Patrick Monnerat
945f60e8a7
Limit ASN.1 structure sizes to 256K. Prevent some allocation size overflows.
...
See CRL-01-006.
2016-11-24 14:28:39 +01:00
Jay Satiro
3e9c0230f4
url: Fix conn reuse for local ports and interfaces
...
- Fix connection reuse for when the proposed new conn 'needle' has a
specified local port but does not have a specified device interface.
Bug: https://curl.haxx.se/mail/lib-2016-11/0137.html
Reported-by: bjt3[at]hotmail.com
2016-11-22 16:10:06 -05:00
Daniel Stenberg
f18f7bf934
rand: pass in number of randoms as an unsigned argument
2016-11-21 07:51:42 +01:00
Jay Satiro
8626632f3e
rand: Fix potentially uninitialized result warning
2016-11-20 23:57:47 -05:00
Marcel Raad
c0ae2dbb86
vtls: fix build warnings
...
Fix warnings about conversions from long to time_t in openssl.c and
schannel.c.
Follow-up to de4de4e3c7
2016-11-19 14:09:03 +01:00
Marcel Raad
21aa32d30d
lib: fix compiler warnings after de4de4e3c7
...
Visual C++ now complains about implicitly casting time_t (64-bit) to
long (32-bit). Fix this by changing some variables from long to time_t,
or explicitly casting to long where the public interface would be
affected.
Closes #1131
2016-11-18 10:11:55 +01:00
Isaac Boukris
0b8d682f81
Don't mix unix domain sockets with regular ones
...
When reusing a connection, make sure the unix domain
socket option matches.
2016-11-17 17:34:02 +01:00
Jay Satiro
2ece147cc2
tests: Fix HTTP2-Settings header for huge window size
...
Follow-up to a4d8888
. Changing the window size in that commit resulted
in a different HTTP2-Settings upgrade header, causing test 1800 to fail.
2016-11-17 01:04:00 -05:00
Jay Satiro
a4d888857e
http2: Use huge HTTP/2 windows
...
- Improve performance by using a huge HTTP/2 window size.
Bug: https://github.com/curl/curl/issues/1102
Reported-by: afrind@users.noreply.github.com
Assisted-by: Tatsuhiro Tsujikawa
2016-11-16 17:35:11 -05:00
Daniel Stenberg
342aa4797e
cmdline-docs: more conversion
2016-11-16 15:15:57 +01:00
Daniel Stenberg
c3c1e96185
gen: support 'protos'
...
and warn on unrecognized lines
2016-11-16 15:13:17 +01:00
Daniel Stenberg
5781e3653e
gen: support 'single' to make an individual page man page
2016-11-16 11:41:02 +01:00
Daniel Stenberg
41b1f649bf
cmdline-docs: more options converted over
2016-11-16 10:42:51 +01:00
Daniel Stenberg
81e61cda39
gen: support 'redirect'
...
... and warn for too long --help lines
2016-11-16 10:42:50 +01:00
Daniel Stenberg
1ef1f10cab
cmdline/gen: replace options in texts better
2016-11-16 08:23:36 +01:00
Jay Satiro
b65f79d9e8
http2: Fix address sanitizer memcpy warning
...
- In Curl_http2_switched don't call memcpy when src is NULL.
Curl_http2_switched can be called like:
Curl_http2_switched(conn, NULL, 0);
.. and prior to this change memcpy was then called like:
memcpy(dest, NULL, 0)
.. causing address sanitizer to warn:
http2.c:2057:3: runtime error: null pointer passed as argument 2, which
is declared to never be null
2016-11-16 02:16:10 -05:00
Jay Satiro
03d707fc5f
tool_help: Clarify --dump-header only writes received headers
2016-11-16 01:52:01 -05:00
Jay Satiro
7f439f1652
curl.1: Clarify --dump-header only writes received headers
2016-11-16 01:40:23 -05:00
Alex Chan
771f3f22dd
docs: Spelling fixes
2016-11-15 15:41:45 +01:00
Kamil Dudka
cfd69c1339
docs: the next release will be 7.52.0
2016-11-15 12:21:00 +01:00
Daniel Stenberg
b8c35f40f9
cmdline-opts: support generating the --help output
2016-11-15 09:08:50 +01:00
David Schweikert
7c9b9add6f
darwinssl: fix SSL client certificate not found on MacOS Sierra
...
Reviewed-by: Nick Zitzmann
Closes #1105
2016-11-15 08:41:32 +01:00
Daniel Stenberg
0744506cd2
curl: add --fail-early to help output
...
Fixes test 1139 failures
Follow-up to f82bbe01c8
2016-11-15 08:32:53 +01:00
Daniel Stenberg
8c630ef059
glob: fix [a-c] globbing regression
...
Brought in ee4f76606c
Added test case 1280 to verify
Reported-by: Dave Reisner
Bug: ee4f76606c (commitcomment-19823146)
2016-11-15 08:22:54 +01:00
Daniel Stenberg
f82bbe01c8
curl: add --fail-early
...
Exit with an error on the first transfer error instead of continuing to
do the rest of the URLs.
Discussion: https://curl.haxx.se/mail/archive-2016-11/0038.html
2016-11-14 08:35:40 +01:00
Daniel Stenberg
f682156a4f
Curl_rand: fixed and moved to rand.c
...
Now Curl_rand() is made to fail if it cannot get the necessary random
level.
Changed the proto of Curl_rand() slightly to provide a number of ints at
once.
Moved out from vtls, since it isn't a TLS function and vtls provides
Curl_ssl_random() for this to use.
Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-14 08:23:52 +01:00
Daniel Stenberg
050aa80309
cmdline-opts: first test version of a new man page generator kit
...
See MANPAGE.md for the description of how this works. Each command line
option is now described in a separate .d file.
2016-11-13 23:40:12 +01:00
Daniel Stenberg
ebf985c159
time_t fix: follow-up to de4de4e3c7
...
Blah, I accidentally wrote size_t instead of time_t for two variables.
Reported-by: Dave Reisner
2016-11-13 23:09:45 +01:00
Daniel Stenberg
de4de4e3c7
timeval: prefer time_t to hold seconds instead of long
...
... as long is still 32bit on modern 64bit windows machines, while
time_t is generally 64bit.
2016-11-12 13:32:21 +01:00
Dan Fandrich
56bb7b1a3c
tests: fixed variable might be clobbered warning
...
This stops the compiler from potentially making invalid assumptions
about the immutability of sdp and sap across the longjmp boundary.
2016-11-12 12:37:24 +01:00
Daniel Stenberg
ff662f1c3a
RELEASE-NOTES: synced with 346340808c
2016-11-12 00:09:35 +01:00
Daniel Stenberg
346340808c
URL-parser: for file://[host]/ URLs, the [host] must be localhost
...
Previously, the [host] part was just ignored which made libcurl accept
strange URLs misleading users. like "file://etc/passwd" which might've
looked like it refers to "/etc/passwd" but is just "/passwd" since the
"etc" is an ignored host name.
Reported-by: Mike Crowe
Assisted-by: Kamil Dudka
2016-11-11 17:14:45 +01:00
Daniel Stenberg
8c15e0de6f
test558: adapt to 0649433da
2016-11-11 15:32:07 +01:00
Daniel Stenberg
ddefc056b6
openssl: make sure to fail in the unlikely event that PRNG seeding fails
2016-11-11 14:16:31 +01:00
Daniel Stenberg
942c952db6
openssl: avoid unnecessary seeding if already done
...
1.1.0+ does more of this by itself so we can avoid extra processing this
way.
2016-11-11 13:54:16 +01:00
Daniel Stenberg
f9de7c405f
openssl: RAND_status always exists in OpenSSL >= 0.9.7
...
and remove RAND_screen from configure since nothing is using that
function
2016-11-11 13:44:09 +01:00
Daniel Stenberg
cbec00d914
Curl_pgrsUpdate: use dedicated function for time passed
2016-11-11 11:02:02 +01:00
Daniel Stenberg
0649433da5
realloc: use Curl_saferealloc to avoid common mistakes
...
Discussed: https://curl.haxx.se/mail/lib-2016-11/0087.html
2016-11-11 10:03:48 +01:00
Daniel Hwang
cdfda3ee82
curl: Add --retry-connrefused
...
to consider ECONNREFUSED as a transient error.
Closes #1064
2016-11-11 10:00:54 +01:00
Daniel Stenberg
ea80a2dcfc
openssl: raise the max_version to 1.3 if asked for
...
Now I've managed to negotiate TLS 1.3 with https://enabled.tls13.com/ when
using boringssl.
2016-11-10 11:16:25 +01:00
Jay Satiro
f43b7b6cb6
vtls: Fail on unrecognized param for CURLOPT_SSLVERSION
...
- Fix GnuTLS code for CURL_SSLVERSION_TLSv1_2 that broke when the
TLS 1.3 support was added in 6ad3add
.
- Homogenize across code for all backends the error message when TLS 1.3
is not available to "<backend>: TLS 1.3 is not yet supported".
- Return an error when a user-specified ssl version is unrecognized.
---
Prior to this change our code for some of the backends used the
'default' label in the switch statement (ie ver unrecognized) for
ssl.version and treated it the same as CURL_SSLVERSION_DEFAULT.
Bug: https://curl.haxx.se/mail/lib-2016-11/0048.html
Reported-by: Kamil Dudka
2016-11-09 22:08:49 -05:00
Isaac Boukris
46f906a1b0
SPNEGO: Fix memory leak when authentication fails
...
If SPNEGO fails, cleanup the negotiate handle right away.
Fixes #1115
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reported-by: ashman-p
2016-11-09 15:02:02 +01:00
Daniel Stenberg
1299df6868
CODE_STYLE.md: link to INTERNALS.md correctly
2016-11-09 09:56:13 +01:00
Daniel Stenberg
397abc8b44
bump: next version will be 7.52.0
2016-11-09 09:15:58 +01:00
Daniel Stenberg
de39e8973f
RELEASE-NOTES: synced with dfcdaaba37
2016-11-09 09:14:44 +01:00
Daniel Stenberg
dfcdaaba37
examples/fileupload.c: fclose the file as well
2016-11-08 23:00:43 +01:00
Daniel Stenberg
5dd1b65f79
printf: fix ".*f" handling
...
It would always use precision 1 instead of reading it from the argument
list as intended.
Reported-by: Ray Satiro
Bug: #1113
2016-11-08 15:30:33 +01:00
Daniel Stenberg
c2bc47ddb8
curl_formadd.3: *_FILECONTENT and *_FILE need the file to be kept
...
Reported-by: Frank Gevaerts
2016-11-08 15:28:04 +01:00
Kamil Dudka
5e6c04f913
nss: silence warning 'SSL_NEXT_PROTO_EARLY_VALUE not handled in switch'
...
... with nss-3.26.0 and newer
Reported-by: Daniel Stenberg
2016-11-07 15:40:32 +01:00
Daniel Stenberg
9e8b0a283f
openssl: initial TLS 1.3 adaptions
...
BoringSSL supports TLSv1.3 already, but these changes don't seem to be anough
to get it working.
2016-11-07 14:38:59 +01:00