Daniel Gustafsson
68348461dc
openssl: make 'done' a proper boolean
...
Closes #3176
2018-10-26 13:51:25 +02:00
Daniel Stenberg
ebfe02f73c
gtls: Values stored to but never read
...
Detected by clang-tidy
Closes #3176
2018-10-26 13:51:07 +02:00
Alexey Eremikhin
bbce45fb00
curl.1: --ipv6 mutexes ipv4 (fixed typo)
...
Fixes #3171
Closes #3172
2018-10-26 08:45:08 +02:00
Daniel Stenberg
ae925ddcc3
tool_main: make TerminalSettings static
...
Reported-by: Gisle Vanem
Bug: becfe1233f (commitcomment-31008819)
Closes #3161
2018-10-26 00:59:50 +02:00
Daniel Stenberg
abfdf6a0b7
curl-config.in: remove dependency on bc
...
Reported-by: Dima Pasechnik
Fixes #3143
Closes #3174
2018-10-26 00:06:19 +02:00
Gisle Vanem
639d052e44
rtmp: fix for compiling with lwIP
...
Compiling on _WIN32 and with USE_LWIPSOCK, causes this error:
curl_rtmp.c(223,3): error: use of undeclared identifier 'setsockopt'
setsockopt(r->m_sb.sb_socket, SOL_SOCKET, SO_RCVTIMEO,
^
curl_rtmp.c(41,32): note: expanded from macro 'setsockopt'
#define setsockopt(a,b,c,d,e) (setsockopt)(a,b,c,(const char *)d,(int)e)
^
Closes #3155
2018-10-26 00:04:02 +02:00
Daniel Stenberg
25d287d1e5
configure: remove CURL_CONFIGURE_CURL_SOCKLEN_T
...
Follow-up to #3166 which did the cmake part of this. This type/define is
not used.
Closes #3168
2018-10-25 13:18:23 +02:00
Ruslan Baratov
b04e624038
cmake: remove unused variables
...
Remove variables:
* HAVE_SOCKLEN_T
* CURL_SIZEOF_CURL_SOCKLEN_T
* CURL_TYPEOF_CURL_SOCKLEN_T
Closes #3166
2018-10-25 13:18:23 +02:00
Michael Kaufmann
daabc91581
urldata: Fix comment in header
...
The "connecting" function is used by multiple protocols, not only FTP
2018-10-25 13:04:03 +02:00
Michael Kaufmann
d48e6b7f95
netrc: free temporary strings if memory allocation fails
...
- Change the inout parameters after all needed memory has been
allocated. Do not change them if something goes wrong.
- Free the allocated temporary strings if strdup() fails.
Closes #3122
2018-10-25 12:54:55 +02:00
Ruslan Baratov
4f2541f975
config: Remove unused SIZEOF_VOIDP
...
Closes #3162
2018-10-24 11:20:57 +02:00
Daniel Stenberg
eecfe974b7
RELEASE-NOTES: synced
2018-10-24 09:22:18 +02:00
Gisle Vanem
eda0998894
Fix for compiling with lwIP (3)
...
lwIP on Windows does not have a WSAIoctl() function.
But it do have a SO_SNDBUF option to lwip_setsockopt(). But it currently does nothing.
2018-10-23 12:55:07 +02:00
Daniel Stenberg
6535b9303d
Curl_follow: return better errors on URL problems
...
... by making the converter function global and accessible.
Closes #3153
2018-10-23 11:43:41 +02:00
Daniel Stenberg
ca10fae6fc
Curl_follow: remove remaining free(newurl)
...
Follow-up to 05564e750e
. This function no longer frees the passed-in
URL.
Reported-by: Michael Kaufmann
Bug: 05564e750e (commitcomm)
ent-30985666
2018-10-23 11:43:41 +02:00
Daniel Gustafsson
06d8f16b87
headers: end all headers with guard comment
...
Most headerfiles end with a /* <headerguard> */ comment, but it was
missing from some. The comment isn't the most important part of our
code documentation but consistency has an intrinsic value in itself.
This adds header guard comments to the files that were lacking it.
Closes #3158
Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-23 10:02:24 +02:00
Jay Satiro
a023dfa19a
CIPHERS.md: Mention the options used to set TLS 1.3 ciphers
...
Closes https://github.com/curl/curl/pull/3159
2018-10-23 03:37:37 -04:00
Daniel Stenberg
db1338474c
docs/BUG-BOUNTY: the sponsors actually decide the amount
...
Retract the previous approach as the sponsors will be the ones to set the
final amounts.
Closes #3152
[ci skip]
2018-10-20 12:07:52 +02:00
Daniel Stenberg
05564e750e
multi: avoid double-free
...
Curl_follow() no longer frees the string. Make sure it happens in the
caller function, like we normally handle allocations.
This bug was introduced with the use of the URL API internally, it has
never been in a release version
Reported-by: Dario Weißer
Closes #3149
2018-10-19 15:29:31 +02:00
Daniel Stenberg
8a49f91d32
multi: make the closure handle "inherit" CURLOPT_NOSIGNAL
...
Otherwise, closing that handle can still cause surprises!
Reported-by: Martin Ankerl
Fixes #3138
Closes #3147
2018-10-19 11:03:17 +02:00
Marcel Raad
e693a15722
VS projects: add USE_IPV6
...
The Visual Studio builds didn't use IPv6. Add it to all projects since
Visual Studio 2008, which is verified to build via AppVeyor.
Closes https://github.com/curl/curl/pull/3137
2018-10-19 09:23:15 +02:00
Marcel Raad
abebb2b893
config_win32: enable LDAPS
...
As done in the autotools and CMake builds by default.
Closes https://github.com/curl/curl/pull/3137
2018-10-19 09:23:14 +02:00
Daniel Stenberg
ad547fcf7b
travis: add build for "configure --disable-verbose"
...
Closes #3144
2018-10-18 14:51:49 +02:00
Kamil Dudka
6b6ba1dc29
tool_cb_hdr: handle failure of rename()
...
Detected by Coverity.
Closes #3140
Reviewed-by: Jay Satiro
2018-10-17 09:15:05 +02:00
Daniel Stenberg
21ac06888f
RELEASE-NOTES: synced
2018-10-17 08:17:04 +02:00
Daniel Stenberg
1a0cf36fbf
docs/SECURITY-PROCESS: the hackerone IBB program drops curl
...
... now there's only BountyGraph.
2018-10-17 08:02:37 +02:00
Matthew Whitehead
df54b14fb7
x509asn1: Fix SAN IP address verification
...
For IP addresses in the subject alternative name field, the length
of the IP address (and hence the number of bytes to perform a
memcmp on) is incorrectly calculated to be zero. The code previously
subtracted q from name.end. where in a successful case q = name.end
and therefore addrlen equalled 0. The change modifies the code to
subtract name.beg from name.end to calculate the length correctly.
The issue only affects libcurl with GSKit SSL, not other SSL backends.
The issue is not a security issue as IP verification would always fail.
Fixes #3102
Closes #3141
2018-10-16 03:52:47 -04:00
Daniel Gustafsson
03186b1187
INSTALL: mention mesalink in TLS section
...
Commit 57348eb97d
added support for the
MesaLink vtls backend, but missed updating the TLS section containing
supported backends in the docs.
Closes #3134
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-15 09:15:23 +02:00
Marcel Raad
6c413648ec
nonblock: fix unused parameter warning
...
If USE_BLOCKING_SOCKETS is defined, curlx_nonblock's arguments are not
used.
2018-10-14 21:07:45 +02:00
Michael Kaufmann
6afe70a00b
Curl_follow: Always free the passed new URL
...
Closes #3124
2018-10-13 13:18:51 +02:00
Viktor Szakats
3455b4b374
replace rawgit links [ci skip]
...
Ref: https://rawgit.com/ "RawGit has reached the end of its useful life"
Ref: https://news.ycombinator.com/item?id=18202481
Closes https://github.com/curl/curl/pull/3131
2018-10-12 21:04:37 +00:00
Daniel Stenberg
aaab08311b
docs/BUG-BOUNTY.md: for vulns published since Aug 1st 2018
...
[ci skip]
2018-10-12 09:12:44 +02:00
Daniel Stenberg
a47a264492
travis: make distcheck scan for BOM markers
...
and remove BOM from projects/wolfssl_override.props
Closes #3126
2018-10-12 08:49:31 +02:00
Marcel Raad
97cde94043
CMake: remove BOM
...
Accidentally aded in commit 1bb86057ff
.
Reported-by: Viktor Szakats
Ref: https://github.com/curl/curl/pull/3120#issuecomment-428673136
2018-10-11 09:15:24 +02:00
Daniel Gustafsson
12d833fa1e
transfer: fix typo in comment
2018-10-10 23:50:13 +02:00
Michael Kaufmann
d275c18c2a
docs: add "see also" links for SSL options
...
- link TLS 1.2 and TLS 1.3 options
- link proxy and non-proxy options
Closes #3121
2018-10-10 22:23:11 +02:00
Marcel Raad
12dde22b4c
AppVeyor: remove BDIR variable that sneaked in again
...
Removed in ae762e1abe
, accidentally added
again in 9f3be5672d
.
2018-10-10 21:57:42 +02:00
Marcel Raad
1bb86057ff
CMake: disable -Wpedantic-ms-format
...
As done in the autotools build. This is required for MinGW, which
supports only %I64 for printing 64-bit values, but warns about it.
Closes https://github.com/curl/curl/pull/3120
2018-10-10 17:29:58 +02:00
Viktor Szakats
e13f023777
ldap: show precise LDAP call in error message on Windows
...
Also add a unique but common text ('bind via') to make it
easy to grep this specific failure regardless of platform.
Ref: https://github.com/curl/curl/pull/878/files#diff-7a636f08047c4edb53a240f540b4ecf6R468
Closes https://github.com/curl/curl/pull/3118
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
2018-10-09 15:05:35 +00:00
Daniel Stenberg
7da100010a
docs/DEPRECATE: minor reformat to render nicer on web
2018-10-09 10:06:04 +02:00
Daniel Gustafsson
4bc86270e1
CURLOPT_SSL_VERIFYSTATUS: Fix typo
...
Changes s/OSCP/OCSP/ and bumps the copyright year due to the change.
2018-10-09 09:47:40 +02:00
Marcel Raad
673795f814
curl_setup: define NOGDI on Windows
...
This avoids an ERROR macro clash between <wingdi.h> and <arpa/tftp.h>
on MinGW.
Closes https://github.com/curl/curl/pull/3113
2018-10-09 08:33:53 +02:00
Marcel Raad
940e1c1e74
Windows: fixes for MinGW targeting Windows Vista
...
Classic MinGW has neither InitializeCriticalSectionEx nor
GetTickCount64, independent of the target Windows version.
Closes https://github.com/curl/curl/pull/3113
2018-10-09 08:33:45 +02:00
Daniel Stenberg
6450a55721
TODO: fixed 'API for URL parsing/splitting'
2018-10-08 23:35:55 +02:00
Daniel Gustafsson
238494fc81
KNOWN_BUGS: Fix various typos
...
Closes #3112
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-08 22:59:37 +02:00
Viktor Szakats
ff9d7f4447
spelling fixes [ci skip]
...
as detected by codespell 1.14.0
Closes https://github.com/curl/curl/pull/3114
Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
2018-10-08 19:37:40 +00:00
Daniel Stenberg
82e40afe87
RELEASE-NOTES: synced
2018-10-08 15:03:21 +02:00
Daniel Stenberg
2ece5e3001
curl_ntlm_wb: check aprintf() return codes
...
... when they return NULL we're out of memory and MUST return failure.
closes #3111
2018-10-08 12:06:33 +02:00
Daniel Stenberg
af500e9378
docs/BUG-BOUNTY: proposed additional docs
...
Bug bounty explainer. See https://bountygraph.com/programs/curl
Closes #3067
2018-10-08 08:45:58 +02:00
Rick Deist
3349a633b8
hostip: fix check on Curl_shuffle_addr return value
...
Closes #3110
2018-10-08 08:39:24 +02:00