moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-08-13 17:03:50 -04:00
Code Issues Releases Wiki Activity
23,623 Commits 10 Branches 144 Tags 113 MiB
C 66.7%
Python 12.4%
M4 6.9%
Perl 6.7%
DIGITAL Command Language 2.9%
Other 4.3%
df54b14fb7
Go to file
Matthew Whitehead df54b14fb7 x509asn1: Fix SAN IP address verification 
For IP addresses in the subject alternative name field, the length
of the IP address (and hence the number of bytes to perform a
memcmp on) is incorrectly calculated to be zero. The code previously
subtracted q from name.end. where in a successful case q = name.end
and therefore addrlen equalled 0. The change modifies the code to
subtract name.beg from name.end to calculate the length correctly.

The issue only affects libcurl with GSKit SSL, not other SSL backends.
The issue is not a security issue as IP verification would always fail.

Fixes #3102
Closes #3141
2018-10-16 03:52:47 -04:00
.github github/lock: auto-lock closed issues after 90 days of inactivity 2018-05-05 14:05:57 +02:00
CMake cmake: test and set missed defines during configuration 2018-10-05 13:10:41 +03:00
docs INSTALL: mention mesalink in TLS section 2018-10-15 09:15:23 +02:00
include whitespace fixes 2018-09-23 22:24:02 +00:00
lib x509asn1: Fix SAN IP address verification 2018-10-16 03:52:47 -04:00
m4 configure: s/AC_RUN_IFELSE/CURL_RUN_IFELSE 2018-09-26 18:51:34 +02:00
packages whitespace fixes 2018-09-23 22:24:02 +00:00
projects travis: make distcheck scan for BOM markers 2018-10-12 08:49:31 +02:00
scripts whitespace fixes 2018-09-23 22:24:02 +00:00
src Windows: fixes for MinGW targeting Windows Vista 2018-10-09 08:33:45 +02:00
tests Windows: fixes for MinGW targeting Windows Vista 2018-10-09 08:33:45 +02:00
winbuild curl: enabled Windows VT Support and UTF-8 output 2018-09-29 12:39:41 +02:00
.dir-locals.el Add .dir-locals and set c-basic-offset to 2. 2015-12-23 10:16:14 +01:00
.gitattributes .gitattributes: force shell scripts to LF 2017-04-17 08:32:13 +02:00
.gitignore ossfuzz: Move to C++ for curl_fuzzer. 2017-09-02 11:07:55 +02:00
.lgtm.yml CI: add lgtm.yml for tweaking lgtm.com analysis 2018-03-22 00:04:55 +01:00
.mailmap URL and mailmap updates, remove an obsolete directory [ci skip] 2018-09-22 07:58:32 +00:00
.travis-iconv-env.sh travis: add build with iconv enabled 2018-02-15 14:18:34 +01:00
.travis.yml travis: make distcheck scan for BOM markers 2018-10-12 08:49:31 +02:00
acinclude.m4 configure: s/AC_RUN_IFELSE/CURL_RUN_IFELSE 2018-09-26 18:51:34 +02:00
appveyor.yml AppVeyor: remove BDIR variable that sneaked in again 2018-10-10 21:57:42 +02:00
buildconf includes: remove curl/curlbuild.h and curl/curlrules.h 2017-06-14 11:07:33 +02:00
buildconf.bat whitespace fixes 2018-09-23 22:24:02 +00:00
CHANGES CHANGES: spell fix, use correct path to script 2017-02-07 08:22:37 +01:00
CMakeLists.txt CMake: remove BOM 2018-10-11 09:15:24 +02:00
configure.ac docs/examples: URL updates 2018-09-23 09:23:29 +00:00
COPYING COPYING: it's 2018! 2018-01-09 17:08:14 +13:00
curl-config.in curl-config: add --ssl-backends 2017-12-06 00:12:48 +01:00
GIT-INFO CHANGES.0: removed 2017-02-07 08:20:10 +01:00
libcurl.pc.in URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
MacOSX-Framework includes: remove curl/curlbuild.h and curl/curlrules.h 2017-06-14 11:07:33 +02:00
Makefile.am whitespace fixes 2018-09-23 22:24:02 +00:00
Makefile.dist build: remove the Borland specific makefiles 2018-06-02 11:23:40 +02:00
maketgz maketgz: delete .bak files, fix indentation 2018-06-15 23:28:34 +00:00
README URLs: follow GitHub project rename (also Travis CI) 2016-02-04 23:01:38 +01:00
README.md replace rawgit links [ci skip] 2018-10-12 21:04:37 +00:00
RELEASE-NOTES RELEASE-NOTES: synced 2018-10-08 15:03:21 +02:00

README.md

curl logo

CII Best Practices Coverity passed Travis-CI Build Status AppVeyor Build Status Coverage Status Backers on Open Collective Sponsors on Open Collective Language Grade: C/C++

Curl is a command-line tool for transferring data specified with URL syntax. Find out how to use curl by reading the curl.1 man page or the MANUAL document. Find out how to install Curl by reading the INSTALL document.

libcurl is the library curl is using to do its job. It is readily available to be used by your software. Read the libcurl.3 man page to learn how!

You find answers to the most frequent questions we get in the FAQ document.

Study the COPYING file for distribution terms and similar. If you distribute curl binaries or other binaries that involve libcurl, you might enjoy the LICENSE-MIXING document.

Contact

If you have problems, questions, ideas or suggestions, please contact us by posting to a suitable mailing list.

All contributors to the project are listed in the THANKS document.

Website

Visit the curl web site for the latest news and downloads.

Git

To download the very latest source from the Git server do this:

git clone https://github.com/curl/curl.git

(you'll get a directory named curl created, filled with the source code)

Notice

Curl contains pieces of source code that is Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan. This notice is included here to comply with the distribution terms.

Backers

Thank you to all our backers! 🙏 [Become a backer]

Sponsors

Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]