Just remove the redundant condition, which also makes it clear that
k->buf is always 0-terminated if this break is not hit.
Closes https://github.com/curl/curl/pull/3732
- Fix clang string-plus-int warning.
Clang 8 warns about adding a string to an int does not append to the
string. Indeed it doesn't, but that was not the intention either. Use
array indexing as suggested to silence the warning. There should be no
functional changes.
(In other words clang warns about "foo"+2 but not &"foo"[2] so use the
latter.)
smtp.c:1221:29: warning: adding 'int' to a string does not append to the
string [-Wstring-plus-int]
eob = strdup(SMTP_EOB + 2);
~~~~~~~~~~~~~~~~^~~~
Closes https://github.com/curl/curl/pull/3729
All Windows APIs have been natively UTF-16 since Windows 2000 and the
non-Unicode variants are just wrappers around them. Only Windows 9x
doesn't understand Unicode without the UnicoWS DLL. As later Visual
Studio versions cannot target Windows 9x anyway, using the ANSI API
doesn't really have any benefit there.
This avoids issues like KNOWN_BUGS 6.5.
Ref: https://github.com/curl/curl/issues/2120
Closes https://github.com/curl/curl/pull/3720
OAUTHBEARER tokens were incorrectly generated in a format similar to
XOAUTH2 tokens. These changes make OAUTHBEARER tokens conform to the
RFC7628.
Fixes: #2487
Reported-by: Paolo Mossino
Closes https://github.com/curl/curl/pull/3377
Commit f5bc578f4c reintroduced the
warning fixed in commit 2f5f31bb57.
Extend fhnd's scope and reuse that variable instead of calling
_get_osfhandle a second time to fix the warning again.
Closes https://github.com/curl/curl/pull/3718
- Improve console detection.
Prior to this change WriteConsole could be called to write to a handle
that may not be a console, which would cause an error. This issue is
limited to character devices that are not also consoles such as the null
device NUL.
Bug: https://github.com/curl/curl/issues/3175#issuecomment-439068724
Reported-by: Gisle Vanem
The threaded-shared-conn.c example turned into test case. Only works if
pthread was detected.
An attempt to detect future regressions such as e3a53e3efbCloses#3687
- make sure an already "owned" connection isn't returned unless
multiplexed.
- clear ->data when returning the connection to the cache again
Regression since 7.62.0 (probably in commit 1b76c38904)
Bug: https://curl.haxx.se/mail/lib-2019-03/0064.htmlCloses#3686
AmiSSL is an Amiga native library which provides a wrapper over OpenSSL.
It also requires all programs using it to use bsdsocket.library
directly, rather than accessing socket functions through clib, which
libcurl was not necessarily doing previously. Configure will now check
for the headers and ensure they are included if found.
Closes#3677
* Adjusted unit tests 2056, 2057
* do not generally close connections with CURLAUTH_NEGOTIATE after every request
* moved negotiatedata from UrlState to connectdata
* Added stream rewind logic for CURLAUTH_NEGOTIATE
* introduced negotiatedata::GSS_AUTHDONE and negotiatedata::GSS_AUTHSUCC
* Consider authproblem state for CURLAUTH_NEGOTIATE
* Consider reuse_forbid for CURLAUTH_NEGOTIATE
* moved and adjusted negotiate authentication state handling from
output_auth_headers into Curl_output_negotiate
* Curl_output_negotiate: ensure auth done is always set
* Curl_output_negotiate: Set auth done also if result code is
GSS_S_CONTINUE_NEEDED/SEC_I_CONTINUE_NEEDED as this result code may
also indicate the last challenge request (only works with disabled
Expect: 100-continue and CURLOPT_KEEP_SENDING_ON_ERROR -> 1)
* Consider "Persistent-Auth" header, detect if not present;
Reset/Cleanup negotiate after authentication if no persistent
authentication
* apply changes introduced with #2546 for negotiate rewind logic
Fixes#1261Closes#1975
The check that prevents payload from sending in case of authentication
doesn't check properly if the authentication is done or not.
They're cases where the proxy respond "200 OK" before sending
authentication challenge. This change takes care of that.
Fixes#2431Closes#3669
Coverity warned for two potentional "Use after free" cases. Both are false
positives because the memory wasn't used, it was only the actual pointer
value that was logged.
The fix still changes the order of execution to avoid the warnings.
Coverity CID 1443033 and 1443034
Closes#3671
For the Linux builds, GCC 8 and 7 and clang 7 were installed, but the
new GCC versions were only used for the coverage build and for building
nghttp2, while the new clang version was not used at all.
BoringSSL needs to use the default GCC as it respects CC, but not CXX,
so it would otherwise pass gcc 8 options to g++ 4.8 and fail.
Also remove GCC 7, it's not needed anymore.
Ref: https://docs.travis-ci.com/user/languages/c/#c11c11-and-beyond-and-toolchain-versioning
Closes https://github.com/curl/curl/pull/3670
.. and for Windows also call WSACleanup since we call WSAStartup.
The example is to demonstrate handling the socket independently of
libcurl. In this case libcurl is not responsible for creating, opening
or closing the socket, it is handled by the application (our example).
Fixes https://github.com/curl/curl/pull/3663