The push headers are freed after the push callback has been invoked,
meaning this code should only free the headers if the callback was never
invoked and thus the headers weren't freed at that time.
Reported-by: Davey Shafik
According to RFC7628 a failure message may be sent by the server in a
base64 encoded JSON string as a continuation response.
Currently only implemented for OAUTHBEARER and not XAUTH2.
OAUTHBEARER is now the official "registered" SASL mechanism name for
OAuth 2.0. However, we don't want to drop support for XOAUTH2 as some
servers won't support the new mechanism yet.
They tend to never get updated anyway so they're frequently inaccurate
and we never go back to revisit them anyway. We document issues to work
on properly in KNOWN_BUGS and TODO instead.
Following the fix in commit d6d58dd558 it is necessary to re-introduce
XOAUTH2 in the default enabled authentication mechanism, which was
removed in commit 7b2012f262, otherwise users will have to specify
AUTH=XOAUTH2 in the URL.
Note: OAuth 2.0 will only be used when the bearer is specified.
Regression from commit 9e8ced9890 which meant if --oauth2-bearer was
specified but the SASL mechanism wasn't supported by the server then
the mechanism would be chosen.
Added support to the OAuth 2.0 message function for host and port, in
order to accommodate the official OAUTHBEARER SASL mechanism which is
to be added shortly.
The curl_config.h file can be generated either from curl_config.h.cmake
or curl_config.h.in, depending on whether you're building using CMake or
the autotools. The CMake template header doesn't include entries for
all of the protocols that you can disable, which (I think) means that
you can't actually disable those protocols when building via CMake.
Closes#523
BoringSSL implements `BIO_get_mem_data` as a function, instead of a
macro, and expects the output pointer to be a `char **`. We have to add
an explicit cast to grab the pointer as a `const char **`.
Closes#524
- Set user info param to the socket returned by Curl_getconnectinfo,
regardless of if the socket is bad. Effectively this means the user info
param now will receive CURL_SOCKET_BAD instead of -1 on bad socket.
- Remove incorrect comments.
CURLINFO_ACTIVESOCKET is documented to write CURL_SOCKET_BAD to user
info param but prior to this change it wrote -1.
Bug: https://github.com/bagder/curl/pull/518
Reported-by: Marcel Raad
Rationale: when starting up a curl-using app, all cookies from the jar
are checked against each other. This was causing a startup delay in the
Fifth browser.
All tests pass.
Signed-off-by: Lauri Kasanen <cand@gmx.com>
Apparently there are sites out there that do redirects to URLs they
provide in plain UTF-8 or similar. Browsers and wget %-encode such
headers when doing a subsequent request. Now libcurl does too.
Added test 1138 to verify.
Closes#473
Fixes a name space pollution at the cost of programs using one of these
defines will no longer compile. However, the vast majority of libcurl
programs that do multipart formposts use curl_formadd() to build this
list.
Closes#506
This reverts commit 370ee919b3.
Issue #509 has all the details but it was confirmed that the crash was
not due to this, so the previous commit was wrong.
