for GnuTLS, BearSSL, mbedTLS, NSS, SChannnel, Secure Transport and
wolfSSL...
Regression since 88dd1a8a11 (shipped in 7.76.0)
Reported-by: Kenneth Davidson
Reported-by: romamik om github
Fixes#6825Closes#6827
- Define Curl_resolver_error function only when USE_CURL_ASYNC.
Prior to this change building curl without an asynchronous resolver
backend (c-ares or threaded) and without DoH (DNS-over-HTTPS, which is
also asynchronous but independent of resolver backend) would cause a
build error since Curl_resolver_error is called by and evaluates
variables only available in asynchronous builds.
Reported-by: Benbuck Nason
Fixes https://github.com/curl/curl/issues/6831
Closes https://github.com/curl/curl/pull/6832
Avoid enabling NTLM feature based upon Windows SSPI
being enabled in case that crypto auth is disabled.
Reported-by: Marcel Raad
Follow-up to #6277Fixes#6803Closes#6808
By making sure never to send off more than the allowed number of bytes
per second the speed limit logic is given more room to actually work.
Reported-by: Fabian Keil
Bug: https://curl.se/mail/lib-2021-03/0042.htmlCloses#6797
Both were used for the same purposes and there was no logical separation
between them. Combined, this also saves 16 bytes in less holes in my
test build.
Closes#6798
- Add description: Explain that some options aren't inherited because
they are not relevant for the DoH SSL connections or may result in
unexpected behavior.
- Remove the reference to #4578 (SSL verify options not inherited) since
that was fixed by #6597 (separate DoH-specific options for verify).
- Explain that DoH-specific options (those created by #6597) are
available: CURLOPT_DOH_SSL_VERIFYHOST, CURLOPT_DOH_SSL_VERIFYPEER and
CURLOPT_DOH_SSL_VERIFYSTATUS.
- Add a reference to #6605 and explain that the user's debug function is
not inherited because it would be unexpected to pass internal handles
(ie DoH handles) to the user's callback.
Closes https://github.com/curl/curl/issues/6605
Otherwise libcurl is likely to reuse the connection again in the next
attempt since the connection reuse logic doesn't take downgrades into
account.
Reported-by: Anthony Ramine
Fixes#6788Closes#6793
Otherwise, the transfer will be NULL in the trace function when the
early handshake details arrive and then curl won't show them.
Regresssion in 7.75.0
Reported-by: David Hu
Fixes#6783Closes#6792
Instead of clearing the callback argument in disconnect, set it to the
(new) transfer to make sure the correct data is passed to the callbacks.
Follow-up to e467ea3bd9
Assisted-by: Patrick Monnerat
Closes#6787
After the recent conn/data refactor in this source file, this function
was mistakenly still getting the old struct pointer which would lead to
crash on servers with keyboard-interactive auth enabled.
Follow-up to a304051620 (shipped in 7.75.0)
Reported-by: Christian Schmitz
Fixes#6691Closes#6782
To make sure the Host: header and the URL provide the same authority
portion when sent to the proxy, strip the default port number from the
URL if one was provided.
Reported-by: Michael Brown
Fixes#6769Closes#6778
If libssh2_knownhost_init() returns NULL, like in an OOM situation, the
ssh session was freed but the pointer wasn't cleared which made libcurl
later call libssh2 to cleanup using the stale pointer.
Fixes#6764Closes#6766
This also pins a specific release in the Travis test so future
API-breaking changins in crustls won't break curl builds.
Add RUSTLS documentation to release tarball.
Enable running tests for rustls, minus FTP tests (require
connect_blocking, which rustls doesn't implement) and 313 (requires CRL
handling).
Closes#6763
If we get a close_notify, treat that as EOF. If we get an EOF from the
TCP stream, treat that as an error (because we should have ended the
connection earlier, when we got a close_notify).
Closes#6763
