[352] | 1 | _ _ ____ _
|
---|
| 2 | ___| | | | _ \| |
|
---|
| 3 | / __| | | | |_) | |
|
---|
| 4 | | (__| |_| | _ <| |___
|
---|
| 5 | \___|\___/|_| \_\_____|
|
---|
| 6 |
|
---|
| 7 | Changelog
|
---|
| 8 |
|
---|
| 9 | Version 7.57.0 (29 Nov 2017)
|
---|
| 10 |
|
---|
| 11 | Daniel Stenberg (29 Nov 2017)
|
---|
| 12 | - RELEASE-NOTES: curl 7.57.0
|
---|
| 13 |
|
---|
| 14 | - THANKS: added contributors from 7.57.0 release
|
---|
| 15 |
|
---|
| 16 | - openssl: fix boringssl build again
|
---|
| 17 |
|
---|
| 18 | commit d3ab7c5a21e broke the boringssl build since it doesn't have
|
---|
| 19 | RSA_flags(), so we disable that code block for boringssl builds.
|
---|
| 20 |
|
---|
| 21 | Reported-by: W.âMark Kubacki
|
---|
| 22 | Fixes #2117
|
---|
| 23 |
|
---|
| 24 | - curl_ntlm_core.c: use the limits.h's SIZE_T_MAX if provided
|
---|
| 25 |
|
---|
| 26 | - libcurl-share.3: the connection cache is shareable now
|
---|
| 27 |
|
---|
| 28 | - global_init: ignore CURL_GLOBAL_SSL's absense
|
---|
| 29 |
|
---|
| 30 | This bit is no longer used. It is not clear what it meant for users to
|
---|
| 31 | "init the TLS" in a world with different TLS backends and since the
|
---|
| 32 | introduction of multissl, libcurl didn't properly work if inited without
|
---|
| 33 | this bit set.
|
---|
| 34 |
|
---|
| 35 | Not a single user responded to the call for users of it:
|
---|
| 36 | https://curl.haxx.se/mail/lib-2017-11/0072.html
|
---|
| 37 |
|
---|
| 38 | Reported-by: Evgeny Grin
|
---|
| 39 | Assisted-by: Jay Satiro
|
---|
| 40 |
|
---|
| 41 | Fixes #2089
|
---|
| 42 | Fixes #2083
|
---|
| 43 | Closes #2107
|
---|
| 44 |
|
---|
| 45 | - ntlm: avoid integer overflow for malloc size
|
---|
| 46 |
|
---|
| 47 | Reported-by: Alex Nichols
|
---|
| 48 | Assisted-by: Kamil Dudka and Max Dymond
|
---|
| 49 |
|
---|
| 50 | CVE-2017-8816
|
---|
| 51 |
|
---|
| 52 | Bug: https://curl.haxx.se/docs/adv_2017-11e7.html
|
---|
| 53 |
|
---|
| 54 | - wildcardmatch: fix heap buffer overflow in setcharset
|
---|
| 55 |
|
---|
| 56 | The code would previous read beyond the end of the pattern string if the
|
---|
| 57 | match pattern ends with an open bracket when the default pattern
|
---|
| 58 | matching function is used.
|
---|
| 59 |
|
---|
| 60 | Detected by OSS-Fuzz:
|
---|
| 61 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4161
|
---|
| 62 |
|
---|
| 63 | CVE-2017-8817
|
---|
| 64 |
|
---|
| 65 | Bug: https://curl.haxx.se/docs/adv_2017-ae72.html
|
---|
| 66 |
|
---|
| 67 | - [Jay Satiro brought this change]
|
---|
| 68 |
|
---|
| 69 | url: fix alignment of ssl_backend_data struct
|
---|
| 70 |
|
---|
| 71 | - Align the array of ssl_backend_data on a max 32 byte boundary.
|
---|
| 72 |
|
---|
| 73 | 8 is likely to be ok but I went with 32 for posterity should one of
|
---|
| 74 | the ssl_backend_data structs change to contain a larger sized variable
|
---|
| 75 | in the future.
|
---|
| 76 |
|
---|
| 77 | Prior to this change (since dev 70f1db3, release 7.56) the connectdata
|
---|
| 78 | structure was undersized by 4 bytes in 32-bit builds with ssl enabled
|
---|
| 79 | because long long * was mistakenly used for alignment instead of
|
---|
| 80 | long long, with the intention being an 8 byte boundary. Also long long
|
---|
| 81 | may not be an available type.
|
---|
| 82 |
|
---|
| 83 | The undersized connectdata could lead to oob read/write past the end in
|
---|
| 84 | what was expected to be the last 4 bytes of the connection's secondary
|
---|
| 85 | socket https proxy ssl_backend_data struct (the secondary socket in a
|
---|
| 86 | connection is used by ftp, others?).
|
---|
| 87 |
|
---|
| 88 | Closes https://github.com/curl/curl/issues/2093
|
---|
| 89 |
|
---|
| 90 | CVE-2017-8818
|
---|
| 91 |
|
---|
| 92 | Bug: https://curl.haxx.se/docs/adv_2017-af0a.html
|
---|
| 93 |
|
---|
| 94 | - ssh: remove check for a NULL pointer (!)
|
---|
| 95 |
|
---|
| 96 | With this check present, scan-build warns that we might dereference this
|
---|
| 97 | point in other places where it isn't first checked for NULL. Thus, if it
|
---|
| 98 | *can* be NULL we have a problem on a few places. However, this pointer
|
---|
| 99 | should not be possible to be NULL here so I remove the check and thus
|
---|
| 100 | also three different scan-build warnings.
|
---|
| 101 |
|
---|
| 102 | Closes #2111
|
---|
| 103 |
|
---|
| 104 | - [Matthew Kerwin brought this change]
|
---|
| 105 |
|
---|
| 106 | test: add test for bad UNC/SMB path in file: URL
|
---|
| 107 |
|
---|
| 108 | - [Matthew Kerwin brought this change]
|
---|
| 109 |
|
---|
| 110 | test: add tests to ensure basic file: URLs
|
---|
| 111 |
|
---|
| 112 | - [Matthew Kerwin brought this change]
|
---|
| 113 |
|
---|
| 114 | URL: update "file:" URL handling
|
---|
| 115 |
|
---|
| 116 | * LOTS of comment updates
|
---|
| 117 | * explicit error for SMB shares (e.g. "file:////share/path/file")
|
---|
| 118 | * more strict handling of authority (i.e. "//localhost/")
|
---|
| 119 | * now accepts dodgy old "C:|" drive letters
|
---|
| 120 | * more precise handling of drive letters in and out of Windows
|
---|
| 121 | (especially recognising both "file:c:/" and "file:/c:/")
|
---|
| 122 |
|
---|
| 123 | Closes #2110
|
---|
| 124 |
|
---|
| 125 | - metalink: fix memory-leak and NULL pointer dereference
|
---|
| 126 |
|
---|
| 127 | Reported by scan-build
|
---|
| 128 |
|
---|
| 129 | Closes #2109
|
---|
| 130 |
|
---|
| 131 | - [Alessandro Ghedini brought this change]
|
---|
| 132 |
|
---|
| 133 | connect: add support for new TCP Fast Open API on Linux
|
---|
| 134 |
|
---|
| 135 | The new API added in Linux 4.11 only requires setting a socket option
|
---|
| 136 | before connecting, without the whole sento() machinery.
|
---|
| 137 |
|
---|
| 138 | Notably, this makes it possible to use TFO with SSL connections on Linux
|
---|
| 139 | as well, without the need to mess around with OpenSSL (or whatever other
|
---|
| 140 | SSL library) internals.
|
---|
| 141 |
|
---|
| 142 | Closes #2056
|
---|
| 143 |
|
---|
| 144 | - make: fix "make distclean"
|
---|
| 145 |
|
---|
| 146 | Fixes #2097
|
---|
| 147 | Closes #2108
|
---|
| 148 |
|
---|
| 149 | - RELEASE-NOTES: synced with 31f18d272
|
---|
| 150 |
|
---|
| 151 | Jay Satiro (23 Nov 2017)
|
---|
| 152 | - connect: improve the bind error message
|
---|
| 153 |
|
---|
| 154 | eg consider a non-existent interface eth8, curl --interface eth8
|
---|
| 155 |
|
---|
| 156 | Before: curl: (45) Could not resolve host: eth8
|
---|
| 157 | After: curl: (45) Couldn't bind to 'eth8'
|
---|
| 158 |
|
---|
| 159 | Bug: https://github.com/curl/curl/issues/2104
|
---|
| 160 | Reported-by: Alfonso Martone
|
---|
| 161 |
|
---|
| 162 | Daniel Stenberg (23 Nov 2017)
|
---|
| 163 | - examples/rtsp: clear RANGE again after use
|
---|
| 164 |
|
---|
| 165 | Fixes #2106
|
---|
| 166 | Reported-by: youngchopin on github
|
---|
| 167 |
|
---|
| 168 | - [Michael Kaufmann brought this change]
|
---|
| 169 |
|
---|
| 170 | test1264: verify URL with space in host name being rejected
|
---|
| 171 |
|
---|
| 172 | - url: reject ASCII control characters and space in host names
|
---|
| 173 |
|
---|
| 174 | Host names like "127.0.0.1 moo" would otherwise be accepted by some
|
---|
| 175 | getaddrinfo() implementations.
|
---|
| 176 |
|
---|
| 177 | Updated test 1034 and 1035 accordingly.
|
---|
| 178 |
|
---|
| 179 | Fixes #2073
|
---|
| 180 | Closes #2092
|
---|
| 181 |
|
---|
| 182 | - Curl_open: fix OOM return error correctly
|
---|
| 183 |
|
---|
| 184 | Closes #2098
|
---|
| 185 |
|
---|
| 186 | - http2: fix "Value stored to 'end' is never read" scan-build error
|
---|
| 187 |
|
---|
| 188 | - http2: fix "Value stored to 'hdbuf' is never read" scan-build error
|
---|
| 189 |
|
---|
| 190 | - openssl: fix "Value stored to 'rc' is never read" scan-build error
|
---|
| 191 |
|
---|
| 192 | - mime: fix "Value stored to 'sz' is never read" scan-build error
|
---|
| 193 |
|
---|
| 194 | - Curl_llist_remove: fix potential NULL pointer deref
|
---|
| 195 |
|
---|
| 196 | Fixes a scan-build warning.
|
---|
| 197 |
|
---|
| 198 | - ntlm: remove unnecessary NULL-check to please scan-build
|
---|
| 199 |
|
---|
| 200 | - BUGS: spellchecked
|
---|
| 201 |
|
---|
| 202 | Jay Satiro (18 Nov 2017)
|
---|
| 203 | - [fmmedeiros brought this change]
|
---|
| 204 |
|
---|
| 205 | examples/curlx: Fix code style
|
---|
| 206 |
|
---|
| 207 | - Add braces around multi-line if statement.
|
---|
| 208 |
|
---|
| 209 | Closes https://github.com/curl/curl/pull/2096
|
---|
| 210 |
|
---|
| 211 | Daniel Stenberg (17 Nov 2017)
|
---|
| 212 | - resolve: allow IP address within [] brackets
|
---|
| 213 |
|
---|
| 214 | ... so that IPv6 addresses can be passed like they can for connect-to
|
---|
| 215 | and how they're used in URLs.
|
---|
| 216 |
|
---|
| 217 | Added test 1324 to verify
|
---|
| 218 | Reported-by: Alex Malinovich
|
---|
| 219 |
|
---|
| 220 | Fixes #2087
|
---|
| 221 | Closes #2091
|
---|
| 222 |
|
---|
| 223 | - [Pavol Markovic brought this change]
|
---|
| 224 |
|
---|
| 225 | macOS: Fix missing connectx function with Xcode version older than 9.0
|
---|
| 226 |
|
---|
| 227 | The previous fix https://github.com/curl/curl/pull/1788 worked just for
|
---|
| 228 | Xcode 9. This commit extends the fix to older Xcode versions effectively
|
---|
| 229 | by not using connectx function.
|
---|
| 230 |
|
---|
| 231 | Fixes https://github.com/curl/curl/issues/1330
|
---|
| 232 | Fixes https://github.com/curl/curl/issues/2080
|
---|
| 233 | Closes https://github.com/curl/curl/pull/1336
|
---|
| 234 | Closes #2082
|
---|
| 235 |
|
---|
| 236 | - [Dirk Feytons brought this change]
|
---|
| 237 |
|
---|
| 238 | openssl: fix too broad use of HAVE_OPAQUE_EVP_PKEY
|
---|
| 239 |
|
---|
| 240 | Fixes #2079
|
---|
| 241 | Closes #2081
|
---|
| 242 |
|
---|
| 243 | - TODO: ignore private IP addresses in PASV response
|
---|
| 244 |
|
---|
| 245 | Closes #1455
|
---|
| 246 |
|
---|
| 247 | - RELEASE-NOTES: synced with ae7369b6d
|
---|
| 248 |
|
---|
| 249 | Michael Kaufmann (14 Nov 2017)
|
---|
| 250 | - URL: return error on malformed URLs with junk after IPv6 bracket
|
---|
| 251 |
|
---|
| 252 | Follow-up to aadb7c7. Verified by new test 1263.
|
---|
| 253 |
|
---|
| 254 | Closes #2072
|
---|
| 255 |
|
---|
| 256 | Daniel Stenberg (14 Nov 2017)
|
---|
| 257 | - INTERNALS: we may use libidn2 now, not libidn
|
---|
| 258 |
|
---|
| 259 | Patrick Monnerat (13 Nov 2017)
|
---|
| 260 | - zlib/brotli: only include header files in modules needing them
|
---|
| 261 |
|
---|
| 262 | There is a conflict on symbol 'free_func' between openssl/crypto.h and
|
---|
| 263 | zlib.h on AIX. This is an attempt to resolve it.
|
---|
| 264 |
|
---|
| 265 | Bug: https://curl.haxx.se/mail/lib-2017-11/0032.html
|
---|
| 266 | Reported-By: Michael Felt
|
---|
| 267 |
|
---|
| 268 | Daniel Stenberg (13 Nov 2017)
|
---|
| 269 | - SMB: fix uninitialized local variable
|
---|
| 270 |
|
---|
| 271 | Reported-by: Brian Carpenter
|
---|
| 272 |
|
---|
| 273 | - [Orgad Shaneh brought this change]
|
---|
| 274 |
|
---|
| 275 | connect.c: remove executable bit on file
|
---|
| 276 |
|
---|
| 277 | Closes #2071
|
---|
| 278 |
|
---|
| 279 | - [hsiao yi brought this change]
|
---|
| 280 |
|
---|
| 281 | README.md: fixed layout
|
---|
| 282 |
|
---|
| 283 | Closes #2069
|
---|
| 284 |
|
---|
| 285 | - setopt: split out curl_easy_setopt() to its own file
|
---|
| 286 |
|
---|
| 287 | ... to make url.c smaller.
|
---|
| 288 |
|
---|
| 289 | Closes #1944
|
---|
| 290 |
|
---|
| 291 | Jay Satiro (10 Nov 2017)
|
---|
| 292 | - [John Starks brought this change]
|
---|
| 293 |
|
---|
| 294 | cmake: Add missing setmode check
|
---|
| 295 |
|
---|
| 296 | Ensure HAVE_SETMODE is set to 1 on OSes that have setmode. Without this,
|
---|
| 297 | curl will corrupt binary files when writing them to stdout on Windows.
|
---|
| 298 |
|
---|
| 299 | Closes https://github.com/curl/curl/pull/2067
|
---|
| 300 |
|
---|
| 301 | Daniel Stenberg (10 Nov 2017)
|
---|
| 302 | - curl_share_setopt: va_end was not called if conncache errors
|
---|
| 303 |
|
---|
| 304 | CID 984459, detected by Coverity
|
---|
| 305 |
|
---|
| 306 | Sergei Nikulov (10 Nov 2017)
|
---|
| 307 | - [John Starks brought this change]
|
---|
| 308 |
|
---|
| 309 | cmake: Correctly include curl.rc in Windows builds (#2064)
|
---|
| 310 |
|
---|
| 311 | Update CMakeLists.txt to add curl.rc to the correct list.
|
---|
| 312 |
|
---|
| 313 | Daniel Stenberg (9 Nov 2017)
|
---|
| 314 | - RELEASE-NOTES: synced with 32828cc4f
|
---|
| 315 |
|
---|
| 316 | - [Luca Boccassi brought this change]
|
---|
| 317 |
|
---|
| 318 | --interface: add support for Linux VRF
|
---|
| 319 |
|
---|
| 320 | The --interface command (CURLOPT_INTERFACE option) already uses
|
---|
| 321 | SO_BINDTODEVICE on Linux, but it tries to parse it as an interface or IP
|
---|
| 322 | address first, which fails in case the user passes a VRF.
|
---|
| 323 |
|
---|
| 324 | Try to use the socket option immediately and parse it as a fallback
|
---|
| 325 | instead. Update the documentation to mention this feature, and that it
|
---|
| 326 | requires the binary to be ran by root or with CAP_NET_RAW capabilities
|
---|
| 327 | for this to work.
|
---|
| 328 |
|
---|
| 329 | Closes #2024
|
---|
| 330 |
|
---|
| 331 | - curl_share_setopt.3: document CURL_LOCK_DATA_CONNECT
|
---|
| 332 |
|
---|
| 333 | Closes #2043
|
---|
| 334 |
|
---|
| 335 | - examples: add shared-connection-cache
|
---|
| 336 |
|
---|
| 337 | - test1554: verify connection cache sharing
|
---|
| 338 |
|
---|
| 339 | - share: add support for sharing the connection cache
|
---|
| 340 |
|
---|
| 341 | - imap: deal with commands case insensitively
|
---|
| 342 |
|
---|
| 343 | As documented in RFC 3501 section 9:
|
---|
| 344 | https://tools.ietf.org/html/rfc3501#section-9
|
---|
| 345 |
|
---|
| 346 | Closes #2061
|
---|
| 347 |
|
---|
| 348 | - connect: store IPv6 connection status after valid connection
|
---|
| 349 |
|
---|
| 350 | ... previously it would store it already in the happy eyeballs stage
|
---|
| 351 | which could lead to the IPv6 bit being set for an IPv4 connection,
|
---|
| 352 | leading to curl not wanting to do EPSV=>PASV for FTP transfers.
|
---|
| 353 |
|
---|
| 354 | Closes #2053
|
---|
| 355 |
|
---|
| 356 | - curl_multi_fdset.3: emphasize curl_multi_timeout
|
---|
| 357 |
|
---|
| 358 | ... even when there's no socket to wait for, the timeout can still be
|
---|
| 359 | very short.
|
---|
| 360 |
|
---|
| 361 | Jay Satiro (9 Nov 2017)
|
---|
| 362 | - content_encoding: fix inflate_stream for no bytes available
|
---|
| 363 |
|
---|
| 364 | - Don't call zlib's inflate() when avail_in stream bytes is 0.
|
---|
| 365 |
|
---|
| 366 | This is a follow up to the parent commit 19e66e5. Prior to that change
|
---|
| 367 | libcurl's inflate_stream could call zlib's inflate even when no bytes
|
---|
| 368 | were available, causing inflate to return Z_BUF_ERROR, and then
|
---|
| 369 | inflate_stream would treat that as a hard error and return
|
---|
| 370 | CURLE_BAD_CONTENT_ENCODING.
|
---|
| 371 |
|
---|
| 372 | According to the zlib FAQ, Z_BUF_ERROR is not fatal.
|
---|
| 373 |
|
---|
| 374 | This bug would happen randomly since packet sizes are arbitrary. A test
|
---|
| 375 | of 10,000 transfers had 55 fail (ie 0.55%).
|
---|
| 376 |
|
---|
| 377 | Ref: https://zlib.net/zlib_faq.html#faq05
|
---|
| 378 |
|
---|
| 379 | Closes https://github.com/curl/curl/pull/2060
|
---|
| 380 |
|
---|
| 381 | Patrick Monnerat (7 Nov 2017)
|
---|
| 382 | - content_encoding: do not write 0 length data
|
---|
| 383 |
|
---|
| 384 | Daniel Stenberg (6 Nov 2017)
|
---|
| 385 | - fnmatch: remove dead code
|
---|
| 386 |
|
---|
| 387 | There was a duplicate check for backslashes in the setcharset()
|
---|
| 388 | function.
|
---|
| 389 |
|
---|
| 390 | Coverity CID 1420611
|
---|
| 391 |
|
---|
| 392 | - url: remove unncessary NULL-check
|
---|
| 393 |
|
---|
| 394 | Since 'conn' won't be NULL in there and we also access the pointer in
|
---|
| 395 | there without the check.
|
---|
| 396 |
|
---|
| 397 | Coverity CID 1420610
|
---|
| 398 |
|
---|
| 399 | Viktor Szakats (6 Nov 2017)
|
---|
| 400 | - src/Makefile.m32: fix typo in brotli lib customization
|
---|
| 401 |
|
---|
| 402 | Ref cc1f4436099decb9d1a7034b2bb773a9f8379d31
|
---|
| 403 |
|
---|
| 404 | - Makefile.m32: allow to customize brotli libs
|
---|
| 405 |
|
---|
| 406 | It adds the ability to link against static brotli libs.
|
---|
| 407 |
|
---|
| 408 | Also fix brotli include path.
|
---|
| 409 |
|
---|
| 410 | Patrick Monnerat (5 Nov 2017)
|
---|
| 411 | - travis: add a job with brotli enabled
|
---|
| 412 |
|
---|
| 413 | - [Viktor Szakats brought this change]
|
---|
| 414 |
|
---|
| 415 | Makefile.m32: add brotli support
|
---|
| 416 |
|
---|
| 417 | - HTTP: implement Brotli content encoding
|
---|
| 418 |
|
---|
| 419 | This uses the brotli external library (https://github.com/google/brotli).
|
---|
| 420 | Brotli becomes a feature: additional curl_version_info() bit and
|
---|
| 421 | structure fields are provided for it and CURLVERSION_NOW bumped.
|
---|
| 422 |
|
---|
| 423 | Tests 314 and 315 check Brotli content unencoding with correct and
|
---|
| 424 | erroneous data.
|
---|
| 425 |
|
---|
| 426 | Some tests are updated to accomodate with the now configuration dependent
|
---|
| 427 | parameters of the Accept-Encoding header.
|
---|
| 428 |
|
---|
| 429 | - HTTP: support multiple Content-Encodings
|
---|
| 430 |
|
---|
| 431 | This is implemented as an output streaming stack of unencoders, the last
|
---|
| 432 | calling the client write procedure.
|
---|
| 433 |
|
---|
| 434 | New test 230 checks this feature.
|
---|
| 435 |
|
---|
| 436 | Bug: https://github.com/curl/curl/pull/2002
|
---|
| 437 | Reported-By: Daniel Bankhead
|
---|
| 438 |
|
---|
| 439 | Jay Satiro (4 Nov 2017)
|
---|
| 440 | - url: remove arg value check from CURLOPT_SSH_AUTH_TYPES
|
---|
| 441 |
|
---|
| 442 | Since CURLSSH_AUTH_ANY (aka CURLSSH_AUTH_DEFAULT) is ~0 an arg value
|
---|
| 443 | check on this option is incorrect; we have to accept any value.
|
---|
| 444 |
|
---|
| 445 | Prior to this change since f121575 (7.56.1+) CURLOPT_SSH_AUTH_TYPES
|
---|
| 446 | erroneously rejected CURLSSH_AUTH_ANY with CURLE_BAD_FUNCTION_ARGUMENT.
|
---|
| 447 |
|
---|
| 448 | Bug: https://github.com/curl/curl/commit/f121575#commitcomment-25347120
|
---|
| 449 |
|
---|
| 450 | Daniel Stenberg (4 Nov 2017)
|
---|
| 451 | - ntlm: avoid malloc(0) for zero length passwords
|
---|
| 452 |
|
---|
| 453 | It triggers an assert() when built with memdebug since malloc(0) may
|
---|
| 454 | return NULL *or* a valid pointer.
|
---|
| 455 |
|
---|
| 456 | Detected by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4054
|
---|
| 457 |
|
---|
| 458 | Assisted-by: Max Dymond
|
---|
| 459 | Closes #2054
|
---|
| 460 |
|
---|
| 461 | - RELEASE-NOTES: synced with ee8016b3d
|
---|
| 462 |
|
---|
| 463 | - curl: speed up handling of many URLs
|
---|
| 464 |
|
---|
| 465 | By properly keeping track of the last entry in the list of URLs/uploads
|
---|
| 466 | to handle, curl now avoids many meaningless traverses of the list which
|
---|
| 467 | speeds up many-URL handling *MASSIVELY* (several magnitudes on 100K
|
---|
| 468 | URLs).
|
---|
| 469 |
|
---|
| 470 | Added test 1291, to verify that it doesn't take ages - but we don't have
|
---|
| 471 | any detection of "too slow" command in the test suite.
|
---|
| 472 |
|
---|
| 473 | Reported-by: arainchik on github
|
---|
| 474 | Fixes #1959
|
---|
| 475 | Closes #2052
|
---|
| 476 |
|
---|
| 477 | - curl: pass through [] in URLs instead of calling globbing error
|
---|
| 478 |
|
---|
| 479 | Assisted-by: Per Lundberg
|
---|
| 480 | Fixes #2044
|
---|
| 481 | Closes #2046
|
---|
| 482 | Closes #2048
|
---|
| 483 |
|
---|
| 484 | - CURLOPT_INFILESIZE: accept -1
|
---|
| 485 |
|
---|
| 486 | Regression since f121575
|
---|
| 487 |
|
---|
| 488 | Reported-by: Petr Voytsik
|
---|
| 489 | Fixes #2047
|
---|
| 490 |
|
---|
| 491 | Jay Satiro (2 Nov 2017)
|
---|
| 492 | - url: fix CURLOPT_DNS_CACHE_TIMEOUT arg value check to allow -1
|
---|
| 493 |
|
---|
| 494 | Prior to this change since f121575 (7.56.1+) CURLOPT_DNS_CACHE_TIMEOUT
|
---|
| 495 | erroneously rejected -1 with CURLE_BAD_FUNCTION_ARGUMENT.
|
---|
| 496 |
|
---|
| 497 | Dan Fandrich (1 Nov 2017)
|
---|
| 498 | - http2: Fixed OOM handling in upgrade request
|
---|
| 499 |
|
---|
| 500 | This caused the torture tests on test 1800 to fail.
|
---|
| 501 |
|
---|
| 502 | - tests: Fixed torture tests on tests 556 and 650
|
---|
| 503 |
|
---|
| 504 | Test cleanup after OOM wasn't being consistently performed.
|
---|
| 505 |
|
---|
| 506 | Daniel Stenberg (1 Nov 2017)
|
---|
| 507 | - CURLOPT_MAXREDIRS: allow -1 as a value
|
---|
| 508 |
|
---|
| 509 | ... which is valid according to documentation. Regression since
|
---|
| 510 | f121575c0b5f.
|
---|
| 511 |
|
---|
| 512 | Verified now in test 501.
|
---|
| 513 |
|
---|
| 514 | Reported-by: cbartl on github
|
---|
| 515 | Fixes #2038
|
---|
| 516 | Closes #2039
|
---|
| 517 |
|
---|
| 518 | - include: remove conncache.h inclusion from where its not needed
|
---|
| 519 |
|
---|
| 520 | Jay Satiro (1 Nov 2017)
|
---|
| 521 | - url: fix CURLOPT_POSTFIELDSIZE arg value check to allow -1
|
---|
| 522 |
|
---|
| 523 | .. also add same arg value check to CURLOPT_POSTFIELDSIZE_LARGE.
|
---|
| 524 |
|
---|
| 525 | Prior to this change since f121575 (7.56.1+) CURLOPT_POSTFIELDSIZE
|
---|
| 526 | erroneously rejected -1 value with CURLE_BAD_FUNCTION_ARGUMENT.
|
---|
| 527 |
|
---|
| 528 | Bug: https://curl.haxx.se/mail/lib-2017-11/0000.html
|
---|
| 529 | Reported-by: Andrew Lambert
|
---|
| 530 |
|
---|
| 531 | Daniel Stenberg (31 Oct 2017)
|
---|
| 532 | - cookie: avoid NULL dereference
|
---|
| 533 |
|
---|
| 534 | ... when expiring old cookies.
|
---|
| 535 |
|
---|
| 536 | Reported-by: Pavel Gushchin
|
---|
| 537 | Fixes #2032
|
---|
| 538 | Closes #2035
|
---|
| 539 |
|
---|
| 540 | Marcel Raad (30 Oct 2017)
|
---|
| 541 | - memdebug: use send/recv signature for curl_dosend/curl_dorecv
|
---|
| 542 |
|
---|
| 543 | This avoids build errors and warnings caused by implicit casts.
|
---|
| 544 |
|
---|
| 545 | Closes https://github.com/curl/curl/pull/2031
|
---|
| 546 |
|
---|
| 547 | Daniel Stenberg (30 Oct 2017)
|
---|
| 548 | - [Juro Bystricky brought this change]
|
---|
| 549 |
|
---|
| 550 | mkhelp.pl: support reproducible build
|
---|
| 551 |
|
---|
| 552 | Do not generate line with the current date, such as:
|
---|
| 553 |
|
---|
| 554 | * Generation time: Tue Oct-24 18:01:41 2017
|
---|
| 555 |
|
---|
| 556 | This will improve reproducibility. The generated string is only
|
---|
| 557 | part of a comment, so there should be no adverse consequences.
|
---|
| 558 |
|
---|
| 559 | Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
|
---|
| 560 |
|
---|
| 561 | closes #2026
|
---|
| 562 |
|
---|
| 563 | Dan Fandrich (30 Oct 2017)
|
---|
| 564 | - runtests.pl: Fixed typo in message
|
---|
| 565 |
|
---|
| 566 | Daniel Stenberg (30 Oct 2017)
|
---|
| 567 | - curlx: the timeval functions are no longer provided as curlx_*
|
---|
| 568 |
|
---|
| 569 | Pointed-out-by: Dmitri Tikhonov
|
---|
| 570 | Bug: #2034
|
---|
| 571 |
|
---|
| 572 | - select: update comments
|
---|
| 573 |
|
---|
| 574 | s/curlx_tvnow/Curl_now
|
---|
| 575 |
|
---|
| 576 | - INTERNALS: remove curlx_tv* functions no longer provided
|
---|
| 577 |
|
---|
| 578 | - [Dmitri Tikhonov brought this change]
|
---|
| 579 |
|
---|
| 580 | timeval: use mach time on MacOS
|
---|
| 581 |
|
---|
| 582 | If clock_gettime() is not supported, use mach_absolute_time() on MacOS.
|
---|
| 583 |
|
---|
| 584 | closes #2033
|
---|
| 585 |
|
---|
| 586 | monnerat (29 Oct 2017)
|
---|
| 587 | - [Patrick Monnerat brought this change]
|
---|
| 588 |
|
---|
| 589 | cli tool: improve ";type=" handling in -F option arguments
|
---|
| 590 |
|
---|
| 591 | - [Patrick Monnerat brought this change]
|
---|
| 592 |
|
---|
| 593 | cli tool: in -F option arg, comma is a delimiter for files only
|
---|
| 594 |
|
---|
| 595 | Also upgrade test 1133 to cover this case and clarify man page about
|
---|
| 596 | form data quoting.
|
---|
| 597 |
|
---|
| 598 | Bug: https://github.com/curl/curl/issues/2022
|
---|
| 599 | Reported-By: omau on github
|
---|
| 600 |
|
---|
| 601 | Daniel Stenberg (29 Oct 2017)
|
---|
| 602 | - timeleft: made two more users of Curl_timeleft use timediff_t
|
---|
| 603 |
|
---|
| 604 | Jakub Zakrzewski (28 Oct 2017)
|
---|
| 605 | - cmake: Export libcurl and curl targets to use by other cmake projects
|
---|
| 606 |
|
---|
| 607 | The config files define curl and libcurl targets as imported targets
|
---|
| 608 | CURL::curl and CURL::libcurl. For backward compatibility with CMake-
|
---|
| 609 | provided find-module the CURL_INCLUDE_DIRS and CURL_LIBRARIES are
|
---|
| 610 | also set.
|
---|
| 611 |
|
---|
| 612 | Closes #1879
|
---|
| 613 |
|
---|
| 614 | Daniel Stenberg (28 Oct 2017)
|
---|
| 615 | - RELEASE-NOTES: synced with f20cbac97
|
---|
| 616 |
|
---|
| 617 | - [Florin brought this change]
|
---|
| 618 |
|
---|
| 619 | auth: Added test cases for RFC7616
|
---|
| 620 |
|
---|
| 621 | Updated docs to include support for RFC7616
|
---|
| 622 |
|
---|
| 623 | Signed-off-by: Florin <petriuc.florin@gmail.com>
|
---|
| 624 |
|
---|
| 625 | Closes #1934
|
---|
| 626 |
|
---|
| 627 | - [Florin brought this change]
|
---|
| 628 |
|
---|
| 629 | auth: add support for RFC7616 - HTTP Digest access authentication
|
---|
| 630 |
|
---|
| 631 | Signed-off-by: Florin <petriuc.florin@gmail.com>
|
---|
| 632 |
|
---|
| 633 | - [Daniel Bankhead brought this change]
|
---|
| 634 |
|
---|
| 635 | TODO: support multiple Content-Encodings
|
---|
| 636 |
|
---|
| 637 | Closes #2002
|
---|
| 638 |
|
---|
| 639 | - ROADMAP: cleanup
|
---|
| 640 |
|
---|
| 641 | Removed done stuff. Removed entries no longer considered for the near
|
---|
| 642 | term.
|
---|
| 643 |
|
---|
| 644 | - [Magicansk brought this change]
|
---|
| 645 |
|
---|
| 646 | ROADMAP.md: spelling fixes
|
---|
| 647 |
|
---|
| 648 | Closes #2028
|
---|
| 649 |
|
---|
| 650 | - Curl_timeleft: change return type to timediff_t
|
---|
| 651 |
|
---|
| 652 | returning 'time_t' is problematic when that type is unsigned and we
|
---|
| 653 | return values less than zero to signal "already expired", used in
|
---|
| 654 | several places in the code.
|
---|
| 655 |
|
---|
| 656 | Closes #2021
|
---|
| 657 |
|
---|
| 658 | - appveyor: add a win32 build
|
---|
| 659 |
|
---|
| 660 | - setopt: fix CURLOPT_SSH_AUTH_TYPES option read
|
---|
| 661 |
|
---|
| 662 | Regression since f121575c0b5f
|
---|
| 663 |
|
---|
| 664 | Reported-by: Rob Cotrone
|
---|
| 665 |
|
---|
| 666 | Marcel Raad (27 Oct 2017)
|
---|
| 667 | - resolvers: only include anything if needed
|
---|
| 668 |
|
---|
| 669 | This avoids warnings about unused stuff.
|
---|
| 670 |
|
---|
| 671 | Closes https://github.com/curl/curl/pull/2023
|
---|
| 672 |
|
---|
| 673 | Daniel Stenberg (27 Oct 2017)
|
---|
| 674 | - HELP-US: rename the subtitle too since the label is changed
|
---|
| 675 |
|
---|
| 676 | "PR-welcome" was the former name.
|
---|
| 677 |
|
---|
| 678 | - curl_setup.h: oops, shorten the too long line
|
---|
| 679 |
|
---|
| 680 | - [Martin Storsjo brought this change]
|
---|
| 681 |
|
---|
| 682 | curl_setup: Improve detection of CURL_WINDOWS_APP
|
---|
| 683 |
|
---|
| 684 | If WINAPI_FAMILY is defined, it should be safe to try to include
|
---|
| 685 | winapifamily.h to check what the define evaluates to.
|
---|
| 686 |
|
---|
| 687 | This should fix detection of CURL_WINDOWS_APP if building with
|
---|
| 688 | _WIN32_WINNT set to 0x0600.
|
---|
| 689 |
|
---|
| 690 | Closes #2025
|
---|
| 691 |
|
---|
| 692 | Jay Satiro (26 Oct 2017)
|
---|
| 693 | - transfer: Fix chunked-encoding upload bug
|
---|
| 694 |
|
---|
| 695 | - When uploading via chunked-encoding don't compare file size to bytes
|
---|
| 696 | sent to determine whether the upload has finished.
|
---|
| 697 |
|
---|
| 698 | Chunked-encoding adds its own overhead which why the bytes sent is not
|
---|
| 699 | equal to the file size. Prior to this change if a file was uploaded in
|
---|
| 700 | chunked-encoding and its size was known it was possible that the upload
|
---|
| 701 | could end prematurely without sending the final few chunks. That would
|
---|
| 702 | result in a server hang waiting for the remaining data, likely followed
|
---|
| 703 | by a disconnect.
|
---|
| 704 |
|
---|
| 705 | The scope of this bug is limited to some arbitrary file sizes which have
|
---|
| 706 | not been determined. One size that triggers the bug is 475020.
|
---|
| 707 |
|
---|
| 708 | Bug: https://github.com/curl/curl/issues/2001
|
---|
| 709 | Reported-by: moohoorama@users.noreply.github.com
|
---|
| 710 |
|
---|
| 711 | Closes https://github.com/curl/curl/pull/2010
|
---|
| 712 |
|
---|
| 713 | Daniel Stenberg (26 Oct 2017)
|
---|
| 714 | - timeval: make timediff_t also work on 32bit windows
|
---|
| 715 |
|
---|
| 716 | ... by using curl_off_t for the typedef if time_t is larger than 4
|
---|
| 717 | bytes.
|
---|
| 718 |
|
---|
| 719 | Reported-by: Gisle Vanem
|
---|
| 720 | Bug: https://github.com/curl/curl/commit/b9d25f9a6b3ca791385b80a6a3c3fa5ae113e1e0#co
|
---|
| 721 | mmitcomment-25205058
|
---|
| 722 | Closes #2019
|
---|
| 723 |
|
---|
| 724 | - curl_fnmatch: return error on illegal wildcard pattern
|
---|
| 725 |
|
---|
| 726 | ... instead of doing an infinite loop!
|
---|
| 727 |
|
---|
| 728 | Added test 1162 to verify.
|
---|
| 729 |
|
---|
| 730 | Reported-by: Max Dymond
|
---|
| 731 | Fixes #2015
|
---|
| 732 | Closes #2017
|
---|
| 733 |
|
---|
| 734 | - [Max Dymond brought this change]
|
---|
| 735 |
|
---|
| 736 | wildcards: don't use with non-supported protocols
|
---|
| 737 |
|
---|
| 738 | Fixes timeouts in the fuzzing tests for non-FTP protocols.
|
---|
| 739 |
|
---|
| 740 | Closes #2016
|
---|
| 741 |
|
---|
| 742 | - [Max Dymond brought this change]
|
---|
| 743 |
|
---|
| 744 | multi: allow table handle sizes to be overridden
|
---|
| 745 |
|
---|
| 746 | Allow users to specify their own hash define for
|
---|
| 747 | CURL_CONNECTION_HASH_SIZE so that both values can be overridden.
|
---|
| 748 |
|
---|
| 749 | Closes #1982
|
---|
| 750 |
|
---|
| 751 | - time: rename Curl_tvnow to Curl_now
|
---|
| 752 |
|
---|
| 753 | ... since the 'tv' stood for timeval and this function does not return a
|
---|
| 754 | timeval struct anymore.
|
---|
| 755 |
|
---|
| 756 | Also, cleaned up the Curl_timediff*() functions to avoid typecasts and
|
---|
| 757 | clean up the descriptive comments.
|
---|
| 758 |
|
---|
| 759 | Closes #2011
|
---|
| 760 |
|
---|
| 761 | - ftplistparser: follow-up cleanup to remove PL_ERROR()
|
---|
| 762 |
|
---|
| 763 | - [Max Dymond brought this change]
|
---|
| 764 |
|
---|
| 765 | ftplistparser: free off temporary memory always
|
---|
| 766 |
|
---|
| 767 | When using the FTP list parser, ensure that the memory that's
|
---|
| 768 | allocated is always freed.
|
---|
| 769 |
|
---|
| 770 | Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3682
|
---|
| 771 | Closes #2013
|
---|
| 772 |
|
---|
| 773 | - timediff: return timediff_t from the time diff functions
|
---|
| 774 |
|
---|
| 775 | ... to cater for systems with unsigned time_t variables.
|
---|
| 776 |
|
---|
| 777 | - Renamed the functions to curlx_timediff and Curl_timediff_us.
|
---|
| 778 |
|
---|
| 779 | - Added overflow protection for both of them in either direction for
|
---|
| 780 | both 32 bit and 64 bit time_ts
|
---|
| 781 |
|
---|
| 782 | - Reprefixed the curlx_time functions to use Curl_*
|
---|
| 783 |
|
---|
| 784 | Reported-by: Peter Piekarski
|
---|
| 785 | Fixes #2004
|
---|
| 786 | Closes #2005
|
---|
| 787 |
|
---|
| 788 | - [Paul Howarth brought this change]
|
---|
| 789 |
|
---|
| 790 | libtest: Add required test libraries for lib1552 and lib1553
|
---|
| 791 |
|
---|
| 792 | They use $(TESTUTIL) and thus should use $(TESTUTIL_LIBS) too.
|
---|
| 793 |
|
---|
| 794 | This fixes build failures on Fedora 13.
|
---|
| 795 |
|
---|
| 796 | Closes #2006
|
---|
| 797 |
|
---|
| 798 | - [Alessandro Ghedini brought this change]
|
---|
| 799 |
|
---|
| 800 | libcurl-tutorial.3: fix typo
|
---|
| 801 |
|
---|
| 802 | closes #2008
|
---|
| 803 |
|
---|
| 804 | Alessandro Ghedini (23 Oct 2017)
|
---|
| 805 | - curl_mime_filedata.3: fix typos
|
---|
| 806 |
|
---|
| 807 | Daniel Stenberg (23 Oct 2017)
|
---|
| 808 | - RELEASE-NOTES: clean slate towards 7.57.0
|
---|
| 809 |
|
---|
| 810 | - [Max Dymond brought this change]
|
---|
| 811 |
|
---|
| 812 | travis: exit if any steps fail
|
---|
| 813 |
|
---|
| 814 | We don't expect any steps to fail in travis. Exit the script if they do.
|
---|
| 815 |
|
---|
| 816 | Closes #1966
|
---|
| 817 |
|
---|
| 818 | Version 7.56.1 (23 Oct 2017)
|
---|
| 819 |
|
---|
| 820 | Daniel Stenberg (23 Oct 2017)
|
---|
| 821 | - RELEASE-NOTES: 7.56.1
|
---|
| 822 |
|
---|
| 823 | - THANKS: update at 7.56.1 release time
|
---|
| 824 |
|
---|
| 825 | - [Jon DeVree brought this change]
|
---|
| 826 |
|
---|
| 827 | mk-ca-bundle: Remove URL for aurora
|
---|
| 828 |
|
---|
| 829 | Aurora is no longer used by Mozilla
|
---|
| 830 | https://hacks.mozilla.org/2017/04/simplifying-firefox-release-channels/
|
---|
| 831 |
|
---|
| 832 | - [Jon DeVree brought this change]
|
---|
| 833 |
|
---|
| 834 | mk-ca-bundle: Fix URL for NSS
|
---|
| 835 |
|
---|
| 836 | The 'tip' is the most recent branch committed to, this should be
|
---|
| 837 | 'default' like the URLs for the browser are.
|
---|
| 838 |
|
---|
| 839 | Closes #1998
|
---|
| 840 |
|
---|
| 841 | - imap: if a FETCH response has no size, don't call write callback
|
---|
| 842 |
|
---|
| 843 | CVE-2017-1000257
|
---|
| 844 |
|
---|
| 845 | Reported-by: Brian Carpenter and 0xd34db347
|
---|
| 846 | Also detected by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3586
|
---|
| 847 |
|
---|
| 848 | - ftp: reject illegal IP/port in PASV 227 response
|
---|
| 849 |
|
---|
| 850 | ... by using range checks. Among other things, this avoids an undefined
|
---|
| 851 | behavior for a left shift that could happen on negative or very large
|
---|
| 852 | values.
|
---|
| 853 |
|
---|
| 854 | Closes #1997
|
---|
| 855 |
|
---|
| 856 | Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3694
|
---|
| 857 |
|
---|
| 858 | Patrick Monnerat (20 Oct 2017)
|
---|
| 859 | - test653: check reuse of easy handle after mime data change
|
---|
| 860 |
|
---|
| 861 | See issue #1999
|
---|
| 862 |
|
---|
| 863 | - mime: do not reuse previously computed multipart size
|
---|
| 864 |
|
---|
| 865 | The contents might have changed: size must be recomputed.
|
---|
| 866 |
|
---|
| 867 | Reported-by: moteus on github
|
---|
| 868 | Fixes #1999
|
---|
| 869 |
|
---|
| 870 | - test308: disable if MultiSSL feature enabled
|
---|
| 871 |
|
---|
| 872 | Even if OpenSSL is enabled, it might not be the default backend when
|
---|
| 873 | multi-ssl is enabled, causing the test to fail.
|
---|
| 874 |
|
---|
| 875 | - runtests: support MultiSSL client feature
|
---|
| 876 |
|
---|
| 877 | - vtls: change struct Curl_ssl `close' field name to `close_one'.
|
---|
| 878 |
|
---|
| 879 | On OS/400, `close' is an ASCII system macro that corrupts the code if
|
---|
| 880 | not used in a context not targetting the close() system API.
|
---|
| 881 |
|
---|
| 882 | - os400: add missing symbols in config file.
|
---|
| 883 |
|
---|
| 884 | Also adjust makefile to renamed files and warn about installation dirs mix-up.
|
---|
| 885 |
|
---|
| 886 | - test652: curl_mime_data + base64 encoder with large contents
|
---|
| 887 |
|
---|
| 888 | - mime: limit bas64-encoded lines length to 76 characters
|
---|
| 889 |
|
---|
| 890 | Daniel Stenberg (16 Oct 2017)
|
---|
| 891 | - RELEASE-NOTES: synced with f121575c0
|
---|
| 892 |
|
---|
| 893 | - setopt: range check most long options
|
---|
| 894 |
|
---|
| 895 | ... filter early instead of risking "funny values" having to be dealt
|
---|
| 896 | with elsewhere.
|
---|
| 897 |
|
---|
| 898 | - setopt: avoid integer overflows when setting millsecond values
|
---|
| 899 |
|
---|
| 900 | ... that are multiplied by 1000 when stored.
|
---|
| 901 |
|
---|
| 902 | For 32 bit long systems, the max value accepted (2147483 seconds) is >
|
---|
| 903 | 596 hours which is unlikely to ever be set by a legitimate application -
|
---|
| 904 | and previously it didn't work either, it just caused undefined behavior.
|
---|
| 905 |
|
---|
| 906 | Also updated the man pages for these timeout options to mention the
|
---|
| 907 | return code.
|
---|
| 908 |
|
---|
| 909 | Closes #1938
|
---|
| 910 |
|
---|
| 911 | Viktor Szakats (15 Oct 2017)
|
---|
| 912 | - makefile.m32: allow to override gcc, ar and ranlib
|
---|
| 913 |
|
---|
| 914 | Allow to ovverride certain build tools, making it possible to
|
---|
| 915 | use LLVM/Clang to build curl. The default behavior is unchanged.
|
---|
| 916 | To build with clang (as offered by MSYS2), these settings can
|
---|
| 917 | be used:
|
---|
| 918 |
|
---|
| 919 | CURL_CC=clang
|
---|
| 920 | CURL_AR=llvm-ar
|
---|
| 921 | CURL_RANLIB=llvm-ranlib
|
---|
| 922 |
|
---|
| 923 | Closes https://github.com/curl/curl/pull/1993
|
---|
| 924 |
|
---|
| 925 | - ldap: silence clang warning
|
---|
| 926 |
|
---|
| 927 | Use memset() to initialize a structure to avoid LLVM/Clang warning:
|
---|
| 928 | ldap.c:193:39: warning: missing field 'UserLength' initializer [-Wmissing-field-initializers]
|
---|
| 929 |
|
---|
| 930 | Closes https://github.com/curl/curl/pull/1992
|
---|
| 931 |
|
---|
| 932 | Daniel Stenberg (14 Oct 2017)
|
---|
| 933 | - runtests: use valgrind for torture as well
|
---|
| 934 |
|
---|
| 935 | NOTE: it makes them terribly slow. I recommend only using valgrind for
|
---|
| 936 | specific torture tests or using lots of patience.
|
---|
| 937 |
|
---|
| 938 | - memdebug: trace send, recv and socket
|
---|
| 939 |
|
---|
| 940 | ... to allow them to be included in torture tests too.
|
---|
| 941 |
|
---|
| 942 | closes #1980
|
---|
| 943 |
|
---|
| 944 | - configure: remove the C++ compiler check
|
---|
| 945 |
|
---|
| 946 | ... we used it only for the fuzzer, which we now have in a separate git
|
---|
| 947 | repo.
|
---|
| 948 |
|
---|
| 949 | Closes #1990
|
---|
| 950 |
|
---|
| 951 | Patrick Monnerat (13 Oct 2017)
|
---|
| 952 | - mime: do not call failf() if easy handle is NULL.
|
---|
| 953 |
|
---|
| 954 | Daniel Stenberg (13 Oct 2017)
|
---|
| 955 | - test651: curl_formadd with huge COPYCONTENTS
|
---|
| 956 |
|
---|
| 957 | - mime: fix the content reader to handle >16K data properly
|
---|
| 958 |
|
---|
| 959 | Reported-by: Jeroen Ooms
|
---|
| 960 | Closes #1988
|
---|
| 961 |
|
---|
| 962 | Patrick Monnerat (12 Oct 2017)
|
---|
| 963 | - mime: keep "text/plain" content type if user-specified.
|
---|
| 964 |
|
---|
| 965 | Include test cases in 554, 587, 650.
|
---|
| 966 |
|
---|
| 967 | Fixes https://github.com/curl/curl/issues/1986
|
---|
| 968 |
|
---|
| 969 | - cli tool: use file2memory() to buffer stdin in -F option.
|
---|
| 970 |
|
---|
| 971 | Closes PR https://github.com/curl/curl/pull/1985
|
---|
| 972 |
|
---|
| 973 | - cli tool: reimplement stdin buffering in -F option.
|
---|
| 974 |
|
---|
| 975 | If stdin is not a regular file, its content is memory-buffered to enable
|
---|
| 976 | a possible data "rewind".
|
---|
| 977 | In all cases, stdin data size is determined before real use to avoid
|
---|
| 978 | having an unknown part's size.
|
---|
| 979 |
|
---|
| 980 | --libcurl generated code is left as an unbuffered stdin fread/fseek callback
|
---|
| 981 | part with unknown data size.
|
---|
| 982 |
|
---|
| 983 | Buffering is not supported in deprecated curl_formadd() API.
|
---|
| 984 |
|
---|
| 985 | Daniel Stenberg (12 Oct 2017)
|
---|
| 986 | - winbuild/BUILD.WINDOWS.txt: mention WITH_NGHTTP2
|
---|
| 987 |
|
---|
| 988 | - HELP-US: the label "PR-welcome" is now renamed to "help wanted"
|
---|
| 989 |
|
---|
| 990 | following the new github "standard"
|
---|
| 991 |
|
---|
| 992 | - RELEASE-NOTES: synced with 5505df7d2
|
---|
| 993 |
|
---|
| 994 | Jay Satiro (11 Oct 2017)
|
---|
| 995 | - [Artak Galoyan brought this change]
|
---|
| 996 |
|
---|
| 997 | url: Update current connection SSL verify params in setopt
|
---|
| 998 |
|
---|
| 999 | Now VERIFYHOST, VERIFYPEER and VERIFYSTATUS options change during active
|
---|
| 1000 | connection updates the current connection's (i.e.'connectdata'
|
---|
| 1001 | structure) appropriate ssl_config (and ssl_proxy_config) structures
|
---|
| 1002 | variables, making these options effective for ongoing connection.
|
---|
| 1003 |
|
---|
| 1004 | This functionality was available before and was broken by the
|
---|
| 1005 | following change:
|
---|
| 1006 | "proxy: Support HTTPS proxy and SOCKS+HTTP(s)"
|
---|
| 1007 | CommitId: cb4e2be7c6d42ca0780f8e0a747cecf9ba45f151.
|
---|
| 1008 |
|
---|
| 1009 | Bug: https://github.com/curl/curl/issues/1941
|
---|
| 1010 |
|
---|
| 1011 | Closes https://github.com/curl/curl/pull/1951
|
---|
| 1012 |
|
---|
| 1013 | Daniel Stenberg (11 Oct 2017)
|
---|
| 1014 | - [David Benjamin brought this change]
|
---|
| 1015 |
|
---|
| 1016 | openssl: don't use old BORINGSSL_YYYYMM macros
|
---|
| 1017 |
|
---|
| 1018 | Those were temporary things we'd add and remove for our own convenience
|
---|
| 1019 | long ago. The last few stayed around for too long as an oversight but
|
---|
| 1020 | have since been removed. These days we have a running
|
---|
| 1021 | BORINGSSL_API_VERSION counter which is bumped when we find it
|
---|
| 1022 | convenient, but 2015-11-19 was quite some time ago, so just check
|
---|
| 1023 | OPENSSL_IS_BORINGSSL.
|
---|
| 1024 |
|
---|
| 1025 | Closes #1979
|
---|
| 1026 |
|
---|
| 1027 | - test950; verify SMTP with custom request
|
---|
| 1028 |
|
---|
| 1029 | - ftpserver: support case insensitive commands
|
---|
| 1030 |
|
---|
| 1031 | - smtp_done: free data before returning (on send failure)
|
---|
| 1032 |
|
---|
| 1033 | ... as otherwise it could leak that memory.
|
---|
| 1034 |
|
---|
| 1035 | Detected by OSS-fuzz:
|
---|
| 1036 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3600
|
---|
| 1037 |
|
---|
| 1038 | Assisted-by: Max Dymond
|
---|
| 1039 | Closes #1977
|
---|
| 1040 |
|
---|
| 1041 | - FTP: URL decode path for dir listing in nocwd mode
|
---|
| 1042 |
|
---|
| 1043 | Reported-by: Zenju on github
|
---|
| 1044 |
|
---|
| 1045 | Test 244 added to verify
|
---|
| 1046 | Fixes #1974
|
---|
| 1047 | Closes #1976
|
---|
| 1048 |
|
---|
| 1049 | - test298: verify --ftp-method nowcwd with URL encoded path
|
---|
| 1050 |
|
---|
| 1051 | Ref: #1974
|
---|
| 1052 |
|
---|
| 1053 | - CURLOPT_XFERINFODATA.3: fix duplicate see also
|
---|
| 1054 |
|
---|
| 1055 | - CURLOPT_NOPROGRESS.3: also refer to xferinfofunction
|
---|
| 1056 |
|
---|
| 1057 | - FAQ: s/CURLOPT_PROGRESSFUNCTION/CURLOPT_XFERINFOFUNCTION
|
---|
| 1058 |
|
---|
| 1059 | - openssl: enable PKCS12 support for !BoringSSL
|
---|
| 1060 |
|
---|
| 1061 | Enable PKCS12 for all non-boringssl builds without relying on configure
|
---|
| 1062 | or cmake checks.
|
---|
| 1063 |
|
---|
| 1064 | Bug: https://curl.haxx.se/mail/lib-2017-10/0007.html
|
---|
| 1065 | Reported-by: Christian Schmitz
|
---|
| 1066 | Closes #1948
|
---|
| 1067 |
|
---|
| 1068 | - [Kristiyan Tsaklev brought this change]
|
---|
| 1069 |
|
---|
| 1070 | curl: don't pass semicolons when parsing Content-Disposition
|
---|
| 1071 |
|
---|
| 1072 | Test 1422 updated to verify.
|
---|
| 1073 |
|
---|
| 1074 | Closes #1964
|
---|
| 1075 |
|
---|
| 1076 | Patrick Monnerat (9 Oct 2017)
|
---|
| 1077 | - mime: properly unbind mime structure in curl_mime_free().
|
---|
| 1078 |
|
---|
| 1079 | This allows freeing a mime structure bound to the easy handle before
|
---|
| 1080 | curl_easy_cleanup().
|
---|
| 1081 |
|
---|
| 1082 | Fixes #1970.
|
---|
| 1083 |
|
---|
| 1084 | Daniel Stenberg (9 Oct 2017)
|
---|
| 1085 | - RTSP: avoid integer overflow on funny RTSP response
|
---|
| 1086 |
|
---|
| 1087 | ... like a very large non-existing RTSP version number.
|
---|
| 1088 |
|
---|
| 1089 | Added test 577 to verify.
|
---|
| 1090 |
|
---|
| 1091 | Detected by OSS-fuzz.
|
---|
| 1092 | Closes #1969
|
---|
| 1093 |
|
---|
| 1094 | Patrick Monnerat (8 Oct 2017)
|
---|
| 1095 | - ftpserver: properly reset $ftptargetdir.
|
---|
| 1096 |
|
---|
| 1097 | - test643: verify curl_mime_subparts() rejects cyclic additions.
|
---|
| 1098 |
|
---|
| 1099 | - mime: refuse to add subparts to one of their own descendants.
|
---|
| 1100 |
|
---|
| 1101 | Reported-by: Alexey Melnichuk
|
---|
| 1102 | Fixes #1962
|
---|
| 1103 |
|
---|
| 1104 | - mime: avoid resetting a part's encoder when part's contents change.
|
---|
| 1105 |
|
---|
| 1106 | - mime: improve unbinding top multipart from easy handle.
|
---|
| 1107 |
|
---|
| 1108 | Also avoid dangling pointers in referencing parts.
|
---|
| 1109 |
|
---|
| 1110 | Daniel Stenberg (8 Oct 2017)
|
---|
| 1111 | - RELEASE-NOTES: synced with a4c1c75da30af1
|
---|
| 1112 |
|
---|
| 1113 | - curlver.h: next expected release is 7.57.0
|
---|
| 1114 |
|
---|
| 1115 | Patrick Monnerat (8 Oct 2017)
|
---|
| 1116 | - mime: be tolerant about setting twice the same header list in a part.
|
---|
| 1117 |
|
---|
| 1118 | - docs: clarify form/mime usage of non-regular data files.
|
---|
| 1119 |
|
---|
| 1120 | Daniel Stenberg (8 Oct 2017)
|
---|
| 1121 | - Revert "multi_done: wait for name resolve to finish if still ongoing"
|
---|
| 1122 |
|
---|
| 1123 | This reverts commit f3e03f6c0ac52a1bf396e03f7d7e9b5b3b7165fe.
|
---|
| 1124 |
|
---|
| 1125 | Caused memory leaks in the fuzzer, needs to be done differently.
|
---|
| 1126 |
|
---|
| 1127 | Disable test 1553 for now too, as it causes memory leaks without this
|
---|
| 1128 | commit!
|
---|
| 1129 |
|
---|
| 1130 | - remove_handle: call multi_done() first, then clear dns cache pointer
|
---|
| 1131 |
|
---|
| 1132 | Closes #1960
|
---|
| 1133 |
|
---|
| 1134 | - multi_done: wait for name resolve to finish if still ongoing
|
---|
| 1135 |
|
---|
| 1136 | ... as we must clean up memory.
|
---|
| 1137 |
|
---|
| 1138 | - pingpong: return error when trying to send without connection
|
---|
| 1139 |
|
---|
| 1140 | When imap_done() got called before a connection is setup, it would try
|
---|
| 1141 | to "finish up" and dereffed a NULL pointer.
|
---|
| 1142 |
|
---|
| 1143 | Test case 1553 managed to reproduce. I had to actually use a host name
|
---|
| 1144 | to try to resolve to slow it down, as using the normal local server IP
|
---|
| 1145 | will make libcurl get a connection in the first curl_multi_perform()
|
---|
| 1146 | loop and then the bug doesn't trigger.
|
---|
| 1147 |
|
---|
| 1148 | Fixes #1953
|
---|
| 1149 | Assisted-by: Max Dymond
|
---|
| 1150 |
|
---|
| 1151 | Dan Fandrich (6 Oct 2017)
|
---|
| 1152 | - tests: added flaky keyword to tests 587 and 644
|
---|
| 1153 |
|
---|
| 1154 | These are around 5% flaky in my Linux x86 autobuilds.
|
---|
| 1155 |
|
---|
| 1156 | Marcel Raad (6 Oct 2017)
|
---|
| 1157 | - vtls: fix warnings with --disable-crypto-auth
|
---|
| 1158 |
|
---|
| 1159 | When CURL_DISABLE_CRYPTO_AUTH is defined, Curl_none_md5sum's parameters
|
---|
| 1160 | are not used.
|
---|
| 1161 |
|
---|
| 1162 | Daniel Stenberg (6 Oct 2017)
|
---|
| 1163 | - multi_cleanup: call DONE on handles that never got that
|
---|
| 1164 |
|
---|
| 1165 | ... fixes a memory leak with at least IMAP when remove_handle is never
|
---|
| 1166 | called and the transfer is abruptly just abandoned early.
|
---|
| 1167 |
|
---|
| 1168 | Test 1552 added to verify
|
---|
| 1169 |
|
---|
| 1170 | Detected by OSS-fuzz
|
---|
| 1171 | Assisted-by: Max Dymond
|
---|
| 1172 | Closes #1954
|
---|
| 1173 |
|
---|
| 1174 | - [Benbuck Nason brought this change]
|
---|
| 1175 |
|
---|
| 1176 | strtoofft: Remove extraneous null check
|
---|
| 1177 |
|
---|
| 1178 | Fixes #1950: curlx_strtoofft() doesn't fully protect against null 'str'
|
---|
| 1179 | argument.
|
---|
| 1180 |
|
---|
| 1181 | Closes #1952
|
---|
| 1182 |
|
---|
| 1183 | - openssl: fix build without HAVE_OPAQUE_EVP_PKEY
|
---|
| 1184 |
|
---|
| 1185 | Reported-by: Javier Sixto
|
---|
| 1186 | Fixes #1955
|
---|
| 1187 | Closes #1956
|
---|
| 1188 |
|
---|
| 1189 | Viktor Szakats (6 Oct 2017)
|
---|
| 1190 | - lib/config-win32.h: let SMB/SMBS be enabled with OpenSSL/NSS
|
---|
| 1191 |
|
---|
| 1192 | The source code is now prepared to handle the case when both
|
---|
| 1193 | Win32 Crypto and OpenSSL/NSS crypto backends are enabled
|
---|
| 1194 | at the same time, making it now possible to enable `USE_WIN32_CRYPTO`
|
---|
| 1195 | whenever the targeted Windows version supports it. Since this
|
---|
| 1196 | matches the minimum Windows version supported by curl
|
---|
| 1197 | (Windows 2000), enable it unconditionally for the Win32 platform.
|
---|
| 1198 |
|
---|
| 1199 | This in turn enables SMB (and SMBS) protocol support whenever
|
---|
| 1200 | Win32 Crypto is available, regardless of what other crypto backends
|
---|
| 1201 | are enabled.
|
---|
| 1202 |
|
---|
| 1203 | Ref: https://github.com/curl/curl/pull/1840#issuecomment-325682052
|
---|
| 1204 |
|
---|
| 1205 | Closes https://github.com/curl/curl/pull/1943
|
---|
| 1206 |
|
---|
| 1207 | Daniel Stenberg (5 Oct 2017)
|
---|
| 1208 | - build: fix --disable-crypto-auth
|
---|
| 1209 |
|
---|
| 1210 | Reported-by: Wyatt O'Day
|
---|
| 1211 | Fixes #1945
|
---|
| 1212 | Closes #1947
|
---|
| 1213 |
|
---|
| 1214 | Jay Satiro (5 Oct 2017)
|
---|
| 1215 | - [Nick Zitzmann brought this change]
|
---|
| 1216 |
|
---|
| 1217 | darwinssl: add support for TLSv1.3
|
---|
| 1218 |
|
---|
| 1219 | Closes https://github.com/curl/curl/pull/1794
|
---|
| 1220 |
|
---|
| 1221 | Daniel Stenberg (4 Oct 2017)
|
---|
| 1222 | - [Felix Kaiser brought this change]
|
---|
| 1223 |
|
---|
| 1224 | docs: fix typo in curl_mime_data_cb man page
|
---|
| 1225 |
|
---|
| 1226 | Closes #1946
|
---|
| 1227 |
|
---|
| 1228 | Viktor Szakats (4 Oct 2017)
|
---|
| 1229 | - lib/Makefile.m32: allow customizing dll suffixes
|
---|
| 1230 |
|
---|
| 1231 | - New `CURL_DLL_SUFFIX` envvar will add a suffix to the generated
|
---|
| 1232 | libcurl dll name. Useful to add `-x64` to 64-bit builds so that
|
---|
| 1233 | it can live in the same directory as the 32-bit one. By default
|
---|
| 1234 | this is empty.
|
---|
| 1235 |
|
---|
| 1236 | - New `CURL_DLL_A_SUFFIX` envvar to customize the suffix of the
|
---|
| 1237 | generated import library (implib) for libcurl .dll. It defaults
|
---|
| 1238 | to `dll`, and it's useful to modify that to `.dll` to have the
|
---|
| 1239 | standard naming scheme for mingw-built .dlls, i.e. `libcurl.dll.a`.
|
---|
| 1240 |
|
---|
| 1241 | Closes https://github.com/curl/curl/pull/1942
|
---|
| 1242 |
|
---|
| 1243 | Daniel Stenberg (4 Oct 2017)
|
---|
| 1244 | - [Max Dymond brought this change]
|
---|
| 1245 |
|
---|
| 1246 | fuzzer: move to using external curl-fuzzer
|
---|
| 1247 |
|
---|
| 1248 | Use the external curl-fuzzer repository for fuzzing.
|
---|
| 1249 |
|
---|
| 1250 | Closes #1923
|
---|
| 1251 |
|
---|
| 1252 | - failf: skip the sprintf() if there are no consumers
|
---|
| 1253 |
|
---|
| 1254 | Closes #1936
|
---|
| 1255 |
|
---|
| 1256 | - ftp: UBsan fixup 'pointer index expression overflowed'
|
---|
| 1257 |
|
---|
| 1258 | Closes #1939
|
---|
| 1259 |
|
---|
| 1260 | - RELEASE-PROCEDURE: update the release schedule
|
---|
| 1261 |
|
---|
| 1262 | Version 7.56.0 (4 Oct 2017)
|
---|
| 1263 |
|
---|
| 1264 | Daniel Stenberg (4 Oct 2017)
|
---|
| 1265 | - RELEASE-NOTES: curl 7.56.0
|
---|
| 1266 |
|
---|
| 1267 | - THANKS: added new 7.56.0 contributors
|
---|
| 1268 |
|
---|
| 1269 | Jay Satiro (4 Oct 2017)
|
---|
| 1270 | - build-openssl.bat: Warn OpenSSL 1.1.0 not yet supported
|
---|
| 1271 |
|
---|
| 1272 | Ref: https://github.com/curl/curl/issues/1002
|
---|
| 1273 |
|
---|
| 1274 | Michael Kaufmann (3 Oct 2017)
|
---|
| 1275 | - idn: fix source code comment
|
---|
| 1276 |
|
---|
| 1277 | - vtls: compare and clone ssl configs properly
|
---|
| 1278 |
|
---|
| 1279 | Compare these settings in Curl_ssl_config_matches():
|
---|
| 1280 | - verifystatus (CURLOPT_SSL_VERIFYSTATUS)
|
---|
| 1281 | - random_file (CURLOPT_RANDOM_FILE)
|
---|
| 1282 | - egdsocket (CURLOPT_EGDSOCKET)
|
---|
| 1283 |
|
---|
| 1284 | Also copy the setting "verifystatus" in Curl_clone_primary_ssl_config(),
|
---|
| 1285 | and copy the setting "sessionid" unconditionally.
|
---|
| 1286 |
|
---|
| 1287 | This means that reusing connections that are secured with a client
|
---|
| 1288 | certificate is now possible, and the statement "TLS session resumption
|
---|
| 1289 | is disabled when a client certificate is used" in the old advisory at
|
---|
| 1290 | https://curl.haxx.se/docs/adv_20170419.html is obsolete.
|
---|
| 1291 |
|
---|
| 1292 | Reviewed-by: Daniel Stenberg
|
---|
| 1293 |
|
---|
| 1294 | Closes #1917
|
---|
| 1295 |
|
---|
| 1296 | - proxy: read the "no_proxy" variable only if necessary
|
---|
| 1297 |
|
---|
| 1298 | Reviewed-by: Daniel Stenberg
|
---|
| 1299 |
|
---|
| 1300 | Closes #1919
|
---|
| 1301 |
|
---|
| 1302 | Patrick Monnerat (3 Oct 2017)
|
---|
| 1303 | - libcurl-tutorial: add casts in example to avoid compilation warnings.
|
---|
| 1304 |
|
---|
| 1305 | Daniel Stenberg (3 Oct 2017)
|
---|
| 1306 | - examples: bring back curl_formadd-using examples
|
---|
| 1307 |
|
---|
| 1308 | ... now with a -formadd suffix. While the new mime API is introduced in
|
---|
| 1309 | 7.56.0 we must acknowledge that lots of users can't upgrade their curl
|
---|
| 1310 | versions immediately.
|
---|
| 1311 |
|
---|
| 1312 | - test1153: verify quoted double-qoutes in PWD response
|
---|
| 1313 |
|
---|
| 1314 | - FTP: zero terminate the entry path even on bad input
|
---|
| 1315 |
|
---|
| 1316 | ... a single double quote could leave the entry path buffer without a zero
|
---|
| 1317 | terminating byte. CVE-2017-1000254
|
---|
| 1318 |
|
---|
| 1319 | Test 1152 added to verify.
|
---|
| 1320 |
|
---|
| 1321 | Reported-by: Max Dymond
|
---|
| 1322 | Bug: https://curl.haxx.se/docs/adv_20171004.html
|
---|
| 1323 |
|
---|
| 1324 | Jay Satiro (2 Oct 2017)
|
---|
| 1325 | - [Sergei Nikulov brought this change]
|
---|
| 1326 |
|
---|
| 1327 | cmake: disable tests and man generation if perl/nroff not found
|
---|
| 1328 |
|
---|
| 1329 | Fixes https://github.com/curl/curl/issues/1500
|
---|
| 1330 | Reported-by: Jay Satiro
|
---|
| 1331 |
|
---|
| 1332 | Fixes https://github.com/curl/curl/pull/1662
|
---|
| 1333 | Assisted-by: Tom Seddon
|
---|
| 1334 | Assisted-by: dpull@users.noreply.github.com
|
---|
| 1335 | Assisted-by: elelel@users.noreply.github.com
|
---|
| 1336 |
|
---|
| 1337 | Closes https://github.com/curl/curl/pull/1924
|
---|
| 1338 |
|
---|
| 1339 | Patrick Monnerat (2 Oct 2017)
|
---|
| 1340 | - libcurl-tutorial: fix two typos.
|
---|
| 1341 |
|
---|
| 1342 | - TODO: remove deprecated form API items.
|
---|
| 1343 |
|
---|
| 1344 | - libcurl-tutorial: describe MIME API and deprecate form API.
|
---|
| 1345 |
|
---|
| 1346 | Include a guide to form/mime API conversion.
|
---|
| 1347 |
|
---|
| 1348 | Daniel Stenberg (30 Sep 2017)
|
---|
| 1349 | - cookie: fix memory leak if path was set twice in header
|
---|
| 1350 |
|
---|
| 1351 | ... this will let the second occurance override the first.
|
---|
| 1352 |
|
---|
| 1353 | Added test 1161 to verify.
|
---|
| 1354 |
|
---|
| 1355 | Reported-by: Max Dymond
|
---|
| 1356 | Fixes #1932
|
---|
| 1357 | Closes #1933
|
---|
| 1358 |
|
---|
| 1359 | Dan Fandrich (30 Sep 2017)
|
---|
| 1360 | - test650: Use variable replacement to set the host address and port
|
---|
| 1361 |
|
---|
| 1362 | Otherwise, the test fails when the -b test option is used to set a
|
---|
| 1363 | different test port range.
|
---|
| 1364 |
|
---|
| 1365 | - Set and use more necessary options when some protocols are disabled
|
---|
| 1366 |
|
---|
| 1367 | When curl and libcurl are built with some protocols disabled, they stop
|
---|
| 1368 | setting and receiving some options that don't make sense with those
|
---|
| 1369 | protocols. In particular, when HTTP is disabled many options aren't set
|
---|
| 1370 | that are used only by HTTP. However, some options that appear to be
|
---|
| 1371 | HTTP-only are actually used by other protocols as well (some despite
|
---|
| 1372 | having HTTP in the name) and should be set, but weren't. This change now
|
---|
| 1373 | causes some of these options to be set and used for more (or for all)
|
---|
| 1374 | protocols. In particular, this fixes tests 646 through 649 in an
|
---|
| 1375 | HTTP-disabled build, which use the MIME API in the mail protocols.
|
---|
| 1376 |
|
---|
| 1377 | Daniel Stenberg (29 Sep 2017)
|
---|
| 1378 | - test1160: verifies cookie leak for large cookies
|
---|
| 1379 |
|
---|
| 1380 | The fix done in 20ea22ff735
|
---|
| 1381 |
|
---|
| 1382 | - cookie: fix memory leak on oversized rejection
|
---|
| 1383 |
|
---|
| 1384 | Regression brought by 2bc230de63b
|
---|
| 1385 |
|
---|
| 1386 | Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3513
|
---|
| 1387 | Assisted-by: Max Dymond
|
---|
| 1388 |
|
---|
| 1389 | Closes #1930
|
---|
| 1390 |
|
---|
| 1391 | - [Anders Bakken brought this change]
|
---|
| 1392 |
|
---|
| 1393 | connect: fix race condition with happy eyeballs timeout
|
---|
| 1394 |
|
---|
| 1395 | The timer should be started after conn->connecttime is set. Otherwise
|
---|
| 1396 | the timer could expire without this condition being true:
|
---|
| 1397 |
|
---|
| 1398 | /* should we try another protocol family? */
|
---|
| 1399 | if(i == 0 && conn->tempaddr[1] == NULL &&
|
---|
| 1400 | curlx_tvdiff(now, conn->connecttime) >= HAPPY_EYEBALLS_TIMEOUT) {
|
---|
| 1401 |
|
---|
| 1402 | Ref: #1928
|
---|
| 1403 |
|
---|
| 1404 | Michael Kaufmann (28 Sep 2017)
|
---|
| 1405 | - docs: link CURLOPT_CONNECTTIMEOUT and CURLOPT_CONNECTTIMEOUT_MS
|
---|
| 1406 |
|
---|
| 1407 | Closes #1922
|
---|
| 1408 |
|
---|
| 1409 | - docs: clarify the use of environment variables for proxy
|
---|
| 1410 |
|
---|
| 1411 | Closes #1921
|
---|
| 1412 |
|
---|
| 1413 | - http: add custom empty headers to repeated requests
|
---|
| 1414 |
|
---|
| 1415 | Closes #1920
|
---|
| 1416 |
|
---|
| 1417 | - reuse_conn: don't copy flags that are known to be equal
|
---|
| 1418 |
|
---|
| 1419 | A connection can only be reused if the flags "conn_to_host" and
|
---|
| 1420 | "conn_to_port" match. Therefore it is not necessary to copy these flags
|
---|
| 1421 | in reuse_conn().
|
---|
| 1422 |
|
---|
| 1423 | Closes #1918
|
---|
| 1424 |
|
---|
| 1425 | Daniel Stenberg (27 Sep 2017)
|
---|
| 1426 | - curl.h: include <sys/select.h> on cygwin too
|
---|
| 1427 |
|
---|
| 1428 | When building with -std=c++14 on cygwin, this header won't be
|
---|
| 1429 | automatically included as it otherwise is.
|
---|
| 1430 |
|
---|
| 1431 | The <sys/select.h> include decision should ideally be reversed and be
|
---|
| 1432 | avoided where that header file doesn't exist.
|
---|
| 1433 |
|
---|
| 1434 | Reported-by: Ian Fette
|
---|
| 1435 | Fixes #1925
|
---|
| 1436 |
|
---|
| 1437 | - RELEASE-NOTES: synced with d8ab5dc50
|
---|
| 1438 |
|
---|
| 1439 | Michael Kaufmann (24 Sep 2017)
|
---|
| 1440 | - tests: adjust .gitignore for new tests
|
---|
| 1441 |
|
---|
| 1442 | Jay Satiro (23 Sep 2017)
|
---|
| 1443 | - ntlm: move NTLM_NEEDS_NSS_INIT define into core NTLM header
|
---|
| 1444 |
|
---|
| 1445 | .. and include the core NTLM header in all NTLM-related source files.
|
---|
| 1446 |
|
---|
| 1447 | Follow up to 6f86022. Since then http_ntlm checks NTLM_NEEDS_NSS_INIT
|
---|
| 1448 | but did not include vtls.h where it was defined.
|
---|
| 1449 |
|
---|
| 1450 | Closes https://github.com/curl/curl/pull/1911
|
---|
| 1451 |
|
---|
| 1452 | Daniel Stenberg (23 Sep 2017)
|
---|
| 1453 | - file_range: avoid integer overflow when figuring out byte range
|
---|
| 1454 |
|
---|
| 1455 | When trying to bump the value with one and the value is already at max,
|
---|
| 1456 | it causes an integer overflow.
|
---|
| 1457 |
|
---|
| 1458 | Closes #1908
|
---|
| 1459 | Detected by oss-fuzz:
|
---|
| 1460 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3465
|
---|
| 1461 |
|
---|
| 1462 | Assisted-by: Max Dymond
|
---|
| 1463 |
|
---|
| 1464 | Michael Kaufmann (23 Sep 2017)
|
---|
| 1465 | - tests: fix a compiler warning in test 643
|
---|
| 1466 |
|
---|
| 1467 | Jay Satiro (23 Sep 2017)
|
---|
| 1468 | - symbols-in-versions: fix CURLSSLSET_NO_BACKENDS entry
|
---|
| 1469 |
|
---|
| 1470 | - Use spaces instead of tabs as the delimiter.
|
---|
| 1471 |
|
---|
| 1472 | Follow up to 7c52b12 which added the entry. The entry had used tabs but
|
---|
| 1473 | the symbol-scan parser doesn't recognize tabs and would fail the symbol.
|
---|
| 1474 |
|
---|
| 1475 | Viktor Szakats (22 Sep 2017)
|
---|
| 1476 | - metalink: fix NSS issue in MultiSSL builds
|
---|
| 1477 |
|
---|
| 1478 | In MultiSSL mode (i.e. when more than one SSL backend is compiled
|
---|
| 1479 | in), we cannot use the compile time flag `USE_NSS` as indicator that
|
---|
| 1480 | the NSS backend is in use. As far as Metalink is concerned, the SSL
|
---|
| 1481 | backend is only used for MD5, SHA-1 and SHA-256 calculations,
|
---|
| 1482 | therefore one of the available SSL backends is selected at compile
|
---|
| 1483 | time, in a strict order of preference.
|
---|
| 1484 |
|
---|
| 1485 | Let's introduce a new `HAVE_NSS_CONTEXT` constant that can be used
|
---|
| 1486 | to determine whether the SSL backend used for Metalink is the NSS
|
---|
| 1487 | backend, and use that to guard the code that wants to de-initialize
|
---|
| 1488 | the NSS-specific data structure.
|
---|
| 1489 |
|
---|
| 1490 | Ref: https://github.com/curl/curl/pull/1848
|
---|
| 1491 |
|
---|
| 1492 | - ntlm: use strict order for SSL backend #if branches
|
---|
| 1493 |
|
---|
| 1494 | With the recently introduced MultiSSL support multiple SSL backends
|
---|
| 1495 | can be compiled into cURL That means that now the order of the SSL
|
---|
| 1496 |
|
---|
| 1497 | One option would be to use the same SSL backend as was configured
|
---|
| 1498 | via `curl_global_sslset()`, however, NTLMv2 support would appear
|
---|
| 1499 | to be available only with some SSL backends. For example, when
|
---|
| 1500 | eb88d778e (ntlm: Use Windows Crypt API, 2014-12-02) introduced
|
---|
| 1501 | support for NTLMv1 using Windows' Crypt API, it specifically did
|
---|
| 1502 | *not* introduce NTLMv2 support using Crypt API at the same time.
|
---|
| 1503 |
|
---|
| 1504 | So let's select one specific SSL backend for NTLM support when
|
---|
| 1505 | compiled with multiple SSL backends, using a priority order such
|
---|
| 1506 | that we support NTLMv2 even if only one compiled-in SSL backend can
|
---|
| 1507 | be used for that.
|
---|
| 1508 |
|
---|
| 1509 | Ref: https://github.com/curl/curl/pull/1848
|
---|
| 1510 |
|
---|
| 1511 | Daniel Stenberg (22 Sep 2017)
|
---|
| 1512 | - symbols-in-versions: add CURLSSLSET_NO_BACKENDS
|
---|
| 1513 |
|
---|
| 1514 | ...fixup from b8e0fe19ec
|
---|
| 1515 |
|
---|
| 1516 | - imap: quote atoms properly when escaping characters
|
---|
| 1517 |
|
---|
| 1518 | Updates test 800 to verify
|
---|
| 1519 |
|
---|
| 1520 | Fixes #1902
|
---|
| 1521 | Closes #1903
|
---|
| 1522 |
|
---|
| 1523 | - tests: make the imap server not verify user+password
|
---|
| 1524 |
|
---|
| 1525 | ... as the test cases themselves do that and it makes it easier to add
|
---|
| 1526 | crazy test cases.
|
---|
| 1527 |
|
---|
| 1528 | Test 800 updated to use user name + password that need quoting.
|
---|
| 1529 |
|
---|
| 1530 | Test 856 updated to trigger an auth fail differently.
|
---|
| 1531 |
|
---|
| 1532 | Ref: #1902
|
---|
| 1533 |
|
---|
| 1534 | - vtls: provide curl_global_sslset() even in non-SSL builds
|
---|
| 1535 |
|
---|
| 1536 | ... it just returns error:
|
---|
| 1537 |
|
---|
| 1538 | Bug: https://github.com/curl/curl/commit/1328f69d53f2f2e937696ea954c480412b018451#commitcomment-24470367
|
---|
| 1539 | Reported-by: Marcel Raad
|
---|
| 1540 |
|
---|
| 1541 | Closes #1906
|
---|
| 1542 |
|
---|
| 1543 | Patrick Monnerat (22 Sep 2017)
|
---|
| 1544 | - form/mime: field names are not allowed to contain zero-valued bytes.
|
---|
| 1545 |
|
---|
| 1546 | Also suppress length argument of curl_mime_name() (names are always
|
---|
| 1547 | zero-terminated).
|
---|
| 1548 |
|
---|
| 1549 | Daniel Stenberg (21 Sep 2017)
|
---|
| 1550 | - [Dirk Feytons brought this change]
|
---|
| 1551 |
|
---|
| 1552 | openssl: only verify RSA private key if supported
|
---|
| 1553 |
|
---|
| 1554 | In some cases the RSA key does not support verifying it because it's
|
---|
| 1555 | located on a smart card, an engine wants to hide it, ...
|
---|
| 1556 | Check the flags on the key before trying to verify it.
|
---|
| 1557 | OpenSSL does the same thing internally; see ssl/ssl_rsa.c
|
---|
| 1558 |
|
---|
| 1559 | Closes #1904
|
---|
| 1560 |
|
---|
| 1561 | Marcel Raad (21 Sep 2017)
|
---|
| 1562 | - examples/post-callback: use long for CURLOPT_POSTFIELDSIZE
|
---|
| 1563 |
|
---|
| 1564 | Otherwise, typecheck-gcc.h warns on MinGW-w64.
|
---|
| 1565 |
|
---|
| 1566 | Patrick Monnerat (20 Sep 2017)
|
---|
| 1567 | - mime: rephrase the multipart output state machine (#1898) ...
|
---|
| 1568 |
|
---|
| 1569 | ... in hope coverity will like it much.
|
---|
| 1570 |
|
---|
| 1571 | - mime: fix an explicit null dereference (#1899)
|
---|
| 1572 |
|
---|
| 1573 | Daniel Stenberg (20 Sep 2017)
|
---|
| 1574 | - curl: check fseek() return code and bail on error
|
---|
| 1575 |
|
---|
| 1576 | Detected by coverity. CID 1418137.
|
---|
| 1577 |
|
---|
| 1578 | - smtp: fix memory leak in OOM
|
---|
| 1579 |
|
---|
| 1580 | Regression since ce0881edee
|
---|
| 1581 |
|
---|
| 1582 | Coverity CID 1418139 and CID 1418136 found it, but it was also seen in
|
---|
| 1583 | torture testing.
|
---|
| 1584 |
|
---|
| 1585 | - RELEASE-NOTES: synced with 5fe85587c
|
---|
| 1586 |
|
---|
| 1587 | - [Pavel P brought this change]
|
---|
| 1588 |
|
---|
| 1589 | cookies: use lock when using CURLINFO_COOKIELIST
|
---|
| 1590 |
|
---|
| 1591 | Closes #1896
|
---|
| 1592 |
|
---|
| 1593 | - [Max Dymond brought this change]
|
---|
| 1594 |
|
---|
| 1595 | ossfuzz: changes before merging the generated corpora
|
---|
| 1596 |
|
---|
| 1597 | Before merging in the oss-fuzz corpora from Google, there are some changes
|
---|
| 1598 | to the fuzzer.
|
---|
| 1599 | - Add a read corpus script, to display corpus files nicely.
|
---|
| 1600 | - Change the behaviour of the fuzzer so that TLV parse failures all now
|
---|
| 1601 | go down the same execution paths, which should reduce the size of the
|
---|
| 1602 | corpora.
|
---|
| 1603 | - Make unknown TLVs a failure to parse, which should decrease the size
|
---|
| 1604 | of the corpora as well.
|
---|
| 1605 |
|
---|
| 1606 | Closes #1881
|
---|
| 1607 |
|
---|
| 1608 | - mime:escape_string minor clarification change
|
---|
| 1609 |
|
---|
| 1610 | ... as it also removes a warning with old gcc versions.
|
---|
| 1611 |
|
---|
| 1612 | Bug: https://curl.haxx.se/mail/lib-2017-09/0049.html
|
---|
| 1613 | Reported-by: Ben Greear
|
---|
| 1614 |
|
---|
| 1615 | - [Max Dymond brought this change]
|
---|
| 1616 |
|
---|
| 1617 | ossfuzz: don't write out to stdout
|
---|
| 1618 |
|
---|
| 1619 | Don't make the fuzzer write out to stdout - instead write some of the
|
---|
| 1620 | contents to a memory block so we exercise the data output code but
|
---|
| 1621 | quietly.
|
---|
| 1622 |
|
---|
| 1623 | Closes #1885
|
---|
| 1624 |
|
---|
| 1625 | - cookies: reject oversized cookies
|
---|
| 1626 |
|
---|
| 1627 | ... instead of truncating them.
|
---|
| 1628 |
|
---|
| 1629 | There's no fixed limit for acceptable cookie names in RFC 6265, but the
|
---|
| 1630 | entire cookie is said to be less than 4096 bytes (section 6.1). This is
|
---|
| 1631 | also what browsers seem to implement.
|
---|
| 1632 |
|
---|
| 1633 | We now allow max 5000 bytes cookie header. Max 4095 bytes length per
|
---|
| 1634 | cookie name and value. Name + value together may not exceed 4096 bytes.
|
---|
| 1635 |
|
---|
| 1636 | Added test 1151 to verify
|
---|
| 1637 |
|
---|
| 1638 | Bug: https://curl.haxx.se/mail/lib-2017-09/0062.html
|
---|
| 1639 | Reported-by: Kevin Smith
|
---|
| 1640 |
|
---|
| 1641 | Closes #1894
|
---|
| 1642 |
|
---|
| 1643 | - travis: on mac, don't install openssl or libidn
|
---|
| 1644 |
|
---|
| 1645 | - openssl is already installed and causes warnings when trying to
|
---|
| 1646 | install again
|
---|
| 1647 |
|
---|
| 1648 | - libidn isn't used these days, and homebrew doesn't seem to have a
|
---|
| 1649 | libidn2 package to replace with easily
|
---|
| 1650 |
|
---|
| 1651 | Closes #1895
|
---|
| 1652 |
|
---|
| 1653 | - curl: make str2udouble not return values on error
|
---|
| 1654 |
|
---|
| 1655 | ... previously it would store a return value even when it returned
|
---|
| 1656 | error, which could make the value get used anyway!
|
---|
| 1657 |
|
---|
| 1658 | Reported-by: Brian Carpenter
|
---|
| 1659 | Closes #1893
|
---|
| 1660 |
|
---|
| 1661 | Jay Satiro (18 Sep 2017)
|
---|
| 1662 | - socks: fix incorrect port number in SOCKS4 error message
|
---|
| 1663 |
|
---|
| 1664 | Prior to this change it appears the SOCKS5 port parsing was erroneously
|
---|
| 1665 | used for the SOCKS4 error message, and as a result an incorrect port
|
---|
| 1666 | would be shown in the error message.
|
---|
| 1667 |
|
---|
| 1668 | Bug: https://github.com/curl/curl/issues/1892
|
---|
| 1669 | Reported-by: Jackarain@users.noreply.github.com
|
---|
| 1670 |
|
---|
| 1671 | - [Marc Aldorasi brought this change]
|
---|
| 1672 |
|
---|
| 1673 | schannel: Support partial send for when data is too large
|
---|
| 1674 |
|
---|
| 1675 | Schannel can only encrypt a certain amount of data at once. Instead of
|
---|
| 1676 | failing when too much data is to be sent at once, send as much data as
|
---|
| 1677 | we can and let the caller send the remaining data by calling send again.
|
---|
| 1678 |
|
---|
| 1679 | Bug: https://curl.haxx.se/mail/lib-2014-07/0033.html
|
---|
| 1680 |
|
---|
| 1681 | Closes https://github.com/curl/curl/pull/1890
|
---|
| 1682 |
|
---|
| 1683 | - [David Benjamin brought this change]
|
---|
| 1684 |
|
---|
| 1685 | openssl: add missing includes
|
---|
| 1686 |
|
---|
| 1687 | lib/vtls/openssl.c uses OpenSSL APIs from BUF_MEM and BIO APIs. Include
|
---|
| 1688 | their headers directly rather than relying on other OpenSSL headers
|
---|
| 1689 | including things.
|
---|
| 1690 |
|
---|
| 1691 | Closes https://github.com/curl/curl/pull/1891
|
---|
| 1692 |
|
---|
| 1693 | Daniel Stenberg (15 Sep 2017)
|
---|
| 1694 | - conversions: fix several compiler warnings
|
---|
| 1695 |
|
---|
| 1696 | - server/getpart: provide dummy function to build conversion enabled
|
---|
| 1697 |
|
---|
| 1698 | - non-ascii: use iconv() with 'char **' argument
|
---|
| 1699 |
|
---|
| 1700 | Bug: https://curl.haxx.se/mail/lib-2017-09/0031.html
|
---|
| 1701 |
|
---|
| 1702 | - escape.c: error: pointer targets differ in signedness
|
---|
| 1703 |
|
---|
| 1704 | - docs: clarify the CURLOPT_INTERLEAVE* options behavior
|
---|
| 1705 |
|
---|
| 1706 | - [Max Dymond brought this change]
|
---|
| 1707 |
|
---|
| 1708 | rtsp: Segfault in rtsp.c when using WRITEDATA
|
---|
| 1709 |
|
---|
| 1710 | If the INTERLEAVEFUNCTION is defined, then use that plus the
|
---|
| 1711 | INTERLEAVEDATA information when writing RTP. Otherwise, use
|
---|
| 1712 | WRITEFUNCTION and WRITEDATA.
|
---|
| 1713 |
|
---|
| 1714 | Fixes #1880
|
---|
| 1715 | Closes #1884
|
---|
| 1716 |
|
---|
| 1717 | Marcel Raad (15 Sep 2017)
|
---|
| 1718 | - [Isaac Boukris brought this change]
|
---|
| 1719 |
|
---|
| 1720 | tests: enable gssapi in travis-ci linux build
|
---|
| 1721 |
|
---|
| 1722 | Closes https://github.com/curl/curl/pull/1687
|
---|
| 1723 |
|
---|
| 1724 | - [Isaac Boukris brought this change]
|
---|
| 1725 |
|
---|
| 1726 | tests: add initial gssapi test using stub implementation
|
---|
| 1727 |
|
---|
| 1728 | The stub implementation is pre-loaded using LD_PRELOAD
|
---|
| 1729 | and emulates common gssapi uses (only builds if curl is
|
---|
| 1730 | initially built with gssapi support).
|
---|
| 1731 |
|
---|
| 1732 | The initial tests are currently disabled for debug builds
|
---|
| 1733 | as LD_PRELOAD is not used then.
|
---|
| 1734 |
|
---|
| 1735 | Ref: https://github.com/curl/curl/pull/1687
|
---|
| 1736 |
|
---|
| 1737 | Daniel Stenberg (15 Sep 2017)
|
---|
| 1738 | - test1150: verify same host fetch using different ports over proxy
|
---|
| 1739 |
|
---|
| 1740 | Closes #1889
|
---|
| 1741 |
|
---|
| 1742 | - URL: on connection re-use, still pick the new remote port
|
---|
| 1743 |
|
---|
| 1744 | ... as when a proxy connection is being re-used, it can still get a
|
---|
| 1745 | different remote port.
|
---|
| 1746 |
|
---|
| 1747 | Fixes #1887
|
---|
| 1748 | Reported-by: Oli Kingshott
|
---|
| 1749 |
|
---|
| 1750 | - RELEASE-NOTES: synced with 87501e57f
|
---|
| 1751 |
|
---|
| 1752 | - code style: remove wrong uses of multiple spaces
|
---|
| 1753 |
|
---|
| 1754 | Closes #1878
|
---|
| 1755 |
|
---|
| 1756 | - checksrc: detect and warn for multiple spaces
|
---|
| 1757 |
|
---|
| 1758 | - code style: use space after semicolon
|
---|
| 1759 |
|
---|
| 1760 | - checksrc: verify space after semicolons
|
---|
| 1761 |
|
---|
| 1762 | - code style: use spaces around pluses
|
---|
| 1763 |
|
---|
| 1764 | - checksrc: detect and warn for lack of spaces next to plus signs
|
---|
| 1765 |
|
---|
| 1766 | - code style: use spaces around equals signs
|
---|
| 1767 |
|
---|
| 1768 | - checksrc: verify spaces around equals signs
|
---|
| 1769 |
|
---|
| 1770 | ... as the code style mandates.
|
---|
| 1771 |
|
---|
| 1772 | - Curl_checkheaders: make it available for IMAP and SMTP too
|
---|
| 1773 |
|
---|
| 1774 | ... not only HTTP uses this now.
|
---|
| 1775 |
|
---|
| 1776 | Closes #1875
|
---|
| 1777 |
|
---|
| 1778 | - travis: add build without HTTP/SMTP/IMAP
|
---|
| 1779 |
|
---|
| 1780 | Jay Satiro (10 Sep 2017)
|
---|
| 1781 | - mbedtls: enable CA path processing
|
---|
| 1782 |
|
---|
| 1783 | CA path processing was implemented when mbedtls.c was added to libcurl
|
---|
| 1784 | in fe7590f, but it was never enabled.
|
---|
| 1785 |
|
---|
| 1786 | Bug: https://github.com/curl/curl/issues/1877
|
---|
| 1787 | Reported-by: SBKarr@users.noreply.github.com
|
---|
| 1788 |
|
---|
| 1789 | Daniel Stenberg (8 Sep 2017)
|
---|
| 1790 | - rtsp: do not call fwrite() with NULL pointer FILE *
|
---|
| 1791 |
|
---|
| 1792 | If the default write callback is used and no destination has been set, a
|
---|
| 1793 | NULL pointer would be passed to fwrite()'s 4th argument.
|
---|
| 1794 |
|
---|
| 1795 | OSS-fuzz bug https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3327
|
---|
| 1796 | (not publicly open yet)
|
---|
| 1797 |
|
---|
| 1798 | Detected by OSS-fuzz
|
---|
| 1799 | Closes #1874
|
---|
| 1800 |
|
---|
| 1801 | - configure: use -Wno-varargs on clang 3.9[.X] debug builds
|
---|
| 1802 |
|
---|
| 1803 | ... to avoid a clang bug
|
---|
| 1804 |
|
---|
| 1805 | - [Max Dymond brought this change]
|
---|
| 1806 |
|
---|
| 1807 | ossfuzz: add some more handled CURL options
|
---|
| 1808 |
|
---|
| 1809 | Add support for HEADER, COOKIE, RANGE, CUSTOMREQUEST, MAIL_RECIPIENT,
|
---|
| 1810 | MAIL_FROM and uploading data.
|
---|
| 1811 |
|
---|
| 1812 | - configure: check for C++ compiler after C, to make it non-fatal
|
---|
| 1813 |
|
---|
| 1814 | The tests for object file/executable file extensions are presumably only
|
---|
| 1815 | done for the first of these macros in the configure file.
|
---|
| 1816 |
|
---|
| 1817 | Bug: https://github.com/curl/curl/pull/1851#issuecomment-327597515
|
---|
| 1818 | Reported-by: Marcel Raad
|
---|
| 1819 | Closes #1873
|
---|
| 1820 |
|
---|
| 1821 | Patrick Monnerat (7 Sep 2017)
|
---|
| 1822 | - form API: add new test 650.
|
---|
| 1823 |
|
---|
| 1824 | Now that the form API is deprecated and not used anymore in curl tool,
|
---|
| 1825 | a lot of its features left untested. Test 650 attempts to check all these
|
---|
| 1826 | features not tested elsewhere.
|
---|
| 1827 |
|
---|
| 1828 | Jay Satiro (7 Sep 2017)
|
---|
| 1829 | - configure: fix curl_off_t check's include order
|
---|
| 1830 |
|
---|
| 1831 | - Prepend srcdir include path instead of append.
|
---|
| 1832 |
|
---|
| 1833 | Prior to this change it was possible that during the check for the size
|
---|
| 1834 | of curl_off_t the include path of a user's already installed curl could
|
---|
| 1835 | come before the include path of the to-be-built curl, resulting in the
|
---|
| 1836 | system.h of the former being incorrectly included for that check.
|
---|
| 1837 |
|
---|
| 1838 | Closes https://github.com/curl/curl/pull/1870
|
---|
| 1839 |
|
---|
| 1840 | Daniel Stenberg (7 Sep 2017)
|
---|
| 1841 | - [Jakub Zakrzewski brought this change]
|
---|
| 1842 |
|
---|
| 1843 | KNOWN_BUGS: Remove CMake symbol hiding issue
|
---|
| 1844 |
|
---|
| 1845 | It has already been fixed in 6140dfc
|
---|
| 1846 |
|
---|
| 1847 | - http-proxy: when not doing CONNECT, that phase is done immediately
|
---|
| 1848 |
|
---|
| 1849 | `conn->connect_state` is NULL when doing a regular non-CONNECT request
|
---|
| 1850 | over the proxy and should therefor be considered complete at once.
|
---|
| 1851 |
|
---|
| 1852 | Fixes #1853
|
---|
| 1853 | Closes #1862
|
---|
| 1854 | Reported-by: Lawrence Wagerfield
|
---|
| 1855 |
|
---|
| 1856 | - [Johannes Schindelin brought this change]
|
---|
| 1857 |
|
---|
| 1858 | OpenSSL: fix yet another mistake while encapsulating SSL backend data
|
---|
| 1859 |
|
---|
| 1860 | Another mistake in my manual fixups of the largely mechanical
|
---|
| 1861 | search-and-replace ("connssl->" -> "BACKEND->"), just like the previous
|
---|
| 1862 | commit concerning HTTPS proxies (and hence not caught during my
|
---|
| 1863 | earlier testing).
|
---|
| 1864 |
|
---|
| 1865 | Fixes #1855
|
---|
| 1866 | Closes #1871
|
---|
| 1867 |
|
---|
| 1868 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 1869 |
|
---|
| 1870 | - [Johannes Schindelin brought this change]
|
---|
| 1871 |
|
---|
| 1872 | OpenSSL: fix erroneous SSL backend encapsulation
|
---|
| 1873 |
|
---|
| 1874 | In d65e6cc4f (vtls: prepare the SSL backends for encapsulated private
|
---|
| 1875 | data, 2017-06-21), this developer prepared for a separation of the
|
---|
| 1876 | private data of the SSL backends from the general connection data.
|
---|
| 1877 |
|
---|
| 1878 | This conversion was partially automated (search-and-replace) and
|
---|
| 1879 | partially manual (e.g. proxy_ssl's backend data).
|
---|
| 1880 |
|
---|
| 1881 | Sadly, there was a crucial error in the manual part, where the wrong
|
---|
| 1882 | handle was used: rather than connecting ssl[sockindex]' BIO to the
|
---|
| 1883 | proxy_ssl[sockindex]', we reconnected proxy_ssl[sockindex]. The reason
|
---|
| 1884 | was an incorrect location to paste "BACKEND->"... d'oh.
|
---|
| 1885 |
|
---|
| 1886 | Reported by Jay Satiro in https://github.com/curl/curl/issues/1855.
|
---|
| 1887 |
|
---|
| 1888 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 1889 |
|
---|
| 1890 | - [Jay Satiro brought this change]
|
---|
| 1891 |
|
---|
| 1892 | vtls: fix memory corruption
|
---|
| 1893 |
|
---|
| 1894 | Ever since 70f1db321 (vtls: encapsulate SSL backend-specific data,
|
---|
| 1895 | 2017-07-28), the code handling HTTPS proxies was broken because the
|
---|
| 1896 | pointer to the SSL backend data was not swapped between
|
---|
| 1897 | conn->ssl[sockindex] and conn->proxy_ssl[sockindex] as intended, but
|
---|
| 1898 | instead set to NULL (causing segmentation faults).
|
---|
| 1899 |
|
---|
| 1900 | [jes: provided the commit message, tested and verified the patch]
|
---|
| 1901 |
|
---|
| 1902 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 1903 |
|
---|
| 1904 | - vtls: switch to CURL_SHA256_DIGEST_LENGTH define
|
---|
| 1905 |
|
---|
| 1906 | ... instead of the prefix-less version since WolfSSL 3.12 now uses an
|
---|
| 1907 | enum with that name that causes build failures for us.
|
---|
| 1908 |
|
---|
| 1909 | Fixes #1865
|
---|
| 1910 | Closes #1867
|
---|
| 1911 | Reported-by: Gisle Vanem
|
---|
| 1912 |
|
---|
| 1913 | - travis: add c-ares enabled builds linux + osx
|
---|
| 1914 |
|
---|
| 1915 | Closes #1868
|
---|
| 1916 |
|
---|
| 1917 | - HISTORY: added some recent items
|
---|
| 1918 |
|
---|
| 1919 | Jay Satiro (6 Sep 2017)
|
---|
| 1920 | - SSL: fix unused parameter warnings
|
---|
| 1921 |
|
---|
| 1922 | Patrick Monnerat (6 Sep 2017)
|
---|
| 1923 | - mime: drop internal FILE * support.
|
---|
| 1924 |
|
---|
| 1925 | - The part kind MIMEKIND_FILE and associated code are suppressed.
|
---|
| 1926 | - Seek data origin offset not used anymore: suppressed.
|
---|
| 1927 | - MIMEKIND_NAMEDFILE renamed MIMEKIND_FILE; associated fields/functions
|
---|
| 1928 | renamed accordingly.
|
---|
| 1929 | - Curl_getformdata() processes stdin via a callback.
|
---|
| 1930 |
|
---|
| 1931 | Daniel Stenberg (6 Sep 2017)
|
---|
| 1932 | - configure: remove --enable-soname-bump and SONAME_BUMP
|
---|
| 1933 |
|
---|
| 1934 | Back in 2008, (and commit 3f3d6ebe665f3) we changed the logic in how we
|
---|
| 1935 | determine the native type for `curl_off_t`. To really make sure we
|
---|
| 1936 | didn't break ABI without bumping SONAME, we introduced logic that
|
---|
| 1937 | attempted to detect that it would use a different size and thus not be
|
---|
| 1938 | compatible. We also provided a manual switch that allowed users to tell
|
---|
| 1939 | configure to bump SONAME by force.
|
---|
| 1940 |
|
---|
| 1941 | Today, we know of no one who ever got a SONAME bump auto-detected and we
|
---|
| 1942 | don't know of anyone who's using the manual bump feature. The auto-
|
---|
| 1943 | detection is also no longer working since we introduced defining
|
---|
| 1944 | curl_off_t in system.h (7.55.0).
|
---|
| 1945 |
|
---|
| 1946 | Finally, this bumping logic is not present in the cmake build.
|
---|
| 1947 |
|
---|
| 1948 | Closes #1861
|
---|
| 1949 |
|
---|
| 1950 | Jay Satiro (6 Sep 2017)
|
---|
| 1951 | - [Gisle Vanem brought this change]
|
---|
| 1952 |
|
---|
| 1953 | vtls: select ssl backend case-insensitive (follow-up)
|
---|
| 1954 |
|
---|
| 1955 | - Do a case-insensitive comparison of CURL_SSL_BACKEND env as well.
|
---|
| 1956 |
|
---|
| 1957 | - Change Curl_strcasecompare calls to strcasecompare
|
---|
| 1958 | (maps to the former but shorter).
|
---|
| 1959 |
|
---|
| 1960 | Follow-up to c290b8f.
|
---|
| 1961 |
|
---|
| 1962 | Bug: https://github.com/curl/curl/commit/c290b8f#commitcomment-24094313
|
---|
| 1963 |
|
---|
| 1964 | Co-authored-by: Jay Satiro
|
---|
| 1965 |
|
---|
| 1966 | - openssl: Integrate Peter Wu's SSLKEYLOGFILE implementation
|
---|
| 1967 |
|
---|
| 1968 | This is an adaptation of 2 of Peter Wu's SSLKEYLOGFILE implementations.
|
---|
| 1969 |
|
---|
| 1970 | The first one, written for old OpenSSL versions:
|
---|
| 1971 | https://git.lekensteyn.nl/peter/wireshark-notes/tree/src/sslkeylog.c
|
---|
| 1972 |
|
---|
| 1973 | The second one, written for BoringSSL and new OpenSSL versions:
|
---|
| 1974 | https://github.com/curl/curl/pull/1346
|
---|
| 1975 |
|
---|
| 1976 | Note the first one is GPL licensed but the author gave permission to
|
---|
| 1977 | waive that license for libcurl.
|
---|
| 1978 |
|
---|
| 1979 | As of right now this feature is disabled by default, and does not have
|
---|
| 1980 | a configure option to enable it. To enable this feature define
|
---|
| 1981 | ENABLE_SSLKEYLOGFILE when building libcurl and set environment
|
---|
| 1982 | variable SSLKEYLOGFILE to a pathname that will receive the keys.
|
---|
| 1983 |
|
---|
| 1984 | And in Wireshark change your preferences to point to that key file:
|
---|
| 1985 | Edit > Preferences > Protocols > SSL > Master-Secret
|
---|
| 1986 |
|
---|
| 1987 | Co-authored-by: Peter Wu
|
---|
| 1988 |
|
---|
| 1989 | Ref: https://github.com/curl/curl/pull/1030
|
---|
| 1990 | Ref: https://github.com/curl/curl/pull/1346
|
---|
| 1991 |
|
---|
| 1992 | Closes https://github.com/curl/curl/pull/1866
|
---|
| 1993 |
|
---|
| 1994 | Patrick Monnerat (5 Sep 2017)
|
---|
| 1995 | - mime: fix a trivial warning.
|
---|
| 1996 |
|
---|
| 1997 | - mime: replace 'struct Curl_mimepart' by 'curl_mimepart' in encoder code.
|
---|
| 1998 |
|
---|
| 1999 | mime_state is now a typedef.
|
---|
| 2000 |
|
---|
| 2001 | - mime: implement encoders.
|
---|
| 2002 |
|
---|
| 2003 | curl_mime_encoder() is operational and documented.
|
---|
| 2004 | curl tool -F option is extended with ";encoder=".
|
---|
| 2005 | curl tool --libcurl option generates calls to curl_mime_encoder().
|
---|
| 2006 | New encoder tests 648 & 649.
|
---|
| 2007 | Test 1404 extended with an encoder specification.
|
---|
| 2008 |
|
---|
| 2009 | - runtests.pl: support attribute "nonewline" in part verify/upload.
|
---|
| 2010 |
|
---|
| 2011 | - [Daniel Stenberg brought this change]
|
---|
| 2012 |
|
---|
| 2013 | fixup data/test1135
|
---|
| 2014 |
|
---|
| 2015 | - [Daniel Stenberg brought this change]
|
---|
| 2016 |
|
---|
| 2017 | mime: unified to use the typedef'd mime structs everywhere
|
---|
| 2018 |
|
---|
| 2019 | ... and slightly edited to follow our code style better.
|
---|
| 2020 |
|
---|
| 2021 | - [Daniel Stenberg brought this change]
|
---|
| 2022 |
|
---|
| 2023 | curl.h: use lower case curl_mime* as for all public symbols
|
---|
| 2024 |
|
---|
| 2025 | - [Daniel Stenberg brought this change]
|
---|
| 2026 |
|
---|
| 2027 | docs/curl_mime_*.3: use correct variable types in examples
|
---|
| 2028 |
|
---|
| 2029 | Kamil Dudka (5 Sep 2017)
|
---|
| 2030 | - openssl: use OpenSSL's default ciphers by default
|
---|
| 2031 |
|
---|
| 2032 | Up2date versions of OpenSSL maintain the default reasonably secure
|
---|
| 2033 | without breaking compatibility, so it is better not to override the
|
---|
| 2034 | default by curl. Suggested at https://bugzilla.redhat.com/1483972
|
---|
| 2035 |
|
---|
| 2036 | Closes #1846
|
---|
| 2037 |
|
---|
| 2038 | Viktor Szakats (5 Sep 2017)
|
---|
| 2039 | - examples/mime: minor example code fixes
|
---|
| 2040 |
|
---|
| 2041 | Daniel Stenberg (5 Sep 2017)
|
---|
| 2042 | - docs/curl_mime_*.3: added examples
|
---|
| 2043 |
|
---|
| 2044 | - configure: add MultiSSL to FEATURES when enabled
|
---|
| 2045 |
|
---|
| 2046 | ...for curl-config and its corresponding test 1014
|
---|
| 2047 |
|
---|
| 2048 | - http-proxy: treat all 2xx as CONNECT success
|
---|
| 2049 |
|
---|
| 2050 | Added test 1904 to verify.
|
---|
| 2051 |
|
---|
| 2052 | Reported-by: Lawrence Wagerfield
|
---|
| 2053 | Fixes #1859
|
---|
| 2054 | Closes #1860
|
---|
| 2055 |
|
---|
| 2056 | - MAIL-ETIQUETTE: added "1.9 Your emails are public"
|
---|
| 2057 |
|
---|
| 2058 | - curl.h: fix "unused checksrc ignore", remove dangling reference
|
---|
| 2059 |
|
---|
| 2060 | ... to a README file that doesn't exist anymore
|
---|
| 2061 |
|
---|
| 2062 | Viktor Szakats (4 Sep 2017)
|
---|
| 2063 | - docs: Update to secure URL versions
|
---|
| 2064 |
|
---|
| 2065 | - mime: use CURL_ZERO_TERMINATED in examples
|
---|
| 2066 |
|
---|
| 2067 | and some minor whitespace fixes
|
---|
| 2068 |
|
---|
| 2069 | Daniel Stenberg (4 Sep 2017)
|
---|
| 2070 | - schannel: return CURLE_SSL_CACERT on failed verification
|
---|
| 2071 |
|
---|
| 2072 | ... not *CACERT_BADFILE as it isn't really because of a bad file.
|
---|
| 2073 |
|
---|
| 2074 | Bug: https://curl.haxx.se/mail/lib-2017-09/0002.html
|
---|
| 2075 | Closes #1858
|
---|
| 2076 |
|
---|
| 2077 | - test1135: fixed after bd8070085f9
|
---|
| 2078 |
|
---|
| 2079 | - examples/post-callback: stop returning one byte at a time
|
---|
| 2080 |
|
---|
| 2081 | ... since people copy and paste code from this example and thus they get
|
---|
| 2082 | an inefficient POST operation without a good reason and sometimes
|
---|
| 2083 | without understanding why.
|
---|
| 2084 |
|
---|
| 2085 | Instead this now returns as much data as possible.
|
---|
| 2086 |
|
---|
| 2087 | - RELEASE-NOTES: fixed the function counter script
|
---|
| 2088 |
|
---|
| 2089 | - curl.h: make the curl_strequal() protos use the same style
|
---|
| 2090 |
|
---|
| 2091 | ... as the other functions. Makes it easier to machine-parse!
|
---|
| 2092 |
|
---|
| 2093 | - docs: curl_mime_*.3 man page formatting edits
|
---|
| 2094 |
|
---|
| 2095 | - RELEASE-NOTES: synced with 1ab9e9b50
|
---|
| 2096 |
|
---|
| 2097 | Patrick Monnerat (4 Sep 2017)
|
---|
| 2098 | - lib: bump version info (soname). Adapt and reenable test 1135.
|
---|
| 2099 |
|
---|
| 2100 | Daniel Stenberg (3 Sep 2017)
|
---|
| 2101 | - headers: move the global_sslset() proto from multi.h to curl.h
|
---|
| 2102 |
|
---|
| 2103 | As it was added to multi.h simply to not break test 1135, which now has
|
---|
| 2104 | been disabled due to the mime API addition anyway and su we can now move
|
---|
| 2105 | the sslset stuff to where the other curl_global_* prototypes are.
|
---|
| 2106 |
|
---|
| 2107 | Patrick Monnerat (3 Sep 2017)
|
---|
| 2108 | - mime: fix signed/unsigned conversions.
|
---|
| 2109 |
|
---|
| 2110 | Use and generate CURL_ZERO_TERMINATED in curl tool and tests.
|
---|
| 2111 |
|
---|
| 2112 | Jay Satiro (3 Sep 2017)
|
---|
| 2113 | - tool_formparse: fix some trivial warnings
|
---|
| 2114 |
|
---|
| 2115 | Patrick Monnerat (3 Sep 2017)
|
---|
| 2116 | - mime: use size_t instead of ssize_t in public API interface.
|
---|
| 2117 |
|
---|
| 2118 | To support telling a string is nul-terminated, symbol CURL_ZERO_TERMINATED
|
---|
| 2119 | has been introduced.
|
---|
| 2120 |
|
---|
| 2121 | Documentation updated accordingly.
|
---|
| 2122 |
|
---|
| 2123 | symbols in versions updated. Added form API symbols deprecation info.
|
---|
| 2124 |
|
---|
| 2125 | - mime: remove support "-" stdin pseudo-file name in curl_mime_filedata().
|
---|
| 2126 |
|
---|
| 2127 | This feature is badly supported in Windows: as a replacement, a caller has
|
---|
| 2128 | to use curl_mime_data_cb() with fread, fseek and possibly fclose
|
---|
| 2129 | callbacks to process opened files.
|
---|
| 2130 |
|
---|
| 2131 | The cli tool and documentation are updated accordingly.
|
---|
| 2132 |
|
---|
| 2133 | The feature is however kept internally for form API compatibility, with
|
---|
| 2134 | the known caveats it always had.
|
---|
| 2135 |
|
---|
| 2136 | As a side effect, stdin size is not determined by the cli tool even if
|
---|
| 2137 | possible and this results in a chunked transfer encoding. Test 173 is
|
---|
| 2138 | updated accordingly.
|
---|
| 2139 |
|
---|
| 2140 | - mime: fix some implicit curl_off_t --> size_t conversion warnings.
|
---|
| 2141 |
|
---|
| 2142 | - mime: tests and examples.
|
---|
| 2143 |
|
---|
| 2144 | Additional mime-specific tests.
|
---|
| 2145 | Existing tests updated to reflect small differences (Expect: 100-continue,
|
---|
| 2146 | data size change due to empty lines, etc).
|
---|
| 2147 | Option -F headers= keyword added to tests.
|
---|
| 2148 | test1135 disabled until the entry point order change is resolved.
|
---|
| 2149 | New example smtp-mime.
|
---|
| 2150 | Examples postit2 and multi-post converted from form API to mime API.
|
---|
| 2151 |
|
---|
| 2152 | - mime: use in curl cli tool instead of form API.
|
---|
| 2153 |
|
---|
| 2154 | Extended -F option syntax to support multipart mail messages.
|
---|
| 2155 | -F keyword headers= added to include custom headers in parts.
|
---|
| 2156 | Documentation upgraded.
|
---|
| 2157 |
|
---|
| 2158 | - mime: new MIME API.
|
---|
| 2159 |
|
---|
| 2160 | Available in HTTP, SMTP and IMAP.
|
---|
| 2161 | Deprecates the FORM API.
|
---|
| 2162 | See CURLOPT_MIMEPOST.
|
---|
| 2163 | Lib code and associated documentation.
|
---|
| 2164 |
|
---|
| 2165 | - test564: Add a warning comment about shell profile output.
|
---|
| 2166 |
|
---|
| 2167 | Shell profile output makes the SSH server failing and this problem reason
|
---|
| 2168 | is not easy to find when no hint is given.
|
---|
| 2169 |
|
---|
| 2170 | - checksrc: disable SPACEBEFOREPAREN for case statement.
|
---|
| 2171 |
|
---|
| 2172 | The case keyword may be followed by a constant expression and thus should
|
---|
| 2173 | allow it to start with an open parenthesis.
|
---|
| 2174 |
|
---|
| 2175 | - runtests.pl: allow <file[1-4]> tags in client section.
|
---|
| 2176 |
|
---|
| 2177 | This enables tests to create more than one file on the client side.
|
---|
| 2178 |
|
---|
| 2179 | - runtests.pl: Apply strippart to upload too.
|
---|
| 2180 |
|
---|
| 2181 | This will allow substitution of boundaries in mail messages.
|
---|
| 2182 |
|
---|
| 2183 | - Curl_base64_encode: always call with a real data handle.
|
---|
| 2184 |
|
---|
| 2185 | Some calls in different modules were setting the data handle to NULL, causing
|
---|
| 2186 | segmentation faults when using builds that enable character code conversions.
|
---|
| 2187 |
|
---|
| 2188 | - non-ascii: allow conversion functions to be called with a NULL data handle.
|
---|
| 2189 |
|
---|
| 2190 | - http: fix a memory leakage in checkrtspprefix().
|
---|
| 2191 |
|
---|
| 2192 | Daniel Stenberg (2 Sep 2017)
|
---|
| 2193 | - [Max Dymond brought this change]
|
---|
| 2194 |
|
---|
| 2195 | ossfuzz: Move to C++ for curl_fuzzer.
|
---|
| 2196 |
|
---|
| 2197 | Automake gets confused if you want to use C++ static libraries with C
|
---|
| 2198 | code - basically we need to involve the clang++ linker. The easiest way
|
---|
| 2199 | of achieving this is to rename the C code as C++ code. This gets us a
|
---|
| 2200 | bit further along the path and ought to be compatible with Google's
|
---|
| 2201 | version of clang.
|
---|
| 2202 |
|
---|
| 2203 | - curl_global_sslset: select backend by name case insensitively
|
---|
| 2204 |
|
---|
| 2205 | Closes #1849
|
---|
| 2206 |
|
---|
| 2207 | - [Max Dymond brought this change]
|
---|
| 2208 |
|
---|
| 2209 | ossfuzz: additional seed corpora
|
---|
| 2210 |
|
---|
| 2211 | Create simple seed corpora for:
|
---|
| 2212 | - FTP
|
---|
| 2213 | - telnet
|
---|
| 2214 | - dict
|
---|
| 2215 | - tftp
|
---|
| 2216 | - imap
|
---|
| 2217 | - pop3
|
---|
| 2218 |
|
---|
| 2219 | based off the tests of the same number.
|
---|
| 2220 |
|
---|
| 2221 | Closes #1842
|
---|
| 2222 |
|
---|
| 2223 | - [Max Dymond brought this change]
|
---|
| 2224 |
|
---|
| 2225 | ossfuzz: moving towards the ideal integration
|
---|
| 2226 |
|
---|
| 2227 | - Start with the basic code from the ossfuzz project.
|
---|
| 2228 | - Rewrite fuzz corpora to be binary files full of Type-Length-Value
|
---|
| 2229 | data, and write a glue layer in the fuzzing function to convert
|
---|
| 2230 | corpora into CURL options.
|
---|
| 2231 | - Have supporting functions to generate corpora from existing tests
|
---|
| 2232 | - Integrate with Makefile.am
|
---|
| 2233 |
|
---|
| 2234 | - strcase: corrected comment header for Curl_strcasecompare()
|
---|
| 2235 |
|
---|
| 2236 | - unit1301: fix error message on first test
|
---|
| 2237 |
|
---|
| 2238 | - curl_global_sslset.3: show the struct and enum too
|
---|
| 2239 |
|
---|
| 2240 | ... so that users can actually write code based on the man page alone,
|
---|
| 2241 | not having to read the header file.
|
---|
| 2242 |
|
---|
| 2243 | Jay Satiro (31 Aug 2017)
|
---|
| 2244 | - darwinssl: handle long strings in TLS certs (follow-up)
|
---|
| 2245 |
|
---|
| 2246 | - Fix handling certificate subjects that are already UTF-8 encoded.
|
---|
| 2247 |
|
---|
| 2248 | Follow-up to b3b75d1 from two days ago. Since then a copy would be
|
---|
| 2249 | skipped if the subject was already UTF-8, possibly resulting in a NULL
|
---|
| 2250 | deref later on.
|
---|
| 2251 |
|
---|
| 2252 | Ref: https://github.com/curl/curl/issues/1823
|
---|
| 2253 | Ref: https://github.com/curl/curl/pull/1831
|
---|
| 2254 |
|
---|
| 2255 | Closes https://github.com/curl/curl/pull/1836
|
---|
| 2256 |
|
---|
| 2257 | Daniel Stenberg (31 Aug 2017)
|
---|
| 2258 | - cyassl: call it the "WolfSSL" backend
|
---|
| 2259 |
|
---|
| 2260 | ... instead of cyassl, as this is the current name for it.
|
---|
| 2261 |
|
---|
| 2262 | Closes #1844
|
---|
| 2263 |
|
---|
| 2264 | - polarssl: fix multissl breakage
|
---|
| 2265 |
|
---|
| 2266 | Reported-by: Dan Fandrich
|
---|
| 2267 | Bug: https://curl.haxx.se/mail/lib-2017-08/0121.html
|
---|
| 2268 | Closes #1843
|
---|
| 2269 |
|
---|
| 2270 | - configure: remove the leading comma from the backends list
|
---|
| 2271 |
|
---|
| 2272 | ... when darwinssl is used.
|
---|
| 2273 |
|
---|
| 2274 | Reported-by: Viktor Szakats
|
---|
| 2275 | Bug: https://github.com/curl/curl/commit/b0989cd3abaff4f9a0717b4875022fa79e33b481#commitcomment-23943493
|
---|
| 2276 |
|
---|
| 2277 | Closes #1845
|
---|
| 2278 |
|
---|
| 2279 | Kamil Dudka (30 Aug 2017)
|
---|
| 2280 | - examples/sslbackend.c: fix failure of 'make checksrc'
|
---|
| 2281 |
|
---|
| 2282 | ./sslbackend.c:58:3: warning: else after closing brace on same line (BRACEELSE)
|
---|
| 2283 | } else if(isdigit(*name)) {
|
---|
| 2284 | ^
|
---|
| 2285 | ./sslbackend.c:62:3: warning: else after closing brace on same line (BRACEELSE)
|
---|
| 2286 | } else
|
---|
| 2287 | ^
|
---|
| 2288 |
|
---|
| 2289 | Viktor Szakats (30 Aug 2017)
|
---|
| 2290 | - makefile.m32: add multissl support
|
---|
| 2291 |
|
---|
| 2292 | Closes https://github.com/curl/curl/pull/1840
|
---|
| 2293 |
|
---|
| 2294 | Daniel Stenberg (30 Aug 2017)
|
---|
| 2295 | - curl.h: CURLSSLBACKEND_WOLFSSL used wrong value
|
---|
| 2296 |
|
---|
| 2297 | The CURLSSLBACKEND_WOLFSSL is supposed to be an alias for
|
---|
| 2298 | CURLSSLBACKEND_CYASSL, but used an erronous value. To reduce the risk
|
---|
| 2299 | for a similar mistake, define the backend aliases to use the enum values
|
---|
| 2300 | instead.
|
---|
| 2301 |
|
---|
| 2302 | Reported-by: Gisle Vanem
|
---|
| 2303 | Bug: https://curl.haxx.se/mail/lib-2017-08/0120.html
|
---|
| 2304 |
|
---|
| 2305 | - curl_global_sslset.3: clarify
|
---|
| 2306 |
|
---|
| 2307 | it is a one time *set*, not necessarily a one time use... it can be
|
---|
| 2308 | called again if the first call failed or just listed the alternatives.
|
---|
| 2309 |
|
---|
| 2310 | clarify that the available backends are the ones this build supports
|
---|
| 2311 |
|
---|
| 2312 | plus add some formatting
|
---|
| 2313 |
|
---|
| 2314 | Reported-by: Rich Gray
|
---|
| 2315 | Bug: https://curl.haxx.se/mail/lib-2017-08/0119.html
|
---|
| 2316 |
|
---|
| 2317 | - curl/multi.h: remove duplicated closing c++ brace
|
---|
| 2318 |
|
---|
| 2319 | Regression since 1328f69d53f2f2e93
|
---|
| 2320 |
|
---|
| 2321 | Fixes #1841
|
---|
| 2322 | Reported-by: Andrei Karas
|
---|
| 2323 |
|
---|
| 2324 | - RELEASE-NOTES: synced with 8c33c963a
|
---|
| 2325 |
|
---|
| 2326 | - HELP-US.md: spelling
|
---|
| 2327 |
|
---|
| 2328 | - HELP-US.md: "How to get started helping out in the curl project"
|
---|
| 2329 |
|
---|
| 2330 | Closes #1837
|
---|
| 2331 |
|
---|
| 2332 | Dan Fandrich (29 Aug 2017)
|
---|
| 2333 | - asyn-thread: Fixed cleanup after OOM
|
---|
| 2334 |
|
---|
| 2335 | destroy_async_data() assumes that if the flag "done" is not set yet, the
|
---|
| 2336 | thread itself will clean up once the request is complete. But if an
|
---|
| 2337 | error (generally OOM) occurs before the thread even has a chance to
|
---|
| 2338 | start, it will never get a chance to clean up and memory will be leaked.
|
---|
| 2339 | By clearing "done" only just before starting the thread, the correct
|
---|
| 2340 | cleanup sequence will happen in all cases.
|
---|
| 2341 |
|
---|
| 2342 | Daniel Stenberg (28 Aug 2017)
|
---|
| 2343 | - curl_global_init.3: mention curl_global_sslset(3)
|
---|
| 2344 |
|
---|
| 2345 | Dan Fandrich (28 Aug 2017)
|
---|
| 2346 | - unit1606: Fixed shadowed variable warning
|
---|
| 2347 |
|
---|
| 2348 | - asyn-thread: Improved cleanup after OOM situations
|
---|
| 2349 |
|
---|
| 2350 | - asyn-thread: Set errno to the proper value ENOMEM in OOM situation
|
---|
| 2351 |
|
---|
| 2352 | This used to be set in some configurations to EAI_MEMORY which is not a
|
---|
| 2353 | valid value for errno and caused Curl_strerror to fail an assertion.
|
---|
| 2354 |
|
---|
| 2355 | Daniel Stenberg (28 Aug 2017)
|
---|
| 2356 | - [Johannes Schindelin brought this change]
|
---|
| 2357 |
|
---|
| 2358 | configure: Handle "MultiSSL" specially When versioning symbols
|
---|
| 2359 |
|
---|
| 2360 | There is a mode in which libcurl is compiled with versioned symbols,
|
---|
| 2361 | depending on the active SSL backend.
|
---|
| 2362 |
|
---|
| 2363 | When multiple SSL backends are active, it does not make sense to favor
|
---|
| 2364 | one over the others, so let's not: introduce a new prefix for the case
|
---|
| 2365 | where multiple SSL backends are compiled into cURL.
|
---|
| 2366 |
|
---|
| 2367 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2368 |
|
---|
| 2369 | - [Johannes Schindelin brought this change]
|
---|
| 2370 |
|
---|
| 2371 | configure: allow setting the default SSL backend
|
---|
| 2372 |
|
---|
| 2373 | Previously, we used as default SSL backend whatever was first in the
|
---|
| 2374 | `available_backends` array.
|
---|
| 2375 |
|
---|
| 2376 | However, some users may want to override that default without patching
|
---|
| 2377 | the source code.
|
---|
| 2378 |
|
---|
| 2379 | Now they can: with the --with-default-ssl-backend=<backend> option of
|
---|
| 2380 | the ./configure script.
|
---|
| 2381 |
|
---|
| 2382 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2383 |
|
---|
| 2384 | - [Johannes Schindelin brought this change]
|
---|
| 2385 |
|
---|
| 2386 | vtls: use Curl_ssl_multi pseudo backend only when needed
|
---|
| 2387 |
|
---|
| 2388 | When only one SSL backend is configured, it is totally unnecessary to
|
---|
| 2389 | let multissl_init() configure the backend at runtime, we can select the
|
---|
| 2390 | correct backend at build time already.
|
---|
| 2391 |
|
---|
| 2392 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2393 |
|
---|
| 2394 | - [Johannes Schindelin brought this change]
|
---|
| 2395 |
|
---|
| 2396 | version: if built with more than one SSL backend, report all of them
|
---|
| 2397 |
|
---|
| 2398 | To discern the active one from the inactive ones, put the latter into
|
---|
| 2399 | parentheses.
|
---|
| 2400 |
|
---|
| 2401 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2402 |
|
---|
| 2403 | - [Johannes Schindelin brought this change]
|
---|
| 2404 |
|
---|
| 2405 | version: add the CURL_VERSION_MULTI_SSL feature flag
|
---|
| 2406 |
|
---|
| 2407 | This new feature flag reports When cURL was built with multiple SSL
|
---|
| 2408 | backends.
|
---|
| 2409 |
|
---|
| 2410 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2411 |
|
---|
| 2412 | - [Johannes Schindelin brought this change]
|
---|
| 2413 |
|
---|
| 2414 | metalink: allow compiling with multiple SSL backends
|
---|
| 2415 |
|
---|
| 2416 | Previously, the code assumed that at most one of the SSL backends would
|
---|
| 2417 | be compiled in, emulating OpenSSL's functions if the configured backend
|
---|
| 2418 | was not OpenSSL itself.
|
---|
| 2419 |
|
---|
| 2420 | However, now we allow building with multiple SSL backends and choosing
|
---|
| 2421 | one at runtime. Therefore, metalink needs to be adjusted to handle this
|
---|
| 2422 | scenario, too.
|
---|
| 2423 |
|
---|
| 2424 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2425 |
|
---|
| 2426 | - [Johannes Schindelin brought this change]
|
---|
| 2427 |
|
---|
| 2428 | docs/examples: demonstrate how to select SSL backends
|
---|
| 2429 |
|
---|
| 2430 | The newly-introduced curl_global_sslset() function deserves to be
|
---|
| 2431 | show-cased.
|
---|
| 2432 |
|
---|
| 2433 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2434 |
|
---|
| 2435 | - [Johannes Schindelin brought this change]
|
---|
| 2436 |
|
---|
| 2437 | Add a man page for curl_global_sslset()
|
---|
| 2438 |
|
---|
| 2439 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2440 |
|
---|
| 2441 | - [Johannes Schindelin brought this change]
|
---|
| 2442 |
|
---|
| 2443 | vtls: introduce curl_global_sslset()
|
---|
| 2444 |
|
---|
| 2445 | Let's add a compile time safe API to select an SSL backend. This
|
---|
| 2446 | function needs to be called *before* curl_global_init(), and can be
|
---|
| 2447 | called only once.
|
---|
| 2448 |
|
---|
| 2449 | Side note: we do not explicitly test that it is called before
|
---|
| 2450 | curl_global_init(), but we do verify that it is not called multiple times
|
---|
| 2451 | (even implicitly).
|
---|
| 2452 |
|
---|
| 2453 | If SSL is used before the function was called, it will use whatever the
|
---|
| 2454 | CURL_SSL_BACKEND environment variable says (or default to the first
|
---|
| 2455 | available SSL backend), and if a subsequent call to
|
---|
| 2456 | curl_global_sslset() disagrees with the previous choice, it will fail
|
---|
| 2457 | with CURLSSLSET_TOO_LATE.
|
---|
| 2458 |
|
---|
| 2459 | The function also accepts an "avail" parameter to point to a (read-only)
|
---|
| 2460 | NULL-terminated list of available backends. This comes in real handy if
|
---|
| 2461 | an application wants to let the user choose between whatever SSL backends
|
---|
| 2462 | the currently available libcurl has to offer: simply call
|
---|
| 2463 |
|
---|
| 2464 | curl_global_sslset(-1, NULL, &avail);
|
---|
| 2465 |
|
---|
| 2466 | which will return CURLSSLSET_UNKNOWN_BACKEND and populate the avail
|
---|
| 2467 | variable to point to the relevant information to present to the user.
|
---|
| 2468 |
|
---|
| 2469 | Just like with the HTTP/2 push functions, we have to add the function
|
---|
| 2470 | declaration of curl_global_sslset() function to the header file
|
---|
| 2471 | *multi.h* because VMS and OS/400 require a stable order of functions
|
---|
| 2472 | declared in include/curl/*.h (where the header files are sorted
|
---|
| 2473 | alphabetically). This looks a bit funny, but it cannot be helped.
|
---|
| 2474 |
|
---|
| 2475 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2476 |
|
---|
| 2477 | - [Johannes Schindelin brought this change]
|
---|
| 2478 |
|
---|
| 2479 | vtls: refactor out essential information about the SSL backends
|
---|
| 2480 |
|
---|
| 2481 | There is information about the compiled-in SSL backends that is really
|
---|
| 2482 | no concern of any code other than the SSL backend itself, such as which
|
---|
| 2483 | function (if any) implements SHA-256 summing.
|
---|
| 2484 |
|
---|
| 2485 | And there is information that is really interesting to the user, such as
|
---|
| 2486 | the name, or the curl_sslbackend value.
|
---|
| 2487 |
|
---|
| 2488 | Let's factor out the latter into a publicly visible struct. This
|
---|
| 2489 | information will be used in the upcoming API to set the SSL backend
|
---|
| 2490 | globally.
|
---|
| 2491 |
|
---|
| 2492 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2493 |
|
---|
| 2494 | - [Johannes Schindelin brought this change]
|
---|
| 2495 |
|
---|
| 2496 | vtls: allow selecting which SSL backend to use at runtime
|
---|
| 2497 |
|
---|
| 2498 | When building software for the masses, it is sometimes not possible to
|
---|
| 2499 | decide for all users which SSL backend is appropriate.
|
---|
| 2500 |
|
---|
| 2501 | Git for Windows, for example, uses cURL to perform clones, fetches and
|
---|
| 2502 | pushes via HTTPS, and some users strongly prefer OpenSSL, while other
|
---|
| 2503 | users really need to use Secure Channel because it offers
|
---|
| 2504 | enterprise-ready tools to manage credentials via Windows' Credential
|
---|
| 2505 | Store.
|
---|
| 2506 |
|
---|
| 2507 | The current Git for Windows versions use the ugly work-around of
|
---|
| 2508 | building libcurl once with OpenSSL support and once with Secure Channel
|
---|
| 2509 | support, and switching out the binaries in the installer depending on
|
---|
| 2510 | the user's choice.
|
---|
| 2511 |
|
---|
| 2512 | Needless to say, this is a super ugly workaround that actually only
|
---|
| 2513 | works in some cases: Git for Windows also comes in a portable form, and
|
---|
| 2514 | in a form intended for third-party applications requiring Git
|
---|
| 2515 | functionality, in which cases this "swap out libcurl-4.dll" simply is
|
---|
| 2516 | not an option.
|
---|
| 2517 |
|
---|
| 2518 | Therefore, the Git for Windows project has a vested interest in teaching
|
---|
| 2519 | cURL to make the SSL backend a *runtime* option.
|
---|
| 2520 |
|
---|
| 2521 | This patch makes that possible.
|
---|
| 2522 |
|
---|
| 2523 | By running ./configure with multiple --with-<backend> options, cURL will
|
---|
| 2524 | be built with multiple backends.
|
---|
| 2525 |
|
---|
| 2526 | For the moment, the backend can be configured using the environment
|
---|
| 2527 | variable CURL_SSL_BACKEND (valid values are e.g. "openssl" and
|
---|
| 2528 | "schannel").
|
---|
| 2529 |
|
---|
| 2530 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2531 |
|
---|
| 2532 | - [Johannes Schindelin brought this change]
|
---|
| 2533 |
|
---|
| 2534 | vtls: fold the backend ID into the Curl_ssl structure
|
---|
| 2535 |
|
---|
| 2536 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2537 |
|
---|
| 2538 | - [Johannes Schindelin brought this change]
|
---|
| 2539 |
|
---|
| 2540 | curl_ntlm_core: don't complain but #include OpenSSL header if needed
|
---|
| 2541 |
|
---|
| 2542 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2543 |
|
---|
| 2544 | - [Johannes Schindelin brought this change]
|
---|
| 2545 |
|
---|
| 2546 | vtls: encapsulate SSL backend-specific data
|
---|
| 2547 |
|
---|
| 2548 | So far, all of the SSL backends' private data has been declared as
|
---|
| 2549 | part of the ssl_connect_data struct, in one big #if .. #elif .. #endif
|
---|
| 2550 | block.
|
---|
| 2551 |
|
---|
| 2552 | This can only work as long as the SSL backend is a compile-time option,
|
---|
| 2553 | something we want to change in the next commits.
|
---|
| 2554 |
|
---|
| 2555 | Therefore, let's encapsulate the exact data needed by each SSL backend
|
---|
| 2556 | into a private struct, and let's avoid bleeding any SSL backend-specific
|
---|
| 2557 | information into urldata.h. This is also necessary to allow multiple SSL
|
---|
| 2558 | backends to be compiled in at the same time, as e.g. OpenSSL's and
|
---|
| 2559 | CyaSSL's headers cannot be included in the same .c file.
|
---|
| 2560 |
|
---|
| 2561 | To avoid too many malloc() calls, we simply append the private structs
|
---|
| 2562 | to the connectdata struct in allocate_conn().
|
---|
| 2563 |
|
---|
| 2564 | This requires us to take extra care of alignment issues: struct fields
|
---|
| 2565 | often need to be aligned on certain boundaries e.g. 32-bit values need to
|
---|
| 2566 | be stored at addresses that divide evenly by 4 (= 32 bit / 8
|
---|
| 2567 | bit-per-byte).
|
---|
| 2568 |
|
---|
| 2569 | We do that by assuming that no SSL backend's private data contains any
|
---|
| 2570 | fields that need to be aligned on boundaries larger than `long long`
|
---|
| 2571 | (typically 64-bit) would need. Under this assumption, we simply add a
|
---|
| 2572 | dummy field of type `long long` to the `struct connectdata` struct. This
|
---|
| 2573 | field will never be accessed but acts as a placeholder for the four
|
---|
| 2574 | instances of ssl_backend_data instead. the size of each ssl_backend_data
|
---|
| 2575 | struct is stored in the SSL backend-specific metadata, to allow
|
---|
| 2576 | allocate_conn() to know how much extra space to allocate, and how to
|
---|
| 2577 | initialize the ssl[sockindex]->backend and proxy_ssl[sockindex]->backend
|
---|
| 2578 | pointers.
|
---|
| 2579 |
|
---|
| 2580 | This would appear to be a little complicated at first, but is really
|
---|
| 2581 | necessary to encapsulate the private data of each SSL backend correctly.
|
---|
| 2582 | And we need to encapsulate thusly if we ever want to allow selecting
|
---|
| 2583 | CyaSSL and OpenSSL at runtime, as their headers cannot be included within
|
---|
| 2584 | the same .c file (there are just too many conflicting definitions and
|
---|
| 2585 | declarations for that).
|
---|
| 2586 |
|
---|
| 2587 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2588 |
|
---|
| 2589 | - [Johannes Schindelin brought this change]
|
---|
| 2590 |
|
---|
| 2591 | vtls: prepare the SSL backends for encapsulated private data
|
---|
| 2592 |
|
---|
| 2593 | At the moment, cURL's SSL backend needs to be configured at build time.
|
---|
| 2594 | As such, it is totally okay for them to hard-code their backend-specific
|
---|
| 2595 | data in the ssl_connect_data struct.
|
---|
| 2596 |
|
---|
| 2597 | In preparation for making the SSL backend a runtime option, let's make
|
---|
| 2598 | the access of said private data a bit more abstract so that it can be
|
---|
| 2599 | adjusted later in an easy manner.
|
---|
| 2600 |
|
---|
| 2601 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2602 |
|
---|
| 2603 | - [Johannes Schindelin brought this change]
|
---|
| 2604 |
|
---|
| 2605 | urldata.h: move SSPI-specific #include to correct location
|
---|
| 2606 |
|
---|
| 2607 | In 86b889485 (sasl_gssapi: Added GSS-API based Kerberos V5 variables,
|
---|
| 2608 | 2014-12-03), an SSPI-specific field was added to the kerberos5data
|
---|
| 2609 | struct without moving the #include "curl_sspi.h" later in the same file.
|
---|
| 2610 |
|
---|
| 2611 | This broke the build when SSPI was enabled, unless Secure Channel was
|
---|
| 2612 | used as SSL backend, because it just so happens that Secure Channel also
|
---|
| 2613 | requires "curl_sspi.h" to be #included.
|
---|
| 2614 |
|
---|
| 2615 | In f4739f639 (urldata: include curl_sspi.h when Windows SSPI is enabled,
|
---|
| 2616 | 2017-02-21), this bug was fixed incorrectly: Instead of moving the
|
---|
| 2617 | appropriate conditional #include, the Secure Channel-conditional part
|
---|
| 2618 | was now also SSPI-conditional.
|
---|
| 2619 |
|
---|
| 2620 | Fix this problem by moving the correct #include instead.
|
---|
| 2621 |
|
---|
| 2622 | This is also required for an upcoming patch that moves all the Secure
|
---|
| 2623 | Channel-specific stuff out of urldata.h and encapsulates it properly in
|
---|
| 2624 | vtls/schannel.c instead.
|
---|
| 2625 |
|
---|
| 2626 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2627 |
|
---|
| 2628 | - [Johannes Schindelin brought this change]
|
---|
| 2629 |
|
---|
| 2630 | urldata.h: remove support for obsolete PolarSSL version
|
---|
| 2631 |
|
---|
| 2632 | Since 5017d5ada (polarssl: now require 1.3.0+, 2014-03-17), we require
|
---|
| 2633 | a newer PolarSSL version. No need to keep code trying to support any
|
---|
| 2634 | older version.
|
---|
| 2635 |
|
---|
| 2636 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2637 |
|
---|
| 2638 | - [Johannes Schindelin brought this change]
|
---|
| 2639 |
|
---|
| 2640 | getinfo: access SSL internals via Curl_ssl
|
---|
| 2641 |
|
---|
| 2642 | In the ongoing endeavor to abstract out all SSL backend-specific
|
---|
| 2643 | functionality, this is the next step: Instead of hard-coding how the
|
---|
| 2644 | different SSL backends access their internal data in getinfo.c, let's
|
---|
| 2645 | implement backend-specific functions to do that task.
|
---|
| 2646 |
|
---|
| 2647 | This will also allow for switching SSL backends as a runtime option.
|
---|
| 2648 |
|
---|
| 2649 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2650 |
|
---|
| 2651 | - [Johannes Schindelin brought this change]
|
---|
| 2652 |
|
---|
| 2653 | vtls: move SSL backends' private constants out of their header files
|
---|
| 2654 |
|
---|
| 2655 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2656 |
|
---|
| 2657 | - [Johannes Schindelin brought this change]
|
---|
| 2658 |
|
---|
| 2659 | axtls: use Curl_none_* versions of init() and cleanup()
|
---|
| 2660 |
|
---|
| 2661 | There are convenient no-op versions of the init/cleanup functions now,
|
---|
| 2662 | no need to define private ones for axTLS.
|
---|
| 2663 |
|
---|
| 2664 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2665 |
|
---|
| 2666 | - [Johannes Schindelin brought this change]
|
---|
| 2667 |
|
---|
| 2668 | vtls: remove obsolete declarations of SSL backend functionality
|
---|
| 2669 |
|
---|
| 2670 | These functions are all available via the Curl_ssl struct now, no need
|
---|
| 2671 | to declare them separately anymore.
|
---|
| 2672 |
|
---|
| 2673 | As the global declarations are removed, the corresponding function
|
---|
| 2674 | definitions are marked as file-local. The only two exceptions here are
|
---|
| 2675 | Curl_mbedtls_shutdown() and Curl_polarssl_shutdown(): only the
|
---|
| 2676 | declarations were removed, there are no function definitions to mark
|
---|
| 2677 | file-local.
|
---|
| 2678 |
|
---|
| 2679 | Please note that Curl_nss_force_init() is *still* declared globally, as
|
---|
| 2680 | the only SSL backend-specific function, because it was introduced
|
---|
| 2681 | specifically for the use case where cURL was compiled with
|
---|
| 2682 | `--without-ssl --with-nss`. For details, see f3b77e561 (http_ntlm: add
|
---|
| 2683 | support for NSS, 2010-06-27).
|
---|
| 2684 |
|
---|
| 2685 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2686 |
|
---|
| 2687 | - [Johannes Schindelin brought this change]
|
---|
| 2688 |
|
---|
| 2689 | schannel: reorder functions topologically
|
---|
| 2690 |
|
---|
| 2691 | The _shutdown() function calls the _session_free() function; While this
|
---|
| 2692 | is not a problem now (because schannel.h declares both functions), a
|
---|
| 2693 | patch looming in the immediate future with make all of these functions
|
---|
| 2694 | file-local.
|
---|
| 2695 |
|
---|
| 2696 | So let's just move the _session_free() function's definition before it
|
---|
| 2697 | is called.
|
---|
| 2698 |
|
---|
| 2699 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2700 |
|
---|
| 2701 | - [Johannes Schindelin brought this change]
|
---|
| 2702 |
|
---|
| 2703 | axtls: reorder functions topologically
|
---|
| 2704 |
|
---|
| 2705 | The connect_finish() function (like many other functions after it) calls
|
---|
| 2706 | the Curl_axtls_close() function; While this is not a problem now
|
---|
| 2707 | (because axtls.h declares the latter function), a patch looming in the
|
---|
| 2708 | immediate future with make all of these functions file-local.
|
---|
| 2709 |
|
---|
| 2710 | So let's just move the Curl_axtls_close() function's definition before
|
---|
| 2711 | it is called.
|
---|
| 2712 |
|
---|
| 2713 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2714 |
|
---|
| 2715 | - [Johannes Schindelin brought this change]
|
---|
| 2716 |
|
---|
| 2717 | vtls: move the SUPPORT_HTTPS_PROXY flag into the Curl_ssl struct
|
---|
| 2718 |
|
---|
| 2719 | That will allow us to choose the SSL backend at runtime.
|
---|
| 2720 |
|
---|
| 2721 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2722 |
|
---|
| 2723 | - [Johannes Schindelin brought this change]
|
---|
| 2724 |
|
---|
| 2725 | vtls: convert the have_curlssl_* constants to runtime flags
|
---|
| 2726 |
|
---|
| 2727 | The entire idea of introducing the Curl_ssl struct to describe SSL
|
---|
| 2728 | backends is to prepare for choosing the SSL backend at runtime.
|
---|
| 2729 |
|
---|
| 2730 | To that end, convert all the #ifdef have_curlssl_* style conditionals
|
---|
| 2731 | to use bit flags instead.
|
---|
| 2732 |
|
---|
| 2733 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2734 |
|
---|
| 2735 | - [Johannes Schindelin brought this change]
|
---|
| 2736 |
|
---|
| 2737 | vtls: move sha256sum into the Curl_ssl struct
|
---|
| 2738 |
|
---|
| 2739 | The SHA-256 checksumming is also an SSL backend-specific function.
|
---|
| 2740 | Let's include it in the struct declaring the functionality of SSL
|
---|
| 2741 | backends.
|
---|
| 2742 |
|
---|
| 2743 | In contrast to MD5, there is no fall-back code. To indicate this, the
|
---|
| 2744 | respective entries are NULL for those backends that offer no support for
|
---|
| 2745 | SHA-256 checksumming.
|
---|
| 2746 |
|
---|
| 2747 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2748 |
|
---|
| 2749 | - [Johannes Schindelin brought this change]
|
---|
| 2750 |
|
---|
| 2751 | vtls: move md5sum into the Curl_ssl struct
|
---|
| 2752 |
|
---|
| 2753 | The MD5 summing is also an SSL backend-specific function. So let's
|
---|
| 2754 | include it, offering the previous fall-back code as a separate function
|
---|
| 2755 | now: Curl_none_md5sum(). To allow for that, the signature had to be
|
---|
| 2756 | changed so that an error could be returned from the implementation
|
---|
| 2757 | (Curl_none_md5sum() can run out of memory).
|
---|
| 2758 |
|
---|
| 2759 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2760 |
|
---|
| 2761 | - [Johannes Schindelin brought this change]
|
---|
| 2762 |
|
---|
| 2763 | vtls: use the Curl_ssl struct to access all SSL backends' functionality
|
---|
| 2764 |
|
---|
| 2765 | This is the first step to unify the SSL backend handling. Now all the
|
---|
| 2766 | SSL backend-specific functionality is accessed via a global instance of
|
---|
| 2767 | the Curl_ssl struct.
|
---|
| 2768 |
|
---|
| 2769 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2770 |
|
---|
| 2771 | - [Johannes Schindelin brought this change]
|
---|
| 2772 |
|
---|
| 2773 | vtls: declare Curl_ssl structs for every SSL backend
|
---|
| 2774 |
|
---|
| 2775 | The idea of introducing the Curl_ssl struct was to unify how the SSL
|
---|
| 2776 | backends are declared and called. To this end, we now provide an
|
---|
| 2777 | instance of the Curl_ssl struct for each and every SSL backend.
|
---|
| 2778 |
|
---|
| 2779 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2780 |
|
---|
| 2781 | - [Johannes Schindelin brought this change]
|
---|
| 2782 |
|
---|
| 2783 | vtls: introduce a new struct for SSL backends
|
---|
| 2784 |
|
---|
| 2785 | This new struct is similar in nature to Curl_handler: it will define the
|
---|
| 2786 | functions and capabilities of all the SSL backends (where Curl_handler
|
---|
| 2787 | defines the functions and capabilities of protocol handlers).
|
---|
| 2788 |
|
---|
| 2789 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2790 |
|
---|
| 2791 | - [Johannes Schindelin brought this change]
|
---|
| 2792 |
|
---|
| 2793 | vtls: make sure every _sha256sum()'s first arg is const
|
---|
| 2794 |
|
---|
| 2795 | This patch makes the signature of the _sha256sum() functions consistent
|
---|
| 2796 | among the SSL backends, in preparation for unifying the way all SSL
|
---|
| 2797 | backends are accessed.
|
---|
| 2798 |
|
---|
| 2799 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2800 |
|
---|
| 2801 | - [Johannes Schindelin brought this change]
|
---|
| 2802 |
|
---|
| 2803 | vtls: make sure all _data_pending() functions return bool
|
---|
| 2804 |
|
---|
| 2805 | This patch makes the signature of the _data_pending() functions
|
---|
| 2806 | consistent among the SSL backends, in preparation for unifying the way
|
---|
| 2807 | all SSL backends are accessed.
|
---|
| 2808 |
|
---|
| 2809 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2810 |
|
---|
| 2811 | - [Johannes Schindelin brought this change]
|
---|
| 2812 |
|
---|
| 2813 | vtls: make sure all _cleanup() functions return void
|
---|
| 2814 |
|
---|
| 2815 | This patch makes the signature of the _cleanup() functions consistent
|
---|
| 2816 | among the SSL backends, in preparation for unifying the way all SSL
|
---|
| 2817 | backends are accessed.
|
---|
| 2818 |
|
---|
| 2819 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2820 |
|
---|
| 2821 | - [Johannes Schindelin brought this change]
|
---|
| 2822 |
|
---|
| 2823 | vtls: use consistent signature for _random() implementations
|
---|
| 2824 |
|
---|
| 2825 | This will make the upcoming multissl backend much easier to implement.
|
---|
| 2826 |
|
---|
| 2827 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 2828 |
|
---|
| 2829 | - strtooff: fix build for systems with long long but no strtoll option
|
---|
| 2830 |
|
---|
| 2831 | Closes #1829
|
---|
| 2832 |
|
---|
| 2833 | Reported-by: Dan Fandrich
|
---|
| 2834 | Bug: https://github.com/curl/curl/pull/1758#issuecomment-324861615
|
---|
| 2835 |
|
---|
| 2836 | - darwinssl: handle long strings in TLS certs
|
---|
| 2837 |
|
---|
| 2838 | ... as the previous fixed length 128 bytes buffer was sometimes too
|
---|
| 2839 | small.
|
---|
| 2840 |
|
---|
| 2841 | Fixes #1823
|
---|
| 2842 | Closes #1831
|
---|
| 2843 |
|
---|
| 2844 | Reported-by: Benjamin Sergeant
|
---|
| 2845 | Assisted-by: Bill Pyne, Ray Satiro, Nick Zitzmann
|
---|
| 2846 |
|
---|
| 2847 | - system.h: include sys/poll.h for AIX
|
---|
| 2848 |
|
---|
| 2849 | ... to get the event/revent defines that might be used for the poll
|
---|
| 2850 | struct.
|
---|
| 2851 |
|
---|
| 2852 | Reported-by: Michael Smith
|
---|
| 2853 | Fixes #1828
|
---|
| 2854 | Closes #1833
|
---|
| 2855 |
|
---|
| 2856 | Dan Fandrich (26 Aug 2017)
|
---|
| 2857 | - tests: Make sure libtests & unittests call curl_global_cleanup()
|
---|
| 2858 |
|
---|
| 2859 | These were missed in commit c468c27b.
|
---|
| 2860 |
|
---|
| 2861 | Jay Satiro (26 Aug 2017)
|
---|
| 2862 | - [theantigod brought this change]
|
---|
| 2863 |
|
---|
| 2864 | winbuild: fix embedded manifest option
|
---|
| 2865 |
|
---|
| 2866 | Embedded manifest option didn't work due to incorrect path.
|
---|
| 2867 |
|
---|
| 2868 | Fixes https://github.com/curl/curl/issues/1832
|
---|
| 2869 |
|
---|
| 2870 | Daniel Stenberg (25 Aug 2017)
|
---|
| 2871 | - fuzz/Makefile.am: remove curlbuild.h leftovers
|
---|
| 2872 |
|
---|
| 2873 | - examples/threaded-ssl: mention that this is for openssl before 1.1
|
---|
| 2874 |
|
---|
| 2875 | - imap: use defined names for response codes
|
---|
| 2876 |
|
---|
| 2877 | When working on this code I found the previous setup a bit weird while
|
---|
| 2878 | using proper defines increases readability.
|
---|
| 2879 |
|
---|
| 2880 | Closes #1824
|
---|
| 2881 |
|
---|
| 2882 | - CURLOPT_USERPWD.3: see also CURLOPT_PROXYUSERPWD
|
---|
| 2883 |
|
---|
| 2884 | - imap: support PREAUTH
|
---|
| 2885 |
|
---|
| 2886 | It is a defined possible greeting at server startup that means the
|
---|
| 2887 | connection is already authenticated. See
|
---|
| 2888 | https://tools.ietf.org/html/rfc3501#section-7.1.4
|
---|
| 2889 |
|
---|
| 2890 | Test 846 added to verify.
|
---|
| 2891 |
|
---|
| 2892 | Fixes #1818
|
---|
| 2893 | Closes #1820
|
---|
| 2894 |
|
---|
| 2895 | Jay Satiro (23 Aug 2017)
|
---|
| 2896 | - config-tpf: define SIZEOF_LONG
|
---|
| 2897 |
|
---|
| 2898 | Recent changes that replaced CURL_SIZEOF_LONG in the source with
|
---|
| 2899 | SIZEOF_LONG broke builds that use the premade configuration files and
|
---|
| 2900 | don't have SIZEOF_LONG defined.
|
---|
| 2901 |
|
---|
| 2902 | Bug: https://github.com/curl/curl/issues/1816
|
---|
| 2903 |
|
---|
| 2904 | Dan Fandrich (23 Aug 2017)
|
---|
| 2905 | - test1453: Fixed <features>
|
---|
| 2906 |
|
---|
| 2907 | Daniel Stenberg (22 Aug 2017)
|
---|
| 2908 | - [Gisle Vanem brought this change]
|
---|
| 2909 |
|
---|
| 2910 | config-dos: add missing defines, SIZEOF_* and two others
|
---|
| 2911 |
|
---|
| 2912 | Bug: #1816
|
---|
| 2913 |
|
---|
| 2914 | - curl: shorten and clean up CA cert verification error message
|
---|
| 2915 |
|
---|
| 2916 | The previous message was just too long for ordinary people and it was
|
---|
| 2917 | encouraging users to use `--insecure` a little too easy.
|
---|
| 2918 |
|
---|
| 2919 | Based-on-work-by: Frank Denis
|
---|
| 2920 |
|
---|
| 2921 | Closes #1810
|
---|
| 2922 | Closes #1817
|
---|
| 2923 |
|
---|
| 2924 | - request-target.d: mention added in 7.55.0
|
---|
| 2925 |
|
---|
| 2926 | Marcel Raad (22 Aug 2017)
|
---|
| 2927 | - tool_main: turn off MinGW CRT's globbing
|
---|
| 2928 |
|
---|
| 2929 | By default, the MinGW CRT globs command-line arguments. This prevents
|
---|
| 2930 | getting a single asterisk into an argument as test 1299 does. Turn off
|
---|
| 2931 | globbing by setting the global variable _CRT_glob to 0 for MinGW.
|
---|
| 2932 |
|
---|
| 2933 | Fixes https://github.com/curl/curl/issues/1751
|
---|
| 2934 | Closes https://github.com/curl/curl/pull/1813
|
---|
| 2935 |
|
---|
| 2936 | Viktor Szakats (22 Aug 2017)
|
---|
| 2937 | - makefile.m32: add support for libidn2
|
---|
| 2938 |
|
---|
| 2939 | libidn was replaced with libidn2 last year in configure.
|
---|
| 2940 | Caveat: libidn2 may depend on a list of further libs.
|
---|
| 2941 | These can be manually specified via CURL_LDFLAG_EXTRAS.
|
---|
| 2942 |
|
---|
| 2943 | Closes https://github.com/curl/curl/pull/1815
|
---|
| 2944 |
|
---|
| 2945 | Jay Satiro (22 Aug 2017)
|
---|
| 2946 | - [Viktor Szakats brought this change]
|
---|
| 2947 |
|
---|
| 2948 | config-win32: define SIZEOF_LONG
|
---|
| 2949 |
|
---|
| 2950 | Recent changes that replaced CURL_SIZEOF_LONG in the source with
|
---|
| 2951 | SIZEOF_LONG broke builds that use the premade configuration files and
|
---|
| 2952 | don't have SIZEOF_LONG defined.
|
---|
| 2953 |
|
---|
| 2954 | Closes https://github.com/curl/curl/pull/1814
|
---|
| 2955 |
|
---|
| 2956 | Daniel Stenberg (20 Aug 2017)
|
---|
| 2957 | - cmake: enable picky compiler options with clang and gcc
|
---|
| 2958 |
|
---|
| 2959 | closes #1799
|
---|
| 2960 |
|
---|
| 2961 | - curl/system.h: fix build for hppa
|
---|
| 2962 |
|
---|
| 2963 | Reported-by: John David Anglin
|
---|
| 2964 | Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872502#10
|
---|
| 2965 |
|
---|
| 2966 | - [Even Rouault brought this change]
|
---|
| 2967 |
|
---|
| 2968 | tftp: fix memory leak on too long filename
|
---|
| 2969 |
|
---|
| 2970 | Fixes
|
---|
| 2971 |
|
---|
| 2972 | $ valgrind --leak-check=full ~/install-curl-git/bin/curl tftp://localhost/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaz
|
---|
| 2973 |
|
---|
| 2974 | ==9752== Memcheck, a memory error detector
|
---|
| 2975 | ==9752== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
|
---|
| 2976 | ==9752== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
|
---|
| 2977 | ==9752== Command: /home/even/install-curl-git/bin/curl tftp://localhost/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaz
|
---|
| 2978 | ==9752==
|
---|
| 2979 | curl: (71) TFTP file name too long
|
---|
| 2980 |
|
---|
| 2981 | ==9752==
|
---|
| 2982 | ==9752== HEAP SUMMARY:
|
---|
| 2983 | ==9752== 505 bytes in 1 blocks are definitely lost in loss record 11 of 11
|
---|
| 2984 | ==9752== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
|
---|
| 2985 | ==9752== by 0x4E61CED: Curl_urldecode (in /home/even/install-curl-git/lib/libcurl.so.4.4.0)
|
---|
| 2986 | ==9752== by 0x4E75868: tftp_state_machine (in /home/even/install-curl-git/lib/libcurl.so.4.4.0)
|
---|
| 2987 | ==9752== by 0x4E761B6: tftp_do (in /home/even/install-curl-git/lib/libcurl.so.4.4.0)
|
---|
| 2988 | ==9752== by 0x4E711B6: multi_runsingle (in /home/even/install-curl-git/lib/libcurl.so.4.4.0)
|
---|
| 2989 | ==9752== by 0x4E71D00: curl_multi_perform (in /home/even/install-curl-git/lib/libcurl.so.4.4.0)
|
---|
| 2990 | ==9752== by 0x4E6950D: curl_easy_perform (in /home/even/install-curl-git/lib/libcurl.so.4.4.0)
|
---|
| 2991 | ==9752== by 0x40E0B7: operate_do (in /home/even/install-curl-git/bin/curl)
|
---|
| 2992 | ==9752== by 0x40E849: operate (in /home/even/install-curl-git/bin/curl)
|
---|
| 2993 | ==9752== by 0x402693: main (in /home/even/install-curl-git/bin/curl)
|
---|
| 2994 |
|
---|
| 2995 | Fixes https://oss-fuzz.com/v2/testcase-detail/5232311106797568
|
---|
| 2996 | Credit to OSS Fuzz
|
---|
| 2997 |
|
---|
| 2998 | Closes #1808
|
---|
| 2999 |
|
---|
| 3000 | Dan Fandrich (19 Aug 2017)
|
---|
| 3001 | - runtests: fixed case insensitive matching of keywords
|
---|
| 3002 |
|
---|
| 3003 | Commit 5c2aac71 didn't work in the case of mixed-case keywords given on
|
---|
| 3004 | the command-line.
|
---|
| 3005 |
|
---|
| 3006 | - tests: Make sure libtests call curl_global_cleanup()
|
---|
| 3007 |
|
---|
| 3008 | This ensures that global data allocations are freed so Valgrind stays
|
---|
| 3009 | happy. This was a problem with at least PolarSSL and mbedTLS.
|
---|
| 3010 |
|
---|
| 3011 | Daniel Stenberg (18 Aug 2017)
|
---|
| 3012 | - RELEASE-NOTES: synced with 8baead425
|
---|
| 3013 |
|
---|
| 3014 | - scripts/contri*sh: use "git log --use-mailmap"
|
---|
| 3015 |
|
---|
| 3016 | - mailmap: de-duplify some git authors
|
---|
| 3017 |
|
---|
| 3018 | - http2_recv: return error better on fatal h2 errors
|
---|
| 3019 |
|
---|
| 3020 | Ref #1012
|
---|
| 3021 | Figured-out-by: Tatsuhiro Tsujikawa
|
---|
| 3022 |
|
---|
| 3023 | - KNOWN_BUGS: HTTP test server 'connection-monitor' problems
|
---|
| 3024 |
|
---|
| 3025 | Closes #868
|
---|
| 3026 |
|
---|
| 3027 | - curl/system.h: check for __ppc__ as well
|
---|
| 3028 |
|
---|
| 3029 | ... regression since issue #1774 (commit 10b3df10596a) since obviously
|
---|
| 3030 | some older gcc doesn't know __powerpc__ while some newer doesn't know
|
---|
| 3031 | __ppc__ ...
|
---|
| 3032 |
|
---|
| 3033 | Fixes #1797
|
---|
| 3034 | Closes #1798
|
---|
| 3035 | Reported-by: Ryan Schmidt
|
---|
| 3036 |
|
---|
| 3037 | - [Jan Alexander Steffens (heftig) brought this change]
|
---|
| 3038 |
|
---|
| 3039 | http: Don't wait on CONNECT when there is no proxy
|
---|
| 3040 |
|
---|
| 3041 | Since curl 7.55.0, NetworkManager almost always failed its connectivity
|
---|
| 3042 | check by timeout. I bisected this to 5113ad04 (http-proxy: do the HTTP
|
---|
| 3043 | CONNECT process entirely non-blocking).
|
---|
| 3044 |
|
---|
| 3045 | This patch replaces !Curl_connect_complete with Curl_connect_ongoing,
|
---|
| 3046 | which returns false if the CONNECT state was left uninitialized and lets
|
---|
| 3047 | the connection continue.
|
---|
| 3048 |
|
---|
| 3049 | Closes #1803
|
---|
| 3050 | Fixes #1804
|
---|
| 3051 |
|
---|
| 3052 | Also-fixed-by: Gergely Nagy
|
---|
| 3053 |
|
---|
| 3054 | - [Johannes Schindelin brought this change]
|
---|
| 3055 |
|
---|
| 3056 | metalink: adjust source code style
|
---|
| 3057 |
|
---|
| 3058 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 3059 |
|
---|
| 3060 | - CURL_SIZEOF_LONG: removed, use only SIZEOF_LONG
|
---|
| 3061 |
|
---|
| 3062 | - lib557: no longer use CURL_SIZEOF_* defines
|
---|
| 3063 |
|
---|
| 3064 | - config-win32: define SIZEOF_CURL_OFF_T
|
---|
| 3065 |
|
---|
| 3066 | - cmake: sizeof curl_off_t, remove unused detections
|
---|
| 3067 |
|
---|
| 3068 | - system.h: remove all CURL_SIZEOF_* defines
|
---|
| 3069 |
|
---|
| 3070 | ... as they're not used externally and internally we check for the sizes
|
---|
| 3071 | already in configure etc.
|
---|
| 3072 |
|
---|
| 3073 | Closes #1767
|
---|
| 3074 |
|
---|
| 3075 | - ftp: fix CWD when doing multicwd then nocwd on same connection
|
---|
| 3076 |
|
---|
| 3077 | Fixes #1782
|
---|
| 3078 | Closes #1787
|
---|
| 3079 | Reported-by: Peter Lamare
|
---|
| 3080 |
|
---|
| 3081 | - CURLOPT_SSH_COMPRESSION.3: enable with 1L
|
---|
| 3082 |
|
---|
| 3083 | (leaves other values reserved for the future)
|
---|
| 3084 |
|
---|
| 3085 | - compressed-ssh.d: "Added: 7.56.0"
|
---|
| 3086 |
|
---|
| 3087 | - curl/system.h: checksrc compliance
|
---|
| 3088 |
|
---|
| 3089 | Jay Satiro (17 Aug 2017)
|
---|
| 3090 | - [Viktor Szakats brought this change]
|
---|
| 3091 |
|
---|
| 3092 | ssh: add the ability to enable compression (for SCP/SFTP)
|
---|
| 3093 |
|
---|
| 3094 | The required low-level logic was already available as part of
|
---|
| 3095 | `libssh2` (via `LIBSSH2_FLAG_COMPRESS` `libssh2_session_flag()`[1]
|
---|
| 3096 | option.)
|
---|
| 3097 |
|
---|
| 3098 | This patch adds the new `libcurl` option `CURLOPT_SSH_COMPRESSION`
|
---|
| 3099 | (boolean) and the new `curl` command-line option `--compressed-ssh`
|
---|
| 3100 | to request this `libssh2` feature. To have compression enabled, it
|
---|
| 3101 | is required that the SSH server supports a (zlib) compatible
|
---|
| 3102 | compression method and that `libssh2` was built with `zlib` support
|
---|
| 3103 | enabled.
|
---|
| 3104 |
|
---|
| 3105 | [1] https://www.libssh2.org/libssh2_session_flag.html
|
---|
| 3106 |
|
---|
| 3107 | Ref: https://github.com/curl/curl/issues/1732
|
---|
| 3108 | Closes https://github.com/curl/curl/pull/1735
|
---|
| 3109 |
|
---|
| 3110 | - examples/ftpuploadresume: checksrc compliance
|
---|
| 3111 |
|
---|
| 3112 | - [Maksim Stsepanenka brought this change]
|
---|
| 3113 |
|
---|
| 3114 | http_proxy: fix build error for CURL_DOES_CONVERSIONS
|
---|
| 3115 |
|
---|
| 3116 | Closes https://github.com/curl/curl/pull/1793
|
---|
| 3117 |
|
---|
| 3118 | GitHub (16 Aug 2017)
|
---|
| 3119 | - [Nick Zitzmann brought this change]
|
---|
| 3120 |
|
---|
| 3121 | configure: check for __builtin_available() availability (#1788)
|
---|
| 3122 |
|
---|
| 3123 | This change does two things:
|
---|
| 3124 | 1. It un-breaks the build in Xcode 9.0. (Xcode 9.0 is currently
|
---|
| 3125 | failing trying to compile connectx() in lib/connect.c.)
|
---|
| 3126 | 2. It finally weak-links the connectx() function, and falls back on
|
---|
| 3127 | connect() when run on older operating systems.
|
---|
| 3128 |
|
---|
| 3129 | Daniel Stenberg (16 Aug 2017)
|
---|
| 3130 | - travis: add metalink to some osx builds
|
---|
| 3131 |
|
---|
| 3132 | Closes #1790
|
---|
| 3133 |
|
---|
| 3134 | - [Max Dymond brought this change]
|
---|
| 3135 |
|
---|
| 3136 | coverage: Use two coveralls commands to get lib/vtls results
|
---|
| 3137 |
|
---|
| 3138 | closes #1747
|
---|
| 3139 |
|
---|
| 3140 | - darwinssi: fix error: variable length array used
|
---|
| 3141 |
|
---|
| 3142 | - m4/curl-compilers.m4: use proper quotes around string, not backticks
|
---|
| 3143 |
|
---|
| 3144 | ... when setting clang version to assume 3.7
|
---|
| 3145 |
|
---|
| 3146 | Caused a lot of "integer expression expected" warnings by configure.
|
---|
| 3147 |
|
---|
| 3148 | - [Benbuck Nason brought this change]
|
---|
| 3149 |
|
---|
| 3150 | cmake: remove dead code for DISABLED_THREADSAFE
|
---|
| 3151 |
|
---|
| 3152 | Closes #1786
|
---|
| 3153 |
|
---|
| 3154 | Jay Satiro (15 Aug 2017)
|
---|
| 3155 | - [Jakub Zakrzewski brought this change]
|
---|
| 3156 |
|
---|
| 3157 | curl-confopts.m4: fix --disable-threaded-resolver
|
---|
| 3158 |
|
---|
| 3159 | Closes https://github.com/curl/curl/issues/1784
|
---|
| 3160 |
|
---|
| 3161 | Daniel Stenberg (15 Aug 2017)
|
---|
| 3162 | - [Ryan Winograd brought this change]
|
---|
| 3163 |
|
---|
| 3164 | progress: Track total times following redirects
|
---|
| 3165 |
|
---|
| 3166 | Update the progress timers `t_nslookup`, `t_connect`, `t_appconnect`,
|
---|
| 3167 | `t_pretransfer`, and `t_starttransfer` to track the total times for
|
---|
| 3168 | these activities when a redirect is followed. Previously, only the times
|
---|
| 3169 | for the most recent request would be tracked.
|
---|
| 3170 |
|
---|
| 3171 | Related changes:
|
---|
| 3172 |
|
---|
| 3173 | - Rename `Curl_pgrsResetTimesSizes` to `Curl_pgrsResetTransferSizes`
|
---|
| 3174 | now that the function only resets transfer sizes and no longer
|
---|
| 3175 | modifies any of the progress timers.
|
---|
| 3176 |
|
---|
| 3177 | - Add a bool to the `Progress` struct that is used to prevent
|
---|
| 3178 | double-counting `t_starttransfer` times.
|
---|
| 3179 |
|
---|
| 3180 | Added test case 1399.
|
---|
| 3181 |
|
---|
| 3182 | Fixes #522 and Known Bug 1.8
|
---|
| 3183 | Closes #1602
|
---|
| 3184 | Reported-by: joshhe on github
|
---|
| 3185 |
|
---|
| 3186 | - [Benbuck Nason brought this change]
|
---|
| 3187 |
|
---|
| 3188 | cmake: remove dead code for CURL_DISABLE_RTMP
|
---|
| 3189 |
|
---|
| 3190 | Closes #1785
|
---|
| 3191 |
|
---|
| 3192 | Kamil Dudka (15 Aug 2017)
|
---|
| 3193 | - zsh.pl: produce a working completion script again
|
---|
| 3194 |
|
---|
| 3195 | Commit curl-7_54_0-118-g8b2f22e changed the output format of curl --help
|
---|
| 3196 | to use <file> and <dir> instead of FILE and DIR, which caused zsh.pl to
|
---|
| 3197 | produce a broken completion script:
|
---|
| 3198 |
|
---|
| 3199 | % curl --<TAB>
|
---|
| 3200 | _curl:10: no such file or directory: seconds
|
---|
| 3201 |
|
---|
| 3202 | Closes #1779
|
---|
| 3203 |
|
---|
| 3204 | Daniel Stenberg (15 Aug 2017)
|
---|
| 3205 | - curlver: toward 7.56.0?
|
---|
| 3206 |
|
---|
| 3207 | - RELEASE-NOTES: synced with 91c46dc44
|
---|
| 3208 |
|
---|
| 3209 | - test1449: FTP download range with an too large size
|
---|
| 3210 |
|
---|
| 3211 | - strtoofft: reduce integer overflow risks globally
|
---|
| 3212 |
|
---|
| 3213 | ... make sure we bail out on overflows.
|
---|
| 3214 |
|
---|
| 3215 | Reported-by: Brian Carpenter
|
---|
| 3216 | Closes #1758
|
---|
| 3217 |
|
---|
| 3218 | - travis: build the examples too
|
---|
| 3219 |
|
---|
| 3220 | to make sure they keep building warning-free
|
---|
| 3221 |
|
---|
| 3222 | Closes #1777
|
---|
| 3223 |
|
---|
| 3224 | - runtests: match keywords case insensitively
|
---|
| 3225 |
|
---|
| 3226 | - examples/ftpuploadresume.c: use portable code
|
---|
| 3227 |
|
---|
| 3228 | ... converted from the MS specific _snscanf()
|
---|
| 3229 |
|
---|
| 3230 | Version 7.55.1 (13 Aug 2017)
|
---|
| 3231 |
|
---|
| 3232 | Daniel Stenberg (13 Aug 2017)
|
---|
| 3233 | - RELEASE-NOTES/THANKS: curl 7.55.1 release time
|
---|
| 3234 |
|
---|
| 3235 | - gitignore: ignore .xz now instead of .lzma
|
---|
| 3236 |
|
---|
| 3237 | - [Sergei Nikulov brought this change]
|
---|
| 3238 |
|
---|
| 3239 | cmake: Threads detection update. ref: #1702
|
---|
| 3240 |
|
---|
| 3241 | Closes #1719
|
---|
| 3242 |
|
---|
| 3243 | - ipv6_scope: support unique local addresses
|
---|
| 3244 |
|
---|
| 3245 | Fixes #1764
|
---|
| 3246 | Closes #1773
|
---|
| 3247 | Reported-by: James Slaughter
|
---|
| 3248 |
|
---|
| 3249 | - [Alex Potapenko brought this change]
|
---|
| 3250 |
|
---|
| 3251 | curl/system.h: GCC doesn't define __ppc__ on PowerPC, uses __powerpc__
|
---|
| 3252 |
|
---|
| 3253 | Closes #1774
|
---|
| 3254 |
|
---|
| 3255 | - test1448: verify redirect to IDN using URL
|
---|
| 3256 |
|
---|
| 3257 | Closes #1772
|
---|
| 3258 |
|
---|
| 3259 | - [Salah-Eddin Shaban brought this change]
|
---|
| 3260 |
|
---|
| 3261 | redirect: skip URL encoding for host names
|
---|
| 3262 |
|
---|
| 3263 | This fixes redirects to IDN URLs
|
---|
| 3264 |
|
---|
| 3265 | Fixes #1441
|
---|
| 3266 | Closes #1762
|
---|
| 3267 | Reported by: David Lord
|
---|
| 3268 |
|
---|
| 3269 | - test2032: mark as flaky (again)
|
---|
| 3270 |
|
---|
| 3271 | - travis: test cmake build on tarball too
|
---|
| 3272 |
|
---|
| 3273 | Could've prevented #1755
|
---|
| 3274 |
|
---|
| 3275 | - [Simon Warta brought this change]
|
---|
| 3276 |
|
---|
| 3277 | cmake: allow user to override CMAKE_DEBUG_POSTFIX
|
---|
| 3278 |
|
---|
| 3279 | Closes #1763
|
---|
| 3280 |
|
---|
| 3281 | - connect-to.d: better language
|
---|
| 3282 |
|
---|
| 3283 | - connect-to.d: clarified
|
---|
| 3284 |
|
---|
| 3285 | - bagder/Curl_tvdiff_us: fix the math
|
---|
| 3286 |
|
---|
| 3287 | Regression since adef394ac5 (released in 7.55.0)
|
---|
| 3288 |
|
---|
| 3289 | Reported-by: Han Qiao
|
---|
| 3290 | Fixes #1769
|
---|
| 3291 | Closes #1771
|
---|
| 3292 |
|
---|
| 3293 | - curl/system.h: add Oracle Solaris Studio
|
---|
| 3294 |
|
---|
| 3295 | Fixes #1752
|
---|
| 3296 |
|
---|
| 3297 | - [Alessandro Ghedini brought this change]
|
---|
| 3298 |
|
---|
| 3299 | docs: fix typo funtion -> function
|
---|
| 3300 |
|
---|
| 3301 | Closes #1770
|
---|
| 3302 |
|
---|
| 3303 | Alessandro Ghedini (12 Aug 2017)
|
---|
| 3304 | - docs: fix grammar in CURL_SSLVERSION_MAX_DEFAULT description
|
---|
| 3305 |
|
---|
| 3306 | - docs: fix typo stuct -> struct
|
---|
| 3307 |
|
---|
| 3308 | Dan Fandrich (12 Aug 2017)
|
---|
| 3309 | - test1447: require a curl with http support
|
---|
| 3310 |
|
---|
| 3311 | Daniel Stenberg (11 Aug 2017)
|
---|
| 3312 | - [Thomas Petazzoni brought this change]
|
---|
| 3313 |
|
---|
| 3314 | curl/system.h: support more architectures
|
---|
| 3315 |
|
---|
| 3316 | The long list of architectures in include/curl/system.h is annoying to
|
---|
| 3317 | maintain, and needs to be extended for each and every architecture to
|
---|
| 3318 | support.
|
---|
| 3319 |
|
---|
| 3320 | Instead, let's rely on the __SIZEOF_LONG__ define of the gcc compiler
|
---|
| 3321 | (we are in the GNUC condition anyway), which tells us if long is 4
|
---|
| 3322 | bytes or 8 bytes.
|
---|
| 3323 |
|
---|
| 3324 | This fixes the build of libcurl 7.55.0 on architectures such as
|
---|
| 3325 | OpenRISC or ARC.
|
---|
| 3326 |
|
---|
| 3327 | Closes #1766
|
---|
| 3328 |
|
---|
| 3329 | Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
---|
| 3330 |
|
---|
| 3331 | - test2033: this went flaky again
|
---|
| 3332 |
|
---|
| 3333 | Suspicion: when we enabled the threaded resolver by default.
|
---|
| 3334 |
|
---|
| 3335 | - test1447: verifies the parse proxy fix in 6e0e152ce5c
|
---|
| 3336 |
|
---|
| 3337 | - [Even Rouault brought this change]
|
---|
| 3338 |
|
---|
| 3339 | parse_proxy(): fix memory leak in case of invalid proxy server name
|
---|
| 3340 |
|
---|
| 3341 | Fixes the below leak:
|
---|
| 3342 |
|
---|
| 3343 | $ valgrind --leak-check=full ~/install-curl-git/bin/curl --proxy "http://a:b@/x" http://127.0.0.1
|
---|
| 3344 | curl: (5) Couldn't resolve proxy name
|
---|
| 3345 | ==5048==
|
---|
| 3346 | ==5048== HEAP SUMMARY:
|
---|
| 3347 | ==5048== in use at exit: 532 bytes in 12 blocks
|
---|
| 3348 | ==5048== total heap usage: 5,288 allocs, 5,276 frees, 445,271 bytes allocated
|
---|
| 3349 | ==5048==
|
---|
| 3350 | ==5048== 2 bytes in 1 blocks are definitely lost in loss record 1 of 12
|
---|
| 3351 | ==5048== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
|
---|
| 3352 | ==5048== by 0x4E6CB79: parse_login_details (url.c:5614)
|
---|
| 3353 | ==5048== by 0x4E6BA82: parse_proxy (url.c:5091)
|
---|
| 3354 | ==5048== by 0x4E6C46D: create_conn_helper_init_proxy (url.c:5346)
|
---|
| 3355 | ==5048== by 0x4E6EA18: create_conn (url.c:6498)
|
---|
| 3356 | ==5048== by 0x4E6F9B4: Curl_connect (url.c:6967)
|
---|
| 3357 | ==5048== by 0x4E86D05: multi_runsingle (multi.c:1436)
|
---|
| 3358 | ==5048== by 0x4E88432: curl_multi_perform (multi.c:2160)
|
---|
| 3359 | ==5048== by 0x4E7C515: easy_transfer (easy.c:708)
|
---|
| 3360 | ==5048== by 0x4E7C74A: easy_perform (easy.c:794)
|
---|
| 3361 | ==5048== by 0x4E7C7B1: curl_easy_perform (easy.c:813)
|
---|
| 3362 | ==5048== by 0x414025: operate_do (tool_operate.c:1563)
|
---|
| 3363 | ==5048==
|
---|
| 3364 | ==5048== 2 bytes in 1 blocks are definitely lost in loss record 2 of 12
|
---|
| 3365 | ==5048== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
|
---|
| 3366 | ==5048== by 0x4E6CBB6: parse_login_details (url.c:5621)
|
---|
| 3367 | ==5048== by 0x4E6BA82: parse_proxy (url.c:5091)
|
---|
| 3368 | ==5048== by 0x4E6C46D: create_conn_helper_init_proxy (url.c:5346)
|
---|
| 3369 | ==5048== by 0x4E6EA18: create_conn (url.c:6498)
|
---|
| 3370 | ==5048== by 0x4E6F9B4: Curl_connect (url.c:6967)
|
---|
| 3371 | ==5048== by 0x4E86D05: multi_runsingle (multi.c:1436)
|
---|
| 3372 | ==5048== by 0x4E88432: curl_multi_perform (multi.c:2160)
|
---|
| 3373 | ==5048== by 0x4E7C515: easy_transfer (easy.c:708)
|
---|
| 3374 | ==5048== by 0x4E7C74A: easy_perform (easy.c:794)
|
---|
| 3375 | ==5048== by 0x4E7C7B1: curl_easy_perform (easy.c:813)
|
---|
| 3376 | ==5048== by 0x414025: operate_do (tool_operate.c:1563)
|
---|
| 3377 |
|
---|
| 3378 | Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2984
|
---|
| 3379 | Credit to OSS Fuzz for discovery
|
---|
| 3380 |
|
---|
| 3381 | Closes #1761
|
---|
| 3382 |
|
---|
| 3383 | - RELEASE-NOTES: synced with 37f2195a9
|
---|
| 3384 |
|
---|
| 3385 | - curlver: bump to 7.55.1
|
---|
| 3386 |
|
---|
| 3387 | - openssl: fix "error: this statement may fall through"
|
---|
| 3388 |
|
---|
| 3389 | A gcc7 warning.
|
---|
| 3390 |
|
---|
| 3391 | - [David Benjamin brought this change]
|
---|
| 3392 |
|
---|
| 3393 | openssl: remove CONST_ASN1_BIT_STRING.
|
---|
| 3394 |
|
---|
| 3395 | Just making the pointer as const works for the pre-1.1.0 path too.
|
---|
| 3396 |
|
---|
| 3397 | Closes #1759
|
---|
| 3398 |
|
---|
| 3399 | - maketgz: remove old *.dist files before making the tarball
|
---|
| 3400 |
|
---|
| 3401 | To avoid "old crap" unintentionally getting shipped.
|
---|
| 3402 |
|
---|
| 3403 | Bug: https://curl.haxx.se/mail/lib-2017-08/0050.html
|
---|
| 3404 | Reported-by: Christian Weisgerber
|
---|
| 3405 |
|
---|
| 3406 | Jay Satiro (10 Aug 2017)
|
---|
| 3407 | - mkhelp.pl: allow executing this script directly
|
---|
| 3408 |
|
---|
| 3409 | - Enable execute permission (chmod +x)
|
---|
| 3410 |
|
---|
| 3411 | - Change interpreter to /usr/bin/env perl
|
---|
| 3412 |
|
---|
| 3413 | Ref: https://github.com/curl/curl/issues/1743
|
---|
| 3414 |
|
---|
| 3415 | Daniel Stenberg (10 Aug 2017)
|
---|
| 3416 | - configure: use the threaded resolver backend by default if possible
|
---|
| 3417 |
|
---|
| 3418 | Closes #1647
|
---|
| 3419 |
|
---|
| 3420 | - cmake: move cmake_uninstall.cmake to CMake/
|
---|
| 3421 |
|
---|
| 3422 | Closes #1756
|
---|
| 3423 |
|
---|
| 3424 | - metalink: fix error: â*â in boolean context, suggest â&&â instead
|
---|
| 3425 |
|
---|
| 3426 | - dist: fix the cmake build by shipping cmake_uninstall.cmake.in too
|
---|
| 3427 |
|
---|
| 3428 | Fixes #1755
|
---|
| 3429 |
|
---|
| 3430 | - travis: verify "make install"
|
---|
| 3431 |
|
---|
| 3432 | Help-by: Jay Satiro
|
---|
| 3433 | Closes #1753
|
---|
| 3434 |
|
---|
| 3435 | Marcel Raad (10 Aug 2017)
|
---|
| 3436 | - build: check out *.sln files with Windows line endings
|
---|
| 3437 |
|
---|
| 3438 | Visual Studio doesn't like LF line endings in solution files and always
|
---|
| 3439 | converts them to CRLF when doing changes to the solution. Notably, this
|
---|
| 3440 | affects the solutions in the release archive.
|
---|
| 3441 |
|
---|
| 3442 | Closes https://github.com/curl/curl/pull/1746
|
---|
| 3443 |
|
---|
| 3444 | - gitignore: ignore top-level .vs folder
|
---|
| 3445 |
|
---|
| 3446 | This folder is generated when using the CMake build system from within
|
---|
| 3447 | Visual Studio.
|
---|
| 3448 |
|
---|
| 3449 | Closes https://github.com/curl/curl/pull/1746
|
---|
| 3450 |
|
---|
| 3451 | Jay Satiro (10 Aug 2017)
|
---|
| 3452 | - digest_sspi: Don't reuse context if the user/passwd has changed
|
---|
| 3453 |
|
---|
| 3454 | Bug: https://github.com/curl/curl/issues/1685
|
---|
| 3455 | Reported-by: paulharris@users.noreply.github.com
|
---|
| 3456 |
|
---|
| 3457 | Assisted-by: Isaac Boukris
|
---|
| 3458 |
|
---|
| 3459 | Closes https://github.com/curl/curl/pull/1742
|
---|
| 3460 |
|
---|
| 3461 | Daniel Stenberg (9 Aug 2017)
|
---|
| 3462 | - [Adam Sampson brought this change]
|
---|
| 3463 |
|
---|
| 3464 | dist: Add dictserver.py/negtelnetserver.py to EXTRA_DIST
|
---|
| 3465 |
|
---|
| 3466 | These weren't included in the 7.55.0 release, but are required in order
|
---|
| 3467 | to run the full test suite.
|
---|
| 3468 |
|
---|
| 3469 | Closes #1744
|
---|
| 3470 |
|
---|
| 3471 | - [Adam Sampson brought this change]
|
---|
| 3472 |
|
---|
| 3473 | curl: do bounds check using a double comparison
|
---|
| 3474 |
|
---|
| 3475 | The fix for this in 8661a0aacc01492e0436275ff36a21734f2541bb wasn't
|
---|
| 3476 | complete: if the parsed number in num is larger than will fit in a long,
|
---|
| 3477 | the conversion is undefined behaviour (causing test1427 to fail for me
|
---|
| 3478 | on IA32 with GCC 7.1, although it passes on AMD64 and ARMv7). Getting
|
---|
| 3479 | rid of the cast means the comparison will be done using doubles.
|
---|
| 3480 |
|
---|
| 3481 | It might make more sense for the max argument to also be a double...
|
---|
| 3482 |
|
---|
| 3483 | Fixes #1750
|
---|
| 3484 | Closes #1749
|
---|
| 3485 |
|
---|
| 3486 | - make install: add 8 missing man pages to the installation
|
---|
| 3487 |
|
---|
| 3488 | - build: fix 'make install' with configure, install docs/libcurl/* too
|
---|
| 3489 |
|
---|
| 3490 | Broken since d24838d4da9faa
|
---|
| 3491 |
|
---|
| 3492 | Reported-by: Bernard Spil
|
---|
| 3493 |
|
---|
| 3494 | Version 7.55.0 (9 Aug 2017)
|
---|
| 3495 |
|
---|
| 3496 | Daniel Stenberg (9 Aug 2017)
|
---|
| 3497 | - RELEASE-NOTES: curl 7.55.0
|
---|
| 3498 |
|
---|
| 3499 | - THANKS: 20 new contributors in 7.55.0
|
---|
| 3500 |
|
---|
| 3501 | - [Viktor Szakats brought this change]
|
---|
| 3502 |
|
---|
| 3503 | docs/comments: Update to secure URL versions
|
---|
| 3504 |
|
---|
| 3505 | Closes #1741
|
---|
| 3506 |
|
---|
| 3507 | - configure: fix recv/send/select detection on Android
|
---|
| 3508 |
|
---|
| 3509 | ... since they now provide several functions as
|
---|
| 3510 | __attribute__((overloadable)), the argument detection logic need
|
---|
| 3511 | updates.
|
---|
| 3512 |
|
---|
| 3513 | Patched-by: destman at github
|
---|
| 3514 |
|
---|
| 3515 | Fixes #1738
|
---|
| 3516 | Closes #1739
|
---|
| 3517 |
|
---|
| 3518 | Marcel Raad (8 Aug 2017)
|
---|
| 3519 | - ax_code_coverage.m4: update to latest version
|
---|
| 3520 |
|
---|
| 3521 | This updates the script to aad5ad5fedb306b39f901a899b7bd305b66c418d
|
---|
| 3522 | from August 01, 2017. Notably, this removes the lconv version whitelist.
|
---|
| 3523 |
|
---|
| 3524 | Closes https://github.com/curl/curl/pull/1716
|
---|
| 3525 |
|
---|
| 3526 | Daniel Stenberg (7 Aug 2017)
|
---|
| 3527 | - test1427: verify command line parser integer overflow detection
|
---|
| 3528 |
|
---|
| 3529 | - curl: detect and bail out early on parameter integer overflows
|
---|
| 3530 |
|
---|
| 3531 | Make the number parser aware of the maximum limit curl accepts for a
|
---|
| 3532 | value and return an error immediately if larger, instead of running an
|
---|
| 3533 | integer overflow later.
|
---|
| 3534 |
|
---|
| 3535 | Fixes #1730
|
---|
| 3536 | Closes #1736
|
---|
| 3537 |
|
---|
| 3538 | - glob: do not continue parsing after a strtoul() overflow range
|
---|
| 3539 |
|
---|
| 3540 | Added test 1289 to verify.
|
---|
| 3541 |
|
---|
| 3542 | CVE-2017-1000101
|
---|
| 3543 |
|
---|
| 3544 | Bug: https://curl.haxx.se/docs/adv_20170809A.html
|
---|
| 3545 | Reported-by: Brian Carpenter
|
---|
| 3546 |
|
---|
| 3547 | - tftp: reject file name lengths that don't fit
|
---|
| 3548 |
|
---|
| 3549 | ... and thereby avoid telling send() to send off more bytes than the
|
---|
| 3550 | size of the buffer!
|
---|
| 3551 |
|
---|
| 3552 | CVE-2017-1000100
|
---|
| 3553 |
|
---|
| 3554 | Bug: https://curl.haxx.se/docs/adv_20170809B.html
|
---|
| 3555 | Reported-by: Even Rouault
|
---|
| 3556 |
|
---|
| 3557 | Credit to OSS-Fuzz for the discovery
|
---|
| 3558 |
|
---|
| 3559 | - [Even Rouault brought this change]
|
---|
| 3560 |
|
---|
| 3561 | file: output the correct buffer to the user
|
---|
| 3562 |
|
---|
| 3563 | Regression brought by 7c312f84ea930d8 (April 2017)
|
---|
| 3564 |
|
---|
| 3565 | CVE-2017-1000099
|
---|
| 3566 |
|
---|
| 3567 | Bug: https://curl.haxx.se/docs/adv_20170809C.html
|
---|
| 3568 |
|
---|
| 3569 | Credit to OSS-Fuzz for the discovery
|
---|
| 3570 |
|
---|
| 3571 | - easy_events: make event data static
|
---|
| 3572 |
|
---|
| 3573 | First: this function is only used in debug-builds and not in
|
---|
| 3574 | release/real builds. It is used to drive tests using the event-based
|
---|
| 3575 | API.
|
---|
| 3576 |
|
---|
| 3577 | A pointer to the local struct is passed to CURLMOPT_TIMERDATA, but the
|
---|
| 3578 | CURLMOPT_TIMERFUNCTION calback can in fact be called even after this
|
---|
| 3579 | funtion returns, namely when curl_multi_remove_handle() is called.
|
---|
| 3580 |
|
---|
| 3581 | Reported-by: Brian Carpenter
|
---|
| 3582 |
|
---|
| 3583 | - getparameter: avoid returning uninitialized 'usedarg'
|
---|
| 3584 |
|
---|
| 3585 | Fixes #1728
|
---|
| 3586 |
|
---|
| 3587 | Marcel Raad (5 Aug 2017)
|
---|
| 3588 | - [Isaac Boukris brought this change]
|
---|
| 3589 |
|
---|
| 3590 | gssapi: fix memory leak of output token in multi round context
|
---|
| 3591 |
|
---|
| 3592 | When multiple rounds are needed to establish a security context
|
---|
| 3593 | (usually ntlm), we overwrite old token with a new one without free.
|
---|
| 3594 | Found by proposed gss tests using stub a gss implementation (by
|
---|
| 3595 | valgrind error), though I have confirmed the leak with a real
|
---|
| 3596 | gssapi implementation as well.
|
---|
| 3597 |
|
---|
| 3598 | Closes https://github.com/curl/curl/pull/1733
|
---|
| 3599 |
|
---|
| 3600 | - darwinssl: fix compiler warning
|
---|
| 3601 |
|
---|
| 3602 | clang complains:
|
---|
| 3603 | vtls/darwinssl.c:40:8: error: extra tokens at end of #endif directive
|
---|
| 3604 | [-Werror,-Wextra-tokens]
|
---|
| 3605 |
|
---|
| 3606 | This breaks the darwinssl build on Travis. Fix it by making this token
|
---|
| 3607 | a comment.
|
---|
| 3608 |
|
---|
| 3609 | Closes https://github.com/curl/curl/pull/1734
|
---|
| 3610 |
|
---|
| 3611 | - CMake: fix CURL_WERROR for MSVC
|
---|
| 3612 |
|
---|
| 3613 | When using CURL_WERROR in MSVC builds, the debug flags were overridden
|
---|
| 3614 | by the release flags and /WX got added twice in debug mode.
|
---|
| 3615 |
|
---|
| 3616 | Closes https://github.com/curl/curl/pull/1715
|
---|
| 3617 |
|
---|
| 3618 | Daniel Stenberg (4 Aug 2017)
|
---|
| 3619 | - RELEASE-NOTES: synced with 561e9217c
|
---|
| 3620 |
|
---|
| 3621 | - test1010: verify that #1718 is fixed
|
---|
| 3622 |
|
---|
| 3623 | ... by doing two transfers in nocwd mode and check that there's no
|
---|
| 3624 | superfluous CWD command.
|
---|
| 3625 |
|
---|
| 3626 | - FTP: skip unnecessary CWD when in nocwd mode
|
---|
| 3627 |
|
---|
| 3628 | ... when reusing a connection. If it didn't do any CWD previously.
|
---|
| 3629 |
|
---|
| 3630 | Fixes #1718
|
---|
| 3631 |
|
---|
| 3632 | Marcel Raad (4 Aug 2017)
|
---|
| 3633 | - travis: explicitly specify dist
|
---|
| 3634 |
|
---|
| 3635 | This makes the builds more reproducible as travis is currently rolling
|
---|
| 3636 | out trusty as default dist [1]. Specifically, this avoids coverage
|
---|
| 3637 | check failures when trusty is used as seen in [2] until we figure out
|
---|
| 3638 | what's wrong.
|
---|
| 3639 |
|
---|
| 3640 | [1] https://blog.travis-ci.com/2017-07-11-trusty-as-default-linux-is-coming
|
---|
| 3641 | [2] https://github.com/curl/curl/pull/1692
|
---|
| 3642 |
|
---|
| 3643 | Closes https://github.com/curl/curl/pull/1725
|
---|
| 3644 |
|
---|
| 3645 | Daniel Stenberg (4 Aug 2017)
|
---|
| 3646 | - travis: BUILD_TYPE => T
|
---|
| 3647 |
|
---|
| 3648 | (to make the full line appear nicer on travis web UI)
|
---|
| 3649 |
|
---|
| 3650 | - travis: add osx build with darwinssl
|
---|
| 3651 |
|
---|
| 3652 | Closes #1706
|
---|
| 3653 |
|
---|
| 3654 | - darwin: silence compiler warnings
|
---|
| 3655 |
|
---|
| 3656 | With a clang pragma and three type fixes
|
---|
| 3657 |
|
---|
| 3658 | Fixes #1722
|
---|
| 3659 |
|
---|
| 3660 | - BUILD.WINDOWS: mention buildconf.bat for builds off git
|
---|
| 3661 |
|
---|
| 3662 | - darwinssl: fix curlssl_sha256sum() compiler warnings on first argument
|
---|
| 3663 |
|
---|
| 3664 | - test130: verify comments in .netrc
|
---|
| 3665 |
|
---|
| 3666 | - [Gisle Vanem brought this change]
|
---|
| 3667 |
|
---|
| 3668 | netrc: skip lines starting with '#'
|
---|
| 3669 |
|
---|
| 3670 | Bug: https://curl.haxx.se/mail/lib-2017-08/0008.html
|
---|
| 3671 |
|
---|
| 3672 | Marcel Raad (3 Aug 2017)
|
---|
| 3673 | - CMake: set MSVC warning level to 4
|
---|
| 3674 |
|
---|
| 3675 | The MSVC warning level defaults to 3 in CMake. Change it to 4, which is
|
---|
| 3676 | consistent with the Visual Studio and NMake builds. Disable level 4
|
---|
| 3677 | warning C4127 for the library and additionally C4306 for the test
|
---|
| 3678 | servers to get a clean CURL_WERROR build as that warning is raised in
|
---|
| 3679 | some macros in older Visual Studio versions.
|
---|
| 3680 |
|
---|
| 3681 | Ref: https://github.com/curl/curl/pull/1667#issuecomment-314082794
|
---|
| 3682 | Closes https://github.com/curl/curl/pull/1711
|
---|
| 3683 |
|
---|
| 3684 | Daniel Stenberg (2 Aug 2017)
|
---|
| 3685 | - CURLOPT_NETRC.3: fix typo in 7e48aa386156f9c2
|
---|
| 3686 |
|
---|
| 3687 | Reported-by: Viktor Szakats
|
---|
| 3688 |
|
---|
| 3689 | - CURLOPT_NETRC.3: mention the file name on windows
|
---|
| 3690 |
|
---|
| 3691 | ... and CURLOPT_NETRC_FILE(3).
|
---|
| 3692 |
|
---|
| 3693 | - travis: build osx with libressl too
|
---|
| 3694 |
|
---|
| 3695 | - travis: build osx with openssl too
|
---|
| 3696 |
|
---|
| 3697 | - tests/server/util: fix curltime mistake from 4dee50b9c80f9
|
---|
| 3698 |
|
---|
| 3699 | Marcel Raad (1 Aug 2017)
|
---|
| 3700 | - curl_threads: fix MSVC compiler warning
|
---|
| 3701 |
|
---|
| 3702 | Use LongToHandle to convert from long to HANDLE in the Win32
|
---|
| 3703 | implementation.
|
---|
| 3704 | This should fix the following warning when compiling with
|
---|
| 3705 | MSVC 11 (2012) in 64-bit mode:
|
---|
| 3706 | lib\curl_threads.c(113): warning C4306:
|
---|
| 3707 | 'type cast' : conversion from 'long' to 'HANDLE' of greater size
|
---|
| 3708 |
|
---|
| 3709 | Closes https://github.com/curl/curl/pull/1717
|
---|
| 3710 |
|
---|
| 3711 | Daniel Stenberg (1 Aug 2017)
|
---|
| 3712 | - BUGS: improved phrasing about security bugs
|
---|
| 3713 |
|
---|
| 3714 | Reported-by: Max Dymond
|
---|
| 3715 |
|
---|
| 3716 | - BUGS: clarify how to report security related bugs
|
---|
| 3717 |
|
---|
| 3718 | - [Brad Spencer brought this change]
|
---|
| 3719 |
|
---|
| 3720 | multi: fix request timer management
|
---|
| 3721 |
|
---|
| 3722 | There are some bugs in how timers are managed for a single easy handle
|
---|
| 3723 | that causes the wrong "next timeout" value to be reported to the
|
---|
| 3724 | application when a new minimum needs to be recomputed and that new
|
---|
| 3725 | minimum should be an existing timer that isn't currently set for the
|
---|
| 3726 | easy handle. When the application drives a set of easy handles via the
|
---|
| 3727 | `curl_multi_socket_action()` API (for example), it gets told to wait the
|
---|
| 3728 | wrong amount of time before the next call, which causes requests to
|
---|
| 3729 | linger for a long time (or, it is my guess, possibly forever).
|
---|
| 3730 |
|
---|
| 3731 | Bug: https://curl.haxx.se/mail/lib-2017-07/0033.html
|
---|
| 3732 |
|
---|
| 3733 | Jay Satiro (1 Aug 2017)
|
---|
| 3734 | - curl_setup: Define CURL_NO_OLDIES for building libcurl
|
---|
| 3735 |
|
---|
| 3736 | .. to catch accidental use of deprecated error codes.
|
---|
| 3737 |
|
---|
| 3738 | Ref: https://github.com/curl/curl/issues/1688#issuecomment-316764237
|
---|
| 3739 |
|
---|
| 3740 | Daniel Stenberg (1 Aug 2017)
|
---|
| 3741 | - [Jeremy Tan brought this change]
|
---|
| 3742 |
|
---|
| 3743 | configure: fix the check for IdnToUnicode
|
---|
| 3744 |
|
---|
| 3745 | Fixes #1669
|
---|
| 3746 | Closes #1713
|
---|
| 3747 |
|
---|
| 3748 | - http: fix response code parser to avoid integer overflow
|
---|
| 3749 |
|
---|
| 3750 | test 1429 and 1433 were updated to work with the stricter HTTP status line
|
---|
| 3751 | parser.
|
---|
| 3752 |
|
---|
| 3753 | Closes #1714
|
---|
| 3754 | Reported-by: Brian Carpenter
|
---|
| 3755 |
|
---|
| 3756 | Jay Satiro (31 Jul 2017)
|
---|
| 3757 | - [Dwarakanath Yadavalli brought this change]
|
---|
| 3758 |
|
---|
| 3759 | libcurl: Stop using error codes defined under CURL_NO_OLDIES
|
---|
| 3760 |
|
---|
| 3761 | Fixes https://github.com/curl/curl/issues/1688
|
---|
| 3762 | Closes https://github.com/curl/curl/pull/1712
|
---|
| 3763 |
|
---|
| 3764 | - include.d: clarify --include is only for response headers
|
---|
| 3765 |
|
---|
| 3766 | Follow-up to 171f8de and de6de94.
|
---|
| 3767 |
|
---|
| 3768 | Bug: https://github.com/curl/curl/commit/de6de94#commitcomment-23370851
|
---|
| 3769 | Reported-by: Daniel Stenberg
|
---|
| 3770 |
|
---|
| 3771 | Daniel Stenberg (30 Jul 2017)
|
---|
| 3772 | - [jasjuang brought this change]
|
---|
| 3773 |
|
---|
| 3774 | cmake: support make uninstall
|
---|
| 3775 |
|
---|
| 3776 | Closes #1674
|
---|
| 3777 |
|
---|
| 3778 | - RELEASE-NOTES: synced with 001701c47
|
---|
| 3779 |
|
---|
| 3780 | Marcel Raad (29 Jul 2017)
|
---|
| 3781 | - AppVeyor: now really use CURL_WERROR
|
---|
| 3782 |
|
---|
| 3783 | It was misspelled as CURL_ERROR in commit
|
---|
| 3784 | 2d86e8d1286e0fbe3d811e2e87fa0b5e53722db4.
|
---|
| 3785 |
|
---|
| 3786 | Closes https://github.com/curl/curl/pull/1686
|
---|
| 3787 |
|
---|
| 3788 | Jay Satiro (29 Jul 2017)
|
---|
| 3789 | - tool_help: clarify --include is only for response headers
|
---|
| 3790 |
|
---|
| 3791 | Follow-up to 171f8de.
|
---|
| 3792 |
|
---|
| 3793 | Ref: https://github.com/curl/curl/issues/1704
|
---|
| 3794 |
|
---|
| 3795 | - splay: fix signed/unsigned mismatch warning
|
---|
| 3796 |
|
---|
| 3797 | Follow-up to 4dee50b.
|
---|
| 3798 |
|
---|
| 3799 | Ref: https://github.com/curl/curl/pull/1693
|
---|
| 3800 |
|
---|
| 3801 | Daniel Stenberg (28 Jul 2017)
|
---|
| 3802 | - include.d: clarify that it concerns the response headers
|
---|
| 3803 |
|
---|
| 3804 | Reported-by: olesteban at github
|
---|
| 3805 | Fixes #1704
|
---|
| 3806 |
|
---|
| 3807 | - [Johannes Schindelin brought this change]
|
---|
| 3808 |
|
---|
| 3809 | curl_rtmp: fix a compiler warning
|
---|
| 3810 |
|
---|
| 3811 | The headers of librtmp declare the socket as `int`, and on Windows, that
|
---|
| 3812 | disagrees with curl_socket_t.
|
---|
| 3813 |
|
---|
| 3814 | Bug: #1652
|
---|
| 3815 |
|
---|
| 3816 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 3817 |
|
---|
| 3818 | - test1323: verify curlx_tvdiff
|
---|
| 3819 |
|
---|
| 3820 | - timeval: struct curltime is a struct timeval replacement
|
---|
| 3821 |
|
---|
| 3822 | ... to make all libcurl internals able to use the same data types for
|
---|
| 3823 | the struct members. The timeval struct differs subtly on several
|
---|
| 3824 | platforms so it makes it cumbersome to use everywhere.
|
---|
| 3825 |
|
---|
| 3826 | Ref: #1652
|
---|
| 3827 | Closes #1693
|
---|
| 3828 |
|
---|
| 3829 | - darwinssl: fix variable type mistake (regression)
|
---|
| 3830 |
|
---|
| 3831 | ... which made --tlsv1.2 not work because it would blank the max tls
|
---|
| 3832 | version variable.
|
---|
| 3833 |
|
---|
| 3834 | Reported-by: Nick Miyake
|
---|
| 3835 | Bug: #1703
|
---|
| 3836 |
|
---|
| 3837 | - multi: mention integer overflow risk if using > 500 million sockets
|
---|
| 3838 |
|
---|
| 3839 | Reported-by: ovidiu-benea@users.noreply.github.com
|
---|
| 3840 |
|
---|
| 3841 | Closes #1675
|
---|
| 3842 | Closes #1683
|
---|
| 3843 |
|
---|
| 3844 | - checksrc: escape open brace in regex
|
---|
| 3845 |
|
---|
| 3846 | ... to silence warning.
|
---|
| 3847 |
|
---|
| 3848 | Kamil Dudka (20 Jul 2017)
|
---|
| 3849 | - nss: fix a possible use-after-free in SelectClientCert()
|
---|
| 3850 |
|
---|
| 3851 | ... causing a SIGSEGV in showit() in case the handle used to initiate
|
---|
| 3852 | the connection has already been freed.
|
---|
| 3853 |
|
---|
| 3854 | This commit fixes a bug introduced in curl-7_19_5-204-g5f0cae803.
|
---|
| 3855 |
|
---|
| 3856 | Reported-by: Rob Sanders
|
---|
| 3857 | Bug: https://bugzilla.redhat.com/1436158
|
---|
| 3858 |
|
---|
| 3859 | - nss: unify the coding style of nss_send() and nss_recv()
|
---|
| 3860 |
|
---|
| 3861 | No changes in behavior intended by this commit.
|
---|
| 3862 |
|
---|
| 3863 | Marcel Raad (18 Jul 2017)
|
---|
| 3864 | - tests/server/resolve.c: fix deprecation warning
|
---|
| 3865 |
|
---|
| 3866 | MSVC warns that gethostbyname is deprecated. Always use getaddrinfo
|
---|
| 3867 | instead to fix this when IPv6 is enabled, also for IPv4 resolves. This
|
---|
| 3868 | is also consistent with what libcurl does.
|
---|
| 3869 |
|
---|
| 3870 | Closes https://github.com/curl/curl/pull/1682
|
---|
| 3871 |
|
---|
| 3872 | Jay Satiro (17 Jul 2017)
|
---|
| 3873 | - darwinssl: fix pinnedpubkey build error
|
---|
| 3874 |
|
---|
| 3875 | - s/SessionHandle/Curl_easy/
|
---|
| 3876 |
|
---|
| 3877 | Bug: https://github.com/curl/curl/commit/eb16305#commitcomment-23035670
|
---|
| 3878 | Reported-by: Gisle Vanem
|
---|
| 3879 |
|
---|
| 3880 | Marcel Raad (16 Jul 2017)
|
---|
| 3881 | - rtspd: fix GCC warning after MSVC warning fix
|
---|
| 3882 |
|
---|
| 3883 | Older GCC warns:
|
---|
| 3884 | /tests/server/rtspd.c:1194:10: warning: missing braces around
|
---|
| 3885 | initializer [-Wmissing-braces]
|
---|
| 3886 |
|
---|
| 3887 | Fix this by using memset instead of an initializer.
|
---|
| 3888 |
|
---|
| 3889 | - libtest: fix MSVC warning C4706
|
---|
| 3890 |
|
---|
| 3891 | With warning level 4, MSVC warns about assignments within conditional
|
---|
| 3892 | expressions. Change the while loop to a do-while loop to fix this. This
|
---|
| 3893 | change is also consistent with CODE_STYLE.md.
|
---|
| 3894 |
|
---|
| 3895 | - sockfilt: suppress conversion warning with explicit cast
|
---|
| 3896 |
|
---|
| 3897 | MSVC warns when implicitly casting -1 to unsigned long.
|
---|
| 3898 |
|
---|
| 3899 | - rtspd: fix MSVC level 4 warning
|
---|
| 3900 |
|
---|
| 3901 | warning C4701: potentially uninitialized local variable 'req' used
|
---|
| 3902 |
|
---|
| 3903 | - winbuild: re-enable warning C4127 for curl tool
|
---|
| 3904 |
|
---|
| 3905 | Disabled in cda19a345f6970e22fe8b7a808aeb8f086a21eac. It only needs to
|
---|
| 3906 | be disabled for libcurl.
|
---|
| 3907 |
|
---|
| 3908 | - winbuild: build with warning level 4
|
---|
| 3909 |
|
---|
| 3910 | This is consistent with 7bc64561a2e63ca93e4b0b31d350773ba80955c2, which
|
---|
| 3911 | changed the warning level from 3 to 4 for the Visual Studio project
|
---|
| 3912 | files. But disable the level 4 warning C4127 "conditional expression is
|
---|
| 3913 | constant", as that one is issued by older versions of the Windows SDK
|
---|
| 3914 | as well as curl itself under some circumstances.
|
---|
| 3915 |
|
---|
| 3916 | Closes https://github.com/curl/curl/pull/1667
|
---|
| 3917 |
|
---|
| 3918 | Jay Satiro (12 Jul 2017)
|
---|
| 3919 | - [Max Dymond brought this change]
|
---|
| 3920 |
|
---|
| 3921 | travis: install libidn2
|
---|
| 3922 |
|
---|
| 3923 | Install libidn2 to increase test coverage (IDN tests)
|
---|
| 3924 |
|
---|
| 3925 | Closes https://github.com/curl/curl/pull/1673
|
---|
| 3926 |
|
---|
| 3927 | Marcel Raad (12 Jul 2017)
|
---|
| 3928 | - travis: enable warnings also in release mode
|
---|
| 3929 |
|
---|
| 3930 | ... to get warnings also on Linux/GCC and OSX/clang.
|
---|
| 3931 |
|
---|
| 3932 | Closes https://github.com/curl/curl/pull/1666
|
---|
| 3933 |
|
---|
| 3934 | Daniel Stenberg (12 Jul 2017)
|
---|
| 3935 | - [Max Dymond brought this change]
|
---|
| 3936 |
|
---|
| 3937 | travis: install libssh2
|
---|
| 3938 |
|
---|
| 3939 | Install libssh2 to increase test coverage (SFTP, SCP)
|
---|
| 3940 |
|
---|
| 3941 | Marcel Raad (12 Jul 2017)
|
---|
| 3942 | - system.h: include winsock2.h before windows.h
|
---|
| 3943 |
|
---|
| 3944 | ... to avoid compiler warnings if the user doesn't want
|
---|
| 3945 | WIN32_LEAN_AND_MEAN.
|
---|
| 3946 |
|
---|
| 3947 | - build: remove WIN32_LEAN_AND_MEAN from individual build systems
|
---|
| 3948 |
|
---|
| 3949 | It's defined for all build systems in curl_setup.h since commit
|
---|
| 3950 | beb08481d01a07a8b10938b1078a5e298b1c2912. This caused macro
|
---|
| 3951 | redefinition warnings in the configure builds.
|
---|
| 3952 |
|
---|
| 3953 | Closes https://github.com/curl/curl/pull/1677
|
---|
| 3954 |
|
---|
| 3955 | Jay Satiro (11 Jul 2017)
|
---|
| 3956 | - ISSUE_TEMPLATE: Add a comment not to file security issues on github
|
---|
| 3957 |
|
---|
| 3958 | Marcel Raad (11 Jul 2017)
|
---|
| 3959 | - curl_setup: always define WIN32_LEAN_AND_MEAN on Windows
|
---|
| 3960 |
|
---|
| 3961 | Make sure to always define WIN32_LEAN_AND_MEAN before including any
|
---|
| 3962 | Windows headers to avoid pulling in unnecessary headers. This avoids
|
---|
| 3963 | unnecessary macro clashes and compiler warnings.
|
---|
| 3964 |
|
---|
| 3965 | Ref: https://github.com/curl/curl/issues/1562
|
---|
| 3966 | Closes https://github.com/curl/curl/pull/1672
|
---|
| 3967 |
|
---|
| 3968 | Jay Satiro (11 Jul 2017)
|
---|
| 3969 | - strerror: Preserve Windows error code in some functions
|
---|
| 3970 |
|
---|
| 3971 | This is a follow-up to af02162 which removed (SET_)ERRNO macros. That
|
---|
| 3972 | commit was an earlier draft that I committed by mistake, which was then
|
---|
| 3973 | remedied by a5834e5 and e909de6, and now this commit. With this commit
|
---|
| 3974 | there is now no difference between the current code and the changes that
|
---|
| 3975 | were approved in the final draft.
|
---|
| 3976 |
|
---|
| 3977 | Thanks-to: Max Dymond, Marcel Raad, Daniel Stenberg, Gisle Vanem
|
---|
| 3978 | Ref: https://github.com/curl/curl/pull/1589
|
---|
| 3979 |
|
---|
| 3980 | Marcel Raad (10 Jul 2017)
|
---|
| 3981 | - [Max Dymond brought this change]
|
---|
| 3982 |
|
---|
| 3983 | tests: Fix up issues with errno in test files
|
---|
| 3984 |
|
---|
| 3985 | Closes https://github.com/curl/curl/pull/1671
|
---|
| 3986 |
|
---|
| 3987 | Daniel Stenberg (10 Jul 2017)
|
---|
| 3988 | - errno: fix non-windows builds after af0216251b94e7
|
---|
| 3989 |
|
---|
| 3990 | - [Ryan Winograd brought this change]
|
---|
| 3991 |
|
---|
| 3992 | make: fix docs build on OpenBSD
|
---|
| 3993 |
|
---|
| 3994 | Ref: #1591
|
---|
| 3995 |
|
---|
| 3996 | Marcel Raad (10 Jul 2017)
|
---|
| 3997 | - ldap: fix MinGW compiler warning
|
---|
| 3998 |
|
---|
| 3999 | ldap_bind_s is marked as deprecated in w32api's winldap.h shipping with
|
---|
| 4000 | the latest original MinGW, resulting in compiler warnings since commit
|
---|
| 4001 | f0fe66f13c93d3d0af45d9fb1231c9164e0f9dc8. Fix this for the non-SSPI
|
---|
| 4002 | case by using ldap_simple_bind_s again instead of ldap_bind_s with
|
---|
| 4003 | LDAP_AUTH_SIMPLE.
|
---|
| 4004 |
|
---|
| 4005 | Closes https://github.com/curl/curl/pull/1664
|
---|
| 4006 |
|
---|
| 4007 | - curl-compilers.m4: disable warning spam with Cygwin's clang
|
---|
| 4008 |
|
---|
| 4009 | When building with Cygwin or MinGW, libtool uses a wrapper executable
|
---|
| 4010 | instead of a wrapper script [1], which is written in C and throws
|
---|
| 4011 | missing-variable-declarations warnings. Don't enable these warnings on
|
---|
| 4012 | Cygwin and MinGW in order to avoid warnings for every executable built,
|
---|
| 4013 | which spams the test suite output when using Cygwin's clang.
|
---|
| 4014 |
|
---|
| 4015 | [1] https://www.gnu.org/software/libtool/manual/html_node/Wrapper-executables.html
|
---|
| 4016 |
|
---|
| 4017 | Closes https://github.com/curl/curl/pull/1665
|
---|
| 4018 |
|
---|
| 4019 | Jay Satiro (10 Jul 2017)
|
---|
| 4020 | - curl_setup_once: Remove ERRNO/SET_ERRNO macros
|
---|
| 4021 |
|
---|
| 4022 | Prior to this change (SET_)ERRNO mapped to GetLastError/SetLastError
|
---|
| 4023 | for Win32 and regular errno otherwise.
|
---|
| 4024 |
|
---|
| 4025 | I reviewed the code and found no justifiable reason for conflating errno
|
---|
| 4026 | on WIN32 with GetLastError/SetLastError. All Win32 CRTs support errno,
|
---|
| 4027 | and any Win32 multithreaded CRT supports thread-local errno.
|
---|
| 4028 |
|
---|
| 4029 | Fixes https://github.com/curl/curl/issues/895
|
---|
| 4030 | Closes https://github.com/curl/curl/pull/1589
|
---|
| 4031 |
|
---|
| 4032 | - tool_getparam: fix potentially uninitialized err
|
---|
| 4033 |
|
---|
| 4034 | Marcel Raad (9 Jul 2017)
|
---|
| 4035 | - smb: rename variable to fix shadowing warning
|
---|
| 4036 |
|
---|
| 4037 | GCC 4.6.3 on travis complains:
|
---|
| 4038 | smb.c: In function âget_posix_timeâ:
|
---|
| 4039 | smb.c:725:13: error: declaration of âtimeâ shadows a global declaration
|
---|
| 4040 | [-Werror=shadow]
|
---|
| 4041 |
|
---|
| 4042 | Fix this by renaming the variable.
|
---|
| 4043 |
|
---|
| 4044 | - tool_cb_wrt: fix variable shadowing warning
|
---|
| 4045 |
|
---|
| 4046 | GCC 4.4 complains:
|
---|
| 4047 | tool_cb_wrt.c:81: error: declaration of âisattyâ shadows a global
|
---|
| 4048 | declaration
|
---|
| 4049 | /usr/include/unistd.h:782: error: shadowed declaration is here
|
---|
| 4050 |
|
---|
| 4051 | Fix this by renaming the variable.
|
---|
| 4052 |
|
---|
| 4053 | Closes https://github.com/curl/curl/pull/1661
|
---|
| 4054 |
|
---|
| 4055 | Daniel Stenberg (8 Jul 2017)
|
---|
| 4056 | - RELEASE-NOTES: synced with be2c999b8
|
---|
| 4057 |
|
---|
| 4058 | - travis: install stunnel
|
---|
| 4059 |
|
---|
| 4060 | - valgrind.supp: supress OpenSSL false positive seen on travis
|
---|
| 4061 |
|
---|
| 4062 | - travis: detect and use valgrind for normal builds
|
---|
| 4063 |
|
---|
| 4064 | Closes #1653
|
---|
| 4065 |
|
---|
| 4066 | - travis: add SMB, DICT, TELNET torture to coverage test
|
---|
| 4067 |
|
---|
| 4068 | - [Paul Harris brought this change]
|
---|
| 4069 |
|
---|
| 4070 | cmake: offer CMAKE_DEBUG_POSTFIX when building with MSVC
|
---|
| 4071 |
|
---|
| 4072 | Removes BUILD_RELEASE_DEBUG_DIRS since it wasn't used anywhere.
|
---|
| 4073 |
|
---|
| 4074 | Closes #1649
|
---|
| 4075 |
|
---|
| 4076 | - CURLOPT_POSTFIELDS.3: explain the 100-continue magic better
|
---|
| 4077 |
|
---|
| 4078 | - [Max Dymond brought this change]
|
---|
| 4079 |
|
---|
| 4080 | test1452: add telnet negotiation
|
---|
| 4081 |
|
---|
| 4082 | Add a basic telnet server for negotiating some telnet options before
|
---|
| 4083 | echoing back any data that's sent to it.
|
---|
| 4084 |
|
---|
| 4085 | Closes #1645
|
---|
| 4086 |
|
---|
| 4087 | - travis: do more tests in the coverage run
|
---|
| 4088 |
|
---|
| 4089 | I added a selection of torture and event tests that run "fast enough"
|
---|
| 4090 |
|
---|
| 4091 | - curl_easy_escape.3: mention the (lack of) encoding
|
---|
| 4092 |
|
---|
| 4093 | Fixes #1612
|
---|
| 4094 | Reported-by: Jeroen Ooms
|
---|
| 4095 |
|
---|
| 4096 | - [Gisle Vanem brought this change]
|
---|
| 4097 |
|
---|
| 4098 | memdebug: don't setbuf() if the file open failed
|
---|
| 4099 |
|
---|
| 4100 | Bug: https://github.com/curl/curl/issues/828#issuecomment-313475151
|
---|
| 4101 |
|
---|
| 4102 | - appveyor: enable CURL_WERROR on all builds
|
---|
| 4103 |
|
---|
| 4104 | - cmake: add CURL_WERROR for enabling "warning as errors"
|
---|
| 4105 |
|
---|
| 4106 | - [Hannes Magnusson brought this change]
|
---|
| 4107 |
|
---|
| 4108 | cmake: remove spurious "-l" from linker flags
|
---|
| 4109 |
|
---|
| 4110 | Fixes #1552
|
---|
| 4111 |
|
---|
| 4112 | - test506: skip if threaded-resolver
|
---|
| 4113 |
|
---|
| 4114 | - runtests: support "threaded-resolver" as a feature
|
---|
| 4115 |
|
---|
| 4116 | ... to let tests require it or skip if present
|
---|
| 4117 |
|
---|
| 4118 | - asyn-thread.c: fix unused variable warnings on macOS
|
---|
| 4119 |
|
---|
| 4120 | - http: s/TINY_INITIAL_POST_SIZE/EXPECT_100_THRESHOLD
|
---|
| 4121 |
|
---|
| 4122 | Make the name reflect its use better, and add a short comment describing
|
---|
| 4123 | what it's for.
|
---|
| 4124 |
|
---|
| 4125 | - cmake: if inet_pton is used, bump _WIN32_WINNT
|
---|
| 4126 |
|
---|
| 4127 | ... and make sure inet_pton is always checked for when *not* using Windows,
|
---|
| 4128 | which is a regression from 4fc6ebe18.
|
---|
| 4129 |
|
---|
| 4130 | Idea-by: Sergei Nikulov
|
---|
| 4131 |
|
---|
| 4132 | - select.h: avoid macro redefinition harder
|
---|
| 4133 |
|
---|
| 4134 | ... by checking the POLLIN define, as the header file checks don't work
|
---|
| 4135 | on Windows.
|
---|
| 4136 |
|
---|
| 4137 | - inet_pton: fix include on windows to get prototype
|
---|
| 4138 |
|
---|
| 4139 | inet_pton() exists on Windows and gets used by our cmake builds. Make
|
---|
| 4140 | sure the correct header file is included to avoid compiler warnings.
|
---|
| 4141 |
|
---|
| 4142 | Closes #1639
|
---|
| 4143 |
|
---|
| 4144 | - TODO: 1.10 auto-detect proxy
|
---|
| 4145 |
|
---|
| 4146 | Closes #1572
|
---|
| 4147 |
|
---|
| 4148 | - TODO: HTTP proxy CONNECT is non-blocking now
|
---|
| 4149 |
|
---|
| 4150 | - cmake: fix send/recv argument scanner for windows
|
---|
| 4151 |
|
---|
| 4152 | ... by simply trying the Windows argument types first.
|
---|
| 4153 |
|
---|
| 4154 | Fixes #1640
|
---|
| 4155 |
|
---|
| 4156 | - RELEASE-NOTES: synced with 596cfb6c0
|
---|
| 4157 |
|
---|
| 4158 | - [Gisle Vanem brought this change]
|
---|
| 4159 |
|
---|
| 4160 | smb: add support for CURLOPT_FILETIME
|
---|
| 4161 |
|
---|
| 4162 | Bug: https://curl.haxx.se/mail/lib-2017-07/0005.html
|
---|
| 4163 |
|
---|
| 4164 | Closes #1643
|
---|
| 4165 |
|
---|
| 4166 | - travis: install nghttp2 on linux builds
|
---|
| 4167 |
|
---|
| 4168 | Closes #1642
|
---|
| 4169 |
|
---|
| 4170 | - [Gisle Vanem brought this change]
|
---|
| 4171 |
|
---|
| 4172 | smb: fix build for djgpp/MSDOS
|
---|
| 4173 |
|
---|
| 4174 | bug: https://curl.haxx.se/mail/lib-2017-07/0005.html
|
---|
| 4175 |
|
---|
| 4176 | - configure: try ldap/lber in reversed order first
|
---|
| 4177 |
|
---|
| 4178 | When scanning for which LDAP libraries to use, try the -lldap -llber
|
---|
| 4179 | combination before the reversed order since it has a greater chance of
|
---|
| 4180 | working when linking with libcurl statically.
|
---|
| 4181 |
|
---|
| 4182 | Fixes #1619
|
---|
| 4183 | Closes #1634
|
---|
| 4184 | Reported-by: David E. Narváez
|
---|
| 4185 |
|
---|
| 4186 | - configure: remove checks for 5 functions never used
|
---|
| 4187 |
|
---|
| 4188 | fork, getprotobyname, inet_addr, perror, uname
|
---|
| 4189 |
|
---|
| 4190 | closes #1638
|
---|
| 4191 |
|
---|
| 4192 | - dist: add SMB python deps into the tarball
|
---|
| 4193 |
|
---|
| 4194 | - [Max Dymond brought this change]
|
---|
| 4195 |
|
---|
| 4196 | test1451: add SMB support to the testbed
|
---|
| 4197 |
|
---|
| 4198 | Add test 1451 which does some very basic SMB testing using the impacket
|
---|
| 4199 | SMB server.
|
---|
| 4200 |
|
---|
| 4201 | Closes #1630
|
---|
| 4202 |
|
---|
| 4203 | - [Max Dymond brought this change]
|
---|
| 4204 |
|
---|
| 4205 | test: add impacket for SMB testing
|
---|
| 4206 |
|
---|
| 4207 | Import impacket 0.9.15 for use in SMB testing. This was generated by
|
---|
| 4208 | doing "pip2.7 install -t . impacket"
|
---|
| 4209 |
|
---|
| 4210 | Unnecessary files for current testing were deleted.
|
---|
| 4211 |
|
---|
| 4212 | - travis.yml: use --enable-werror on debug builds
|
---|
| 4213 |
|
---|
| 4214 | ... to better detect and fault on compiler warnings/errors
|
---|
| 4215 |
|
---|
| 4216 | Closes #1637
|
---|
| 4217 |
|
---|
| 4218 | - tool_sleep: typecast to avoid macos compiler warning
|
---|
| 4219 |
|
---|
| 4220 | tool_sleep.c:54:24: error: implicit conversion loses integer precision:
|
---|
| 4221 | 'long' to '__darwin_suseconds_t' (aka 'int')
|
---|
| 4222 | [-Werror,-Wshorten-64-to-32]
|
---|
| 4223 |
|
---|
| 4224 | - [Martin Kepplinger brought this change]
|
---|
| 4225 |
|
---|
| 4226 | timeval.c: Use long long constant type for timeval assignment
|
---|
| 4227 |
|
---|
| 4228 | On a 64 bit host, sparse says:
|
---|
| 4229 |
|
---|
| 4230 | timeval.c:148:15: warning: constant 0x7fffffffffffffff is so big it is long
|
---|
| 4231 | timeval.c:149:12: warning: constant 0x7fffffffffffffff is so big it is long
|
---|
| 4232 |
|
---|
| 4233 | so let's use long long constant types in order to prevent undesired overflow
|
---|
| 4234 | failures.
|
---|
| 4235 |
|
---|
| 4236 | Bug: https://curl.haxx.se/mail/lib-2017-07/0003.html
|
---|
| 4237 |
|
---|
| 4238 | Closes #1636
|
---|
| 4239 |
|
---|
| 4240 | Signed-off-by: Martin Kepplinger <martink@posteo.de>
|
---|
| 4241 |
|
---|
| 4242 | - url: make the original string get used on subsequent transfers
|
---|
| 4243 |
|
---|
| 4244 | ... since CURLOPT_URL should follow the same rules as other options:
|
---|
| 4245 | they remain set until changed or cleared.
|
---|
| 4246 |
|
---|
| 4247 | Added test 1551 to verify.
|
---|
| 4248 |
|
---|
| 4249 | Fixes #1631
|
---|
| 4250 | Closes #1632
|
---|
| 4251 | Reported-by: Pavel Rochnyak
|
---|
| 4252 |
|
---|
| 4253 | - [Johannes Schindelin brought this change]
|
---|
| 4254 |
|
---|
| 4255 | gtls: fix build when sizeof(long) < sizeof(void *)
|
---|
| 4256 |
|
---|
| 4257 | - Change gnutls pointer/int macros to pointer/curl_socket_t.
|
---|
| 4258 | Prior to this change they used long type as well.
|
---|
| 4259 |
|
---|
| 4260 | The size of the `long` data type can be shorter than that of pointer
|
---|
| 4261 | types. This is the case most notably on Windows.
|
---|
| 4262 |
|
---|
| 4263 | If C99 were acceptable, we could simply use `intptr_t` here. But we
|
---|
| 4264 | want to retain C89 compatibility.
|
---|
| 4265 |
|
---|
| 4266 | Simply use the trick of performing pointer arithmetic with the NULL
|
---|
| 4267 | pointer: to convert an integer `i` to a pointer, simply take the
|
---|
| 4268 | address of the `i`th element of a hypothetical character array
|
---|
| 4269 | starting at address NULL. To convert back, simply cast the pointer
|
---|
| 4270 | difference.
|
---|
| 4271 |
|
---|
| 4272 | Thanks to Jay Satiro for the initial modification to use curl_socket_t
|
---|
| 4273 | instead of int/long.
|
---|
| 4274 |
|
---|
| 4275 | Closes #1617
|
---|
| 4276 |
|
---|
| 4277 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
---|
| 4278 |
|
---|
| 4279 | - [Ryan Winograd brought this change]
|
---|
| 4280 |
|
---|
| 4281 | unit1399: fix integer overflow
|
---|
| 4282 |
|
---|
| 4283 | Bug: #1616
|
---|
| 4284 | Closes #1633
|
---|
| 4285 |
|
---|
| 4286 | - [Per Malmberg brought this change]
|
---|
| 4287 |
|
---|
| 4288 | cmake: Added compatibility options for older Windows versions
|
---|
| 4289 |
|
---|
| 4290 | CURL_STATIC_CRT and ENABLE_INET_PTON
|
---|
| 4291 |
|
---|
| 4292 | Closes #1621
|
---|
| 4293 |
|
---|
| 4294 | - unit1399: add logging to time comparison
|
---|
| 4295 |
|
---|
| 4296 | ... to enable tracking down why autobuilds fail on this
|
---|
| 4297 |
|
---|
| 4298 | Bug: #1616
|
---|
| 4299 |
|
---|
| 4300 | - make: build the docs subdir only from within src
|
---|
| 4301 |
|
---|
| 4302 | ... and don't build at all in include
|
---|
| 4303 |
|
---|
| 4304 | Prompted-by-work-by: Simon Warta
|
---|
| 4305 | Ref: #1590
|
---|
| 4306 | Closes #1591
|
---|
| 4307 |
|
---|
| 4308 | - [Max Dymond brought this change]
|
---|
| 4309 |
|
---|
| 4310 | test1450: fix up DICT server in torture mode
|
---|
| 4311 |
|
---|
| 4312 | As per https://github.com/curl/curl/pull/1615, the DICT server is a
|
---|
| 4313 | little spammy in torture mode due to the sockets being torn down
|
---|
| 4314 | unexpectedly. Fix this by adding some error handling to the handling
|
---|
| 4315 | function.
|
---|
| 4316 |
|
---|
| 4317 | Closes #1629
|
---|
| 4318 |
|
---|
| 4319 | - [Max Dymond brought this change]
|
---|
| 4320 |
|
---|
| 4321 | test1450: add simple testing for DICT
|
---|
| 4322 |
|
---|
| 4323 | Add a new server which provides a DICT interface. This is intended to
|
---|
| 4324 | begin coverage testing for lib/dict.c
|
---|
| 4325 |
|
---|
| 4326 | Closes #1615
|
---|
| 4327 |
|
---|
| 4328 | - [Dan Fandrich brought this change]
|
---|
| 4329 |
|
---|
| 4330 | test1521: fix out-of-tree builds, broken with 467da3af
|
---|
| 4331 |
|
---|
| 4332 | The test.h file is no longer in the same directory as the source file,
|
---|
| 4333 | so that directory needs to be added to the include path.
|
---|
| 4334 |
|
---|
| 4335 | Fixes #1627
|
---|
| 4336 | Closes #1628
|
---|
| 4337 |
|
---|
| 4338 | - [Max Dymond brought this change]
|
---|
| 4339 |
|
---|
| 4340 | http2: handle PING frames
|
---|
| 4341 |
|
---|
| 4342 | Add a connection check function to HTTP2 based off RTSP. This causes
|
---|
| 4343 | PINGs to be handled the next time the connection is reused.
|
---|
| 4344 |
|
---|
| 4345 | Closes #1521
|
---|
| 4346 |
|
---|
| 4347 | - [Max Dymond brought this change]
|
---|
| 4348 |
|
---|
| 4349 | handler: refactor connection checking
|
---|
| 4350 |
|
---|
| 4351 | Add a new type of callback to Curl_handler which performs checks on
|
---|
| 4352 | the connection. Alter RTSP so that it uses this callback to do its
|
---|
| 4353 | own check on connection health.
|
---|
| 4354 |
|
---|
| 4355 | - [dmitrykos brought this change]
|
---|
| 4356 |
|
---|
| 4357 | openssl: improve fallback seed of PRNG with a time based hash
|
---|
| 4358 |
|
---|
| 4359 | Fixes #1620
|
---|
| 4360 |
|
---|
| 4361 | - [Ryan Winograd brought this change]
|
---|
| 4362 |
|
---|
| 4363 | progress: prevent resetting t_starttransfer
|
---|
| 4364 |
|
---|
| 4365 | Prevent `Curl_pgrsTime` from modifying `t_starttransfer` when invoked
|
---|
| 4366 | with `TIMER_STARTTRANSFER` more than once during a single request.
|
---|
| 4367 |
|
---|
| 4368 | When a redirect occurs, this is considered a new request and
|
---|
| 4369 | `t_starttransfer` can be updated to reflect the `t_starttransfer` time
|
---|
| 4370 | of the redirect request.
|
---|
| 4371 |
|
---|
| 4372 | Closes #1616
|
---|
| 4373 |
|
---|
| 4374 | Bug: https://github.com/curl/curl/pull/1602#issuecomment-310267370
|
---|
| 4375 |
|
---|
| 4376 | - curl_strequal.3: fix typo in SYNOPSIS
|
---|
| 4377 |
|
---|
| 4378 | Reported-by: Jesse Chisholm
|
---|
| 4379 |
|
---|
| 4380 | Fixes #1623
|
---|
| 4381 |
|
---|
| 4382 | - RELEASE-NOTES: synced with ce2c3ebda
|
---|
| 4383 |
|
---|
| 4384 | Kamil Dudka (28 Jun 2017)
|
---|
| 4385 | - curl --socks5-{basic,gssapi}: control socks5 auth
|
---|
| 4386 |
|
---|
| 4387 | Closes https://github.com/curl/curl/pull/1454
|
---|
| 4388 |
|
---|
| 4389 | - CURLOPT_SOCKS5_AUTH: allowed methods for SOCKS5 proxy auth
|
---|
| 4390 |
|
---|
| 4391 | If libcurl was built with GSS-API support, it unconditionally advertised
|
---|
| 4392 | GSS-API authentication while connecting to a SOCKS5 proxy. This caused
|
---|
| 4393 | problems in environments with improperly configured Kerberos: a stock
|
---|
| 4394 | libcurl failed to connect, despite libcurl built without GSS-API
|
---|
| 4395 | connected fine using username and password.
|
---|
| 4396 |
|
---|
| 4397 | This commit introduces the CURLOPT_SOCKS5_AUTH option to control the
|
---|
| 4398 | allowed methods for SOCKS5 authentication at run time.
|
---|
| 4399 |
|
---|
| 4400 | Note that a new option was preferred over reusing CURLOPT_PROXYAUTH
|
---|
| 4401 | for compatibility reasons because the set of authentication methods
|
---|
| 4402 | allowed by default was different for HTTP and SOCKS5 proxies.
|
---|
| 4403 |
|
---|
| 4404 | Bug: https://curl.haxx.se/mail/lib-2017-01/0005.html
|
---|
| 4405 | Closes https://github.com/curl/curl/pull/1454
|
---|
| 4406 |
|
---|
| 4407 | - socks: deduplicate the code for auth request
|
---|
| 4408 |
|
---|
| 4409 | - socks: use proxy_user instead of proxy_name
|
---|
| 4410 |
|
---|
| 4411 | ... to make it obvious what the data is used for
|
---|
| 4412 |
|
---|
| 4413 | Daniel Stenberg (27 Jun 2017)
|
---|
| 4414 | - libtest/make: generate lib1521.c
|
---|
| 4415 |
|
---|
| 4416 | ... instead of having the generated code checked in. This saves space in
|
---|
| 4417 | the tarball but primarily automatically adapts to newly added options.
|
---|
| 4418 |
|
---|
| 4419 | Closes #1614
|
---|
| 4420 |
|
---|
| 4421 | Jay Satiro (26 Jun 2017)
|
---|
| 4422 | - tool_getparam: fix memory leak on test 1147 OOM (torture tests)
|
---|
| 4423 |
|
---|
| 4424 | Bug: https://github.com/curl/curl/pull/1486#issuecomment-310926872
|
---|
| 4425 | Reported-by: Dan Fandrich
|
---|
| 4426 |
|
---|
| 4427 | Dan Fandrich (25 Jun 2017)
|
---|
| 4428 | - test1537: fixed memory leak on OOM
|
---|
| 4429 |
|
---|
| 4430 | Marcel Raad (25 Jun 2017)
|
---|
| 4431 | - test1521: fix compiler warnings
|
---|
| 4432 |
|
---|
| 4433 | The integer literal 3123123123 doesn't fit into a 32-bit signed
|
---|
| 4434 | integer, so GCC with 32-bit long warns in C90 mode:
|
---|
| 4435 | this decimal constant is unsigned only in ISO C90 [enabled by default]
|
---|
| 4436 | Fix this by using ULONG_MAX, which should fit in any curl_off_t and has
|
---|
| 4437 | the correct suffix to not issue any warnings.
|
---|
| 4438 | Also adds the missing CURLOPT_REQUEST_TARGET from commit
|
---|
| 4439 | 9b167fd090f596eac828817d48c247eeae53407f.
|
---|
| 4440 |
|
---|
| 4441 | Closes https://github.com/curl/curl/pull/1611
|
---|
| 4442 |
|
---|
| 4443 | Daniel Stenberg (24 Jun 2017)
|
---|
| 4444 | - curl/system.h: add check for XTENSA for 32bit gcc
|
---|
| 4445 |
|
---|
| 4446 | Reported-by: Neil Kolban
|
---|
| 4447 | Fixes: 1598
|
---|
| 4448 |
|
---|
| 4449 | - [Henrik S. GaÃmann brought this change]
|
---|
| 4450 |
|
---|
| 4451 | winbuild: fix boringssl build
|
---|
| 4452 |
|
---|
| 4453 | Compile with `WIN32_LEAN_AND_MEAN` which prevents `windows.h` from
|
---|
| 4454 | including too much clutter including `wincrypt.h` which in turn contains
|
---|
| 4455 | some preprocessor macros that clash with boringssl symbols.
|
---|
| 4456 |
|
---|
| 4457 | Detect boringssl by checking the existance of `is_boringssl.h` and set
|
---|
| 4458 | the corresponding `HAVE_BORINGSSL` for compilation which is used in
|
---|
| 4459 | `ldap.c` to undefine the evil macros.
|
---|
| 4460 |
|
---|
| 4461 | Closes #1610
|
---|
| 4462 |
|
---|
| 4463 | - progress: progress.timespent needs to be us
|
---|
| 4464 |
|
---|
| 4465 | follow-up to 64ed44a815e4e to fix test 500 failures
|
---|
| 4466 |
|
---|
| 4467 | Marcel Raad (24 Jun 2017)
|
---|
| 4468 | - curl-compilers.m4: fix unknown-warning-option on Apple clang
|
---|
| 4469 |
|
---|
| 4470 | Since 5598b0bd63f690c151074494ce47ef872f004ab4, clang -v is used to
|
---|
| 4471 | detect the clang version. The version number was expected to come after
|
---|
| 4472 | the word "version". For Apple clang, this doesn't work as it has its
|
---|
| 4473 | own versioning scheme.
|
---|
| 4474 | The version number is now first searched after the string
|
---|
| 4475 | "based on LLVM". This works for Apple clang before version 7, and also
|
---|
| 4476 | for e.g. Ubuntu's clang up to version 3.7. If it's not found and the
|
---|
| 4477 | version string contains "Apple LLVM version", clang version 3.7 is
|
---|
| 4478 | assumed, which is the version that comes with Xcode 7. Otherwise, the
|
---|
| 4479 | version number is still expected after the word "version", which works
|
---|
| 4480 | for very old Apple clang versions.
|
---|
| 4481 |
|
---|
| 4482 | Ref: https://trac.macports.org/wiki/XcodeVersionInfo
|
---|
| 4483 | Fixes https://github.com/curl/curl/issues/1606
|
---|
| 4484 | Closes https://github.com/curl/curl/pull/1607
|
---|
| 4485 |
|
---|
| 4486 | Daniel Stenberg (24 Jun 2017)
|
---|
| 4487 | - progress: fix "time spent", broke in adef394ac
|
---|
| 4488 |
|
---|
| 4489 | - CURLINFO_REDIRECT_URL.3: mention the CURLOPT_MAXREDIRS case
|
---|
| 4490 |
|
---|
| 4491 | ... supported since 7.54.1
|
---|
| 4492 |
|
---|
| 4493 | - maketgz: switch to -6e for xz
|
---|
| 4494 |
|
---|
| 4495 | To reduce the memory requirement for decompress, and still do almost as
|
---|
| 4496 | good compression as with -9e.
|
---|
| 4497 |
|
---|
| 4498 | Pointed-out-by: Dan Fandrich
|
---|
| 4499 |
|
---|
| 4500 | - libtest/Makefile: remove unused lib1541 variables
|
---|
| 4501 |
|
---|
| 4502 | - CONTRIBUTE.md: mention the out-of-tree build test too
|
---|
| 4503 |
|
---|
| 4504 | - maketgz: switch to xz instead of lzma
|
---|
| 4505 |
|
---|
| 4506 | The compressed output size seems to be a tad bit smaller, but generally
|
---|
| 4507 | xz seems more preferred these days and is used directly by for example
|
---|
| 4508 | gentoo instead of bz2.
|
---|
| 4509 |
|
---|
| 4510 | "Users of LZMA Utils should move to XZ Utils" =>
|
---|
| 4511 | https://tukaani.org/lzma/
|
---|
| 4512 |
|
---|
| 4513 | Closes #1604
|
---|
| 4514 |
|
---|
| 4515 | - --request-target: instead of --strip-path-slash
|
---|
| 4516 |
|
---|
| 4517 | ... and CURLOPT_REQUEST_TARGET instead of CURLOPT_STRIP_PATH_SLASH.
|
---|
| 4518 |
|
---|
| 4519 | This option instead provides the full "alternative" target to use in the
|
---|
| 4520 | request, instead of extracting the path from the URL.
|
---|
| 4521 |
|
---|
| 4522 | Test 1298 and 1299 updated accordingly.
|
---|
| 4523 |
|
---|
| 4524 | Idea-by: Evert Pot
|
---|
| 4525 | Suggestion: https://daniel.haxx.se/blog/2017/06/19/options-with-curl/comment-page-1/#comment-18373
|
---|
| 4526 |
|
---|
| 4527 | Closes #1593
|
---|
| 4528 |
|
---|
| 4529 | Marcel Raad (21 Jun 2017)
|
---|
| 4530 | - lib1521: fix missing-variable-declarations clang warnings
|
---|
| 4531 |
|
---|
| 4532 | Declare TU-local variables static.
|
---|
| 4533 |
|
---|
| 4534 | - travis: enable typecheck-gcc warnings
|
---|
| 4535 |
|
---|
| 4536 | - switch debug and release configurations so that we get an optimized
|
---|
| 4537 | build with GCC 4.3+ as required by typecheck-gcc
|
---|
| 4538 | - enable warnings-as-errors for release builds
|
---|
| 4539 | (which have warnings disabled)
|
---|
| 4540 |
|
---|
| 4541 | Closes https://github.com/curl/curl/pull/1595
|
---|
| 4542 |
|
---|
| 4543 | - typecheck-gcc: add support for CURLINFO_OFF_T
|
---|
| 4544 |
|
---|
| 4545 | typecheck-gcc expected curl_socket_t instead of curl_off_t arguments
|
---|
| 4546 | for CURLINFO_OFF_T. Detected by test1521, unfortunately only when run
|
---|
| 4547 | locally.
|
---|
| 4548 |
|
---|
| 4549 | Closes https://github.com/curl/curl/pull/1592
|
---|
| 4550 |
|
---|
| 4551 | Daniel Stenberg (21 Jun 2017)
|
---|
| 4552 | - [Simon Warta brought this change]
|
---|
| 4553 |
|
---|
| 4554 | ci: whitelist branches to avoid testing feature branches twice
|
---|
| 4555 |
|
---|
| 4556 | - [Gisle Vanem brought this change]
|
---|
| 4557 |
|
---|
| 4558 | lib: fix the djgpp build
|
---|
| 4559 |
|
---|
| 4560 | Bug: https://github.com/curl/curl/commit/73a2fcea0b4adea6ba342cd7ed1149782c214ae3#commitcomment-22655993
|
---|
| 4561 |
|
---|
| 4562 | Marcel Raad (20 Jun 2017)
|
---|
| 4563 | - if2ip: fix compiler warning in ISO C90 mode
|
---|
| 4564 |
|
---|
| 4565 | remote_scope_id is only used when both HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID
|
---|
| 4566 | and ENABLE_IPV6 are defined instead of only one of them.
|
---|
| 4567 |
|
---|
| 4568 | Daniel Stenberg (20 Jun 2017)
|
---|
| 4569 | - travis: do the distcheck test build out-of-tree as well
|
---|
| 4570 |
|
---|
| 4571 | - http: add --strip-path-slash and CURLOPT_STRIP_PATH_SLASH
|
---|
| 4572 |
|
---|
| 4573 | ... to enable sending "OPTIONS *" which wasn't possible previously.
|
---|
| 4574 |
|
---|
| 4575 | This option currently only works for HTTP.
|
---|
| 4576 |
|
---|
| 4577 | Added test cases 1298 + 1299 to verify
|
---|
| 4578 |
|
---|
| 4579 | Fixes #1280
|
---|
| 4580 | Closes #1462
|
---|
| 4581 |
|
---|
| 4582 | - test1521: test getinfo's OFF_T types too
|
---|
| 4583 |
|
---|
| 4584 | Closes #1588
|
---|
| 4585 |
|
---|
| 4586 | - lib1521: add curl_easy_getinfo calls to the test set
|
---|
| 4587 |
|
---|
| 4588 | Also added return value checks to make sure no unexpected return codes
|
---|
| 4589 | are used.
|
---|
| 4590 |
|
---|
| 4591 | - [Simon Warta brought this change]
|
---|
| 4592 |
|
---|
| 4593 | automake: use $(MKHELP) variable instead if constant mkhelp.pl
|
---|
| 4594 |
|
---|
| 4595 | this improves symmetry with the rule above
|
---|
| 4596 |
|
---|
| 4597 | - [Simon Warta brought this change]
|
---|
| 4598 |
|
---|
| 4599 | mkhelp.pl: fix script name in usage text
|
---|
| 4600 |
|
---|
| 4601 | - RELEASE-NOTES: synced with 3b80d3ca4
|
---|
| 4602 |
|
---|
| 4603 | - getinfo: return sizes as curl_off_t
|
---|
| 4604 |
|
---|
| 4605 | This change introduces new alternatives for the existing six
|
---|
| 4606 | curl_easy_getinfo() options that return sizes or speeds as doubles. The
|
---|
| 4607 | new versions are named like the old ones but with an appended '_T':
|
---|
| 4608 |
|
---|
| 4609 | CURLINFO_CONTENT_LENGTH_DOWNLOAD_T
|
---|
| 4610 | CURLINFO_CONTENT_LENGTH_UPLOAD_T
|
---|
| 4611 | CURLINFO_SIZE_DOWNLOAD_T
|
---|
| 4612 | CURLINFO_SIZE_UPLOAD_T
|
---|
| 4613 | CURLINFO_SPEED_DOWNLOAD_T
|
---|
| 4614 | CURLINFO_SPEED_UPLOAD_T
|
---|
| 4615 |
|
---|
| 4616 | Closes #1511
|
---|
| 4617 |
|
---|
| 4618 | - PIPELINING_SERVER_BL: cleanup the internal list use
|
---|
| 4619 |
|
---|
| 4620 | The list was freed incorrectly since the llist refactor of
|
---|
| 4621 | cbae73e1dd959. Added test 1550 to verify that it works and avoid future
|
---|
| 4622 | regressions.
|
---|
| 4623 |
|
---|
| 4624 | Reported-by: Pascal Terjan
|
---|
| 4625 |
|
---|
| 4626 | Fixes #1584
|
---|
| 4627 | Closes #1585
|
---|
| 4628 |
|
---|
| 4629 | - http2: fix OOM crash
|
---|
| 4630 |
|
---|
| 4631 | torture mode with test 1021 found it
|
---|
| 4632 |
|
---|
| 4633 | - CURLOPT_PREQUOTE.3: spellfix man page reference
|
---|
| 4634 |
|
---|
| 4635 | Marcel Raad (18 Jun 2017)
|
---|
| 4636 | - http_proxy: fix build with http and proxy
|
---|
| 4637 |
|
---|
| 4638 | After deff7de0eb0e22d2d142b96b9cc84cd8db5d2a48, the build without
|
---|
| 4639 | CURL_DISABLE_PROXY and CURL_DISABLE_HTTP was failing because of missing
|
---|
| 4640 | includes.
|
---|
| 4641 |
|
---|
| 4642 | - http_proxy: fix compiler warning
|
---|
| 4643 |
|
---|
| 4644 | With CURL_DISABLE_PROXY or CURL_DISABLE_HTTP, GCC complained about a
|
---|
| 4645 | missing prototype for Curl_connect_free.
|
---|
| 4646 |
|
---|
| 4647 | Daniel Stenberg (18 Jun 2017)
|
---|
| 4648 | - TODO: update the TOC too
|
---|
| 4649 |
|
---|
| 4650 | - TODO: implement support for CURLOPT_PREQUOTE with SFTP
|
---|
| 4651 |
|
---|
| 4652 | ... also updated the CURLOPT_PREQUOTE.3 man page to mention the correct
|
---|
| 4653 | protocol support.
|
---|
| 4654 |
|
---|
| 4655 | Closes #1514
|
---|
| 4656 |
|
---|
| 4657 | - tool_wrte_cb: remove check for config == NULL
|
---|
| 4658 |
|
---|
| 4659 | ... as it really cannot have reached this far with config being NULL,
|
---|
| 4660 | thus this is unnecesary and misleading.
|
---|
| 4661 |
|
---|
| 4662 | Bug: https://news.ycombinator.com/item?id=14577585 and
|
---|
| 4663 | https://daniel.haxx.se/blog/2017/06/17/curl-doesnt-spew-binary-anymore/comment-page-1/#comment-18356
|
---|
| 4664 |
|
---|
| 4665 | Forwarded-to-us-by: Jakub Wilk
|
---|
| 4666 |
|
---|
| 4667 | - curl: prevent binary output spewed to terminal
|
---|
| 4668 |
|
---|
| 4669 | ... unless "--output -" is used. Binary detection is done by simply
|
---|
| 4670 | checking for a binary zero in early data.
|
---|
| 4671 |
|
---|
| 4672 | Added test 1425 1426 to verify.
|
---|
| 4673 |
|
---|
| 4674 | Closes #1512
|
---|
| 4675 |
|
---|
| 4676 | Marcel Raad (16 Jun 2017)
|
---|
| 4677 | - Makefile.m32: enable -W for MinGW32 build
|
---|
| 4678 |
|
---|
| 4679 | The configure-based build also has this in addition to -Wall.
|
---|
| 4680 |
|
---|
| 4681 | Closes https://github.com/curl/curl/pull/1578
|
---|
| 4682 |
|
---|
| 4683 | - curl-compilers.m4: enable comma clang warning
|
---|
| 4684 |
|
---|
| 4685 | It usually warns when using commas instead of semicolons or other
|
---|
| 4686 | operators by accident.
|
---|
| 4687 |
|
---|
| 4688 | Closes https://github.com/curl/curl/pull/1578
|
---|
| 4689 |
|
---|
| 4690 | - curl-compilers.m4: enable missing-variable-declarations clang warning
|
---|
| 4691 |
|
---|
| 4692 | It usually warns when forgetting to declare TU-local variables static.
|
---|
| 4693 |
|
---|
| 4694 | Closes https://github.com/curl/curl/pull/1578
|
---|
| 4695 |
|
---|
| 4696 | - curl-compilers.m4: enable double-promotion warning
|
---|
| 4697 |
|
---|
| 4698 | Enable -Wdouble-promotion for both GCC and clang. It warns on implicit
|
---|
| 4699 | promotion from float to double.
|
---|
| 4700 |
|
---|
| 4701 | Closes https://github.com/curl/curl/pull/1578
|
---|
| 4702 |
|
---|
| 4703 | - curl-compilers.m4: enable vla warning for clang
|
---|
| 4704 |
|
---|
| 4705 | Previously, that warning was only implicitly active in C90 mode.
|
---|
| 4706 | Enable it unconditionally as already done for GCC.
|
---|
| 4707 |
|
---|
| 4708 | Closes https://github.com/curl/curl/pull/1578
|
---|
| 4709 |
|
---|
| 4710 | Daniel Stenberg (16 Jun 2017)
|
---|
| 4711 | - http-proxy: fix chunked-encoded CONNECT responses
|
---|
| 4712 |
|
---|
| 4713 | Regression since 5113ad0424.
|
---|
| 4714 |
|
---|
| 4715 | ... and remove 'flaky' from test 1061 again
|
---|
| 4716 |
|
---|
| 4717 | Closes #1579
|
---|
| 4718 |
|
---|
| 4719 | - http-proxy: deal with EAGAIN
|
---|
| 4720 |
|
---|
| 4721 | ... the previous code would reset the header length wrongly (since
|
---|
| 4722 | 5113ad0424). This makes test 1060 reliable again.
|
---|
| 4723 |
|
---|
| 4724 | Also: make sws send even smaller chunks of data to increase the
|
---|
| 4725 | likeliness of this happening.
|
---|
| 4726 |
|
---|
| 4727 | - libtest/libntlmconnect: fix compiler warnings from f94fcdb
|
---|
| 4728 |
|
---|
| 4729 | - [Jay Satiro brought this change]
|
---|
| 4730 |
|
---|
| 4731 | HTTPS-Proxy: don't offer h2 for https proxy connections
|
---|
| 4732 |
|
---|
| 4733 | Bug: https://github.com/curl/curl/issues/1254
|
---|
| 4734 |
|
---|
| 4735 | Closes #1546
|
---|
| 4736 |
|
---|
| 4737 | - tests: stabilize test 2032 and 2033
|
---|
| 4738 |
|
---|
| 4739 | Both these tests run the same underlying test code: libntlmconnect.c -
|
---|
| 4740 | this test code made some assumptions about socket ordering when it used
|
---|
| 4741 | curl_easy_fdset() and when we changed timing or got accidental changes
|
---|
| 4742 | in libcurl the tests would fail.
|
---|
| 4743 |
|
---|
| 4744 | The tests verify that the different transfers keep using the same
|
---|
| 4745 | connections, which I now instead made sure by adding the number of bytes
|
---|
| 4746 | each transfer gets and then verifies that they always get the same
|
---|
| 4747 | amount as when these tests worked.
|
---|
| 4748 |
|
---|
| 4749 | Closes #1576
|
---|
| 4750 |
|
---|
| 4751 | - test1148: verify the -# progressbar
|
---|
| 4752 |
|
---|
| 4753 | Closes #1569
|
---|
| 4754 |
|
---|
| 4755 | - test1061: mark as flaky
|
---|
| 4756 |
|
---|
| 4757 | Fails intermittently on travis builds since a few days. Likely due to
|
---|
| 4758 | 5113ad0424.
|
---|
| 4759 |
|
---|
| 4760 | Jay Satiro (16 Jun 2017)
|
---|
| 4761 | - url: refactor the check for Windows drive letter in path
|
---|
| 4762 |
|
---|
| 4763 | - Move the logic to detect a Windows drive letter prefix
|
---|
| 4764 | (eg c: in c:foo) into a function-like macro.
|
---|
| 4765 |
|
---|
| 4766 | Closes https://github.com/curl/curl/pull/1571
|
---|
| 4767 |
|
---|
| 4768 | - mk-ca-bundle.pl: Check curl's exit code after certdata download
|
---|
| 4769 |
|
---|
| 4770 | - No longer allow partial downloads of certdata.
|
---|
| 4771 |
|
---|
| 4772 | Prior to this change partial downloads were (erroneously?) allowed since
|
---|
| 4773 | only the server code was checked to be 200.
|
---|
| 4774 |
|
---|
| 4775 | Bug: https://github.com/curl/curl/pull/1577
|
---|
| 4776 | Reported-by: Matteo B.
|
---|
| 4777 |
|
---|
| 4778 | Daniel Stenberg (16 Jun 2017)
|
---|
| 4779 | - dist: add the fuzz dir to the tarball
|
---|
| 4780 |
|
---|
| 4781 | - configure: disable nghttp2 too if HTTP has been disabled
|
---|
| 4782 |
|
---|
| 4783 | - http-proxy: fix build with --disable-proxy or --disable-http
|
---|
| 4784 |
|
---|
| 4785 | Reported-by: Dan Fandrich
|
---|
| 4786 |
|
---|
| 4787 | - fuzz/README: document how to build
|
---|
| 4788 |
|
---|
| 4789 | Fixes #1476
|
---|
| 4790 |
|
---|
| 4791 | - [Frederik B brought this change]
|
---|
| 4792 |
|
---|
| 4793 | fuzz: corpora file structure, initial commit
|
---|
| 4794 |
|
---|
| 4795 | - [Frederik B brought this change]
|
---|
| 4796 |
|
---|
| 4797 | fuzz: bring oss-fuzz initial code converted to C89
|
---|
| 4798 |
|
---|
| 4799 | - http-proxy: only attempt FTP over HTTP proxy
|
---|
| 4800 |
|
---|
| 4801 | ... all other non-HTTP protocol schemes are now defaulting to "tunnel
|
---|
| 4802 | trough" mode if a HTTP proxy is specified. In reality there are no HTTP
|
---|
| 4803 | proxies out there that allow those other schemes.
|
---|
| 4804 |
|
---|
| 4805 | Assisted-by: Ray Satiro, Michael Kaufmann
|
---|
| 4806 |
|
---|
| 4807 | Closes #1505
|
---|
| 4808 |
|
---|
| 4809 | - TODO: the generated include file is gone
|
---|
| 4810 |
|
---|
| 4811 | ... since commit 73a2fcea0b
|
---|
| 4812 |
|
---|
| 4813 | - curl_setup.h: error out on CURL_WANTS_CA_BUNDLE_ENV use
|
---|
| 4814 |
|
---|
| 4815 | ... to make it really apparent if there's any user using this on purpose.
|
---|
| 4816 |
|
---|
| 4817 | Suggested-by: Jay Satiro
|
---|
| 4818 |
|
---|
| 4819 | Closes #1542
|
---|
| 4820 |
|
---|
| 4821 | - lib/curl_setup.h: remove CURL_WANTS_CA_BUNDLE_ENV
|
---|
| 4822 |
|
---|
| 4823 | When this define was set, libcurl would check the environment variable
|
---|
| 4824 | named CURL_CA_BUNDLE at run-time and use that CA cert bundle. This
|
---|
| 4825 | feature was only defined by the watcom and m32 makefiles and caused
|
---|
| 4826 | inconsistent behaviours among libcurls built on different platforms.
|
---|
| 4827 |
|
---|
| 4828 | The curl tool does already feature its own similar logic and the library
|
---|
| 4829 | does not really need it, and it isn't documented libcurl behavior. So
|
---|
| 4830 | this change removes it.
|
---|
| 4831 |
|
---|
| 4832 | Ref: #1538
|
---|
| 4833 |
|
---|
| 4834 | - test1147: verify -H on a file
|
---|
| 4835 |
|
---|
| 4836 | - curl: allow --header and --proxy-header read from file
|
---|
| 4837 |
|
---|
| 4838 | So many headers can be provided as @filename.
|
---|
| 4839 |
|
---|
| 4840 | Suggested-by: Timothe Litt
|
---|
| 4841 |
|
---|
| 4842 | Closes #1486
|
---|
| 4843 |
|
---|
| 4844 | - RELEASE-NOTES: synced with 2ad80eec5
|
---|
| 4845 |
|
---|
| 4846 | - curl/curlver.h: start working on 7.55.0
|
---|
| 4847 |
|
---|
| 4848 | - http-proxy: do the HTTP CONNECT process entirely non-blocking
|
---|
| 4849 |
|
---|
| 4850 | Mentioned as a problem since 2007 (8f87c15bdac63) and of course it
|
---|
| 4851 | existed even before that.
|
---|
| 4852 |
|
---|
| 4853 | Closes #1547
|
---|
| 4854 |
|
---|
| 4855 | - progress: let "current speed" be UL + DL speeds combined
|
---|
| 4856 |
|
---|
| 4857 | Bug #1556
|
---|
| 4858 | Reported-by: Paul Harris
|
---|
| 4859 | Closes #1559
|
---|
| 4860 |
|
---|
| 4861 | Marcel Raad (14 Jun 2017)
|
---|
| 4862 | - system.h: fix MinGW build
|
---|
| 4863 |
|
---|
| 4864 | CURLSYS_PULL_WS2TCPIP_H got renamed to CURL_PULL_WS2TCPIP_H in commit
|
---|
| 4865 | 73a2fcea0b4adea6ba342cd7ed1149782c214ae3.
|
---|
| 4866 |
|
---|
| 4867 | Daniel Stenberg (14 Jun 2017)
|
---|
| 4868 | - timers: store internal time stamps as time_t instead of doubles
|
---|
| 4869 |
|
---|
| 4870 | This gives us accurate precision and it allows us to avoid storing "no
|
---|
| 4871 | time" for systems with too low timer resolution as we then bump the time
|
---|
| 4872 | up to 1 microsecond. Should fix test 573 on windows.
|
---|
| 4873 |
|
---|
| 4874 | Remove the now unused curlx_tvdiff_secs() function.
|
---|
| 4875 |
|
---|
| 4876 | Maintains the external getinfo() API with using doubles.
|
---|
| 4877 |
|
---|
| 4878 | Fixes #1531
|
---|
| 4879 |
|
---|
| 4880 | - dist: make the hugehelp.c not get regenerated unnecessarily
|
---|
| 4881 |
|
---|
| 4882 | The maketgz script now makes sure the generated hugehelp.c file in the
|
---|
| 4883 | tarball is newer than the generated curl.1 man page, so that it doesn't
|
---|
| 4884 | have to get unnecessarily rebuilt first thing in a typical build. It
|
---|
| 4885 | thus also removes the need for perl to build off a plain release
|
---|
| 4886 | tarball.
|
---|
| 4887 |
|
---|
| 4888 | Fixes #1565
|
---|
| 4889 |
|
---|
| 4890 | - includes: remove curl/curlbuild.h and curl/curlrules.h
|
---|
| 4891 |
|
---|
| 4892 | Rely entirely on curl/system.h now.
|
---|
| 4893 |
|
---|
| 4894 | Introduced in Aug 2008 with commit 14240e9e109f. Now gone.
|
---|
| 4895 |
|
---|
| 4896 | Fixes #1456
|
---|
| 4897 |
|
---|
| 4898 | Version 7.54.1 (14 Jun 2017)
|
---|
| 4899 |
|
---|
| 4900 | Daniel Stenberg (14 Jun 2017)
|
---|
| 4901 | - release: 7.54.1
|
---|
| 4902 |
|
---|
| 4903 | Dan Fandrich (13 Jun 2017)
|
---|
| 4904 | - mk-lib1521.pl: updated to match the test changes in 916ec30a
|
---|
| 4905 |
|
---|
| 4906 | Daniel Stenberg (13 Jun 2017)
|
---|
| 4907 | - [Stuart Henderson brought this change]
|
---|
| 4908 |
|
---|
| 4909 | libressl: OCSP and intermediate certs workaround no longer needed
|
---|
| 4910 |
|
---|
| 4911 | lib/vtls/openssl.c has a workaround for a bug with OCSP responses signed
|
---|
| 4912 | by intermediate certs, this was fixed in LibreSSL in
|
---|
| 4913 | https://github.com/libressl-portable/openbsd/commit/912c64f68f7ac4f225b7d1fdc8fbd43168912ba0
|
---|
| 4914 |
|
---|
| 4915 | Bug: https://curl.haxx.se/mail/lib-2017-06/0038.html
|
---|
| 4916 |
|
---|
| 4917 | - url: fix buffer overwrite with file protocol (CVE-2017-9502)
|
---|
| 4918 |
|
---|
| 4919 | Bug: https://github.com/curl/curl/issues/1540
|
---|
| 4920 | Advisory: https://curl.haxx.se/docs/adv_20170614.html
|
---|
| 4921 |
|
---|
| 4922 | Assisted-by: Ray Satiro
|
---|
| 4923 | Reported-by: Marcel Raad
|
---|
| 4924 |
|
---|
| 4925 | - urlglob: fix division by zero
|
---|
| 4926 |
|
---|
| 4927 | The multiply() function that is used to avoid integer overflows, was
|
---|
| 4928 | itself reason for a possible division by zero error when passed a
|
---|
| 4929 | specially formatted glob.
|
---|
| 4930 |
|
---|
| 4931 | Reported-by: GwanYeong Kim
|
---|
| 4932 |
|
---|
| 4933 | - configure: update the copyright year in the output
|
---|
| 4934 |
|
---|
| 4935 | - [ygrek brought this change]
|
---|
| 4936 |
|
---|
| 4937 | BINDINGS: update SP-Forth and OCaml urls
|
---|
| 4938 |
|
---|
| 4939 | Michael Kaufmann (11 Jun 2017)
|
---|
| 4940 | - FindWin32CACert: Use a temporary buffer on the stack
|
---|
| 4941 |
|
---|
| 4942 | Don't malloc() the temporary buffer, and use the correct type:
|
---|
| 4943 | SearchPath() works with TCHAR, but SearchPathA() works with char.
|
---|
| 4944 | Set the buffer size to MAX_PATH, because the terminating null byte
|
---|
| 4945 | is already included in MAX_PATH.
|
---|
| 4946 |
|
---|
| 4947 | Reviewed-by: Daniel Stenberg
|
---|
| 4948 | Reviewed-by: Marcel Raad
|
---|
| 4949 |
|
---|
| 4950 | Closes #1548
|
---|
| 4951 |
|
---|
| 4952 | Dan Fandrich (11 Jun 2017)
|
---|
| 4953 | - test1521: fixed OOM handling
|
---|
| 4954 |
|
---|
| 4955 | Daniel Stenberg (9 Jun 2017)
|
---|
| 4956 | - RELEASE-PROCEDURE: updated future release dates
|
---|
| 4957 |
|
---|
| 4958 | - [Paul Harris brought this change]
|
---|
| 4959 |
|
---|
| 4960 | gitignore: ignore all vim swap files
|
---|
| 4961 |
|
---|
| 4962 | Closes #1561
|
---|
| 4963 |
|
---|
| 4964 | - lib1521: fix compiler warnings on the use of bad 'long' values
|
---|
| 4965 |
|
---|
| 4966 | Reported-by: Marcel Raad
|
---|
| 4967 | Bug: https://github.com/curl/curl/commit/cccac4fb2b20d6ed87da7978408c3ecacc464fe4#commitcomment-22453387
|
---|
| 4968 |
|
---|
| 4969 | - setopt: check CURLOPT_ADDRESS_SCOPE option range
|
---|
| 4970 |
|
---|
| 4971 | ... and return error instead of triggering an assert() when being way
|
---|
| 4972 | out of range.
|
---|
| 4973 |
|
---|
| 4974 | Jay Satiro (8 Jun 2017)
|
---|
| 4975 | - [TheAssassin brought this change]
|
---|
| 4976 |
|
---|
| 4977 | cmake: Fix inconsistency regarding mbed TLS include directory
|
---|
| 4978 |
|
---|
| 4979 | Previously, one had to set MBEDTLS_INCLUDE_DIR to make CMake find the
|
---|
| 4980 | headers, but the system complained that mbed TLS wasn't found due to
|
---|
| 4981 | MBEDTLS_INCLUDE_DIRS (note the trailing s) was not set. This commit
|
---|
| 4982 | attempts to fix that.
|
---|
| 4983 |
|
---|
| 4984 | Closes https://github.com/curl/curl/pull/1541
|
---|
| 4985 |
|
---|
| 4986 | Daniel Stenberg (8 Jun 2017)
|
---|
| 4987 | - [Ryuichi KAWAMATA brought this change]
|
---|
| 4988 |
|
---|
| 4989 | examples/multi-uv.c: fix deprecated symbol
|
---|
| 4990 |
|
---|
| 4991 | Closes #1557
|
---|
| 4992 |
|
---|
| 4993 | - asyn-ares: s/Curl_expire_latest/Curl_expire
|
---|
| 4994 |
|
---|
| 4995 | - expire: remove Curl_expire_latest()
|
---|
| 4996 |
|
---|
| 4997 | With the introduction of expire IDs and the fact that existing timers
|
---|
| 4998 | can be removed now and thus never expire, the concept with adding a
|
---|
| 4999 | "latest" timer is not working anymore as it risks to not expire at all.
|
---|
| 5000 |
|
---|
| 5001 | So, to be certain the timers actually are in line and will expire, the
|
---|
| 5002 | plain Curl_expire() needs to be used. The _latest() function was added
|
---|
| 5003 | as a sort of shortcut in the past that's quite simply not necessary
|
---|
| 5004 | anymore.
|
---|
| 5005 |
|
---|
| 5006 | Follow-up to 31b39c40cf90
|
---|
| 5007 |
|
---|
| 5008 | Reported-by: Paul Harris
|
---|
| 5009 |
|
---|
| 5010 | Closes #1555
|
---|
| 5011 |
|
---|
| 5012 | - [Chris Carlmar brought this change]
|
---|
| 5013 |
|
---|
| 5014 | configure: fix link with librtmp when specifying path
|
---|
| 5015 |
|
---|
| 5016 | Bug: https://curl.haxx.se/mail/lib-2017-06/0017.html
|
---|
| 5017 |
|
---|
| 5018 | - file: make speedcheck use current time for checks
|
---|
| 5019 |
|
---|
| 5020 | ... as it would previously just get the "now" timestamp before the
|
---|
| 5021 | transfer starts and then not update it again.
|
---|
| 5022 |
|
---|
| 5023 | Closes #1550
|
---|
| 5024 |
|
---|
| 5025 | - metalink: remove unused printf() argument
|
---|
| 5026 |
|
---|
| 5027 | - travis: let some builds *not* use --enable-debug
|
---|
| 5028 |
|
---|
| 5029 | typecheck-gcc and other things require optimized builds
|
---|
| 5030 |
|
---|
| 5031 | Closes #1544
|
---|
| 5032 |
|
---|
| 5033 | - README.md: show the coverall coverage on github
|
---|
| 5034 |
|
---|
| 5035 | - lib1521: fix compiler warnings
|
---|
| 5036 |
|
---|
| 5037 | - test1521: make the code < 80 columns wide
|
---|
| 5038 |
|
---|
| 5039 | - test1121: use stricter types to work with typcheck-gcc
|
---|
| 5040 |
|
---|
| 5041 | - typecheck-gcc: allow CURLOPT_STDERR to be NULL too
|
---|
| 5042 |
|
---|
| 5043 | - test1521: test *all* curl_easy_setopt options
|
---|
| 5044 |
|
---|
| 5045 | mk-lib1521.pl generates a test program (lib1521.c) that calls
|
---|
| 5046 | curl_easy_setopt() for every known option with a few typical values to
|
---|
| 5047 | make sure they work (ignoring the return codes).
|
---|
| 5048 |
|
---|
| 5049 | Some small changes were necessary to avoid asserts and NULL accesses
|
---|
| 5050 | when doing this.
|
---|
| 5051 |
|
---|
| 5052 | The perl script needs to be manually rerun when we add new options.
|
---|
| 5053 |
|
---|
| 5054 | Closes #1543
|
---|
| 5055 |
|
---|
| 5056 | Dan Fandrich (5 Jun 2017)
|
---|
| 5057 | - test1538: added "verbose logs" keyword
|
---|
| 5058 |
|
---|
| 5059 | These error messages are not displayed with --disable-verbose
|
---|
| 5060 |
|
---|
| 5061 | Daniel Stenberg (5 Jun 2017)
|
---|
| 5062 | - test1262: verify ftp download with -z for "if older than this"
|
---|
| 5063 |
|
---|
| 5064 | Marcel Raad (5 Jun 2017)
|
---|
| 5065 | - curl_ntlm_core: use Curl_raw_toupper instead of toupper
|
---|
| 5066 |
|
---|
| 5067 | This was the only remaining use of toupper in the entire source code.
|
---|
| 5068 |
|
---|
| 5069 | Suggested-by: Daniel Stenberg
|
---|
| 5070 |
|
---|
| 5071 | Daniel Stenberg (4 Jun 2017)
|
---|
| 5072 | - RELEASE-NOTES: synced with 65ba92650
|
---|
| 5073 |
|
---|
| 5074 | Marcel Raad (4 Jun 2017)
|
---|
| 5075 | - curl_ntlm_core: pass unsigned char to toupper
|
---|
| 5076 |
|
---|
| 5077 | Otherwise, clang on Cygwin64 warns:
|
---|
| 5078 | curl_ntlm_core.c:525:35: error: array subscript is of type 'char'
|
---|
| 5079 | [-Werror,-Wchar-subscripts]
|
---|
| 5080 | dest[2 * i] = (unsigned char)(toupper(src[i]));
|
---|
| 5081 | ^~~~~~~~~~~~~~~
|
---|
| 5082 | /usr/include/ctype.h:152:25: note: expanded from macro 'toupper'
|
---|
| 5083 | (void) __CTYPE_PTR[__x]; (toupper) (__x);})
|
---|
| 5084 | ^~~~
|
---|
| 5085 |
|
---|
| 5086 | Jay Satiro (3 Jun 2017)
|
---|
| 5087 | - [Mahmoud Samir Fayed brought this change]
|
---|
| 5088 |
|
---|
| 5089 | BINDINGS: add Ring binding
|
---|
| 5090 |
|
---|
| 5091 | Closes https://github.com/curl/curl/pull/1539
|
---|
| 5092 |
|
---|
| 5093 | Daniel Stenberg (4 Jun 2017)
|
---|
| 5094 | - CONTRIBUTE.md: mention tests done on pull requests
|
---|
| 5095 |
|
---|
| 5096 | - travis: add coverage, distcheck and cmake builds
|
---|
| 5097 |
|
---|
| 5098 | Closes #1534
|
---|
| 5099 |
|
---|
| 5100 | Marcel Raad (3 Jun 2017)
|
---|
| 5101 | - libtest: fix int-in-bool-context warnings
|
---|
| 5102 |
|
---|
| 5103 | GCC 7 complained:
|
---|
| 5104 | â*â in boolean context, suggest â&&â instead [-Wint-in-bool-context]
|
---|
| 5105 |
|
---|
| 5106 | - libtest: fix implicit-fallthrough warnings with GCC 7
|
---|
| 5107 |
|
---|
| 5108 | - x509asn1: fix implicit-fallthrough warning with GCC 7
|
---|
| 5109 |
|
---|
| 5110 | - curl_sasl: fix unused-variable warning
|
---|
| 5111 |
|
---|
| 5112 | This fixes the following warning with CURL_DISABLE_CRYPTO_AUTH,
|
---|
| 5113 | as seen in the autobuilds:
|
---|
| 5114 |
|
---|
| 5115 | curl_sasl.c:417:9: warning: unused variable 'serverdata'
|
---|
| 5116 | [-Wunused-variable]
|
---|
| 5117 |
|
---|
| 5118 | Daniel Stenberg (3 Jun 2017)
|
---|
| 5119 | - updatemanpages.pl: error out on too old git version
|
---|
| 5120 |
|
---|
| 5121 | Marcel Raad (3 Jun 2017)
|
---|
| 5122 | - cyassl: define build macros before including ssl.h
|
---|
| 5123 |
|
---|
| 5124 | cyassl/ssl.h needs the macros from cyassl/options.h, so define them
|
---|
| 5125 | before including cyassl/ssl.h the first time, which happens in
|
---|
| 5126 | urldata.h.
|
---|
| 5127 | This broke the build on Ubuntu Xenial, which comes with WolfSSL 3.4.8
|
---|
| 5128 | and therefore redefines the symbols from cyassl/options.h instead of
|
---|
| 5129 | including the header.
|
---|
| 5130 |
|
---|
| 5131 | Closes https://github.com/curl/curl/pull/1536
|
---|
| 5132 |
|
---|
| 5133 | Daniel Stenberg (3 Jun 2017)
|
---|
| 5134 | - tool_util: remove unused tvdiff_secs and remove tool_ prefix
|
---|
| 5135 |
|
---|
| 5136 | Closes #1532
|
---|
| 5137 |
|
---|
| 5138 | - dedotdot: fixed output for ".." and "." only input
|
---|
| 5139 |
|
---|
| 5140 | Found when updating test 1395, which I did to increase test coverage of
|
---|
| 5141 | this source file...
|
---|
| 5142 |
|
---|
| 5143 | Closes #1535
|
---|
| 5144 |
|
---|
| 5145 | Marcel Raad (2 Jun 2017)
|
---|
| 5146 | - mbedtls: make TU-local variable static
|
---|
| 5147 |
|
---|
| 5148 | mbedtls_x509_crt_profile_fr is only used locally.
|
---|
| 5149 | This fixes a missing-variable-declarations warning with clang.
|
---|
| 5150 |
|
---|
| 5151 | - MD(4|5): silence cast-align clang warning
|
---|
| 5152 |
|
---|
| 5153 | Unaligned access is on purpose here and the warning is harmless on
|
---|
| 5154 | affected architectures. GCC knows that, while clang warns on all
|
---|
| 5155 | architectures.
|
---|
| 5156 |
|
---|
| 5157 | Daniel Stenberg (2 Jun 2017)
|
---|
| 5158 | - test1538: fix typo
|
---|
| 5159 |
|
---|
| 5160 | - test1538: verify the libcurl strerror API calls
|
---|
| 5161 |
|
---|
| 5162 | - curl_endian: remove unused functions
|
---|
| 5163 |
|
---|
| 5164 | Closes #1529
|
---|
| 5165 |
|
---|
| 5166 | - test1537: dedicated tests of the URL (un)escape API calls
|
---|
| 5167 |
|
---|
| 5168 | Closes #1530
|
---|
| 5169 |
|
---|
| 5170 | - coverage: run event tests too
|
---|
| 5171 |
|
---|
| 5172 | ... the torture ones are commented out only because they are slooooow.
|
---|
| 5173 |
|
---|
| 5174 | - build: provide easy code coverage measuring
|
---|
| 5175 |
|
---|
| 5176 | Closes #1528
|
---|
| 5177 |
|
---|
| 5178 | - typecheck-gcc.h: check CURLINFO_CERTINFO
|
---|
| 5179 |
|
---|
| 5180 | ... and update the certinfo.c example accordingly.
|
---|
| 5181 |
|
---|
| 5182 | Fixes https://github.com/curl/curl/issues/846
|
---|
| 5183 |
|
---|
| 5184 | - typecheck-gcc.h: check CURLINFO_TLS_SSL_PTR and CURLINFO_TLS_SESSION
|
---|
| 5185 |
|
---|
| 5186 | ... so that they get the required "struct curl_tlssessioninfo **"
|
---|
| 5187 | arguments.
|
---|
| 5188 |
|
---|
| 5189 | - typecheck-gcc.h: separate getinfo slist checks from other pointers
|
---|
| 5190 |
|
---|
| 5191 | Fixes #1524
|
---|
| 5192 |
|
---|
| 5193 | Marcel Raad (1 Jun 2017)
|
---|
| 5194 | - curl-compilers.m4: escape square brackets in regex
|
---|
| 5195 |
|
---|
| 5196 | Otherwise, they are removed in the final configure file.
|
---|
| 5197 | Also changed sed to "$SED" like in most other calls in this file.
|
---|
| 5198 |
|
---|
| 5199 | - curl-compilers.m4: fix compiler_num for clang
|
---|
| 5200 |
|
---|
| 5201 | "clang -dumpversion" always returns "4.2.1", the GCC version that clang
|
---|
| 5202 | was initially compatible to. Use "clang -v" instead, which returns the
|
---|
| 5203 | actual clang version.
|
---|
| 5204 |
|
---|
| 5205 | Fixes https://github.com/curl/curl/issues/1522
|
---|
| 5206 | Closes https://github.com/curl/curl/pull/1523
|
---|
| 5207 |
|
---|
| 5208 | Daniel Stenberg (31 May 2017)
|
---|
| 5209 | - examples/externalsocket.c: s/closesocket/closecb
|
---|
| 5210 |
|
---|
| 5211 | ... since closesocket is a function in WinSock.
|
---|
| 5212 |
|
---|
| 5213 | Reported-by: Marcel Raad
|
---|
| 5214 | Bug: https://github.com/curl/curl/commit/55fcb8485914700132fd1854c9509b66c955efbe#co
|
---|
| 5215 | mmitcomment-22347818
|
---|
| 5216 |
|
---|
| 5217 | Marcel Raad (31 May 2017)
|
---|
| 5218 | - lib583: fix compiler warning
|
---|
| 5219 |
|
---|
| 5220 | Use CURLMcode for variable 'res' and cast to int where necessary
|
---|
| 5221 | instead of the other way around. Other tests do the same.
|
---|
| 5222 |
|
---|
| 5223 | This fixes the following clang warning:
|
---|
| 5224 | lib583.c:68:15: warning: cast from function call of type 'CURLMcode' to
|
---|
| 5225 | non-matching type 'int' [-Wbad-function-cast]
|
---|
| 5226 |
|
---|
| 5227 | Daniel Stenberg (31 May 2017)
|
---|
| 5228 | - CURLOPT_SSH_KEY*.3: typos
|
---|
| 5229 |
|
---|
| 5230 | Reported-by: Gisle Vanem
|
---|
| 5231 |
|
---|
| 5232 | - CURLOPT_STREAM_DEPENDS.3: typo
|
---|
| 5233 |
|
---|
| 5234 | - CURLOPT_FNMATCH_FUNCTION.3: also modified example to avoid fcpp issues
|
---|
| 5235 |
|
---|
| 5236 | - CURLOPT_FNMATCH_DATA.3: modified example to avoid fcpp issues
|
---|
| 5237 |
|
---|
| 5238 | - opts: more than 100 more examples for man pages...
|
---|
| 5239 |
|
---|
| 5240 | - libtest/lib574.c: use correct callback proto
|
---|
| 5241 |
|
---|
| 5242 | - examples/sampleconv.c: indent changes, made callbacks static
|
---|
| 5243 |
|
---|
| 5244 | - example/externalsocket.c: make it use CLOSESOCKETFUNCTION too
|
---|
| 5245 |
|
---|
| 5246 | Marcel Raad (31 May 2017)
|
---|
| 5247 | - curl-compilers.m4: enable -Wshift-sign-overflow for clang
|
---|
| 5248 |
|
---|
| 5249 | clang 2.9+ supports -Wshift-sign-overflow, which warns about undefined
|
---|
| 5250 | behavior on signed left shifts when shifting by too many places.
|
---|
| 5251 |
|
---|
| 5252 | Ref: https://github.com/curl/curl/issues/1516
|
---|
| 5253 | Closes https://github.com/curl/curl/pull/1517
|
---|
| 5254 |
|
---|
| 5255 | Daniel Stenberg (31 May 2017)
|
---|
| 5256 | - CURLOPT_PROXY.3: fix test 1140 breakage
|
---|
| 5257 |
|
---|
| 5258 | Jay Satiro (31 May 2017)
|
---|
| 5259 | - build-wolfssl: Sync config with wolfSSL 3.11
|
---|
| 5260 |
|
---|
| 5261 | wolfSSL configure script relevant changes from 3.10 to 3.11:
|
---|
| 5262 |
|
---|
| 5263 | - Async threading support added; disabled by default without async
|
---|
| 5264 | crypto, which continues to be disabled by default.
|
---|
| 5265 |
|
---|
| 5266 | wolfSSL configure script relevant changes from 3.11 to 3.11.1 (beta):
|
---|
| 5267 |
|
---|
| 5268 | - TLS 1.3 beta support added; disabled by default.
|
---|
| 5269 |
|
---|
| 5270 | For experimenting I put in a comment block the defines needed to enable
|
---|
| 5271 | TLS 1.3 support (ie the equivalent of --enable-tls13).
|
---|
| 5272 |
|
---|
| 5273 | Daniel Stenberg (30 May 2017)
|
---|
| 5274 | - opts: more examples added to man pages
|
---|
| 5275 |
|
---|
| 5276 | - docs: clarify NO_PROXY further
|
---|
| 5277 |
|
---|
| 5278 | Fixes #1208
|
---|
| 5279 |
|
---|
| 5280 | - CURLOPT_PROXY.3: describe the environment variables more
|
---|
| 5281 |
|
---|
| 5282 | - transfer: init the infilesize from the postfields...
|
---|
| 5283 |
|
---|
| 5284 | ... with a strlen() if no size was set, and do this in the pretransfer
|
---|
| 5285 | function so that the info is set early. Otherwise, the default strlen()
|
---|
| 5286 | done on the POSTFIELDS data never sets state.infilesize.
|
---|
| 5287 |
|
---|
| 5288 | Reported-by: Vincas Razma
|
---|
| 5289 | Bug: #1294
|
---|
| 5290 |
|
---|
| 5291 | Jay Satiro (29 May 2017)
|
---|
| 5292 | - test557: fix ubsan runtime error due to int left shift
|
---|
| 5293 |
|
---|
| 5294 | - Test curl_msnprintf negative int width arg using INT_MIN instead of
|
---|
| 5295 | 1 << 31 which is undefined behavior.
|
---|
| 5296 |
|
---|
| 5297 | Closes https://github.com/curl/curl/issues/1516
|
---|
| 5298 |
|
---|
| 5299 | - mbedtls: fix variable shadow warning
|
---|
| 5300 |
|
---|
| 5301 | vtls/mbedtls.c:804:69: warning: declaration of 'entropy' shadows a global declaration [-Wshadow]
|
---|
| 5302 | CURLcode Curl_mbedtls_random(struct Curl_easy *data, unsigned char *entropy,
|
---|
| 5303 | ^~~~~~~
|
---|
| 5304 |
|
---|
| 5305 | Daniel Stenberg (29 May 2017)
|
---|
| 5306 | - RELEASE-NOTES: synced with 3aaac8c2f
|
---|
| 5307 |
|
---|
| 5308 | Dan Fandrich (28 May 2017)
|
---|
| 5309 | - tests: removed some redundant empty <stdout> sections
|
---|
| 5310 |
|
---|
| 5311 | - runtests.pl: removed <precommand> feature
|
---|
| 5312 |
|
---|
| 5313 | This hasn't been used in over a decade. <precheck> can still be used to
|
---|
| 5314 | run commands before the main test.
|
---|
| 5315 |
|
---|
| 5316 | Daniel Stenberg (27 May 2017)
|
---|
| 5317 | - opts: more examples added in option man pages
|
---|
| 5318 |
|
---|
| 5319 | Dan Fandrich (27 May 2017)
|
---|
| 5320 | - runtests.pl: removed unused arguments to valgrindparse
|
---|
| 5321 |
|
---|
| 5322 | Daniel Stenberg (25 May 2017)
|
---|
| 5323 | - TODO: 6.4 is done, send telnet data in chunks
|
---|
| 5324 |
|
---|
| 5325 | - [Phil Crump brought this change]
|
---|
| 5326 |
|
---|
| 5327 | docs/CURLOPT_SSLVERSION.3: Correct define name in example
|
---|
| 5328 |
|
---|
| 5329 | Closes #1509
|
---|
| 5330 |
|
---|
| 5331 | - ssh: fix 'left' may be used uninitialized
|
---|
| 5332 |
|
---|
| 5333 | follow-up to f31760e63b4e
|
---|
| 5334 |
|
---|
| 5335 | Reported-by: Michael Kaufmann
|
---|
| 5336 | Bug: https://github.com/curl/curl/pull/1495#issuecomment-303982793
|
---|
| 5337 |
|
---|
| 5338 | Michael Kaufmann (24 May 2017)
|
---|
| 5339 | - time: fix type conversions and compiler warnings
|
---|
| 5340 |
|
---|
| 5341 | Fix bugs and compiler warnings on systems with 32-bit long and
|
---|
| 5342 | 64-bit time_t.
|
---|
| 5343 |
|
---|
| 5344 | Reviewed-by: Daniel Stenberg
|
---|
| 5345 |
|
---|
| 5346 | Closes #1499
|
---|
| 5347 |
|
---|
| 5348 | Marcel Raad (24 May 2017)
|
---|
| 5349 | - examples: fix Wimplicit-fallthrough warnings
|
---|
| 5350 |
|
---|
| 5351 | This is contained in -Wextra with GCC 7.
|
---|
| 5352 |
|
---|
| 5353 | Daniel Stenberg (24 May 2017)
|
---|
| 5354 | - [Anatol Belski brought this change]
|
---|
| 5355 |
|
---|
| 5356 | winbuild: fix the nghttp2 build
|
---|
| 5357 |
|
---|
| 5358 | Closes #1321
|
---|
| 5359 |
|
---|
| 5360 | GitHub (24 May 2017)
|
---|
| 5361 | - [Sergei Nikulov brought this change]
|
---|
| 5362 |
|
---|
| 5363 | LDAP: documentation update per #878 changes (#1506)
|
---|
| 5364 |
|
---|
| 5365 | Daniel Stenberg (23 May 2017)
|
---|
| 5366 | - redirect: store the "would redirect to" URL when max redirs is reached
|
---|
| 5367 |
|
---|
| 5368 | Test 1261 added to verify.
|
---|
| 5369 |
|
---|
| 5370 | Reported-by: Lloyd Fournier
|
---|
| 5371 |
|
---|
| 5372 | Fixes #1489
|
---|
| 5373 | Closes #1497
|
---|
| 5374 |
|
---|
| 5375 | GitHub (24 May 2017)
|
---|
| 5376 | - [Sergei Nikulov brought this change]
|
---|
| 5377 |
|
---|
| 5378 | LDAP: fixed checksrc issue
|
---|
| 5379 |
|
---|
| 5380 | - [Sergei Nikulov brought this change]
|
---|
| 5381 |
|
---|
| 5382 | LDAP: using ldap_bind_s on Windows with methods (#878)
|
---|
| 5383 |
|
---|
| 5384 | * LDAP: using ldap_bind_s on Windows with methods(BASIC/DIGEST/NTLM/AUTONEG)
|
---|
| 5385 |
|
---|
| 5386 | * ldap: updated per build options handling
|
---|
| 5387 |
|
---|
| 5388 | * ldap: fixed logic for auth selection
|
---|
| 5389 |
|
---|
| 5390 | Daniel Stenberg (23 May 2017)
|
---|
| 5391 | - [Akhil Kedia brought this change]
|
---|
| 5392 |
|
---|
| 5393 | cmake: fix build on Ubuntu 14.04
|
---|
| 5394 |
|
---|
| 5395 | Fixed a syntax error with setting cache variables (The type and
|
---|
| 5396 | docstring were missing), resulting in build errors. Quoted the
|
---|
| 5397 | CURL_CA_PATH and CURL_CA_BUNDLE otherwise the path was written without
|
---|
| 5398 | quotes in C code, resulting in build errors.
|
---|
| 5399 |
|
---|
| 5400 | Closes #1503
|
---|
| 5401 |
|
---|
| 5402 | Signed-off-by: Akhil <akhil.kedia@samsung.com>
|
---|
| 5403 |
|
---|
| 5404 | - url: fix declaration of 'pipe' shadows a global declaration
|
---|
| 5405 |
|
---|
| 5406 | follow-up to 4cdb1be8246c
|
---|
| 5407 |
|
---|
| 5408 | Kamil Dudka (22 May 2017)
|
---|
| 5409 | - memdebug: fix compilation failure
|
---|
| 5410 |
|
---|
| 5411 | .... caused by a typo in the last commit (fixing issue #1504):
|
---|
| 5412 |
|
---|
| 5413 | memdebug.c: In function âcurl_fcloseâ:
|
---|
| 5414 | memdebug.c:444:3: error: implicit declaration of function
|
---|
| 5415 | âDEBUGDEBUGASSERTâ [-Werror=implicit-function-declaration]
|
---|
| 5416 |
|
---|
| 5417 | Daniel Stenberg (22 May 2017)
|
---|
| 5418 | - assert: avoid, use DEBUGASSERT instead!
|
---|
| 5419 |
|
---|
| 5420 | ... as it does extra checks to actually work.
|
---|
| 5421 |
|
---|
| 5422 | Reported-by: jonrumsey at github
|
---|
| 5423 | Fixes #1504
|
---|
| 5424 |
|
---|
| 5425 | - [Simon Warta brought this change]
|
---|
| 5426 |
|
---|
| 5427 | cmake: remove unused variables: GNUTLS_ENABLED, NSS_ENABLED
|
---|
| 5428 |
|
---|
| 5429 | - [Simon Warta brought this change]
|
---|
| 5430 |
|
---|
| 5431 | cmake: remove CURL_CA_BUNDLE from cmake TODO
|
---|
| 5432 |
|
---|
| 5433 | - [Simon Warta brought this change]
|
---|
| 5434 |
|
---|
| 5435 | cmake: auto detection of CURL_CA_BUNDLE/CURL_CA_PATH
|
---|
| 5436 |
|
---|
| 5437 | Closes #1461
|
---|
| 5438 |
|
---|
| 5439 | - [Simon Warta brought this change]
|
---|
| 5440 |
|
---|
| 5441 | cmake: add CURL_CA_BUNDLE/CURL_CA_FALLBACK/CURL_CA_PATH options
|
---|
| 5442 |
|
---|
| 5443 | - [Simon Warta brought this change]
|
---|
| 5444 |
|
---|
| 5445 | cmake: Add CURL_CA_FALLBACK to curl_config.h.cmake
|
---|
| 5446 |
|
---|
| 5447 | This is for symmetry with the autoconf generated curl_config.h.in
|
---|
| 5448 |
|
---|
| 5449 | - RELEASE-NOTES: synced with 052a14e3c
|
---|
| 5450 |
|
---|
| 5451 | Michael Kaufmann (20 May 2017)
|
---|
| 5452 | - tests: stabilize test 1034
|
---|
| 5453 |
|
---|
| 5454 | Pass the invalid domain name on stdin. On some systems, the test
|
---|
| 5455 | framework cannot pass invalid UTF-8 sequences on the command line.
|
---|
| 5456 |
|
---|
| 5457 | Closes #1488
|
---|
| 5458 |
|
---|
| 5459 | Daniel Stenberg (20 May 2017)
|
---|
| 5460 | - ssh: ignore timeouts during disconnect
|
---|
| 5461 |
|
---|
| 5462 | ... as otherwise it risks not cleaning up the libssh2 handle properly
|
---|
| 5463 | which leads to memory leak!
|
---|
| 5464 |
|
---|
| 5465 | Assisted-by: Joel Depooter
|
---|
| 5466 |
|
---|
| 5467 | Closes #1495
|
---|
| 5468 | Closes #1479
|
---|
| 5469 |
|
---|
| 5470 | Bug: https://curl.haxx.se/mail/lib-2017-04/0024.html
|
---|
| 5471 |
|
---|
| 5472 | - ghiper.c/hiperfifo.c: add comment about missing timer functionality
|
---|
| 5473 |
|
---|
| 5474 | It takes someone to read up on the APIs of these libraries to figure out
|
---|
| 5475 | how to do this correctly.
|
---|
| 5476 |
|
---|
| 5477 | Reported-by: Michael Kaufmann
|
---|
| 5478 |
|
---|
| 5479 | Closes #1253
|
---|
| 5480 |
|
---|
| 5481 | - asiohiper.cpp / evhiperfifo.c: deal with negative timerfunction input
|
---|
| 5482 |
|
---|
| 5483 | That means delete the timer.
|
---|
| 5484 |
|
---|
| 5485 | Reported-by: Michael Kaufmann
|
---|
| 5486 | Ref: #1253
|
---|
| 5487 |
|
---|
| 5488 | - cmdline-opts/write-out.d: s/-L/--location
|
---|
| 5489 |
|
---|
| 5490 | Since the man page generator wants the long option name version to
|
---|
| 5491 | generate the proper output.
|
---|
| 5492 |
|
---|
| 5493 | - [Bernhard M. Wiedemann brought this change]
|
---|
| 5494 |
|
---|
| 5495 | mkhelp.pl: do not add current time into curl binary
|
---|
| 5496 |
|
---|
| 5497 | ... as part of hugehelpgz rodata to make build reproducible.
|
---|
| 5498 |
|
---|
| 5499 | See https://reproducible-builds.org/ for why this is good
|
---|
| 5500 |
|
---|
| 5501 | Closes #1490
|
---|
| 5502 |
|
---|
| 5503 | - oauth2-bearer.d: mention the <token> argument
|
---|
| 5504 |
|
---|
| 5505 | Nick Zitzmann (16 May 2017)
|
---|
| 5506 | - darwinssl: Fix exception when processing a client-side certificate file
|
---|
| 5507 | if no error was raised by the API but the SecIdentityRef was null
|
---|
| 5508 |
|
---|
| 5509 | Fixes #1450
|
---|
| 5510 |
|
---|
| 5511 | Daniel Stenberg (16 May 2017)
|
---|
| 5512 | - curl_sasl: fix build error with CURL_DISABLE_CRYPTO_AUTH + USE_NTLM
|
---|
| 5513 |
|
---|
| 5514 | Reported-by: wyattoday at github
|
---|
| 5515 | Fixes #1487
|
---|
| 5516 |
|
---|
| 5517 | - docs/cmdline-opts/config.d: edit for language
|
---|
| 5518 |
|
---|
| 5519 | - RELEASE-NOTES: synced with eb16305e6
|
---|
| 5520 |
|
---|
| 5521 | - [moparisthebest brought this change]
|
---|
| 5522 |
|
---|
| 5523 | SecureTransport/DarwinSSL: Implement public key pinning
|
---|
| 5524 |
|
---|
| 5525 | Closes #1400
|
---|
| 5526 |
|
---|
| 5527 | - man pages: fix example syntax errors
|
---|
| 5528 |
|
---|
| 5529 | follow-up to 5ddad099b42b50
|
---|
| 5530 |
|
---|
| 5531 | - docs/libcurl/opts: added more examples in man pages
|
---|
| 5532 |
|
---|
| 5533 | - CURLOPT_HTTPPROXYTUNNEL: clarify, add example
|
---|
| 5534 |
|
---|
| 5535 | - curl: show the libcurl release date in --version output
|
---|
| 5536 |
|
---|
| 5537 | ... and support and additional "security patched" date for those who
|
---|
| 5538 | enhance older versions that way. Pass on the define CURL_PATCHSTAMP with
|
---|
| 5539 | a date for that.
|
---|
| 5540 |
|
---|
| 5541 | Building with non-release headers shows the date as [unreleased].
|
---|
| 5542 |
|
---|
| 5543 | Also: this changes the date format generated in the curlver.h file to be
|
---|
| 5544 | "YYYY-MM-DD" (no name of the day or month, no time, no time zone) to
|
---|
| 5545 | make it easier on the eye and easier to parse. Example (new) date
|
---|
| 5546 | string: 2017-05-09
|
---|
| 5547 |
|
---|
| 5548 | Suggested-by: Brian Childs
|
---|
| 5549 |
|
---|
| 5550 | Closes #1474
|
---|
| 5551 |
|
---|
| 5552 | Dan Fandrich (13 May 2017)
|
---|
| 5553 | - url.c: add a compile-time check that CURL_MAX_WRITE_SIZE is large enough
|
---|
| 5554 |
|
---|
| 5555 | Some code (e.g. Curl_fillreadbuffer) assumes that this buffer is not
|
---|
| 5556 | exceedingly tiny and will break if it is. This same check is already
|
---|
| 5557 | done at run time in the CURLOPT_BUFFERSIZE option.
|
---|
| 5558 |
|
---|
| 5559 | - lib510: don't write past the end of the buffer if it's too small
|
---|
| 5560 |
|
---|
| 5561 | - tests: added missing keywords "chunked Transfer-Encoding"
|
---|
| 5562 |
|
---|
| 5563 | Daniel Stenberg (13 May 2017)
|
---|
| 5564 | - THANKS: add a few missing names
|
---|
| 5565 |
|
---|
| 5566 | ... I found them in the commit logs from the early years
|
---|
| 5567 |
|
---|
| 5568 | Dan Fandrich (13 May 2017)
|
---|
| 5569 | - tests: made a couple of prechecks consistent with others
|
---|
| 5570 |
|
---|
| 5571 | Also removed a TODO suggesting caching the precheck results. Tests
|
---|
| 5572 | showed this would save about 0.1 sec on the total test run time on a
|
---|
| 5573 | relatively modern system, an unnoticeable gain at the cost of longer and
|
---|
| 5574 | more complicated code. There would also be a danger that a cached test
|
---|
| 5575 | result would be inappropriately returned, such as when other test
|
---|
| 5576 | dependencies (like environment variables) are different or when the
|
---|
| 5577 | precheck causes side effects (like filesystem changes).
|
---|
| 5578 |
|
---|
| 5579 | Daniel Stenberg (12 May 2017)
|
---|
| 5580 | - FAQ: add 7.4 to toc
|
---|
| 5581 |
|
---|
| 5582 | ... and delete trailing whitespace
|
---|
| 5583 |
|
---|
| 5584 | Fixes #1484
|
---|
| 5585 |
|
---|
| 5586 | - multi: remove leftover debug infof() calls from e9fd794a6
|
---|
| 5587 |
|
---|
| 5588 | - pipeline: fix mistakenly trying to pipeline POSTs
|
---|
| 5589 |
|
---|
| 5590 | The function IsPipeliningPossible() would return TRUE if either
|
---|
| 5591 | pipelining OR HTTP/2 were possible on a connection, which would lead to
|
---|
| 5592 | it returning TRUE even for POSTs on HTTP/1 connections.
|
---|
| 5593 |
|
---|
| 5594 | It now returns a bitmask so that the caller can differentiate which kind
|
---|
| 5595 | the connection allows.
|
---|
| 5596 |
|
---|
| 5597 | Fixes #1481
|
---|
| 5598 | Closes #1483
|
---|
| 5599 | Reported-by: stootill at github
|
---|
| 5600 |
|
---|
| 5601 | Jay Satiro (12 May 2017)
|
---|
| 5602 | - [Ron Eldor brought this change]
|
---|
| 5603 |
|
---|
| 5604 | mbedtls: Support server renegotiation request
|
---|
| 5605 |
|
---|
| 5606 | Tested with servers: IIS 7.5; OpenSSL 1.0.2.
|
---|
| 5607 |
|
---|
| 5608 | Closes https://github.com/curl/curl/pull/1475
|
---|
| 5609 |
|
---|
| 5610 | Marcel Raad (11 May 2017)
|
---|
| 5611 | - cookie_interface: fix -Wcomma warning
|
---|
| 5612 |
|
---|
| 5613 | clang 5.0 complains:
|
---|
| 5614 | possible misuse of comma operator here [-Wcomma]
|
---|
| 5615 |
|
---|
| 5616 | - formdata: fix -Wcomma warning
|
---|
| 5617 |
|
---|
| 5618 | clang 5.0 complains:
|
---|
| 5619 | possible misuse of comma operator here [-Wcomma]
|
---|
| 5620 |
|
---|
| 5621 | Change the comma to a semicolon to fix that.
|
---|
| 5622 |
|
---|
| 5623 | Daniel Stenberg (10 May 2017)
|
---|
| 5624 | - multi: use a fixed array of timers instead of malloc
|
---|
| 5625 |
|
---|
| 5626 | ... since the total amount is low this is faster, easier and reduces
|
---|
| 5627 | memory overhead.
|
---|
| 5628 |
|
---|
| 5629 | Also, Curl_expire_done() can now mark an expire timeout as done so that
|
---|
| 5630 | it never times out.
|
---|
| 5631 |
|
---|
| 5632 | Closes #1472
|
---|
| 5633 |
|
---|
| 5634 | - multi: assign IDs to all timers and make each timer singleton
|
---|
| 5635 |
|
---|
| 5636 | A) reduces the timeout lists drastically
|
---|
| 5637 |
|
---|
| 5638 | B) prevents a lot of superfluous loops for timers that expires "in vain"
|
---|
| 5639 | when it has actually already been extended to fire later on
|
---|
| 5640 |
|
---|
| 5641 | - [Richard Hsu brought this change]
|
---|
| 5642 |
|
---|
| 5643 | tests: remove superfluous test 1399
|
---|
| 5644 |
|
---|
| 5645 | @MarcelRaad noted that `test1399` causes infinite loop on MinGW.
|
---|
| 5646 | Looking into this, seems like it is related to how Windows handles
|
---|
| 5647 | CRLF. See https://github.com/curl/curl/commit/9e093f by @mback2k.
|
---|
| 5648 | Removing `test1399` as it's identical to `test1326` then with such a
|
---|
| 5649 | fix.
|
---|
| 5650 |
|
---|
| 5651 | Test 1399 was broughy by commit 862b02f8947039e
|
---|
| 5652 |
|
---|
| 5653 | Closes #1478
|
---|
| 5654 |
|
---|
| 5655 | Dan Fandrich (9 May 2017)
|
---|
| 5656 | - tests: make test file names more unique
|
---|
| 5657 |
|
---|
| 5658 | Include the test number in the names of files written out by tests to
|
---|
| 5659 | reduce the chance of accidental duplication and to make it more clear
|
---|
| 5660 | which test is associated with which file.
|
---|
| 5661 |
|
---|
| 5662 | - tests: removed redundant --trace-ascii arguments
|
---|
| 5663 |
|
---|
| 5664 | This is already added by the test suite; it's not clear why all these
|
---|
| 5665 | tests had it, unless it's cargo-culting.
|
---|
| 5666 |
|
---|
| 5667 | Marcel Raad (9 May 2017)
|
---|
| 5668 | - tool: fix remaining -Wcast-qual warnings
|
---|
| 5669 |
|
---|
| 5670 | Avoid casting away low-level const.
|
---|
| 5671 |
|
---|
| 5672 | Daniel Stenberg (9 May 2017)
|
---|
| 5673 | - formboundary: convert assert into run-time check
|
---|
| 5674 |
|
---|
| 5675 | ... to really make sure the boundary fits in the target buffer.
|
---|
| 5676 |
|
---|
| 5677 | Fixes unused parameter 'buflen' warning.
|
---|
| 5678 |
|
---|
| 5679 | Reported-by: Michael Kaufmann
|
---|
| 5680 | Bug: https://github.com/curl/curl/pull/1468#issuecomment-300078754
|
---|
| 5681 |
|
---|
| 5682 | Dan Fandrich (9 May 2017)
|
---|
| 5683 | - tests: list the primary server first in the server section
|
---|
| 5684 |
|
---|
| 5685 | Daniel Stenberg (8 May 2017)
|
---|
| 5686 | - curl: generate the --help output
|
---|
| 5687 |
|
---|
| 5688 | ... using the docs/cmdline-opts/gen.pl script, so that we get all the
|
---|
| 5689 | command line option documentation from the same source.
|
---|
| 5690 |
|
---|
| 5691 | The generation of the list has to be done manually and pasted into the
|
---|
| 5692 | source code.
|
---|
| 5693 |
|
---|
| 5694 | Closes #1465
|
---|
| 5695 |
|
---|
| 5696 | - tests: updated for modified fake random
|
---|
| 5697 |
|
---|
| 5698 | - [Jay Satiro brought this change]
|
---|
| 5699 |
|
---|
| 5700 | rand: treat fake entropy the same regardless of endianness
|
---|
| 5701 |
|
---|
| 5702 | When the random seed is purposely made predictable for testing purposes
|
---|
| 5703 | by using the CURL_ENTROPY environment variable, process that data in an
|
---|
| 5704 | endian agnostic way so the the initial random seed is the same
|
---|
| 5705 | regardless of endianness.
|
---|
| 5706 |
|
---|
| 5707 | - Change Curl_rand to write to a char array instead of int array.
|
---|
| 5708 |
|
---|
| 5709 | - Add Curl_rand_hex to write random hex characters to a buffer.
|
---|
| 5710 |
|
---|
| 5711 | Fixes #1315
|
---|
| 5712 | Closes #1468
|
---|
| 5713 |
|
---|
| 5714 | Co-authored-by: Daniel Stenberg
|
---|
| 5715 | Reported-by: Michael Kaufmann
|
---|
| 5716 |
|
---|
| 5717 | Dan Fandrich (8 May 2017)
|
---|
| 5718 | - tests: give each stunnel.conf file a unique name
|
---|
| 5719 |
|
---|
| 5720 | Otherwise, subsequent uses of stunnel overwrite the configuration file
|
---|
| 5721 | of previous invocations so they can no longer be inspected.
|
---|
| 5722 |
|
---|
| 5723 | Marcel Raad (8 May 2017)
|
---|
| 5724 | - tool_msgs: remove wrong cast
|
---|
| 5725 |
|
---|
| 5726 | Commit 481e0de00a9003b9c5220b120e3fc302d9b0932d changed the variable
|
---|
| 5727 | type from int to size_t, so don't cast the result of strlen to int
|
---|
| 5728 | anymore.
|
---|
| 5729 |
|
---|
| 5730 | - tftpd: fix signed/unsigned mismatch warnings
|
---|
| 5731 |
|
---|
| 5732 | alarm's argument is unsigned.
|
---|
| 5733 |
|
---|
| 5734 | - libtest: fix MinGW-w64 warnings
|
---|
| 5735 |
|
---|
| 5736 | long is 32 bits while size_t is 64 bits on MinGW-w64, so
|
---|
| 5737 | typecheck-gcc.h complains when using size_t for a long option.
|
---|
| 5738 | Also, curl_socket_t is unsigned long long rather than int.
|
---|
| 5739 |
|
---|
| 5740 | Daniel Stenberg (8 May 2017)
|
---|
| 5741 | - curl.1: depend the build on the Makefile.inc too
|
---|
| 5742 |
|
---|
| 5743 | ... to also make it update when we remove files, like we did for
|
---|
| 5744 | --environment in commit a8e388dd1095.
|
---|
| 5745 |
|
---|
| 5746 | - RELEASE-NOTES: synced with e3f84efc32d6b01a
|
---|
| 5747 |
|
---|
| 5748 | - runtests: fix "use of undefined value" warning in -R handling
|
---|
| 5749 |
|
---|
| 5750 | Marcel Raad (8 May 2017)
|
---|
| 5751 | - test537: use correct variable type
|
---|
| 5752 |
|
---|
| 5753 | Avoids narrowing conversion warnings because rlim_t is usually
|
---|
| 5754 | unsigned long.
|
---|
| 5755 |
|
---|
| 5756 | Closes https://github.com/curl/curl/pull/1469
|
---|
| 5757 |
|
---|
| 5758 | - sendrecv: fix MinGW-w64 warning
|
---|
| 5759 |
|
---|
| 5760 | The first argument to select is an int, while curl_socket_t is
|
---|
| 5761 | unsigned long long when using WinSock. It's ignored anyway [1].
|
---|
| 5762 |
|
---|
| 5763 | [1] https://msdn.microsoft.com/en-us/library/windows/desktop/ms740141.aspx
|
---|
| 5764 |
|
---|
| 5765 | - tool_parsecfg: fix -Wcast-qual warning
|
---|
| 5766 |
|
---|
| 5767 | Don't convert string literal to char * before assigning it to
|
---|
| 5768 | const char *.
|
---|
| 5769 |
|
---|
| 5770 | - asyn-thread: fix unused macro warnings
|
---|
| 5771 |
|
---|
| 5772 | Don't do anything in this file if CURLRES_THREADED is not defined.
|
---|
| 5773 |
|
---|
| 5774 | - tftp: silence bad-function-cast warning
|
---|
| 5775 |
|
---|
| 5776 | The cases this warns about are handled elsewhere, so just use an
|
---|
| 5777 | intermediate variable to silence the warning.
|
---|
| 5778 |
|
---|
| 5779 | Daniel Stenberg (7 May 2017)
|
---|
| 5780 | - [canavan at github brought this change]
|
---|
| 5781 |
|
---|
| 5782 | buildconf: fix hang on IRIX
|
---|
| 5783 |
|
---|
| 5784 | Apparently, /usr/bin/m4 ignores the --version parameter and waits for
|
---|
| 5785 | input from stdin.
|
---|
| 5786 |
|
---|
| 5787 | Fixes #1471
|
---|
| 5788 |
|
---|
| 5789 | - opts: fix bad example formatting \n => \\n
|
---|
| 5790 |
|
---|
| 5791 | ...to render properly nroff.
|
---|
| 5792 |
|
---|
| 5793 | - opts: examples added to 8 more libcurl option man pages
|
---|
| 5794 |
|
---|
| 5795 | - curl: remove tool_writeenv.[ch]
|
---|
| 5796 |
|
---|
| 5797 | ... and USE_ENVIRONMENT and --environment. It was once added for RISC OS
|
---|
| 5798 | support and its platform specific behavior has been annoying ever
|
---|
| 5799 | since. Added in commit c3c8bbd3b2688da8e, mostly unchanged since
|
---|
| 5800 | then. Most probably not actually used for years.
|
---|
| 5801 |
|
---|
| 5802 | Closes #1463
|
---|
| 5803 |
|
---|
| 5804 | Dan Fandrich (6 May 2017)
|
---|
| 5805 | - runtests.pl: simplify the datacheck read section
|
---|
| 5806 |
|
---|
| 5807 | Also, document that numbered datacheck sections are possible.
|
---|
| 5808 |
|
---|
| 5809 | Marcel Raad (5 May 2017)
|
---|
| 5810 | - tests: fix -Wcast-qual warnings
|
---|
| 5811 |
|
---|
| 5812 | Avoid casting string literals to non-const char *.
|
---|
| 5813 |
|
---|
| 5814 | Daniel Stenberg (5 May 2017)
|
---|
| 5815 | - docs/opts: 24 more man pages now have examples
|
---|
| 5816 |
|
---|
| 5817 | - docs/opts: 23 more man pages now have examples
|
---|
| 5818 |
|
---|
| 5819 | - tests/server: run checksrc by default in debug-builds
|
---|
| 5820 |
|
---|
| 5821 | - curl_slist_append.3: clarify a NULL input creates a new list
|
---|
| 5822 |
|
---|
| 5823 | Marcel Raad (5 May 2017)
|
---|
| 5824 | - unit1305: fix compiler warning
|
---|
| 5825 |
|
---|
| 5826 | calloc and ai_addrlen expect different (usually unsigned) types.
|
---|
| 5827 |
|
---|
| 5828 | Daniel Stenberg (5 May 2017)
|
---|
| 5829 | - runtests: use -R for random order
|
---|
| 5830 |
|
---|
| 5831 | Suggested-by: Dan Fandrich
|
---|
| 5832 |
|
---|
| 5833 | - runtests: add -o to run test cases in scrambled order
|
---|
| 5834 |
|
---|
| 5835 | ... instead of numerical order.
|
---|
| 5836 |
|
---|
| 5837 | Closes #1466
|
---|
| 5838 |
|
---|
| 5839 | Dan Fandrich (4 May 2017)
|
---|
| 5840 | - sockfilt.c: shortened too long line
|
---|
| 5841 |
|
---|
| 5842 | Marcel Raad (4 May 2017)
|
---|
| 5843 | - tests/server: make string literals const
|
---|
| 5844 |
|
---|
| 5845 | assign string literals to const char * instead of char * in order to
|
---|
| 5846 | avoid a lot of these warnings:
|
---|
| 5847 | cast from 'const char *' to 'char *' drops const qualifier
|
---|
| 5848 | [-Wcast-qual]
|
---|
| 5849 |
|
---|
| 5850 | Dan Fandrich (4 May 2017)
|
---|
| 5851 | - schannel: return a more specific error code for SEC_E_UNTRUSTED_ROOT
|
---|
| 5852 |
|
---|
| 5853 | - test557: set a known good numeric locale
|
---|
| 5854 |
|
---|
| 5855 | Windows does not allow setting the locale with environment variables (as
|
---|
| 5856 | the test attempted to do), so the test failed when run with a user
|
---|
| 5857 | locale that has a comma as radixchar. Changed the test to call
|
---|
| 5858 | setlocale() explicitly to ensure that a known working locale is set even
|
---|
| 5859 | on Windows.
|
---|
| 5860 |
|
---|
| 5861 | Daniel Stenberg (4 May 2017)
|
---|
| 5862 | - curl: fix warning "comma at end of enumerator list"
|
---|
| 5863 |
|
---|
| 5864 | - test559: verify use of minimum CURLOPT_BUFFERSIZE
|
---|
| 5865 |
|
---|
| 5866 | Marcel Raad (4 May 2017)
|
---|
| 5867 | - curl_setup_once: use SEND_QUAL_ARG2 for swrite
|
---|
| 5868 |
|
---|
| 5869 | SEND_QUAL_ARG2 had to be set, but was never used. Use it in swrite to
|
---|
| 5870 | avoid warnings about casting away low-level const.
|
---|
| 5871 |
|
---|
| 5872 | Closes https://github.com/curl/curl/pull/1464
|
---|
| 5873 |
|
---|
| 5874 | Daniel Stenberg (4 May 2017)
|
---|
| 5875 | - CURLINFO_REDIRECT_URL.3: add example
|
---|
| 5876 |
|
---|
| 5877 | - CURLINFO_EFFECTIVE_URL.3: add example
|
---|
| 5878 |
|
---|
| 5879 | Marcel Raad (3 May 2017)
|
---|
| 5880 | - lib: fix compiler warnings
|
---|
| 5881 |
|
---|
| 5882 | Fix the following warnings when building the tests by using the correct
|
---|
| 5883 | types:
|
---|
| 5884 | cast from 'const char *' to 'void *' drops const qualifier
|
---|
| 5885 | [-Wcast-qual]
|
---|
| 5886 | implicit conversion changes signedness [-Wsign-conversion]
|
---|
| 5887 |
|
---|
| 5888 | - typecheck-gcc: add support for CURLINFO_SOCKET
|
---|
| 5889 |
|
---|
| 5890 | Closes https://github.com/curl/curl/pull/1452
|
---|
| 5891 |
|
---|
| 5892 | - typecheck-gcc: add missing string options
|
---|
| 5893 |
|
---|
| 5894 | Closes https://github.com/curl/curl/pull/1452
|
---|
| 5895 |
|
---|
| 5896 | Daniel Stenberg (3 May 2017)
|
---|
| 5897 | - abstract-unix-socket.d: shorten the help text to fit within 79 cols
|
---|
| 5898 |
|
---|
| 5899 | - RELEASE-NOTES: synced with 862b02f89
|
---|
| 5900 |
|
---|
| 5901 | - [Richard Hsu brought this change]
|
---|
| 5902 |
|
---|
| 5903 | Telnet: Write full buffer instead of byte-by-byte
|
---|
| 5904 |
|
---|
| 5905 | Previous TODO wanting to write in chunks. We should support writing more
|
---|
| 5906 | at once since some TELNET servers may respond immediately upon first
|
---|
| 5907 | byte written such as WHOIS servers.
|
---|
| 5908 |
|
---|
| 5909 | Closes #1389
|
---|
| 5910 |
|
---|
| 5911 | - curl: non-boolean command line args reject --no- prefixes
|
---|
| 5912 |
|
---|
| 5913 | ... and instead properly respond with an error message to the user
|
---|
| 5914 | instead of silently ignoring.
|
---|
| 5915 |
|
---|
| 5916 | Fixes #1453
|
---|
| 5917 | Closes #1458
|
---|
| 5918 |
|
---|
| 5919 | Marcel Raad (2 May 2017)
|
---|
| 5920 | - testpart: remove _MPRINTF_REPLACE
|
---|
| 5921 |
|
---|
| 5922 | Support for _MPRINTF_REPLACE in mprintf.h was removed in
|
---|
| 5923 | 55452ebdff47f98bf3cc383f1dfc3623fcaefefd, replaced with curl_printf.h.
|
---|
| 5924 |
|
---|
| 5925 | Dan Fandrich (2 May 2017)
|
---|
| 5926 | - gtls: fixed a lingering BUFSIZE reference
|
---|
| 5927 |
|
---|
| 5928 | Daniel Stenberg (2 May 2017)
|
---|
| 5929 | - ssh: fix compiler warning from e40e9d7f0de
|
---|
| 5930 |
|
---|
| 5931 | - url: let CURLOPT_BUFFERSIZE realloc to smaller sizes too
|
---|
| 5932 |
|
---|
| 5933 | Closes #1449
|
---|
| 5934 |
|
---|
| 5935 | - BUFSIZE: rename to READBUFFER_*, make separate MASTERBUF_SIZE
|
---|
| 5936 |
|
---|
| 5937 | - openssl: use local stack for temp storage
|
---|
| 5938 |
|
---|
| 5939 | - sendf: remove use of BUFSIZE from debug data conversions
|
---|
| 5940 |
|
---|
| 5941 | The buffer can have other sizes.
|
---|
| 5942 |
|
---|
| 5943 | - buffer: use data->set.buffer_size instead of BUFSIZE
|
---|
| 5944 |
|
---|
| 5945 | ... to properly use the dynamically set buffer size!
|
---|
| 5946 |
|
---|
| 5947 | - krb5: use private buffer for temp string, not receive buffer
|
---|
| 5948 |
|
---|
| 5949 | - upload: UPLOAD_BUFSIZE is now for the upload buffer
|
---|
| 5950 |
|
---|
| 5951 | - unit1606: do not print/access buffer
|
---|
| 5952 |
|
---|
| 5953 | It was a wrong assumption that it could do that!
|
---|
| 5954 |
|
---|
| 5955 | - http-proxy: use a dedicated CONNECT response buffer
|
---|
| 5956 |
|
---|
| 5957 | To make it suitably independent of the receive buffer and its flexible
|
---|
| 5958 | size.
|
---|
| 5959 |
|
---|
| 5960 | - transfer: fix minor buffer_size mistake
|
---|
| 5961 |
|
---|
| 5962 | - failf: use private buffer, don't clobber receive buffer
|
---|
| 5963 |
|
---|
| 5964 | - pingpong: use the set buffer size
|
---|
| 5965 |
|
---|
| 5966 | - http2: use the correct set buffer size
|
---|
| 5967 |
|
---|
| 5968 | - http: don't clobber the receive buffer for timecond
|
---|
| 5969 |
|
---|
| 5970 | - buffer_size: make sure it always has the correct size
|
---|
| 5971 |
|
---|
| 5972 | Removes the need for CURL_BUFSIZE
|
---|
| 5973 |
|
---|
| 5974 | - file: use private buffer for C-L output
|
---|
| 5975 |
|
---|
| 5976 | ... instead of clobbering the download buffer.
|
---|
| 5977 |
|
---|
| 5978 | - CURLOPT_BUFFERSIZE: 1024 bytes is now the minimum size
|
---|
| 5979 |
|
---|
| 5980 | The buffer is needed to receive FTP, HTTP CONNECT responses etc so
|
---|
| 5981 | already at this size things risk breaking and smaller is certainly not
|
---|
| 5982 | wise.
|
---|
| 5983 |
|
---|
| 5984 | - ftp: use private buffer for temp storage, not receive buffer
|
---|
| 5985 |
|
---|
| 5986 | - http: use private user:password output buffer
|
---|
| 5987 |
|
---|
| 5988 | Don't clobber the receive buffer.
|
---|
| 5989 |
|
---|
| 5990 | Marcel Raad (1 May 2017)
|
---|
| 5991 | - anyauthput: remove unused code
|
---|
| 5992 |
|
---|
| 5993 | The definition of TRUE was introduced in
|
---|
| 5994 | 4a728747e6f8845e500910e397dfc99aaf4a7984 and is not used anymore since
|
---|
| 5995 | e664cd5826d43930fcc5b5dbaedbec94af33184b.
|
---|
| 5996 | The usage of intptr_t was removed in
|
---|
| 5997 | 32e38b8f42477cf5ce3c3fef2fcc9db82f7fb7be.
|
---|
| 5998 |
|
---|
| 5999 | Jay Satiro (1 May 2017)
|
---|
| 6000 | - tool: Fix missing prototype warnings for CURL_DOES_CONVERSIONS
|
---|
| 6001 |
|
---|
| 6002 | - Include tool_convert.h where needed.
|
---|
| 6003 |
|
---|
| 6004 | Bug: https://github.com/curl/curl/issues/1460
|
---|
| 6005 | Reported-by: Gisle Vanem
|
---|
| 6006 |
|
---|
| 6007 | - curl_setup: Ensure no more than one IDN lib is enabled
|
---|
| 6008 |
|
---|
| 6009 | Prior to this change it was possible for libcurl to be built with both
|
---|
| 6010 | Windows' native IDN lib (normaliz) and libidn2 enabled. It appears that
|
---|
| 6011 | doesn't offer any benefit --and could cause a bug-- since libcurl's IDN
|
---|
| 6012 | handling is written to use either one but not both.
|
---|
| 6013 |
|
---|
| 6014 | Bug: https://github.com/curl/curl/issues/1441#issuecomment-297689856
|
---|
| 6015 | Reported-by: Gisle Vanem
|
---|
| 6016 |
|
---|
| 6017 | Marcel Raad (1 May 2017)
|
---|
| 6018 | - getpart: use correct variable type
|
---|
| 6019 |
|
---|
| 6020 | This fixes the following clang warning:
|
---|
| 6021 | getpart.c:201:17: warning: cast from function call of type 'CURLcode'
|
---|
| 6022 | to non-matching type 'int' [-Wbad-function-cast]
|
---|
| 6023 |
|
---|
| 6024 | - tests: declare TU-local variables static
|
---|
| 6025 |
|
---|
| 6026 | This fixes missing-variable-declarations warnings when building with
|
---|
| 6027 | clang.
|
---|
| 6028 |
|
---|
| 6029 | - tool_cb_prg: fix double-promotion warning
|
---|
| 6030 |
|
---|
| 6031 | clang complains:
|
---|
| 6032 | tool_cb_prg.c:86:22: error: implicit conversion increases
|
---|
| 6033 | floating-point precision: 'float' to 'double'
|
---|
| 6034 | [-Werror,-Wdouble-promotion]
|
---|
| 6035 |
|
---|
| 6036 | Fix this by using a double instead of a float constant.
|
---|
| 6037 |
|
---|
| 6038 | Dan Fandrich (1 May 2017)
|
---|
| 6039 | - examples: fixed too long line and too long string warnings
|
---|
| 6040 |
|
---|
| 6041 | Marcel Raad (30 Apr 2017)
|
---|
| 6042 | - examples: declare TU-local variables static
|
---|
| 6043 |
|
---|
| 6044 | This fixes missing-variable-declarations warnings when building with
|
---|
| 6045 | clang.
|
---|
| 6046 |
|
---|
| 6047 | - http2: declare TU-local variables static
|
---|
| 6048 |
|
---|
| 6049 | This fixes the following clang warnings:
|
---|
| 6050 |
|
---|
| 6051 | http2.c:184:27: error: no previous extern declaration for non-static
|
---|
| 6052 | variable 'Curl_handler_http2' [-Werror,-Wmissing-variable-declarations]
|
---|
| 6053 | http2.c:204:27: error: no previous extern declaration for non-static
|
---|
| 6054 | variable 'Curl_handler_http2_ssl'
|
---|
| 6055 | [-Werror,-Wmissing-variable-declarations]
|
---|
| 6056 |
|
---|
| 6057 | Dan Fandrich (30 Apr 2017)
|
---|
| 6058 | - unit1604: fixed indentation
|
---|
| 6059 |
|
---|
| 6060 | - unit1604: fixed compilation under Windows, broken in the previous commit
|
---|
| 6061 |
|
---|
| 6062 | - tests: fixed OOM handling of unit tests to abort test
|
---|
| 6063 |
|
---|
| 6064 | It's dangerous to continue to run the test when a memory alloc fails.
|
---|
| 6065 |
|
---|
| 6066 | Marcel Raad (29 Apr 2017)
|
---|
| 6067 | - curl_rtmp: fix missing-variable-declarations warnings
|
---|
| 6068 |
|
---|
| 6069 | clang complains:
|
---|
| 6070 |
|
---|
| 6071 | curl_rtmp.c:61:27: error: no previous extern declaration for non-static variable 'Curl_handler_rtmp' [-Werror,-Wmissing-variable-declarations]
|
---|
| 6072 | curl_rtmp.c:81:27: error: no previous extern declaration for non-static variable 'Curl_handler_rtmpt' [-Werror,-Wmissing-variable-declarations]
|
---|
| 6073 | curl_rtmp.c:101:27: error: no previous extern declaration for non-static variable 'Curl_handler_rtmpe' [-Werror,-Wmissing-variable-declarations]
|
---|
| 6074 | curl_rtmp.c:121:27: error: no previous extern declaration for non-static variable 'Curl_handler_rtmpte' [-Werror,-Wmissing-variable-declarations]
|
---|
| 6075 | curl_rtmp.c:141:27: error: no previous extern declaration for non-static variable 'Curl_handler_rtmps' [-Werror,-Wmissing-variable-declarations]
|
---|
| 6076 | curl_rtmp.c:161:27: error: no previous extern declaration for non-static variable 'Curl_handler_rtmpts' [-Werror,-Wmissing-variable-declarations]
|
---|
| 6077 |
|
---|
| 6078 | Fix this by including the header file.
|
---|
| 6079 |
|
---|
| 6080 | Dan Fandrich (29 Apr 2017)
|
---|
| 6081 | - url: fixed a memory leak on OOM while setting CURLOPT_BUFFERSIZE
|
---|
| 6082 |
|
---|
| 6083 | - tests: added --remote-time tests for remaining protocols that support it
|
---|
| 6084 |
|
---|
| 6085 | - runtests.pl: support multiline <postcheck> commands
|
---|
| 6086 |
|
---|
| 6087 | - tool_operate: use utimes instead of obsolescent utime when available
|
---|
| 6088 |
|
---|
| 6089 | - test1443: test --remote-time
|
---|
| 6090 |
|
---|
| 6091 | - http-proxy: removed unused argument in CURL_DISABLE_PROXY case
|
---|
| 6092 |
|
---|
| 6093 | Missed in commit 55c3c02e
|
---|
| 6094 |
|
---|
| 6095 | Daniel Stenberg (27 Apr 2017)
|
---|
| 6096 | - cookie_interface.c: changed the other domain to example.com too
|
---|
| 6097 |
|
---|
| 6098 | - cookie_interface.c: fix cookie domain so the example works
|
---|
| 6099 |
|
---|
| 6100 | Dan Fandrich (26 Apr 2017)
|
---|
| 6101 | - Makefile: fix make dist
|
---|
| 6102 |
|
---|
| 6103 | Commit 80a87e8a broke 'make dist' as it can't handle installing from
|
---|
| 6104 | absolute target names. Rearranged the dependencies so the absolute name
|
---|
| 6105 | is used for building but the relative name is use for distributing.
|
---|
| 6106 |
|
---|
| 6107 | Marcel Raad (26 Apr 2017)
|
---|
| 6108 | - lib: remove unused code
|
---|
| 6109 |
|
---|
| 6110 | This fixes the following clang warnings:
|
---|
| 6111 | macro is not used [-Wunused-macros]
|
---|
| 6112 | will never be executed [-Wunreachable-code]
|
---|
| 6113 |
|
---|
| 6114 | Closes https://github.com/curl/curl/pull/1448
|
---|
| 6115 |
|
---|
| 6116 | Daniel Stenberg (26 Apr 2017)
|
---|
| 6117 | - http-proxy: remove unused argument from Curl_proxyCONNECT()
|
---|
| 6118 |
|
---|
| 6119 | - [Martin Kepplinger brought this change]
|
---|
| 6120 |
|
---|
| 6121 | url: declare get_protocol_family() static
|
---|
| 6122 |
|
---|
| 6123 | get_protocol_family() is not defined static even though there is a
|
---|
| 6124 | static local forward declaration. Let's simply make the definition match
|
---|
| 6125 | it's declaration.
|
---|
| 6126 |
|
---|
| 6127 | Bug: https://curl.haxx.se/mail/lib-2017-04/0127.html
|
---|
| 6128 |
|
---|
| 6129 | - examples: ftpuploadfrommem.c
|
---|
| 6130 |
|
---|
| 6131 | Uploads data to an FTP site, directly from memory.
|
---|
| 6132 |
|
---|
| 6133 | Closes #1451
|
---|
| 6134 |
|
---|
| 6135 | Kamil Dudka (25 Apr 2017)
|
---|
| 6136 | - nss: load libnssckbi.so if no other trust is specified
|
---|
| 6137 |
|
---|
| 6138 | The module contains a more comprehensive set of trust information than
|
---|
| 6139 | supported by nss-pem, because libnssckbi.so also includes information
|
---|
| 6140 | about distrusted certificates.
|
---|
| 6141 |
|
---|
| 6142 | Reviewed-by: Kai Engert
|
---|
| 6143 | Closes #1414
|
---|
| 6144 |
|
---|
| 6145 | - nss: factorize out nss_{un,}load_module to separate fncs
|
---|
| 6146 |
|
---|
| 6147 | No change of behavior is intended by this commit.
|
---|
| 6148 |
|
---|
| 6149 | - nss: do not leak PKCS #11 slot while loading a key
|
---|
| 6150 |
|
---|
| 6151 | It could prevent nss-pem from being unloaded later on.
|
---|
| 6152 |
|
---|
| 6153 | Bug: https://bugzilla.redhat.com/1444860
|
---|
| 6154 |
|
---|
| 6155 | Marcel Raad (25 Apr 2017)
|
---|
| 6156 | - typecheck-gcc: fix _curl_is_slist_info
|
---|
| 6157 |
|
---|
| 6158 | Info values starting with CURLINFO_SOCKET expect a curl_socket_t, not a
|
---|
| 6159 | curl_slist argument.
|
---|
| 6160 |
|
---|
| 6161 | This fixes the following GCC warning when building the examples with
|
---|
| 6162 | --enable-optimize:
|
---|
| 6163 |
|
---|
| 6164 | ../../include/curl/typecheck-gcc.h:126:42: warning: call to
|
---|
| 6165 | â_curl_easy_getinfo_err_curl_slistâ declared with attribute warning:
|
---|
| 6166 | curl_easy_getinfo expects a pointer to 'struct curl_slist *' for this
|
---|
| 6167 | info [enabled by default]
|
---|
| 6168 | sendrecv.c:90:11: note: in expansion of macro âcurl_easy_getinfoâ
|
---|
| 6169 | res = curl_easy_getinfo(curl, CURLINFO_ACTIVESOCKET, &sockfd);
|
---|
| 6170 |
|
---|
| 6171 | Closes https://github.com/curl/curl/pull/1447
|
---|
| 6172 |
|
---|
| 6173 | Daniel Stenberg (25 Apr 2017)
|
---|
| 6174 | - curl: set a 100K buffer size by default
|
---|
| 6175 |
|
---|
| 6176 | Test command 'time curl http://localhost/80GB -so /dev/null' on a Debian
|
---|
| 6177 | Linux.
|
---|
| 6178 |
|
---|
| 6179 | Before (middle performing run out 9):
|
---|
| 6180 |
|
---|
| 6181 | real 0m28.078s
|
---|
| 6182 | user 0m11.240s
|
---|
| 6183 | sys 0m12.876s
|
---|
| 6184 |
|
---|
| 6185 | After (middle performing run out 9)
|
---|
| 6186 |
|
---|
| 6187 | real 0m26.356s (93.9%)
|
---|
| 6188 | user 0m5.324s (47.4%)
|
---|
| 6189 | sys 0m8.368s (65.0%)
|
---|
| 6190 |
|
---|
| 6191 | Also, doing SFTP over a 200 millsecond latency link is now about 6 times
|
---|
| 6192 | faster.
|
---|
| 6193 |
|
---|
| 6194 | Closes #1446
|
---|
| 6195 |
|
---|
| 6196 | - transfer: remove 'uploadbuf' pointer and cleanup readwrite_upload()
|
---|
| 6197 |
|
---|
| 6198 | The data->req.uploadbuf struct member served no good purpose, instead we
|
---|
| 6199 | use ->state.uploadbuffer directly. It makes it clearer in the code which
|
---|
| 6200 | buffer that's being used.
|
---|
| 6201 |
|
---|
| 6202 | Removed the 'SingleRequest *' argument from the readwrite_upload() proto
|
---|
| 6203 | as it can be derived from the Curl_easy struct. Also made the code in
|
---|
| 6204 | the readwrite_upload() function use the 'k->' shortcut to all references
|
---|
| 6205 | to struct fields in 'data->req', which previously was made with a mix of
|
---|
| 6206 | both.
|
---|
| 6207 |
|
---|
| 6208 | Jay Satiro (25 Apr 2017)
|
---|
| 6209 | - configure: stop prepending to LDFLAGS, CPPFLAGS
|
---|
| 6210 |
|
---|
| 6211 | - Change prepends to appends because user's LDFLAGS and CPPFLAGS should
|
---|
| 6212 | always come first so they're searched before ours.
|
---|
| 6213 |
|
---|
| 6214 | Bug: https://github.com/curl/curl/issues/1420
|
---|
| 6215 | Reported-by: Helmut K. C. Tessarek
|
---|
| 6216 |
|
---|
| 6217 | Marcel Raad (25 Apr 2017)
|
---|
| 6218 | - if2ip: fix -Wcast-align warning
|
---|
| 6219 |
|
---|
| 6220 | Follow-up to 119037325de02579f5c58256ca2ed2a0aa592c86, which fixed the
|
---|
| 6221 | warning in the HAVE_GETIFADDRS block, but not in the
|
---|
| 6222 | HAVE_IOCTL_SIOCGIFADDR block.
|
---|
| 6223 |
|
---|
| 6224 | Dan Fandrich (24 Apr 2017)
|
---|
| 6225 | - Makefile: avoid use of GNU-specific form of $<
|
---|
| 6226 |
|
---|
| 6227 | $< is only allowed in implicit rules in some non-GNU makes (e.g. BSD,
|
---|
| 6228 | AIX) so avoid use elsewhere by referencing the dependent curl.1 file
|
---|
| 6229 | directly instead. This is somewhat tricky because the file is supplied
|
---|
| 6230 | in the packaged tar ball (but not in git) but must still be able to be
|
---|
| 6231 | rebuilt when its dependencies change. The right thing must happen in
|
---|
| 6232 | both tar ball and git source trees, as well as in both in-tree and
|
---|
| 6233 | out-of-tree builds.
|
---|
| 6234 |
|
---|
| 6235 | Kamil Dudka (24 Apr 2017)
|
---|
| 6236 | - nss: adapt to the new Curl_llist API
|
---|
| 6237 |
|
---|
| 6238 | This commit fixes compilation failure caused by
|
---|
| 6239 | cbae73e1dd95946597ea74ccb580c30f78e3fa73.
|
---|
| 6240 |
|
---|
| 6241 | Marcel Raad (24 Apr 2017)
|
---|
| 6242 | - curl-compilers.m4: accept -Og and -Ofast GCC flags
|
---|
| 6243 |
|
---|
| 6244 | -Og, introduced in GCC 4.8, optimizes for debugging experience.
|
---|
| 6245 | -Ofast, introduced in GCC 4.7, builds on -O3 and enables further
|
---|
| 6246 | optimizations breaking strict standards compliance.
|
---|
| 6247 | When specified in CFLAGS, these were always overridden by -O0 or -O2.
|
---|
| 6248 | Fix this by adding them to flags_opt_all.
|
---|
| 6249 |
|
---|
| 6250 | Ref: https://gcc.gnu.org/onlinedocs/gcc-4.8.0/gcc/Optimize-Options.html
|
---|
| 6251 | Ref: https://github.com/curl/curl/pull/1404#issuecomment-296401570
|
---|
| 6252 | Closes https://github.com/curl/curl/pull/1440
|
---|
| 6253 |
|
---|
| 6254 | Daniel Stenberg (24 Apr 2017)
|
---|
| 6255 | - RELEASE-NOTES: synced with c68fed875
|
---|
| 6256 |
|
---|
| 6257 | - configure: fix the -ldl check for openssl, add -lpthread check
|
---|
| 6258 |
|
---|
| 6259 | The check for if -ldl is needed to build with (a statically built)
|
---|
| 6260 | openssl was broken. This repairs the check, and adds a check for
|
---|
| 6261 | -lpthread as well since OpenSSL 1.1.0+ does in fact require -lpthread so
|
---|
| 6262 | only adding -ldl for a static openssl build is no longer enough.
|
---|
| 6263 |
|
---|
| 6264 | Reported-by: Jay Satiro
|
---|
| 6265 | Ref: #1426
|
---|
| 6266 | Closes #1427
|
---|
| 6267 |
|
---|
| 6268 | - llist: fix a comment after cbae73e1dd9
|
---|
| 6269 |
|
---|
| 6270 | Pointed-it-by: Kevin Ji
|
---|
| 6271 | URL: https://github.com/curl/curl/commit/cbae73e1dd95946597ea74ccb580c30f78e3fa73#commitcomment-21872622
|
---|
| 6272 |
|
---|
| 6273 | Jay Satiro (22 Apr 2017)
|
---|
| 6274 | - schannel: Don't treat encrypted partial record as pending data
|
---|
| 6275 |
|
---|
| 6276 | - Track when the cached encrypted data contains only a partial record
|
---|
| 6277 | that can't be decrypted without more data (SEC_E_INCOMPLETE_MESSAGE).
|
---|
| 6278 |
|
---|
| 6279 | - Change Curl_schannel_data_pending to return false in such a case.
|
---|
| 6280 |
|
---|
| 6281 | Other SSL libraries have pending data functions that behave similarly.
|
---|
| 6282 |
|
---|
| 6283 | Ref: https://github.com/curl/curl/pull/1387
|
---|
| 6284 |
|
---|
| 6285 | Closes https://github.com/curl/curl/pull/1392
|
---|
| 6286 |
|
---|
| 6287 | Daniel Stenberg (22 Apr 2017)
|
---|
| 6288 | - [Alan Jenkins brought this change]
|
---|
| 6289 |
|
---|
| 6290 | multi: clarify condition in curl_multi_wait
|
---|
| 6291 |
|
---|
| 6292 | `if(nfds || extra_nfds) {` is followed by `malloc(nfds * ...)`.
|
---|
| 6293 |
|
---|
| 6294 | If `extra_fs` could be non-zero when `nfds` was zero, then we have
|
---|
| 6295 | `malloc(0)` which is allowed to return `NULL`. But, malloc returning
|
---|
| 6296 | NULL can be confusing. In this code, the next line would treat the NULL
|
---|
| 6297 | as an allocation failure.
|
---|
| 6298 |
|
---|
| 6299 | It turns out, if `nfds` is zero then `extra_nfds` must also be zero.
|
---|
| 6300 | The final value of `nfds` includes `extra_nfds`. So the test for
|
---|
| 6301 | `extra_nfds` is redundant. It can only confuse the reader.
|
---|
| 6302 |
|
---|
| 6303 | Closes #1439
|
---|
| 6304 |
|
---|
| 6305 | Marcel Raad (22 Apr 2017)
|
---|
| 6306 | - lib: fix maybe-uninitialized warnings
|
---|
| 6307 |
|
---|
| 6308 | With -Og, GCC complains:
|
---|
| 6309 |
|
---|
| 6310 | easy.c:628:7: error: âmcodeâ may be used uninitialized in this function [-Werror=maybe-uninitialized]
|
---|
| 6311 |
|
---|
| 6312 | ../lib/strcase.h:35:29: error: âtok_bufâ may be used uninitialized in this function [-Werror=maybe-uninitialized]
|
---|
| 6313 | vauth/digest.c:208:9: note: âtok_bufâ was declared here
|
---|
| 6314 |
|
---|
| 6315 | ../lib/strcase.h:35:29: error: âtok_bufâ may be used uninitialized in this function [-Werror=maybe-uninitialized]
|
---|
| 6316 | vauth/digest.c:566:15: note: âtok_bufâ was declared here
|
---|
| 6317 |
|
---|
| 6318 | Fix this by initializing the variables.
|
---|
| 6319 |
|
---|
| 6320 | Dan Fandrich (22 Apr 2017)
|
---|
| 6321 | - gnutls: removed some code when --disable-verbose is configured
|
---|
| 6322 |
|
---|
| 6323 | This reduces the binary size and fixes a compile warning.
|
---|
| 6324 |
|
---|
| 6325 | Daniel Stenberg (22 Apr 2017)
|
---|
| 6326 | - llist: no longer uses malloc
|
---|
| 6327 |
|
---|
| 6328 | The 'list element' struct now has to be within the data that is being
|
---|
| 6329 | added to the list. Removes 16.6% (tiny) mallocs from a simple HTTP
|
---|
| 6330 | transfer. (96 => 80)
|
---|
| 6331 |
|
---|
| 6332 | Also removed return codes since the llist functions can't fail now.
|
---|
| 6333 |
|
---|
| 6334 | Test 1300 updated accordingly.
|
---|
| 6335 |
|
---|
| 6336 | Closes #1435
|
---|
| 6337 |
|
---|
| 6338 | Marcel Raad (21 Apr 2017)
|
---|
| 6339 | - typecheck-gcc: handle function pointers properly
|
---|
| 6340 |
|
---|
| 6341 | All the callbacks passed to curl_easy_setopt are defined as function
|
---|
| 6342 | pointers. The possibility to pass both functions and function pointers
|
---|
| 6343 | was handled for the callbacks that typecheck-gcc.h defined as
|
---|
| 6344 | compatible, but not for the public callback types themselves.
|
---|
| 6345 |
|
---|
| 6346 | This makes all compatible callback types defined in typecheck-gcc.h
|
---|
| 6347 | function pointers too and checks all functions uniformly with
|
---|
| 6348 | _curl_callback_compatible, which handles both functions and function
|
---|
| 6349 | pointers.
|
---|
| 6350 |
|
---|
| 6351 | A symptom of the problem was a warning in tool_operate.c with
|
---|
| 6352 | --disable-libcurl-option and without --enable-debug as that file
|
---|
| 6353 | passes the callback functions to curl_easy_setopt directly.
|
---|
| 6354 |
|
---|
| 6355 | Fixes https://github.com/curl/curl/issues/1403
|
---|
| 6356 | Closes https://github.com/curl/curl/pull/1404
|
---|
| 6357 |
|
---|
| 6358 | Dan Fandrich (21 Apr 2017)
|
---|
| 6359 | - mbedtls: enable NTLM (& SMB) even if MD4 support is unavailable
|
---|
| 6360 |
|
---|
| 6361 | In that case, use libcurl's internal MD4 routine. This fixes tests 1013
|
---|
| 6362 | and 1014 which were failing due to configure assuming NTLM and SMB were
|
---|
| 6363 | always available whenever mbed TLS was in use (which is now true).
|
---|
| 6364 |
|
---|
| 6365 | Daniel Stenberg (21 Apr 2017)
|
---|
| 6366 | - tests: remove the html and PDF versions from the tarball
|
---|
| 6367 |
|
---|
| 6368 | - openssl: fix memory leak in servercert
|
---|
| 6369 |
|
---|
| 6370 | ... when failing to get the server certificate.
|
---|
| 6371 |
|
---|
| 6372 | - Revert "src/Makefile.am: avoid explicit $<"
|
---|
| 6373 |
|
---|
| 6374 | This reverts commit 5b4cbcf11d5100ff793a8e9edbaa6fe1fc7495f5.
|
---|
| 6375 |
|
---|
| 6376 | Since it broke out-of-tree builds from tarballs. See discussion in #1432
|
---|
| 6377 |
|
---|
| 6378 | - bump: start working on next release
|
---|
| 6379 |
|
---|
| 6380 | - src/Makefile.am: avoid explicit $<
|
---|
| 6381 |
|
---|
| 6382 | ... since apparently "BSD make" doesn't support it.
|
---|
| 6383 |
|
---|
| 6384 | Reported-by: Thomas Klausner
|
---|
| 6385 | Fixes #1432
|
---|
| 6386 |
|
---|
| 6387 | Version 7.54.0 (19 Apr 2017)
|
---|
| 6388 |
|
---|
| 6389 | Daniel Stenberg (19 Apr 2017)
|
---|
| 6390 | - THANKS: add contributors from 7.54.0 release notes
|
---|
| 6391 |
|
---|
| 6392 | - RELEASE-NOTES: curl 7.54.0
|
---|
| 6393 |
|
---|
| 6394 | Marcel Raad (18 Apr 2017)
|
---|
| 6395 | - nss: fix MinGW compiler warnings
|
---|
| 6396 |
|
---|
| 6397 | This fixes 3 warnings issued by MinGW:
|
---|
| 6398 | 1. PR_ImportTCPSocket actually has a paramter of type PROsfd instead of
|
---|
| 6399 | PRInt32, which is 64 bits on Windows. Fixed this by including the
|
---|
| 6400 | corresponding header file instead of redeclaring the function, which is
|
---|
| 6401 | supported even though it is in the private include folder. [1]
|
---|
| 6402 | 2. In 64-bit mode, size_t is 64 bits while CK_ULONG is 32 bits, so an explicit
|
---|
| 6403 | narrowing cast is needed.
|
---|
| 6404 | 3. Curl_timeleft returns time_t instead of long since commit
|
---|
| 6405 | 21aa32d30dbf319f2d336e0cb68d3a3235869fbb.
|
---|
| 6406 |
|
---|
| 6407 | [1] https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSPR/Reference/PR_ImportTCPSocket
|
---|
| 6408 |
|
---|
| 6409 | Closes https://github.com/curl/curl/pull/1393
|
---|
| 6410 |
|
---|
| 6411 | Daniel Stenberg (18 Apr 2017)
|
---|
| 6412 | - [Jay Satiro brought this change]
|
---|
| 6413 |
|
---|
| 6414 | TLS: Fix switching off SSL session id when client cert is used
|
---|
| 6415 |
|
---|
| 6416 | Move the sessionid flag to ssl_primary_config so that ssl and proxy_ssl
|
---|
| 6417 | will each have their own sessionid flag.
|
---|
| 6418 |
|
---|
| 6419 | Regression since HTTPS-Proxy support was added in cb4e2be. Prior to that
|
---|
| 6420 | this issue had been fixed in 247d890, CVE-2016-5419.
|
---|
| 6421 |
|
---|
| 6422 | Bug: https://github.com/curl/curl/issues/1341
|
---|
| 6423 | Reported-by: lijian996@users.noreply.github.com
|
---|
| 6424 |
|
---|
| 6425 | The new incarnation of this bug is called CVE-2017-7468 and is documented
|
---|
| 6426 | here: https://curl.haxx.se/docs/adv_20170419.html
|
---|
| 6427 |
|
---|
| 6428 | - [David Benjamin brought this change]
|
---|
| 6429 |
|
---|
| 6430 | openssl: don't try to print nonexistant peer private keys
|
---|
| 6431 |
|
---|
| 6432 | X.509 certificates carry public keys, not private keys. Fields
|
---|
| 6433 | corresponding to the private half of the key will always be NULL.
|
---|
| 6434 |
|
---|
| 6435 | Closes #1425
|
---|
| 6436 |
|
---|
| 6437 | - [David Benjamin brought this change]
|
---|
| 6438 |
|
---|
| 6439 | openssl: fix thread-safety bugs in error-handling
|
---|
| 6440 |
|
---|
| 6441 | ERR_error_string with NULL parameter is not thread-safe. The library
|
---|
| 6442 | writes the string into some static buffer. Two threads doing this at
|
---|
| 6443 | once may clobber each other and run into problems. Switch to
|
---|
| 6444 | ERR_error_string_n which avoids this problem and is explicitly
|
---|
| 6445 | bounds-checked.
|
---|
| 6446 |
|
---|
| 6447 | Also clean up some remnants of OpenSSL 0.9.5 around here. A number of
|
---|
| 6448 | comments (fixed buffer size, explaining that ERR_error_string_n was
|
---|
| 6449 | added in a particular version) date to when ossl_strerror tried to
|
---|
| 6450 | support pre-ERR_error_string_n OpenSSLs.
|
---|
| 6451 |
|
---|
| 6452 | Closes #1424
|
---|
| 6453 |
|
---|
| 6454 | - [David Benjamin brought this change]
|
---|
| 6455 |
|
---|
| 6456 | openssl: make SSL_ERROR_to_str more future-proof
|
---|
| 6457 |
|
---|
| 6458 | Rather than making assumptions about the values, use a switch-case.
|
---|
| 6459 |
|
---|
| 6460 | Closes #1424
|
---|
| 6461 |
|
---|
| 6462 | - [Daniel Gustafsson brought this change]
|
---|
| 6463 |
|
---|
| 6464 | code: fix typos and style in comments
|
---|
| 6465 |
|
---|
| 6466 | A few random typos, and minor whitespace cleanups, found in comments
|
---|
| 6467 | while reading code.
|
---|
| 6468 |
|
---|
| 6469 | Closes #1423
|
---|
| 6470 |
|
---|
| 6471 | Marcel Raad (17 Apr 2017)
|
---|
| 6472 | - extern-scan.pl: strip trailing CR
|
---|
| 6473 |
|
---|
| 6474 | This makes test 1135 pass with CRLF checkouts.
|
---|
| 6475 |
|
---|
| 6476 | Ref: https://github.com/curl/curl/pull/1344#issuecomment-289243166
|
---|
| 6477 | Closes https://github.com/curl/curl/pull/1422
|
---|
| 6478 |
|
---|
| 6479 | - configure.ac: ignore CR after version numbers
|
---|
| 6480 |
|
---|
| 6481 | Ignore everything after the version numbers in LIBCURL_VERSION and
|
---|
| 6482 | LIBCURL_VERSION_NUM to ged rid of the extra CR character.
|
---|
| 6483 | This makes tests 1022 and 1023 pass on Linux with a CRLF checkout.
|
---|
| 6484 |
|
---|
| 6485 | Ref: https://github.com/curl/curl/pull/1344#issuecomment-289243166
|
---|
| 6486 | Closes https://github.com/curl/curl/pull/1422
|
---|
| 6487 |
|
---|
| 6488 | - .gitattributes: force shell scripts to LF
|
---|
| 6489 |
|
---|
| 6490 | Bash on Linux errors out on CR characters.
|
---|
| 6491 | This makes tests 1221 and 1222 pass on Linux with a CRLF checkout.
|
---|
| 6492 |
|
---|
| 6493 | Ref: https://github.com/curl/curl/pull/1344#issuecomment-289243166
|
---|
| 6494 | Closes https://github.com/curl/curl/pull/1422
|
---|
| 6495 |
|
---|
| 6496 | - unit1303: fix compiler warning
|
---|
| 6497 |
|
---|
| 6498 | MinGW-w64 complains:
|
---|
| 6499 | warning: conversion to 'long int' from 'time_t {aka long long int}' may
|
---|
| 6500 | alter its value [-Wconversion]
|
---|
| 6501 | Fix this by using the correct type.
|
---|
| 6502 |
|
---|
| 6503 | Daniel Stenberg (16 Apr 2017)
|
---|
| 6504 | - RELEASE-NOTES: synced with 1451271e0
|
---|
| 6505 |
|
---|
| 6506 | - [Larry Stefani brought this change]
|
---|
| 6507 |
|
---|
| 6508 | http2: fix handle leak in error path
|
---|
| 6509 |
|
---|
| 6510 | Add missing newhandle free call in push_promise().
|
---|
| 6511 |
|
---|
| 6512 | Closes #1416
|
---|
| 6513 |
|
---|
| 6514 | - [Larry Stefani brought this change]
|
---|
| 6515 |
|
---|
| 6516 | mbedtls: fix memory leak in error path
|
---|
| 6517 |
|
---|
| 6518 | Add missing our_ssl_sessionid free call in mbed_connect_step3().
|
---|
| 6519 |
|
---|
| 6520 | Closes #1417
|
---|
| 6521 |
|
---|
| 6522 | Marcel Raad (15 Apr 2017)
|
---|
| 6523 | - curl-compilers.m4: turn implicit function declarations into errors
|
---|
| 6524 |
|
---|
| 6525 | This adds -Werror-implicit-function-declaration for GCC 2.95+ so that
|
---|
| 6526 | these errors are visible at the point where they occur instead of only
|
---|
| 6527 | at link time.
|
---|
| 6528 | Implicit function declarations are illegal in C99 and C++ anyway, and
|
---|
| 6529 | the same warning has been turned into an error for ICC in commit
|
---|
| 6530 | 3072c5b8a127057aa922b7c51051bbb4a630b091.
|
---|
| 6531 |
|
---|
| 6532 | Ref: https://gcc.gnu.org/onlinedocs/gcc-2.95.2/gcc_2.html#SEC8
|
---|
| 6533 | Ref: https://curl.haxx.se/mail/lib-2017-04/0001.html
|
---|
| 6534 | Closes https://github.com/curl/curl/pull/1419
|
---|
| 6535 |
|
---|
| 6536 | - test1541: also test for CURL_PULL_WS2TCPIP_H
|
---|
| 6537 |
|
---|
| 6538 | Ref: https://github.com/curl/curl/issues/1408
|
---|
| 6539 | Closes https://github.com/curl/curl/pull/1412
|
---|
| 6540 |
|
---|
| 6541 | - tests/server/util: prefer <poll.h> over <sys/poll.h>
|
---|
| 6542 |
|
---|
| 6543 | Follow-up to aa573c3c55cda72ec5ef677d87f6f46a53385f0c
|
---|
| 6544 |
|
---|
| 6545 | Ref: https://github.com/curl/curl/pull/1406
|
---|
| 6546 |
|
---|
| 6547 | Daniel Stenberg (11 Apr 2017)
|
---|
| 6548 | - Curl_expire_latest: ignore already expired timers
|
---|
| 6549 |
|
---|
| 6550 | If the existing timer is still in there but has expired, the new timer
|
---|
| 6551 | should be added.
|
---|
| 6552 |
|
---|
| 6553 | Reported-by: Rainer Canavan
|
---|
| 6554 | Bug: https://curl.haxx.se/mail/lib-2017-04/0030.html
|
---|
| 6555 | Closes #1407
|
---|
| 6556 |
|
---|
| 6557 | - system.h: fix mingw section
|
---|
| 6558 |
|
---|
| 6559 | Reported-by: Marcel Raad
|
---|
| 6560 | Fixes #1408
|
---|
| 6561 | Closes #1409
|
---|
| 6562 |
|
---|
| 6563 | Marcel Raad (11 Apr 2017)
|
---|
| 6564 | - polarssl: unbreak build with versions < 1.3.8
|
---|
| 6565 |
|
---|
| 6566 | ssl_session_init was only introduced in version 1.3.8, the penultimate
|
---|
| 6567 | version. The function only contains a memset, so replace it with that.
|
---|
| 6568 |
|
---|
| 6569 | Suggested-by: Jay Satiro
|
---|
| 6570 | Fixes https://github.com/curl/curl/issues/1401
|
---|
| 6571 |
|
---|
| 6572 | - poll: prefer <poll.h> over <sys/poll.h>
|
---|
| 6573 |
|
---|
| 6574 | The POSIX standard location is <poll.h>. Using <sys/poll.h> results in
|
---|
| 6575 | warning spam when using the musl standard library.
|
---|
| 6576 |
|
---|
| 6577 | Closes https://github.com/curl/curl/pull/1406
|
---|
| 6578 |
|
---|
| 6579 | Daniel Stenberg (10 Apr 2017)
|
---|
| 6580 | - [Alexis La Goutte brought this change]
|
---|
| 6581 |
|
---|
| 6582 | openssl: fix this statement may fall through [-Wimplicit-fallthrough=]
|
---|
| 6583 |
|
---|
| 6584 | Closes #1402
|
---|
| 6585 |
|
---|
| 6586 | Kamil Dudka (10 Apr 2017)
|
---|
| 6587 | - nss: load CA certificates even with --insecure
|
---|
| 6588 |
|
---|
| 6589 | ... because they may include an intermediate certificate for a client
|
---|
| 6590 | certificate and the intermediate certificate needs to be presented to
|
---|
| 6591 | the server, no matter if we verify the peer or not.
|
---|
| 6592 |
|
---|
| 6593 | Reported-by: thraidh
|
---|
| 6594 | Closes #851
|
---|
| 6595 |
|
---|
| 6596 | Daniel Stenberg (10 Apr 2017)
|
---|
| 6597 | - RELEASE-NOTES: synced with f9d1e9a27f7e1
|
---|
| 6598 |
|
---|
| 6599 | Dan Fandrich (10 Apr 2017)
|
---|
| 6600 | - libcurl-thread.3: fixed a bad macro that caused test 1140 to fail
|
---|
| 6601 |
|
---|
| 6602 | Daniel Stenberg (9 Apr 2017)
|
---|
| 6603 | - libcurl-thread.3: also mention threaded-resolver
|
---|
| 6604 |
|
---|
| 6605 | Reported-by: Alex Bligh
|
---|
| 6606 | Bug: https://curl.haxx.se/mail/lib-2017-04/0044.html
|
---|
| 6607 |
|
---|
| 6608 | - .github/stale.yml: enable the stale bot
|
---|
| 6609 |
|
---|
| 6610 | Issues and PRs with no activity for 180 days will get marked as stale,
|
---|
| 6611 | and if no further activity happens within 14 more days, the issue gets
|
---|
| 6612 | closed.
|
---|
| 6613 |
|
---|
| 6614 | This follows our established policy of not letting stalled bugs "get in
|
---|
| 6615 | the way": https://curl.haxx.se/docs/bugs.html#Closing_off_stalled_bugs
|
---|
| 6616 |
|
---|
| 6617 | Closes #1398
|
---|
| 6618 |
|
---|
| 6619 | Jay Satiro (8 Apr 2017)
|
---|
| 6620 | - CURLINFO_SCHEME.3: fix variable type
|
---|
| 6621 |
|
---|
| 6622 | - Change documented param type to char ** from incorrect long *.
|
---|
| 6623 |
|
---|
| 6624 | Marcel Raad (8 Apr 2017)
|
---|
| 6625 | - INSTALL.md: fix secure transport configure arguments
|
---|
| 6626 |
|
---|
| 6627 | --without-ssl is needed instead of --with-winssl.
|
---|
| 6628 |
|
---|
| 6629 | - vtls: fix unreferenced variable warnings
|
---|
| 6630 |
|
---|
| 6631 | ... by moving the variables into the correct #ifdef block.
|
---|
| 6632 |
|
---|
| 6633 | Daniel Stenberg (7 Apr 2017)
|
---|
| 6634 | - BUGS: "Bugs in old versions"
|
---|
| 6635 |
|
---|
| 6636 | - system.h: add section for tcc
|
---|
| 6637 |
|
---|
| 6638 | Closes #1397
|
---|
| 6639 |
|
---|
| 6640 | Marcel Raad (7 Apr 2017)
|
---|
| 6641 | - schannel: fix compiler warnings
|
---|
| 6642 |
|
---|
| 6643 | When UNICODE is not defined, the Curl_convert_UTF8_to_tchar macro maps
|
---|
| 6644 | directly to its argument. As it is declared as a pointer to const and
|
---|
| 6645 | InitializeSecurityContext expects a pointer to non-const, both MSVC and MinGW
|
---|
| 6646 | issue a warning about implicitly casting away the const. Fix this by declaring
|
---|
| 6647 | the variables as pointers to non-const.
|
---|
| 6648 |
|
---|
| 6649 | Closes https://github.com/curl/curl/pull/1394
|
---|
| 6650 |
|
---|
| 6651 | - [Isaac Boukris brought this change]
|
---|
| 6652 |
|
---|
| 6653 | sspi: print out InitializeSecurityContext() error message
|
---|
| 6654 |
|
---|
| 6655 | Reported-by: Carsten (talksinmath)
|
---|
| 6656 |
|
---|
| 6657 | Fixes #1384
|
---|
| 6658 | Closes #1395
|
---|
| 6659 |
|
---|
| 6660 | - gtls: fix compiler warning
|
---|
| 6661 |
|
---|
| 6662 | Curl_timeleft returns time_t instead of long since commit
|
---|
| 6663 | 21aa32d30dbf319f2d336e0cb68d3a3235869fbb.
|
---|
| 6664 |
|
---|
| 6665 | Daniel Stenberg (6 Apr 2017)
|
---|
| 6666 | - test1606: verify speedcheck
|
---|
| 6667 |
|
---|
| 6668 | - low_speed_limit: improved function for longer time periods
|
---|
| 6669 |
|
---|
| 6670 | Previously, periods of fast speed between periods of slow speed would
|
---|
| 6671 | not count and could still erroneously trigger a timeout.
|
---|
| 6672 |
|
---|
| 6673 | Reported-by: Paul Harris
|
---|
| 6674 | Fixes #1345
|
---|
| 6675 | Closes #1390
|
---|
| 6676 |
|
---|
| 6677 | - system.h: set sizeof long to 4 on "default 32 bit" systems
|
---|
| 6678 |
|
---|
| 6679 | Triggered a test failure on test 1541 for the build known as
|
---|
| 6680 | "Linux 4.4 i686 tcc 0.9.26 glibc 2.20"
|
---|
| 6681 |
|
---|
| 6682 | Marcel Raad (6 Apr 2017)
|
---|
| 6683 | - nss: fix build after e60fe20fdf94e829ba5fce33f7a9d6c281149f7d
|
---|
| 6684 |
|
---|
| 6685 | Curl_llist_alloc is now Curl_llist_init.
|
---|
| 6686 |
|
---|
| 6687 | Closes https://github.com/curl/curl/pull/1391
|
---|
| 6688 |
|
---|
| 6689 | Daniel Stenberg (6 Apr 2017)
|
---|
| 6690 | - INSTALL.cmake: more problems
|
---|
| 6691 |
|
---|
| 6692 | and mention specific issues where they are discussed
|
---|
| 6693 |
|
---|
| 6694 | - test1541: ignore the curl_off_t variable type name comparison
|
---|
| 6695 |
|
---|
| 6696 | ... the sizes and the formatting strings are what's really important and
|
---|
| 6697 | avoids problems with int64_t vs "long long".
|
---|
| 6698 |
|
---|
| 6699 | Bug: https://curl.haxx.se/mail/lib-2017-04/0019.html
|
---|
| 6700 |
|
---|
| 6701 | - Revert "configure: prefer 'long long' to int64_t for curl_off_t"
|
---|
| 6702 |
|
---|
| 6703 | This reverts commit 81284374bf3c670d2050f8562edeb69f060b07cc.
|
---|
| 6704 |
|
---|
| 6705 | Due to mingw32 brekage.
|
---|
| 6706 |
|
---|
| 6707 | Marcel Raad (5 Apr 2017)
|
---|
| 6708 | - tool_operate: fix MinGW compiler warning
|
---|
| 6709 |
|
---|
| 6710 | MinGW complains:
|
---|
| 6711 | tool_operate.c:197:15: error: comparison is always true due to limited range
|
---|
| 6712 | of data type [-Werror=type-limits]
|
---|
| 6713 |
|
---|
| 6714 | Fix this by only doing the comparison if 'long' is large enough to hold the
|
---|
| 6715 | constant it is compared with.
|
---|
| 6716 |
|
---|
| 6717 | Closes https://github.com/curl/curl/pull/1378
|
---|
| 6718 |
|
---|
| 6719 | - tool_operate: move filetime code to its own function
|
---|
| 6720 |
|
---|
| 6721 | Ref: https://github.com/curl/curl/pull/1378
|
---|
| 6722 |
|
---|
| 6723 | Daniel Stenberg (5 Apr 2017)
|
---|
| 6724 | - configure: prefer 'long long' to int64_t for curl_off_t
|
---|
| 6725 |
|
---|
| 6726 | Since it is a native type and it makes it less complicated to find a
|
---|
| 6727 | matching one in system.h
|
---|
| 6728 |
|
---|
| 6729 | Bug: https://curl.haxx.se/mail/lib-2017-04/0010.html
|
---|
| 6730 | Reported-by: Dan Fandrich
|
---|
| 6731 |
|
---|
| 6732 | Closes #1388
|
---|
| 6733 |
|
---|
| 6734 | - [Dániel Bakai brought this change]
|
---|
| 6735 |
|
---|
| 6736 | tests: added test for Curl_splaygetbest to unit1309
|
---|
| 6737 |
|
---|
| 6738 | This checks the new behavior of Curl_splaygetbest, so that the smallest
|
---|
| 6739 | node not larger than the key is removed, and FIFO behavior is kept even
|
---|
| 6740 | when there are multiple nodes with the same key.
|
---|
| 6741 |
|
---|
| 6742 | Closes #1358
|
---|
| 6743 |
|
---|
| 6744 | - [Dániel Bakai brought this change]
|
---|
| 6745 |
|
---|
| 6746 | multi: fix queueing of pending easy handles
|
---|
| 6747 |
|
---|
| 6748 | Multi handles repeatedly invert the queue of pending easy handles when
|
---|
| 6749 | used with CURLMOPT_MAX_TOTAL_CONNECTIONS. This is caused by a multistep
|
---|
| 6750 | process involving Curl_splaygetbest and violates the FIFO property of
|
---|
| 6751 | the multi handle.
|
---|
| 6752 | This patch fixes this issue by redefining the "best" node in the
|
---|
| 6753 | context of timeouts as the "smallest not larger than now", and
|
---|
| 6754 | implementing the necessary data structure modifications to do this
|
---|
| 6755 | effectively, namely:
|
---|
| 6756 | - splay nodes with the same key are now stored in a doubly-linked
|
---|
| 6757 | circular list instead of a non-circular one to enable O(1)
|
---|
| 6758 | insertion to the tail of the list
|
---|
| 6759 | - Curl_splayinsert inserts nodes with the same key to the tail of
|
---|
| 6760 | the same list
|
---|
| 6761 | - in case of multiple nodes with the same key, the one on the head of
|
---|
| 6762 | the list gets selected
|
---|
| 6763 |
|
---|
| 6764 | Marcel Raad (4 Apr 2017)
|
---|
| 6765 | - tool: fix Windows Unicode build
|
---|
| 6766 |
|
---|
| 6767 | ... by explicitly calling the ANSI versions of Windows API functions where
|
---|
| 6768 | required.
|
---|
| 6769 |
|
---|
| 6770 | Daniel Stenberg (4 Apr 2017)
|
---|
| 6771 | - [Martin Kepplinger brought this change]
|
---|
| 6772 |
|
---|
| 6773 | curl_sasl: declare mechtable static
|
---|
| 6774 |
|
---|
| 6775 | struct mechtable is only used locally here. It can be declared static.
|
---|
| 6776 |
|
---|
| 6777 | Jay Satiro (4 Apr 2017)
|
---|
| 6778 | - [Antti Hätälä brought this change]
|
---|
| 6779 |
|
---|
| 6780 | url: don't free postponed data on connection reuse
|
---|
| 6781 |
|
---|
| 6782 | - Don't free postponed data on a connection that will be reused since
|
---|
| 6783 | doing so can cause data loss when pipelining.
|
---|
| 6784 |
|
---|
| 6785 | Only Windows builds are affected by this.
|
---|
| 6786 |
|
---|
| 6787 | Closes https://github.com/curl/curl/issues/1380
|
---|
| 6788 |
|
---|
| 6789 | Daniel Stenberg (4 Apr 2017)
|
---|
| 6790 | - RELEASE-NOTES: synced with 4f2e348f9b42c69c480
|
---|
| 6791 |
|
---|
| 6792 | - hash: move key into hash struct to reduce mallocs
|
---|
| 6793 |
|
---|
| 6794 | This removes one tiny malloc for each hash struct allocated. In a simple
|
---|
| 6795 | case like "curl localhost", this save three mallocs.
|
---|
| 6796 |
|
---|
| 6797 | Closes #1376
|
---|
| 6798 |
|
---|
| 6799 | - llist: replace Curl_llist_alloc with Curl_llist_init
|
---|
| 6800 |
|
---|
| 6801 | No longer allocate the curl_llist head struct for lists separately.
|
---|
| 6802 |
|
---|
| 6803 | Removes 17 (15%) tiny allocations in a normal "curl localhost" invoke.
|
---|
| 6804 |
|
---|
| 6805 | closes #1381
|
---|
| 6806 |
|
---|
| 6807 | Jay Satiro (4 Apr 2017)
|
---|
| 6808 | - easy: silence compiler warning
|
---|
| 6809 |
|
---|
| 6810 | Safe to silence warning adding time delta of poll, which can trigger on
|
---|
| 6811 | Windows since sizeof time_t > sizeof long.
|
---|
| 6812 |
|
---|
| 6813 | warning C4244: '+=' : conversion from 'time_t' to 'long', possible loss
|
---|
| 6814 | of data
|
---|
| 6815 |
|
---|
| 6816 | Daniel Stenberg (4 Apr 2017)
|
---|
| 6817 | - [Richlv brought this change]
|
---|
| 6818 |
|
---|
| 6819 | docs: minor typo in write-out.d
|
---|
| 6820 |
|
---|
| 6821 | Closes #1382
|
---|
| 6822 |
|
---|
| 6823 | - include: curl/system.h is a run-time version of curlbuild.h
|
---|
| 6824 |
|
---|
| 6825 | system.h is aimed to replace curlbuild.h at a later point in time when
|
---|
| 6826 | we feel confident system.h works sufficiently well.
|
---|
| 6827 |
|
---|
| 6828 | curl/system.h is currently used in parallel with curl/curlbuild.h
|
---|
| 6829 |
|
---|
| 6830 | curl/system.h determines a data sizes, data types and include file
|
---|
| 6831 | status based on available preprocessor defines instead of getting
|
---|
| 6832 | generated at build-time. This, in order to avoid relying on a build-time
|
---|
| 6833 | generated file that makes it complicated to do 32 and 64 bit bields from
|
---|
| 6834 | the same installed set of headers.
|
---|
| 6835 |
|
---|
| 6836 | Test 1541 verifies that system.h comes to the same conclusion that
|
---|
| 6837 | curlbuild.h offers.
|
---|
| 6838 |
|
---|
| 6839 | Closes #1373
|
---|
| 6840 |
|
---|
| 6841 | - multi: make curl_multi_wait avoid malloc in the typical case
|
---|
| 6842 |
|
---|
| 6843 | When only a few additional file descriptors are used, avoid the malloc.
|
---|
| 6844 |
|
---|
| 6845 | Closes #1377
|
---|