Daniel Stenberg
ddefc056b6
openssl: make sure to fail in the unlikely event that PRNG seeding fails
2016-11-11 14:16:31 +01:00
Daniel Stenberg
942c952db6
openssl: avoid unnecessary seeding if already done
...
1.1.0+ does more of this by itself so we can avoid extra processing this
way.
2016-11-11 13:54:16 +01:00
Daniel Stenberg
f9de7c405f
openssl: RAND_status always exists in OpenSSL >= 0.9.7
...
and remove RAND_screen from configure since nothing is using that
function
2016-11-11 13:44:09 +01:00
Daniel Stenberg
cbec00d914
Curl_pgrsUpdate: use dedicated function for time passed
2016-11-11 11:02:02 +01:00
Daniel Stenberg
0649433da5
realloc: use Curl_saferealloc to avoid common mistakes
...
Discussed: https://curl.haxx.se/mail/lib-2016-11/0087.html
2016-11-11 10:03:48 +01:00
Daniel Hwang
cdfda3ee82
curl: Add --retry-connrefused
...
to consider ECONNREFUSED as a transient error.
Closes #1064
2016-11-11 10:00:54 +01:00
Daniel Stenberg
ea80a2dcfc
openssl: raise the max_version to 1.3 if asked for
...
Now I've managed to negotiate TLS 1.3 with https://enabled.tls13.com/ when
using boringssl.
2016-11-10 11:16:25 +01:00
Jay Satiro
f43b7b6cb6
vtls: Fail on unrecognized param for CURLOPT_SSLVERSION
...
- Fix GnuTLS code for CURL_SSLVERSION_TLSv1_2 that broke when the
TLS 1.3 support was added in 6ad3add
.
- Homogenize across code for all backends the error message when TLS 1.3
is not available to "<backend>: TLS 1.3 is not yet supported".
- Return an error when a user-specified ssl version is unrecognized.
---
Prior to this change our code for some of the backends used the
'default' label in the switch statement (ie ver unrecognized) for
ssl.version and treated it the same as CURL_SSLVERSION_DEFAULT.
Bug: https://curl.haxx.se/mail/lib-2016-11/0048.html
Reported-by: Kamil Dudka
2016-11-09 22:08:49 -05:00
Isaac Boukris
46f906a1b0
SPNEGO: Fix memory leak when authentication fails
...
If SPNEGO fails, cleanup the negotiate handle right away.
Fixes #1115
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reported-by: ashman-p
2016-11-09 15:02:02 +01:00
Daniel Stenberg
1299df6868
CODE_STYLE.md: link to INTERNALS.md correctly
2016-11-09 09:56:13 +01:00
Daniel Stenberg
397abc8b44
bump: next version will be 7.52.0
2016-11-09 09:15:58 +01:00
Daniel Stenberg
de39e8973f
RELEASE-NOTES: synced with dfcdaaba37
2016-11-09 09:14:44 +01:00
Daniel Stenberg
dfcdaaba37
examples/fileupload.c: fclose the file as well
2016-11-08 23:00:43 +01:00
Daniel Stenberg
5dd1b65f79
printf: fix ".*f" handling
...
It would always use precision 1 instead of reading it from the argument
list as intended.
Reported-by: Ray Satiro
Bug: #1113
2016-11-08 15:30:33 +01:00
Daniel Stenberg
c2bc47ddb8
curl_formadd.3: *_FILECONTENT and *_FILE need the file to be kept
...
Reported-by: Frank Gevaerts
2016-11-08 15:28:04 +01:00
Kamil Dudka
5e6c04f913
nss: silence warning 'SSL_NEXT_PROTO_EARLY_VALUE not handled in switch'
...
... with nss-3.26.0 and newer
Reported-by: Daniel Stenberg
2016-11-07 15:40:32 +01:00
Daniel Stenberg
9e8b0a283f
openssl: initial TLS 1.3 adaptions
...
BoringSSL supports TLSv1.3 already, but these changes don't seem to be anough
to get it working.
2016-11-07 14:38:59 +01:00
Daniel Stenberg
50aded1cd4
ssh: check md5 fingerprints case insensitively (regression)
...
Revert the change from ce8d09483e
but use the new function
Reported-by: Kamil Dudka
Bug: ce8d09483e (commitcomment-19666146)
2016-11-07 12:54:40 +01:00
Kamil Dudka
a110a03b43
curl: introduce the --tlsv1.3 option to force TLS 1.3
...
Fully implemented with the NSS backend only for now.
Reviewed-by: Ray Satiro
2016-11-07 12:07:11 +01:00
Kamil Dudka
6ad3add606
vtls: support TLS 1.3 via CURL_SSLVERSION_TLSv1_3
...
Fully implemented with the NSS backend only for now.
Reviewed-by: Ray Satiro
2016-11-07 11:52:07 +01:00
Kamil Dudka
5d45ced7a4
nss: map CURL_SSLVERSION_DEFAULT to NSS default
...
... but make sure we use at least TLSv1.0 according to libcurl API
Reported-by: Cure53
Reviewed-by: Ray Satiro
2016-11-07 11:51:33 +01:00
Daniel Stenberg
27302abb94
s/cURL/curl
...
We're mostly saying just "curl" in lower case these days so here's a big
cleanup to adapt to this reality. A few instances are left as the
project could still formally be considered called cURL.
2016-11-07 10:36:23 +01:00
Tatsuhiro Tsujikawa
0269f6446d
http2: Don't send header fields prohibited by HTTP/2 spec
...
Previously, we just ignored "Connection" header field. But HTTP/2
specification actually prohibits few more header fields. This commit
ignores all of them so that we don't send these bad header fields.
Bug: https://curl.haxx.se/mail/archive-2016-10/0033.html
Reported-by: Ricki Hirner
Closes https://github.com/curl/curl/pull/1092
2016-11-07 03:20:21 -05:00
Daniel Stenberg
677d8b3fec
curl.1: explain the SMTP data expected for -T
...
Fixes #1107
Reported-by: Adam Piggott
2016-11-07 08:33:02 +01:00
Peter Wu
6aa9cfa2b9
cmake: disable poll for macOS
...
Mirrors the autotools behavior introduced with curl-7_50_3-83-ga34c7ce.
Fixes #1089
2016-11-06 15:16:52 +01:00
Jay Satiro
4564636781
easy: Initialize info variables on easy init and duphandle
...
- Call Curl_initinfo on init and duphandle.
Prior to this change the statistical and informational variables were
simply zeroed by calloc on easy init and duphandle. While zero is the
correct default value for almost all info variables, there is one where
it isn't (filetime initializes to -1).
Bug: https://github.com/curl/curl/issues/1103
Reported-by: Neal Poole
2016-11-05 23:06:28 -04:00
Mauro Rappa
ebeffe81d8
curl -w: added more decimal digits to timing counters
...
Now showing microsecond resolution.
Closes #1106
2016-11-05 12:50:15 +01:00
Jakub Zakrzewski
8ed52bde06
dist: add CMakeLists.txt to the tarball
2016-11-04 20:21:48 +01:00
Daniel Stenberg
9ea3a6e150
mbedtls: fix build with mbedtls versions < 2.4.0
...
Regression added in 62a8095e71
Reported-by: Tony Kelman
Discussed in #1087
2016-11-04 11:14:15 +01:00
Daniel Stenberg
6724242cf1
configure: verify that compiler groks -Werror=partial-availability
...
Reported-by: bemoody
Fixes #1104
2016-11-03 23:37:59 +01:00
Daniel Stenberg
c8e6e60b40
docs: shorten and simplify the top comment in multi-uv.c
...
and change URL to use https
2016-11-03 12:44:38 +01:00
Andrei Sedoi
82b6fd4112
docs: handle CURL_POLL_INOUT in multi-uv example
2016-11-03 12:32:14 +01:00
Andrei Sedoi
e6882ce484
docs: multi-uv: don't use CURLMsg after cleanup
2016-11-03 12:32:14 +01:00
Andrei Sedoi
b1aeed302d
docs: remove unused variables in multi-uv example
2016-11-03 12:32:14 +01:00
Daniel Stenberg
71cfce9ce7
bump: start working on 7.51.1
2016-11-03 10:08:26 +01:00
Daniel Stenberg
d7e5f18279
winbuild: remove strcase.obj from curl build
...
Reported-by: Bruce Stephens
Fixes #1098
2016-11-02 14:45:24 +01:00
Dan Fandrich
788b319dfe
msvc: removed a straggling reference to strequal.c
...
Follow-up to 502acba2
2016-11-02 09:15:02 +01:00
Daniel Stenberg
3c561c657c
THANKS: synced with 7.51.0
2016-11-02 07:34:06 +01:00
Daniel Stenberg
1fe755f99d
RELEASE-NOTES: 7.51.0
2016-11-02 07:34:06 +01:00
Daniel Stenberg
f81a836461
ftp_done: don't clobber the passed in error code
...
Coverity CID 1374359 pointed out the unused result value.
2016-11-02 07:22:27 +01:00
Daniel Stenberg
3c6c2bcd5a
ftp: remove dead code in ftp_done
...
Coverity CID 1374358
2016-11-02 07:18:24 +01:00
Jay Satiro
0e727979a5
generate.bat: Include include/curl in libcurl VS projects
...
.. because including those headers helps Visual Studio's Intellisense.
2016-11-01 21:31:10 -04:00
Jay Satiro
ee96ffa2a4
generate.bat: Remove strcase.[ch] from curl tool VS projects
...
..because they're no longer needed in the tool build. strcase is still
built by the libcurl project and exports curl_str(n)equal which is used
by the curl tool.
Bug: https://github.com/curl/curl/commit/9363f1a#all_commit_comments
2016-11-01 21:29:44 -04:00
Daniel Stenberg
6b52b7eb2b
metalink: simplify the hex parsing function
...
... and now it avoids using the libcurl toupper() function
2016-11-02 00:31:49 +01:00
Michael Kaufmann
f9e51fb55d
file: fix compiler warning
...
follow-up to 46133aa5
2016-11-01 20:40:26 +01:00
Dan Fandrich
e44bfc7664
strcase: fixed Metalink builds by redefining checkprefix()
...
...to use the public function curl_strnequal(). This isn't ideal because
it adds extra overhead to any internal calls to checkprefix.
follow-up to 95bd2b3e
2016-11-01 11:44:11 +01:00
Daniel Stenberg
e5c49b9e69
curl.1: typo
2016-11-01 10:27:40 +01:00
Daniel Stenberg
b744950f43
curl.1: expand on how multiple uses of -o looks
...
Suggested-by: Dan Jacobson
Issue: https://github.com/curl/curl/issues/1097
2016-11-01 10:24:49 +01:00
Daniel Stenberg
07b95ea268
tests/util: get a private strncasecompare clone
...
... since the curlx_* code no longer provides one and we don't link
libcurl to these test servers.
2016-10-31 23:49:54 +01:00
Daniel Stenberg
95bd2b3e7f
strcase: make the tool use curl_str[n]equal instead
...
As they are after all part of the public API. Saves space and reduces
complexity. Remove the strcase defines from the curlx_ family.
Suggested-by: Dan Fandrich
Idea: https://curl.haxx.se/mail/lib-2016-10/0136.html
2016-10-31 21:51:19 +01:00