When doing HTTP authentication and a port number set with CURLOPT_PORT,
the code would previously have the URL's port number override as if it
had been a redirect to an absolute URL.
Added test 1568 to verify.
Reported-by: UrsusArctos on github
Fixes#6397Closes#6400
We currently use both spellings the british "behaviour" and the american
"behavior". However "behavior" is more used in the project so I think
it's worth dropping the british name.
Closes#6395
Extend the syntax of CURLOPT_RESOLVE strings: allow using a '+' prefix
(similar to the existing '-' prefix for removing entries) to add
DNS cache entries that will time out just like entries that are added
by libcurl itself.
Append " (non-permanent)" to info log message in case a non-permanent
entry is added.
Adjust relevant comments to reflect the new behavior.
Adjust documentation.
Extend unit1607 to test the new functionality.
Closes#6294
This option sets the (octal) mode to use for the remote file when one is
created, using the SFTP, SCP or FILE protocols. When not set, the
default is 0644.
Closes#6244
Use -v as the first option to enable verbose mode which will show source
input, extracted symbol and line info. For example:
Source: ./../include/curl/typecheck-gcc.h
Symbol: curlcheck_socket_info(info)
Line #423: #define curlcheck_socket_info(info) \
Ref: https://curl.se/mail/lib-2020-12/0084.html
Closes https://github.com/curl/curl/pull/6349
When the initial request isn't possible to send in its entirety, the
remainder of request would be delivered to the debug callback as data
and would wrongly be counted internally as body-bytes sent.
Extended test 1295 to verify.
Closes#6328
... to make tests run differently or expect different results depending
on what features that are present or not in curl.
Bonus: initial minor 'Hyper' awareness but nothing is using that yet
Closes#6304
The command line tool also independently sets --ftp-skip-pasv-ip by
default.
Ten test cases updated to adapt the modified --libcurl output.
Bug: https://curl.se/docs/CVE-2020-8284.html
CVE-2020-8284
Reported-by: Varnavas Papaioannou
... as it makes the URL parser accept "very-long-hostname://" as a valid
host name and we don't want that. The parser now only accepts a blank
(no digits) after the colon if the URL starts with a scheme.
Reported-by: d4d on hackerone
Closes#6283
Backporting the Python 3 implementation of setStream
to ClosingFileHandler as a fallback within Python 2.
Reported-by: Jay Satiro
Fixes#6259Closes#6270
Commit c353207 removed the closing right after do_tftp
which covered the case of abort. This handles that case.
Reviewed-by: Jay Satiro
Reviewed-by: Daniel Stenberg
Follow up to #6209Closes#6234
Make sure uploaded file is no longer locked after the
transfer while waiting for the final ACK to be handled.
Assisted-by: Daniel Stenberg
Bug: #6058Closes#6209
Make sure the log file is not locked once a test has
finished and align with the behavior of our logmsg.
Rename curl_test_data.py to be a general util.py.
Format and sort Python imports with isort/VSCode.
Bug: #6058Closes#6206
- enable in the build (configure)
- header parsing
- host name lookup
- unit tests for the above
- CI build
- CURL_VERSION_HSTS bit
- curl_version_info support
- curl -V output
- curl-config --features
- CURLOPT_HSTS_CTRL
- man page for CURLOPT_HSTS_CTRL
- curl --hsts (sets CURLOPT_HSTS_CTRL and works with --libcurl)
- man page for --hsts
- save cache to disk
- load cache from disk
- CURLOPT_HSTS
- man page for CURLOPT_HSTS
- added docs/HSTS.md
- fixed --version docs
- adjusted curl_easy_duphandle
Closes#5896
- Add regex that strips http/2 server header name to those http/2 tests
that don't already have it.
- Improve that regex in all http/2 tests.
Tests 358 and 359 were failing for me before this change on a system
that uses an older version of nghttpx which includes its version number
in the server header.
Closes https://github.com/curl/curl/pull/6139
