For IP addresses in the subject alternative name field, the length
of the IP address (and hence the number of bytes to perform a
memcmp on) is incorrectly calculated to be zero. The code previously
subtracted q from name.end. where in a successful case q = name.end
and therefore addrlen equalled 0. The change modifies the code to
subtract name.beg from name.end to calculate the length correctly.
The issue only affects libcurl with GSKit SSL, not other SSL backends.
The issue is not a security issue as IP verification would always fail.
Fixes#3102Closes#3141
Commit 57348eb97d added support for the
MesaLink vtls backend, but missed updating the TLS section containing
supported backends in the docs.
Closes#3134
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
As done in the autotools build. This is required for MinGW, which
supports only %I64 for printing 64-bit values, but warns about it.
Closes https://github.com/curl/curl/pull/3120
Classic MinGW has neither InitializeCriticalSectionEx nor
GetTickCount64, independent of the target Windows version.
Closes https://github.com/curl/curl/pull/3113
Now FILE transfers send headers to the header callback like HTTP and
other protocols. Also made curl_easy_getinfo(...CURLINFO_PROTOCOL...)
work for FILE in the callbacks.
Makes "curl -i file://.." and "curl -I file://.." work like before
again. Applied the bold header logic to them too.
Regression from c1c2762 (7.61.0)
Reported-by: Shaun Jackman
Fixes#3083Closes#3101
In case a very small buffer was passed to the version function, it could
result in the buffer not being NULL-terminated since strncpy() doesn't
guarantee a terminator on an overflowed buffer. Rather than adding code
to terminate (and handle zero-sized buffers), move to using snprintf()
instead like all the other vtls backends.
Closes#3105
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Reviewed-by: Viktor Szakats <commit@vszakats.net>
The LD_PRELOAD functionality doesn't exist on macOS, so skip any tests
requiring it.
Fixes#2394Closes#3106
Reported-by: Github user @jakirkham
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
This adds Visual Studio 9 and 10 builds.
There's no 64-bit VC9 compiler on AppVeyor, so use it as the Win32
build. Also, VC9 cannot be used for running the test suite.
Closes https://github.com/curl/curl/pull/3104
To make it only send one DoH request and avoid the race condition that
could lead to the requests getting sent in reversed order and thus
making it hard to compare in the test case.
Fixes#3107Closes#3108
The parameter reference <string> was causing rendering issues in the
generated HTML page, as <string> isn't a valid HTML tag. Fix by back-
tick escaping it.
Closes#3099
Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
If a !checksrc! disable command specified to ignore zero errors, it was
still added to the ignore block even though nothing was ignored. While
there were no blocks ignored that shouldn't be ignored, the processing
ended with with a warning:
<filename>:<line>:<col>: warning: Unused ignore: LONGLINE (UNUSEDIGNORE)
/* !checksrc! disable LONGLINE 0 */
^
Fix by instead treating a zero ignore as a a badcommand and throw a
warning for that one.
Closes#3096
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Enable strict and warnings mode for checksrc to ensure we aren't missing
anything due to bugs in the checking code. This uncovered a few things
which are all fixed in this commit:
* several variables were used uninitialized
* several variables were not defined in the correct scope
* the whitelist filehandle was read even if the file didn't exist
* the enable_warn() call when a disable counter had expired was passing
incorrect variables, but since the checkwarn() call is unlikely to hit
(the counter is only decremented to zero on actual ignores) it didn't
manifest a problem.
Closes#3090
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
