: don't use Expect: headers when on HTTP/2
|
---|
| 5456 |
|
---|
| 5457 | Reported-by: Stefan Eissing
|
---|
| 5458 | Bug: https://github.com/bagder/curl/issues/169
|
---|
| 5459 |
|
---|
| 5460 | - checksrc: detect and remove space before trailing semicolons
|
---|
| 5461 |
|
---|
| 5462 | - checksrc: introduce a whitelisting concept
|
---|
| 5463 |
|
---|
| 5464 | - checksrc: use space after comma
|
---|