1 | _ _ ____ _
|
---|
2 | ___| | | | _ \| |
|
---|
3 | / __| | | | |_) | |
|
---|
4 | | (__| |_| | _ <| |___
|
---|
5 | \___|\___/|_| \_\_____|
|
---|
6 |
|
---|
7 | Changelog
|
---|
8 |
|
---|
9 | Version 7.57.0 (29 Nov 2017)
|
---|
10 |
|
---|
11 | Daniel Stenberg (29 Nov 2017)
|
---|
12 | - RELEASE-NOTES: curl 7.57.0
|
---|
13 |
|
---|
14 | - THANKS: added contributors from 7.57.0 release
|
---|
15 |
|
---|
16 | - openssl: fix boringssl build again
|
---|
17 |
|
---|
18 | commit d3ab7c5a21e broke the boringssl build since it doesn't have
|
---|
19 | RSA_flags(), so we disable that code block for boringssl builds.
|
---|
20 |
|
---|
21 | Reported-by: W.âMark Kubacki
|
---|
22 | Fixes #2117
|
---|
23 |
|
---|
24 | - curl_ntlm_core.c: use the limits.h's SIZE_T_MAX if provided
|
---|
25 |
|
---|
26 | - libcurl-share.3: the connection cache is shareable now
|
---|
27 |
|
---|
28 | - global_init: ignore CURL_GLOBAL_SSL's absense
|
---|
29 |
|
---|
30 | This bit is no longer used. It is not clear what it meant for users to
|
---|
31 | "init the TLS" in a world with different TLS backends and since the
|
---|
32 | introduction of multissl, libcurl didn't properly work if inited without
|
---|
33 | this bit set.
|
---|
34 |
|
---|
35 | Not a single user responded to the call for users of it:
|
---|
36 | https://curl.haxx.se/mail/lib-2017-11/0072.html
|
---|
37 |
|
---|
38 | Reported-by: Evgeny Grin
|
---|
39 | Assisted-by: Jay Satiro
|
---|
40 |
|
---|
41 | Fixes #2089
|
---|
42 | Fixes #2083
|
---|
43 | Closes #2107
|
---|
44 |
|
---|
45 | - ntlm: avoid integer overflow for malloc size
|
---|
46 |
|
---|
47 | Reported-by: Alex Nichols
|
---|
48 | Assisted-by: Kamil Dudka and Max Dymond
|
---|
49 |
|
---|
50 | CVE-2017-8816
|
---|
51 |
|
---|
52 | Bug: https://curl.haxx.se/docs/adv_2017-11e7.html
|
---|
53 |
|
---|
54 | - wildcardmatch: fix heap buffer overflow in setcharset
|
---|
55 |
|
---|
56 | The code would previous read beyond the end of the pattern string if the
|
---|
57 | match pattern ends with an open bracket when the default pattern
|
---|
58 | matching function is used.
|
---|
59 |
|
---|
60 | Detected by OSS-Fuzz:
|
---|
61 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4161
|
---|
62 |
|
---|
63 | CVE-2017-8817
|
---|
64 |
|
---|
65 | Bug: https://curl.haxx.se/docs/adv_2017-ae72.html
|
---|
66 |
|
---|
67 | - [Jay Satiro brought this change]
|
---|
68 |
|
---|
69 | url: fix alignment of ssl_backend_data struct
|
---|
70 |
|
---|
71 | - Align the array of ssl_backend_data on a max 32 byte boundary.
|
---|
72 |
|
---|
73 | 8 is likely to be ok but I went with 32 for posterity should one of
|
---|
74 | the ssl_backend_data structs change to contain a larger sized variable
|
---|
75 | in the future.
|
---|
76 |
|
---|
77 | Prior to this change (since dev 70f1db3, release 7.56) the connectdata
|
---|
78 | structure was undersized by 4 bytes in 32-bit builds with ssl enabled
|
---|
79 | because long long * was mistakenly used for alignment instead of
|
---|
80 | long long, with the intention being an 8 byte boundary. Also long long
|
---|
81 | may not be an available type.
|
---|
82 |
|
---|
83 | The undersized connectdata could lead to oob read/write past the end in
|
---|
84 | what was expected to be the last 4 bytes of the connection's secondary
|
---|
85 | socket https proxy ssl_backend_data struct (the secondary socket in a
|
---|
86 | connection is used by ftp, others?).
|
---|
87 |
|
---|
88 | Closes https://github.com/curl/curl/issues/2093
|
---|
89 |
|
---|
90 | CVE-2017-8818
|
---|
91 |
|
---|
92 | Bug: https://curl.haxx.se/docs/adv_2017-af0a.html
|
---|
93 |
|
---|
94 | - ssh: remove check for a NULL pointer (!)
|
---|
95 |
|
---|
96 | With this check present, scan-build warns that we might dereference this
|
---|
97 | point in other places where it isn't first checked for NULL. Thus, if it
|
---|
98 | *can* be NULL we have a problem on a few places. However, this pointer
|
---|
99 | should not be possible to be NULL here so I remove the check and thus
|
---|
100 | also three different scan-build warnings.
|
---|
101 |
|
---|
102 | Closes #2111
|
---|
103 |
|
---|
104 | - [Matthew Kerwin brought this change]
|
---|
105 |
|
---|
106 | test: add test for bad UNC/SMB path in file: URL
|
---|
107 |
|
---|
108 | - [Matthew Kerwin brought this change]
|
---|
109 |
|
---|
110 | test: add tests to ensure basic file: URLs
|
---|
111 |
|
---|
112 | - [Matthew Kerwin brought this change]
|
---|
113 |
|
---|
114 | URL: update "file:" URL handling
|
---|
115 |
|
---|
116 | * LOTS of comment updates
|
---|
117 | * explicit error for SMB shares (e.g. "file:////share/path/file")
|
---|
118 | * more strict handling of authority (i.e. "//localhost/")
|
---|
119 | * now accepts dodgy old "C:|" drive letters
|
---|
120 | * more precise handling of drive letters in and out of Windows
|
---|
121 | (especially recognising both "file:c:/" and "file:/c:/")
|
---|
122 |
|
---|
123 | Closes #2110
|
---|
124 |
|
---|
125 | - metalink: fix memory-leak and NULL pointer dereference
|
---|
126 |
|
---|
127 | Reported by scan-build
|
---|
128 |
|
---|
129 | Closes #2109
|
---|
130 |
|
---|
131 | - [Alessandro Ghedini brought this change]
|
---|
132 |
|
---|
133 | connect: add support for new TCP Fast Open API on Linux
|
---|
134 |
|
---|
135 | The new API added in Linux 4.11 only requires setting a socket option
|
---|
136 | before connecting, without the whole sento() machinery.
|
---|
137 |
|
---|
138 | Notably, this makes it possible to use TFO with SSL connections on Linux
|
---|
139 | as well, without the need to mess around with OpenSSL (or whatever other
|
---|
140 | SSL library) internals.
|
---|
141 |
|
---|
142 | Closes #2056
|
---|
143 |
|
---|
144 | - make: fix "make distclean"
|
---|
145 |
|
---|
146 | Fixes #2097
|
---|
147 | Closes #2108
|
---|
148 |
|
---|
149 | - RELEASE-NOTES: synced with 31f18d272
|
---|
150 |
|
---|
151 | Jay Satiro (23 Nov 2017)
|
---|
152 | - connect: improve the bind error message
|
---|
153 |
|
---|
154 | eg consider a non-existent interface eth8, curl --interface eth8
|
---|
155 |
|
---|
156 | Before: curl: (45) Could not resolve host: eth8
|
---|
157 | After: curl: (45) Couldn't bind to 'eth8'
|
---|
158 |
|
---|
159 | Bug: https://github.com/curl/curl/issues/2104
|
---|
160 | Reported-by: Alfonso Martone
|
---|
161 |
|
---|
162 | Daniel Stenberg (23 Nov 2017)
|
---|
163 | - examples/rtsp: clear RANGE again after use
|
---|
164 |
|
---|
165 | Fixes #2106
|
---|
166 | Reported-by: youngchopin on github
|
---|
167 |
|
---|
168 | - [Michael Kaufmann brought this change]
|
---|
169 |
|
---|
170 | test1264: verify URL with space in host name being rejected
|
---|
171 |
|
---|
172 | - url: reject ASCII control characters and space in host names
|
---|
173 |
|
---|
174 | Host names like "127.0.0.1 moo" would otherwise be accepted by some
|
---|
175 | getaddrinfo() implementations.
|
---|
176 |
|
---|
177 | Updated test 1034 and 1035 accordingly.
|
---|
178 |
|
---|
179 | Fixes #2073
|
---|
180 | Closes #2092
|
---|
181 |
|
---|
182 | - Curl_open: fix OOM return error correctly
|
---|
183 |
|
---|
184 | Closes #2098
|
---|
185 |
|
---|
186 | - http2: fix "Value stored to 'end' is never read" scan-build error
|
---|
187 |
|
---|
188 | - http2: fix "Value stored to 'hdbuf' is never read" scan-build error
|
---|
189 |
|
---|
190 | - openssl: fix "Value stored to 'rc' is never read" scan-build error
|
---|
191 |
|
---|
192 | - mime: fix "Value stored to 'sz' is never read" scan-build error
|
---|
193 |
|
---|
194 | - Curl_llist_remove: fix potential NULL pointer deref
|
---|
195 |
|
---|
196 | Fixes a scan-build warning.
|
---|
197 |
|
---|
198 | - ntlm: remove unnecessary NULL-check to please scan-build
|
---|
199 |
|
---|
200 | - BUGS: spellchecked
|
---|
201 |
|
---|
202 | Jay Satiro (18 Nov 2017)
|
---|
203 | - [fmmedeiros brought this change]
|
---|
204 |
|
---|
205 | examples/curlx: Fix code style
|
---|
206 |
|
---|
207 | - Add braces around multi-line if statement.
|
---|
208 |
|
---|
209 | Closes https://github.com/curl/curl/pull/2096
|
---|
210 |
|
---|
211 | Daniel Stenberg (17 Nov 2017)
|
---|
212 | - resolve: allow IP address within [] brackets
|
---|
213 |
|
---|
214 | ... so that IPv6 addresses can be passed like they can for connect-to
|
---|
215 | and how they're used in URLs.
|
---|
216 |
|
---|
217 | Added test 1324 to verify
|
---|
218 | Reported-by: Alex Malinovich
|
---|
219 |
|
---|
220 | Fixes #2087
|
---|
221 | Closes #2091
|
---|
222 |
|
---|
223 | - [Pavol Markovic brought this change]
|
---|
224 |
|
---|
225 | macOS: Fix missing connectx function with Xcode version older than 9.0
|
---|
226 |
|
---|
227 | The previous fix https://github.com/curl/curl/pull/1788 worked just for
|
---|
228 | Xcode 9. This commit extends the fix to older Xcode versions effectively
|
---|
229 | by not using connectx function.
|
---|
230 |
|
---|
231 | Fixes https://github.com/curl/curl/issues/1330
|
---|
232 | Fixes https://github.com/curl/curl/issues/2080
|
---|
233 | Closes https://github.com/curl/curl/pull/1336
|
---|
234 | Closes #2082
|
---|
235 |
|
---|
236 | - [Dirk Feytons brought this change]
|
---|
237 |
|
---|
238 | openssl: fix too broad use of HAVE_OPAQUE_EVP_PKEY
|
---|
239 |
|
---|
240 | Fixes #2079
|
---|
241 | Closes #2081
|
---|
242 |
|
---|
243 | - TODO: ignore private IP addresses in PASV response
|
---|
244 |
|
---|
245 | Closes #1455
|
---|
246 |
|
---|
247 | - RELEASE-NOTES: synced with ae7369b6d
|
---|
248 |
|
---|
249 | Michael Kaufmann (14 Nov 2017)
|
---|
250 | - URL: return error on malformed URLs with junk after IPv6 bracket
|
---|
251 |
|
---|
252 | Follow-up to aadb7c7. Verified by new test 1263.
|
---|
253 |
|
---|
254 | Closes #2072
|
---|
255 |
|
---|
256 | Daniel Stenberg (14 Nov 2017)
|
---|
257 | - INTERNALS: we may use libidn2 now, not libidn
|
---|
258 |
|
---|
259 | Patrick Monnerat (13 Nov 2017)
|
---|
260 | - zlib/brotli: only include header files in modules needing them
|
---|
261 |
|
---|
262 | There is a conflict on symbol 'free_func' between openssl/crypto.h and
|
---|
263 | zlib.h on AIX. This is an attempt to resolve it.
|
---|
264 |
|
---|
265 | Bug: https://curl.haxx.se/mail/lib-2017-11/0032.html
|
---|
266 | Reported-By: Michael Felt
|
---|
267 |
|
---|
268 | Daniel Stenberg (13 Nov 2017)
|
---|
269 | - SMB: fix uninitialized local variable
|
---|
270 |
|
---|
271 | Reported-by: Brian Carpenter
|
---|
272 |
|
---|
273 | - [Orgad Shaneh brought this change]
|
---|
274 |
|
---|
275 | connect.c: remove executable bit on file
|
---|
276 |
|
---|
277 | Closes #2071
|
---|
278 |
|
---|
279 | - [hsiao yi brought this change]
|
---|
280 |
|
---|
281 | README.md: fixed layout
|
---|
282 |
|
---|
283 | Closes #2069
|
---|
284 |
|
---|
285 | - setopt: split out curl_easy_setopt() to its own file
|
---|
286 |
|
---|
287 | ... to make url.c smaller.
|
---|
288 |
|
---|
289 | Closes #1944
|
---|
290 |
|
---|
291 | Jay Satiro (10 Nov 2017)
|
---|
292 | - [John Starks brought this change]
|
---|
293 |
|
---|
294 | cmake: Add missing setmode check
|
---|
295 |
|
---|
296 | Ensure HAVE_SETMODE is set to 1 on OSes that have setmode. Without this,
|
---|
297 | curl will corrupt binary files when writing them to stdout on Windows.
|
---|
298 |
|
---|
299 | Closes https://github.com/curl/curl/pull/2067
|
---|
300 |
|
---|
301 | Daniel Stenberg (10 Nov 2017)
|
---|
302 | - curl_share_setopt: va_end was not called if conncache errors
|
---|
303 |
|
---|
304 | CID 984459, detected by Coverity
|
---|
305 |
|
---|
306 | Sergei Nikulov (10 Nov 2017)
|
---|
307 | - [John Starks brought this change]
|
---|
308 |
|
---|
309 | cmake: Correctly include curl.rc in Windows builds (#2064)
|
---|
310 |
|
---|
311 | Update CMakeLists.txt to add curl.rc to the correct list.
|
---|
312 |
|
---|
313 | Daniel Stenberg (9 Nov 2017)
|
---|
314 | - RELEASE-NOTES: synced with 32828cc4f
|
---|
315 |
|
---|
316 | - [Luca Boccassi brought this change]
|
---|
317 |
|
---|
318 | --interface: add support for Linux VRF
|
---|
319 |
|
---|
320 | The --interface command (CURLOPT_INTERFACE option) already uses
|
---|
321 | SO_BINDTODEVICE on Linux, but it tries to parse it as an interface or IP
|
---|
322 | address first, which fails in case the user passes a VRF.
|
---|
323 |
|
---|
324 | Try to use the socket option immediately and parse it as a fallback
|
---|
325 | instead. Update the documentation to mention this feature, and that it
|
---|
326 | requires the binary to be ran by root or with CAP_NET_RAW capabilities
|
---|
327 | for this to work.
|
---|
328 |
|
---|
329 | Closes #2024
|
---|
330 |
|
---|
331 | - curl_share_setopt.3: document CURL_LOCK_DATA_CONNECT
|
---|
332 |
|
---|
333 | Closes #2043
|
---|
334 |
|
---|
335 | - examples: add shared-connection-cache
|
---|
336 |
|
---|
337 | - test1554: verify connection cache sharing
|
---|
338 |
|
---|
339 | - share: add support for sharing the connection cache
|
---|
340 |
|
---|
341 | - imap: deal with commands case insensitively
|
---|
342 |
|
---|
343 | As documented in RFC 3501 section 9:
|
---|
344 | https://tools.ietf.org/html/rfc3501#section-9
|
---|
345 |
|
---|
346 | Closes #2061
|
---|
347 |
|
---|
348 | - connect: store IPv6 connection status after valid connection
|
---|
349 |
|
---|
350 | ... previously it would store it already in the happy eyeballs stage
|
---|
351 | which could lead to the IPv6 bit being set for an IPv4 connection,
|
---|
352 | leading to curl not wanting to do EPSV=>PASV for FTP transfers.
|
---|
353 |
|
---|
354 | Closes #2053
|
---|
355 |
|
---|
356 | - curl_multi_fdset.3: emphasize curl_multi_timeout
|
---|
357 |
|
---|
358 | ... even when there's no socket to wait for, the timeout can still be
|
---|
359 | very short.
|
---|
360 |
|
---|
361 | Jay Satiro (9 Nov 2017)
|
---|
362 | - content_encoding: fix inflate_stream for no bytes available
|
---|
363 |
|
---|
364 | - Don't call zlib's inflate() when avail_in stream bytes is 0.
|
---|
365 |
|
---|
366 | This is a follow up to the parent commit 19e66e5. Prior to that change
|
---|
367 | libcurl's inflate_stream could call zlib's inflate even when no bytes
|
---|
368 | were available, causing inflate to return Z_BUF_ERROR, and then
|
---|
369 | inflate_stream would treat that as a hard error and return
|
---|
370 | CURLE_BAD_CONTENT_ENCODING.
|
---|
371 |
|
---|
372 | According to the zlib FAQ, Z_BUF_ERROR is not fatal.
|
---|
373 |
|
---|
374 | This bug would happen randomly since packet sizes are arbitrary. A test
|
---|
375 | of 10,000 transfers had 55 fail (ie 0.55%).
|
---|
376 |
|
---|
377 | Ref: https://zlib.net/zlib_faq.html#faq05
|
---|
378 |
|
---|
379 | Closes https://github.com/curl/curl/pull/2060
|
---|
380 |
|
---|
381 | Patrick Monnerat (7 Nov 2017)
|
---|
382 | - content_encoding: do not write 0 length data
|
---|
383 |
|
---|
384 | Daniel Stenberg (6 Nov 2017)
|
---|
385 | - fnmatch: remove dead code
|
---|
386 |
|
---|
387 | There was a duplicate check for backslashes in the setcharset()
|
---|
388 | function.
|
---|
389 |
|
---|
390 | Coverity CID 1420611
|
---|
391 |
|
---|
392 | - url: remove unncessary NULL-check
|
---|
393 |
|
---|
394 | Since 'conn' won't be NULL in there and we also access the pointer in
|
---|
395 | there without the check.
|
---|
396 |
|
---|
397 | Coverity CID 1420610
|
---|
398 |
|
---|
399 | Viktor Szakats (6 Nov 2017)
|
---|
400 | - src/Makefile.m32: fix typo in brotli lib customization
|
---|
401 |
|
---|
402 | Ref cc1f4436099decb9d1a7034b2bb773a9f8379d31
|
---|
403 |
|
---|
404 | - Makefile.m32: allow to customize brotli libs
|
---|
405 |
|
---|
406 | It adds the ability to link against static brotli libs.
|
---|
407 |
|
---|
408 | Also fix brotli include path.
|
---|
409 |
|
---|
410 | Patrick Monnerat (5 Nov 2017)
|
---|
411 | - travis: add a job with brotli enabled
|
---|
412 |
|
---|
413 | - [Viktor Szakats brought this change]
|
---|
414 |
|
---|
415 | Makefile.m32: add brotli support
|
---|
416 |
|
---|
417 | - HTTP: implement Brotli content encoding
|
---|
418 |
|
---|
419 | This uses the brotli external library (https://github.com/google/brotli).
|
---|
420 | Brotli becomes a feature: additional curl_version_info() bit and
|
---|
421 | structure fields are provided for it and CURLVERSION_NOW bumped.
|
---|
422 |
|
---|
423 | Tests 314 and 315 check Brotli content unencoding with correct and
|
---|
424 | erroneous data.
|
---|
425 |
|
---|
426 | Some tests are updated to accomodate with the now configuration dependent
|
---|
427 | parameters of the Accept-Encoding header.
|
---|
428 |
|
---|
429 | - HTTP: support multiple Content-Encodings
|
---|
430 |
|
---|
431 | This is implemented as an output streaming stack of unencoders, the last
|
---|
432 | calling the client write procedure.
|
---|
433 |
|
---|
434 | New test 230 checks this feature.
|
---|
435 |
|
---|
436 | Bug: https://github.com/curl/curl/pull/2002
|
---|
437 | Reported-By: Daniel Bankhead
|
---|
438 |
|
---|
439 | Jay Satiro (4 Nov 2017)
|
---|
440 | - url: remove arg value check from CURLOPT_SSH_AUTH_TYPES
|
---|
441 |
|
---|
442 | Since CURLSSH_AUTH_ANY (aka CURLSSH_AUTH_DEFAULT) is ~0 an arg value
|
---|
443 | check on this option is incorrect; we have to accept any value.
|
---|
444 |
|
---|
445 | Prior to this change since f121575 (7.56.1+) CURLOPT_SSH_AUTH_TYPES
|
---|
446 | erroneously rejected CURLSSH_AUTH_ANY with CURLE_BAD_FUNCTION_ARGUMENT.
|
---|
447 |
|
---|
448 | Bug: https://github.com/curl/curl/commit/f121575#commitcomment-25347120
|
---|
449 |
|
---|
450 | Daniel Stenberg (4 Nov 2017)
|
---|
451 | - ntlm: avoid malloc(0) for zero length passwords
|
---|
452 |
|
---|
453 | It triggers an assert() when built with memdebug since malloc(0) may
|
---|
454 | return NULL *or* a valid pointer.
|
---|
455 |
|
---|
456 | Detected by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4054
|
---|
457 |
|
---|
458 | Assisted-by: Max Dymond
|
---|
459 | Closes #2054
|
---|
460 |
|
---|
461 | - RELEASE-NOTES: synced with ee8016b3d
|
---|
462 |
|
---|
463 | - curl: speed up handling of many URLs
|
---|
464 |
|
---|
465 | By properly keeping track of the last entry in the list of URLs/uploads
|
---|
466 | to handle, curl now avoids many meaningless traverses of the list which
|
---|
467 | speeds up many-URL handling *MASSIVELY* (several magnitudes on 100K
|
---|
468 | URLs).
|
---|
469 |
|
---|
470 | Added test 1291, to verify that it doesn't take ages - but we don't have
|
---|
471 | any detection of "too slow" command in the test suite.
|
---|
472 |
|
---|
473 | Reported-by: arainchik on github
|
---|
474 | Fixes #1959
|
---|
475 | Closes #2052
|
---|
476 |
|
---|
477 | - curl: pass through [] in URLs instead of calling globbing error
|
---|
478 |
|
---|
479 | Assisted-by: Per Lundberg
|
---|
480 | Fixes #2044
|
---|
481 | Closes #2046
|
---|
482 | Closes #2048
|
---|
483 |
|
---|
484 | - CURLOPT_INFILESIZE: accept -1
|
---|
485 |
|
---|
486 | Regression since f121575
|
---|
487 |
|
---|
488 | Reported-by: Petr Voytsik
|
---|
489 | Fixes #2047
|
---|
490 |
|
---|
491 | Jay Satiro (2 Nov 2017)
|
---|
492 | - url: fix CURLOPT_DNS_CACHE_TIMEOUT arg value check to allow -1
|
---|
493 |
|
---|
494 | Prior to this change since f121575 (7.56.1+) CURLOPT_DNS_CACHE_TIMEOUT
|
---|
495 | erroneously rejected -1 with CURLE_BAD_FUNCTION_ARGUMENT.
|
---|
496 |
|
---|
497 | Dan Fandrich (1 Nov 2017)
|
---|
498 | - http2: Fixed OOM handling in upgrade request
|
---|
499 |
|
---|
500 | This caused the torture tests on test 1800 to fail.
|
---|
501 |
|
---|
502 | - tests: Fixed torture tests on tests 556 and 650
|
---|
503 |
|
---|
504 | Test cleanup after OOM wasn't being consistently performed.
|
---|
505 |
|
---|
506 | Daniel Stenberg (1 Nov 2017)
|
---|
507 | - CURLOPT_MAXREDIRS: allow -1 as a value
|
---|
508 |
|
---|
509 | ... which is valid according to documentation. Regression since
|
---|
510 | f121575c0b5f.
|
---|
511 |
|
---|
512 | Verified now in test 501.
|
---|
513 |
|
---|
514 | Reported-by: cbartl on github
|
---|
515 | Fixes #2038
|
---|
516 | Closes #2039
|
---|
517 |
|
---|
518 | - include: remove conncache.h inclusion from where its not needed
|
---|
519 |
|
---|
520 | Jay Satiro (1 Nov 2017)
|
---|
521 | - url: fix CURLOPT_POSTFIELDSIZE arg value check to allow -1
|
---|
522 |
|
---|
523 | .. also add same arg value check to CURLOPT_POSTFIELDSIZE_LARGE.
|
---|
524 |
|
---|
525 | Prior to this change since f121575 (7.56.1+) CURLOPT_POSTFIELDSIZE
|
---|
526 | erroneously rejected -1 value with CURLE_BAD_FUNCTION_ARGUMENT.
|
---|
527 |
|
---|
528 | Bug: https://curl.haxx.se/mail/lib-2017-11/0000.html
|
---|
529 | Reported-by: Andrew Lambert
|
---|
530 |
|
---|
531 | Daniel Stenberg (31 Oct 2017)
|
---|
532 | - cookie: avoid NULL dereference
|
---|
533 |
|
---|
534 | ... when expiring old cookies.
|
---|
535 |
|
---|
536 | Reported-by: Pavel Gushchin
|
---|
537 | Fixes #2032
|
---|
538 | Closes #2035
|
---|
539 |
|
---|
540 | Marcel Raad (30 Oct 2017)
|
---|
541 | - memdebug: use send/recv signature for curl_dosend/curl_dorecv
|
---|
542 |
|
---|
543 | This avoids build errors and warnings caused by implicit casts.
|
---|
544 |
|
---|
545 | Closes https://github.com/curl/curl/pull/2031
|
---|
546 |
|
---|
547 | Daniel Stenberg (30 Oct 2017)
|
---|
548 | - [Juro Bystricky brought this change]
|
---|
549 |
|
---|
550 | mkhelp.pl: support reproducible build
|
---|
551 |
|
---|
552 | Do not generate line with the current date, such as:
|
---|
553 |
|
---|
554 | * Generation time: Tue Oct-24 18:01:41 2017
|
---|
555 |
|
---|
556 | This will improve reproducibility. The generated string is only
|
---|
557 | part of a comment, so there should be no adverse consequences.
|
---|
558 |
|
---|
559 | Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
|
---|
560 |
|
---|
561 | closes #2026
|
---|
562 |
|
---|
563 | Dan Fandrich (30 Oct 2017)
|
---|
564 | - runtests.pl: Fixed typo in message
|
---|
565 |
|
---|
566 | Daniel Stenberg (30 Oct 2017)
|
---|
567 | - curlx: the timeval functions are no longer provided as curlx_*
|
---|
568 |
|
---|
569 | Pointed-out-by: Dmitri Tikhonov
|
---|
570 | Bug: #2034
|
---|
571 |
|
---|
572 | - select: update comments
|
---|
573 |
|
---|
574 | s/curlx_tvnow/Curl_now
|
---|
575 |
|
---|
576 | - INTERNALS: remove curlx_tv* functions no longer provided
|
---|
577 |
|
---|
578 | - [Dmitri Tikhonov brought this change]
|
---|
579 |
|
---|
580 | timeval: use mach time on MacOS
|
---|
581 |
|
---|
582 | If clock_gettime() is not supported, use mach_absolute_time() on MacOS.
|
---|
583 |
|
---|
584 | closes #2033
|
---|
585 |
|
---|
586 | monnerat (29 Oct 2017)
|
---|
587 | - [Patrick Monnerat brought this change]
|
---|
588 |
|
---|
589 | cli tool: improve ";type=" handling in -F option arguments
|
---|
590 |
|
---|
591 | - [Patrick Monnerat brought this change]
|
---|
592 |
|
---|
593 | cli tool: in -F option arg, comma is a delimiter for files only
|
---|
594 |
|
---|
595 | Also upgrade test 1133 to cover this case and clarify man page about
|
---|
596 | form data quoting.
|
---|
597 |
|
---|
598 | Bug: https://github.com/curl/curl/issues/2022
|
---|
599 | Reported-By: omau on github
|
---|
600 |
|
---|
601 | Daniel Stenberg (29 Oct 2017)
|
---|
602 | - timeleft: made two more users of Curl_timeleft use timediff_t
|
---|
603 |
|
---|
604 | Jakub Zakrzewski (28 Oct 2017)
|
---|
605 | - cmake: Export libcurl and curl targets to use by other cmake projects
|
---|
606 |
|
---|
607 | The config files define curl and libcurl targets as imported targets
|
---|
608 | CURL::curl and CURL::libcurl. For backward compatibility with CMake-
|
---|
609 | provided find-module the CURL_INCLUDE_DIRS and CURL_LIBRARIES are
|
---|
610 | also set.
|
---|
611 |
|
---|
612 | Closes #1879
|
---|
613 |
|
---|
614 | Daniel Stenberg (28 Oct 2017)
|
---|
615 | - RELEASE-NOTES: synced with f20cbac97
|
---|
616 |
|
---|
617 | - [Florin brought this change]
|
---|
618 |
|
---|
619 | auth: Added test cases for RFC7616
|
---|
620 |
|
---|
621 | Updated docs to include support for RFC7616
|
---|
622 |
|
---|
623 | Signed-off-by: Florin <petriuc.florin@gmail.com>
|
---|
624 |
|
---|
625 | Closes #1934
|
---|
626 |
|
---|
627 | - [Florin brought this change]
|
---|
628 |
|
---|
629 | auth: add support for RFC7616 - HTTP Digest access authentication
|
---|
630 |
|
---|
631 | Signed-off-by: Florin <petriuc.florin@gmail.com>
|
---|
632 |
|
---|
633 | - [Daniel Bankhead brought this change]
|
---|
634 |
|
---|
635 | TODO: support multiple Content-Encodings
|
---|
636 |
|
---|
637 | Closes #2002
|
---|
638 |
|
---|
639 | - ROADMAP: cleanup
|
---|
640 |
|
---|
641 | Removed done stuff. Removed entries no longer considered for the near
|
---|
642 | term.
|
---|
643 |
|
---|
644 | - [Magicansk brought this change]
|
---|
645 |
|
---|
646 | ROADMAP.md: spelling fixes
|
---|
647 |
|
---|
648 | Closes #2028
|
---|
649 |
|
---|
650 | - Curl_timeleft: change return type to timediff_t
|
---|
651 |
|
---|
652 | returning 'time_t' is problematic when that type is unsigned and we
|
---|
653 | return values less than zero to signal "already expired", used in
|
---|
654 | several places in the code.
|
---|
655 |
|
---|
656 | Closes #2021
|
---|
657 |
|
---|
658 | - appveyor: add a win32 build
|
---|
659 |
|
---|
660 | - setopt: fix CURLOPT_SSH_AUTH_TYPES option read
|
---|
661 |
|
---|
662 | Regression since f121575c0b5f
|
---|
663 |
|
---|
664 | Reported-by: Rob Cotrone
|
---|
665 |
|
---|
666 | Marcel Raad (27 Oct 2017)
|
---|
667 | - resolvers: only include anything if needed
|
---|
668 |
|
---|
669 | This avoids warnings about unused stuff.
|
---|
670 |
|
---|
671 | Closes https://github.com/curl/curl/pull/2023
|
---|
672 |
|
---|
673 | Daniel Stenberg (27 Oct 2017)
|
---|
674 | - HELP-US: rename the subtitle too since the label is changed
|
---|
675 |
|
---|
676 | "PR-welcome" was the former name.
|
---|
677 |
|
---|
678 | - curl_setup.h: oops, shorten the too long line
|
---|
679 |
|
---|
680 | - [Martin Storsjo brought this change]
|
---|
681 |
|
---|
682 | curl_setup: Improve detection of CURL_WINDOWS_APP
|
---|
683 |
|
---|
684 | If WINAPI_FAMILY is defined, it should be safe to try to include
|
---|
685 | winapifamily.h to check what the define evaluates to.
|
---|
686 |
|
---|
687 | This should fix detection of CURL_WINDOWS_APP if building with
|
---|
688 | _WIN32_WINNT set to 0x0600.
|
---|
689 |
|
---|
690 | Closes #2025
|
---|
691 |
|
---|
692 | Jay Satiro (26 Oct 2017)
|
---|
693 | - transfer: Fix chunked-encoding upload bug
|
---|
694 |
|
---|
695 | - When uploading via chunked-encoding don't compare file size to bytes
|
---|
696 | sent to determine whether the upload has finished.
|
---|
697 |
|
---|
698 | Chunked-encoding adds its own overhead which why the bytes sent is not
|
---|
699 | equal to the file size. Prior to this change if a file was uploaded in
|
---|
700 | chunked-encoding and its size was known it was possible that the upload
|
---|
701 | could end prematurely without sending the final few chunks. That would
|
---|
702 | result in a server hang waiting for the remaining data, likely followed
|
---|
703 | by a disconnect.
|
---|
704 |
|
---|
705 | The scope of this bug is limited to some arbitrary file sizes which have
|
---|
706 | not been determined. One size that triggers the bug is 475020.
|
---|
707 |
|
---|
708 | Bug: https://github.com/curl/curl/issues/2001
|
---|
709 | Reported-by: moohoorama@users.noreply.github.com
|
---|
710 |
|
---|
711 | Closes https://github.com/curl/curl/pull/2010
|
---|
712 |
|
---|
713 | Daniel Stenberg (26 Oct 2017)
|
---|
714 | - timeval: make timediff_t also work on 32bit windows
|
---|
715 |
|
---|
716 | ... by using curl_off_t for the typedef if time_t is larger than 4
|
---|
717 | bytes.
|
---|
718 |
|
---|
719 | Reported-by: Gisle Vanem
|
---|
720 | Bug: https://github.com/curl/curl/commit/b9d25f9a6b3ca791385b80a6a3c3fa5ae113e1e0#co
|
---|
721 | mmitcomment-25205058
|
---|
722 | Closes #2019
|
---|
723 |
|
---|
724 | - curl_fnmatch: return error on illegal wildcard pattern
|
---|
725 |
|
---|
726 | ... instead of doing an infinite loop!
|
---|
727 |
|
---|
728 | Added test 1162 to verify.
|
---|
729 |
|
---|
730 | Reported-by: Max Dymond
|
---|
731 | Fixes #2015
|
---|
732 | Closes #2017
|
---|
733 |
|
---|
734 | - [Max Dymond brought this change]
|
---|
735 |
|
---|
736 | wildcards: don't use with non-supported protocols
|
---|
737 |
|
---|
738 | Fixes timeouts in the fuzzing tests for non-FTP protocols.
|
---|
739 |
|
---|
740 | Closes #2016
|
---|
741 |
|
---|
742 | - [Max Dymond brought this change]
|
---|
743 |
|
---|
744 | multi: allow table handle sizes to be overridden
|
---|
745 |
|
---|
746 | Allow users to specify their own hash define for
|
---|
747 | CURL_CONNECTION_HASH_SIZE so that both values can be overridden.
|
---|
748 |
|
---|
749 | Closes #1982
|
---|
750 |
|
---|
751 | - time: rename Curl_tvnow to Curl_now
|
---|
752 |
|
---|
753 | ... since the 'tv' stood for timeval and this function does not return a
|
---|
754 | timeval struct anymore.
|
---|
755 |
|
---|
756 | Also, cleaned up the Curl_timediff*() functions to avoid typecasts and
|
---|
757 | clean up the descriptive comments.
|
---|
758 |
|
---|
759 | Closes #2011
|
---|
760 |
|
---|
761 | - ftplistparser: follow-up cleanup to remove PL_ERROR()
|
---|
762 |
|
---|
763 | - [Max Dymond brought this change]
|
---|
764 |
|
---|
765 | ftplistparser: free off temporary memory always
|
---|
766 |
|
---|
767 | When using the FTP list parser, ensure that the memory that's
|
---|
768 | allocated is always freed.
|
---|
769 |
|
---|
770 | Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3682
|
---|
771 | Closes #2013
|
---|
772 |
|
---|
773 | - timediff: return timediff_t from the time diff functions
|
---|
774 |
|
---|
775 | ... to cater for systems with unsigned time_t variables.
|
---|
776 |
|
---|
777 | - Renamed the functions to curlx_timediff and Curl_timediff_us.
|
---|
778 |
|
---|
779 | - Added overflow protection for both of them in either direction for
|
---|
780 | both 32 bit and 64 bit time_ts
|
---|
781 |
|
---|
782 | - Reprefixed the curlx_time functions to use Curl_*
|
---|
783 |
|
---|
784 | Reported-by: Peter Piekarski
|
---|
785 | Fixes #2004
|
---|
786 | Closes #2005
|
---|
787 |
|
---|
788 | - [Paul Howarth brought this change]
|
---|
789 |
|
---|
790 | libtest: Add required test libraries for lib1552 and lib1553
|
---|
791 |
|
---|
792 | They use $(TESTUTIL) and thus should use $(TESTUTIL_LIBS) too.
|
---|
793 |
|
---|
794 | This fixes build failures on Fedora 13.
|
---|
795 |
|
---|
796 | Closes #2006
|
---|
797 |
|
---|
798 | - [Alessandro Ghedini brought this change]
|
---|
799 |
|
---|
800 | libcurl-tutorial.3: fix typo
|
---|
801 |
|
---|
802 | closes #2008
|
---|
803 |
|
---|
804 | Alessandro Ghedini (23 Oct 2017)
|
---|
805 | - curl_mime_filedata.3: fix typos
|
---|
806 |
|
---|
807 | Daniel Stenberg (23 Oct 2017)
|
---|
808 | - RELEASE-NOTES: clean slate towards 7.57.0
|
---|
809 |
|
---|
810 | - [Max Dymond brought this change]
|
---|
811 |
|
---|
812 | travis: exit if any steps fail
|
---|
813 |
|
---|
814 | We don't expect any steps to fail in travis. Exit the script if they do.
|
---|
815 |
|
---|
816 | Closes #1966
|
---|
817 |
|
---|
818 | Version 7.56.1 (23 Oct 2017)
|
---|
819 |
|
---|
820 | Daniel Stenberg (23 Oct 2017)
|
---|
821 | - RELEASE-NOTES: 7.56.1
|
---|
822 |
|
---|
823 | - THANKS: update at 7.56.1 release time
|
---|
824 |
|
---|
825 | - [Jon DeVree brought this change]
|
---|
826 |
|
---|
827 | mk-ca-bundle: Remove URL for aurora
|
---|
828 |
|
---|
829 | Aurora is no longer used by Mozilla
|
---|
830 | https://hacks.mozilla.org/2017/04/simplifying-firefox-release-channels/
|
---|
831 |
|
---|
832 | - [Jon DeVree brought this change]
|
---|
833 |
|
---|
834 | mk-ca-bundle: Fix URL for NSS
|
---|
835 |
|
---|
836 | The 'tip' is the most recent branch committed to, this should be
|
---|
837 | 'default' like the URLs for the browser are.
|
---|
838 |
|
---|
839 | Closes #1998
|
---|
840 |
|
---|
841 | - imap: if a FETCH response has no size, don't call write callback
|
---|
842 |
|
---|
843 | CVE-2017-1000257
|
---|
844 |
|
---|
845 | Reported-by: Brian Carpenter and 0xd34db347
|
---|
846 | Also detected by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3586
|
---|
847 |
|
---|
848 | - ftp: reject illegal IP/port in PASV 227 response
|
---|
849 |
|
---|
850 | ... by using range checks. Among other things, this avoids an undefined
|
---|
851 | behavior for a left shift that could happen on negative or very large
|
---|
852 | values.
|
---|
853 |
|
---|
854 | Closes #1997
|
---|
855 |
|
---|
856 | Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3694
|
---|
857 |
|
---|
858 | Patrick Monnerat (20 Oct 2017)
|
---|
859 | - test653: check reuse of easy handle after mime data change
|
---|
860 |
|
---|
861 | See issue #1999
|
---|
862 |
|
---|
863 | - mime: do not reuse previously computed multipart size
|
---|
864 |
|
---|
865 | The contents might have changed: size must be recomputed.
|
---|
866 |
|
---|
867 | Reported-by: moteus on github
|
---|
868 | Fixes #1999
|
---|
869 |
|
---|
870 | - test308: disable if MultiSSL feature enabled
|
---|
871 |
|
---|
872 | Even if OpenSSL is enabled, it might not be the default backend when
|
---|
873 | multi-ssl is enabled, causing the test to fail.
|
---|
874 |
|
---|
875 | - runtests: support MultiSSL client feature
|
---|
876 |
|
---|
877 | - vtls: change struct Curl_ssl `close' field name to `close_one'.
|
---|
878 |
|
---|
879 | On OS/400, `close' is an ASCII system macro that corrupts the code if
|
---|
880 | not used in a context not targetting the close() system API.
|
---|
881 |
|
---|
882 | - os400: add missing symbols in config file.
|
---|
883 |
|
---|
884 | Also adjust makefile to renamed files and warn about installation dirs mix-up.
|
---|
885 |
|
---|
886 | - test652: curl_mime_data + base64 encoder with large contents
|
---|
887 |
|
---|
888 | - mime: limit bas64-encoded lines length to 76 characters
|
---|
889 |
|
---|
890 | Daniel Stenberg (16 Oct 2017)
|
---|
891 | - RELEASE-NOTES: synced with f121575c0
|
---|
892 |
|
---|
893 | - setopt: range check most long options
|
---|
894 |
|
---|
895 | ... filter early instead of risking "funny values" having to be dealt
|
---|
896 | with elsewhere.
|
---|
897 |
|
---|
898 | - setopt: avoid integer overflows when setting millsecond values
|
---|
899 |
|
---|
900 | ... that are multiplied by 1000 when stored.
|
---|
901 |
|
---|
902 | For 32 bit long systems, the max value accepted (2147483 seconds) is >
|
---|
903 | 596 hours which is unlikely to ever be set by a legitimate application -
|
---|
904 | and previously it didn't work either, it just caused undefined behavior.
|
---|
905 |
|
---|
906 | Also updated the man pages for these timeout options to mention the
|
---|
907 | return code.
|
---|
908 |
|
---|
909 | Closes #1938
|
---|
910 |
|
---|
911 | Viktor Szakats (15 Oct 2017)
|
---|
912 | - makefile.m32: allow to override gcc, ar and ranlib
|
---|
913 |
|
---|
914 | Allow to ovverride certain build tools, making it possible to
|
---|
915 | use LLVM/Clang to build curl. The default behavior is unchanged.
|
---|
916 | To build with clang (as offered by MSYS2), these settings can
|
---|
917 | be used:
|
---|
918 |
|
---|
919 | CURL_CC=clang
|
---|
920 | CURL_AR=llvm-ar
|
---|
921 | CURL_RANLIB=llvm-ranlib
|
---|
922 |
|
---|
923 | Closes https://github.com/curl/curl/pull/1993
|
---|
924 |
|
---|
925 | - ldap: silence clang warning
|
---|
926 |
|
---|
927 | Use memset() to initialize a structure to avoid LLVM/Clang warning:
|
---|
928 | ldap.c:193:39: warning: missing field 'UserLength' initializer [-Wmissing-field-initializers]
|
---|
929 |
|
---|
930 | Closes https://github.com/curl/curl/pull/1992
|
---|
931 |
|
---|
932 | Daniel Stenberg (14 Oct 2017)
|
---|
933 | - runtests: use valgrind for torture as well
|
---|
934 |
|
---|
935 | NOTE: it makes them terribly slow. I recommend only using valgrind for
|
---|
936 | specific torture tests or using lots of patience.
|
---|
937 |
|
---|
938 | - memdebug: trace send, recv and socket
|
---|
939 |
|
---|
940 | ... to allow them to be included in torture tests too.
|
---|
941 |
|
---|
942 | closes #1980
|
---|
943 |
|
---|
944 | - configure: remove the C++ compiler check
|
---|
945 |
|
---|
946 | ... we used it only for the fuzzer, which we now have in a separate git
|
---|
947 | repo.
|
---|
948 |
|
---|
949 | Closes #1990
|
---|
950 |
|
---|
951 | Patrick Monnerat (13 Oct 2017)
|
---|
952 | - mime: do not call failf() if easy handle is NULL.
|
---|
953 |
|
---|
954 | Daniel Stenberg (13 Oct 2017)
|
---|
955 | - test651: curl_formadd with huge COPYCONTENTS
|
---|
956 |
|
---|
957 | - mime: fix the content reader to handle >16K data properly
|
---|
958 |
|
---|
959 | Reported-by: Jeroen Ooms
|
---|
960 | Closes #1988
|
---|
961 |
|
---|
962 | Patrick Monnerat (12 Oct 2017)
|
---|
963 | - mime: keep "text/plain" content type if user-specified.
|
---|
964 |
|
---|
965 | Include test cases in 554, 587, 650.
|
---|
966 |
|
---|
967 | Fixes https://github.com/curl/curl/issues/1986
|
---|
968 |
|
---|
969 | - cli tool: use file2memory() to buffer stdin in -F option.
|
---|
970 |
|
---|
971 | Closes PR https://github.com/curl/curl/pull/1985
|
---|
972 |
|
---|
973 | - cli tool: reimplement stdin buffering in -F option.
|
---|
974 |
|
---|
975 | If stdin is not a regular file, its content is memory-buffered to enable
|
---|
976 | a possible data "rewind".
|
---|
977 | In all cases, stdin data size is determined before real use to avoid
|
---|
978 | having an unknown part's size.
|
---|
979 |
|
---|
980 | --libcurl generated code is left as an unbuffered stdin fread/fseek callback
|
---|
981 | part with unknown data size.
|
---|
982 |
|
---|
983 | Buffering is not supported in deprecated curl_formadd() API.
|
---|
984 |
|
---|
985 | Daniel Stenberg (12 Oct 2017)
|
---|
986 | - winbuild/BUILD.WINDOWS.txt: mention WITH_NGHTTP2
|
---|
987 |
|
---|
988 | - HELP-US: the label "PR-welcome" is now renamed to "help wanted"
|
---|
989 |
|
---|
990 | following the new github "standard"
|
---|
991 |
|
---|
992 | - RELEASE-NOTES: synced with 5505df7d2
|
---|
993 |
|
---|
994 | Jay Satiro (11 Oct 2017)
|
---|
995 | - [Artak Galoyan brought this change]
|
---|
996 |
|
---|
997 | url: Update current connection SSL verify params in setopt
|
---|
998 |
|
---|
999 | Now VERIFYHOST, VERIFYPEER and VERIFYSTATUS options change during active
|
---|
1000 | connection updates the current connection's (i.e.'connectdata'
|
---|
1001 | structure) appropriate ssl_config (and ssl_proxy_config) structures
|
---|
1002 | variables, making these options effective for ongoing connection.
|
---|
1003 |
|
---|
1004 | This functionality was available before and was broken by the
|
---|
1005 | following change:
|
---|
1006 | "proxy: Support HTTPS proxy and SOCKS+HTTP(s)"
|
---|
1007 | CommitId: cb4e2be7c6d42ca0780f8e0a747cecf9ba45f151.
|
---|
1008 |
|
---|
1009 | Bug: https://github.com/curl/curl/issues/1941
|
---|
1010 |
|
---|
1011 | Closes https://github.com/curl/curl/pull/1951
|
---|
1012 |
|
---|
1013 | Daniel Stenberg (11 Oct 2017)
|
---|
1014 | - [David Benjamin brought this change]
|
---|
1015 |
|
---|
1016 | openssl: don't use old BORINGSSL_YYYYMM macros
|
---|
1017 |
|
---|
1018 | Those were temporary things we'd add and remove for our own convenience
|
---|
1019 | long ago. The last few stayed around for too long as an oversight but
|
---|
1020 | have since been removed. These days we have a running
|
---|
1021 | BORINGSSL_API_VERSION counter which is bumped when we find it
|
---|
1022 | convenient, but 2015-11-19 was quite some time ago, so just check
|
---|
1023 | OPENSSL_IS_BORINGSSL.
|
---|
1024 |
|
---|
1025 | Closes #1979
|
---|
1026 |
|
---|
1027 | - test950; verify SMTP with custom request
|
---|
1028 |
|
---|
1029 | - ftpserver: support case insensitive commands
|
---|
1030 |
|
---|
1031 | - smtp_done: free data before returning (on send failure)
|
---|
1032 |
|
---|
1033 | ... as otherwise it could leak that memory.
|
---|
1034 |
|
---|
1035 | Detected by OSS-fuzz:
|
---|
1036 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3600
|
---|
1037 |
|
---|
1038 | Assisted-by: Max Dymond
|
---|
1039 | Closes #1977
|
---|
1040 |
|
---|
1041 | - FTP: URL decode path for dir listing in nocwd mode
|
---|
1042 |
|
---|
1043 | Reported-by: Zenju on github
|
---|
1044 |
|
---|
1045 | Test 244 added to verify
|
---|
1046 | Fixes #1974
|
---|
1047 | Closes #1976
|
---|
1048 |
|
---|
1049 | - test298: verify --ftp-method nowcwd with URL encoded path
|
---|
1050 |
|
---|
1051 | Ref: #1974
|
---|
1052 |
|
---|
1053 | - CURLOPT_XFERINFODATA.3: fix duplicate see also
|
---|
1054 |
|
---|
1055 | - CURLOPT_NOPROGRESS.3: also refer to xferinfofunction
|
---|
1056 |
|
---|
1057 | - FAQ: s/CURLOPT_PROGRESSFUNCTION/CURLOPT_XFERINFOFUNCTION
|
---|
1058 |
|
---|
1059 | - openssl: enable PKCS12 support for !BoringSSL
|
---|
1060 |
|
---|
1061 | Enable PKCS12 for all non-boringssl builds without relying on configure
|
---|
1062 | or cmake checks.
|
---|
1063 |
|
---|
1064 | Bug: https://curl.haxx.se/mail/lib-2017-10/0007.html
|
---|
1065 | Reported-by: Christian Schmitz
|
---|
1066 | Closes #1948
|
---|
1067 |
|
---|
1068 | - [Kristiyan Tsaklev brought this change]
|
---|
1069 |
|
---|
1070 | curl: don't pass semicolons when parsing Content-Disposition
|
---|
1071 |
|
---|
1072 | Test 1422 updated to verify.
|
---|
1073 |
|
---|
1074 | Closes #1964
|
---|
1075 |
|
---|
1076 | Patrick Monnerat (9 Oct 2017)
|
---|
1077 | - mime: properly unbind mime structure in curl_mime_free().
|
---|
1078 |
|
---|
1079 | This allows freeing a mime structure bound to the easy handle before
|
---|
1080 | curl_easy_cleanup().
|
---|
1081 |
|
---|
1082 | Fixes #1970.
|
---|
1083 |
|
---|
1084 | Daniel Stenberg (9 Oct 2017)
|
---|
1085 | - RTSP: avoid integer overflow on funny RTSP response
|
---|
1086 |
|
---|
1087 | ... like a very large non-existing RTSP version number.
|
---|
1088 |
|
---|
1089 | Added test 577 to verify.
|
---|
1090 |
|
---|
1091 | Detected by OSS-fuzz.
|
---|
1092 | Closes #1969
|
---|
1093 |
|
---|
1094 | Patrick Monnerat (8 Oct 2017)
|
---|
1095 | - ftpserver: properly reset $ftptargetdir.
|
---|
1096 |
|
---|
1097 | - test643: verify curl_mime_subparts() rejects cyclic additions.
|
---|
1098 |
|
---|
1099 | - mime: refuse to add subparts to one of their own descendants.
|
---|
1100 |
|
---|
1101 | Reported-by: Alexey Melnichuk
|
---|
1102 | Fixes #1962
|
---|
1103 |
|
---|
1104 | - mime: avoid resetting a part's encoder when part's contents change.
|
---|
1105 |
|
---|
1106 | - mime: improve unbinding top multipart from easy handle.
|
---|
1107 |
|
---|
1108 | Also avoid dangling pointers in referencing parts.
|
---|
1109 |
|
---|
1110 | Daniel Stenberg (8 Oct 2017)
|
---|
1111 | - RELEASE-NOTES: synced with a4c1c75da30af1
|
---|
1112 |
|
---|
1113 | - curlver.h: next expected release is 7.57.0
|
---|
1114 |
|
---|
1115 | Patrick Monnerat (8 Oct 2017)
|
---|
1116 | - mime: be tolerant about setting twice the same header list in a part.
|
---|
1117 |
|
---|
1118 | - docs: clarify form/mime usage of non-regular data files.
|
---|
1119 |
|
---|
1120 | Daniel Stenberg (8 Oct 2017)
|
---|
1121 | - Revert "multi_done: wait for name resolve to finish if still ongoing"
|
---|
1122 |
|
---|
1123 | This reverts commit f3e03f6c0ac52a1bf396e03f7d7e9b5b3b7165fe.
|
---|
1124 |
|
---|
1125 | Caused memory leaks in the fuzzer, needs to be done differently.
|
---|
1126 |
|
---|
1127 | Disable test 1553 for now too, as it causes memory leaks without this
|
---|
1128 | commit!
|
---|
1129 |
|
---|
1130 | - remove_handle: call multi_done() first, then clear dns cache pointer
|
---|
1131 |
|
---|
1132 | Closes #1960
|
---|
1133 |
|
---|
1134 | - multi_done: wait for name resolve to finish if still ongoing
|
---|
1135 |
|
---|
1136 | ... as we must clean up memory.
|
---|
1137 |
|
---|
1138 | - pingpong: return error when trying to send without connection
|
---|
1139 |
|
---|
1140 | When imap_done() got called before a connection is setup, it would try
|
---|
1141 | to "finish up" and dereffed a NULL pointer.
|
---|
1142 |
|
---|
1143 | Test case 1553 managed to reproduce. I had to actually use a host name
|
---|
1144 | to try to resolve to slow it down, as using the normal local server IP
|
---|
1145 | will make libcurl get a connection in the first curl_multi_perform()
|
---|
1146 | loop and then the bug doesn't trigger.
|
---|
1147 |
|
---|
1148 | Fixes #1953
|
---|
1149 | Assisted-by: Max Dymond
|
---|
1150 |
|
---|
1151 | Dan Fandrich (6 Oct 2017)
|
---|
1152 | - tests: added flaky keyword to tests 587 and 644
|
---|
1153 |
|
---|
1154 | These are around 5% flaky in my Linux x86 autobuilds.
|
---|
1155 |
|
---|
1156 | Marcel Raad (6 Oct 2017)
|
---|
1157 | - vtls: fix warnings with --disable-crypto-auth
|
---|
1158 |
|
---|
1159 | When CURL_DISABLE_CRYPTO_AUTH is defined, Curl_none_md5sum's parameters
|
---|
1160 | are not used.
|
---|
1161 |
|
---|
1162 | Daniel Stenberg (6 Oct 2017)
|
---|
1163 | - multi_cleanup: call DONE on handles that never got that
|
---|
1164 |
|
---|
1165 | ... fixes a memory leak with at least IMAP when remove_handle is never
|
---|
1166 | called and the transfer is abruptly just abandoned early.
|
---|
1167 |
|
---|
1168 | Test 1552 added to verify
|
---|
1169 |
|
---|
1170 | Detected by OSS-fuzz
|
---|
1171 | Assisted-by: Max Dymond
|
---|
1172 | Closes #1954
|
---|
1173 |
|
---|
1174 | - [Benbuck Nason brought this change]
|
---|
1175 |
|
---|
1176 | strtoofft: Remove extraneous null check
|
---|
1177 |
|
---|
1178 | Fixes #1950: curlx_strtoofft() doesn't fully protect against null 'str'
|
---|
1179 | argument.
|
---|
1180 |
|
---|
1181 | Closes #1952
|
---|
1182 |
|
---|
1183 | - openssl: fix build without HAVE_OPAQUE_EVP_PKEY
|
---|
1184 |
|
---|
1185 | Reported-by: Javier Sixto
|
---|
1186 | Fixes #1955
|
---|
1187 | Closes #1956
|
---|
1188 |
|
---|
1189 | Viktor Szakats (6 Oct 2017)
|
---|
1190 | - lib/config-win32.h: let SMB/SMBS be enabled with OpenSSL/NSS
|
---|
1191 |
|
---|
1192 | The source code is now prepared to handle the case when both
|
---|
1193 | Win32 Crypto and OpenSSL/NSS crypto backends are enabled
|
---|
1194 | at the same time, making it now possible to enable `USE_WIN32_CRYPTO`
|
---|
1195 | whenever the targeted Windows version supports it. Since this
|
---|
1196 | matches the minimum Windows version supported by curl
|
---|
1197 | (Windows 2000), enable it unconditionally for the Win32 platform.
|
---|
1198 |
|
---|
1199 | This in turn enables SMB (and SMBS) protocol support whenever
|
---|
1200 | Win32 Crypto is available, regardless of what other crypto backends
|
---|
1201 | are enabled.
|
---|
1202 |
|
---|
1203 | Ref: https://github.com/curl/curl/pull/1840#issuecomment-325682052
|
---|
1204 |
|
---|
1205 | Closes https://github.com/curl/curl/pull/1943
|
---|
1206 |
|
---|
1207 | Daniel Stenberg (5 Oct 2017)
|
---|
1208 | - build: fix --disable-crypto-auth
|
---|
1209 |
|
---|
1210 | Reported-by: Wyatt O'Day
|
---|
1211 | Fixes #1945
|
---|
1212 | Closes #1947
|
---|
1213 |
|
---|
1214 | Jay Satiro (5 Oct 2017)
|
---|
1215 | - [Nick Zitzmann brought this change]
|
---|
1216 |
|
---|
1217 | darwinssl: add support for TLSv1.3
|
---|
1218 |
|
---|
1219 | Closes https://github.com/curl/curl/pull/1794
|
---|
1220 |
|
---|
1221 | Daniel Stenberg (4 Oct 2017)
|
---|
1222 | - [Felix Kaiser brought this change]
|
---|
1223 |
|
---|
1224 | docs: fix typo in curl_mime_data_cb man page
|
---|
1225 |
|
---|
1226 | Closes #1946
|
---|
1227 |
|
---|
1228 | Viktor Szakats (4 Oct 2017)
|
---|
1229 | - lib/Makefile.m32: allow customizing dll suffixes
|
---|
1230 |
|
---|
1231 | - New `CURL_DLL_SUFFIX` envvar will add a suffix to the generated
|
---|
1232 | libcurl dll name. Useful to add `-x64` to 64-bit builds so that
|
---|
1233 | it can live in the same directory as the 32-bit one. By default
|
---|
1234 | this is empty.
|
---|
1235 |
|
---|
1236 | - New `CURL_DLL_A_SUFFIX` envvar to customize the suffix of the
|
---|
1237 | generated import library (implib) for libcurl .dll. It defaults
|
---|
1238 | to `dll`, and it's useful to modify that to `.dll` to have the
|
---|
1239 | standard naming scheme for mingw-built .dlls, i.e. `libcurl.dll.a`.
|
---|
1240 |
|
---|
1241 | Closes https://github.com/curl/curl/pull/1942
|
---|
1242 |
|
---|
1243 | Daniel Stenberg (4 Oct 2017)
|
---|
1244 | - [Max Dymond brought this change]
|
---|
1245 |
|
---|
1246 | fuzzer: move to using external curl-fuzzer
|
---|
1247 |
|
---|
1248 | Use the external curl-fuzzer repository for fuzzing.
|
---|
1249 |
|
---|
1250 | Closes #1923
|
---|
1251 |
|
---|
1252 | - failf: skip the sprintf() if there are no consumers
|
---|
1253 |
|
---|
1254 | Closes #1936
|
---|
1255 |
|
---|
1256 | - ftp: UBsan fixup 'pointer index expression overflowed'
|
---|
1257 |
|
---|
1258 | Closes #1939
|
---|
1259 |
|
---|
1260 | - RELEASE-PROCEDURE: update the release schedule
|
---|
1261 |
|
---|
1262 | Version 7.56.0 (4 Oct 2017)
|
---|
1263 |
|
---|
1264 | Daniel Stenberg (4 Oct 2017)
|
---|
1265 | - RELEASE-NOTES: curl 7.56.0
|
---|
1266 |
|
---|
1267 | - THANKS: added new 7.56.0 contributors
|
---|
1268 |
|
---|
1269 | Jay Satiro (4 Oct 2017)
|
---|
1270 | - build-openssl.bat: Warn OpenSSL 1.1.0 not yet supported
|
---|
1271 |
|
---|
1272 | Ref: https://github.com/curl/curl/issues/1002
|
---|
1273 |
|
---|
1274 | Michael Kaufmann (3 Oct 2017)
|
---|
1275 | - idn: fix source code comment
|
---|
1276 |
|
---|
1277 | - vtls: compare and clone ssl configs properly
|
---|
1278 |
|
---|
1279 | Compare these settings in Curl_ssl_config_matches():
|
---|
1280 | - verifystatus (CURLOPT_SSL_VERIFYSTATUS)
|
---|
1281 | - random_file (CURLOPT_RANDOM_FILE)
|
---|
1282 | - egdsocket (CURLOPT_EGDSOCKET)
|
---|
1283 |
|
---|
1284 | Also copy the setting "verifystatus" in Curl_clone_primary_ssl_config(),
|
---|
1285 | and copy the setting "sessionid" unconditionally.
|
---|
1286 |
|
---|
1287 | This means that reusing connections that are secured with a client
|
---|
1288 | certificate is now possible, and the statement "TLS session resumption
|
---|
1289 | is disabled when a client certificate is used" in the old advisory at
|
---|
1290 | https://curl.haxx.se/docs/adv_20170419.html is obsolete.
|
---|
1291 |
|
---|
1292 | Reviewed-by: Daniel Stenberg
|
---|
1293 |
|
---|
1294 | Closes #1917
|
---|
1295 |
|
---|
1296 | - proxy: read the "no_proxy" variable only if necessary
|
---|
1297 |
|
---|
1298 | Reviewed-by: Daniel Stenberg
|
---|
1299 |
|
---|
1300 | Closes #1919
|
---|
1301 |
|
---|
1302 | Patrick Monnerat (3 Oct 2017)
|
---|
1303 | - libcurl-tutorial: add casts in example to avoid compilation warnings.
|
---|
1304 |
|
---|
1305 | Daniel Stenberg (3 Oct 2017)
|
---|
1306 | - examples: bring back curl_formadd-using examples
|
---|
1307 |
|
---|
1308 | ... now with a -formadd suffix. While the new mime API is introduced in
|
---|
1309 | 7.56.0 we must acknowledge that lots of users can't upgrade their curl
|
---|
1310 | versions immediately.
|
---|
1311 |
|
---|
1312 | - test1153: verify quoted double-qoutes in PWD response
|
---|
1313 |
|
---|
1314 | - FTP: zero terminate the entry path even on bad input
|
---|
1315 |
|
---|
1316 | ... a single double quote could leave the entry path buffer without a zero
|
---|
1317 | terminating byte. CVE-2017-1000254
|
---|
1318 |
|
---|
1319 | Test 1152 added to verify.
|
---|
1320 |
|
---|
1321 | Reported-by: Max Dymond
|
---|
1322 | Bug: https://curl.haxx.se/docs/adv_20171004.html
|
---|
1323 |
|
---|
1324 | Jay Satiro (2 Oct 2017)
|
---|
1325 | - [Sergei Nikulov brought this change]
|
---|
1326 |
|
---|
1327 | cmake: disable tests and man generation if perl/nroff not found
|
---|
1328 |
|
---|
1329 | Fixes https://github.com/curl/curl/issues/1500
|
---|
1330 | Reported-by: Jay Satiro
|
---|
1331 |
|
---|
1332 | Fixes https://github.com/curl/curl/pull/1662
|
---|
1333 | Assisted-by: Tom Seddon
|
---|
1334 | Assisted-by: dpull@users.noreply.github.com
|
---|
1335 | Assisted-by: elelel@users.noreply.github.com
|
---|
1336 |
|
---|
1337 | Closes https://github.com/curl/curl/pull/1924
|
---|
1338 |
|
---|
1339 | Patrick Monnerat (2 Oct 2017)
|
---|
1340 | - libcurl-tutorial: fix two typos.
|
---|
1341 |
|
---|
1342 | - TODO: remove deprecated form API items.
|
---|
1343 |
|
---|
1344 | - libcurl-tutorial: describe MIME API and deprecate form API.
|
---|
1345 |
|
---|
1346 | Include a guide to form/mime API conversion.
|
---|
1347 |
|
---|
1348 | Daniel Stenberg (30 Sep 2017)
|
---|
1349 | - cookie: fix memory leak if path was set twice in header
|
---|
1350 |
|
---|
1351 | ... this will let the second occurance override the first.
|
---|
1352 |
|
---|
1353 | Added test 1161 to verify.
|
---|
1354 |
|
---|
1355 | Reported-by: Max Dymond
|
---|
1356 | Fixes #1932
|
---|
1357 | Closes #1933
|
---|
1358 |
|
---|
1359 | Dan Fandrich (30 Sep 2017)
|
---|
1360 | - test650: Use variable replacement to set the host address and port
|
---|
1361 |
|
---|
1362 | Otherwise, the test fails when the -b test option is used to set a
|
---|
1363 | different test port range.
|
---|
1364 |
|
---|
1365 | - Set and use more necessary options when some protocols are disabled
|
---|
1366 |
|
---|
1367 | When curl and libcurl are built with some protocols disabled, they stop
|
---|
1368 | setting and receiving some options that don't make sense with those
|
---|
1369 | protocols. In particular, when HTTP is disabled many options aren't set
|
---|
1370 | that are used only by HTTP. However, some options that appear to be
|
---|
1371 | HTTP-only are actually used by other protocols as well (some despite
|
---|
1372 | having HTTP in the name) and should be set, but weren't. This change now
|
---|
1373 | causes some of these options to be set and used for more (or for all)
|
---|
1374 | protocols. In particular, this fixes tests 646 through 649 in an
|
---|
1375 | HTTP-disabled build, which use the MIME API in the mail protocols.
|
---|
1376 |
|
---|
1377 | Daniel Stenberg (29 Sep 2017)
|
---|
1378 | - test1160: verifies cookie leak for large cookies
|
---|
1379 |
|
---|
1380 | The fix done in 20ea22ff735
|
---|
1381 |
|
---|
1382 | - cookie: fix memory leak on oversized rejection
|
---|
1383 |
|
---|
1384 | Regression brought by 2bc230de63b
|
---|
1385 |
|
---|
1386 | Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3513
|
---|
1387 | Assisted-by: Max Dymond
|
---|
1388 |
|
---|
1389 | Closes #1930
|
---|
1390 |
|
---|
1391 | - [Anders Bakken brought this change]
|
---|
1392 |
|
---|
1393 | connect: fix race condition with happy eyeballs timeout
|
---|
1394 |
|
---|
1395 | The timer should be started after conn->connecttime is set. Otherwise
|
---|
1396 | the timer could expire without this condition being true:
|
---|
1397 |
|
---|
1398 | /* should we try another protocol family? */
|
---|
1399 | if(i == 0 && conn->tempaddr[1] == NULL &&
|
---|
1400 | curlx_tvdiff(now, conn->connecttime) >= HAPPY_EYEBALLS_TIMEOUT) {
|
---|
1401 |
|
---|
1402 | Ref: #1928
|
---|
1403 |
|
---|
1404 | Michael Kaufmann (28 Sep 2017)
|
---|
1405 | - docs: link CURLOPT_CONNECTTIMEOUT and CURLOPT_CONNECTTIMEOUT_MS
|
---|
1406 |
|
---|
1407 | Closes #1922
|
---|
1408 |
|
---|
1409 | - docs: clarify the use of environment variables for proxy
|
---|
1410 |
|
---|
1411 | Closes #1921
|
---|
1412 |
|
---|
1413 | - http: add custom empty headers to repeated requests
|
---|
1414 |
|
---|
1415 | Closes #1920
|
---|
1416 |
|
---|
1417 | - reuse_conn: don't copy flags that are known to be equal
|
---|
1418 |
|
---|
1419 | A connection can only be reused if the flags "conn_to_host" and
|
---|
1420 | "conn_to_port" match. Therefore it is not necessary to copy these flags
|
---|
1421 | in reuse_conn().
|
---|
1422 |
|
---|
1423 | Closes #1918
|
---|
1424 |
|
---|
1425 | Daniel Stenberg (27 Sep 2017)
|
---|
1426 | - curl.h: include <sys/select.h> on cygwin too
|
---|
1427 |
|
---|
1428 | When building with -std=c++14 on cygwin, this header won't be
|
---|
1429 | automatically included as it otherwise is.
|
---|
1430 |
|
---|
1431 | The <sys/select.h> include decision should ideally be reversed and be
|
---|
1432 | avoided where that header file doesn't exist.
|
---|
1433 |
|
---|
1434 | Reported-by: Ian Fette
|
---|
1435 | Fixes #1925
|
---|
1436 |
|
---|
1437 | - RELEASE-NOTES: synced with d8ab5dc50
|
---|
1438 |
|
---|
1439 | Michael Kaufmann (24 Sep 2017)
|
---|
1440 | - tests: adjust .gitignore for new tests
|
---|
1441 |
|
---|
1442 | Jay Satiro (23 Sep 2017)
|
---|
1443 | - ntlm: move NTLM_NEEDS_NSS_INIT define into core NTLM header
|
---|
1444 |
|
---|
1445 | .. and include the core NTLM header in all NTLM-related source files.
|
---|
1446 |
|
---|
1447 | Follow up to 6f86022. Since then http_ntlm checks NTLM_NEEDS_NSS_INIT
|
---|
1448 | but did not include vtls.h where it was defined.
|
---|
1449 |
|
---|
1450 | Closes https://github.com/curl/curl/pull/1911
|
---|
1451 |
|
---|
1452 | Daniel Stenberg (23 Sep 2017)
|
---|
1453 | - file_range: avoid integer overflow when figuring out byte range
|
---|
1454 |
|
---|
1455 | When trying to bump the value with one and the value is already at max,
|
---|
1456 | it causes an integer overflow.
|
---|
1457 |
|
---|
1458 | Closes #1908
|
---|
1459 | Detected by oss-fuzz:
|
---|
1460 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3465
|
---|
1461 |
|
---|
1462 | Assisted-by: Max Dymond
|
---|
1463 |
|
---|
1464 | Michael Kaufmann (23 Sep 2017)
|
---|
1465 | - tests: fix a compiler warning in test 643
|
---|
1466 |
|
---|
1467 | Jay Satiro (23 Sep 2017)
|
---|
1468 | - symbols-in-versions: fix CURLSSLSET_NO_BACKENDS entry
|
---|
1469 |
|
---|
1470 | - Use spaces instead of tabs as the delimiter.
|
---|
1471 |
|
---|
1472 | Follow up to 7c52b12 which added the entry. The entry had used tabs but
|
---|
1473 | the symbol-scan parser doesn't recognize tabs and would fail the symbol.
|
---|
1474 |
|
---|
1475 | Viktor Szakats (22 Sep 2017)
|
---|
1476 | - metalink: fix NSS issue in MultiSSL builds
|
---|
1477 |
|
---|
1478 | In MultiSSL mode (i.e. when more than one SSL backend is compiled
|
---|
1479 | in), we cannot use the compile time flag `USE_NSS` as indicator that
|
---|
1480 | the NSS backend is in use. As far as Metalink is concerned, the SSL
|
---|
1481 | backend is only used for MD5, SHA-1 and SHA-256 calculations,
|
---|
1482 | therefore one of the available SSL backends is selected at compile
|
---|
1483 | time, in a strict order of preference.
|
---|
1484 |
|
---|
1485 | Let's introduce a new `HAVE_NSS_CONTEXT` constant that can be used
|
---|
1486 | to determine whether the SSL backend used for Metalink is the NSS
|
---|
1487 | backend, and use that to guard the code that wants to de-initialize
|
---|
1488 | the NSS-specific data structure.
|
---|
1489 |
|
---|
1490 | Ref: https://github.com/curl/curl/pull/1848
|
---|
1491 |
|
---|
1492 | - ntlm: use strict order for SSL backend #if branches
|
---|
1493 |
|
---|
1494 | With the recently introduced MultiSSL support multiple SSL backends
|
---|
1495 | can be compiled into cURL That means that now the order of the SSL
|
---|
1496 |
|
---|
1497 | One option would be to use the same SSL backend as was configured
|
---|
1498 | via `curl_global_sslset()`, however, NTLMv2 support would appear
|
---|
1499 | to be available only with some SSL backends. For example, when
|
---|
1500 | eb88d778e (ntlm: Use Windows Crypt API, 2014-12-02) introduced
|
---|
1501 | support for NTLMv1 using Windows' Crypt API, it specifically did
|
---|
1502 | *not* introduce NTLMv2 support using Crypt API at the same time.
|
---|
1503 |
|
---|
1504 | So let's select one specific SSL backend for NTLM support when
|
---|
1505 | compiled with multiple SSL backends, using a priority order such
|
---|
1506 | that we support NTLMv2 even if only one compiled-in SSL backend can
|
---|
1507 | be used for that.
|
---|
1508 |
|
---|
1509 | Ref: https://github.com/curl/curl/pull/1848
|
---|
1510 |
|
---|
1511 | Daniel Stenberg (22 Sep 2017)
|
---|
1512 | - symbols-in-versions: add CURLSSLSET_NO_BACKENDS
|
---|
1513 |
|
---|
1514 | ...fixup from b8e0fe19ec
|
---|
1515 |
|
---|
1516 | - imap: quote atoms properly when escaping characters
|
---|
1517 |
|
---|
1518 | Updates test 800 to verify
|
---|
1519 |
|
---|
1520 | Fixes #1902
|
---|
1521 | Closes #1903
|
---|
1522 |
|
---|
1523 | - tests: make the imap server not verify user+password
|
---|
1524 |
|
---|
1525 | ... as the test cases themselves do that and it makes it easier to add
|
---|
1526 | crazy test cases.
|
---|
1527 |
|
---|
1528 | Test 800 updated to use user name + password that need quoting.
|
---|
1529 |
|
---|
1530 | Test 856 updated to trigger an auth fail differently.
|
---|
1531 |
|
---|
1532 | Ref: #1902
|
---|
1533 |
|
---|
1534 | - vtls: provide curl_global_sslset() even in non-SSL builds
|
---|
1535 |
|
---|
1536 | ... it just returns error:
|
---|
1537 |
|
---|
1538 | Bug: https://github.com/curl/curl/commit/1328f69d53f2f2e937696ea954c480412b018451#commitcomment-24470367
|
---|
1539 | Reported-by: Marcel Raad
|
---|
1540 |
|
---|
1541 | Closes #1906
|
---|
1542 |
|
---|
1543 | Patrick Monnerat (22 Sep 2017)
|
---|
1544 | - form/mime: field names are not allowed to contain zero-valued bytes.
|
---|
1545 |
|
---|
1546 | Also suppress length argument of curl_mime_name() (names are always
|
---|
1547 | zero-terminated).
|
---|
1548 |
|
---|
1549 | Daniel Stenberg (21 Sep 2017)
|
---|
1550 | - [Dirk Feytons brought this change]
|
---|
1551 |
|
---|
1552 | openssl: only verify RSA private key if supported
|
---|
1553 |
|
---|
1554 | In some cases the RSA key does not support verifying it because it's
|
---|
1555 | located on a smart card, an engine wants to hide it, ...
|
---|
1556 | Check the flags on the key before trying to verify it.
|
---|
1557 | OpenSSL does the same thing internally; see ssl/ssl_rsa.c
|
---|
1558 |
|
---|
1559 | Closes #1904
|
---|
1560 |
|
---|
1561 | Marcel Raad (21 Sep 2017)
|
---|
1562 | - examples/post-callback: use long for CURLOPT_POSTFIELDSIZE
|
---|
1563 |
|
---|
1564 | Otherwise, typecheck-gcc.h warns on MinGW-w64.
|
---|
1565 |
|
---|
1566 | Patrick Monnerat (20 Sep 2017)
|
---|
1567 | - mime: rephrase the multipart output state machine (#1898) ...
|
---|
1568 |
|
---|
1569 | ... in hope coverity will like it much.
|
---|
1570 |
|
---|
1571 | - mime: fix an explicit null dereference (#1899)
|
---|
1572 |
|
---|
1573 | Daniel Stenberg (20 Sep 2017)
|
---|
1574 | - curl: check fseek() return code and bail on error
|
---|
1575 |
|
---|
1576 | Detected by coverity. CID 1418137.
|
---|
1577 |
|
---|
1578 | - smtp: fix memory leak in OOM
|
---|
1579 |
|
---|
1580 | Regression since ce0881edee
|
---|
1581 |
|
---|
1582 | Coverity CID 1418139 and CID 1418136 found it, but it was also seen in
|
---|
1583 | torture testing.
|
---|
1584 |
|
---|
1585 | - RELEASE-NOTES: synced with 5fe85587c
|
---|
1586 |
|
---|
1587 | - [Pavel P brought this change]
|
---|
1588 |
|
---|
1589 | cookies: use lock when using CURLINFO_COOKIELIST
|
---|
1590 |
|
---|
1591 | Closes #1896
|
---|
1592 |
|
---|
1593 | - [Max Dymond brought this change]
|
---|
1594 |
|
---|
1595 | ossfuzz: changes before merging the generated corpora
|
---|
1596 |
|
---|
1597 | Before merging in the oss-fuzz corpora from Google, there are some changes
|
---|
1598 | to the fuzzer.
|
---|
1599 | - Add a read corpus script, to display corpus files nicely.
|
---|
1600 | - Change the behaviour of the fuzzer so that TLV parse failures all now
|
---|
1601 | go down the same execution paths, which should reduce the size of the
|
---|
1602 | corpora.
|
---|
1603 | - Make unknown TLVs a failure to parse, which should decrease the size
|
---|
1604 | of the corpora as well.
|
---|
1605 |
|
---|
1606 | Closes #1881
|
---|
1607 |
|
---|
1608 | - mime:escape_string minor clarification change
|
---|
1609 |
|
---|
1610 | ... as it also removes a warning with old gcc versions.
|
---|
1611 |
|
---|
1612 | Bug: https://curl.haxx.se/mail/lib-2017-09/0049.html
|
---|
1613 | Reported-by: Ben Greear
|
---|
1614 |
|
---|
1615 | - [Max Dymond brought this change]
|
---|
1616 |
|
---|
1617 | ossfuzz: don't write out to stdout
|
---|
1618 |
|
---|
1619 | Don't make the fuzzer write out to stdout - instead write some of the
|
---|
1620 | contents to a memory block so we exercise the data output code but
|
---|
1621 | quietly.
|
---|
1622 |
|
---|
1623 | Closes #1885
|
---|
1624 |
|
---|
1625 | - cookies: reject oversized cookies
|
---|
1626 |
|
---|
1627 | ... instead of truncating them.
|
---|
1628 |
|
---|
1629 | There's no fixed limit for acceptable cookie names in RFC 6265, but the
|
---|
1630 | entire cookie is said to be less than 4096 bytes (section 6.1). This is
|
---|
1631 | also what browsers seem to implement.
|
---|
1632 |
|
---|
1633 | We now allow max 5000 bytes cookie header. Max 4095 bytes length per
|
---|
1634 | cookie name and value. Name + value together may not exceed 4096 bytes.
|
---|
1635 |
|
---|
1636 | Added test 1151 to verify
|
---|
1637 |
|
---|
1638 | Bug: https://curl.haxx.se/mail/lib-2017-09/0062.html
|
---|
1639 | Reported-by: Kevin Smith
|
---|
1640 |
|
---|
1641 | Closes #1894
|
---|
1642 |
|
---|
1643 | - travis: on mac, don't install openssl or libidn
|
---|
1644 |
|
---|
1645 | - openssl is already installed and causes warnings when trying to
|
---|
1646 | install again
|
---|
1647 |
|
---|
1648 | - libidn isn't used these days, and homebrew doesn't seem to have a
|
---|
1649 | libidn2 package to replace with easily
|
---|
1650 |
|
---|
1651 | Closes #1895
|
---|
1652 |
|
---|
1653 | - curl: make str2udouble not return values on error
|
---|
1654 |
|
---|
1655 | ... previously it would store a return value even when it returned
|
---|
1656 | error, which could make the value get used anyway!
|
---|
1657 |
|
---|
1658 | Reported-by: Brian Carpenter
|
---|
1659 | Closes #1893
|
---|
1660 |
|
---|
1661 | Jay Satiro (18 Sep 2017)
|
---|
1662 | - socks: fix incorrect port number in SOCKS4 error message
|
---|
1663 |
|
---|
1664 | Prior to this change it appears the SOCKS5 port parsing was erroneously
|
---|
1665 | used for the SOCKS4 error message, and as a result an incorrect port
|
---|
1666 | would be shown in the error message.
|
---|
1667 |
|
---|
1668 | Bug: https://github.com/curl/curl/issues/1892
|
---|
1669 | Reported-by: Jackarain@users.noreply.github.com
|
---|
1670 |
|
---|
1671 | - [Marc Aldorasi brought this change]
|
---|
1672 |
|
---|
1673 | schannel: Support partial send for when data is too large
|
---|
1674 |
|
---|
1675 | Schannel can only encrypt a certain amount of data at once. Instead of
|
---|
1676 | failing when too much data is to be sent at once, send as much data as
|
---|
1677 | we can and let the caller send the remaining data by calling send again.
|
---|
1678 |
|
---|
1679 | Bug: https://curl.haxx.se/mail/lib-2014-07/0033.html
|
---|
1680 |
|
---|
1681 | Closes https://github.com/curl/curl/pull/1890
|
---|
1682 |
|
---|
1683 | - [David Benjamin brought this change]
|
---|
1684 |
|
---|
1685 | openssl: add missing includes
|
---|
1686 |
|
---|
1687 | lib/vtls/openssl.c uses OpenSSL APIs from BUF_MEM and BIO APIs. Include
|
---|
1688 | their headers directly rather than relying on other OpenSSL headers
|
---|
1689 | including things.
|
---|
1690 |
|
---|
1691 | Closes https://github.com/curl/curl/pull/1891
|
---|
1692 |
|
---|
1693 | Daniel Stenberg (15 Sep 2017)
|
---|
1694 | - conversions: fix several compiler warnings
|
---|
1695 |
|
---|
1696 | - server/getpart: provide dummy function to build conversion enabled
|
---|
1697 |
|
---|
1698 | - non-ascii: use iconv() with 'char **' argument
|
---|
1699 |
|
---|
1700 | Bug: https://curl.haxx.se/mail/lib-2017-09/0031.html
|
---|
1701 |
|
---|
1702 | - escape.c: error: pointer targets differ in signedness
|
---|
1703 |
|
---|
1704 | - docs: clarify the CURLOPT_INTERLEAVE* options behavior
|
---|
1705 |
|
---|
1706 | - [Max Dymond brought this change]
|
---|
1707 |
|
---|
1708 | rtsp: Segfault in rtsp.c when using WRITEDATA
|
---|
1709 |
|
---|
1710 | If the INTERLEAVEFUNCTION is defined, then use that plus the
|
---|
1711 | INTERLEAVEDATA information when writing RTP. Otherwise, use
|
---|
1712 | WRITEFUNCTION and WRITEDATA.
|
---|
1713 |
|
---|
1714 | Fixes #1880
|
---|
1715 | Closes #1884
|
---|
1716 |
|
---|
1717 | Marcel Raad (15 Sep 2017)
|
---|
1718 | - [Isaac Boukris brought this change]
|
---|
1719 |
|
---|
1720 | tests: enable gssapi in travis-ci linux build
|
---|
1721 |
|
---|
1722 | Closes https://github.com/curl/curl/pull/1687
|
---|
1723 |
|
---|
1724 | - [Isaac Boukris brought this change]
|
---|
1725 |
|
---|
1726 | tests: add initial gssapi test using stub implementation
|
---|
1727 |
|
---|
1728 | The stub implementation is pre-loaded using LD_PRELOAD
|
---|
1729 | and emulates common gssapi uses (only builds if curl is
|
---|
1730 | initially built with gssapi support).
|
---|
1731 |
|
---|
1732 | The initial tests are currently disabled for debug builds
|
---|
1733 | as LD_PRELOAD is not used then.
|
---|
1734 |
|
---|
1735 | Ref: https://github.com/curl/curl/pull/1687
|
---|
1736 |
|
---|
1737 | Daniel Stenberg (15 Sep 2017)
|
---|
1738 | - test1150: verify same host fetch using different ports over proxy
|
---|
1739 |
|
---|
1740 | Closes #1889
|
---|
1741 |
|
---|
1742 | - URL: on connection re-use, still pick the new remote port
|
---|
1743 |
|
---|
1744 | ... as when a proxy connection is being re-used, it can still get a
|
---|
1745 | different remote port.
|
---|
1746 |
|
---|
1747 | Fixes #1887
|
---|
1748 | Reported-by: Oli Kingshott
|
---|
1749 |
|
---|
1750 | - RELEASE-NOTES: synced with 87501e57f
|
---|
1751 |
|
---|
1752 | - code style: remove wrong uses of multiple spaces
|
---|
1753 |
|
---|
1754 | Closes #1878
|
---|
1755 |
|
---|
1756 | - checksrc: detect and warn for multiple spaces
|
---|
1757 |
|
---|
1758 | - code style: use space after semicolon
|
---|
1759 |
|
---|
1760 | - checksrc: verify space after semicolons
|
---|
1761 |
|
---|
1762 | - code style: use spaces around pluses
|
---|
1763 |
|
---|
1764 | - checksrc: detect and warn for lack of spaces next to plus signs
|
---|
1765 |
|
---|
1766 | - code style: use spaces around equals signs
|
---|
1767 |
|
---|
1768 | - checksrc: verify spaces around equals signs
|
---|
1769 |
|
---|
1770 | ... as the code style mandates.
|
---|
1771 |
|
---|
1772 | - Curl_checkheaders: make it available for IMAP and SMTP too
|
---|
1773 |
|
---|
1774 | ... not only HTTP uses this now.
|
---|
1775 |
|
---|
1776 | Closes #1875
|
---|
1777 |
|
---|
1778 | - travis: add build without HTTP/SMTP/IMAP
|
---|
1779 |
|
---|
1780 | Jay Satiro (10 Sep 2017)
|
---|
1781 | - mbedtls: enable CA path processing
|
---|
1782 |
|
---|
1783 | CA path processing was implemented when mbedtls.c was added to libcurl
|
---|
1784 | in fe7590f, but it was never enabled.
|
---|
1785 |
|
---|
1786 | Bug: https://github.com/curl/curl/issues/1877
|
---|
1787 | Reported-by: SBKarr@users.noreply.github.com
|
---|
1788 |
|
---|
1789 | Daniel Stenberg (8 Sep 2017)
|
---|
1790 | - rtsp: do not call fwrite() with NULL pointer FILE *
|
---|
1791 |
|
---|
1792 | If the default write callback is used and no destination has been set, a
|
---|
1793 | NULL pointer would be passed to fwrite()'s 4th argument.
|
---|
1794 |
|
---|
1795 | OSS-fuzz bug https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3327
|
---|
1796 | (not publicly open yet)
|
---|
1797 |
|
---|
1798 | Detected by OSS-fuzz
|
---|
1799 | Closes #1874
|
---|
1800 |
|
---|
1801 | - configure: use -Wno-varargs on clang 3.9[.X] debug builds
|
---|
1802 |
|
---|
1803 | ... to avoid a clang bug
|
---|
1804 |
|
---|
1805 | - [Max Dymond brought this change]
|
---|
1806 |
|
---|
1807 | ossfuzz: add some more handled CURL options
|
---|
1808 |
|
---|
1809 | Add support for HEADER, COOKIE, RANGE, CUSTOMREQUEST, MAIL_RECIPIENT,
|
---|
1810 | MAIL_FROM and uploading data.
|
---|
1811 |
|
---|
1812 | - configure: check for C++ compiler after C, to make it non-fatal
|
---|
1813 |
|
---|
1814 | The tests for object file/executable file extensions are presumably only
|
---|
1815 | done for the first of these macros in the configure file.
|
---|
1816 |
|
---|
1817 | Bug: https://github.com/curl/curl/pull/1851#issuecomment-327597515
|
---|
1818 | Reported-by: Marcel Raad
|
---|
1819 | Closes #1873
|
---|
1820 |
|
---|
1821 | Patrick Monnerat (7 Sep 2017)
|
---|
1822 | - form API: add new test 650.
|
---|
1823 |
|
---|
1824 | Now that the form API is deprecated and not used anymore in curl tool,
|
---|
1825 | a lot of its features left untested. Test 650 attempts to check all these
|
---|
1826 | features not tested elsewhere.
|
---|
1827 |
|
---|
1828 | Jay Satiro (7 Sep 2017)
|
---|
1829 | - configure: fix curl_off_t check's include order
|
---|
1830 |
|
---|
1831 | - Prepend srcdir include path instead of append.
|
---|
1832 |
|
---|
1833 | Prior to this change it was possible that during the check for the size
|
---|
1834 | of curl_off_t the include path of a user's already installed curl could
|
---|
1835 | come before the include path of the to-be-built curl, resulting in the
|
---|
1836 | system.h of the former being incorrectly included for that check.
|
---|
1837 |
|
---|
1838 | Closes https://github.com/curl/curl/pull/1870
|
---|
1839 |
|
---|
1840 | Daniel Stenberg (7 Sep 2017)
|
---|
1841 | - [Jakub Zakrzewski brought this change]
|
---|
1842 |
|
---|
1843 | KNOWN_BUGS: Remove CMake symbol hiding issue
|
---|
1844 |
|
---|
1845 | It has already been fixed in 6140dfc
|
---|
1846 |
|
---|
1847 | - http-proxy: when not doing CONNECT, that phase is done immediately
|
---|
1848 |
|
---|
1849 | `conn->connect_state` is NULL when doing a regular non-CONNECT request
|
---|
1850 | over the proxy and should therefor be considered complete at once.
|
---|
1851 |
|
---|
1852 | Fixes #1853
|
---|
1853 | Closes #1862
|
---|
1854 | Reported-by: Lawrence Wagerfield
|
---|
1855 |
|
---|
1856 | - [Johannes Schindelin brought this change]
|
---|
1857 |
|
---|
1858 | OpenSSL: fix yet another mistake while encapsulating SSL backend data
|
---|
1859 |
|
---|
1860 | Another mistake in my manual fixups of the largely mechanical
|
---|
1861 | search-and-replace ("connssl->" -> "BACKEND->"), just like the previous
|
---|
1862 | commit concerning HTTPS proxies (and hence not caught during my
|
---|
1863 | earlier testing).
|
---|
1864 |
|
---|
1865 | Fixes #1855
|
---|
1866 | Closes #1871
|
---|
1867 |
|
---|
1868 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
1869 |
|
---|
1870 | - [Johannes Schindelin brought this change]
|
---|
1871 |
|
---|
1872 | OpenSSL: fix erroneous SSL backend encapsulation
|
---|
1873 |
|
---|
1874 | In d65e6cc4f (vtls: prepare the SSL backends for encapsulated private
|
---|
1875 | data, 2017-06-21), this developer prepared for a separation of the
|
---|
1876 | private data of the SSL backends from the general connection data.
|
---|
1877 |
|
---|
1878 | This conversion was partially automated (search-and-replace) and
|
---|
1879 | partially manual (e.g. proxy_ssl's backend data).
|
---|
1880 |
|
---|
1881 | Sadly, there was a crucial error in the manual part, where the wrong
|
---|
1882 | handle was used: rather than connecting ssl[sockindex]' BIO to the
|
---|
1883 | proxy_ssl[sockindex]', we reconnected proxy_ssl[sockindex]. The reason
|
---|
1884 | was an incorrect location to paste "BACKEND->"... d'oh.
|
---|
1885 |
|
---|
1886 | Reported by Jay Satiro in https://github.com/curl/curl/issues/1855.
|
---|
1887 |
|
---|
1888 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
1889 |
|
---|
1890 | - [Jay Satiro brought this change]
|
---|
1891 |
|
---|
1892 | vtls: fix memory corruption
|
---|
1893 |
|
---|
1894 | Ever since 70f1db321 (vtls: encapsulate SSL backend-specific data,
|
---|
1895 | 2017-07-28), the code handling HTTPS proxies was broken because the
|
---|
1896 | pointer to the SSL backend data was not swapped between
|
---|
1897 | conn->ssl[sockindex] and conn->proxy_ssl[sockindex] as intended, but
|
---|
1898 | instead set to NULL (causing segmentation faults).
|
---|
1899 |
|
---|
1900 | [jes: provided the commit message, tested and verified the patch]
|
---|
1901 |
|
---|
1902 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
1903 |
|
---|
1904 | - vtls: switch to CURL_SHA256_DIGEST_LENGTH define
|
---|
1905 |
|
---|
1906 | ... instead of the prefix-less version since WolfSSL 3.12 now uses an
|
---|
1907 | enum with that name that causes build failures for us.
|
---|
1908 |
|
---|
1909 | Fixes #1865
|
---|
1910 | Closes #1867
|
---|
1911 | Reported-by: Gisle Vanem
|
---|
1912 |
|
---|
1913 | - travis: add c-ares enabled builds linux + osx
|
---|
1914 |
|
---|
1915 | Closes #1868
|
---|
1916 |
|
---|
1917 | - HISTORY: added some recent items
|
---|
1918 |
|
---|
1919 | Jay Satiro (6 Sep 2017)
|
---|
1920 | - SSL: fix unused parameter warnings
|
---|
1921 |
|
---|
1922 | Patrick Monnerat (6 Sep 2017)
|
---|
1923 | - mime: drop internal FILE * support.
|
---|
1924 |
|
---|
1925 | - The part kind MIMEKIND_FILE and associated code are suppressed.
|
---|
1926 | - Seek data origin offset not used anymore: suppressed.
|
---|
1927 | - MIMEKIND_NAMEDFILE renamed MIMEKIND_FILE; associated fields/functions
|
---|
1928 | renamed accordingly.
|
---|
1929 | - Curl_getformdata() processes stdin via a callback.
|
---|
1930 |
|
---|
1931 | Daniel Stenberg (6 Sep 2017)
|
---|
1932 | - configure: remove --enable-soname-bump and SONAME_BUMP
|
---|
1933 |
|
---|
1934 | Back in 2008, (and commit 3f3d6ebe665f3) we changed the logic in how we
|
---|
1935 | determine the native type for `curl_off_t`. To really make sure we
|
---|
1936 | didn't break ABI without bumping SONAME, we introduced logic that
|
---|
1937 | attempted to detect that it would use a different size and thus not be
|
---|
1938 | compatible. We also provided a manual switch that allowed users to tell
|
---|
1939 | configure to bump SONAME by force.
|
---|
1940 |
|
---|
1941 | Today, we know of no one who ever got a SONAME bump auto-detected and we
|
---|
1942 | don't know of anyone who's using the manual bump feature. The auto-
|
---|
1943 | detection is also no longer working since we introduced defining
|
---|
1944 | curl_off_t in system.h (7.55.0).
|
---|
1945 |
|
---|
1946 | Finally, this bumping logic is not present in the cmake build.
|
---|
1947 |
|
---|
1948 | Closes #1861
|
---|
1949 |
|
---|
1950 | Jay Satiro (6 Sep 2017)
|
---|
1951 | - [Gisle Vanem brought this change]
|
---|
1952 |
|
---|
1953 | vtls: select ssl backend case-insensitive (follow-up)
|
---|
1954 |
|
---|
1955 | - Do a case-insensitive comparison of CURL_SSL_BACKEND env as well.
|
---|
1956 |
|
---|
1957 | - Change Curl_strcasecompare calls to strcasecompare
|
---|
1958 | (maps to the former but shorter).
|
---|
1959 |
|
---|
1960 | Follow-up to c290b8f.
|
---|
1961 |
|
---|
1962 | Bug: https://github.com/curl/curl/commit/c290b8f#commitcomment-24094313
|
---|
1963 |
|
---|
1964 | Co-authored-by: Jay Satiro
|
---|
1965 |
|
---|
1966 | - openssl: Integrate Peter Wu's SSLKEYLOGFILE implementation
|
---|
1967 |
|
---|
1968 | This is an adaptation of 2 of Peter Wu's SSLKEYLOGFILE implementations.
|
---|
1969 |
|
---|
1970 | The first one, written for old OpenSSL versions:
|
---|
1971 | https://git.lekensteyn.nl/peter/wireshark-notes/tree/src/sslkeylog.c
|
---|
1972 |
|
---|
1973 | The second one, written for BoringSSL and new OpenSSL versions:
|
---|
1974 | https://github.com/curl/curl/pull/1346
|
---|
1975 |
|
---|
1976 | Note the first one is GPL licensed but the author gave permission to
|
---|
1977 | waive that license for libcurl.
|
---|
1978 |
|
---|
1979 | As of right now this feature is disabled by default, and does not have
|
---|
1980 | a configure option to enable it. To enable this feature define
|
---|
1981 | ENABLE_SSLKEYLOGFILE when building libcurl and set environment
|
---|
1982 | variable SSLKEYLOGFILE to a pathname that will receive the keys.
|
---|
1983 |
|
---|
1984 | And in Wireshark change your preferences to point to that key file:
|
---|
1985 | Edit > Preferences > Protocols > SSL > Master-Secret
|
---|
1986 |
|
---|
1987 | Co-authored-by: Peter Wu
|
---|
1988 |
|
---|
1989 | Ref: https://github.com/curl/curl/pull/1030
|
---|
1990 | Ref: https://github.com/curl/curl/pull/1346
|
---|
1991 |
|
---|
1992 | Closes https://github.com/curl/curl/pull/1866
|
---|
1993 |
|
---|
1994 | Patrick Monnerat (5 Sep 2017)
|
---|
1995 | - mime: fix a trivial warning.
|
---|
1996 |
|
---|
1997 | - mime: replace 'struct Curl_mimepart' by 'curl_mimepart' in encoder code.
|
---|
1998 |
|
---|
1999 | mime_state is now a typedef.
|
---|
2000 |
|
---|
2001 | - mime: implement encoders.
|
---|
2002 |
|
---|
2003 | curl_mime_encoder() is operational and documented.
|
---|
2004 | curl tool -F option is extended with ";encoder=".
|
---|
2005 | curl tool --libcurl option generates calls to curl_mime_encoder().
|
---|
2006 | New encoder tests 648 & 649.
|
---|
2007 | Test 1404 extended with an encoder specification.
|
---|
2008 |
|
---|
2009 | - runtests.pl: support attribute "nonewline" in part verify/upload.
|
---|
2010 |
|
---|
2011 | - [Daniel Stenberg brought this change]
|
---|
2012 |
|
---|
2013 | fixup data/test1135
|
---|
2014 |
|
---|
2015 | - [Daniel Stenberg brought this change]
|
---|
2016 |
|
---|
2017 | mime: unified to use the typedef'd mime structs everywhere
|
---|
2018 |
|
---|
2019 | ... and slightly edited to follow our code style better.
|
---|
2020 |
|
---|
2021 | - [Daniel Stenberg brought this change]
|
---|
2022 |
|
---|
2023 | curl.h: use lower case curl_mime* as for all public symbols
|
---|
2024 |
|
---|
2025 | - [Daniel Stenberg brought this change]
|
---|
2026 |
|
---|
2027 | docs/curl_mime_*.3: use correct variable types in examples
|
---|
2028 |
|
---|
2029 | Kamil Dudka (5 Sep 2017)
|
---|
2030 | - openssl: use OpenSSL's default ciphers by default
|
---|
2031 |
|
---|
2032 | Up2date versions of OpenSSL maintain the default reasonably secure
|
---|
2033 | without breaking compatibility, so it is better not to override the
|
---|
2034 | default by curl. Suggested at https://bugzilla.redhat.com/1483972
|
---|
2035 |
|
---|
2036 | Closes #1846
|
---|
2037 |
|
---|
2038 | Viktor Szakats (5 Sep 2017)
|
---|
2039 | - examples/mime: minor example code fixes
|
---|
2040 |
|
---|
2041 | Daniel Stenberg (5 Sep 2017)
|
---|
2042 | - docs/curl_mime_*.3: added examples
|
---|
2043 |
|
---|
2044 | - configure: add MultiSSL to FEATURES when enabled
|
---|
2045 |
|
---|
2046 | ...for curl-config and its corresponding test 1014
|
---|
2047 |
|
---|
2048 | - http-proxy: treat all 2xx as CONNECT success
|
---|
2049 |
|
---|
2050 | Added test 1904 to verify.
|
---|
2051 |
|
---|
2052 | Reported-by: Lawrence Wagerfield
|
---|
2053 | Fixes #1859
|
---|
2054 | Closes #1860
|
---|
2055 |
|
---|
2056 | - MAIL-ETIQUETTE: added "1.9 Your emails are public"
|
---|
2057 |
|
---|
2058 | - curl.h: fix "unused checksrc ignore", remove dangling reference
|
---|
2059 |
|
---|
2060 | ... to a README file that doesn't exist anymore
|
---|
2061 |
|
---|
2062 | Viktor Szakats (4 Sep 2017)
|
---|
2063 | - docs: Update to secure URL versions
|
---|
2064 |
|
---|
2065 | - mime: use CURL_ZERO_TERMINATED in examples
|
---|
2066 |
|
---|
2067 | and some minor whitespace fixes
|
---|
2068 |
|
---|
2069 | Daniel Stenberg (4 Sep 2017)
|
---|
2070 | - schannel: return CURLE_SSL_CACERT on failed verification
|
---|
2071 |
|
---|
2072 | ... not *CACERT_BADFILE as it isn't really because of a bad file.
|
---|
2073 |
|
---|
2074 | Bug: https://curl.haxx.se/mail/lib-2017-09/0002.html
|
---|
2075 | Closes #1858
|
---|
2076 |
|
---|
2077 | - test1135: fixed after bd8070085f9
|
---|
2078 |
|
---|
2079 | - examples/post-callback: stop returning one byte at a time
|
---|
2080 |
|
---|
2081 | ... since people copy and paste code from this example and thus they get
|
---|
2082 | an inefficient POST operation without a good reason and sometimes
|
---|
2083 | without understanding why.
|
---|
2084 |
|
---|
2085 | Instead this now returns as much data as possible.
|
---|
2086 |
|
---|
2087 | - RELEASE-NOTES: fixed the function counter script
|
---|
2088 |
|
---|
2089 | - curl.h: make the curl_strequal() protos use the same style
|
---|
2090 |
|
---|
2091 | ... as the other functions. Makes it easier to machine-parse!
|
---|
2092 |
|
---|
2093 | - docs: curl_mime_*.3 man page formatting edits
|
---|
2094 |
|
---|
2095 | - RELEASE-NOTES: synced with 1ab9e9b50
|
---|
2096 |
|
---|
2097 | Patrick Monnerat (4 Sep 2017)
|
---|
2098 | - lib: bump version info (soname). Adapt and reenable test 1135.
|
---|
2099 |
|
---|
2100 | Daniel Stenberg (3 Sep 2017)
|
---|
2101 | - headers: move the global_sslset() proto from multi.h to curl.h
|
---|
2102 |
|
---|
2103 | As it was added to multi.h simply to not break test 1135, which now has
|
---|
2104 | been disabled due to the mime API addition anyway and su we can now move
|
---|
2105 | the sslset stuff to where the other curl_global_* prototypes are.
|
---|
2106 |
|
---|
2107 | Patrick Monnerat (3 Sep 2017)
|
---|
2108 | - mime: fix signed/unsigned conversions.
|
---|
2109 |
|
---|
2110 | Use and generate CURL_ZERO_TERMINATED in curl tool and tests.
|
---|
2111 |
|
---|
2112 | Jay Satiro (3 Sep 2017)
|
---|
2113 | - tool_formparse: fix some trivial warnings
|
---|
2114 |
|
---|
2115 | Patrick Monnerat (3 Sep 2017)
|
---|
2116 | - mime: use size_t instead of ssize_t in public API interface.
|
---|
2117 |
|
---|
2118 | To support telling a string is nul-terminated, symbol CURL_ZERO_TERMINATED
|
---|
2119 | has been introduced.
|
---|
2120 |
|
---|
2121 | Documentation updated accordingly.
|
---|
2122 |
|
---|
2123 | symbols in versions updated. Added form API symbols deprecation info.
|
---|
2124 |
|
---|
2125 | - mime: remove support "-" stdin pseudo-file name in curl_mime_filedata().
|
---|
2126 |
|
---|
2127 | This feature is badly supported in Windows: as a replacement, a caller has
|
---|
2128 | to use curl_mime_data_cb() with fread, fseek and possibly fclose
|
---|
2129 | callbacks to process opened files.
|
---|
2130 |
|
---|
2131 | The cli tool and documentation are updated accordingly.
|
---|
2132 |
|
---|
2133 | The feature is however kept internally for form API compatibility, with
|
---|
2134 | the known caveats it always had.
|
---|
2135 |
|
---|
2136 | As a side effect, stdin size is not determined by the cli tool even if
|
---|
2137 | possible and this results in a chunked transfer encoding. Test 173 is
|
---|
2138 | updated accordingly.
|
---|
2139 |
|
---|
2140 | - mime: fix some implicit curl_off_t --> size_t conversion warnings.
|
---|
2141 |
|
---|
2142 | - mime: tests and examples.
|
---|
2143 |
|
---|
2144 | Additional mime-specific tests.
|
---|
2145 | Existing tests updated to reflect small differences (Expect: 100-continue,
|
---|
2146 | data size change due to empty lines, etc).
|
---|
2147 | Option -F headers= keyword added to tests.
|
---|
2148 | test1135 disabled until the entry point order change is resolved.
|
---|
2149 | New example smtp-mime.
|
---|
2150 | Examples postit2 and multi-post converted from form API to mime API.
|
---|
2151 |
|
---|
2152 | - mime: use in curl cli tool instead of form API.
|
---|
2153 |
|
---|
2154 | Extended -F option syntax to support multipart mail messages.
|
---|
2155 | -F keyword headers= added to include custom headers in parts.
|
---|
2156 | Documentation upgraded.
|
---|
2157 |
|
---|
2158 | - mime: new MIME API.
|
---|
2159 |
|
---|
2160 | Available in HTTP, SMTP and IMAP.
|
---|
2161 | Deprecates the FORM API.
|
---|
2162 | See CURLOPT_MIMEPOST.
|
---|
2163 | Lib code and associated documentation.
|
---|
2164 |
|
---|
2165 | - test564: Add a warning comment about shell profile output.
|
---|
2166 |
|
---|
2167 | Shell profile output makes the SSH server failing and this problem reason
|
---|
2168 | is not easy to find when no hint is given.
|
---|
2169 |
|
---|
2170 | - checksrc: disable SPACEBEFOREPAREN for case statement.
|
---|
2171 |
|
---|
2172 | The case keyword may be followed by a constant expression and thus should
|
---|
2173 | allow it to start with an open parenthesis.
|
---|
2174 |
|
---|
2175 | - runtests.pl: allow <file[1-4]> tags in client section.
|
---|
2176 |
|
---|
2177 | This enables tests to create more than one file on the client side.
|
---|
2178 |
|
---|
2179 | - runtests.pl: Apply strippart to upload too.
|
---|
2180 |
|
---|
2181 | This will allow substitution of boundaries in mail messages.
|
---|
2182 |
|
---|
2183 | - Curl_base64_encode: always call with a real data handle.
|
---|
2184 |
|
---|
2185 | Some calls in different modules were setting the data handle to NULL, causing
|
---|
2186 | segmentation faults when using builds that enable character code conversions.
|
---|
2187 |
|
---|
2188 | - non-ascii: allow conversion functions to be called with a NULL data handle.
|
---|
2189 |
|
---|
2190 | - http: fix a memory leakage in checkrtspprefix().
|
---|
2191 |
|
---|
2192 | Daniel Stenberg (2 Sep 2017)
|
---|
2193 | - [Max Dymond brought this change]
|
---|
2194 |
|
---|
2195 | ossfuzz: Move to C++ for curl_fuzzer.
|
---|
2196 |
|
---|
2197 | Automake gets confused if you want to use C++ static libraries with C
|
---|
2198 | code - basically we need to involve the clang++ linker. The easiest way
|
---|
2199 | of achieving this is to rename the C code as C++ code. This gets us a
|
---|
2200 | bit further along the path and ought to be compatible with Google's
|
---|
2201 | version of clang.
|
---|
2202 |
|
---|
2203 | - curl_global_sslset: select backend by name case insensitively
|
---|
2204 |
|
---|
2205 | Closes #1849
|
---|
2206 |
|
---|
2207 | - [Max Dymond brought this change]
|
---|
2208 |
|
---|
2209 | ossfuzz: additional seed corpora
|
---|
2210 |
|
---|
2211 | Create simple seed corpora for:
|
---|
2212 | - FTP
|
---|
2213 | - telnet
|
---|
2214 | - dict
|
---|
2215 | - tftp
|
---|
2216 | - imap
|
---|
2217 | - pop3
|
---|
2218 |
|
---|
2219 | based off the tests of the same number.
|
---|
2220 |
|
---|
2221 | Closes #1842
|
---|
2222 |
|
---|
2223 | - [Max Dymond brought this change]
|
---|
2224 |
|
---|
2225 | ossfuzz: moving towards the ideal integration
|
---|
2226 |
|
---|
2227 | - Start with the basic code from the ossfuzz project.
|
---|
2228 | - Rewrite fuzz corpora to be binary files full of Type-Length-Value
|
---|
2229 | data, and write a glue layer in the fuzzing function to convert
|
---|
2230 | corpora into CURL options.
|
---|
2231 | - Have supporting functions to generate corpora from existing tests
|
---|
2232 | - Integrate with Makefile.am
|
---|
2233 |
|
---|
2234 | - strcase: corrected comment header for Curl_strcasecompare()
|
---|
2235 |
|
---|
2236 | - unit1301: fix error message on first test
|
---|
2237 |
|
---|
2238 | - curl_global_sslset.3: show the struct and enum too
|
---|
2239 |
|
---|
2240 | ... so that users can actually write code based on the man page alone,
|
---|
2241 | not having to read the header file.
|
---|
2242 |
|
---|
2243 | Jay Satiro (31 Aug 2017)
|
---|
2244 | - darwinssl: handle long strings in TLS certs (follow-up)
|
---|
2245 |
|
---|
2246 | - Fix handling certificate subjects that are already UTF-8 encoded.
|
---|
2247 |
|
---|
2248 | Follow-up to b3b75d1 from two days ago. Since then a copy would be
|
---|
2249 | skipped if the subject was already UTF-8, possibly resulting in a NULL
|
---|
2250 | deref later on.
|
---|
2251 |
|
---|
2252 | Ref: https://github.com/curl/curl/issues/1823
|
---|
2253 | Ref: https://github.com/curl/curl/pull/1831
|
---|
2254 |
|
---|
2255 | Closes https://github.com/curl/curl/pull/1836
|
---|
2256 |
|
---|
2257 | Daniel Stenberg (31 Aug 2017)
|
---|
2258 | - cyassl: call it the "WolfSSL" backend
|
---|
2259 |
|
---|
2260 | ... instead of cyassl, as this is the current name for it.
|
---|
2261 |
|
---|
2262 | Closes #1844
|
---|
2263 |
|
---|
2264 | - polarssl: fix multissl breakage
|
---|
2265 |
|
---|
2266 | Reported-by: Dan Fandrich
|
---|
2267 | Bug: https://curl.haxx.se/mail/lib-2017-08/0121.html
|
---|
2268 | Closes #1843
|
---|
2269 |
|
---|
2270 | - configure: remove the leading comma from the backends list
|
---|
2271 |
|
---|
2272 | ... when darwinssl is used.
|
---|
2273 |
|
---|
2274 | Reported-by: Viktor Szakats
|
---|
2275 | Bug: https://github.com/curl/curl/commit/b0989cd3abaff4f9a0717b4875022fa79e33b481#commitcomment-23943493
|
---|
2276 |
|
---|
2277 | Closes #1845
|
---|
2278 |
|
---|
2279 | Kamil Dudka (30 Aug 2017)
|
---|
2280 | - examples/sslbackend.c: fix failure of 'make checksrc'
|
---|
2281 |
|
---|
2282 | ./sslbackend.c:58:3: warning: else after closing brace on same line (BRACEELSE)
|
---|
2283 | } else if(isdigit(*name)) {
|
---|
2284 | ^
|
---|
2285 | ./sslbackend.c:62:3: warning: else after closing brace on same line (BRACEELSE)
|
---|
2286 | } else
|
---|
2287 | ^
|
---|
2288 |
|
---|
2289 | Viktor Szakats (30 Aug 2017)
|
---|
2290 | - makefile.m32: add multissl support
|
---|
2291 |
|
---|
2292 | Closes https://github.com/curl/curl/pull/1840
|
---|
2293 |
|
---|
2294 | Daniel Stenberg (30 Aug 2017)
|
---|
2295 | - curl.h: CURLSSLBACKEND_WOLFSSL used wrong value
|
---|
2296 |
|
---|
2297 | The CURLSSLBACKEND_WOLFSSL is supposed to be an alias for
|
---|
2298 | CURLSSLBACKEND_CYASSL, but used an erronous value. To reduce the risk
|
---|
2299 | for a similar mistake, define the backend aliases to use the enum values
|
---|
2300 | instead.
|
---|
2301 |
|
---|
2302 | Reported-by: Gisle Vanem
|
---|
2303 | Bug: https://curl.haxx.se/mail/lib-2017-08/0120.html
|
---|
2304 |
|
---|
2305 | - curl_global_sslset.3: clarify
|
---|
2306 |
|
---|
2307 | it is a one time *set*, not necessarily a one time use... it can be
|
---|
2308 | called again if the first call failed or just listed the alternatives.
|
---|
2309 |
|
---|
2310 | clarify that the available backends are the ones this build supports
|
---|
2311 |
|
---|
2312 | plus add some formatting
|
---|
2313 |
|
---|
2314 | Reported-by: Rich Gray
|
---|
2315 | Bug: https://curl.haxx.se/mail/lib-2017-08/0119.html
|
---|
2316 |
|
---|
2317 | - curl/multi.h: remove duplicated closing c++ brace
|
---|
2318 |
|
---|
2319 | Regression since 1328f69d53f2f2e93
|
---|
2320 |
|
---|
2321 | Fixes #1841
|
---|
2322 | Reported-by: Andrei Karas
|
---|
2323 |
|
---|
2324 | - RELEASE-NOTES: synced with 8c33c963a
|
---|
2325 |
|
---|
2326 | - HELP-US.md: spelling
|
---|
2327 |
|
---|
2328 | - HELP-US.md: "How to get started helping out in the curl project"
|
---|
2329 |
|
---|
2330 | Closes #1837
|
---|
2331 |
|
---|
2332 | Dan Fandrich (29 Aug 2017)
|
---|
2333 | - asyn-thread: Fixed cleanup after OOM
|
---|
2334 |
|
---|
2335 | destroy_async_data() assumes that if the flag "done" is not set yet, the
|
---|
2336 | thread itself will clean up once the request is complete. But if an
|
---|
2337 | error (generally OOM) occurs before the thread even has a chance to
|
---|
2338 | start, it will never get a chance to clean up and memory will be leaked.
|
---|
2339 | By clearing "done" only just before starting the thread, the correct
|
---|
2340 | cleanup sequence will happen in all cases.
|
---|
2341 |
|
---|
2342 | Daniel Stenberg (28 Aug 2017)
|
---|
2343 | - curl_global_init.3: mention curl_global_sslset(3)
|
---|
2344 |
|
---|
2345 | Dan Fandrich (28 Aug 2017)
|
---|
2346 | - unit1606: Fixed shadowed variable warning
|
---|
2347 |
|
---|
2348 | - asyn-thread: Improved cleanup after OOM situations
|
---|
2349 |
|
---|
2350 | - asyn-thread: Set errno to the proper value ENOMEM in OOM situation
|
---|
2351 |
|
---|
2352 | This used to be set in some configurations to EAI_MEMORY which is not a
|
---|
2353 | valid value for errno and caused Curl_strerror to fail an assertion.
|
---|
2354 |
|
---|
2355 | Daniel Stenberg (28 Aug 2017)
|
---|
2356 | - [Johannes Schindelin brought this change]
|
---|
2357 |
|
---|
2358 | configure: Handle "MultiSSL" specially When versioning symbols
|
---|
2359 |
|
---|
2360 | There is a mode in which libcurl is compiled with versioned symbols,
|
---|
2361 | depending on the active SSL backend.
|
---|
2362 |
|
---|
2363 | When multiple SSL backends are active, it does not make sense to favor
|
---|
2364 | one over the others, so let's not: introduce a new prefix for the case
|
---|
2365 | where multiple SSL backends are compiled into cURL.
|
---|
2366 |
|
---|
2367 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2368 |
|
---|
2369 | - [Johannes Schindelin brought this change]
|
---|
2370 |
|
---|
2371 | configure: allow setting the default SSL backend
|
---|
2372 |
|
---|
2373 | Previously, we used as default SSL backend whatever was first in the
|
---|
2374 | `available_backends` array.
|
---|
2375 |
|
---|
2376 | However, some users may want to override that default without patching
|
---|
2377 | the source code.
|
---|
2378 |
|
---|
2379 | Now they can: with the --with-default-ssl-backend=<backend> option of
|
---|
2380 | the ./configure script.
|
---|
2381 |
|
---|
2382 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2383 |
|
---|
2384 | - [Johannes Schindelin brought this change]
|
---|
2385 |
|
---|
2386 | vtls: use Curl_ssl_multi pseudo backend only when needed
|
---|
2387 |
|
---|
2388 | When only one SSL backend is configured, it is totally unnecessary to
|
---|
2389 | let multissl_init() configure the backend at runtime, we can select the
|
---|
2390 | correct backend at build time already.
|
---|
2391 |
|
---|
2392 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2393 |
|
---|
2394 | - [Johannes Schindelin brought this change]
|
---|
2395 |
|
---|
2396 | version: if built with more than one SSL backend, report all of them
|
---|
2397 |
|
---|
2398 | To discern the active one from the inactive ones, put the latter into
|
---|
2399 | parentheses.
|
---|
2400 |
|
---|
2401 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2402 |
|
---|
2403 | - [Johannes Schindelin brought this change]
|
---|
2404 |
|
---|
2405 | version: add the CURL_VERSION_MULTI_SSL feature flag
|
---|
2406 |
|
---|
2407 | This new feature flag reports When cURL was built with multiple SSL
|
---|
2408 | backends.
|
---|
2409 |
|
---|
2410 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2411 |
|
---|
2412 | - [Johannes Schindelin brought this change]
|
---|
2413 |
|
---|
2414 | metalink: allow compiling with multiple SSL backends
|
---|
2415 |
|
---|
2416 | Previously, the code assumed that at most one of the SSL backends would
|
---|
2417 | be compiled in, emulating OpenSSL's functions if the configured backend
|
---|
2418 | was not OpenSSL itself.
|
---|
2419 |
|
---|
2420 | However, now we allow building with multiple SSL backends and choosing
|
---|
2421 | one at runtime. Therefore, metalink needs to be adjusted to handle this
|
---|
2422 | scenario, too.
|
---|
2423 |
|
---|
2424 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2425 |
|
---|
2426 | - [Johannes Schindelin brought this change]
|
---|
2427 |
|
---|
2428 | docs/examples: demonstrate how to select SSL backends
|
---|
2429 |
|
---|
2430 | The newly-introduced curl_global_sslset() function deserves to be
|
---|
2431 | show-cased.
|
---|
2432 |
|
---|
2433 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2434 |
|
---|
2435 | - [Johannes Schindelin brought this change]
|
---|
2436 |
|
---|
2437 | Add a man page for curl_global_sslset()
|
---|
2438 |
|
---|
2439 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2440 |
|
---|
2441 | - [Johannes Schindelin brought this change]
|
---|
2442 |
|
---|
2443 | vtls: introduce curl_global_sslset()
|
---|
2444 |
|
---|
2445 | Let's add a compile time safe API to select an SSL backend. This
|
---|
2446 | function needs to be called *before* curl_global_init(), and can be
|
---|
2447 | called only once.
|
---|
2448 |
|
---|
2449 | Side note: we do not explicitly test that it is called before
|
---|
2450 | curl_global_init(), but we do verify that it is not called multiple times
|
---|
2451 | (even implicitly).
|
---|
2452 |
|
---|
2453 | If SSL is used before the function was called, it will use whatever the
|
---|
2454 | CURL_SSL_BACKEND environment variable says (or default to the first
|
---|
2455 | available SSL backend), and if a subsequent call to
|
---|
2456 | curl_global_sslset() disagrees with the previous choice, it will fail
|
---|
2457 | with CURLSSLSET_TOO_LATE.
|
---|
2458 |
|
---|
2459 | The function also accepts an "avail" parameter to point to a (read-only)
|
---|
2460 | NULL-terminated list of available backends. This comes in real handy if
|
---|
2461 | an application wants to let the user choose between whatever SSL backends
|
---|
2462 | the currently available libcurl has to offer: simply call
|
---|
2463 |
|
---|
2464 | curl_global_sslset(-1, NULL, &avail);
|
---|
2465 |
|
---|
2466 | which will return CURLSSLSET_UNKNOWN_BACKEND and populate the avail
|
---|
2467 | variable to point to the relevant information to present to the user.
|
---|
2468 |
|
---|
2469 | Just like with the HTTP/2 push functions, we have to add the function
|
---|
2470 | declaration of curl_global_sslset() function to the header file
|
---|
2471 | *multi.h* because VMS and OS/400 require a stable order of functions
|
---|
2472 | declared in include/curl/*.h (where the header files are sorted
|
---|
2473 | alphabetically). This looks a bit funny, but it cannot be helped.
|
---|
2474 |
|
---|
2475 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2476 |
|
---|
2477 | - [Johannes Schindelin brought this change]
|
---|
2478 |
|
---|
2479 | vtls: refactor out essential information about the SSL backends
|
---|
2480 |
|
---|
2481 | There is information about the compiled-in SSL backends that is really
|
---|
2482 | no concern of any code other than the SSL backend itself, such as which
|
---|
2483 | function (if any) implements SHA-256 summing.
|
---|
2484 |
|
---|
2485 | And there is information that is really interesting to the user, such as
|
---|
2486 | the name, or the curl_sslbackend value.
|
---|
2487 |
|
---|
2488 | Let's factor out the latter into a publicly visible struct. This
|
---|
2489 | information will be used in the upcoming API to set the SSL backend
|
---|
2490 | globally.
|
---|
2491 |
|
---|
2492 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2493 |
|
---|
2494 | - [Johannes Schindelin brought this change]
|
---|
2495 |
|
---|
2496 | vtls: allow selecting which SSL backend to use at runtime
|
---|
2497 |
|
---|
2498 | When building software for the masses, it is sometimes not possible to
|
---|
2499 | decide for all users which SSL backend is appropriate.
|
---|
2500 |
|
---|
2501 | Git for Windows, for example, uses cURL to perform clones, fetches and
|
---|
2502 | pushes via HTTPS, and some users strongly prefer OpenSSL, while other
|
---|
2503 | users really need to use Secure Channel because it offers
|
---|
2504 | enterprise-ready tools to manage credentials via Windows' Credential
|
---|
2505 | Store.
|
---|
2506 |
|
---|
2507 | The current Git for Windows versions use the ugly work-around of
|
---|
2508 | building libcurl once with OpenSSL support and once with Secure Channel
|
---|
2509 | support, and switching out the binaries in the installer depending on
|
---|
2510 | the user's choice.
|
---|
2511 |
|
---|
2512 | Needless to say, this is a super ugly workaround that actually only
|
---|
2513 | works in some cases: Git for Windows also comes in a portable form, and
|
---|
2514 | in a form intended for third-party applications requiring Git
|
---|
2515 | functionality, in which cases this "swap out libcurl-4.dll" simply is
|
---|
2516 | not an option.
|
---|
2517 |
|
---|
2518 | Therefore, the Git for Windows project has a vested interest in teaching
|
---|
2519 | cURL to make the SSL backend a *runtime* option.
|
---|
2520 |
|
---|
2521 | This patch makes that possible.
|
---|
2522 |
|
---|
2523 | By running ./configure with multiple --with-<backend> options, cURL will
|
---|
2524 | be built with multiple backends.
|
---|
2525 |
|
---|
2526 | For the moment, the backend can be configured using the environment
|
---|
2527 | variable CURL_SSL_BACKEND (valid values are e.g. "openssl" and
|
---|
2528 | "schannel").
|
---|
2529 |
|
---|
2530 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2531 |
|
---|
2532 | - [Johannes Schindelin brought this change]
|
---|
2533 |
|
---|
2534 | vtls: fold the backend ID into the Curl_ssl structure
|
---|
2535 |
|
---|
2536 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2537 |
|
---|
2538 | - [Johannes Schindelin brought this change]
|
---|
2539 |
|
---|
2540 | curl_ntlm_core: don't complain but #include OpenSSL header if needed
|
---|
2541 |
|
---|
2542 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2543 |
|
---|
2544 | - [Johannes Schindelin brought this change]
|
---|
2545 |
|
---|
2546 | vtls: encapsulate SSL backend-specific data
|
---|
2547 |
|
---|
2548 | So far, all of the SSL backends' private data has been declared as
|
---|
2549 | part of the ssl_connect_data struct, in one big #if .. #elif .. #endif
|
---|
2550 | block.
|
---|
2551 |
|
---|
2552 | This can only work as long as the SSL backend is a compile-time option,
|
---|
2553 | something we want to change in the next commits.
|
---|
2554 |
|
---|
2555 | Therefore, let's encapsulate the exact data needed by each SSL backend
|
---|
2556 | into a private struct, and let's avoid bleeding any SSL backend-specific
|
---|
2557 | information into urldata.h. This is also necessary to allow multiple SSL
|
---|
2558 | backends to be compiled in at the same time, as e.g. OpenSSL's and
|
---|
2559 | CyaSSL's headers cannot be included in the same .c file.
|
---|
2560 |
|
---|
2561 | To avoid too many malloc() calls, we simply append the private structs
|
---|
2562 | to the connectdata struct in allocate_conn().
|
---|
2563 |
|
---|
2564 | This requires us to take extra care of alignment issues: struct fields
|
---|
2565 | often need to be aligned on certain boundaries e.g. 32-bit values need to
|
---|
2566 | be stored at addresses that divide evenly by 4 (= 32 bit / 8
|
---|
2567 | bit-per-byte).
|
---|
2568 |
|
---|
2569 | We do that by assuming that no SSL backend's private data contains any
|
---|
2570 | fields that need to be aligned on boundaries larger than `long long`
|
---|
2571 | (typically 64-bit) would need. Under this assumption, we simply add a
|
---|
2572 | dummy field of type `long long` to the `struct connectdata` struct. This
|
---|
2573 | field will never be accessed but acts as a placeholder for the four
|
---|
2574 | instances of ssl_backend_data instead. the size of each ssl_backend_data
|
---|
2575 | struct is stored in the SSL backend-specific metadata, to allow
|
---|
2576 | allocate_conn() to know how much extra space to allocate, and how to
|
---|
2577 | initialize the ssl[sockindex]->backend and proxy_ssl[sockindex]->backend
|
---|
2578 | pointers.
|
---|
2579 |
|
---|
2580 | This would appear to be a little complicated at first, but is really
|
---|
2581 | necessary to encapsulate the private data of each SSL backend correctly.
|
---|
2582 | And we need to encapsulate thusly if we ever want to allow selecting
|
---|
2583 | CyaSSL and OpenSSL at runtime, as their headers cannot be included within
|
---|
2584 | the same .c file (there are just too many conflicting definitions and
|
---|
2585 | declarations for that).
|
---|
2586 |
|
---|
2587 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2588 |
|
---|
2589 | - [Johannes Schindelin brought this change]
|
---|
2590 |
|
---|
2591 | vtls: prepare the SSL backends for encapsulated private data
|
---|
2592 |
|
---|
2593 | At the moment, cURL's SSL backend needs to be configured at build time.
|
---|
2594 | As such, it is totally okay for them to hard-code their backend-specific
|
---|
2595 | data in the ssl_connect_data struct.
|
---|
2596 |
|
---|
2597 | In preparation for making the SSL backend a runtime option, let's make
|
---|
2598 | the access of said private data a bit more abstract so that it can be
|
---|
2599 | adjusted later in an easy manner.
|
---|
2600 |
|
---|
2601 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2602 |
|
---|
2603 | - [Johannes Schindelin brought this change]
|
---|
2604 |
|
---|
2605 | urldata.h: move SSPI-specific #include to correct location
|
---|
2606 |
|
---|
2607 | In 86b889485 (sasl_gssapi: Added GSS-API based Kerberos V5 variables,
|
---|
2608 | 2014-12-03), an SSPI-specific field was added to the kerberos5data
|
---|
2609 | struct without moving the #include "curl_sspi.h" later in the same file.
|
---|
2610 |
|
---|
2611 | This broke the build when SSPI was enabled, unless Secure Channel was
|
---|
2612 | used as SSL backend, because it just so happens that Secure Channel also
|
---|
2613 | requires "curl_sspi.h" to be #included.
|
---|
2614 |
|
---|
2615 | In f4739f639 (urldata: include curl_sspi.h when Windows SSPI is enabled,
|
---|
2616 | 2017-02-21), this bug was fixed incorrectly: Instead of moving the
|
---|
2617 | appropriate conditional #include, the Secure Channel-conditional part
|
---|
2618 | was now also SSPI-conditional.
|
---|
2619 |
|
---|
2620 | Fix this problem by moving the correct #include instead.
|
---|
2621 |
|
---|
2622 | This is also required for an upcoming patch that moves all the Secure
|
---|
2623 | Channel-specific stuff out of urldata.h and encapsulates it properly in
|
---|
2624 | vtls/schannel.c instead.
|
---|
2625 |
|
---|
2626 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2627 |
|
---|
2628 | - [Johannes Schindelin brought this change]
|
---|
2629 |
|
---|
2630 | urldata.h: remove support for obsolete PolarSSL version
|
---|
2631 |
|
---|
2632 | Since 5017d5ada (polarssl: now require 1.3.0+, 2014-03-17), we require
|
---|
2633 | a newer PolarSSL version. No need to keep code trying to support any
|
---|
2634 | older version.
|
---|
2635 |
|
---|
2636 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2637 |
|
---|
2638 | - [Johannes Schindelin brought this change]
|
---|
2639 |
|
---|
2640 | getinfo: access SSL internals via Curl_ssl
|
---|
2641 |
|
---|
2642 | In the ongoing endeavor to abstract out all SSL backend-specific
|
---|
2643 | functionality, this is the next step: Instead of hard-coding how the
|
---|
2644 | different SSL backends access their internal data in getinfo.c, let's
|
---|
2645 | implement backend-specific functions to do that task.
|
---|
2646 |
|
---|
2647 | This will also allow for switching SSL backends as a runtime option.
|
---|
2648 |
|
---|
2649 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2650 |
|
---|
2651 | - [Johannes Schindelin brought this change]
|
---|
2652 |
|
---|
2653 | vtls: move SSL backends' private constants out of their header files
|
---|
2654 |
|
---|
2655 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2656 |
|
---|
2657 | - [Johannes Schindelin brought this change]
|
---|
2658 |
|
---|
2659 | axtls: use Curl_none_* versions of init() and cleanup()
|
---|
2660 |
|
---|
2661 | There are convenient no-op versions of the init/cleanup functions now,
|
---|
2662 | no need to define private ones for axTLS.
|
---|
2663 |
|
---|
2664 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2665 |
|
---|
2666 | - [Johannes Schindelin brought this change]
|
---|
2667 |
|
---|
2668 | vtls: remove obsolete declarations of SSL backend functionality
|
---|
2669 |
|
---|
2670 | These functions are all available via the Curl_ssl struct now, no need
|
---|
2671 | to declare them separately anymore.
|
---|
2672 |
|
---|
2673 | As the global declarations are removed, the corresponding function
|
---|
2674 | definitions are marked as file-local. The only two exceptions here are
|
---|
2675 | Curl_mbedtls_shutdown() and Curl_polarssl_shutdown(): only the
|
---|
2676 | declarations were removed, there are no function definitions to mark
|
---|
2677 | file-local.
|
---|
2678 |
|
---|
2679 | Please note that Curl_nss_force_init() is *still* declared globally, as
|
---|
2680 | the only SSL backend-specific function, because it was introduced
|
---|
2681 | specifically for the use case where cURL was compiled with
|
---|
2682 | `--without-ssl --with-nss`. For details, see f3b77e561 (http_ntlm: add
|
---|
2683 | support for NSS, 2010-06-27).
|
---|
2684 |
|
---|
2685 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2686 |
|
---|
2687 | - [Johannes Schindelin brought this change]
|
---|
2688 |
|
---|
2689 | schannel: reorder functions topologically
|
---|
2690 |
|
---|
2691 | The _shutdown() function calls the _session_free() function; While this
|
---|
2692 | is not a problem now (because schannel.h declares both functions), a
|
---|
2693 | patch looming in the immediate future with make all of these functions
|
---|
2694 | file-local.
|
---|
2695 |
|
---|
2696 | So let's just move the _session_free() function's definition before it
|
---|
2697 | is called.
|
---|
2698 |
|
---|
2699 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2700 |
|
---|
2701 | - [Johannes Schindelin brought this change]
|
---|
2702 |
|
---|
2703 | axtls: reorder functions topologically
|
---|
2704 |
|
---|
2705 | The connect_finish() function (like many other functions after it) calls
|
---|
2706 | the Curl_axtls_close() function; While this is not a problem now
|
---|
2707 | (because axtls.h declares the latter function), a patch looming in the
|
---|
2708 | immediate future with make all of these functions file-local.
|
---|
2709 |
|
---|
2710 | So let's just move the Curl_axtls_close() function's definition before
|
---|
2711 | it is called.
|
---|
2712 |
|
---|
2713 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2714 |
|
---|
2715 | - [Johannes Schindelin brought this change]
|
---|
2716 |
|
---|
2717 | vtls: move the SUPPORT_HTTPS_PROXY flag into the Curl_ssl struct
|
---|
2718 |
|
---|
2719 | That will allow us to choose the SSL backend at runtime.
|
---|
2720 |
|
---|
2721 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2722 |
|
---|
2723 | - [Johannes Schindelin brought this change]
|
---|
2724 |
|
---|
2725 | vtls: convert the have_curlssl_* constants to runtime flags
|
---|
2726 |
|
---|
2727 | The entire idea of introducing the Curl_ssl struct to describe SSL
|
---|
2728 | backends is to prepare for choosing the SSL backend at runtime.
|
---|
2729 |
|
---|
2730 | To that end, convert all the #ifdef have_curlssl_* style conditionals
|
---|
2731 | to use bit flags instead.
|
---|
2732 |
|
---|
2733 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2734 |
|
---|
2735 | - [Johannes Schindelin brought this change]
|
---|
2736 |
|
---|
2737 | vtls: move sha256sum into the Curl_ssl struct
|
---|
2738 |
|
---|
2739 | The SHA-256 checksumming is also an SSL backend-specific function.
|
---|
2740 | Let's include it in the struct declaring the functionality of SSL
|
---|
2741 | backends.
|
---|
2742 |
|
---|
2743 | In contrast to MD5, there is no fall-back code. To indicate this, the
|
---|
2744 | respective entries are NULL for those backends that offer no support for
|
---|
2745 | SHA-256 checksumming.
|
---|
2746 |
|
---|
2747 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2748 |
|
---|
2749 | - [Johannes Schindelin brought this change]
|
---|
2750 |
|
---|
2751 | vtls: move md5sum into the Curl_ssl struct
|
---|
2752 |
|
---|
2753 | The MD5 summing is also an SSL backend-specific function. So let's
|
---|
2754 | include it, offering the previous fall-back code as a separate function
|
---|
2755 | now: Curl_none_md5sum(). To allow for that, the signature had to be
|
---|
2756 | changed so that an error could be returned from the implementation
|
---|
2757 | (Curl_none_md5sum() can run out of memory).
|
---|
2758 |
|
---|
2759 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2760 |
|
---|
2761 | - [Johannes Schindelin brought this change]
|
---|
2762 |
|
---|
2763 | vtls: use the Curl_ssl struct to access all SSL backends' functionality
|
---|
2764 |
|
---|
2765 | This is the first step to unify the SSL backend handling. Now all the
|
---|
2766 | SSL backend-specific functionality is accessed via a global instance of
|
---|
2767 | the Curl_ssl struct.
|
---|
2768 |
|
---|
2769 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2770 |
|
---|
2771 | - [Johannes Schindelin brought this change]
|
---|
2772 |
|
---|
2773 | vtls: declare Curl_ssl structs for every SSL backend
|
---|
2774 |
|
---|
2775 | The idea of introducing the Curl_ssl struct was to unify how the SSL
|
---|
2776 | backends are declared and called. To this end, we now provide an
|
---|
2777 | instance of the Curl_ssl struct for each and every SSL backend.
|
---|
2778 |
|
---|
2779 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2780 |
|
---|
2781 | - [Johannes Schindelin brought this change]
|
---|
2782 |
|
---|
2783 | vtls: introduce a new struct for SSL backends
|
---|
2784 |
|
---|
2785 | This new struct is similar in nature to Curl_handler: it will define the
|
---|
2786 | functions and capabilities of all the SSL backends (where Curl_handler
|
---|
2787 | defines the functions and capabilities of protocol handlers).
|
---|
2788 |
|
---|
2789 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2790 |
|
---|
2791 | - [Johannes Schindelin brought this change]
|
---|
2792 |
|
---|
2793 | vtls: make sure every _sha256sum()'s first arg is const
|
---|
2794 |
|
---|
2795 | This patch makes the signature of the _sha256sum() functions consistent
|
---|
2796 | among the SSL backends, in preparation for unifying the way all SSL
|
---|
2797 | backends are accessed.
|
---|
2798 |
|
---|
2799 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2800 |
|
---|
2801 | - [Johannes Schindelin brought this change]
|
---|
2802 |
|
---|
2803 | vtls: make sure all _data_pending() functions return bool
|
---|
2804 |
|
---|
2805 | This patch makes the signature of the _data_pending() functions
|
---|
2806 | consistent among the SSL backends, in preparation for unifying the way
|
---|
2807 | all SSL backends are accessed.
|
---|
2808 |
|
---|
2809 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2810 |
|
---|
2811 | - [Johannes Schindelin brought this change]
|
---|
2812 |
|
---|
2813 | vtls: make sure all _cleanup() functions return void
|
---|
2814 |
|
---|
2815 | This patch makes the signature of the _cleanup() functions consistent
|
---|
2816 | among the SSL backends, in preparation for unifying the way all SSL
|
---|
2817 | backends are accessed.
|
---|
2818 |
|
---|
2819 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2820 |
|
---|
2821 | - [Johannes Schindelin brought this change]
|
---|
2822 |
|
---|
2823 | vtls: use consistent signature for _random() implementations
|
---|
2824 |
|
---|
2825 | This will make the upcoming multissl backend much easier to implement.
|
---|
2826 |
|
---|
2827 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
2828 |
|
---|
2829 | - strtooff: fix build for systems with long long but no strtoll option
|
---|
2830 |
|
---|
2831 | Closes #1829
|
---|
2832 |
|
---|
2833 | Reported-by: Dan Fandrich
|
---|
2834 | Bug: https://github.com/curl/curl/pull/1758#issuecomment-324861615
|
---|
2835 |
|
---|
2836 | - darwinssl: handle long strings in TLS certs
|
---|
2837 |
|
---|
2838 | ... as the previous fixed length 128 bytes buffer was sometimes too
|
---|
2839 | small.
|
---|
2840 |
|
---|
2841 | Fixes #1823
|
---|
2842 | Closes #1831
|
---|
2843 |
|
---|
2844 | Reported-by: Benjamin Sergeant
|
---|
2845 | Assisted-by: Bill Pyne, Ray Satiro, Nick Zitzmann
|
---|
2846 |
|
---|
2847 | - system.h: include sys/poll.h for AIX
|
---|
2848 |
|
---|
2849 | ... to get the event/revent defines that might be used for the poll
|
---|
2850 | struct.
|
---|
2851 |
|
---|
2852 | Reported-by: Michael Smith
|
---|
2853 | Fixes #1828
|
---|
2854 | Closes #1833
|
---|
2855 |
|
---|
2856 | Dan Fandrich (26 Aug 2017)
|
---|
2857 | - tests: Make sure libtests & unittests call curl_global_cleanup()
|
---|
2858 |
|
---|
2859 | These were missed in commit c468c27b.
|
---|
2860 |
|
---|
2861 | Jay Satiro (26 Aug 2017)
|
---|
2862 | - [theantigod brought this change]
|
---|
2863 |
|
---|
2864 | winbuild: fix embedded manifest option
|
---|
2865 |
|
---|
2866 | Embedded manifest option didn't work due to incorrect path.
|
---|
2867 |
|
---|
2868 | Fixes https://github.com/curl/curl/issues/1832
|
---|
2869 |
|
---|
2870 | Daniel Stenberg (25 Aug 2017)
|
---|
2871 | - fuzz/Makefile.am: remove curlbuild.h leftovers
|
---|
2872 |
|
---|
2873 | - examples/threaded-ssl: mention that this is for openssl before 1.1
|
---|
2874 |
|
---|
2875 | - imap: use defined names for response codes
|
---|
2876 |
|
---|
2877 | When working on this code I found the previous setup a bit weird while
|
---|
2878 | using proper defines increases readability.
|
---|
2879 |
|
---|
2880 | Closes #1824
|
---|
2881 |
|
---|
2882 | - CURLOPT_USERPWD.3: see also CURLOPT_PROXYUSERPWD
|
---|
2883 |
|
---|
2884 | - imap: support PREAUTH
|
---|
2885 |
|
---|
2886 | It is a defined possible greeting at server startup that means the
|
---|
2887 | connection is already authenticated. See
|
---|
2888 | https://tools.ietf.org/html/rfc3501#section-7.1.4
|
---|
2889 |
|
---|
2890 | Test 846 added to verify.
|
---|
2891 |
|
---|
2892 | Fixes #1818
|
---|
2893 | Closes #1820
|
---|
2894 |
|
---|
2895 | Jay Satiro (23 Aug 2017)
|
---|
2896 | - config-tpf: define SIZEOF_LONG
|
---|
2897 |
|
---|
2898 | Recent changes that replaced CURL_SIZEOF_LONG in the source with
|
---|
2899 | SIZEOF_LONG broke builds that use the premade configuration files and
|
---|
2900 | don't have SIZEOF_LONG defined.
|
---|
2901 |
|
---|
2902 | Bug: https://github.com/curl/curl/issues/1816
|
---|
2903 |
|
---|
2904 | Dan Fandrich (23 Aug 2017)
|
---|
2905 | - test1453: Fixed <features>
|
---|
2906 |
|
---|
2907 | Daniel Stenberg (22 Aug 2017)
|
---|
2908 | - [Gisle Vanem brought this change]
|
---|
2909 |
|
---|
2910 | config-dos: add missing defines, SIZEOF_* and two others
|
---|
2911 |
|
---|
2912 | Bug: #1816
|
---|
2913 |
|
---|
2914 | - curl: shorten and clean up CA cert verification error message
|
---|
2915 |
|
---|
2916 | The previous message was just too long for ordinary people and it was
|
---|
2917 | encouraging users to use `--insecure` a little too easy.
|
---|
2918 |
|
---|
2919 | Based-on-work-by: Frank Denis
|
---|
2920 |
|
---|
2921 | Closes #1810
|
---|
2922 | Closes #1817
|
---|
2923 |
|
---|
2924 | - request-target.d: mention added in 7.55.0
|
---|
2925 |
|
---|
2926 | Marcel Raad (22 Aug 2017)
|
---|
2927 | - tool_main: turn off MinGW CRT's globbing
|
---|
2928 |
|
---|
2929 | By default, the MinGW CRT globs command-line arguments. This prevents
|
---|
2930 | getting a single asterisk into an argument as test 1299 does. Turn off
|
---|
2931 | globbing by setting the global variable _CRT_glob to 0 for MinGW.
|
---|
2932 |
|
---|
2933 | Fixes https://github.com/curl/curl/issues/1751
|
---|
2934 | Closes https://github.com/curl/curl/pull/1813
|
---|
2935 |
|
---|
2936 | Viktor Szakats (22 Aug 2017)
|
---|
2937 | - makefile.m32: add support for libidn2
|
---|
2938 |
|
---|
2939 | libidn was replaced with libidn2 last year in configure.
|
---|
2940 | Caveat: libidn2 may depend on a list of further libs.
|
---|
2941 | These can be manually specified via CURL_LDFLAG_EXTRAS.
|
---|
2942 |
|
---|
2943 | Closes https://github.com/curl/curl/pull/1815
|
---|
2944 |
|
---|
2945 | Jay Satiro (22 Aug 2017)
|
---|
2946 | - [Viktor Szakats brought this change]
|
---|
2947 |
|
---|
2948 | config-win32: define SIZEOF_LONG
|
---|
2949 |
|
---|
2950 | Recent changes that replaced CURL_SIZEOF_LONG in the source with
|
---|
2951 | SIZEOF_LONG broke builds that use the premade configuration files and
|
---|
2952 | don't have SIZEOF_LONG defined.
|
---|
2953 |
|
---|
2954 | Closes https://github.com/curl/curl/pull/1814
|
---|
2955 |
|
---|
2956 | Daniel Stenberg (20 Aug 2017)
|
---|
2957 | - cmake: enable picky compiler options with clang and gcc
|
---|
2958 |
|
---|
2959 | closes #1799
|
---|
2960 |
|
---|
2961 | - curl/system.h: fix build for hppa
|
---|
2962 |
|
---|
2963 | Reported-by: John David Anglin
|
---|
2964 | Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872502#10
|
---|
2965 |
|
---|
2966 | - [Even Rouault brought this change]
|
---|
2967 |
|
---|
2968 | tftp: fix memory leak on too long filename
|
---|
2969 |
|
---|
2970 | Fixes
|
---|
2971 |
|
---|
2972 | $ valgrind --leak-check=full ~/install-curl-git/bin/curl tftp://localhost/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaz
|
---|
2973 |
|
---|
2974 | ==9752== Memcheck, a memory error detector
|
---|
2975 | ==9752== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
|
---|
2976 | ==9752== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
|
---|
2977 | ==9752== Command: /home/even/install-curl-git/bin/curl tftp://localhost/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaz
|
---|
2978 | ==9752==
|
---|
2979 | curl: (71) TFTP file name too long
|
---|
2980 |
|
---|
2981 | ==9752==
|
---|
2982 | ==9752== HEAP SUMMARY:
|
---|
2983 | ==9752== 505 bytes in 1 blocks are definitely lost in loss record 11 of 11
|
---|
2984 | ==9752== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
|
---|
2985 | ==9752== by 0x4E61CED: Curl_urldecode (in /home/even/install-curl-git/lib/libcurl.so.4.4.0)
|
---|
2986 | ==9752== by 0x4E75868: tftp_state_machine (in /home/even/install-curl-git/lib/libcurl.so.4.4.0)
|
---|
2987 | ==9752== by 0x4E761B6: tftp_do (in /home/even/install-curl-git/lib/libcurl.so.4.4.0)
|
---|
2988 | ==9752== by 0x4E711B6: multi_runsingle (in /home/even/install-curl-git/lib/libcurl.so.4.4.0)
|
---|
2989 | ==9752== by 0x4E71D00: curl_multi_perform (in /home/even/install-curl-git/lib/libcurl.so.4.4.0)
|
---|
2990 | ==9752== by 0x4E6950D: curl_easy_perform (in /home/even/install-curl-git/lib/libcurl.so.4.4.0)
|
---|
2991 | ==9752== by 0x40E0B7: operate_do (in /home/even/install-curl-git/bin/curl)
|
---|
2992 | ==9752== by 0x40E849: operate (in /home/even/install-curl-git/bin/curl)
|
---|
2993 | ==9752== by 0x402693: main (in /home/even/install-curl-git/bin/curl)
|
---|
2994 |
|
---|
2995 | Fixes https://oss-fuzz.com/v2/testcase-detail/5232311106797568
|
---|
2996 | Credit to OSS Fuzz
|
---|
2997 |
|
---|
2998 | Closes #1808
|
---|
2999 |
|
---|
3000 | Dan Fandrich (19 Aug 2017)
|
---|
3001 | - runtests: fixed case insensitive matching of keywords
|
---|
3002 |
|
---|
3003 | Commit 5c2aac71 didn't work in the case of mixed-case keywords given on
|
---|
3004 | the command-line.
|
---|
3005 |
|
---|
3006 | - tests: Make sure libtests call curl_global_cleanup()
|
---|
3007 |
|
---|
3008 | This ensures that global data allocations are freed so Valgrind stays
|
---|
3009 | happy. This was a problem with at least PolarSSL and mbedTLS.
|
---|
3010 |
|
---|
3011 | Daniel Stenberg (18 Aug 2017)
|
---|
3012 | - RELEASE-NOTES: synced with 8baead425
|
---|
3013 |
|
---|
3014 | - scripts/contri*sh: use "git log --use-mailmap"
|
---|
3015 |
|
---|
3016 | - mailmap: de-duplify some git authors
|
---|
3017 |
|
---|
3018 | - http2_recv: return error better on fatal h2 errors
|
---|
3019 |
|
---|
3020 | Ref #1012
|
---|
3021 | Figured-out-by: Tatsuhiro Tsujikawa
|
---|
3022 |
|
---|
3023 | - KNOWN_BUGS: HTTP test server 'connection-monitor' problems
|
---|
3024 |
|
---|
3025 | Closes #868
|
---|
3026 |
|
---|
3027 | - curl/system.h: check for __ppc__ as well
|
---|
3028 |
|
---|
3029 | ... regression since issue #1774 (commit 10b3df10596a) since obviously
|
---|
3030 | some older gcc doesn't know __powerpc__ while some newer doesn't know
|
---|
3031 | __ppc__ ...
|
---|
3032 |
|
---|
3033 | Fixes #1797
|
---|
3034 | Closes #1798
|
---|
3035 | Reported-by: Ryan Schmidt
|
---|
3036 |
|
---|
3037 | - [Jan Alexander Steffens (heftig) brought this change]
|
---|
3038 |
|
---|
3039 | http: Don't wait on CONNECT when there is no proxy
|
---|
3040 |
|
---|
3041 | Since curl 7.55.0, NetworkManager almost always failed its connectivity
|
---|
3042 | check by timeout. I bisected this to 5113ad04 (http-proxy: do the HTTP
|
---|
3043 | CONNECT process entirely non-blocking).
|
---|
3044 |
|
---|
3045 | This patch replaces !Curl_connect_complete with Curl_connect_ongoing,
|
---|
3046 | which returns false if the CONNECT state was left uninitialized and lets
|
---|
3047 | the connection continue.
|
---|
3048 |
|
---|
3049 | Closes #1803
|
---|
3050 | Fixes #1804
|
---|
3051 |
|
---|
3052 | Also-fixed-by: Gergely Nagy
|
---|
3053 |
|
---|
3054 | - [Johannes Schindelin brought this change]
|
---|
3055 |
|
---|
3056 | metalink: adjust source code style
|
---|
3057 |
|
---|
3058 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
3059 |
|
---|
3060 | - CURL_SIZEOF_LONG: removed, use only SIZEOF_LONG
|
---|
3061 |
|
---|
3062 | - lib557: no longer use CURL_SIZEOF_* defines
|
---|
3063 |
|
---|
3064 | - config-win32: define SIZEOF_CURL_OFF_T
|
---|
3065 |
|
---|
3066 | - cmake: sizeof curl_off_t, remove unused detections
|
---|
3067 |
|
---|
3068 | - system.h: remove all CURL_SIZEOF_* defines
|
---|
3069 |
|
---|
3070 | ... as they're not used externally and internally we check for the sizes
|
---|
3071 | already in configure etc.
|
---|
3072 |
|
---|
3073 | Closes #1767
|
---|
3074 |
|
---|
3075 | - ftp: fix CWD when doing multicwd then nocwd on same connection
|
---|
3076 |
|
---|
3077 | Fixes #1782
|
---|
3078 | Closes #1787
|
---|
3079 | Reported-by: Peter Lamare
|
---|
3080 |
|
---|
3081 | - CURLOPT_SSH_COMPRESSION.3: enable with 1L
|
---|
3082 |
|
---|
3083 | (leaves other values reserved for the future)
|
---|
3084 |
|
---|
3085 | - compressed-ssh.d: "Added: 7.56.0"
|
---|
3086 |
|
---|
3087 | - curl/system.h: checksrc compliance
|
---|
3088 |
|
---|
3089 | Jay Satiro (17 Aug 2017)
|
---|
3090 | - [Viktor Szakats brought this change]
|
---|
3091 |
|
---|
3092 | ssh: add the ability to enable compression (for SCP/SFTP)
|
---|
3093 |
|
---|
3094 | The required low-level logic was already available as part of
|
---|
3095 | `libssh2` (via `LIBSSH2_FLAG_COMPRESS` `libssh2_session_flag()`[1]
|
---|
3096 | option.)
|
---|
3097 |
|
---|
3098 | This patch adds the new `libcurl` option `CURLOPT_SSH_COMPRESSION`
|
---|
3099 | (boolean) and the new `curl` command-line option `--compressed-ssh`
|
---|
3100 | to request this `libssh2` feature. To have compression enabled, it
|
---|
3101 | is required that the SSH server supports a (zlib) compatible
|
---|
3102 | compression method and that `libssh2` was built with `zlib` support
|
---|
3103 | enabled.
|
---|
3104 |
|
---|
3105 | [1] https://www.libssh2.org/libssh2_session_flag.html
|
---|
3106 |
|
---|
3107 | Ref: https://github.com/curl/curl/issues/1732
|
---|
3108 | Closes https://github.com/curl/curl/pull/1735
|
---|
3109 |
|
---|
3110 | - examples/ftpuploadresume: checksrc compliance
|
---|
3111 |
|
---|
3112 | - [Maksim Stsepanenka brought this change]
|
---|
3113 |
|
---|
3114 | http_proxy: fix build error for CURL_DOES_CONVERSIONS
|
---|
3115 |
|
---|
3116 | Closes https://github.com/curl/curl/pull/1793
|
---|
3117 |
|
---|
3118 | GitHub (16 Aug 2017)
|
---|
3119 | - [Nick Zitzmann brought this change]
|
---|
3120 |
|
---|
3121 | configure: check for __builtin_available() availability (#1788)
|
---|
3122 |
|
---|
3123 | This change does two things:
|
---|
3124 | 1. It un-breaks the build in Xcode 9.0. (Xcode 9.0 is currently
|
---|
3125 | failing trying to compile connectx() in lib/connect.c.)
|
---|
3126 | 2. It finally weak-links the connectx() function, and falls back on
|
---|
3127 | connect() when run on older operating systems.
|
---|
3128 |
|
---|
3129 | Daniel Stenberg (16 Aug 2017)
|
---|
3130 | - travis: add metalink to some osx builds
|
---|
3131 |
|
---|
3132 | Closes #1790
|
---|
3133 |
|
---|
3134 | - [Max Dymond brought this change]
|
---|
3135 |
|
---|
3136 | coverage: Use two coveralls commands to get lib/vtls results
|
---|
3137 |
|
---|
3138 | closes #1747
|
---|
3139 |
|
---|
3140 | - darwinssi: fix error: variable length array used
|
---|
3141 |
|
---|
3142 | - m4/curl-compilers.m4: use proper quotes around string, not backticks
|
---|
3143 |
|
---|
3144 | ... when setting clang version to assume 3.7
|
---|
3145 |
|
---|
3146 | Caused a lot of "integer expression expected" warnings by configure.
|
---|
3147 |
|
---|
3148 | - [Benbuck Nason brought this change]
|
---|
3149 |
|
---|
3150 | cmake: remove dead code for DISABLED_THREADSAFE
|
---|
3151 |
|
---|
3152 | Closes #1786
|
---|
3153 |
|
---|
3154 | Jay Satiro (15 Aug 2017)
|
---|
3155 | - [Jakub Zakrzewski brought this change]
|
---|
3156 |
|
---|
3157 | curl-confopts.m4: fix --disable-threaded-resolver
|
---|
3158 |
|
---|
3159 | Closes https://github.com/curl/curl/issues/1784
|
---|
3160 |
|
---|
3161 | Daniel Stenberg (15 Aug 2017)
|
---|
3162 | - [Ryan Winograd brought this change]
|
---|
3163 |
|
---|
3164 | progress: Track total times following redirects
|
---|
3165 |
|
---|
3166 | Update the progress timers `t_nslookup`, `t_connect`, `t_appconnect`,
|
---|
3167 | `t_pretransfer`, and `t_starttransfer` to track the total times for
|
---|
3168 | these activities when a redirect is followed. Previously, only the times
|
---|
3169 | for the most recent request would be tracked.
|
---|
3170 |
|
---|
3171 | Related changes:
|
---|
3172 |
|
---|
3173 | - Rename `Curl_pgrsResetTimesSizes` to `Curl_pgrsResetTransferSizes`
|
---|
3174 | now that the function only resets transfer sizes and no longer
|
---|
3175 | modifies any of the progress timers.
|
---|
3176 |
|
---|
3177 | - Add a bool to the `Progress` struct that is used to prevent
|
---|
3178 | double-counting `t_starttransfer` times.
|
---|
3179 |
|
---|
3180 | Added test case 1399.
|
---|
3181 |
|
---|
3182 | Fixes #522 and Known Bug 1.8
|
---|
3183 | Closes #1602
|
---|
3184 | Reported-by: joshhe on github
|
---|
3185 |
|
---|
3186 | - [Benbuck Nason brought this change]
|
---|
3187 |
|
---|
3188 | cmake: remove dead code for CURL_DISABLE_RTMP
|
---|
3189 |
|
---|
3190 | Closes #1785
|
---|
3191 |
|
---|
3192 | Kamil Dudka (15 Aug 2017)
|
---|
3193 | - zsh.pl: produce a working completion script again
|
---|
3194 |
|
---|
3195 | Commit curl-7_54_0-118-g8b2f22e changed the output format of curl --help
|
---|
3196 | to use <file> and <dir> instead of FILE and DIR, which caused zsh.pl to
|
---|
3197 | produce a broken completion script:
|
---|
3198 |
|
---|
3199 | % curl --<TAB>
|
---|
3200 | _curl:10: no such file or directory: seconds
|
---|
3201 |
|
---|
3202 | Closes #1779
|
---|
3203 |
|
---|
3204 | Daniel Stenberg (15 Aug 2017)
|
---|
3205 | - curlver: toward 7.56.0?
|
---|
3206 |
|
---|
3207 | - RELEASE-NOTES: synced with 91c46dc44
|
---|
3208 |
|
---|
3209 | - test1449: FTP download range with an too large size
|
---|
3210 |
|
---|
3211 | - strtoofft: reduce integer overflow risks globally
|
---|
3212 |
|
---|
3213 | ... make sure we bail out on overflows.
|
---|
3214 |
|
---|
3215 | Reported-by: Brian Carpenter
|
---|
3216 | Closes #1758
|
---|
3217 |
|
---|
3218 | - travis: build the examples too
|
---|
3219 |
|
---|
3220 | to make sure they keep building warning-free
|
---|
3221 |
|
---|
3222 | Closes #1777
|
---|
3223 |
|
---|
3224 | - runtests: match keywords case insensitively
|
---|
3225 |
|
---|
3226 | - examples/ftpuploadresume.c: use portable code
|
---|
3227 |
|
---|
3228 | ... converted from the MS specific _snscanf()
|
---|
3229 |
|
---|
3230 | Version 7.55.1 (13 Aug 2017)
|
---|
3231 |
|
---|
3232 | Daniel Stenberg (13 Aug 2017)
|
---|
3233 | - RELEASE-NOTES/THANKS: curl 7.55.1 release time
|
---|
3234 |
|
---|
3235 | - gitignore: ignore .xz now instead of .lzma
|
---|
3236 |
|
---|
3237 | - [Sergei Nikulov brought this change]
|
---|
3238 |
|
---|
3239 | cmake: Threads detection update. ref: #1702
|
---|
3240 |
|
---|
3241 | Closes #1719
|
---|
3242 |
|
---|
3243 | - ipv6_scope: support unique local addresses
|
---|
3244 |
|
---|
3245 | Fixes #1764
|
---|
3246 | Closes #1773
|
---|
3247 | Reported-by: James Slaughter
|
---|
3248 |
|
---|
3249 | - [Alex Potapenko brought this change]
|
---|
3250 |
|
---|
3251 | curl/system.h: GCC doesn't define __ppc__ on PowerPC, uses __powerpc__
|
---|
3252 |
|
---|
3253 | Closes #1774
|
---|
3254 |
|
---|
3255 | - test1448: verify redirect to IDN using URL
|
---|
3256 |
|
---|
3257 | Closes #1772
|
---|
3258 |
|
---|
3259 | - [Salah-Eddin Shaban brought this change]
|
---|
3260 |
|
---|
3261 | redirect: skip URL encoding for host names
|
---|
3262 |
|
---|
3263 | This fixes redirects to IDN URLs
|
---|
3264 |
|
---|
3265 | Fixes #1441
|
---|
3266 | Closes #1762
|
---|
3267 | Reported by: David Lord
|
---|
3268 |
|
---|
3269 | - test2032: mark as flaky (again)
|
---|
3270 |
|
---|
3271 | - travis: test cmake build on tarball too
|
---|
3272 |
|
---|
3273 | Could've prevented #1755
|
---|
3274 |
|
---|
3275 | - [Simon Warta brought this change]
|
---|
3276 |
|
---|
3277 | cmake: allow user to override CMAKE_DEBUG_POSTFIX
|
---|
3278 |
|
---|
3279 | Closes #1763
|
---|
3280 |
|
---|
3281 | - connect-to.d: better language
|
---|
3282 |
|
---|
3283 | - connect-to.d: clarified
|
---|
3284 |
|
---|
3285 | - bagder/Curl_tvdiff_us: fix the math
|
---|
3286 |
|
---|
3287 | Regression since adef394ac5 (released in 7.55.0)
|
---|
3288 |
|
---|
3289 | Reported-by: Han Qiao
|
---|
3290 | Fixes #1769
|
---|
3291 | Closes #1771
|
---|
3292 |
|
---|
3293 | - curl/system.h: add Oracle Solaris Studio
|
---|
3294 |
|
---|
3295 | Fixes #1752
|
---|
3296 |
|
---|
3297 | - [Alessandro Ghedini brought this change]
|
---|
3298 |
|
---|
3299 | docs: fix typo funtion -> function
|
---|
3300 |
|
---|
3301 | Closes #1770
|
---|
3302 |
|
---|
3303 | Alessandro Ghedini (12 Aug 2017)
|
---|
3304 | - docs: fix grammar in CURL_SSLVERSION_MAX_DEFAULT description
|
---|
3305 |
|
---|
3306 | - docs: fix typo stuct -> struct
|
---|
3307 |
|
---|
3308 | Dan Fandrich (12 Aug 2017)
|
---|
3309 | - test1447: require a curl with http support
|
---|
3310 |
|
---|
3311 | Daniel Stenberg (11 Aug 2017)
|
---|
3312 | - [Thomas Petazzoni brought this change]
|
---|
3313 |
|
---|
3314 | curl/system.h: support more architectures
|
---|
3315 |
|
---|
3316 | The long list of architectures in include/curl/system.h is annoying to
|
---|
3317 | maintain, and needs to be extended for each and every architecture to
|
---|
3318 | support.
|
---|
3319 |
|
---|
3320 | Instead, let's rely on the __SIZEOF_LONG__ define of the gcc compiler
|
---|
3321 | (we are in the GNUC condition anyway), which tells us if long is 4
|
---|
3322 | bytes or 8 bytes.
|
---|
3323 |
|
---|
3324 | This fixes the build of libcurl 7.55.0 on architectures such as
|
---|
3325 | OpenRISC or ARC.
|
---|
3326 |
|
---|
3327 | Closes #1766
|
---|
3328 |
|
---|
3329 | Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
---|
3330 |
|
---|
3331 | - test2033: this went flaky again
|
---|
3332 |
|
---|
3333 | Suspicion: when we enabled the threaded resolver by default.
|
---|
3334 |
|
---|
3335 | - test1447: verifies the parse proxy fix in 6e0e152ce5c
|
---|
3336 |
|
---|
3337 | - [Even Rouault brought this change]
|
---|
3338 |
|
---|
3339 | parse_proxy(): fix memory leak in case of invalid proxy server name
|
---|
3340 |
|
---|
3341 | Fixes the below leak:
|
---|
3342 |
|
---|
3343 | $ valgrind --leak-check=full ~/install-curl-git/bin/curl --proxy "http://a:b@/x" http://127.0.0.1
|
---|
3344 | curl: (5) Couldn't resolve proxy name
|
---|
3345 | ==5048==
|
---|
3346 | ==5048== HEAP SUMMARY:
|
---|
3347 | ==5048== in use at exit: 532 bytes in 12 blocks
|
---|
3348 | ==5048== total heap usage: 5,288 allocs, 5,276 frees, 445,271 bytes allocated
|
---|
3349 | ==5048==
|
---|
3350 | ==5048== 2 bytes in 1 blocks are definitely lost in loss record 1 of 12
|
---|
3351 | ==5048== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
|
---|
3352 | ==5048== by 0x4E6CB79: parse_login_details (url.c:5614)
|
---|
3353 | ==5048== by 0x4E6BA82: parse_proxy (url.c:5091)
|
---|
3354 | ==5048== by 0x4E6C46D: create_conn_helper_init_proxy (url.c:5346)
|
---|
3355 | ==5048== by 0x4E6EA18: create_conn (url.c:6498)
|
---|
3356 | ==5048== by 0x4E6F9B4: Curl_connect (url.c:6967)
|
---|
3357 | ==5048== by 0x4E86D05: multi_runsingle (multi.c:1436)
|
---|
3358 | ==5048== by 0x4E88432: curl_multi_perform (multi.c:2160)
|
---|
3359 | ==5048== by 0x4E7C515: easy_transfer (easy.c:708)
|
---|
3360 | ==5048== by 0x4E7C74A: easy_perform (easy.c:794)
|
---|
3361 | ==5048== by 0x4E7C7B1: curl_easy_perform (easy.c:813)
|
---|
3362 | ==5048== by 0x414025: operate_do (tool_operate.c:1563)
|
---|
3363 | ==5048==
|
---|
3364 | ==5048== 2 bytes in 1 blocks are definitely lost in loss record 2 of 12
|
---|
3365 | ==5048== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
|
---|
3366 | ==5048== by 0x4E6CBB6: parse_login_details (url.c:5621)
|
---|
3367 | ==5048== by 0x4E6BA82: parse_proxy (url.c:5091)
|
---|
3368 | ==5048== by 0x4E6C46D: create_conn_helper_init_proxy (url.c:5346)
|
---|
3369 | ==5048== by 0x4E6EA18: create_conn (url.c:6498)
|
---|
3370 | ==5048== by 0x4E6F9B4: Curl_connect (url.c:6967)
|
---|
3371 | ==5048== by 0x4E86D05: multi_runsingle (multi.c:1436)
|
---|
3372 | ==5048== by 0x4E88432: curl_multi_perform (multi.c:2160)
|
---|
3373 | ==5048== by 0x4E7C515: easy_transfer (easy.c:708)
|
---|
3374 | ==5048== by 0x4E7C74A: easy_perform (easy.c:794)
|
---|
3375 | ==5048== by 0x4E7C7B1: curl_easy_perform (easy.c:813)
|
---|
3376 | ==5048== by 0x414025: operate_do (tool_operate.c:1563)
|
---|
3377 |
|
---|
3378 | Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2984
|
---|
3379 | Credit to OSS Fuzz for discovery
|
---|
3380 |
|
---|
3381 | Closes #1761
|
---|
3382 |
|
---|
3383 | - RELEASE-NOTES: synced with 37f2195a9
|
---|
3384 |
|
---|
3385 | - curlver: bump to 7.55.1
|
---|
3386 |
|
---|
3387 | - openssl: fix "error: this statement may fall through"
|
---|
3388 |
|
---|
3389 | A gcc7 warning.
|
---|
3390 |
|
---|
3391 | - [David Benjamin brought this change]
|
---|
3392 |
|
---|
3393 | openssl: remove CONST_ASN1_BIT_STRING.
|
---|
3394 |
|
---|
3395 | Just making the pointer as const works for the pre-1.1.0 path too.
|
---|
3396 |
|
---|
3397 | Closes #1759
|
---|
3398 |
|
---|
3399 | - maketgz: remove old *.dist files before making the tarball
|
---|
3400 |
|
---|
3401 | To avoid "old crap" unintentionally getting shipped.
|
---|
3402 |
|
---|
3403 | Bug: https://curl.haxx.se/mail/lib-2017-08/0050.html
|
---|
3404 | Reported-by: Christian Weisgerber
|
---|
3405 |
|
---|
3406 | Jay Satiro (10 Aug 2017)
|
---|
3407 | - mkhelp.pl: allow executing this script directly
|
---|
3408 |
|
---|
3409 | - Enable execute permission (chmod +x)
|
---|
3410 |
|
---|
3411 | - Change interpreter to /usr/bin/env perl
|
---|
3412 |
|
---|
3413 | Ref: https://github.com/curl/curl/issues/1743
|
---|
3414 |
|
---|
3415 | Daniel Stenberg (10 Aug 2017)
|
---|
3416 | - configure: use the threaded resolver backend by default if possible
|
---|
3417 |
|
---|
3418 | Closes #1647
|
---|
3419 |
|
---|
3420 | - cmake: move cmake_uninstall.cmake to CMake/
|
---|
3421 |
|
---|
3422 | Closes #1756
|
---|
3423 |
|
---|
3424 | - metalink: fix error: â*â in boolean context, suggest â&&â instead
|
---|
3425 |
|
---|
3426 | - dist: fix the cmake build by shipping cmake_uninstall.cmake.in too
|
---|
3427 |
|
---|
3428 | Fixes #1755
|
---|
3429 |
|
---|
3430 | - travis: verify "make install"
|
---|
3431 |
|
---|
3432 | Help-by: Jay Satiro
|
---|
3433 | Closes #1753
|
---|
3434 |
|
---|
3435 | Marcel Raad (10 Aug 2017)
|
---|
3436 | - build: check out *.sln files with Windows line endings
|
---|
3437 |
|
---|
3438 | Visual Studio doesn't like LF line endings in solution files and always
|
---|
3439 | converts them to CRLF when doing changes to the solution. Notably, this
|
---|
3440 | affects the solutions in the release archive.
|
---|
3441 |
|
---|
3442 | Closes https://github.com/curl/curl/pull/1746
|
---|
3443 |
|
---|
3444 | - gitignore: ignore top-level .vs folder
|
---|
3445 |
|
---|
3446 | This folder is generated when using the CMake build system from within
|
---|
3447 | Visual Studio.
|
---|
3448 |
|
---|
3449 | Closes https://github.com/curl/curl/pull/1746
|
---|
3450 |
|
---|
3451 | Jay Satiro (10 Aug 2017)
|
---|
3452 | - digest_sspi: Don't reuse context if the user/passwd has changed
|
---|
3453 |
|
---|
3454 | Bug: https://github.com/curl/curl/issues/1685
|
---|
3455 | Reported-by: paulharris@users.noreply.github.com
|
---|
3456 |
|
---|
3457 | Assisted-by: Isaac Boukris
|
---|
3458 |
|
---|
3459 | Closes https://github.com/curl/curl/pull/1742
|
---|
3460 |
|
---|
3461 | Daniel Stenberg (9 Aug 2017)
|
---|
3462 | - [Adam Sampson brought this change]
|
---|
3463 |
|
---|
3464 | dist: Add dictserver.py/negtelnetserver.py to EXTRA_DIST
|
---|
3465 |
|
---|
3466 | These weren't included in the 7.55.0 release, but are required in order
|
---|
3467 | to run the full test suite.
|
---|
3468 |
|
---|
3469 | Closes #1744
|
---|
3470 |
|
---|
3471 | - [Adam Sampson brought this change]
|
---|
3472 |
|
---|
3473 | curl: do bounds check using a double comparison
|
---|
3474 |
|
---|
3475 | The fix for this in 8661a0aacc01492e0436275ff36a21734f2541bb wasn't
|
---|
3476 | complete: if the parsed number in num is larger than will fit in a long,
|
---|
3477 | the conversion is undefined behaviour (causing test1427 to fail for me
|
---|
3478 | on IA32 with GCC 7.1, although it passes on AMD64 and ARMv7). Getting
|
---|
3479 | rid of the cast means the comparison will be done using doubles.
|
---|
3480 |
|
---|
3481 | It might make more sense for the max argument to also be a double...
|
---|
3482 |
|
---|
3483 | Fixes #1750
|
---|
3484 | Closes #1749
|
---|
3485 |
|
---|
3486 | - make install: add 8 missing man pages to the installation
|
---|
3487 |
|
---|
3488 | - build: fix 'make install' with configure, install docs/libcurl/* too
|
---|
3489 |
|
---|
3490 | Broken since d24838d4da9faa
|
---|
3491 |
|
---|
3492 | Reported-by: Bernard Spil
|
---|
3493 |
|
---|
3494 | Version 7.55.0 (9 Aug 2017)
|
---|
3495 |
|
---|
3496 | Daniel Stenberg (9 Aug 2017)
|
---|
3497 | - RELEASE-NOTES: curl 7.55.0
|
---|
3498 |
|
---|
3499 | - THANKS: 20 new contributors in 7.55.0
|
---|
3500 |
|
---|
3501 | - [Viktor Szakats brought this change]
|
---|
3502 |
|
---|
3503 | docs/comments: Update to secure URL versions
|
---|
3504 |
|
---|
3505 | Closes #1741
|
---|
3506 |
|
---|
3507 | - configure: fix recv/send/select detection on Android
|
---|
3508 |
|
---|
3509 | ... since they now provide several functions as
|
---|
3510 | __attribute__((overloadable)), the argument detection logic need
|
---|
3511 | updates.
|
---|
3512 |
|
---|
3513 | Patched-by: destman at github
|
---|
3514 |
|
---|
3515 | Fixes #1738
|
---|
3516 | Closes #1739
|
---|
3517 |
|
---|
3518 | Marcel Raad (8 Aug 2017)
|
---|
3519 | - ax_code_coverage.m4: update to latest version
|
---|
3520 |
|
---|
3521 | This updates the script to aad5ad5fedb306b39f901a899b7bd305b66c418d
|
---|
3522 | from August 01, 2017. Notably, this removes the lconv version whitelist.
|
---|
3523 |
|
---|
3524 | Closes https://github.com/curl/curl/pull/1716
|
---|
3525 |
|
---|
3526 | Daniel Stenberg (7 Aug 2017)
|
---|
3527 | - test1427: verify command line parser integer overflow detection
|
---|
3528 |
|
---|
3529 | - curl: detect and bail out early on parameter integer overflows
|
---|
3530 |
|
---|
3531 | Make the number parser aware of the maximum limit curl accepts for a
|
---|
3532 | value and return an error immediately if larger, instead of running an
|
---|
3533 | integer overflow later.
|
---|
3534 |
|
---|
3535 | Fixes #1730
|
---|
3536 | Closes #1736
|
---|
3537 |
|
---|
3538 | - glob: do not continue parsing after a strtoul() overflow range
|
---|
3539 |
|
---|
3540 | Added test 1289 to verify.
|
---|
3541 |
|
---|
3542 | CVE-2017-1000101
|
---|
3543 |
|
---|
3544 | Bug: https://curl.haxx.se/docs/adv_20170809A.html
|
---|
3545 | Reported-by: Brian Carpenter
|
---|
3546 |
|
---|
3547 | - tftp: reject file name lengths that don't fit
|
---|
3548 |
|
---|
3549 | ... and thereby avoid telling send() to send off more bytes than the
|
---|
3550 | size of the buffer!
|
---|
3551 |
|
---|
3552 | CVE-2017-1000100
|
---|
3553 |
|
---|
3554 | Bug: https://curl.haxx.se/docs/adv_20170809B.html
|
---|
3555 | Reported-by: Even Rouault
|
---|
3556 |
|
---|
3557 | Credit to OSS-Fuzz for the discovery
|
---|
3558 |
|
---|
3559 | - [Even Rouault brought this change]
|
---|
3560 |
|
---|
3561 | file: output the correct buffer to the user
|
---|
3562 |
|
---|
3563 | Regression brought by 7c312f84ea930d8 (April 2017)
|
---|
3564 |
|
---|
3565 | CVE-2017-1000099
|
---|
3566 |
|
---|
3567 | Bug: https://curl.haxx.se/docs/adv_20170809C.html
|
---|
3568 |
|
---|
3569 | Credit to OSS-Fuzz for the discovery
|
---|
3570 |
|
---|
3571 | - easy_events: make event data static
|
---|
3572 |
|
---|
3573 | First: this function is only used in debug-builds and not in
|
---|
3574 | release/real builds. It is used to drive tests using the event-based
|
---|
3575 | API.
|
---|
3576 |
|
---|
3577 | A pointer to the local struct is passed to CURLMOPT_TIMERDATA, but the
|
---|
3578 | CURLMOPT_TIMERFUNCTION calback can in fact be called even after this
|
---|
3579 | funtion returns, namely when curl_multi_remove_handle() is called.
|
---|
3580 |
|
---|
3581 | Reported-by: Brian Carpenter
|
---|
3582 |
|
---|
3583 | - getparameter: avoid returning uninitialized 'usedarg'
|
---|
3584 |
|
---|
3585 | Fixes #1728
|
---|
3586 |
|
---|
3587 | Marcel Raad (5 Aug 2017)
|
---|
3588 | - [Isaac Boukris brought this change]
|
---|
3589 |
|
---|
3590 | gssapi: fix memory leak of output token in multi round context
|
---|
3591 |
|
---|
3592 | When multiple rounds are needed to establish a security context
|
---|
3593 | (usually ntlm), we overwrite old token with a new one without free.
|
---|
3594 | Found by proposed gss tests using stub a gss implementation (by
|
---|
3595 | valgrind error), though I have confirmed the leak with a real
|
---|
3596 | gssapi implementation as well.
|
---|
3597 |
|
---|
3598 | Closes https://github.com/curl/curl/pull/1733
|
---|
3599 |
|
---|
3600 | - darwinssl: fix compiler warning
|
---|
3601 |
|
---|
3602 | clang complains:
|
---|
3603 | vtls/darwinssl.c:40:8: error: extra tokens at end of #endif directive
|
---|
3604 | [-Werror,-Wextra-tokens]
|
---|
3605 |
|
---|
3606 | This breaks the darwinssl build on Travis. Fix it by making this token
|
---|
3607 | a comment.
|
---|
3608 |
|
---|
3609 | Closes https://github.com/curl/curl/pull/1734
|
---|
3610 |
|
---|
3611 | - CMake: fix CURL_WERROR for MSVC
|
---|
3612 |
|
---|
3613 | When using CURL_WERROR in MSVC builds, the debug flags were overridden
|
---|
3614 | by the release flags and /WX got added twice in debug mode.
|
---|
3615 |
|
---|
3616 | Closes https://github.com/curl/curl/pull/1715
|
---|
3617 |
|
---|
3618 | Daniel Stenberg (4 Aug 2017)
|
---|
3619 | - RELEASE-NOTES: synced with 561e9217c
|
---|
3620 |
|
---|
3621 | - test1010: verify that #1718 is fixed
|
---|
3622 |
|
---|
3623 | ... by doing two transfers in nocwd mode and check that there's no
|
---|
3624 | superfluous CWD command.
|
---|
3625 |
|
---|
3626 | - FTP: skip unnecessary CWD when in nocwd mode
|
---|
3627 |
|
---|
3628 | ... when reusing a connection. If it didn't do any CWD previously.
|
---|
3629 |
|
---|
3630 | Fixes #1718
|
---|
3631 |
|
---|
3632 | Marcel Raad (4 Aug 2017)
|
---|
3633 | - travis: explicitly specify dist
|
---|
3634 |
|
---|
3635 | This makes the builds more reproducible as travis is currently rolling
|
---|
3636 | out trusty as default dist [1]. Specifically, this avoids coverage
|
---|
3637 | check failures when trusty is used as seen in [2] until we figure out
|
---|
3638 | what's wrong.
|
---|
3639 |
|
---|
3640 | [1] https://blog.travis-ci.com/2017-07-11-trusty-as-default-linux-is-coming
|
---|
3641 | [2] https://github.com/curl/curl/pull/1692
|
---|
3642 |
|
---|
3643 | Closes https://github.com/curl/curl/pull/1725
|
---|
3644 |
|
---|
3645 | Daniel Stenberg (4 Aug 2017)
|
---|
3646 | - travis: BUILD_TYPE => T
|
---|
3647 |
|
---|
3648 | (to make the full line appear nicer on travis web UI)
|
---|
3649 |
|
---|
3650 | - travis: add osx build with darwinssl
|
---|
3651 |
|
---|
3652 | Closes #1706
|
---|
3653 |
|
---|
3654 | - darwin: silence compiler warnings
|
---|
3655 |
|
---|
3656 | With a clang pragma and three type fixes
|
---|
3657 |
|
---|
3658 | Fixes #1722
|
---|
3659 |
|
---|
3660 | - BUILD.WINDOWS: mention buildconf.bat for builds off git
|
---|
3661 |
|
---|
3662 | - darwinssl: fix curlssl_sha256sum() compiler warnings on first argument
|
---|
3663 |
|
---|
3664 | - test130: verify comments in .netrc
|
---|
3665 |
|
---|
3666 | - [Gisle Vanem brought this change]
|
---|
3667 |
|
---|
3668 | netrc: skip lines starting with '#'
|
---|
3669 |
|
---|
3670 | Bug: https://curl.haxx.se/mail/lib-2017-08/0008.html
|
---|
3671 |
|
---|
3672 | Marcel Raad (3 Aug 2017)
|
---|
3673 | - CMake: set MSVC warning level to 4
|
---|
3674 |
|
---|
3675 | The MSVC warning level defaults to 3 in CMake. Change it to 4, which is
|
---|
3676 | consistent with the Visual Studio and NMake builds. Disable level 4
|
---|
3677 | warning C4127 for the library and additionally C4306 for the test
|
---|
3678 | servers to get a clean CURL_WERROR build as that warning is raised in
|
---|
3679 | some macros in older Visual Studio versions.
|
---|
3680 |
|
---|
3681 | Ref: https://github.com/curl/curl/pull/1667#issuecomment-314082794
|
---|
3682 | Closes https://github.com/curl/curl/pull/1711
|
---|
3683 |
|
---|
3684 | Daniel Stenberg (2 Aug 2017)
|
---|
3685 | - CURLOPT_NETRC.3: fix typo in 7e48aa386156f9c2
|
---|
3686 |
|
---|
3687 | Reported-by: Viktor Szakats
|
---|
3688 |
|
---|
3689 | - CURLOPT_NETRC.3: mention the file name on windows
|
---|
3690 |
|
---|
3691 | ... and CURLOPT_NETRC_FILE(3).
|
---|
3692 |
|
---|
3693 | - travis: build osx with libressl too
|
---|
3694 |
|
---|
3695 | - travis: build osx with openssl too
|
---|
3696 |
|
---|
3697 | - tests/server/util: fix curltime mistake from 4dee50b9c80f9
|
---|
3698 |
|
---|
3699 | Marcel Raad (1 Aug 2017)
|
---|
3700 | - curl_threads: fix MSVC compiler warning
|
---|
3701 |
|
---|
3702 | Use LongToHandle to convert from long to HANDLE in the Win32
|
---|
3703 | implementation.
|
---|
3704 | This should fix the following warning when compiling with
|
---|
3705 | MSVC 11 (2012) in 64-bit mode:
|
---|
3706 | lib\curl_threads.c(113): warning C4306:
|
---|
3707 | 'type cast' : conversion from 'long' to 'HANDLE' of greater size
|
---|
3708 |
|
---|
3709 | Closes https://github.com/curl/curl/pull/1717
|
---|
3710 |
|
---|
3711 | Daniel Stenberg (1 Aug 2017)
|
---|
3712 | - BUGS: improved phrasing about security bugs
|
---|
3713 |
|
---|
3714 | Reported-by: Max Dymond
|
---|
3715 |
|
---|
3716 | - BUGS: clarify how to report security related bugs
|
---|
3717 |
|
---|
3718 | - [Brad Spencer brought this change]
|
---|
3719 |
|
---|
3720 | multi: fix request timer management
|
---|
3721 |
|
---|
3722 | There are some bugs in how timers are managed for a single easy handle
|
---|
3723 | that causes the wrong "next timeout" value to be reported to the
|
---|
3724 | application when a new minimum needs to be recomputed and that new
|
---|
3725 | minimum should be an existing timer that isn't currently set for the
|
---|
3726 | easy handle. When the application drives a set of easy handles via the
|
---|
3727 | `curl_multi_socket_action()` API (for example), it gets told to wait the
|
---|
3728 | wrong amount of time before the next call, which causes requests to
|
---|
3729 | linger for a long time (or, it is my guess, possibly forever).
|
---|
3730 |
|
---|
3731 | Bug: https://curl.haxx.se/mail/lib-2017-07/0033.html
|
---|
3732 |
|
---|
3733 | Jay Satiro (1 Aug 2017)
|
---|
3734 | - curl_setup: Define CURL_NO_OLDIES for building libcurl
|
---|
3735 |
|
---|
3736 | .. to catch accidental use of deprecated error codes.
|
---|
3737 |
|
---|
3738 | Ref: https://github.com/curl/curl/issues/1688#issuecomment-316764237
|
---|
3739 |
|
---|
3740 | Daniel Stenberg (1 Aug 2017)
|
---|
3741 | - [Jeremy Tan brought this change]
|
---|
3742 |
|
---|
3743 | configure: fix the check for IdnToUnicode
|
---|
3744 |
|
---|
3745 | Fixes #1669
|
---|
3746 | Closes #1713
|
---|
3747 |
|
---|
3748 | - http: fix response code parser to avoid integer overflow
|
---|
3749 |
|
---|
3750 | test 1429 and 1433 were updated to work with the stricter HTTP status line
|
---|
3751 | parser.
|
---|
3752 |
|
---|
3753 | Closes #1714
|
---|
3754 | Reported-by: Brian Carpenter
|
---|
3755 |
|
---|
3756 | Jay Satiro (31 Jul 2017)
|
---|
3757 | - [Dwarakanath Yadavalli brought this change]
|
---|
3758 |
|
---|
3759 | libcurl: Stop using error codes defined under CURL_NO_OLDIES
|
---|
3760 |
|
---|
3761 | Fixes https://github.com/curl/curl/issues/1688
|
---|
3762 | Closes https://github.com/curl/curl/pull/1712
|
---|
3763 |
|
---|
3764 | - include.d: clarify --include is only for response headers
|
---|
3765 |
|
---|
3766 | Follow-up to 171f8de and de6de94.
|
---|
3767 |
|
---|
3768 | Bug: https://github.com/curl/curl/commit/de6de94#commitcomment-23370851
|
---|
3769 | Reported-by: Daniel Stenberg
|
---|
3770 |
|
---|
3771 | Daniel Stenberg (30 Jul 2017)
|
---|
3772 | - [jasjuang brought this change]
|
---|
3773 |
|
---|
3774 | cmake: support make uninstall
|
---|
3775 |
|
---|
3776 | Closes #1674
|
---|
3777 |
|
---|
3778 | - RELEASE-NOTES: synced with 001701c47
|
---|
3779 |
|
---|
3780 | Marcel Raad (29 Jul 2017)
|
---|
3781 | - AppVeyor: now really use CURL_WERROR
|
---|
3782 |
|
---|
3783 | It was misspelled as CURL_ERROR in commit
|
---|
3784 | 2d86e8d1286e0fbe3d811e2e87fa0b5e53722db4.
|
---|
3785 |
|
---|
3786 | Closes https://github.com/curl/curl/pull/1686
|
---|
3787 |
|
---|
3788 | Jay Satiro (29 Jul 2017)
|
---|
3789 | - tool_help: clarify --include is only for response headers
|
---|
3790 |
|
---|
3791 | Follow-up to 171f8de.
|
---|
3792 |
|
---|
3793 | Ref: https://github.com/curl/curl/issues/1704
|
---|
3794 |
|
---|
3795 | - splay: fix signed/unsigned mismatch warning
|
---|
3796 |
|
---|
3797 | Follow-up to 4dee50b.
|
---|
3798 |
|
---|
3799 | Ref: https://github.com/curl/curl/pull/1693
|
---|
3800 |
|
---|
3801 | Daniel Stenberg (28 Jul 2017)
|
---|
3802 | - include.d: clarify that it concerns the response headers
|
---|
3803 |
|
---|
3804 | Reported-by: olesteban at github
|
---|
3805 | Fixes #1704
|
---|
3806 |
|
---|
3807 | - [Johannes Schindelin brought this change]
|
---|
3808 |
|
---|
3809 | curl_rtmp: fix a compiler warning
|
---|
3810 |
|
---|
3811 | The headers of librtmp declare the socket as `int`, and on Windows, that
|
---|
3812 | disagrees with curl_socket_t.
|
---|
3813 |
|
---|
3814 | Bug: #1652
|
---|
3815 |
|
---|
3816 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
3817 |
|
---|
3818 | - test1323: verify curlx_tvdiff
|
---|
3819 |
|
---|
3820 | - timeval: struct curltime is a struct timeval replacement
|
---|
3821 |
|
---|
3822 | ... to make all libcurl internals able to use the same data types for
|
---|
3823 | the struct members. The timeval struct differs subtly on several
|
---|
3824 | platforms so it makes it cumbersome to use everywhere.
|
---|
3825 |
|
---|
3826 | Ref: #1652
|
---|
3827 | Closes #1693
|
---|
3828 |
|
---|
3829 | - darwinssl: fix variable type mistake (regression)
|
---|
3830 |
|
---|
3831 | ... which made --tlsv1.2 not work because it would blank the max tls
|
---|
3832 | version variable.
|
---|
3833 |
|
---|
3834 | Reported-by: Nick Miyake
|
---|
3835 | Bug: #1703
|
---|
3836 |
|
---|
3837 | - multi: mention integer overflow risk if using > 500 million sockets
|
---|
3838 |
|
---|
3839 | Reported-by: ovidiu-benea@users.noreply.github.com
|
---|
3840 |
|
---|
3841 | Closes #1675
|
---|
3842 | Closes #1683
|
---|
3843 |
|
---|
3844 | - checksrc: escape open brace in regex
|
---|
3845 |
|
---|
3846 | ... to silence warning.
|
---|
3847 |
|
---|
3848 | Kamil Dudka (20 Jul 2017)
|
---|
3849 | - nss: fix a possible use-after-free in SelectClientCert()
|
---|
3850 |
|
---|
3851 | ... causing a SIGSEGV in showit() in case the handle used to initiate
|
---|
3852 | the connection has already been freed.
|
---|
3853 |
|
---|
3854 | This commit fixes a bug introduced in curl-7_19_5-204-g5f0cae803.
|
---|
3855 |
|
---|
3856 | Reported-by: Rob Sanders
|
---|
3857 | Bug: https://bugzilla.redhat.com/1436158
|
---|
3858 |
|
---|
3859 | - nss: unify the coding style of nss_send() and nss_recv()
|
---|
3860 |
|
---|
3861 | No changes in behavior intended by this commit.
|
---|
3862 |
|
---|
3863 | Marcel Raad (18 Jul 2017)
|
---|
3864 | - tests/server/resolve.c: fix deprecation warning
|
---|
3865 |
|
---|
3866 | MSVC warns that gethostbyname is deprecated. Always use getaddrinfo
|
---|
3867 | instead to fix this when IPv6 is enabled, also for IPv4 resolves. This
|
---|
3868 | is also consistent with what libcurl does.
|
---|
3869 |
|
---|
3870 | Closes https://github.com/curl/curl/pull/1682
|
---|
3871 |
|
---|
3872 | Jay Satiro (17 Jul 2017)
|
---|
3873 | - darwinssl: fix pinnedpubkey build error
|
---|
3874 |
|
---|
3875 | - s/SessionHandle/Curl_easy/
|
---|
3876 |
|
---|
3877 | Bug: https://github.com/curl/curl/commit/eb16305#commitcomment-23035670
|
---|
3878 | Reported-by: Gisle Vanem
|
---|
3879 |
|
---|
3880 | Marcel Raad (16 Jul 2017)
|
---|
3881 | - rtspd: fix GCC warning after MSVC warning fix
|
---|
3882 |
|
---|
3883 | Older GCC warns:
|
---|
3884 | /tests/server/rtspd.c:1194:10: warning: missing braces around
|
---|
3885 | initializer [-Wmissing-braces]
|
---|
3886 |
|
---|
3887 | Fix this by using memset instead of an initializer.
|
---|
3888 |
|
---|
3889 | - libtest: fix MSVC warning C4706
|
---|
3890 |
|
---|
3891 | With warning level 4, MSVC warns about assignments within conditional
|
---|
3892 | expressions. Change the while loop to a do-while loop to fix this. This
|
---|
3893 | change is also consistent with CODE_STYLE.md.
|
---|
3894 |
|
---|
3895 | - sockfilt: suppress conversion warning with explicit cast
|
---|
3896 |
|
---|
3897 | MSVC warns when implicitly casting -1 to unsigned long.
|
---|
3898 |
|
---|
3899 | - rtspd: fix MSVC level 4 warning
|
---|
3900 |
|
---|
3901 | warning C4701: potentially uninitialized local variable 'req' used
|
---|
3902 |
|
---|
3903 | - winbuild: re-enable warning C4127 for curl tool
|
---|
3904 |
|
---|
3905 | Disabled in cda19a345f6970e22fe8b7a808aeb8f086a21eac. It only needs to
|
---|
3906 | be disabled for libcurl.
|
---|
3907 |
|
---|
3908 | - winbuild: build with warning level 4
|
---|
3909 |
|
---|
3910 | This is consistent with 7bc64561a2e63ca93e4b0b31d350773ba80955c2, which
|
---|
3911 | changed the warning level from 3 to 4 for the Visual Studio project
|
---|
3912 | files. But disable the level 4 warning C4127 "conditional expression is
|
---|
3913 | constant", as that one is issued by older versions of the Windows SDK
|
---|
3914 | as well as curl itself under some circumstances.
|
---|
3915 |
|
---|
3916 | Closes https://github.com/curl/curl/pull/1667
|
---|
3917 |
|
---|
3918 | Jay Satiro (12 Jul 2017)
|
---|
3919 | - [Max Dymond brought this change]
|
---|
3920 |
|
---|
3921 | travis: install libidn2
|
---|
3922 |
|
---|
3923 | Install libidn2 to increase test coverage (IDN tests)
|
---|
3924 |
|
---|
3925 | Closes https://github.com/curl/curl/pull/1673
|
---|
3926 |
|
---|
3927 | Marcel Raad (12 Jul 2017)
|
---|
3928 | - travis: enable warnings also in release mode
|
---|
3929 |
|
---|
3930 | ... to get warnings also on Linux/GCC and OSX/clang.
|
---|
3931 |
|
---|
3932 | Closes https://github.com/curl/curl/pull/1666
|
---|
3933 |
|
---|
3934 | Daniel Stenberg (12 Jul 2017)
|
---|
3935 | - [Max Dymond brought this change]
|
---|
3936 |
|
---|
3937 | travis: install libssh2
|
---|
3938 |
|
---|
3939 | Install libssh2 to increase test coverage (SFTP, SCP)
|
---|
3940 |
|
---|
3941 | Marcel Raad (12 Jul 2017)
|
---|
3942 | - system.h: include winsock2.h before windows.h
|
---|
3943 |
|
---|
3944 | ... to avoid compiler warnings if the user doesn't want
|
---|
3945 | WIN32_LEAN_AND_MEAN.
|
---|
3946 |
|
---|
3947 | - build: remove WIN32_LEAN_AND_MEAN from individual build systems
|
---|
3948 |
|
---|
3949 | It's defined for all build systems in curl_setup.h since commit
|
---|
3950 | beb08481d01a07a8b10938b1078a5e298b1c2912. This caused macro
|
---|
3951 | redefinition warnings in the configure builds.
|
---|
3952 |
|
---|
3953 | Closes https://github.com/curl/curl/pull/1677
|
---|
3954 |
|
---|
3955 | Jay Satiro (11 Jul 2017)
|
---|
3956 | - ISSUE_TEMPLATE: Add a comment not to file security issues on github
|
---|
3957 |
|
---|
3958 | Marcel Raad (11 Jul 2017)
|
---|
3959 | - curl_setup: always define WIN32_LEAN_AND_MEAN on Windows
|
---|
3960 |
|
---|
3961 | Make sure to always define WIN32_LEAN_AND_MEAN before including any
|
---|
3962 | Windows headers to avoid pulling in unnecessary headers. This avoids
|
---|
3963 | unnecessary macro clashes and compiler warnings.
|
---|
3964 |
|
---|
3965 | Ref: https://github.com/curl/curl/issues/1562
|
---|
3966 | Closes https://github.com/curl/curl/pull/1672
|
---|
3967 |
|
---|
3968 | Jay Satiro (11 Jul 2017)
|
---|
3969 | - strerror: Preserve Windows error code in some functions
|
---|
3970 |
|
---|
3971 | This is a follow-up to af02162 which removed (SET_)ERRNO macros. That
|
---|
3972 | commit was an earlier draft that I committed by mistake, which was then
|
---|
3973 | remedied by a5834e5 and e909de6, and now this commit. With this commit
|
---|
3974 | there is now no difference between the current code and the changes that
|
---|
3975 | were approved in the final draft.
|
---|
3976 |
|
---|
3977 | Thanks-to: Max Dymond, Marcel Raad, Daniel Stenberg, Gisle Vanem
|
---|
3978 | Ref: https://github.com/curl/curl/pull/1589
|
---|
3979 |
|
---|
3980 | Marcel Raad (10 Jul 2017)
|
---|
3981 | - [Max Dymond brought this change]
|
---|
3982 |
|
---|
3983 | tests: Fix up issues with errno in test files
|
---|
3984 |
|
---|
3985 | Closes https://github.com/curl/curl/pull/1671
|
---|
3986 |
|
---|
3987 | Daniel Stenberg (10 Jul 2017)
|
---|
3988 | - errno: fix non-windows builds after af0216251b94e7
|
---|
3989 |
|
---|
3990 | - [Ryan Winograd brought this change]
|
---|
3991 |
|
---|
3992 | make: fix docs build on OpenBSD
|
---|
3993 |
|
---|
3994 | Ref: #1591
|
---|
3995 |
|
---|
3996 | Marcel Raad (10 Jul 2017)
|
---|
3997 | - ldap: fix MinGW compiler warning
|
---|
3998 |
|
---|
3999 | ldap_bind_s is marked as deprecated in w32api's winldap.h shipping with
|
---|
4000 | the latest original MinGW, resulting in compiler warnings since commit
|
---|
4001 | f0fe66f13c93d3d0af45d9fb1231c9164e0f9dc8. Fix this for the non-SSPI
|
---|
4002 | case by using ldap_simple_bind_s again instead of ldap_bind_s with
|
---|
4003 | LDAP_AUTH_SIMPLE.
|
---|
4004 |
|
---|
4005 | Closes https://github.com/curl/curl/pull/1664
|
---|
4006 |
|
---|
4007 | - curl-compilers.m4: disable warning spam with Cygwin's clang
|
---|
4008 |
|
---|
4009 | When building with Cygwin or MinGW, libtool uses a wrapper executable
|
---|
4010 | instead of a wrapper script [1], which is written in C and throws
|
---|
4011 | missing-variable-declarations warnings. Don't enable these warnings on
|
---|
4012 | Cygwin and MinGW in order to avoid warnings for every executable built,
|
---|
4013 | which spams the test suite output when using Cygwin's clang.
|
---|
4014 |
|
---|
4015 | [1] https://www.gnu.org/software/libtool/manual/html_node/Wrapper-executables.html
|
---|
4016 |
|
---|
4017 | Closes https://github.com/curl/curl/pull/1665
|
---|
4018 |
|
---|
4019 | Jay Satiro (10 Jul 2017)
|
---|
4020 | - curl_setup_once: Remove ERRNO/SET_ERRNO macros
|
---|
4021 |
|
---|
4022 | Prior to this change (SET_)ERRNO mapped to GetLastError/SetLastError
|
---|
4023 | for Win32 and regular errno otherwise.
|
---|
4024 |
|
---|
4025 | I reviewed the code and found no justifiable reason for conflating errno
|
---|
4026 | on WIN32 with GetLastError/SetLastError. All Win32 CRTs support errno,
|
---|
4027 | and any Win32 multithreaded CRT supports thread-local errno.
|
---|
4028 |
|
---|
4029 | Fixes https://github.com/curl/curl/issues/895
|
---|
4030 | Closes https://github.com/curl/curl/pull/1589
|
---|
4031 |
|
---|
4032 | - tool_getparam: fix potentially uninitialized err
|
---|
4033 |
|
---|
4034 | Marcel Raad (9 Jul 2017)
|
---|
4035 | - smb: rename variable to fix shadowing warning
|
---|
4036 |
|
---|
4037 | GCC 4.6.3 on travis complains:
|
---|
4038 | smb.c: In function âget_posix_timeâ:
|
---|
4039 | smb.c:725:13: error: declaration of âtimeâ shadows a global declaration
|
---|
4040 | [-Werror=shadow]
|
---|
4041 |
|
---|
4042 | Fix this by renaming the variable.
|
---|
4043 |
|
---|
4044 | - tool_cb_wrt: fix variable shadowing warning
|
---|
4045 |
|
---|
4046 | GCC 4.4 complains:
|
---|
4047 | tool_cb_wrt.c:81: error: declaration of âisattyâ shadows a global
|
---|
4048 | declaration
|
---|
4049 | /usr/include/unistd.h:782: error: shadowed declaration is here
|
---|
4050 |
|
---|
4051 | Fix this by renaming the variable.
|
---|
4052 |
|
---|
4053 | Closes https://github.com/curl/curl/pull/1661
|
---|
4054 |
|
---|
4055 | Daniel Stenberg (8 Jul 2017)
|
---|
4056 | - RELEASE-NOTES: synced with be2c999b8
|
---|
4057 |
|
---|
4058 | - travis: install stunnel
|
---|
4059 |
|
---|
4060 | - valgrind.supp: supress OpenSSL false positive seen on travis
|
---|
4061 |
|
---|
4062 | - travis: detect and use valgrind for normal builds
|
---|
4063 |
|
---|
4064 | Closes #1653
|
---|
4065 |
|
---|
4066 | - travis: add SMB, DICT, TELNET torture to coverage test
|
---|
4067 |
|
---|
4068 | - [Paul Harris brought this change]
|
---|
4069 |
|
---|
4070 | cmake: offer CMAKE_DEBUG_POSTFIX when building with MSVC
|
---|
4071 |
|
---|
4072 | Removes BUILD_RELEASE_DEBUG_DIRS since it wasn't used anywhere.
|
---|
4073 |
|
---|
4074 | Closes #1649
|
---|
4075 |
|
---|
4076 | - CURLOPT_POSTFIELDS.3: explain the 100-continue magic better
|
---|
4077 |
|
---|
4078 | - [Max Dymond brought this change]
|
---|
4079 |
|
---|
4080 | test1452: add telnet negotiation
|
---|
4081 |
|
---|
4082 | Add a basic telnet server for negotiating some telnet options before
|
---|
4083 | echoing back any data that's sent to it.
|
---|
4084 |
|
---|
4085 | Closes #1645
|
---|
4086 |
|
---|
4087 | - travis: do more tests in the coverage run
|
---|
4088 |
|
---|
4089 | I added a selection of torture and event tests that run "fast enough"
|
---|
4090 |
|
---|
4091 | - curl_easy_escape.3: mention the (lack of) encoding
|
---|
4092 |
|
---|
4093 | Fixes #1612
|
---|
4094 | Reported-by: Jeroen Ooms
|
---|
4095 |
|
---|
4096 | - [Gisle Vanem brought this change]
|
---|
4097 |
|
---|
4098 | memdebug: don't setbuf() if the file open failed
|
---|
4099 |
|
---|
4100 | Bug: https://github.com/curl/curl/issues/828#issuecomment-313475151
|
---|
4101 |
|
---|
4102 | - appveyor: enable CURL_WERROR on all builds
|
---|
4103 |
|
---|
4104 | - cmake: add CURL_WERROR for enabling "warning as errors"
|
---|
4105 |
|
---|
4106 | - [Hannes Magnusson brought this change]
|
---|
4107 |
|
---|
4108 | cmake: remove spurious "-l" from linker flags
|
---|
4109 |
|
---|
4110 | Fixes #1552
|
---|
4111 |
|
---|
4112 | - test506: skip if threaded-resolver
|
---|
4113 |
|
---|
4114 | - runtests: support "threaded-resolver" as a feature
|
---|
4115 |
|
---|
4116 | ... to let tests require it or skip if present
|
---|
4117 |
|
---|
4118 | - asyn-thread.c: fix unused variable warnings on macOS
|
---|
4119 |
|
---|
4120 | - http: s/TINY_INITIAL_POST_SIZE/EXPECT_100_THRESHOLD
|
---|
4121 |
|
---|
4122 | Make the name reflect its use better, and add a short comment describing
|
---|
4123 | what it's for.
|
---|
4124 |
|
---|
4125 | - cmake: if inet_pton is used, bump _WIN32_WINNT
|
---|
4126 |
|
---|
4127 | ... and make sure inet_pton is always checked for when *not* using Windows,
|
---|
4128 | which is a regression from 4fc6ebe18.
|
---|
4129 |
|
---|
4130 | Idea-by: Sergei Nikulov
|
---|
4131 |
|
---|
4132 | - select.h: avoid macro redefinition harder
|
---|
4133 |
|
---|
4134 | ... by checking the POLLIN define, as the header file checks don't work
|
---|
4135 | on Windows.
|
---|
4136 |
|
---|
4137 | - inet_pton: fix include on windows to get prototype
|
---|
4138 |
|
---|
4139 | inet_pton() exists on Windows and gets used by our cmake builds. Make
|
---|
4140 | sure the correct header file is included to avoid compiler warnings.
|
---|
4141 |
|
---|
4142 | Closes #1639
|
---|
4143 |
|
---|
4144 | - TODO: 1.10 auto-detect proxy
|
---|
4145 |
|
---|
4146 | Closes #1572
|
---|
4147 |
|
---|
4148 | - TODO: HTTP proxy CONNECT is non-blocking now
|
---|
4149 |
|
---|
4150 | - cmake: fix send/recv argument scanner for windows
|
---|
4151 |
|
---|
4152 | ... by simply trying the Windows argument types first.
|
---|
4153 |
|
---|
4154 | Fixes #1640
|
---|
4155 |
|
---|
4156 | - RELEASE-NOTES: synced with 596cfb6c0
|
---|
4157 |
|
---|
4158 | - [Gisle Vanem brought this change]
|
---|
4159 |
|
---|
4160 | smb: add support for CURLOPT_FILETIME
|
---|
4161 |
|
---|
4162 | Bug: https://curl.haxx.se/mail/lib-2017-07/0005.html
|
---|
4163 |
|
---|
4164 | Closes #1643
|
---|
4165 |
|
---|
4166 | - travis: install nghttp2 on linux builds
|
---|
4167 |
|
---|
4168 | Closes #1642
|
---|
4169 |
|
---|
4170 | - [Gisle Vanem brought this change]
|
---|
4171 |
|
---|
4172 | smb: fix build for djgpp/MSDOS
|
---|
4173 |
|
---|
4174 | bug: https://curl.haxx.se/mail/lib-2017-07/0005.html
|
---|
4175 |
|
---|
4176 | - configure: try ldap/lber in reversed order first
|
---|
4177 |
|
---|
4178 | When scanning for which LDAP libraries to use, try the -lldap -llber
|
---|
4179 | combination before the reversed order since it has a greater chance of
|
---|
4180 | working when linking with libcurl statically.
|
---|
4181 |
|
---|
4182 | Fixes #1619
|
---|
4183 | Closes #1634
|
---|
4184 | Reported-by: David E. Narváez
|
---|
4185 |
|
---|
4186 | - configure: remove checks for 5 functions never used
|
---|
4187 |
|
---|
4188 | fork, getprotobyname, inet_addr, perror, uname
|
---|
4189 |
|
---|
4190 | closes #1638
|
---|
4191 |
|
---|
4192 | - dist: add SMB python deps into the tarball
|
---|
4193 |
|
---|
4194 | - [Max Dymond brought this change]
|
---|
4195 |
|
---|
4196 | test1451: add SMB support to the testbed
|
---|
4197 |
|
---|
4198 | Add test 1451 which does some very basic SMB testing using the impacket
|
---|
4199 | SMB server.
|
---|
4200 |
|
---|
4201 | Closes #1630
|
---|
4202 |
|
---|
4203 | - [Max Dymond brought this change]
|
---|
4204 |
|
---|
4205 | test: add impacket for SMB testing
|
---|
4206 |
|
---|
4207 | Import impacket 0.9.15 for use in SMB testing. This was generated by
|
---|
4208 | doing "pip2.7 install -t . impacket"
|
---|
4209 |
|
---|
4210 | Unnecessary files for current testing were deleted.
|
---|
4211 |
|
---|
4212 | - travis.yml: use --enable-werror on debug builds
|
---|
4213 |
|
---|
4214 | ... to better detect and fault on compiler warnings/errors
|
---|
4215 |
|
---|
4216 | Closes #1637
|
---|
4217 |
|
---|
4218 | - tool_sleep: typecast to avoid macos compiler warning
|
---|
4219 |
|
---|
4220 | tool_sleep.c:54:24: error: implicit conversion loses integer precision:
|
---|
4221 | 'long' to '__darwin_suseconds_t' (aka 'int')
|
---|
4222 | [-Werror,-Wshorten-64-to-32]
|
---|
4223 |
|
---|
4224 | - [Martin Kepplinger brought this change]
|
---|
4225 |
|
---|
4226 | timeval.c: Use long long constant type for timeval assignment
|
---|
4227 |
|
---|
4228 | On a 64 bit host, sparse says:
|
---|
4229 |
|
---|
4230 | timeval.c:148:15: warning: constant 0x7fffffffffffffff is so big it is long
|
---|
4231 | timeval.c:149:12: warning: constant 0x7fffffffffffffff is so big it is long
|
---|
4232 |
|
---|
4233 | so let's use long long constant types in order to prevent undesired overflow
|
---|
4234 | failures.
|
---|
4235 |
|
---|
4236 | Bug: https://curl.haxx.se/mail/lib-2017-07/0003.html
|
---|
4237 |
|
---|
4238 | Closes #1636
|
---|
4239 |
|
---|
4240 | Signed-off-by: Martin Kepplinger <martink@posteo.de>
|
---|
4241 |
|
---|
4242 | - url: make the original string get used on subsequent transfers
|
---|
4243 |
|
---|
4244 | ... since CURLOPT_URL should follow the same rules as other options:
|
---|
4245 | they remain set until changed or cleared.
|
---|
4246 |
|
---|
4247 | Added test 1551 to verify.
|
---|
4248 |
|
---|
4249 | Fixes #1631
|
---|
4250 | Closes #1632
|
---|
4251 | Reported-by: Pavel Rochnyak
|
---|
4252 |
|
---|
4253 | - [Johannes Schindelin brought this change]
|
---|
4254 |
|
---|
4255 | gtls: fix build when sizeof(long) < sizeof(void *)
|
---|
4256 |
|
---|
4257 | - Change gnutls pointer/int macros to pointer/curl_socket_t.
|
---|
4258 | Prior to this change they used long type as well.
|
---|
4259 |
|
---|
4260 | The size of the `long` data type can be shorter than that of pointer
|
---|
4261 | types. This is the case most notably on Windows.
|
---|
4262 |
|
---|
4263 | If C99 were acceptable, we could simply use `intptr_t` here. But we
|
---|
4264 | want to retain C89 compatibility.
|
---|
4265 |
|
---|
4266 | Simply use the trick of performing pointer arithmetic with the NULL
|
---|
4267 | pointer: to convert an integer `i` to a pointer, simply take the
|
---|
4268 | address of the `i`th element of a hypothetical character array
|
---|
4269 | starting at address NULL. To convert back, simply cast the pointer
|
---|
4270 | difference.
|
---|
4271 |
|
---|
4272 | Thanks to Jay Satiro for the initial modification to use curl_socket_t
|
---|
4273 | instead of int/long.
|
---|
4274 |
|
---|
4275 | Closes #1617
|
---|
4276 |
|
---|
4277 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
4278 |
|
---|
4279 | - [Ryan Winograd brought this change]
|
---|
4280 |
|
---|
4281 | unit1399: fix integer overflow
|
---|
4282 |
|
---|
4283 | Bug: #1616
|
---|
4284 | Closes #1633
|
---|
4285 |
|
---|
4286 | - [Per Malmberg brought this change]
|
---|
4287 |
|
---|
4288 | cmake: Added compatibility options for older Windows versions
|
---|
4289 |
|
---|
4290 | CURL_STATIC_CRT and ENABLE_INET_PTON
|
---|
4291 |
|
---|
4292 | Closes #1621
|
---|
4293 |
|
---|
4294 | - unit1399: add logging to time comparison
|
---|
4295 |
|
---|
4296 | ... to enable tracking down why autobuilds fail on this
|
---|
4297 |
|
---|
4298 | Bug: #1616
|
---|
4299 |
|
---|
4300 | - make: build the docs subdir only from within src
|
---|
4301 |
|
---|
4302 | ... and don't build at all in include
|
---|
4303 |
|
---|
4304 | Prompted-by-work-by: Simon Warta
|
---|
4305 | Ref: #1590
|
---|
4306 | Closes #1591
|
---|
4307 |
|
---|
4308 | - [Max Dymond brought this change]
|
---|
4309 |
|
---|
4310 | test1450: fix up DICT server in torture mode
|
---|
4311 |
|
---|
4312 | As per https://github.com/curl/curl/pull/1615, the DICT server is a
|
---|
4313 | little spammy in torture mode due to the sockets being torn down
|
---|
4314 | unexpectedly. Fix this by adding some error handling to the handling
|
---|
4315 | function.
|
---|
4316 |
|
---|
4317 | Closes #1629
|
---|
4318 |
|
---|
4319 | - [Max Dymond brought this change]
|
---|
4320 |
|
---|
4321 | test1450: add simple testing for DICT
|
---|
4322 |
|
---|
4323 | Add a new server which provides a DICT interface. This is intended to
|
---|
4324 | begin coverage testing for lib/dict.c
|
---|
4325 |
|
---|
4326 | Closes #1615
|
---|
4327 |
|
---|
4328 | - [Dan Fandrich brought this change]
|
---|
4329 |
|
---|
4330 | test1521: fix out-of-tree builds, broken with 467da3af
|
---|
4331 |
|
---|
4332 | The test.h file is no longer in the same directory as the source file,
|
---|
4333 | so that directory needs to be added to the include path.
|
---|
4334 |
|
---|
4335 | Fixes #1627
|
---|
4336 | Closes #1628
|
---|
4337 |
|
---|
4338 | - [Max Dymond brought this change]
|
---|
4339 |
|
---|
4340 | http2: handle PING frames
|
---|
4341 |
|
---|
4342 | Add a connection check function to HTTP2 based off RTSP. This causes
|
---|
4343 | PINGs to be handled the next time the connection is reused.
|
---|
4344 |
|
---|
4345 | Closes #1521
|
---|
4346 |
|
---|
4347 | - [Max Dymond brought this change]
|
---|
4348 |
|
---|
4349 | handler: refactor connection checking
|
---|
4350 |
|
---|
4351 | Add a new type of callback to Curl_handler which performs checks on
|
---|
4352 | the connection. Alter RTSP so that it uses this callback to do its
|
---|
4353 | own check on connection health.
|
---|
4354 |
|
---|
4355 | - [dmitrykos brought this change]
|
---|
4356 |
|
---|
4357 | openssl: improve fallback seed of PRNG with a time based hash
|
---|
4358 |
|
---|
4359 | Fixes #1620
|
---|
4360 |
|
---|
4361 | - [Ryan Winograd brought this change]
|
---|
4362 |
|
---|
4363 | progress: prevent resetting t_starttransfer
|
---|
4364 |
|
---|
4365 | Prevent `Curl_pgrsTime` from modifying `t_starttransfer` when invoked
|
---|
4366 | with `TIMER_STARTTRANSFER` more than once during a single request.
|
---|
4367 |
|
---|
4368 | When a redirect occurs, this is considered a new request and
|
---|
4369 | `t_starttransfer` can be updated to reflect the `t_starttransfer` time
|
---|
4370 | of the redirect request.
|
---|
4371 |
|
---|
4372 | Closes #1616
|
---|
4373 |
|
---|
4374 | Bug: https://github.com/curl/curl/pull/1602#issuecomment-310267370
|
---|
4375 |
|
---|
4376 | - curl_strequal.3: fix typo in SYNOPSIS
|
---|
4377 |
|
---|
4378 | Reported-by: Jesse Chisholm
|
---|
4379 |
|
---|
4380 | Fixes #1623
|
---|
4381 |
|
---|
4382 | - RELEASE-NOTES: synced with ce2c3ebda
|
---|
4383 |
|
---|
4384 | Kamil Dudka (28 Jun 2017)
|
---|
4385 | - curl --socks5-{basic,gssapi}: control socks5 auth
|
---|
4386 |
|
---|
4387 | Closes https://github.com/curl/curl/pull/1454
|
---|
4388 |
|
---|
4389 | - CURLOPT_SOCKS5_AUTH: allowed methods for SOCKS5 proxy auth
|
---|
4390 |
|
---|
4391 | If libcurl was built with GSS-API support, it unconditionally advertised
|
---|
4392 | GSS-API authentication while connecting to a SOCKS5 proxy. This caused
|
---|
4393 | problems in environments with improperly configured Kerberos: a stock
|
---|
4394 | libcurl failed to connect, despite libcurl built without GSS-API
|
---|
4395 | connected fine using username and password.
|
---|
4396 |
|
---|
4397 | This commit introduces the CURLOPT_SOCKS5_AUTH option to control the
|
---|
4398 | allowed methods for SOCKS5 authentication at run time.
|
---|
4399 |
|
---|
4400 | Note that a new option was preferred over reusing CURLOPT_PROXYAUTH
|
---|
4401 | for compatibility reasons because the set of authentication methods
|
---|
4402 | allowed by default was different for HTTP and SOCKS5 proxies.
|
---|
4403 |
|
---|
4404 | Bug: https://curl.haxx.se/mail/lib-2017-01/0005.html
|
---|
4405 | Closes https://github.com/curl/curl/pull/1454
|
---|
4406 |
|
---|
4407 | - socks: deduplicate the code for auth request
|
---|
4408 |
|
---|
4409 | - socks: use proxy_user instead of proxy_name
|
---|
4410 |
|
---|
4411 | ... to make it obvious what the data is used for
|
---|
4412 |
|
---|
4413 | Daniel Stenberg (27 Jun 2017)
|
---|
4414 | - libtest/make: generate lib1521.c
|
---|
4415 |
|
---|
4416 | ... instead of having the generated code checked in. This saves space in
|
---|
4417 | the tarball but primarily automatically adapts to newly added options.
|
---|
4418 |
|
---|
4419 | Closes #1614
|
---|
4420 |
|
---|
4421 | Jay Satiro (26 Jun 2017)
|
---|
4422 | - tool_getparam: fix memory leak on test 1147 OOM (torture tests)
|
---|
4423 |
|
---|
4424 | Bug: https://github.com/curl/curl/pull/1486#issuecomment-310926872
|
---|
4425 | Reported-by: Dan Fandrich
|
---|
4426 |
|
---|
4427 | Dan Fandrich (25 Jun 2017)
|
---|
4428 | - test1537: fixed memory leak on OOM
|
---|
4429 |
|
---|
4430 | Marcel Raad (25 Jun 2017)
|
---|
4431 | - test1521: fix compiler warnings
|
---|
4432 |
|
---|
4433 | The integer literal 3123123123 doesn't fit into a 32-bit signed
|
---|
4434 | integer, so GCC with 32-bit long warns in C90 mode:
|
---|
4435 | this decimal constant is unsigned only in ISO C90 [enabled by default]
|
---|
4436 | Fix this by using ULONG_MAX, which should fit in any curl_off_t and has
|
---|
4437 | the correct suffix to not issue any warnings.
|
---|
4438 | Also adds the missing CURLOPT_REQUEST_TARGET from commit
|
---|
4439 | 9b167fd090f596eac828817d48c247eeae53407f.
|
---|
4440 |
|
---|
4441 | Closes https://github.com/curl/curl/pull/1611
|
---|
4442 |
|
---|
4443 | Daniel Stenberg (24 Jun 2017)
|
---|
4444 | - curl/system.h: add check for XTENSA for 32bit gcc
|
---|
4445 |
|
---|
4446 | Reported-by: Neil Kolban
|
---|
4447 | Fixes: 1598
|
---|
4448 |
|
---|
4449 | - [Henrik S. GaÃmann brought this change]
|
---|
4450 |
|
---|
4451 | winbuild: fix boringssl build
|
---|
4452 |
|
---|
4453 | Compile with `WIN32_LEAN_AND_MEAN` which prevents `windows.h` from
|
---|
4454 | including too much clutter including `wincrypt.h` which in turn contains
|
---|
4455 | some preprocessor macros that clash with boringssl symbols.
|
---|
4456 |
|
---|
4457 | Detect boringssl by checking the existance of `is_boringssl.h` and set
|
---|
4458 | the corresponding `HAVE_BORINGSSL` for compilation which is used in
|
---|
4459 | `ldap.c` to undefine the evil macros.
|
---|
4460 |
|
---|
4461 | Closes #1610
|
---|
4462 |
|
---|
4463 | - progress: progress.timespent needs to be us
|
---|
4464 |
|
---|
4465 | follow-up to 64ed44a815e4e to fix test 500 failures
|
---|
4466 |
|
---|
4467 | Marcel Raad (24 Jun 2017)
|
---|
4468 | - curl-compilers.m4: fix unknown-warning-option on Apple clang
|
---|
4469 |
|
---|
4470 | Since 5598b0bd63f690c151074494ce47ef872f004ab4, clang -v is used to
|
---|
4471 | detect the clang version. The version number was expected to come after
|
---|
4472 | the word "version". For Apple clang, this doesn't work as it has its
|
---|
4473 | own versioning scheme.
|
---|
4474 | The version number is now first searched after the string
|
---|
4475 | "based on LLVM". This works for Apple clang before version 7, and also
|
---|
4476 | for e.g. Ubuntu's clang up to version 3.7. If it's not found and the
|
---|
4477 | version string contains "Apple LLVM version", clang version 3.7 is
|
---|
4478 | assumed, which is the version that comes with Xcode 7. Otherwise, the
|
---|
4479 | version number is still expected after the word "version", which works
|
---|
4480 | for very old Apple clang versions.
|
---|
4481 |
|
---|
4482 | Ref: https://trac.macports.org/wiki/XcodeVersionInfo
|
---|
4483 | Fixes https://github.com/curl/curl/issues/1606
|
---|
4484 | Closes https://github.com/curl/curl/pull/1607
|
---|
4485 |
|
---|
4486 | Daniel Stenberg (24 Jun 2017)
|
---|
4487 | - progress: fix "time spent", broke in adef394ac
|
---|
4488 |
|
---|
4489 | - CURLINFO_REDIRECT_URL.3: mention the CURLOPT_MAXREDIRS case
|
---|
4490 |
|
---|
4491 | ... supported since 7.54.1
|
---|
4492 |
|
---|
4493 | - maketgz: switch to -6e for xz
|
---|
4494 |
|
---|
4495 | To reduce the memory requirement for decompress, and still do almost as
|
---|
4496 | good compression as with -9e.
|
---|
4497 |
|
---|
4498 | Pointed-out-by: Dan Fandrich
|
---|
4499 |
|
---|
4500 | - libtest/Makefile: remove unused lib1541 variables
|
---|
4501 |
|
---|
4502 | - CONTRIBUTE.md: mention the out-of-tree build test too
|
---|
4503 |
|
---|
4504 | - maketgz: switch to xz instead of lzma
|
---|
4505 |
|
---|
4506 | The compressed output size seems to be a tad bit smaller, but generally
|
---|
4507 | xz seems more preferred these days and is used directly by for example
|
---|
4508 | gentoo instead of bz2.
|
---|
4509 |
|
---|
4510 | "Users of LZMA Utils should move to XZ Utils" =>
|
---|
4511 | https://tukaani.org/lzma/
|
---|
4512 |
|
---|
4513 | Closes #1604
|
---|
4514 |
|
---|
4515 | - --request-target: instead of --strip-path-slash
|
---|
4516 |
|
---|
4517 | ... and CURLOPT_REQUEST_TARGET instead of CURLOPT_STRIP_PATH_SLASH.
|
---|
4518 |
|
---|
4519 | This option instead provides the full "alternative" target to use in the
|
---|
4520 | request, instead of extracting the path from the URL.
|
---|
4521 |
|
---|
4522 | Test 1298 and 1299 updated accordingly.
|
---|
4523 |
|
---|
4524 | Idea-by: Evert Pot
|
---|
4525 | Suggestion: https://daniel.haxx.se/blog/2017/06/19/options-with-curl/comment-page-1/#comment-18373
|
---|
4526 |
|
---|
4527 | Closes #1593
|
---|
4528 |
|
---|
4529 | Marcel Raad (21 Jun 2017)
|
---|
4530 | - lib1521: fix missing-variable-declarations clang warnings
|
---|
4531 |
|
---|
4532 | Declare TU-local variables static.
|
---|
4533 |
|
---|
4534 | - travis: enable typecheck-gcc warnings
|
---|
4535 |
|
---|
4536 | - switch debug and release configurations so that we get an optimized
|
---|
4537 | build with GCC 4.3+ as required by typecheck-gcc
|
---|
4538 | - enable warnings-as-errors for release builds
|
---|
4539 | (which have warnings disabled)
|
---|
4540 |
|
---|
4541 | Closes https://github.com/curl/curl/pull/1595
|
---|
4542 |
|
---|
4543 | - typecheck-gcc: add support for CURLINFO_OFF_T
|
---|
4544 |
|
---|
4545 | typecheck-gcc expected curl_socket_t instead of curl_off_t arguments
|
---|
4546 | for CURLINFO_OFF_T. Detected by test1521, unfortunately only when run
|
---|
4547 | locally.
|
---|
4548 |
|
---|
4549 | Closes https://github.com/curl/curl/pull/1592
|
---|
4550 |
|
---|
4551 | Daniel Stenberg (21 Jun 2017)
|
---|
4552 | - [Simon Warta brought this change]
|
---|
4553 |
|
---|
4554 | ci: whitelist branches to avoid testing feature branches twice
|
---|
4555 |
|
---|
4556 | - [Gisle Vanem brought this change]
|
---|
4557 |
|
---|
4558 | lib: fix the djgpp build
|
---|
4559 |
|
---|
4560 | Bug: https://github.com/curl/curl/commit/73a2fcea0b4adea6ba342cd7ed1149782c214ae3#commitcomment-22655993
|
---|
4561 |
|
---|
4562 | Marcel Raad (20 Jun 2017)
|
---|
4563 | - if2ip: fix compiler warning in ISO C90 mode
|
---|
4564 |
|
---|
4565 | remote_scope_id is only used when both HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID
|
---|
4566 | and ENABLE_IPV6 are defined instead of only one of them.
|
---|
4567 |
|
---|
4568 | Daniel Stenberg (20 Jun 2017)
|
---|
4569 | - travis: do the distcheck test build out-of-tree as well
|
---|
4570 |
|
---|
4571 | - http: add --strip-path-slash and CURLOPT_STRIP_PATH_SLASH
|
---|
4572 |
|
---|
4573 | ... to enable sending "OPTIONS *" which wasn't possible previously.
|
---|
4574 |
|
---|
4575 | This option currently only works for HTTP.
|
---|
4576 |
|
---|
4577 | Added test cases 1298 + 1299 to verify
|
---|
4578 |
|
---|
4579 | Fixes #1280
|
---|
4580 | Closes #1462
|
---|
4581 |
|
---|
4582 | - test1521: test getinfo's OFF_T types too
|
---|
4583 |
|
---|
4584 | Closes #1588
|
---|
4585 |
|
---|
4586 | - lib1521: add curl_easy_getinfo calls to the test set
|
---|
4587 |
|
---|
4588 | Also added return value checks to make sure no unexpected return codes
|
---|
4589 | are used.
|
---|
4590 |
|
---|
4591 | - [Simon Warta brought this change]
|
---|
4592 |
|
---|
4593 | automake: use $(MKHELP) variable instead if constant mkhelp.pl
|
---|
4594 |
|
---|
4595 | this improves symmetry with the rule above
|
---|
4596 |
|
---|
4597 | - [Simon Warta brought this change]
|
---|
4598 |
|
---|
4599 | mkhelp.pl: fix script name in usage text
|
---|
4600 |
|
---|
4601 | - RELEASE-NOTES: synced with 3b80d3ca4
|
---|
4602 |
|
---|
4603 | - getinfo: return sizes as curl_off_t
|
---|
4604 |
|
---|
4605 | This change introduces new alternatives for the existing six
|
---|
4606 | curl_easy_getinfo() options that return sizes or speeds as doubles. The
|
---|
4607 | new versions are named like the old ones but with an appended '_T':
|
---|
4608 |
|
---|
4609 | CURLINFO_CONTENT_LENGTH_DOWNLOAD_T
|
---|
4610 | CURLINFO_CONTENT_LENGTH_UPLOAD_T
|
---|
4611 | CURLINFO_SIZE_DOWNLOAD_T
|
---|
4612 | CURLINFO_SIZE_UPLOAD_T
|
---|
4613 | CURLINFO_SPEED_DOWNLOAD_T
|
---|
4614 | CURLINFO_SPEED_UPLOAD_T
|
---|
4615 |
|
---|
4616 | Closes #1511
|
---|
4617 |
|
---|
4618 | - PIPELINING_SERVER_BL: cleanup the internal list use
|
---|
4619 |
|
---|
4620 | The list was freed incorrectly since the llist refactor of
|
---|
4621 | cbae73e1dd959. Added test 1550 to verify that it works and avoid future
|
---|
4622 | regressions.
|
---|
4623 |
|
---|
4624 | Reported-by: Pascal Terjan
|
---|
4625 |
|
---|
4626 | Fixes #1584
|
---|
4627 | Closes #1585
|
---|
4628 |
|
---|
4629 | - http2: fix OOM crash
|
---|
4630 |
|
---|
4631 | torture mode with test 1021 found it
|
---|
4632 |
|
---|
4633 | - CURLOPT_PREQUOTE.3: spellfix man page reference
|
---|
4634 |
|
---|
4635 | Marcel Raad (18 Jun 2017)
|
---|
4636 | - http_proxy: fix build with http and proxy
|
---|
4637 |
|
---|
4638 | After deff7de0eb0e22d2d142b96b9cc84cd8db5d2a48, the build without
|
---|
4639 | CURL_DISABLE_PROXY and CURL_DISABLE_HTTP was failing because of missing
|
---|
4640 | includes.
|
---|
4641 |
|
---|
4642 | - http_proxy: fix compiler warning
|
---|
4643 |
|
---|
4644 | With CURL_DISABLE_PROXY or CURL_DISABLE_HTTP, GCC complained about a
|
---|
4645 | missing prototype for Curl_connect_free.
|
---|
4646 |
|
---|
4647 | Daniel Stenberg (18 Jun 2017)
|
---|
4648 | - TODO: update the TOC too
|
---|
4649 |
|
---|
4650 | - TODO: implement support for CURLOPT_PREQUOTE with SFTP
|
---|
4651 |
|
---|
4652 | ... also updated the CURLOPT_PREQUOTE.3 man page to mention the correct
|
---|
4653 | protocol support.
|
---|
4654 |
|
---|
4655 | Closes #1514
|
---|
4656 |
|
---|
4657 | - tool_wrte_cb: remove check for config == NULL
|
---|
4658 |
|
---|
4659 | ... as it really cannot have reached this far with config being NULL,
|
---|
4660 | thus this is unnecesary and misleading.
|
---|
4661 |
|
---|
4662 | Bug: https://news.ycombinator.com/item?id=14577585 and
|
---|
4663 | https://daniel.haxx.se/blog/2017/06/17/curl-doesnt-spew-binary-anymore/comment-page-1/#comment-18356
|
---|
4664 |
|
---|
4665 | Forwarded-to-us-by: Jakub Wilk
|
---|
4666 |
|
---|
4667 | - curl: prevent binary output spewed to terminal
|
---|
4668 |
|
---|
4669 | ... unless "--output -" is used. Binary detection is done by simply
|
---|
4670 | checking for a binary zero in early data.
|
---|
4671 |
|
---|
4672 | Added test 1425 1426 to verify.
|
---|
4673 |
|
---|
4674 | Closes #1512
|
---|
4675 |
|
---|
4676 | Marcel Raad (16 Jun 2017)
|
---|
4677 | - Makefile.m32: enable -W for MinGW32 build
|
---|
4678 |
|
---|
4679 | The configure-based build also has this in addition to -Wall.
|
---|
4680 |
|
---|
4681 | Closes https://github.com/curl/curl/pull/1578
|
---|
4682 |
|
---|
4683 | - curl-compilers.m4: enable comma clang warning
|
---|
4684 |
|
---|
4685 | It usually warns when using commas instead of semicolons or other
|
---|
4686 | operators by accident.
|
---|
4687 |
|
---|
4688 | Closes https://github.com/curl/curl/pull/1578
|
---|
4689 |
|
---|
4690 | - curl-compilers.m4: enable missing-variable-declarations clang warning
|
---|
4691 |
|
---|
4692 | It usually warns when forgetting to declare TU-local variables static.
|
---|
4693 |
|
---|
4694 | Closes https://github.com/curl/curl/pull/1578
|
---|
4695 |
|
---|
4696 | - curl-compilers.m4: enable double-promotion warning
|
---|
4697 |
|
---|
4698 | Enable -Wdouble-promotion for both GCC and clang. It warns on implicit
|
---|
4699 | promotion from float to double.
|
---|
4700 |
|
---|
4701 | Closes https://github.com/curl/curl/pull/1578
|
---|
4702 |
|
---|
4703 | - curl-compilers.m4: enable vla warning for clang
|
---|
4704 |
|
---|
4705 | Previously, that warning was only implicitly active in C90 mode.
|
---|
4706 | Enable it unconditionally as already done for GCC.
|
---|
4707 |
|
---|
4708 | Closes https://github.com/curl/curl/pull/1578
|
---|
4709 |
|
---|
4710 | Daniel Stenberg (16 Jun 2017)
|
---|
4711 | - http-proxy: fix chunked-encoded CONNECT responses
|
---|
4712 |
|
---|
4713 | Regression since 5113ad0424.
|
---|
4714 |
|
---|
4715 | ... and remove 'flaky' from test 1061 again
|
---|
4716 |
|
---|
4717 | Closes #1579
|
---|
4718 |
|
---|
4719 | - http-proxy: deal with EAGAIN
|
---|
4720 |
|
---|
4721 | ... the previous code would reset the header length wrongly (since
|
---|
4722 | 5113ad0424). This makes test 1060 reliable again.
|
---|
4723 |
|
---|
4724 | Also: make sws send even smaller chunks of data to increase the
|
---|
4725 | likeliness of this happening.
|
---|
4726 |
|
---|
4727 | - libtest/libntlmconnect: fix compiler warnings from f94fcdb
|
---|
4728 |
|
---|
4729 | - [Jay Satiro brought this change]
|
---|
4730 |
|
---|
4731 | HTTPS-Proxy: don't offer h2 for https proxy connections
|
---|
4732 |
|
---|
4733 | Bug: https://github.com/curl/curl/issues/1254
|
---|
4734 |
|
---|
4735 | Closes #1546
|
---|
4736 |
|
---|
4737 | - tests: stabilize test 2032 and 2033
|
---|
4738 |
|
---|
4739 | Both these tests run the same underlying test code: libntlmconnect.c -
|
---|
4740 | this test code made some assumptions about socket ordering when it used
|
---|
4741 | curl_easy_fdset() and when we changed timing or got accidental changes
|
---|
4742 | in libcurl the tests would fail.
|
---|
4743 |
|
---|
4744 | The tests verify that the different transfers keep using the same
|
---|
4745 | connections, which I now instead made sure by adding the number of bytes
|
---|
4746 | each transfer gets and then verifies that they always get the same
|
---|
4747 | amount as when these tests worked.
|
---|
4748 |
|
---|
4749 | Closes #1576
|
---|
4750 |
|
---|
4751 | - test1148: verify the -# progressbar
|
---|
4752 |
|
---|
4753 | Closes #1569
|
---|
4754 |
|
---|
4755 | - test1061: mark as flaky
|
---|
4756 |
|
---|
4757 | Fails intermittently on travis builds since a few days. Likely due to
|
---|
4758 | 5113ad0424.
|
---|
4759 |
|
---|
4760 | Jay Satiro (16 Jun 2017)
|
---|
4761 | - url: refactor the check for Windows drive letter in path
|
---|
4762 |
|
---|
4763 | - Move the logic to detect a Windows drive letter prefix
|
---|
4764 | (eg c: in c:foo) into a function-like macro.
|
---|
4765 |
|
---|
4766 | Closes https://github.com/curl/curl/pull/1571
|
---|
4767 |
|
---|
4768 | - mk-ca-bundle.pl: Check curl's exit code after certdata download
|
---|
4769 |
|
---|
4770 | - No longer allow partial downloads of certdata.
|
---|
4771 |
|
---|
4772 | Prior to this change partial downloads were (erroneously?) allowed since
|
---|
4773 | only the server code was checked to be 200.
|
---|
4774 |
|
---|
4775 | Bug: https://github.com/curl/curl/pull/1577
|
---|
4776 | Reported-by: Matteo B.
|
---|
4777 |
|
---|
4778 | Daniel Stenberg (16 Jun 2017)
|
---|
4779 | - dist: add the fuzz dir to the tarball
|
---|
4780 |
|
---|
4781 | - configure: disable nghttp2 too if HTTP has been disabled
|
---|
4782 |
|
---|
4783 | - http-proxy: fix build with --disable-proxy or --disable-http
|
---|
4784 |
|
---|
4785 | Reported-by: Dan Fandrich
|
---|
4786 |
|
---|
4787 | - fuzz/README: document how to build
|
---|
4788 |
|
---|
4789 | Fixes #1476
|
---|
4790 |
|
---|
4791 | - [Frederik B brought this change]
|
---|
4792 |
|
---|
4793 | fuzz: corpora file structure, initial commit
|
---|
4794 |
|
---|
4795 | - [Frederik B brought this change]
|
---|
4796 |
|
---|
4797 | fuzz: bring oss-fuzz initial code converted to C89
|
---|
4798 |
|
---|
4799 | - http-proxy: only attempt FTP over HTTP proxy
|
---|
4800 |
|
---|
4801 | ... all other non-HTTP protocol schemes are now defaulting to "tunnel
|
---|
4802 | trough" mode if a HTTP proxy is specified. In reality there are no HTTP
|
---|
4803 | proxies out there that allow those other schemes.
|
---|
4804 |
|
---|
4805 | Assisted-by: Ray Satiro, Michael Kaufmann
|
---|
4806 |
|
---|
4807 | Closes #1505
|
---|
4808 |
|
---|
4809 | - TODO: the generated include file is gone
|
---|
4810 |
|
---|
4811 | ... since commit 73a2fcea0b
|
---|
4812 |
|
---|
4813 | - curl_setup.h: error out on CURL_WANTS_CA_BUNDLE_ENV use
|
---|
4814 |
|
---|
4815 | ... to make it really apparent if there's any user using this on purpose.
|
---|
4816 |
|
---|
4817 | Suggested-by: Jay Satiro
|
---|
4818 |
|
---|
4819 | Closes #1542
|
---|
4820 |
|
---|
4821 | - lib/curl_setup.h: remove CURL_WANTS_CA_BUNDLE_ENV
|
---|
4822 |
|
---|
4823 | When this define was set, libcurl would check the environment variable
|
---|
4824 | named CURL_CA_BUNDLE at run-time and use that CA cert bundle. This
|
---|
4825 | feature was only defined by the watcom and m32 makefiles and caused
|
---|
4826 | inconsistent behaviours among libcurls built on different platforms.
|
---|
4827 |
|
---|
4828 | The curl tool does already feature its own similar logic and the library
|
---|
4829 | does not really need it, and it isn't documented libcurl behavior. So
|
---|
4830 | this change removes it.
|
---|
4831 |
|
---|
4832 | Ref: #1538
|
---|
4833 |
|
---|
4834 | - test1147: verify -H on a file
|
---|
4835 |
|
---|
4836 | - curl: allow --header and --proxy-header read from file
|
---|
4837 |
|
---|
4838 | So many headers can be provided as @filename.
|
---|
4839 |
|
---|
4840 | Suggested-by: Timothe Litt
|
---|
4841 |
|
---|
4842 | Closes #1486
|
---|
4843 |
|
---|
4844 | - RELEASE-NOTES: synced with 2ad80eec5
|
---|
4845 |
|
---|
4846 | - curl/curlver.h: start working on 7.55.0
|
---|
4847 |
|
---|
4848 | - http-proxy: do the HTTP CONNECT process entirely non-blocking
|
---|
4849 |
|
---|
4850 | Mentioned as a problem since 2007 (8f87c15bdac63) and of course it
|
---|
4851 | existed even before that.
|
---|
4852 |
|
---|
4853 | Closes #1547
|
---|
4854 |
|
---|
4855 | - progress: let "current speed" be UL + DL speeds combined
|
---|
4856 |
|
---|
4857 | Bug #1556
|
---|
4858 | Reported-by: Paul Harris
|
---|
4859 | Closes #1559
|
---|
4860 |
|
---|
4861 | Marcel Raad (14 Jun 2017)
|
---|
4862 | - system.h: fix MinGW build
|
---|
4863 |
|
---|
4864 | CURLSYS_PULL_WS2TCPIP_H got renamed to CURL_PULL_WS2TCPIP_H in commit
|
---|
4865 | 73a2fcea0b4adea6ba342cd7ed1149782c214ae3.
|
---|
4866 |
|
---|
4867 | Daniel Stenberg (14 Jun 2017)
|
---|
4868 | - timers: store internal time stamps as time_t instead of doubles
|
---|
4869 |
|
---|
4870 | This gives us accurate precision and it allows us to avoid storing "no
|
---|
4871 | time" for systems with too low timer resolution as we then bump the time
|
---|
4872 | up to 1 microsecond. Should fix test 573 on windows.
|
---|
4873 |
|
---|
4874 | Remove the now unused curlx_tvdiff_secs() function.
|
---|
4875 |
|
---|
4876 | Maintains the external getinfo() API with using doubles.
|
---|
4877 |
|
---|
4878 | Fixes #1531
|
---|
4879 |
|
---|
4880 | - dist: make the hugehelp.c not get regenerated unnecessarily
|
---|
4881 |
|
---|
4882 | The maketgz script now makes sure the generated hugehelp.c file in the
|
---|
4883 | tarball is newer than the generated curl.1 man page, so that it doesn't
|
---|
4884 | have to get unnecessarily rebuilt first thing in a typical build. It
|
---|
4885 | thus also removes the need for perl to build off a plain release
|
---|
4886 | tarball.
|
---|
4887 |
|
---|
4888 | Fixes #1565
|
---|
4889 |
|
---|
4890 | - includes: remove curl/curlbuild.h and curl/curlrules.h
|
---|
4891 |
|
---|
4892 | Rely entirely on curl/system.h now.
|
---|
4893 |
|
---|
4894 | Introduced in Aug 2008 with commit 14240e9e109f. Now gone.
|
---|
4895 |
|
---|
4896 | Fixes #1456
|
---|
4897 |
|
---|
4898 | Version 7.54.1 (14 Jun 2017)
|
---|
4899 |
|
---|
4900 | Daniel Stenberg (14 Jun 2017)
|
---|
4901 | - release: 7.54.1
|
---|
4902 |
|
---|
4903 | Dan Fandrich (13 Jun 2017)
|
---|
4904 | - mk-lib1521.pl: updated to match the test changes in 916ec30a
|
---|
4905 |
|
---|
4906 | Daniel Stenberg (13 Jun 2017)
|
---|
4907 | - [Stuart Henderson brought this change]
|
---|
4908 |
|
---|
4909 | libressl: OCSP and intermediate certs workaround no longer needed
|
---|
4910 |
|
---|
4911 | lib/vtls/openssl.c has a workaround for a bug with OCSP responses signed
|
---|
4912 | by intermediate certs, this was fixed in LibreSSL in
|
---|
4913 | https://github.com/libressl-portable/openbsd/commit/912c64f68f7ac4f225b7d1fdc8fbd43168912ba0
|
---|
4914 |
|
---|
4915 | Bug: https://curl.haxx.se/mail/lib-2017-06/0038.html
|
---|
4916 |
|
---|
4917 | - url: fix buffer overwrite with file protocol (CVE-2017-9502)
|
---|
4918 |
|
---|
4919 | Bug: https://github.com/curl/curl/issues/1540
|
---|
4920 | Advisory: https://curl.haxx.se/docs/adv_20170614.html
|
---|
4921 |
|
---|
4922 | Assisted-by: Ray Satiro
|
---|
4923 | Reported-by: Marcel Raad
|
---|
4924 |
|
---|
4925 | - urlglob: fix division by zero
|
---|
4926 |
|
---|
4927 | The multiply() function that is used to avoid integer overflows, was
|
---|
4928 | itself reason for a possible division by zero error when passed a
|
---|
4929 | specially formatted glob.
|
---|
4930 |
|
---|
4931 | Reported-by: GwanYeong Kim
|
---|
4932 |
|
---|
4933 | - configure: update the copyright year in the output
|
---|
4934 |
|
---|
4935 | - [ygrek brought this change]
|
---|
4936 |
|
---|
4937 | BINDINGS: update SP-Forth and OCaml urls
|
---|
4938 |
|
---|
4939 | Michael Kaufmann (11 Jun 2017)
|
---|
4940 | - FindWin32CACert: Use a temporary buffer on the stack
|
---|
4941 |
|
---|
4942 | Don't malloc() the temporary buffer, and use the correct type:
|
---|
4943 | SearchPath() works with TCHAR, but SearchPathA() works with char.
|
---|
4944 | Set the buffer size to MAX_PATH, because the terminating null byte
|
---|
4945 | is already included in MAX_PATH.
|
---|
4946 |
|
---|
4947 | Reviewed-by: Daniel Stenberg
|
---|
4948 | Reviewed-by: Marcel Raad
|
---|
4949 |
|
---|
4950 | Closes #1548
|
---|
4951 |
|
---|
4952 | Dan Fandrich (11 Jun 2017)
|
---|
4953 | - test1521: fixed OOM handling
|
---|
4954 |
|
---|
4955 | Daniel Stenberg (9 Jun 2017)
|
---|
4956 | - RELEASE-PROCEDURE: updated future release dates
|
---|
4957 |
|
---|
4958 | - [Paul Harris brought this change]
|
---|
4959 |
|
---|
4960 | gitignore: ignore all vim swap files
|
---|
4961 |
|
---|
4962 | Closes #1561
|
---|
4963 |
|
---|
4964 | - lib1521: fix compiler warnings on the use of bad 'long' values
|
---|
4965 |
|
---|
4966 | Reported-by: Marcel Raad
|
---|
4967 | Bug: https://github.com/curl/curl/commit/cccac4fb2b20d6ed87da7978408c3ecacc464fe4#commitcomment-22453387
|
---|
4968 |
|
---|
4969 | - setopt: check CURLOPT_ADDRESS_SCOPE option range
|
---|
4970 |
|
---|
4971 | ... and return error instead of triggering an assert() when being way
|
---|
4972 | out of range.
|
---|
4973 |
|
---|
4974 | Jay Satiro (8 Jun 2017)
|
---|
4975 | - [TheAssassin brought this change]
|
---|
4976 |
|
---|
4977 | cmake: Fix inconsistency regarding mbed TLS include directory
|
---|
4978 |
|
---|
4979 | Previously, one had to set MBEDTLS_INCLUDE_DIR to make CMake find the
|
---|
4980 | headers, but the system complained that mbed TLS wasn't found due to
|
---|
4981 | MBEDTLS_INCLUDE_DIRS (note the trailing s) was not set. This commit
|
---|
4982 | attempts to fix that.
|
---|
4983 |
|
---|
4984 | Closes https://github.com/curl/curl/pull/1541
|
---|
4985 |
|
---|
4986 | Daniel Stenberg (8 Jun 2017)
|
---|
4987 | - [Ryuichi KAWAMATA brought this change]
|
---|
4988 |
|
---|
4989 | examples/multi-uv.c: fix deprecated symbol
|
---|
4990 |
|
---|
4991 | Closes #1557
|
---|
4992 |
|
---|
4993 | - asyn-ares: s/Curl_expire_latest/Curl_expire
|
---|
4994 |
|
---|
4995 | - expire: remove Curl_expire_latest()
|
---|
4996 |
|
---|
4997 | With the introduction of expire IDs and the fact that existing timers
|
---|
4998 | can be removed now and thus never expire, the concept with adding a
|
---|
4999 | "latest" timer is not working anymore as it risks to not expire at all.
|
---|
5000 |
|
---|
5001 | So, to be certain the timers actually are in line and will expire, the
|
---|
5002 | plain Curl_expire() needs to be used. The _latest() function was added
|
---|
5003 | as a sort of shortcut in the past that's quite simply not necessary
|
---|
5004 | anymore.
|
---|
5005 |
|
---|
5006 | Follow-up to 31b39c40cf90
|
---|
5007 |
|
---|
5008 | Reported-by: Paul Harris
|
---|
5009 |
|
---|
5010 | Closes #1555
|
---|
5011 |
|
---|
5012 | - [Chris Carlmar brought this change]
|
---|
5013 |
|
---|
5014 | configure: fix link with librtmp when specifying path
|
---|
5015 |
|
---|
5016 | Bug: https://curl.haxx.se/mail/lib-2017-06/0017.html
|
---|
5017 |
|
---|
5018 | - file: make speedcheck use current time for checks
|
---|
5019 |
|
---|
5020 | ... as it would previously just get the "now" timestamp before the
|
---|
5021 | transfer starts and then not update it again.
|
---|
5022 |
|
---|
5023 | Closes #1550
|
---|
5024 |
|
---|
5025 | - metalink: remove unused printf() argument
|
---|
5026 |
|
---|
5027 | - travis: let some builds *not* use --enable-debug
|
---|
5028 |
|
---|
5029 | typecheck-gcc and other things require optimized builds
|
---|
5030 |
|
---|
5031 | Closes #1544
|
---|
5032 |
|
---|
5033 | - README.md: show the coverall coverage on github
|
---|
5034 |
|
---|
5035 | - lib1521: fix compiler warnings
|
---|
5036 |
|
---|
5037 | - test1521: make the code < 80 columns wide
|
---|
5038 |
|
---|
5039 | - test1121: use stricter types to work with typcheck-gcc
|
---|
5040 |
|
---|
5041 | - typecheck-gcc: allow CURLOPT_STDERR to be NULL too
|
---|
5042 |
|
---|
5043 | - test1521: test *all* curl_easy_setopt options
|
---|
5044 |
|
---|
5045 | mk-lib1521.pl generates a test program (lib1521.c) that calls
|
---|
5046 | curl_easy_setopt() for every known option with a few typical values to
|
---|
5047 | make sure they work (ignoring the return codes).
|
---|
5048 |
|
---|
5049 | Some small changes were necessary to avoid asserts and NULL accesses
|
---|
5050 | when doing this.
|
---|
5051 |
|
---|
5052 | The perl script needs to be manually rerun when we add new options.
|
---|
5053 |
|
---|
5054 | Closes #1543
|
---|
5055 |
|
---|
5056 | Dan Fandrich (5 Jun 2017)
|
---|
5057 | - test1538: added "verbose logs" keyword
|
---|
5058 |
|
---|
5059 | These error messages are not displayed with --disable-verbose
|
---|
5060 |
|
---|
5061 | Daniel Stenberg (5 Jun 2017)
|
---|
5062 | - test1262: verify ftp download with -z for "if older than this"
|
---|
5063 |
|
---|
5064 | Marcel Raad (5 Jun 2017)
|
---|
5065 | - curl_ntlm_core: use Curl_raw_toupper instead of toupper
|
---|
5066 |
|
---|
5067 | This was the only remaining use of toupper in the entire source code.
|
---|
5068 |
|
---|
5069 | Suggested-by: Daniel Stenberg
|
---|
5070 |
|
---|
5071 | Daniel Stenberg (4 Jun 2017)
|
---|
5072 | - RELEASE-NOTES: synced with 65ba92650
|
---|
5073 |
|
---|
5074 | Marcel Raad (4 Jun 2017)
|
---|
5075 | - curl_ntlm_core: pass unsigned char to toupper
|
---|
5076 |
|
---|
5077 | Otherwise, clang on Cygwin64 warns:
|
---|
5078 | curl_ntlm_core.c:525:35: error: array subscript is of type 'char'
|
---|
5079 | [-Werror,-Wchar-subscripts]
|
---|
5080 | dest[2 * i] = (unsigned char)(toupper(src[i]));
|
---|
5081 | ^~~~~~~~~~~~~~~
|
---|
5082 | /usr/include/ctype.h:152:25: note: expanded from macro 'toupper'
|
---|
5083 | (void) __CTYPE_PTR[__x]; (toupper) (__x);})
|
---|
5084 | ^~~~
|
---|
5085 |
|
---|
5086 | Jay Satiro (3 Jun 2017)
|
---|
5087 | - [Mahmoud Samir Fayed brought this change]
|
---|
5088 |
|
---|
5089 | BINDINGS: add Ring binding
|
---|
5090 |
|
---|
5091 | Closes https://github.com/curl/curl/pull/1539
|
---|
5092 |
|
---|
5093 | Daniel Stenberg (4 Jun 2017)
|
---|
5094 | - CONTRIBUTE.md: mention tests done on pull requests
|
---|
5095 |
|
---|
5096 | - travis: add coverage, distcheck and cmake builds
|
---|
5097 |
|
---|
5098 | Closes #1534
|
---|
5099 |
|
---|
5100 | Marcel Raad (3 Jun 2017)
|
---|
5101 | - libtest: fix int-in-bool-context warnings
|
---|
5102 |
|
---|
5103 | GCC 7 complained:
|
---|
5104 | â*â in boolean context, suggest â&&â instead [-Wint-in-bool-context]
|
---|
5105 |
|
---|
5106 | - libtest: fix implicit-fallthrough warnings with GCC 7
|
---|
5107 |
|
---|
5108 | - x509asn1: fix implicit-fallthrough warning with GCC 7
|
---|
5109 |
|
---|
5110 | - curl_sasl: fix unused-variable warning
|
---|
5111 |
|
---|
5112 | This fixes the following warning with CURL_DISABLE_CRYPTO_AUTH,
|
---|
5113 | as seen in the autobuilds:
|
---|
5114 |
|
---|
5115 | curl_sasl.c:417:9: warning: unused variable 'serverdata'
|
---|
5116 | [-Wunused-variable]
|
---|
5117 |
|
---|
5118 | Daniel Stenberg (3 Jun 2017)
|
---|
5119 | - updatemanpages.pl: error out on too old git version
|
---|
5120 |
|
---|
5121 | Marcel Raad (3 Jun 2017)
|
---|
5122 | - cyassl: define build macros before including ssl.h
|
---|
5123 |
|
---|
5124 | cyassl/ssl.h needs the macros from cyassl/options.h, so define them
|
---|
5125 | before including cyassl/ssl.h the first time, which happens in
|
---|
5126 | urldata.h.
|
---|
5127 | This broke the build on Ubuntu Xenial, which comes with WolfSSL 3.4.8
|
---|
5128 | and therefore redefines the symbols from cyassl/options.h instead of
|
---|
5129 | including the header.
|
---|
5130 |
|
---|
5131 | Closes https://github.com/curl/curl/pull/1536
|
---|
5132 |
|
---|
5133 | Daniel Stenberg (3 Jun 2017)
|
---|
5134 | - tool_util: remove unused tvdiff_secs and remove tool_ prefix
|
---|
5135 |
|
---|
5136 | Closes #1532
|
---|
5137 |
|
---|
5138 | - dedotdot: fixed output for ".." and "." only input
|
---|
5139 |
|
---|
5140 | Found when updating test 1395, which I did to increase test coverage of
|
---|
5141 | this source file...
|
---|
5142 |
|
---|
5143 | Closes #1535
|
---|
5144 |
|
---|
5145 | Marcel Raad (2 Jun 2017)
|
---|
5146 | - mbedtls: make TU-local variable static
|
---|
5147 |
|
---|
5148 | mbedtls_x509_crt_profile_fr is only used locally.
|
---|
5149 | This fixes a missing-variable-declarations warning with clang.
|
---|
5150 |
|
---|
5151 | - MD(4|5): silence cast-align clang warning
|
---|
5152 |
|
---|
5153 | Unaligned access is on purpose here and the warning is harmless on
|
---|
5154 | affected architectures. GCC knows that, while clang warns on all
|
---|
5155 | architectures.
|
---|
5156 |
|
---|
5157 | Daniel Stenberg (2 Jun 2017)
|
---|
5158 | - test1538: fix typo
|
---|
5159 |
|
---|
5160 | - test1538: verify the libcurl strerror API calls
|
---|
5161 |
|
---|
5162 | - curl_endian: remove unused functions
|
---|
5163 |
|
---|
5164 | Closes #1529
|
---|
5165 |
|
---|
5166 | - test1537: dedicated tests of the URL (un)escape API calls
|
---|
5167 |
|
---|
5168 | Closes #1530
|
---|
5169 |
|
---|
5170 | - coverage: run event tests too
|
---|
5171 |
|
---|
5172 | ... the torture ones are commented out only because they are slooooow.
|
---|
5173 |
|
---|
5174 | - build: provide easy code coverage measuring
|
---|
5175 |
|
---|
5176 | Closes #1528
|
---|
5177 |
|
---|
5178 | - typecheck-gcc.h: check CURLINFO_CERTINFO
|
---|
5179 |
|
---|
5180 | ... and update the certinfo.c example accordingly.
|
---|
5181 |
|
---|
5182 | Fixes https://github.com/curl/curl/issues/846
|
---|
5183 |
|
---|
5184 | - typecheck-gcc.h: check CURLINFO_TLS_SSL_PTR and CURLINFO_TLS_SESSION
|
---|
5185 |
|
---|
5186 | ... so that they get the required "struct curl_tlssessioninfo **"
|
---|
5187 | arguments.
|
---|
5188 |
|
---|
5189 | - typecheck-gcc.h: separate getinfo slist checks from other pointers
|
---|
5190 |
|
---|
5191 | Fixes #1524
|
---|
5192 |
|
---|
5193 | Marcel Raad (1 Jun 2017)
|
---|
5194 | - curl-compilers.m4: escape square brackets in regex
|
---|
5195 |
|
---|
5196 | Otherwise, they are removed in the final configure file.
|
---|
5197 | Also changed sed to "$SED" like in most other calls in this file.
|
---|
5198 |
|
---|
5199 | - curl-compilers.m4: fix compiler_num for clang
|
---|
5200 |
|
---|
5201 | "clang -dumpversion" always returns "4.2.1", the GCC version that clang
|
---|
5202 | was initially compatible to. Use "clang -v" instead, which returns the
|
---|
5203 | actual clang version.
|
---|
5204 |
|
---|
5205 | Fixes https://github.com/curl/curl/issues/1522
|
---|
5206 | Closes https://github.com/curl/curl/pull/1523
|
---|
5207 |
|
---|
5208 | Daniel Stenberg (31 May 2017)
|
---|
5209 | - examples/externalsocket.c: s/closesocket/closecb
|
---|
5210 |
|
---|
5211 | ... since closesocket is a function in WinSock.
|
---|
5212 |
|
---|
5213 | Reported-by: Marcel Raad
|
---|
5214 | Bug: https://github.com/curl/curl/commit/55fcb8485914700132fd1854c9509b66c955efbe#co
|
---|
5215 | mmitcomment-22347818
|
---|
5216 |
|
---|
5217 | Marcel Raad (31 May 2017)
|
---|
5218 | - lib583: fix compiler warning
|
---|
5219 |
|
---|
5220 | Use CURLMcode for variable 'res' and cast to int where necessary
|
---|
5221 | instead of the other way around. Other tests do the same.
|
---|
5222 |
|
---|
5223 | This fixes the following clang warning:
|
---|
5224 | lib583.c:68:15: warning: cast from function call of type 'CURLMcode' to
|
---|
5225 | non-matching type 'int' [-Wbad-function-cast]
|
---|
5226 |
|
---|
5227 | Daniel Stenberg (31 May 2017)
|
---|
5228 | - CURLOPT_SSH_KEY*.3: typos
|
---|
5229 |
|
---|
5230 | Reported-by: Gisle Vanem
|
---|
5231 |
|
---|
5232 | - CURLOPT_STREAM_DEPENDS.3: typo
|
---|
5233 |
|
---|
5234 | - CURLOPT_FNMATCH_FUNCTION.3: also modified example to avoid fcpp issues
|
---|
5235 |
|
---|
5236 | - CURLOPT_FNMATCH_DATA.3: modified example to avoid fcpp issues
|
---|
5237 |
|
---|
5238 | - opts: more than 100 more examples for man pages...
|
---|
5239 |
|
---|
5240 | - libtest/lib574.c: use correct callback proto
|
---|
5241 |
|
---|
5242 | - examples/sampleconv.c: indent changes, made callbacks static
|
---|
5243 |
|
---|
5244 | - example/externalsocket.c: make it use CLOSESOCKETFUNCTION too
|
---|
5245 |
|
---|
5246 | Marcel Raad (31 May 2017)
|
---|
5247 | - curl-compilers.m4: enable -Wshift-sign-overflow for clang
|
---|
5248 |
|
---|
5249 | clang 2.9+ supports -Wshift-sign-overflow, which warns about undefined
|
---|
5250 | behavior on signed left shifts when shifting by too many places.
|
---|
5251 |
|
---|
5252 | Ref: https://github.com/curl/curl/issues/1516
|
---|
5253 | Closes https://github.com/curl/curl/pull/1517
|
---|
5254 |
|
---|
5255 | Daniel Stenberg (31 May 2017)
|
---|
5256 | - CURLOPT_PROXY.3: fix test 1140 breakage
|
---|
5257 |
|
---|
5258 | Jay Satiro (31 May 2017)
|
---|
5259 | - build-wolfssl: Sync config with wolfSSL 3.11
|
---|
5260 |
|
---|
5261 | wolfSSL configure script relevant changes from 3.10 to 3.11:
|
---|
5262 |
|
---|
5263 | - Async threading support added; disabled by default without async
|
---|
5264 | crypto, which continues to be disabled by default.
|
---|
5265 |
|
---|
5266 | wolfSSL configure script relevant changes from 3.11 to 3.11.1 (beta):
|
---|
5267 |
|
---|
5268 | - TLS 1.3 beta support added; disabled by default.
|
---|
5269 |
|
---|
5270 | For experimenting I put in a comment block the defines needed to enable
|
---|
5271 | TLS 1.3 support (ie the equivalent of --enable-tls13).
|
---|
5272 |
|
---|
5273 | Daniel Stenberg (30 May 2017)
|
---|
5274 | - opts: more examples added to man pages
|
---|
5275 |
|
---|
5276 | - docs: clarify NO_PROXY further
|
---|
5277 |
|
---|
5278 | Fixes #1208
|
---|
5279 |
|
---|
5280 | - CURLOPT_PROXY.3: describe the environment variables more
|
---|
5281 |
|
---|
5282 | - transfer: init the infilesize from the postfields...
|
---|
5283 |
|
---|
5284 | ... with a strlen() if no size was set, and do this in the pretransfer
|
---|
5285 | function so that the info is set early. Otherwise, the default strlen()
|
---|
5286 | done on the POSTFIELDS data never sets state.infilesize.
|
---|
5287 |
|
---|
5288 | Reported-by: Vincas Razma
|
---|
5289 | Bug: #1294
|
---|
5290 |
|
---|
5291 | Jay Satiro (29 May 2017)
|
---|
5292 | - test557: fix ubsan runtime error due to int left shift
|
---|
5293 |
|
---|
5294 | - Test curl_msnprintf negative int width arg using INT_MIN instead of
|
---|
5295 | 1 << 31 which is undefined behavior.
|
---|
5296 |
|
---|
5297 | Closes https://github.com/curl/curl/issues/1516
|
---|
5298 |
|
---|
5299 | - mbedtls: fix variable shadow warning
|
---|
5300 |
|
---|
5301 | vtls/mbedtls.c:804:69: warning: declaration of 'entropy' shadows a global declaration [-Wshadow]
|
---|
5302 | CURLcode Curl_mbedtls_random(struct Curl_easy *data, unsigned char *entropy,
|
---|
5303 | ^~~~~~~
|
---|
5304 |
|
---|
5305 | Daniel Stenberg (29 May 2017)
|
---|
5306 | - RELEASE-NOTES: synced with 3aaac8c2f
|
---|
5307 |
|
---|
5308 | Dan Fandrich (28 May 2017)
|
---|
5309 | - tests: removed some redundant empty <stdout> sections
|
---|
5310 |
|
---|
5311 | - runtests.pl: removed <precommand> feature
|
---|
5312 |
|
---|
5313 | This hasn't been used in over a decade. <precheck> can still be used to
|
---|
5314 | run commands before the main test.
|
---|
5315 |
|
---|
5316 | Daniel Stenberg (27 May 2017)
|
---|
5317 | - opts: more examples added in option man pages
|
---|
5318 |
|
---|
5319 | Dan Fandrich (27 May 2017)
|
---|
5320 | - runtests.pl: removed unused arguments to valgrindparse
|
---|
5321 |
|
---|
5322 | Daniel Stenberg (25 May 2017)
|
---|
5323 | - TODO: 6.4 is done, send telnet data in chunks
|
---|
5324 |
|
---|
5325 | - [Phil Crump brought this change]
|
---|
5326 |
|
---|
5327 | docs/CURLOPT_SSLVERSION.3: Correct define name in example
|
---|
5328 |
|
---|
5329 | Closes #1509
|
---|
5330 |
|
---|
5331 | - ssh: fix 'left' may be used uninitialized
|
---|
5332 |
|
---|
5333 | follow-up to f31760e63b4e
|
---|
5334 |
|
---|
5335 | Reported-by: Michael Kaufmann
|
---|
5336 | Bug: https://github.com/curl/curl/pull/1495#issuecomment-303982793
|
---|
5337 |
|
---|
5338 | Michael Kaufmann (24 May 2017)
|
---|
5339 | - time: fix type conversions and compiler warnings
|
---|
5340 |
|
---|
5341 | Fix bugs and compiler warnings on systems with 32-bit long and
|
---|
5342 | 64-bit time_t.
|
---|
5343 |
|
---|
5344 | Reviewed-by: Daniel Stenberg
|
---|
5345 |
|
---|
5346 | Closes #1499
|
---|
5347 |
|
---|
5348 | Marcel Raad (24 May 2017)
|
---|
5349 | - examples: fix Wimplicit-fallthrough warnings
|
---|
5350 |
|
---|
5351 | This is contained in -Wextra with GCC 7.
|
---|
5352 |
|
---|
5353 | Daniel Stenberg (24 May 2017)
|
---|
5354 | - [Anatol Belski brought this change]
|
---|
5355 |
|
---|
5356 | winbuild: fix the nghttp2 build
|
---|
5357 |
|
---|
5358 | Closes #1321
|
---|
5359 |
|
---|
5360 | GitHub (24 May 2017)
|
---|
5361 | - [Sergei Nikulov brought this change]
|
---|
5362 |
|
---|
5363 | LDAP: documentation update per #878 changes (#1506)
|
---|
5364 |
|
---|
5365 | Daniel Stenberg (23 May 2017)
|
---|
5366 | - redirect: store the "would redirect to" URL when max redirs is reached
|
---|
5367 |
|
---|
5368 | Test 1261 added to verify.
|
---|
5369 |
|
---|
5370 | Reported-by: Lloyd Fournier
|
---|
5371 |
|
---|
5372 | Fixes #1489
|
---|
5373 | Closes #1497
|
---|
5374 |
|
---|
5375 | GitHub (24 May 2017)
|
---|
5376 | - [Sergei Nikulov brought this change]
|
---|
5377 |
|
---|
5378 | LDAP: fixed checksrc issue
|
---|
5379 |
|
---|
5380 | - [Sergei Nikulov brought this change]
|
---|
5381 |
|
---|
5382 | LDAP: using ldap_bind_s on Windows with methods (#878)
|
---|
5383 |
|
---|
5384 | * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG)
|
---|
5385 |
|
---|
5386 | * ldap: updated per build options handling
|
---|
5387 |
|
---|
5388 | * ldap: fixed logic for auth selection
|
---|
5389 |
|
---|
5390 | Daniel Stenberg (23 May 2017)
|
---|
5391 | - [Akhil Kedia brought this change]
|
---|
5392 |
|
---|
5393 | cmake: fix build on Ubuntu 14.04
|
---|
5394 |
|
---|
5395 | Fixed a syntax error with setting cache variables (The type and
|
---|
5396 | docstring were missing), resulting in build errors. Quoted the
|
---|
5397 | CURL_CA_PATH and CURL_CA_BUNDLE otherwise the path was written without
|
---|
5398 | quotes in C code, resulting in build errors.
|
---|
5399 |
|
---|
5400 | Closes #1503
|
---|
5401 |
|
---|
5402 | Signed-off-by: Akhil <akhil.kedia@samsung.com>
|
---|
5403 |
|
---|
5404 | - url: fix declaration of 'pipe' shadows a global declaration
|
---|
5405 |
|
---|
5406 | follow-up to 4cdb1be8246c
|
---|
5407 |
|
---|
5408 | Kamil Dudka (22 May 2017)
|
---|
5409 | - memdebug: fix compilation failure
|
---|
5410 |
|
---|
5411 | .... caused by a typo in the last commit (fixing issue #1504):
|
---|
5412 |
|
---|
5413 | memdebug.c: In function âcurl_fcloseâ:
|
---|
5414 | memdebug.c:444:3: error: implicit declaration of function
|
---|
5415 | âDEBUGDEBUGASSERTâ [-Werror=implicit-function-declaration]
|
---|
5416 |
|
---|
5417 | Daniel Stenberg (22 May 2017)
|
---|
5418 | - assert: avoid, use DEBUGASSERT instead!
|
---|
5419 |
|
---|
5420 | ... as it does extra checks to actually work.
|
---|
5421 |
|
---|
5422 | Reported-by: jonrumsey at github
|
---|
5423 | Fixes #1504
|
---|
5424 |
|
---|
5425 | - [Simon Warta brought this change]
|
---|
5426 |
|
---|
5427 | cmake: remove unused variables: GNUTLS_ENABLED, NSS_ENABLED
|
---|
5428 |
|
---|
5429 | - [Simon Warta brought this change]
|
---|
5430 |
|
---|
5431 | cmake: remove CURL_CA_BUNDLE from cmake TODO
|
---|
5432 |
|
---|
5433 | - [Simon Warta brought this change]
|
---|
5434 |
|
---|
5435 | cmake: auto detection of CURL_CA_BUNDLE/CURL_CA_PATH
|
---|
5436 |
|
---|
5437 | Closes #1461
|
---|
5438 |
|
---|
5439 | - [Simon Warta brought this change]
|
---|
5440 |
|
---|
5441 | cmake: add CURL_CA_BUNDLE/CURL_CA_FALLBACK/CURL_CA_PATH options
|
---|
5442 |
|
---|
5443 | - [Simon Warta brought this change]
|
---|
5444 |
|
---|
5445 | cmake: Add CURL_CA_FALLBACK to curl_config.h.cmake
|
---|
5446 |
|
---|
5447 | This is for symmetry with the autoconf generated curl_config.h.in
|
---|
5448 |
|
---|
5449 | - RELEASE-NOTES: synced with 052a14e3c
|
---|
5450 |
|
---|
5451 | Michael Kaufmann (20 May 2017)
|
---|
5452 | - tests: stabilize test 1034
|
---|
5453 |
|
---|
5454 | Pass the invalid domain name on stdin. On some systems, the test
|
---|
5455 | framework cannot pass invalid UTF-8 sequences on the command line.
|
---|
5456 |
|
---|
5457 | Closes #1488
|
---|
5458 |
|
---|
5459 | Daniel Stenberg (20 May 2017)
|
---|
5460 | - ssh: ignore timeouts during disconnect
|
---|
5461 |
|
---|
5462 | ... as otherwise it risks not cleaning up the libssh2 handle properly
|
---|
5463 | which leads to memory leak!
|
---|
5464 |
|
---|
5465 | Assisted-by: Joel Depooter
|
---|
5466 |
|
---|
5467 | Closes #1495
|
---|
5468 | Closes #1479
|
---|
5469 |
|
---|
5470 | Bug: https://curl.haxx.se/mail/lib-2017-04/0024.html
|
---|
5471 |
|
---|
5472 | - ghiper.c/hiperfifo.c: add comment about missing timer functionality
|
---|
5473 |
|
---|
5474 | It takes someone to read up on the APIs of these libraries to figure out
|
---|
5475 | how to do this correctly.
|
---|
5476 |
|
---|
5477 | Reported-by: Michael Kaufmann
|
---|
5478 |
|
---|
5479 | Closes #1253
|
---|
5480 |
|
---|
5481 | - asiohiper.cpp / evhiperfifo.c: deal with negative timerfunction input
|
---|
5482 |
|
---|
5483 | That means delete the timer.
|
---|
5484 |
|
---|
5485 | Reported-by: Michael Kaufmann
|
---|
5486 | Ref: #1253
|
---|
5487 |
|
---|
5488 | - cmdline-opts/write-out.d: s/-L/--location
|
---|
5489 |
|
---|
5490 | Since the man page generator wants the long option name version to
|
---|
5491 | generate the proper output.
|
---|
5492 |
|
---|
5493 | - [Bernhard M. Wiedemann brought this change]
|
---|
5494 |
|
---|
5495 | mkhelp.pl: do not add current time into curl binary
|
---|
5496 |
|
---|
5497 | ... as part of hugehelpgz rodata to make build reproducible.
|
---|
5498 |
|
---|
5499 | See https://reproducible-builds.org/ for why this is good
|
---|
5500 |
|
---|
5501 | Closes #1490
|
---|
5502 |
|
---|
5503 | - oauth2-bearer.d: mention the <token> argument
|
---|
5504 |
|
---|
5505 | Nick Zitzmann (16 May 2017)
|
---|
5506 | - darwinssl: Fix exception when processing a client-side certificate file
|
---|
5507 | if no error was raised by the API but the SecIdentityRef was null
|
---|
5508 |
|
---|
5509 | Fixes #1450
|
---|
5510 |
|
---|
5511 | Daniel Stenberg (16 May 2017)
|
---|
5512 | - curl_sasl: fix build error with CURL_DISABLE_CRYPTO_AUTH + USE_NTLM
|
---|
5513 |
|
---|
5514 | Reported-by: wyattoday at github
|
---|
5515 | Fixes #1487
|
---|
5516 |
|
---|
5517 | - docs/cmdline-opts/config.d: edit for language
|
---|
5518 |
|
---|
5519 | - RELEASE-NOTES: synced with eb16305e6
|
---|
5520 |
|
---|
5521 | - [moparisthebest brought this change]
|
---|
5522 |
|
---|
5523 | SecureTransport/DarwinSSL: Implement public key pinning
|
---|
5524 |
|
---|
5525 | Closes #1400
|
---|
5526 |
|
---|
5527 | - man pages: fix example syntax errors
|
---|
5528 |
|
---|
5529 | follow-up to 5ddad099b42b50
|
---|
5530 |
|
---|
5531 | - docs/libcurl/opts: added more examples in man pages
|
---|
5532 |
|
---|
5533 | - CURLOPT_HTTPPROXYTUNNEL: clarify, add example
|
---|
5534 |
|
---|
5535 | - curl: show the libcurl release date in --version output
|
---|
5536 |
|
---|
5537 | ... and support and additional "security patched" date for those who
|
---|
5538 | enhance older versions that way. Pass on the define CURL_PATCHSTAMP with
|
---|
5539 | a date for that.
|
---|
5540 |
|
---|
5541 | Building with non-release headers shows the date as [unreleased].
|
---|
5542 |
|
---|
5543 | Also: this changes the date format generated in the curlver.h file to be
|
---|
5544 | "YYYY-MM-DD" (no name of the day or month, no time, no time zone) to
|
---|
5545 | make it easier on the eye and easier to parse. Example (new) date
|
---|
5546 | string: 2017-05-09
|
---|
5547 |
|
---|
5548 | Suggested-by: Brian Childs
|
---|
5549 |
|
---|
5550 | Closes #1474
|
---|
5551 |
|
---|
5552 | Dan Fandrich (13 May 2017)
|
---|
5553 | - url.c: add a compile-time check that CURL_MAX_WRITE_SIZE is large enough
|
---|
5554 |
|
---|
5555 | Some code (e.g. Curl_fillreadbuffer) assumes that this buffer is not
|
---|
5556 | exceedingly tiny and will break if it is. This same check is already
|
---|
5557 | done at run time in the CURLOPT_BUFFERSIZE option.
|
---|
5558 |
|
---|
5559 | - lib510: don't write past the end of the buffer if it's too small
|
---|
5560 |
|
---|
5561 | - tests: added missing keywords "chunked Transfer-Encoding"
|
---|
5562 |
|
---|
5563 | Daniel Stenberg (13 May 2017)
|
---|
5564 | - THANKS: add a few missing names
|
---|
5565 |
|
---|
5566 | ... I found them in the commit logs from the early years
|
---|
5567 |
|
---|
5568 | Dan Fandrich (13 May 2017)
|
---|
5569 | - tests: made a couple of prechecks consistent with others
|
---|
5570 |
|
---|
5571 | Also removed a TODO suggesting caching the precheck results. Tests
|
---|
5572 | showed this would save about 0.1 sec on the total test run time on a
|
---|
5573 | relatively modern system, an unnoticeable gain at the cost of longer and
|
---|
5574 | more complicated code. There would also be a danger that a cached test
|
---|
5575 | result would be inappropriately returned, such as when other test
|
---|
5576 | dependencies (like environment variables) are different or when the
|
---|
5577 | precheck causes side effects (like filesystem changes).
|
---|
5578 |
|
---|
5579 | Daniel Stenberg (12 May 2017)
|
---|
5580 | - FAQ: add 7.4 to toc
|
---|
5581 |
|
---|
5582 | ... and delete trailing whitespace
|
---|
5583 |
|
---|
5584 | Fixes #1484
|
---|
5585 |
|
---|
5586 | - multi: remove leftover debug infof() calls from e9fd794a6
|
---|
5587 |
|
---|
5588 | - pipeline: fix mistakenly trying to pipeline POSTs
|
---|
5589 |
|
---|
5590 | The function IsPipeliningPossible() would return TRUE if either
|
---|
5591 | pipelining OR HTTP/2 were possible on a connection, which would lead to
|
---|
5592 | it returning TRUE even for POSTs on HTTP/1 connections.
|
---|
5593 |
|
---|
5594 | It now returns a bitmask so that the caller can differentiate which kind
|
---|
5595 | the connection allows.
|
---|
5596 |
|
---|
5597 | Fixes #1481
|
---|
5598 | Closes #1483
|
---|
5599 | Reported-by: stootill at github
|
---|
5600 |
|
---|
5601 | Jay Satiro (12 May 2017)
|
---|
5602 | - [Ron Eldor brought this change]
|
---|
5603 |
|
---|
5604 | mbedtls: Support server renegotiation request
|
---|
5605 |
|
---|
5606 | Tested with servers: IIS 7.5; OpenSSL 1.0.2.
|
---|
5607 |
|
---|
5608 | Closes https://github.com/curl/curl/pull/1475
|
---|
5609 |
|
---|
5610 | Marcel Raad (11 May 2017)
|
---|
5611 | - cookie_interface: fix -Wcomma warning
|
---|
5612 |
|
---|
5613 | clang 5.0 complains:
|
---|
5614 | possible misuse of comma operator here [-Wcomma]
|
---|
5615 |
|
---|
5616 | - formdata: fix -Wcomma warning
|
---|
5617 |
|
---|
5618 | clang 5.0 complains:
|
---|
5619 | possible misuse of comma operator here [-Wcomma]
|
---|
5620 |
|
---|
5621 | Change the comma to a semicolon to fix that.
|
---|
5622 |
|
---|
5623 | Daniel Stenberg (10 May 2017)
|
---|
5624 | - multi: use a fixed array of timers instead of malloc
|
---|
5625 |
|
---|
5626 | ... since the total amount is low this is faster, easier and reduces
|
---|
5627 | memory overhead.
|
---|
5628 |
|
---|
5629 | Also, Curl_expire_done() can now mark an expire timeout as done so that
|
---|
5630 | it never times out.
|
---|
5631 |
|
---|
5632 | Closes #1472
|
---|
5633 |
|
---|
5634 | - multi: assign IDs to all timers and make each timer singleton
|
---|
5635 |
|
---|
5636 | A) reduces the timeout lists drastically
|
---|
5637 |
|
---|
5638 | B) prevents a lot of superfluous loops for timers that expires "in vain"
|
---|
5639 | when it has actually already been extended to fire later on
|
---|
5640 |
|
---|
5641 | - [Richard Hsu brought this change]
|
---|
5642 |
|
---|
5643 | tests: remove superfluous test 1399
|
---|
5644 |
|
---|
5645 | @MarcelRaad noted that `test1399` causes infinite loop on MinGW.
|
---|
5646 | Looking into this, seems like it is related to how Windows handles
|
---|
5647 | CRLF. See https://github.com/curl/curl/commit/9e093f by @mback2k.
|
---|
5648 | Removing `test1399` as it's identical to `test1326` then with such a
|
---|
5649 | fix.
|
---|
5650 |
|
---|
5651 | Test 1399 was broughy by commit 862b02f8947039e
|
---|
5652 |
|
---|
5653 | Closes #1478
|
---|
5654 |
|
---|
5655 | Dan Fandrich (9 May 2017)
|
---|
5656 | - tests: make test file names more unique
|
---|
5657 |
|
---|
5658 | Include the test number in the names of files written out by tests to
|
---|
5659 | reduce the chance of accidental duplication and to make it more clear
|
---|
5660 | which test is associated with which file.
|
---|
5661 |
|
---|
5662 | - tests: removed redundant --trace-ascii arguments
|
---|
5663 |
|
---|
5664 | This is already added by the test suite; it's not clear why all these
|
---|
5665 | tests had it, unless it's cargo-culting.
|
---|
5666 |
|
---|
5667 | Marcel Raad (9 May 2017)
|
---|
5668 | - tool: fix remaining -Wcast-qual warnings
|
---|
5669 |
|
---|
5670 | Avoid casting away low-level const.
|
---|
5671 |
|
---|
5672 | Daniel Stenberg (9 May 2017)
|
---|
5673 | - formboundary: convert assert into run-time check
|
---|
5674 |
|
---|
5675 | ... to really make sure the boundary fits in the target buffer.
|
---|
5676 |
|
---|
5677 | Fixes unused parameter 'buflen' warning.
|
---|
5678 |
|
---|
5679 | Reported-by: Michael Kaufmann
|
---|
5680 | Bug: https://github.com/curl/curl/pull/1468#issuecomment-300078754
|
---|
5681 |
|
---|
5682 | Dan Fandrich (9 May 2017)
|
---|
5683 | - tests: list the primary server first in the server section
|
---|
5684 |
|
---|
5685 | Daniel Stenberg (8 May 2017)
|
---|
5686 | - curl: generate the --help output
|
---|
5687 |
|
---|
5688 | ... using the docs/cmdline-opts/gen.pl script, so that we get all the
|
---|
5689 | command line option documentation from the same source.
|
---|
5690 |
|
---|
5691 | The generation of the list has to be done manually and pasted into the
|
---|
5692 | source code.
|
---|
5693 |
|
---|
5694 | Closes #1465
|
---|
5695 |
|
---|
5696 | - tests: updated for modified fake random
|
---|
5697 |
|
---|
5698 | - [Jay Satiro brought this change]
|
---|
5699 |
|
---|
5700 | rand: treat fake entropy the same regardless of endianness
|
---|
5701 |
|
---|
5702 | When the random seed is purposely made predictable for testing purposes
|
---|
5703 | by using the CURL_ENTROPY environment variable, process that data in an
|
---|
5704 | endian agnostic way so the the initial random seed is the same
|
---|
5705 | regardless of endianness.
|
---|
5706 |
|
---|
5707 | - Change Curl_rand to write to a char array instead of int array.
|
---|
5708 |
|
---|
5709 | - Add Curl_rand_hex to write random hex characters to a buffer.
|
---|
5710 |
|
---|
5711 | Fixes #1315
|
---|
5712 | Closes #1468
|
---|
5713 |
|
---|
5714 | Co-authored-by: Daniel Stenberg
|
---|
5715 | Reported-by: Michael Kaufmann
|
---|
5716 |
|
---|
5717 | Dan Fandrich (8 May 2017)
|
---|
5718 | - tests: give each stunnel.conf file a unique name
|
---|
5719 |
|
---|
5720 | Otherwise, subsequent uses of stunnel overwrite the configuration file
|
---|
5721 | of previous invocations so they can no longer be inspected.
|
---|
5722 |
|
---|
5723 | Marcel Raad (8 May 2017)
|
---|
5724 | - tool_msgs: remove wrong cast
|
---|
5725 |
|
---|
5726 | Commit 481e0de00a9003b9c5220b120e3fc302d9b0932d changed the variable
|
---|
5727 | type from int to size_t, so don't cast the result of strlen to int
|
---|
5728 | anymore.
|
---|
5729 |
|
---|
5730 | - tftpd: fix signed/unsigned mismatch warnings
|
---|
5731 |
|
---|
5732 | alarm's argument is unsigned.
|
---|
5733 |
|
---|
5734 | - libtest: fix MinGW-w64 warnings
|
---|
5735 |
|
---|
5736 | long is 32 bits while size_t is 64 bits on MinGW-w64, so
|
---|
5737 | typecheck-gcc.h complains when using size_t for a long option.
|
---|
5738 | Also, curl_socket_t is unsigned long long rather than int.
|
---|
5739 |
|
---|
5740 | Daniel Stenberg (8 May 2017)
|
---|
5741 | - curl.1: depend the build on the Makefile.inc too
|
---|
5742 |
|
---|
5743 | ... to also make it update when we remove files, like we did for
|
---|
5744 | --environment in commit a8e388dd1095.
|
---|
5745 |
|
---|
5746 | - RELEASE-NOTES: synced with e3f84efc32d6b01a
|
---|
5747 |
|
---|
5748 | - runtests: fix "use of undefined value" warning in -R handling
|
---|
5749 |
|
---|
5750 | Marcel Raad (8 May 2017)
|
---|
5751 | - test537: use correct variable type
|
---|
5752 |
|
---|
5753 | Avoids narrowing conversion warnings because rlim_t is usually
|
---|
5754 | unsigned long.
|
---|
5755 |
|
---|
5756 | Closes https://github.com/curl/curl/pull/1469
|
---|
5757 |
|
---|
5758 | - sendrecv: fix MinGW-w64 warning
|
---|
5759 |
|
---|
5760 | The first argument to select is an int, while curl_socket_t is
|
---|
5761 | unsigned long long when using WinSock. It's ignored anyway [1].
|
---|
5762 |
|
---|
5763 | [1] https://msdn.microsoft.com/en-us/library/windows/desktop/ms740141.aspx
|
---|
5764 |
|
---|
5765 | - tool_parsecfg: fix -Wcast-qual warning
|
---|
5766 |
|
---|
5767 | Don't convert string literal to char * before assigning it to
|
---|
5768 | const char *.
|
---|
5769 |
|
---|
5770 | - asyn-thread: fix unused macro warnings
|
---|
5771 |
|
---|
5772 | Don't do anything in this file if CURLRES_THREADED is not defined.
|
---|
5773 |
|
---|
5774 | - tftp: silence bad-function-cast warning
|
---|
5775 |
|
---|
5776 | The cases this warns about are handled elsewhere, so just use an
|
---|
5777 | intermediate variable to silence the warning.
|
---|
5778 |
|
---|
5779 | Daniel Stenberg (7 May 2017)
|
---|
5780 | - [canavan at github brought this change]
|
---|
5781 |
|
---|
5782 | buildconf: fix hang on IRIX
|
---|
5783 |
|
---|
5784 | Apparently, /usr/bin/m4 ignores the --version parameter and waits for
|
---|
5785 | input from stdin.
|
---|
5786 |
|
---|
5787 | Fixes #1471
|
---|
5788 |
|
---|
5789 | - opts: fix bad example formatting \n => \\n
|
---|
5790 |
|
---|
5791 | ...to render properly nroff.
|
---|
5792 |
|
---|
5793 | - opts: examples added to 8 more libcurl option man pages
|
---|
5794 |
|
---|
5795 | - curl: remove tool_writeenv.[ch]
|
---|
5796 |
|
---|
5797 | ... and USE_ENVIRONMENT and --environment. It was once added for RISC OS
|
---|
5798 | support and its platform specific behavior has been annoying ever
|
---|
5799 | since. Added in commit c3c8bbd3b2688da8e, mostly unchanged since
|
---|
5800 | then. Most probably not actually used for years.
|
---|
5801 |
|
---|
5802 | Closes #1463
|
---|
5803 |
|
---|
5804 | Dan Fandrich (6 May 2017)
|
---|
5805 | - runtests.pl: simplify the datacheck read section
|
---|
5806 |
|
---|
5807 | Also, document that numbered datacheck sections are possible.
|
---|
5808 |
|
---|
5809 | Marcel Raad (5 May 2017)
|
---|
5810 | - tests: fix -Wcast-qual warnings
|
---|
5811 |
|
---|
5812 | Avoid casting string literals to non-const char *.
|
---|
5813 |
|
---|
5814 | Daniel Stenberg (5 May 2017)
|
---|
5815 | - docs/opts: 24 more man pages now have examples
|
---|
5816 |
|
---|
5817 | - docs/opts: 23 more man pages now have examples
|
---|
5818 |
|
---|
5819 | - tests/server: run checksrc by default in debug-builds
|
---|
5820 |
|
---|
5821 | - curl_slist_append.3: clarify a NULL input creates a new list
|
---|
5822 |
|
---|
5823 | Marcel Raad (5 May 2017)
|
---|
5824 | - unit1305: fix compiler warning
|
---|
5825 |
|
---|
5826 | calloc and ai_addrlen expect different (usually unsigned) types.
|
---|
5827 |
|
---|
5828 | Daniel Stenberg (5 May 2017)
|
---|
5829 | - runtests: use -R for random order
|
---|
5830 |
|
---|
5831 | Suggested-by: Dan Fandrich
|
---|
5832 |
|
---|
5833 | - runtests: add -o to run test cases in scrambled order
|
---|
5834 |
|
---|
5835 | ... instead of numerical order.
|
---|
5836 |
|
---|
5837 | Closes #1466
|
---|
5838 |
|
---|
5839 | Dan Fandrich (4 May 2017)
|
---|
5840 | - sockfilt.c: shortened too long line
|
---|
5841 |
|
---|
5842 | Marcel Raad (4 May 2017)
|
---|
5843 | - tests/server: make string literals const
|
---|
5844 |
|
---|
5845 | assign string literals to const char * instead of char * in order to
|
---|
5846 | avoid a lot of these warnings:
|
---|
5847 | cast from 'const char *' to 'char *' drops const qualifier
|
---|
5848 | [-Wcast-qual]
|
---|
5849 |
|
---|
5850 | Dan Fandrich (4 May 2017)
|
---|
5851 | - schannel: return a more specific error code for SEC_E_UNTRUSTED_ROOT
|
---|
5852 |
|
---|
5853 | - test557: set a known good numeric locale
|
---|
5854 |
|
---|
5855 | Windows does not allow setting the locale with environment variables (as
|
---|
5856 | the test attempted to do), so the test failed when run with a user
|
---|
5857 | locale that has a comma as radixchar. Changed the test to call
|
---|
5858 | setlocale() explicitly to ensure that a known working locale is set even
|
---|
5859 | on Windows.
|
---|
5860 |
|
---|
5861 | Daniel Stenberg (4 May 2017)
|
---|
5862 | - curl: fix warning "comma at end of enumerator list"
|
---|
5863 |
|
---|
5864 | - test559: verify use of minimum CURLOPT_BUFFERSIZE
|
---|
5865 |
|
---|
5866 | Marcel Raad (4 May 2017)
|
---|
5867 | - curl_setup_once: use SEND_QUAL_ARG2 for swrite
|
---|
5868 |
|
---|
5869 | SEND_QUAL_ARG2 had to be set, but was never used. Use it in swrite to
|
---|
5870 | avoid warnings about casting away low-level const.
|
---|
5871 |
|
---|
5872 | Closes https://github.com/curl/curl/pull/1464
|
---|
5873 |
|
---|
5874 | Daniel Stenberg (4 May 2017)
|
---|
5875 | - CURLINFO_REDIRECT_URL.3: add example
|
---|
5876 |
|
---|
5877 | - CURLINFO_EFFECTIVE_URL.3: add example
|
---|
5878 |
|
---|
5879 | Marcel Raad (3 May 2017)
|
---|
5880 | - lib: fix compiler warnings
|
---|
5881 |
|
---|
5882 | Fix the following warnings when building the tests by using the correct
|
---|
5883 | types:
|
---|
5884 | cast from 'const char *' to 'void *' drops const qualifier
|
---|
5885 | [-Wcast-qual]
|
---|
5886 | implicit conversion changes signedness [-Wsign-conversion]
|
---|
5887 |
|
---|
5888 | - typecheck-gcc: add support for CURLINFO_SOCKET
|
---|
5889 |
|
---|
5890 | Closes https://github.com/curl/curl/pull/1452
|
---|
5891 |
|
---|
5892 | - typecheck-gcc: add missing string options
|
---|
5893 |
|
---|
5894 | Closes https://github.com/curl/curl/pull/1452
|
---|
5895 |
|
---|
5896 | Daniel Stenberg (3 May 2017)
|
---|
5897 | - abstract-unix-socket.d: shorten the help text to fit within 79 cols
|
---|
5898 |
|
---|
5899 | - RELEASE-NOTES: synced with 862b02f89
|
---|
5900 |
|
---|
5901 | - [Richard Hsu brought this change]
|
---|
5902 |
|
---|
5903 | Telnet: Write full buffer instead of byte-by-byte
|
---|
5904 |
|
---|
5905 | Previous TODO wanting to write in chunks. We should support writing more
|
---|
5906 | at once since some TELNET servers may respond immediately upon first
|
---|
5907 | byte written such as WHOIS servers.
|
---|
5908 |
|
---|
5909 | Closes #1389
|
---|
5910 |
|
---|
5911 | - curl: non-boolean command line args reject --no- prefixes
|
---|
5912 |
|
---|
5913 | ... and instead properly respond with an error message to the user
|
---|
5914 | instead of silently ignoring.
|
---|
5915 |
|
---|
5916 | Fixes #1453
|
---|
5917 | Closes #1458
|
---|
5918 |
|
---|
5919 | Marcel Raad (2 May 2017)
|
---|
5920 | - testpart: remove _MPRINTF_REPLACE
|
---|
5921 |
|
---|
5922 | Support for _MPRINTF_REPLACE in mprintf.h was removed in
|
---|
5923 | 55452ebdff47f98bf3cc383f1dfc3623fcaefefd, replaced with curl_printf.h.
|
---|
5924 |
|
---|
5925 | Dan Fandrich (2 May 2017)
|
---|
5926 | - gtls: fixed a lingering BUFSIZE reference
|
---|
5927 |
|
---|
5928 | Daniel Stenberg (2 May 2017)
|
---|
5929 | - ssh: fix compiler warning from e40e9d7f0de
|
---|
5930 |
|
---|
5931 | - url: let CURLOPT_BUFFERSIZE realloc to smaller sizes too
|
---|
5932 |
|
---|
5933 | Closes #1449
|
---|
5934 |
|
---|
5935 | - BUFSIZE: rename to READBUFFER_*, make separate MASTERBUF_SIZE
|
---|
5936 |
|
---|
5937 | - openssl: use local stack for temp storage
|
---|
5938 |
|
---|
5939 | - sendf: remove use of BUFSIZE from debug data conversions
|
---|
5940 |
|
---|
5941 | The buffer can have other sizes.
|
---|
5942 |
|
---|
5943 | - buffer: use data->set.buffer_size instead of BUFSIZE
|
---|
5944 |
|
---|
5945 | ... to properly use the dynamically set buffer size!
|
---|
5946 |
|
---|
5947 | - krb5: use private buffer for temp string, not receive buffer
|
---|
5948 |
|
---|
5949 | - upload: UPLOAD_BUFSIZE is now for the upload buffer
|
---|
5950 |
|
---|
5951 | - unit1606: do not print/access buffer
|
---|
5952 |
|
---|
5953 | It was a wrong assumption that it could do that!
|
---|
5954 |
|
---|
5955 | - http-proxy: use a dedicated CONNECT response buffer
|
---|
5956 |
|
---|
5957 | To make it suitably independent of the receive buffer and its flexible
|
---|
5958 | size.
|
---|
5959 |
|
---|
5960 | - transfer: fix minor buffer_size mistake
|
---|
5961 |
|
---|
5962 | - failf: use private buffer, don't clobber receive buffer
|
---|
5963 |
|
---|
5964 | - pingpong: use the set buffer size
|
---|
5965 |
|
---|
5966 | - http2: use the correct set buffer size
|
---|
5967 |
|
---|
5968 | - http: don't clobber the receive buffer for timecond
|
---|
5969 |
|
---|
5970 | - buffer_size: make sure it always has the correct size
|
---|
5971 |
|
---|
5972 | Removes the need for CURL_BUFSIZE
|
---|
5973 |
|
---|
5974 | - file: use private buffer for C-L output
|
---|
5975 |
|
---|
5976 | ... instead of clobbering the download buffer.
|
---|
5977 |
|
---|
5978 | - CURLOPT_BUFFERSIZE: 1024 bytes is now the minimum size
|
---|
5979 |
|
---|
5980 | The buffer is needed to receive FTP, HTTP CONNECT responses etc so
|
---|
5981 | already at this size things risk breaking and smaller is certainly not
|
---|
5982 | wise.
|
---|
5983 |
|
---|
5984 | - ftp: use private buffer for temp storage, not receive buffer
|
---|
5985 |
|
---|
5986 | - http: use private user:password output buffer
|
---|
5987 |
|
---|
5988 | Don't clobber the receive buffer.
|
---|
5989 |
|
---|
5990 | Marcel Raad (1 May 2017)
|
---|
5991 | - anyauthput: remove unused code
|
---|
5992 |
|
---|
5993 | The definition of TRUE was introduced in
|
---|
5994 | 4a728747e6f8845e500910e397dfc99aaf4a7984 and is not used anymore since
|
---|
5995 | e664cd5826d43930fcc5b5dbaedbec94af33184b.
|
---|
5996 | The usage of intptr_t was removed in
|
---|
5997 | 32e38b8f42477cf5ce3c3fef2fcc9db82f7fb7be.
|
---|
5998 |
|
---|
5999 | Jay Satiro (1 May 2017)
|
---|
6000 | - tool: Fix missing prototype warnings for CURL_DOES_CONVERSIONS
|
---|
6001 |
|
---|
6002 | - Include tool_convert.h where needed.
|
---|
6003 |
|
---|
6004 | Bug: https://github.com/curl/curl/issues/1460
|
---|
6005 | Reported-by: Gisle Vanem
|
---|
6006 |
|
---|
6007 | - curl_setup: Ensure no more than one IDN lib is enabled
|
---|
6008 |
|
---|
6009 | Prior to this change it was possible for libcurl to be built with both
|
---|
6010 | Windows' native IDN lib (normaliz) and libidn2 enabled. It appears that
|
---|
6011 | doesn't offer any benefit --and could cause a bug-- since libcurl's IDN
|
---|
6012 | handling is written to use either one but not both.
|
---|
6013 |
|
---|
6014 | Bug: https://github.com/curl/curl/issues/1441#issuecomment-297689856
|
---|
6015 | Reported-by: Gisle Vanem
|
---|
6016 |
|
---|
6017 | Marcel Raad (1 May 2017)
|
---|
6018 | - getpart: use correct variable type
|
---|
6019 |
|
---|
6020 | This fixes the following clang warning:
|
---|
6021 | getpart.c:201:17: warning: cast from function call of type 'CURLcode'
|
---|
6022 | to non-matching type 'int' [-Wbad-function-cast]
|
---|
6023 |
|
---|
6024 | - tests: declare TU-local variables static
|
---|
6025 |
|
---|
6026 | This fixes missing-variable-declarations warnings when building with
|
---|
6027 | clang.
|
---|
6028 |
|
---|
6029 | - tool_cb_prg: fix double-promotion warning
|
---|
6030 |
|
---|
6031 | clang complains:
|
---|
6032 | tool_cb_prg.c:86:22: error: implicit conversion increases
|
---|
6033 | floating-point precision: 'float' to 'double'
|
---|
6034 | [-Werror,-Wdouble-promotion]
|
---|
6035 |
|
---|
6036 | Fix this by using a double instead of a float constant.
|
---|
6037 |
|
---|
6038 | Dan Fandrich (1 May 2017)
|
---|
6039 | - examples: fixed too long line and too long string warnings
|
---|
6040 |
|
---|
6041 | Marcel Raad (30 Apr 2017)
|
---|
6042 | - examples: declare TU-local variables static
|
---|
6043 |
|
---|
6044 | This fixes missing-variable-declarations warnings when building with
|
---|
6045 | clang.
|
---|
6046 |
|
---|
6047 | - http2: declare TU-local variables static
|
---|
6048 |
|
---|
6049 | This fixes the following clang warnings:
|
---|
6050 |
|
---|
6051 | http2.c:184:27: error: no previous extern declaration for non-static
|
---|
6052 | variable 'Curl_handler_http2' [-Werror,-Wmissing-variable-declarations]
|
---|
6053 | http2.c:204:27: error: no previous extern declaration for non-static
|
---|
6054 | variable 'Curl_handler_http2_ssl'
|
---|
6055 | [-Werror,-Wmissing-variable-declarations]
|
---|
6056 |
|
---|
6057 | Dan Fandrich (30 Apr 2017)
|
---|
6058 | - unit1604: fixed indentation
|
---|
6059 |
|
---|
6060 | - unit1604: fixed compilation under Windows, broken in the previous commit
|
---|
6061 |
|
---|
6062 | - tests: fixed OOM handling of unit tests to abort test
|
---|
6063 |
|
---|
6064 | It's dangerous to continue to run the test when a memory alloc fails.
|
---|
6065 |
|
---|
6066 | Marcel Raad (29 Apr 2017)
|
---|
6067 | - curl_rtmp: fix missing-variable-declarations warnings
|
---|
6068 |
|
---|
6069 | clang complains:
|
---|
6070 |
|
---|
6071 | curl_rtmp.c:61:27: error: no previous extern declaration for non-static variable 'Curl_handler_rtmp' [-Werror,-Wmissing-variable-declarations]
|
---|
6072 | curl_rtmp.c:81:27: error: no previous extern declaration for non-static variable 'Curl_handler_rtmpt' [-Werror,-Wmissing-variable-declarations]
|
---|
6073 | curl_rtmp.c:101:27: error: no previous extern declaration for non-static variable 'Curl_handler_rtmpe' [-Werror,-Wmissing-variable-declarations]
|
---|
6074 | curl_rtmp.c:121:27: error: no previous extern declaration for non-static variable 'Curl_handler_rtmpte' [-Werror,-Wmissing-variable-declarations]
|
---|
6075 | curl_rtmp.c:141:27: error: no previous extern declaration for non-static variable 'Curl_handler_rtmps' [-Werror,-Wmissing-variable-declarations]
|
---|
6076 | curl_rtmp.c:161:27: error: no previous extern declaration for non-static variable 'Curl_handler_rtmpts' [-Werror,-Wmissing-variable-declarations]
|
---|
6077 |
|
---|
6078 | Fix this by including the header file.
|
---|
6079 |
|
---|
6080 | Dan Fandrich (29 Apr 2017)
|
---|
6081 | - url: fixed a memory leak on OOM while setting CURLOPT_BUFFERSIZE
|
---|
6082 |
|
---|
6083 | - tests: added --remote-time tests for remaining protocols that support it
|
---|
6084 |
|
---|
6085 | - runtests.pl: support multiline <postcheck> commands
|
---|
6086 |
|
---|
6087 | - tool_operate: use utimes instead of obsolescent utime when available
|
---|
6088 |
|
---|
6089 | - test1443: test --remote-time
|
---|
6090 |
|
---|
6091 | - http-proxy: removed unused argument in CURL_DISABLE_PROXY case
|
---|
6092 |
|
---|
6093 | Missed in commit 55c3c02e
|
---|
6094 |
|
---|
6095 | Daniel Stenberg (27 Apr 2017)
|
---|
6096 | - cookie_interface.c: changed the other domain to example.com too
|
---|
6097 |
|
---|
6098 | - cookie_interface.c: fix cookie domain so the example works
|
---|
6099 |
|
---|
6100 | Dan Fandrich (26 Apr 2017)
|
---|
6101 | - Makefile: fix make dist
|
---|
6102 |
|
---|
6103 | Commit 80a87e8a broke 'make dist' as it can't handle installing from
|
---|
6104 | absolute target names. Rearranged the dependencies so the absolute name
|
---|
6105 | is used for building but the relative name is use for distributing.
|
---|
6106 |
|
---|
6107 | Marcel Raad (26 Apr 2017)
|
---|
6108 | - lib: remove unused code
|
---|
6109 |
|
---|
6110 | This fixes the following clang warnings:
|
---|
6111 | macro is not used [-Wunused-macros]
|
---|
6112 | will never be executed [-Wunreachable-code]
|
---|
6113 |
|
---|
6114 | Closes https://github.com/curl/curl/pull/1448
|
---|
6115 |
|
---|
6116 | Daniel Stenberg (26 Apr 2017)
|
---|
6117 | - http-proxy: remove unused argument from Curl_proxyCONNECT()
|
---|
6118 |
|
---|
6119 | - [Martin Kepplinger brought this change]
|
---|
6120 |
|
---|
6121 | url: declare get_protocol_family() static
|
---|
6122 |
|
---|
6123 | get_protocol_family() is not defined static even though there is a
|
---|
6124 | static local forward declaration. Let's simply make the definition match
|
---|
6125 | it's declaration.
|
---|
6126 |
|
---|
6127 | Bug: https://curl.haxx.se/mail/lib-2017-04/0127.html
|
---|
6128 |
|
---|
6129 | - examples: ftpuploadfrommem.c
|
---|
6130 |
|
---|
6131 | Uploads data to an FTP site, directly from memory.
|
---|
6132 |
|
---|
6133 | Closes #1451
|
---|
6134 |
|
---|
6135 | Kamil Dudka (25 Apr 2017)
|
---|
6136 | - nss: load libnssckbi.so if no other trust is specified
|
---|
6137 |
|
---|
6138 | The module contains a more comprehensive set of trust information than
|
---|
6139 | supported by nss-pem, because libnssckbi.so also includes information
|
---|
6140 | about distrusted certificates.
|
---|
6141 |
|
---|
6142 | Reviewed-by: Kai Engert
|
---|
6143 | Closes #1414
|
---|
6144 |
|
---|
6145 | - nss: factorize out nss_{un,}load_module to separate fncs
|
---|
6146 |
|
---|
6147 | No change of behavior is intended by this commit.
|
---|
6148 |
|
---|
6149 | - nss: do not leak PKCS #11 slot while loading a key
|
---|
6150 |
|
---|
6151 | It could prevent nss-pem from being unloaded later on.
|
---|
6152 |
|
---|
6153 | Bug: https://bugzilla.redhat.com/1444860
|
---|
6154 |
|
---|
6155 | Marcel Raad (25 Apr 2017)
|
---|
6156 | - typecheck-gcc: fix _curl_is_slist_info
|
---|
6157 |
|
---|
6158 | Info values starting with CURLINFO_SOCKET expect a curl_socket_t, not a
|
---|
6159 | curl_slist argument.
|
---|
6160 |
|
---|
6161 | This fixes the following GCC warning when building the examples with
|
---|
6162 | --enable-optimize:
|
---|
6163 |
|
---|
6164 | ../../include/curl/typecheck-gcc.h:126:42: warning: call to
|
---|
6165 | â_curl_easy_getinfo_err_curl_slistâ declared with attribute warning:
|
---|
6166 | curl_easy_getinfo expects a pointer to 'struct curl_slist *' for this
|
---|
6167 | info [enabled by default]
|
---|
6168 | sendrecv.c:90:11: note: in expansion of macro âcurl_easy_getinfoâ
|
---|
6169 | res = curl_easy_getinfo(curl, CURLINFO_ACTIVESOCKET, &sockfd);
|
---|
6170 |
|
---|
6171 | Closes https://github.com/curl/curl/pull/1447
|
---|
6172 |
|
---|
6173 | Daniel Stenberg (25 Apr 2017)
|
---|
6174 | - curl: set a 100K buffer size by default
|
---|
6175 |
|
---|
6176 | Test command 'time curl http://localhost/80GB -so /dev/null' on a Debian
|
---|
6177 | Linux.
|
---|
6178 |
|
---|
6179 | Before (middle performing run out 9):
|
---|
6180 |
|
---|
6181 | real 0m28.078s
|
---|
6182 | user 0m11.240s
|
---|
6183 | sys 0m12.876s
|
---|
6184 |
|
---|
6185 | After (middle performing run out 9)
|
---|
6186 |
|
---|
6187 | real 0m26.356s (93.9%)
|
---|
6188 | user 0m5.324s (47.4%)
|
---|
6189 | sys 0m8.368s (65.0%)
|
---|
6190 |
|
---|
6191 | Also, doing SFTP over a 200 millsecond latency link is now about 6 times
|
---|
6192 | faster.
|
---|
6193 |
|
---|
6194 | Closes #1446
|
---|
6195 |
|
---|
6196 | - transfer: remove 'uploadbuf' pointer and cleanup readwrite_upload()
|
---|
6197 |
|
---|
6198 | The data->req.uploadbuf struct member served no good purpose, instead we
|
---|
6199 | use ->state.uploadbuffer directly. It makes it clearer in the code which
|
---|
6200 | buffer that's being used.
|
---|
6201 |
|
---|
6202 | Removed the 'SingleRequest *' argument from the readwrite_upload() proto
|
---|
6203 | as it can be derived from the Curl_easy struct. Also made the code in
|
---|
6204 | the readwrite_upload() function use the 'k->' shortcut to all references
|
---|
6205 | to struct fields in 'data->req', which previously was made with a mix of
|
---|
6206 | both.
|
---|
6207 |
|
---|
6208 | Jay Satiro (25 Apr 2017)
|
---|
6209 | - configure: stop prepending to LDFLAGS, CPPFLAGS
|
---|
6210 |
|
---|
6211 | - Change prepends to appends because user's LDFLAGS and CPPFLAGS should
|
---|
6212 | always come first so they're searched before ours.
|
---|
6213 |
|
---|
6214 | Bug: https://github.com/curl/curl/issues/1420
|
---|
6215 | Reported-by: Helmut K. C. Tessarek
|
---|
6216 |
|
---|
6217 | Marcel Raad (25 Apr 2017)
|
---|
6218 | - if2ip: fix -Wcast-align warning
|
---|
6219 |
|
---|
6220 | Follow-up to 119037325de02579f5c58256ca2ed2a0aa592c86, which fixed the
|
---|
6221 | warning in the HAVE_GETIFADDRS block, but not in the
|
---|
6222 | HAVE_IOCTL_SIOCGIFADDR block.
|
---|
6223 |
|
---|
6224 | Dan Fandrich (24 Apr 2017)
|
---|
6225 | - Makefile: avoid use of GNU-specific form of $<
|
---|
6226 |
|
---|
6227 | $< is only allowed in implicit rules in some non-GNU makes (e.g. BSD,
|
---|
6228 | AIX) so avoid use elsewhere by referencing the dependent curl.1 file
|
---|
6229 | directly instead. This is somewhat tricky because the file is supplied
|
---|
6230 | in the packaged tar ball (but not in git) but must still be able to be
|
---|
6231 | rebuilt when its dependencies change. The right thing must happen in
|
---|
6232 | both tar ball and git source trees, as well as in both in-tree and
|
---|
6233 | out-of-tree builds.
|
---|
6234 |
|
---|
6235 | Kamil Dudka (24 Apr 2017)
|
---|
6236 | - nss: adapt to the new Curl_llist API
|
---|
6237 |
|
---|
6238 | This commit fixes compilation failure caused by
|
---|
6239 | cbae73e1dd95946597ea74ccb580c30f78e3fa73.
|
---|
6240 |
|
---|
6241 | Marcel Raad (24 Apr 2017)
|
---|
6242 | - curl-compilers.m4: accept -Og and -Ofast GCC flags
|
---|
6243 |
|
---|
6244 | -Og, introduced in GCC 4.8, optimizes for debugging experience.
|
---|
6245 | -Ofast, introduced in GCC 4.7, builds on -O3 and enables further
|
---|
6246 | optimizations breaking strict standards compliance.
|
---|
6247 | When specified in CFLAGS, these were always overridden by -O0 or -O2.
|
---|
6248 | Fix this by adding them to flags_opt_all.
|
---|
6249 |
|
---|
6250 | Ref: https://gcc.gnu.org/onlinedocs/gcc-4.8.0/gcc/Optimize-Options.html
|
---|
6251 | Ref: https://github.com/curl/curl/pull/1404#issuecomment-296401570
|
---|
6252 | Closes https://github.com/curl/curl/pull/1440
|
---|
6253 |
|
---|
6254 | Daniel Stenberg (24 Apr 2017)
|
---|
6255 | - RELEASE-NOTES: synced with c68fed875
|
---|
6256 |
|
---|
6257 | - configure: fix the -ldl check for openssl, add -lpthread check
|
---|
6258 |
|
---|
6259 | The check for if -ldl is needed to build with (a statically built)
|
---|
6260 | openssl was broken. This repairs the check, and adds a check for
|
---|
6261 | -lpthread as well since OpenSSL 1.1.0+ does in fact require -lpthread so
|
---|
6262 | only adding -ldl for a static openssl build is no longer enough.
|
---|
6263 |
|
---|
6264 | Reported-by: Jay Satiro
|
---|
6265 | Ref: #1426
|
---|
6266 | Closes #1427
|
---|
6267 |
|
---|
6268 | - llist: fix a comment after cbae73e1dd9
|
---|
6269 |
|
---|
6270 | Pointed-it-by: Kevin Ji
|
---|
6271 | URL: https://github.com/curl/curl/commit/cbae73e1dd95946597ea74ccb580c30f78e3fa73#commitcomment-21872622
|
---|
6272 |
|
---|
6273 | Jay Satiro (22 Apr 2017)
|
---|
6274 | - schannel: Don't treat encrypted partial record as pending data
|
---|
6275 |
|
---|
6276 | - Track when the cached encrypted data contains only a partial record
|
---|
6277 | that can't be decrypted without more data (SEC_E_INCOMPLETE_MESSAGE).
|
---|
6278 |
|
---|
6279 | - Change Curl_schannel_data_pending to return false in such a case.
|
---|
6280 |
|
---|
6281 | Other SSL libraries have pending data functions that behave similarly.
|
---|
6282 |
|
---|
6283 | Ref: https://github.com/curl/curl/pull/1387
|
---|
6284 |
|
---|
6285 | Closes https://github.com/curl/curl/pull/1392
|
---|
6286 |
|
---|
6287 | Daniel Stenberg (22 Apr 2017)
|
---|
6288 | - [Alan Jenkins brought this change]
|
---|
6289 |
|
---|
6290 | multi: clarify condition in curl_multi_wait
|
---|
6291 |
|
---|
6292 | `if(nfds || extra_nfds) {` is followed by `malloc(nfds * ...)`.
|
---|
6293 |
|
---|
6294 | If `extra_fs` could be non-zero when `nfds` was zero, then we have
|
---|
6295 | `malloc(0)` which is allowed to return `NULL`. But, malloc returning
|
---|
6296 | NULL can be confusing. In this code, the next line would treat the NULL
|
---|
6297 | as an allocation failure.
|
---|
6298 |
|
---|
6299 | It turns out, if `nfds` is zero then `extra_nfds` must also be zero.
|
---|
6300 | The final value of `nfds` includes `extra_nfds`. So the test for
|
---|
6301 | `extra_nfds` is redundant. It can only confuse the reader.
|
---|
6302 |
|
---|
6303 | Closes #1439
|
---|
6304 |
|
---|
6305 | Marcel Raad (22 Apr 2017)
|
---|
6306 | - lib: fix maybe-uninitialized warnings
|
---|
6307 |
|
---|
6308 | With -Og, GCC complains:
|
---|
6309 |
|
---|
6310 | easy.c:628:7: error: âmcodeâ may be used uninitialized in this function [-Werror=maybe-uninitialized]
|
---|
6311 |
|
---|
6312 | ../lib/strcase.h:35:29: error: âtok_bufâ may be used uninitialized in this function [-Werror=maybe-uninitialized]
|
---|
6313 | vauth/digest.c:208:9: note: âtok_bufâ was declared here
|
---|
6314 |
|
---|
6315 | ../lib/strcase.h:35:29: error: âtok_bufâ may be used uninitialized in this function [-Werror=maybe-uninitialized]
|
---|
6316 | vauth/digest.c:566:15: note: âtok_bufâ was declared here
|
---|
6317 |
|
---|
6318 | Fix this by initializing the variables.
|
---|
6319 |
|
---|
6320 | Dan Fandrich (22 Apr 2017)
|
---|
6321 | - gnutls: removed some code when --disable-verbose is configured
|
---|
6322 |
|
---|
6323 | This reduces the binary size and fixes a compile warning.
|
---|
6324 |
|
---|
6325 | Daniel Stenberg (22 Apr 2017)
|
---|
6326 | - llist: no longer uses malloc
|
---|
6327 |
|
---|
6328 | The 'list element' struct now has to be within the data that is being
|
---|
6329 | added to the list. Removes 16.6% (tiny) mallocs from a simple HTTP
|
---|
6330 | transfer. (96 => 80)
|
---|
6331 |
|
---|
6332 | Also removed return codes since the llist functions can't fail now.
|
---|
6333 |
|
---|
6334 | Test 1300 updated accordingly.
|
---|
6335 |
|
---|
6336 | Closes #1435
|
---|
6337 |
|
---|
6338 | Marcel Raad (21 Apr 2017)
|
---|
6339 | - typecheck-gcc: handle function pointers properly
|
---|
6340 |
|
---|
6341 | All the callbacks passed to curl_easy_setopt are defined as function
|
---|
6342 | pointers. The possibility to pass both functions and function pointers
|
---|
6343 | was handled for the callbacks that typecheck-gcc.h defined as
|
---|
6344 | compatible, but not for the public callback types themselves.
|
---|
6345 |
|
---|
6346 | This makes all compatible callback types defined in typecheck-gcc.h
|
---|
6347 | function pointers too and checks all functions uniformly with
|
---|
6348 | _curl_callback_compatible, which handles both functions and function
|
---|
6349 | pointers.
|
---|
6350 |
|
---|
6351 | A symptom of the problem was a warning in tool_operate.c with
|
---|
6352 | --disable-libcurl-option and without --enable-debug as that file
|
---|
6353 | passes the callback functions to curl_easy_setopt directly.
|
---|
6354 |
|
---|
6355 | Fixes https://github.com/curl/curl/issues/1403
|
---|
6356 | Closes https://github.com/curl/curl/pull/1404
|
---|
6357 |
|
---|
6358 | Dan Fandrich (21 Apr 2017)
|
---|
6359 | - mbedtls: enable NTLM (& SMB) even if MD4 support is unavailable
|
---|
6360 |
|
---|
6361 | In that case, use libcurl's internal MD4 routine. This fixes tests 1013
|
---|
6362 | and 1014 which were failing due to configure assuming NTLM and SMB were
|
---|
6363 | always available whenever mbed TLS was in use (which is now true).
|
---|
6364 |
|
---|
6365 | Daniel Stenberg (21 Apr 2017)
|
---|
6366 | - tests: remove the html and PDF versions from the tarball
|
---|
6367 |
|
---|
6368 | - openssl: fix memory leak in servercert
|
---|
6369 |
|
---|
6370 | ... when failing to get the server certificate.
|
---|
6371 |
|
---|
6372 | - Revert "src/Makefile.am: avoid explicit $<"
|
---|
6373 |
|
---|
6374 | This reverts commit 5b4cbcf11d5100ff793a8e9edbaa6fe1fc7495f5.
|
---|
6375 |
|
---|
6376 | Since it broke out-of-tree builds from tarballs. See discussion in #1432
|
---|
6377 |
|
---|
6378 | - bump: start working on next release
|
---|
6379 |
|
---|
6380 | - src/Makefile.am: avoid explicit $<
|
---|
6381 |
|
---|
6382 | ... since apparently "BSD make" doesn't support it.
|
---|
6383 |
|
---|
6384 | Reported-by: Thomas Klausner
|
---|
6385 | Fixes #1432
|
---|
6386 |
|
---|
6387 | Version 7.54.0 (19 Apr 2017)
|
---|
6388 |
|
---|
6389 | Daniel Stenberg (19 Apr 2017)
|
---|
6390 | - THANKS: add contributors from 7.54.0 release notes
|
---|
6391 |
|
---|
6392 | - RELEASE-NOTES: curl 7.54.0
|
---|
6393 |
|
---|
6394 | Marcel Raad (18 Apr 2017)
|
---|
6395 | - nss: fix MinGW compiler warnings
|
---|
6396 |
|
---|
6397 | This fixes 3 warnings issued by MinGW:
|
---|
6398 | 1. PR_ImportTCPSocket actually has a paramter of type PROsfd instead of
|
---|
6399 | PRInt32, which is 64 bits on Windows. Fixed this by including the
|
---|
6400 | corresponding header file instead of redeclaring the function, which is
|
---|
6401 | supported even though it is in the private include folder. [1]
|
---|
6402 | 2. In 64-bit mode, size_t is 64 bits while CK_ULONG is 32 bits, so an explicit
|
---|
6403 | narrowing cast is needed.
|
---|
6404 | 3. Curl_timeleft returns time_t instead of long since commit
|
---|
6405 | 21aa32d30dbf319f2d336e0cb68d3a3235869fbb.
|
---|
6406 |
|
---|
6407 | [1] https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSPR/Reference/PR_ImportTCPSocket
|
---|
6408 |
|
---|
6409 | Closes https://github.com/curl/curl/pull/1393
|
---|
6410 |
|
---|
6411 | Daniel Stenberg (18 Apr 2017)
|
---|
6412 | - [Jay Satiro brought this change]
|
---|
6413 |
|
---|
6414 | TLS: Fix switching off SSL session id when client cert is used
|
---|
6415 |
|
---|
6416 | Move the sessionid flag to ssl_primary_config so that ssl and proxy_ssl
|
---|
6417 | will each have their own sessionid flag.
|
---|
6418 |
|
---|
6419 | Regression since HTTPS-Proxy support was added in cb4e2be. Prior to that
|
---|
6420 | this issue had been fixed in 247d890, CVE-2016-5419.
|
---|
6421 |
|
---|
6422 | Bug: https://github.com/curl/curl/issues/1341
|
---|
6423 | Reported-by: lijian996@users.noreply.github.com
|
---|
6424 |
|
---|
6425 | The new incarnation of this bug is called CVE-2017-7468 and is documented
|
---|
6426 | here: https://curl.haxx.se/docs/adv_20170419.html
|
---|
6427 |
|
---|
6428 | - [David Benjamin brought this change]
|
---|
6429 |
|
---|
6430 | openssl: don't try to print nonexistant peer private keys
|
---|
6431 |
|
---|
6432 | X.509 certificates carry public keys, not private keys. Fields
|
---|
6433 | corresponding to the private half of the key will always be NULL.
|
---|
6434 |
|
---|
6435 | Closes #1425
|
---|
6436 |
|
---|
6437 | - [David Benjamin brought this change]
|
---|
6438 |
|
---|
6439 | openssl: fix thread-safety bugs in error-handling
|
---|
6440 |
|
---|
6441 | ERR_error_string with NULL parameter is not thread-safe. The library
|
---|
6442 | writes the string into some static buffer. Two threads doing this at
|
---|
6443 | once may clobber each other and run into problems. Switch to
|
---|
6444 | ERR_error_string_n which avoids this problem and is explicitly
|
---|
6445 | bounds-checked.
|
---|
6446 |
|
---|
6447 | Also clean up some remnants of OpenSSL 0.9.5 around here. A number of
|
---|
6448 | comments (fixed buffer size, explaining that ERR_error_string_n was
|
---|
6449 | added in a particular version) date to when ossl_strerror tried to
|
---|
6450 | support pre-ERR_error_string_n OpenSSLs.
|
---|
6451 |
|
---|
6452 | Closes #1424
|
---|
6453 |
|
---|
6454 | - [David Benjamin brought this change]
|
---|
6455 |
|
---|
6456 | openssl: make SSL_ERROR_to_str more future-proof
|
---|
6457 |
|
---|
6458 | Rather than making assumptions about the values, use a switch-case.
|
---|
6459 |
|
---|
6460 | Closes #1424
|
---|
6461 |
|
---|
6462 | - [Daniel Gustafsson brought this change]
|
---|
6463 |
|
---|
6464 | code: fix typos and style in comments
|
---|
6465 |
|
---|
6466 | A few random typos, and minor whitespace cleanups, found in comments
|
---|
6467 | while reading code.
|
---|
6468 |
|
---|
6469 | Closes #1423
|
---|
6470 |
|
---|
6471 | Marcel Raad (17 Apr 2017)
|
---|
6472 | - extern-scan.pl: strip trailing CR
|
---|
6473 |
|
---|
6474 | This makes test 1135 pass with CRLF checkouts.
|
---|
6475 |
|
---|
6476 | Ref: https://github.com/curl/curl/pull/1344#issuecomment-289243166
|
---|
6477 | Closes https://github.com/curl/curl/pull/1422
|
---|
6478 |
|
---|
6479 | - configure.ac: ignore CR after version numbers
|
---|
6480 |
|
---|
6481 | Ignore everything after the version numbers in LIBCURL_VERSION and
|
---|
6482 | LIBCURL_VERSION_NUM to ged rid of the extra CR character.
|
---|
6483 | This makes tests 1022 and 1023 pass on Linux with a CRLF checkout.
|
---|
6484 |
|
---|
6485 | Ref: https://github.com/curl/curl/pull/1344#issuecomment-289243166
|
---|
6486 | Closes https://github.com/curl/curl/pull/1422
|
---|
6487 |
|
---|
6488 | - .gitattributes: force shell scripts to LF
|
---|
6489 |
|
---|
6490 | Bash on Linux errors out on CR characters.
|
---|
6491 | This makes tests 1221 and 1222 pass on Linux with a CRLF checkout.
|
---|
6492 |
|
---|
6493 | Ref: https://github.com/curl/curl/pull/1344#issuecomment-289243166
|
---|
6494 | Closes https://github.com/curl/curl/pull/1422
|
---|
6495 |
|
---|
6496 | - unit1303: fix compiler warning
|
---|
6497 |
|
---|
6498 | MinGW-w64 complains:
|
---|
6499 | warning: conversion to 'long int' from 'time_t {aka long long int}' may
|
---|
6500 | alter its value [-Wconversion]
|
---|
6501 | Fix this by using the correct type.
|
---|
6502 |
|
---|
6503 | Daniel Stenberg (16 Apr 2017)
|
---|
6504 | - RELEASE-NOTES: synced with 1451271e0
|
---|
6505 |
|
---|
6506 | - [Larry Stefani brought this change]
|
---|
6507 |
|
---|
6508 | http2: fix handle leak in error path
|
---|
6509 |
|
---|
6510 | Add missing newhandle free call in push_promise().
|
---|
6511 |
|
---|
6512 | Closes #1416
|
---|
6513 |
|
---|
6514 | - [Larry Stefani brought this change]
|
---|
6515 |
|
---|
6516 | mbedtls: fix memory leak in error path
|
---|
6517 |
|
---|
6518 | Add missing our_ssl_sessionid free call in mbed_connect_step3().
|
---|
6519 |
|
---|
6520 | Closes #1417
|
---|
6521 |
|
---|
6522 | Marcel Raad (15 Apr 2017)
|
---|
6523 | - curl-compilers.m4: turn implicit function declarations into errors
|
---|
6524 |
|
---|
6525 | This adds -Werror-implicit-function-declaration for GCC 2.95+ so that
|
---|
6526 | these errors are visible at the point where they occur instead of only
|
---|
6527 | at link time.
|
---|
6528 | Implicit function declarations are illegal in C99 and C++ anyway, and
|
---|
6529 | the same warning has been turned into an error for ICC in commit
|
---|
6530 | 3072c5b8a127057aa922b7c51051bbb4a630b091.
|
---|
6531 |
|
---|
6532 | Ref: https://gcc.gnu.org/onlinedocs/gcc-2.95.2/gcc_2.html#SEC8
|
---|
6533 | Ref: https://curl.haxx.se/mail/lib-2017-04/0001.html
|
---|
6534 | Closes https://github.com/curl/curl/pull/1419
|
---|
6535 |
|
---|
6536 | - test1541: also test for CURL_PULL_WS2TCPIP_H
|
---|
6537 |
|
---|
6538 | Ref: https://github.com/curl/curl/issues/1408
|
---|
6539 | Closes https://github.com/curl/curl/pull/1412
|
---|
6540 |
|
---|
6541 | - tests/server/util: prefer <poll.h> over <sys/poll.h>
|
---|
6542 |
|
---|
6543 | Follow-up to aa573c3c55cda72ec5ef677d87f6f46a53385f0c
|
---|
6544 |
|
---|
6545 | Ref: https://github.com/curl/curl/pull/1406
|
---|
6546 |
|
---|
6547 | Daniel Stenberg (11 Apr 2017)
|
---|
6548 | - Curl_expire_latest: ignore already expired timers
|
---|
6549 |
|
---|
6550 | If the existing timer is still in there but has expired, the new timer
|
---|
6551 | should be added.
|
---|
6552 |
|
---|
6553 | Reported-by: Rainer Canavan
|
---|
6554 | Bug: https://curl.haxx.se/mail/lib-2017-04/0030.html
|
---|
6555 | Closes #1407
|
---|
6556 |
|
---|
6557 | - system.h: fix mingw section
|
---|
6558 |
|
---|
6559 | Reported-by: Marcel Raad
|
---|
6560 | Fixes #1408
|
---|
6561 | Closes #1409
|
---|
6562 |
|
---|
6563 | Marcel Raad (11 Apr 2017)
|
---|
6564 | - polarssl: unbreak build with versions < 1.3.8
|
---|
6565 |
|
---|
6566 | ssl_session_init was only introduced in version 1.3.8, the penultimate
|
---|
6567 | version. The function only contains a memset, so replace it with that.
|
---|
6568 |
|
---|
6569 | Suggested-by: Jay Satiro
|
---|
6570 | Fixes https://github.com/curl/curl/issues/1401
|
---|
6571 |
|
---|
6572 | - poll: prefer <poll.h> over <sys/poll.h>
|
---|
6573 |
|
---|
6574 | The POSIX standard location is <poll.h>. Using <sys/poll.h> results in
|
---|
6575 | warning spam when using the musl standard library.
|
---|
6576 |
|
---|
6577 | Closes https://github.com/curl/curl/pull/1406
|
---|
6578 |
|
---|
6579 | Daniel Stenberg (10 Apr 2017)
|
---|
6580 | - [Alexis La Goutte brought this change]
|
---|
6581 |
|
---|
6582 | openssl: fix this statement may fall through [-Wimplicit-fallthrough=]
|
---|
6583 |
|
---|
6584 | Closes #1402
|
---|
6585 |
|
---|
6586 | Kamil Dudka (10 Apr 2017)
|
---|
6587 | - nss: load CA certificates even with --insecure
|
---|
6588 |
|
---|
6589 | ... because they may include an intermediate certificate for a client
|
---|
6590 | certificate and the intermediate certificate needs to be presented to
|
---|
6591 | the server, no matter if we verify the peer or not.
|
---|
6592 |
|
---|
6593 | Reported-by: thraidh
|
---|
6594 | Closes #851
|
---|
6595 |
|
---|
6596 | Daniel Stenberg (10 Apr 2017)
|
---|
6597 | - RELEASE-NOTES: synced with f9d1e9a27f7e1
|
---|
6598 |
|
---|
6599 | Dan Fandrich (10 Apr 2017)
|
---|
6600 | - libcurl-thread.3: fixed a bad macro that caused test 1140 to fail
|
---|
6601 |
|
---|
6602 | Daniel Stenberg (9 Apr 2017)
|
---|
6603 | - libcurl-thread.3: also mention threaded-resolver
|
---|
6604 |
|
---|
6605 | Reported-by: Alex Bligh
|
---|
6606 | Bug: https://curl.haxx.se/mail/lib-2017-04/0044.html
|
---|
6607 |
|
---|
6608 | - .github/stale.yml: enable the stale bot
|
---|
6609 |
|
---|
6610 | Issues and PRs with no activity for 180 days will get marked as stale,
|
---|
6611 | and if no further activity happens within 14 more days, the issue gets
|
---|
6612 | closed.
|
---|
6613 |
|
---|
6614 | This follows our established policy of not letting stalled bugs "get in
|
---|
6615 | the way": https://curl.haxx.se/docs/bugs.html#Closing_off_stalled_bugs
|
---|
6616 |
|
---|
6617 | Closes #1398
|
---|
6618 |
|
---|
6619 | Jay Satiro (8 Apr 2017)
|
---|
6620 | - CURLINFO_SCHEME.3: fix variable type
|
---|
6621 |
|
---|
6622 | - Change documented param type to char ** from incorrect long *.
|
---|
6623 |
|
---|
6624 | Marcel Raad (8 Apr 2017)
|
---|
6625 | - INSTALL.md: fix secure transport configure arguments
|
---|
6626 |
|
---|
6627 | --without-ssl is needed instead of --with-winssl.
|
---|
6628 |
|
---|
6629 | - vtls: fix unreferenced variable warnings
|
---|
6630 |
|
---|
6631 | ... by moving the variables into the correct #ifdef block.
|
---|
6632 |
|
---|
6633 | Daniel Stenberg (7 Apr 2017)
|
---|
6634 | - BUGS: "Bugs in old versions"
|
---|
6635 |
|
---|
6636 | - system.h: add section for tcc
|
---|
6637 |
|
---|
6638 | Closes #1397
|
---|
6639 |
|
---|
6640 | Marcel Raad (7 Apr 2017)
|
---|
6641 | - schannel: fix compiler warnings
|
---|
6642 |
|
---|
6643 | When UNICODE is not defined, the Curl_convert_UTF8_to_tchar macro maps
|
---|
6644 | directly to its argument. As it is declared as a pointer to const and
|
---|
6645 | InitializeSecurityContext expects a pointer to non-const, both MSVC and MinGW
|
---|
6646 | issue a warning about implicitly casting away the const. Fix this by declaring
|
---|
6647 | the variables as pointers to non-const.
|
---|
6648 |
|
---|
6649 | Closes https://github.com/curl/curl/pull/1394
|
---|
6650 |
|
---|
6651 | - [Isaac Boukris brought this change]
|
---|
6652 |
|
---|
6653 | sspi: print out InitializeSecurityContext() error message
|
---|
6654 |
|
---|
6655 | Reported-by: Carsten (talksinmath)
|
---|
6656 |
|
---|
6657 | Fixes #1384
|
---|
6658 | Closes #1395
|
---|
6659 |
|
---|
6660 | - gtls: fix compiler warning
|
---|
6661 |
|
---|
6662 | Curl_timeleft returns time_t instead of long since commit
|
---|
6663 | 21aa32d30dbf319f2d336e0cb68d3a3235869fbb.
|
---|
6664 |
|
---|
6665 | Daniel Stenberg (6 Apr 2017)
|
---|
6666 | - test1606: verify speedcheck
|
---|
6667 |
|
---|
6668 | - low_speed_limit: improved function for longer time periods
|
---|
6669 |
|
---|
6670 | Previously, periods of fast speed between periods of slow speed would
|
---|
6671 | not count and could still erroneously trigger a timeout.
|
---|
6672 |
|
---|
6673 | Reported-by: Paul Harris
|
---|
6674 | Fixes #1345
|
---|
6675 | Closes #1390
|
---|
6676 |
|
---|
6677 | - system.h: set sizeof long to 4 on "default 32 bit" systems
|
---|
6678 |
|
---|
6679 | Triggered a test failure on test 1541 for the build known as
|
---|
6680 | "Linux 4.4 i686 tcc 0.9.26 glibc 2.20"
|
---|
6681 |
|
---|
6682 | Marcel Raad (6 Apr 2017)
|
---|
6683 | - nss: fix build after e60fe20fdf94e829ba5fce33f7a9d6c281149f7d
|
---|
6684 |
|
---|
6685 | Curl_llist_alloc is now Curl_llist_init.
|
---|
6686 |
|
---|
6687 | Closes https://github.com/curl/curl/pull/1391
|
---|
6688 |
|
---|
6689 | Daniel Stenberg (6 Apr 2017)
|
---|
6690 | - INSTALL.cmake: more problems
|
---|
6691 |
|
---|
6692 | and mention specific issues where they are discussed
|
---|
6693 |
|
---|
6694 | - test1541: ignore the curl_off_t variable type name comparison
|
---|
6695 |
|
---|
6696 | ... the sizes and the formatting strings are what's really important and
|
---|
6697 | avoids problems with int64_t vs "long long".
|
---|
6698 |
|
---|
6699 | Bug: https://curl.haxx.se/mail/lib-2017-04/0019.html
|
---|
6700 |
|
---|
6701 | - Revert "configure: prefer 'long long' to int64_t for curl_off_t"
|
---|
6702 |
|
---|
6703 | This reverts commit 81284374bf3c670d2050f8562edeb69f060b07cc.
|
---|
6704 |
|
---|
6705 | Due to mingw32 brekage.
|
---|
6706 |
|
---|
6707 | Marcel Raad (5 Apr 2017)
|
---|
6708 | - tool_operate: fix MinGW compiler warning
|
---|
6709 |
|
---|
6710 | MinGW complains:
|
---|
6711 | tool_operate.c:197:15: error: comparison is always true due to limited range
|
---|
6712 | of data type [-Werror=type-limits]
|
---|
6713 |
|
---|
6714 | Fix this by only doing the comparison if 'long' is large enough to hold the
|
---|
6715 | constant it is compared with.
|
---|
6716 |
|
---|
6717 | Closes https://github.com/curl/curl/pull/1378
|
---|
6718 |
|
---|
6719 | - tool_operate: move filetime code to its own function
|
---|
6720 |
|
---|
6721 | Ref: https://github.com/curl/curl/pull/1378
|
---|
6722 |
|
---|
6723 | Daniel Stenberg (5 Apr 2017)
|
---|
6724 | - configure: prefer 'long long' to int64_t for curl_off_t
|
---|
6725 |
|
---|
6726 | Since it is a native type and it makes it less complicated to find a
|
---|
6727 | matching one in system.h
|
---|
6728 |
|
---|
6729 | Bug: https://curl.haxx.se/mail/lib-2017-04/0010.html
|
---|
6730 | Reported-by: Dan Fandrich
|
---|
6731 |
|
---|
6732 | Closes #1388
|
---|
6733 |
|
---|
6734 | - [Dániel Bakai brought this change]
|
---|
6735 |
|
---|
6736 | tests: added test for Curl_splaygetbest to unit1309
|
---|
6737 |
|
---|
6738 | This checks the new behavior of Curl_splaygetbest, so that the smallest
|
---|
6739 | node not larger than the key is removed, and FIFO behavior is kept even
|
---|
6740 | when there are multiple nodes with the same key.
|
---|
6741 |
|
---|
6742 | Closes #1358
|
---|
6743 |
|
---|
6744 | - [Dániel Bakai brought this change]
|
---|
6745 |
|
---|
6746 | multi: fix queueing of pending easy handles
|
---|
6747 |
|
---|
6748 | Multi handles repeatedly invert the queue of pending easy handles when
|
---|
6749 | used with CURLMOPT_MAX_TOTAL_CONNECTIONS. This is caused by a multistep
|
---|
6750 | process involving Curl_splaygetbest and violates the FIFO property of
|
---|
6751 | the multi handle.
|
---|
6752 | This patch fixes this issue by redefining the "best" node in the
|
---|
6753 | context of timeouts as the "smallest not larger than now", and
|
---|
6754 | implementing the necessary data structure modifications to do this
|
---|
6755 | effectively, namely:
|
---|
6756 | - splay nodes with the same key are now stored in a doubly-linked
|
---|
6757 | circular list instead of a non-circular one to enable O(1)
|
---|
6758 | insertion to the tail of the list
|
---|
6759 | - Curl_splayinsert inserts nodes with the same key to the tail of
|
---|
6760 | the same list
|
---|
6761 | - in case of multiple nodes with the same key, the one on the head of
|
---|
6762 | the list gets selected
|
---|
6763 |
|
---|
6764 | Marcel Raad (4 Apr 2017)
|
---|
6765 | - tool: fix Windows Unicode build
|
---|
6766 |
|
---|
6767 | ... by explicitly calling the ANSI versions of Windows API functions where
|
---|
6768 | required.
|
---|
6769 |
|
---|
6770 | Daniel Stenberg (4 Apr 2017)
|
---|
6771 | - [Martin Kepplinger brought this change]
|
---|
6772 |
|
---|
6773 | curl_sasl: declare mechtable static
|
---|
6774 |
|
---|
6775 | struct mechtable is only used locally here. It can be declared static.
|
---|
6776 |
|
---|
6777 | Jay Satiro (4 Apr 2017)
|
---|
6778 | - [Antti Hätälä brought this change]
|
---|
6779 |
|
---|
6780 | url: don't free postponed data on connection reuse
|
---|
6781 |
|
---|
6782 | - Don't free postponed data on a connection that will be reused since
|
---|
6783 | doing so can cause data loss when pipelining.
|
---|
6784 |
|
---|
6785 | Only Windows builds are affected by this.
|
---|
6786 |
|
---|
6787 | Closes https://github.com/curl/curl/issues/1380
|
---|
6788 |
|
---|
6789 | Daniel Stenberg (4 Apr 2017)
|
---|
6790 | - RELEASE-NOTES: synced with 4f2e348f9b42c69c480
|
---|
6791 |
|
---|
6792 | - hash: move key into hash struct to reduce mallocs
|
---|
6793 |
|
---|
6794 | This removes one tiny malloc for each hash struct allocated. In a simple
|
---|
6795 | case like "curl localhost", this save three mallocs.
|
---|
6796 |
|
---|
6797 | Closes #1376
|
---|
6798 |
|
---|
6799 | - llist: replace Curl_llist_alloc with Curl_llist_init
|
---|
6800 |
|
---|
6801 | No longer allocate the curl_llist head struct for lists separately.
|
---|
6802 |
|
---|
6803 | Removes 17 (15%) tiny allocations in a normal "curl localhost" invoke.
|
---|
6804 |
|
---|
6805 | closes #1381
|
---|
6806 |
|
---|
6807 | Jay Satiro (4 Apr 2017)
|
---|
6808 | - easy: silence compiler warning
|
---|
6809 |
|
---|
6810 | Safe to silence warning adding time delta of poll, which can trigger on
|
---|
6811 | Windows since sizeof time_t > sizeof long.
|
---|
6812 |
|
---|
6813 | warning C4244: '+=' : conversion from 'time_t' to 'long', possible loss
|
---|
6814 | of data
|
---|
6815 |
|
---|
6816 | Daniel Stenberg (4 Apr 2017)
|
---|
6817 | - [Richlv brought this change]
|
---|
6818 |
|
---|
6819 | docs: minor typo in write-out.d
|
---|
6820 |
|
---|
6821 | Closes #1382
|
---|
6822 |
|
---|
6823 | - include: curl/system.h is a run-time version of curlbuild.h
|
---|
6824 |
|
---|
6825 | system.h is aimed to replace curlbuild.h at a later point in time when
|
---|
6826 | we feel confident system.h works sufficiently well.
|
---|
6827 |
|
---|
6828 | curl/system.h is currently used in parallel with curl/curlbuild.h
|
---|
6829 |
|
---|
6830 | curl/system.h determines a data sizes, data types and include file
|
---|
6831 | status based on available preprocessor defines instead of getting
|
---|
6832 | generated at build-time. This, in order to avoid relying on a build-time
|
---|
6833 | generated file that makes it complicated to do 32 and 64 bit bields from
|
---|
6834 | the same installed set of headers.
|
---|
6835 |
|
---|
6836 | Test 1541 verifies that system.h comes to the same conclusion that
|
---|
6837 | curlbuild.h offers.
|
---|
6838 |
|
---|
6839 | Closes #1373
|
---|
6840 |
|
---|
6841 | - multi: make curl_multi_wait avoid malloc in the typical case
|
---|
6842 |
|
---|
6843 | When only a few additional file descriptors are used, avoid the malloc.
|
---|
6844 |
|
---|
6845 | Closes #1377
|
---|