summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* fixup MSVC warningbagder/parsedate-longDaniel Stenberg2018-01-201-0/+3
|
* parsedate: fix date parsing for systems with 32 bit longDaniel Stenberg2018-01-196-240/+224
| | | | | | | | | Make curl_getdate() handle dates before 1970 as well (returning negative values). Make test 517 test dates for 64 bit time_t. This fixes bug (3) mentioned in #2238
* http2: don't close connection when single transfer is stoppedKartik Mahajan2018-01-181-1/+2
| | | | | Fixes #2237 Closes #2249
* test558: fix for multissl buildsDaniel Stenberg2018-01-181-0/+1
| | | | | | vtls.c:multissl_init() might do a curl_free() call so strip that out to make this work with more builds. We just want to verify that memorytracking works so skipping one line is no harm.
* examples/url2file.c: add missing curl_global_cleanup() callDaniel Stenberg2018-01-181-1/+3
| | | | | Reported-by: XhstormR on github Fixes #2245
* SSH: Fix state machine for ssh-agent authenticationMichael Gmelin2018-01-181-3/+3
| | | | | | | | | | | | | | | | | | | In case an identity didn't match[0], the state machine would fail in state SSH_AUTH_AGENT instead of progressing to the next identity in ssh-agent. As a result, ssh-agent authentication only worked if the identity required happened to be the first added to ssh-agent. This was introduced as part of commit c4eb10e2f06fbd6cc904f1d78e4, which stated that the "else" statement was required to prevent getting stuck in state SSH_AUTH_AGENT. Given the state machine's logic and libssh2's interface I couldn't see how this could happen or reproduce it and I also couldn't find a more detailed description of the problem which would explain a test case to reproduce the problem this was supposed to fix. [0] libssh2_agent_userauth returning LIBSSH2_ERROR_AUTHENTICATION_FAILED Closes #2248
* openssl: fix potential memory leak in SSLKEYLOGFILE logicDaniel Stenberg2018-01-181-9/+12
| | | | Coverity CID 1427646.
* openssl: fix the libressl build againDaniel Stenberg2018-01-181-1/+1
| | | | | | | | | | Follow-up to 84fcaa2e7. libressl does not have the API even if it says it is late OpenSSL version... Fixes #2246 Closes #2247 Reported-by: jungle-boogie on github
* unit1307: test many wildcards tooDaniel Stenberg2018-01-171-1/+5
|
* curl_fnmatch: only allow 5 '*' sections in a single patternDaniel Stenberg2018-01-171-3/+7
| | | | | ... to avoid excessive recursive calls. The number 5 is totally arbitrary and could be modified if someone has a good motivation.
* ftp-wildcard: fix matching an empty string with "*[^a]"Daniel Stenberg2018-01-172-15/+16
| | | | | | | | .... and avoid advancing the pointer to trigger an out of buffer read. Detected by OSS-fuzz Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5251 Assisted-by: Max Dymond
* SMB: fix numeric constant suffix and variable typesDaniel Stenberg2018-01-162-44/+18
| | | | | | | | | | 1. don't use "ULL" suffix since unsupported in older MSVC 2. use curl_off_t instead of custom long long ifdefs 3. make get_posix_time() not do unaligned data access Fixes #2211 Closes #2240 Reported-by: Chester Liu
* CURLOPT_TCP_NODELAY.3: fix typorouzier2018-01-151-1/+1
| | | | Closes #2239
* smtp/pop3/imap_get_message: decrease the data length too...Daniel Stenberg2018-01-153-9/+15
| | | | | | | | Follow-up commit to 615edc1f73 which was incomplete. Assisted-by: Max Dymond Detected by OSS-fuzz Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5206
* openssl: enable SSLKEYLOGFILE support by defaultDaniel Stenberg2018-01-151-4/+6
| | | | | Fixes #2210 Closes #2236
* mime: clone mime tree upon easy handle duplication.Patrick Monnerat2018-01-148-8/+386
| | | | | | | | | | | | | | | | | | | | | A mime tree attached to an easy handle using CURLOPT_MIMEPOST is strongly bound to the handle: there is a pointer to the easy handle in each item of the mime tree and following the parent pointer list of mime items ends in a dummy part stored within the handle. Because of this binding, a mime tree cannot be shared between different easy handles, thus it needs to be cloned upon easy handle duplication. There is no way for the caller to get the duplicated mime tree handle: it is then set to be automatically destroyed upon freeing the new easy handle. New test 654 checks proper mime structure duplication/release. Add a warning note in curl_mime_data_cb() documentation about sharing user data between duplicated handles. Closes #2235
* docs: comment about CURLE_READ_ERROR returned by curl_mime_filedataPatrick Monnerat2018-01-141-2/+5
|
* test395: HTTP with overflow Content-Length valueDaniel Stenberg2018-01-132-1/+56
|
* test394: verify abort of rubbish in Content-Length: valueDaniel Stenberg2018-01-132-1/+60
|
* test393: verify --max-filesize with excessive Content-LengthDaniel Stenberg2018-01-132-1/+62
|
* HTTP: bail out on negative Content-Length: valuesDaniel Stenberg2018-01-132-20/+31
| | | | | | | | | | ... and make the max filesize check trigger if the value is too big. Updates test 178. Reported-by: Brad Spencer Fixes #2212 Closes #2223
* configure.ac: append extra linker flags instead of prepending them.Dan Johnson2018-01-131-2/+2
| | | | | | | | Link order should list libraries after the libraries that use them, so when we're guessing that we might also need to add -ldl in order to use -lssl, we should add -ldl after -lssl. Closes https://github.com/curl/curl/pull/2234
* RELEASE-NOTES: synced with 6fa10c8faDaniel Stenberg2018-01-131-7/+60
|
* setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ valuesJay Satiro2018-01-133-29/+39
| | | | | | | | | Broken since f121575 (precedes 7.56.1). Bug: https://github.com/curl/curl/issues/2225 Reported-by: cmfrolick@users.noreply.github.com Closes https://github.com/curl/curl/pull/2227
* setopt: reintroduce non-static Curl_vsetopt() for OS400 supportPatrick Monnerat2018-01-136-13/+21
| | | | | | | | This also upgrades ILE/RPG bindings with latest setopt options. Reported-By: jonrumsey on github Fixes #2230 Closes #2233
* http2: fix incorrect trailer buffer sizeZhouyihai Ding2018-01-111-2/+2
| | | | | | | | | | | | | | | Prior to this change the stored byte count of each trailer was miscalculated and 1 less than required. It appears any trailer after the first that was passed to Curl_client_write would be truncated or corrupted as well as the size. Potentially the size of some subsequent trailer could be erroneously extracted from the contents of that trailer, and since that size is used by client write an out-of-bounds read could occur and cause a crash or be otherwise processed by client write. The bug appears to have been born in 0761a51 (precedes 7.49.0). Closes https://github.com/curl/curl/pull/2231
* easy: fix connection ownership in curl_easy_pauseBasuke Suzuki2018-01-091-1/+14
| | | | | | | | Before calling Curl_client_chop_write(), change the owner of connection to the current Curl_easy handle. This will fix the issue #2217. Fixes https://github.com/curl/curl/issues/2217 Closes https://github.com/curl/curl/pull/2221
* system.h: Additionally check __LONG_MAX__ for defining curl_off_tDimitrios Apostolou2018-01-091-2/+4
| | | | | | | __SIZEOF_LONG__ was introduced in GCC 4.4, __LONG_MAX__ was introduced in GCC 3.3. Closes #2216
* COPYING: it's 2018!Daniel Stenberg2018-01-091-1/+1
|
* progress: calculate transfer speed on milliseconds if possibleDaniel Stenberg2018-01-084-18/+24
| | | | | | | to increase accuracy for quick transfers Fixes #2200 Closes #2206
* scripts: allow all perl scripts to be run directlyJay Satiro2018-01-0715-10/+11
| | | | | | | | - Enable execute permission (chmod +x) - Change interpreter to /usr/bin/env perl Closes https://github.com/curl/curl/pull/2222
* mail-rcpt.d: fix short-text descriptionJay Satiro2018-01-072-2/+2
|
* build: remove HAVE_LIMITS_H checkJay Satiro2018-01-0529-62/+2
| | | | | | | | .. because limits.h presence isn't optional, it's required by C89. Ref: http://port70.net/~nsz/c/c89/c89-draft.html#2.2.4.2 Closes https://github.com/curl/curl/pull/2215
* openssl: fix memory leak of SSLKEYLOGFILE filenameJay Satiro2018-01-031-1/+2
| | | | | | | - Free the copy of SSLKEYLOGFILE env returned by curl_getenv during ossl initialization. Caught by ASAN.
* Revert "curl/system.h: fix compilation with gcc on AIX PPC and IA64 HP-UX"Jay Satiro2018-01-021-2/+1
| | | | | | | | | | This reverts commit c97648b55080343bb371522bf4233e94a2a13a99. SIZEOF_LONG should not be checked in system.h since that macro is only defined when building libcurl. Ref: https://github.com/curl/curl/pull/2186#issuecomment-354767080 Ref: https://gcc.gnu.org/onlinedocs/cpp/Common-Predefined-Macros.html
* test1554: improve the error handlingMichael Kaufmann2017-12-301-0/+6
|
* test1554: add global initialization and cleanupMichael Kaufmann2017-12-301-1/+5
|
* curl_version_info.3: call the argument 'age'Daniel Stenberg2017-12-291-2/+2
| | | | | Reported-by: Pete Lomax Bug: https://curl.haxx.se/mail/lib-2017-12/0074.html
* brotli: data at the end of content can be lostMikalai Ananenka2017-12-273-4/+202
| | | | | | | | | | Decoding loop implementation did not concern the case when all received data is consumed by Brotli decoder and the size of decoded data internally hold by Brotli decoder is greater than CURL_MAX_WRITE_SIZE. For content with unencoded length greater than CURL_MAX_WRITE_SIZE this can result in the loss of data at the end of content. Closes #2194
* examples/cacertinmem: ignore cert-already-exists errorJay Satiro2017-12-262-125/+92
| | | | | | | | | | | | | | | - Ignore X509_R_CERT_ALREADY_IN_HASH_TABLE errors in the CTX callback since it's possible the cert may have already been loaded by libcurl. - Remove the EXAMPLE code in the CURLOPT_SSL_CTX_FUNCTION.3 doc. Instead have it direct the reader to this cacertinmem.c example. - Fix the CA certificate to use the right CA for example.com, Digicert. Bug: https://curl.haxx.se/mail/lib-2017-12/0057.html Reported-by: Thomas van Hesteren Closes https://github.com/curl/curl/pull/2182
* tool_getparam: Support size modifiers for --max-filesizeGisle Vanem2017-12-263-36/+69
| | | | | | | | | | | | | - Move the size modifier detection code from limit-rate to its own function so that it can also be used with max-filesize. Size modifiers are the suffixes such as G (gigabyte), M (megabyte) etc. For example --max-filesize 1G Ref: https://curl.haxx.se/mail/archive-2017-12/0000.html Closes https://github.com/curl/curl/pull/2179
* build: Fixed incorrect script termination from commit ad1dc10e61Steve Holme2017-12-221-1/+1
|
* Makefile.vc: Added our standard copyright headerSteve Holme2017-12-221-0/+22
|
* winbuild: Added support for VC15Steve Holme2017-12-223-4/+4
|
* build: Added Visual Studio 2017 project filesSteve Holme2017-12-2213-7/+5866
|
* build-wolfssl.bat: Added support for VC15Steve Holme2017-12-221-3/+16
|
* build-openssl.bat: Added support for VC15Steve Holme2017-12-221-3/+13
|
* curl/system.h: fix compilation with gcc on AIX PPC and IA64 HP-UXDimitrios Apostolou2017-12-221-1/+2
| | | | Closes https://github.com/curl/curl/pull/2186
* examples/rtsp: fix error handling macrosMattias Fornander2017-12-221-2/+2
| | | | Closes https://github.com/curl/curl/pull/2185
* curl_easy_reset: release mime-related data.Patrick Monnerat2017-12-205-9/+78
| | | | | | | | | | | Move curl_mime_initpart() and curl_mime_cleanpart() calls to lower-level functions dealing with UserDefined structure contents. This avoids memory leakages on curl-generated part mime headers. New test 2073 checks this using the cli tool --next option: it triggers a valgrind error if bug is present. Bug: https://curl.haxx.se/mail/lib-2017-12/0060.html Reported-by: Martin Galvan
View Lorry Controller Status