Commit Graph

22784 Commits (master)

Author SHA1 Message Date
Florin f20cbac970
auth: Added test cases for RFC7616
Updated docs to include support for RFC7616

Signed-off-by: Florin <>

Closes #1934
6 years ago
Florin 2b5b37cb91
auth: add support for RFC7616 - HTTP Digest access authentication
Signed-off-by: Florin <>
6 years ago
Daniel Bankhead 1d0c8dea95
TODO: support multiple Content-Encodings
Closes #2002
6 years ago
Daniel Stenberg 516d3b9ff9
ROADMAP: cleanup
Removed done stuff. Removed entries no longer considered for the near
6 years ago
Magicansk cb361b4a5e spelling fixes
Closes #2028
6 years ago
Daniel Stenberg 0d85eed3df
Curl_timeleft: change return type to timediff_t
returning 'time_t' is problematic when that type is unsigned and we
return values less than zero to signal "already expired", used in
several places in the code.

Closes #2021
6 years ago
Daniel Stenberg 9dfc541dd7
appveyor: add a win32 build 6 years ago
Daniel Stenberg 961c8667d2
setopt: fix CURLOPT_SSH_AUTH_TYPES option read
Regression since f121575c0b

Reported-by: Rob Cotrone
6 years ago
Marcel Raad 733190413f
resolvers: only include anything if needed
This avoids warnings about unused stuff.

6 years ago
Daniel Stenberg 36bbbeb7c2
HELP-US: rename the subtitle too since the label is changed
"PR-welcome" was the former name.
6 years ago
Daniel Stenberg fe03485e93
curl_setup.h: oops, shorten the too long line 6 years ago
Martin Storsjo 9e76dbe054
curl_setup: Improve detection of CURL_WINDOWS_APP
If WINAPI_FAMILY is defined, it should be safe to try to include
winapifamily.h to check what the define evaluates to.

This should fix detection of CURL_WINDOWS_APP if building with
_WIN32_WINNT set to 0x0600.

Closes #2025
6 years ago
Jay Satiro 979d2877be transfer: Fix chunked-encoding upload bug
- When uploading via chunked-encoding don't compare file size to bytes
  sent to determine whether the upload has finished.

Chunked-encoding adds its own overhead which why the bytes sent is not
equal to the file size. Prior to this change if a file was uploaded in
chunked-encoding and its size was known it was possible that the upload
could end prematurely without sending the final few chunks. That would
result in a server hang waiting for the remaining data, likely followed
by a disconnect.

The scope of this bug is limited to some arbitrary file sizes which have
not been determined. One size that triggers the bug is 475020.


6 years ago
Daniel Stenberg 788d333573
timeval: make timediff_t also work on 32bit windows
... by using curl_off_t for the typedef if time_t is larger than 4

Reported-by: Gisle Vanem
Bug: b9d25f9a6b (co)
Closes #2019
6 years ago
Daniel Stenberg f0364f7e31
curl_fnmatch: return error on illegal wildcard pattern
... instead of doing an infinite loop!

Added test 1162 to verify.

Reported-by: Max Dymond
Fixes #2015
Closes #2017
6 years ago
Max Dymond 7b11c5dbe6
wildcards: don't use with non-supported protocols
Fixes timeouts in the fuzzing tests for non-FTP protocols.

Closes #2016
6 years ago
Max Dymond 3340b456a5 multi: allow table handle sizes to be overridden
Allow users to specify their own hash define for
CURL_CONNECTION_HASH_SIZE so that both values can be overridden.

Closes #1982
6 years ago
Daniel Stenberg 5d543fe906 time: rename Curl_tvnow to Curl_now
... since the 'tv' stood for timeval and this function does not return a
timeval struct anymore.

Also, cleaned up the Curl_timediff*() functions to avoid typecasts and
clean up the descriptive comments.

Closes #2011
6 years ago
Daniel Stenberg 1d72b5b891 ftplistparser: follow-up cleanup to remove PL_ERROR() 6 years ago
Max Dymond f786d1f143 ftplistparser: free off temporary memory always
When using the FTP list parser, ensure that the memory that's
allocated is always freed.

Detected by OSS-fuzz:
Closes #2013
6 years ago
Daniel Stenberg b9d25f9a6b timediff: return timediff_t from the time diff functions
... to cater for systems with unsigned time_t variables.

- Renamed the functions to curlx_timediff and Curl_timediff_us.

- Added overflow protection for both of them in either direction for
  both 32 bit and 64 bit time_ts

- Reprefixed the curlx_time functions to use Curl_*

Reported-by: Peter Piekarski
Fixes #2004
Closes #2005
6 years ago
Paul Howarth 016c6a6abb libtest: Add required test libraries for lib1552 and lib1553
They use $(TESTUTIL) and thus should use $(TESTUTIL_LIBS) too.

This fixes build failures on Fedora 13.

Closes #2006
6 years ago
Alessandro Ghedini 7408570bf0 libcurl-tutorial.3: fix typo
closes #2008
6 years ago
Alessandro Ghedini f6535791fa curl_mime_filedata.3: fix typos 6 years ago
Daniel Stenberg 6746f8aa97
RELEASE-NOTES: clean slate towards 7.57.0 6 years ago
Max Dymond 2de63ab179
travis: exit if any steps fail
We don't expect any steps to fail in travis. Exit the script if they do.

Closes #1966
6 years ago
Daniel Stenberg c514af5a4f
RELEASE-NOTES: 7.56.1 6 years ago
Daniel Stenberg adbfb42889
THANKS: update at 7.56.1 release time 6 years ago
Jon DeVree fdd879d549
mk-ca-bundle: Remove URL for aurora
Aurora is no longer used by Mozilla
6 years ago
Jon DeVree f571651a0d
mk-ca-bundle: Fix URL for NSS
The 'tip' is the most recent branch committed to, this should be
'default' like the URLs for the browser are.

Closes #1998
6 years ago
Daniel Stenberg 13c9a9ded3
imap: if a FETCH response has no size, don't call write callback

Reported-by: Brian Carpenter and 0xd34db347
Also detected by OSS-Fuzz:
6 years ago
Daniel Stenberg 769647e714
ftp: reject illegal IP/port in PASV 227 response
... by using range checks. Among other things, this avoids an undefined
behavior for a left shift that could happen on negative or very large

Closes #1997

Detected by OSS-fuzz:
6 years ago
Patrick Monnerat 8351ab4510 test653: check reuse of easy handle after mime data change
See issue #1999
6 years ago
Patrick Monnerat cea27d3454 mime: do not reuse previously computed multipart size
The contents might have changed: size must be recomputed.

Reported-by: moteus on github
Fixes #1999
6 years ago
Patrick Monnerat aeaa22de8e test308: disable if MultiSSL feature enabled
Even if OpenSSL is enabled, it might not be the default backend when
multi-ssl is enabled, causing the test to fail.
6 years ago
Patrick Monnerat 7363d5a928 runtests: support MultiSSL client feature 6 years ago
Patrick Monnerat 8aee8a6a2d vtls: change struct Curl_ssl `close' field name to `close_one'.
On OS/400, `close' is an ASCII system macro that corrupts the code if
not used in a context not targetting the close() system API.
6 years ago
Patrick Monnerat a4fc19eb4d os400: add missing symbols in config file.
Also adjust makefile to renamed files and warn about installation dirs mix-up.
6 years ago
Patrick Monnerat 34def509ef test652: curl_mime_data + base64 encoder with large contents 6 years ago
Patrick Monnerat a8742efe42 mime: limit bas64-encoded lines length to 76 characters 6 years ago
Daniel Stenberg 2509395ecf
RELEASE-NOTES: synced with f121575c0 6 years ago
Daniel Stenberg f121575c0b
setopt: range check most long options
... filter early instead of risking "funny values" having to be dealt
with elsewhere.
6 years ago
Daniel Stenberg 172ce9cc19
setopt: avoid integer overflows when setting millsecond values
... that are multiplied by 1000 when stored.

For 32 bit long systems, the max value accepted (2147483 seconds) is >
596 hours which is unlikely to ever be set by a legitimate application -
and previously it didn't work either, it just caused undefined behavior.

Also updated the man pages for these timeout options to mention the
return code.

Closes #1938
6 years ago
Viktor Szakats 4440b6ad57 makefile.m32: allow to override gcc, ar and ranlib
Allow to ovverride certain build tools, making it possible to
use LLVM/Clang to build curl. The default behavior is unchanged.
To build with clang (as offered by MSYS2), these settings can
be used:


6 years ago
Viktor Szakats 748f5301c0 ldap: silence clang warning
Use memset() to initialize a structure to avoid LLVM/Clang warning:
ldap.c:193:39: warning: missing field 'UserLength' initializer [-Wmissing-field-initializers]

6 years ago
Daniel Stenberg ed0b6b18f6
runtests: use valgrind for torture as well
NOTE: it makes them terribly slow. I recommend only using valgrind for
specific torture tests or using lots of patience.
6 years ago
Daniel Stenberg ad164eceb3
memdebug: trace send, recv and socket
... to allow them to be included in torture tests too.

closes #1980
6 years ago
Daniel Stenberg 4af3c777a9
configure: remove the C++ compiler check
... we used it only for the fuzzer, which we now have in a separate git

Closes #1990
6 years ago
Patrick Monnerat d7e4230538 mime: do not call failf() if easy handle is NULL. 6 years ago
Daniel Stenberg 10a659dbf6
test651: curl_formadd with huge COPYCONTENTS 6 years ago