Resolving the case insensitive host name 'localhost' now returns the
addresses 127.0.0.1 and (if IPv6 is enabled) ::1 without using any
resolver.
This removes the risk that users accidentally resolves 'localhost' to
something else. By making sure 'localhost' is always local, we can
assume a "secure context" for such transfers (for cookies etc).
Closes#7039
Also, use a single function library-wide for detecting if a given hostname is
a numerical IP address.
Reported-by: Harry Sintonen
Fixes#7146Closes#7149
Hyper returns the same error for wrong HTTP version as for negative
content-length. Test 178 verifies that negative content-length is
rejected but the hyper backend will return a different error for it (and
without any helpful message telling why the message was bad). It will
also not return any headers at all for the response, not even the ones
that arrived before the error.
Closes#7147
In INSTALL.MD, it's currently set to CURL-DISABLE-md instead of
CURL-DISABLE.md. This generates a 404 on the cURL website as well as
when viewing the docs through Github.
Closes#7142
To prevent previous ones to get reused on subsequent requests. Matches
how the built-in HTTP code works. Makes test 90 to 93 work.
Add test 90 to 93 in travis.
Closes#7139
In a3268eca79 this code was changed to use the ALPN_H2 constant
instead of the NGHTTP2_PROTO_ALPN constant. However, these constants are
not the same. The nghttp2 constant included the length of the string,
like this: "\x2h2". The ALPN_H2 constant is just "h2". Therefore we need
to re-add the length of the string to the ALPN buffer.
Closes#7138
When the SecCertificateCopyCommonName function fails, it leaves
common_name in a invalid state so CFStringCompare uses the invalid
result, causing EXC_BAD_ACCESS.
The fix is to check the return value of the function before using the
name.
Closes#7126
install(EXPORT ...) causes trouble when embedding curl dependencies
which don't provide install(EXPORT ...) targets (e.g libressl and
nghttp2) with cmake's add_subdirectory.
Reviewed-by: Jakub Zakrzewski
Closes#7060
Latest version of quiche requires the application to pass the peer
address of received packets, and it provides the address for outgoing
packets back.
Closes#7120
Multithreaded compilation has been supported since at least VS 2005 and
been robustly stable since at least VS 2008
Closes https://github.com/curl/curl/pull/7109
In some situations, it was possible that a transfer was setup to
use an specific IP version, but due do DNS caching or connection
reuse, it ended up using a different IP version from requested.
This commit changes the effect of CURLOPT_IPRESOLVE from simply
restricting address resolution to preventing the wrong connection
type being used, when choosing a connection from the pool, and
to restricting what addresses could be used when establishing
a new connection.
It is important that all addresses versions are resolved, even if
not used in that transfer in particular, because the result is
cached, and could be useful for a different transfer with a
different CURLOPT_IPRESOLVE setting.
Closes#6853
AmiSSL replaces many functions with macros. Curl requires pointer
to some of these functions. Thus, we have to encapsulate these macros:
SHA256_Init, SHA256_Update, SHA256_Final, X509_INFO_free.
Bug: https://github.com/jens-maus/amissl/issues/15
Co-authored-by: Daniel Stenberg <daniel@haxx.se>
Closes#7099
extra parens cause the links to be incorrectly formatted
and inconsistent with the rest of the document.
Signed-off-by: Ryan Beck-Buysse <rbuysse@gmail.com>
Closes#7097
We use dashes instead of dots nearly everywhere except for those few
cases. This commit addresses this issues and brings more coherency into
it.
Closes#7093
