(https://curl.haxx.se/bug/view.cgi?id=2963679)
- Akos Pasztory filed debian bug report #572276
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572276 mentioning a problem
+ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572276 mentioning a problem
with a resource that returns chunked-encoded _and_ with a Content-Length
and libcurl failed to properly ignore the latter information.
- Constantine Sapuntzakis filed bug report #2783090
(https://curl.haxx.se/bug/view.cgi?id=2783090) pointing out that on windows
we need to grow the SO_SNDBUF buffer somewhat to get really good upload
- speeds. http://support.microsoft.com/kb/823764 has the details. Friends
+ speeds. https://support.microsoft.com/kb/823764 has the details. Friends
confirmed that simply adding 32 to CURL_MAX_WRITE_SIZE is enough.
- Bug report #2709004 (https://curl.haxx.se/bug/view.cgi?id=2709004) by Tim
Daniel Stenberg (22 Jun 2008)
- Eduard Bloch filed the debian bug report #487567
- (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487567) pointing out that
+ (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487567) pointing out that
libcurl used Content-Range: instead of Range when doing a range request with
--head (CURLOPT_NOBODY). This is now fixed and test case 1032 was added to
verify.
Daniel Stenberg (7 May 2008)
- Liam Healy filed the debian bug report #480044
- (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480044) identifying a
+ (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480044) identifying a
segfault when using krb5 ftp, but the krb4 code had the same problem.
Yang Tse (7 May 2008)
Daniel S (31 Jan 2008)
- Niklas Angebrand made the cookie support in libcurl properly deal with the
"HttpOnly" feature introduced by Microsoft and apparently also supported by
- Firefox: http://msdn2.microsoft.com/en-us/library/ms533046.aspx . HttpOnly
+ Firefox: https://msdn.microsoft.com/en-us/library/ms533046.aspx . HttpOnly
is now supported when received from servers in HTTP headers, when written to
cookie jars and when read from existing cookie jars.
Daniel (12 February 2007)
- Rob Crittenden added support for NSS (Network Security Service) for the
- SSL/TLS layer. http://www.mozilla.org/projects/security/pki/nss/
+ SSL/TLS layer. https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS
This is the fourth supported library for TLS/SSL that libcurl supports!
- Modified libcurl.pc.in to use Libs.private for the libs libcurl itself needs
to get built static. It has been mentioned before and was again brought to
our attention by Nathanael Nerode who filed debian bug report #405226
- (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405226).
+ (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405226).
Daniel (29 December 2006)
- Make curl_easy_duphandle() set the magic number in the new handle.
route of skipping them for *-*-cygwin*.
The third patch replaces all uses of the ancient and obsolete __CYGWIN32__
- with __CYGWIN__. Ref: <http://cygwin.com/ml/cygwin/2003-09/msg01520.html>.
+ with __CYGWIN__. Ref: <https://cygwin.com/ml/cygwin/2003-09/msg01520.html>.
Daniel (7 June 2006)
- Mikael Sennerholm provided a patch that added NTLM2 session response support
but it should not do any harm. https://curl.haxx.se/bug/view.cgi?id=1356715
- Jan Kunder's debian bug report
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338680 identified a weird
+ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338680 identified a weird
error message for when you try to upload a file and the requested directory
doesn't exist on the target server.
Daniel (13 November 2005)
- Debian bug report 338681 by Jan Kunder: make curl better detect and report
bad limit-rate units:
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338681 Now curl will return
+ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338681 Now curl will return
error if a bad unit is used.
- Thanks to this nice summary of poll() implementations:
Daniel (21 September 2005)
- Fixed "cut off" sentence in the libcurl-tutorial man page:
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329305
+ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329305
- Clarified in the curl_easy_setopt man page what the default
CURLOPT_WRITEFUNCTION and CURLOPT_WRITEDATA mean:
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329311
+ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329311
- Clarified in the curl_easy_setopt man page that CURLOPT_ERRORBUFFER
sometimes doesn't fill in the buffer even though it is supposed to:
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329313
+ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329313
- When CURLE_URL_MALFORMAT is returned due to a missing URL, it now has an
error string set.
Daniel (4 September 2005)
- I applied Nicolas François' man page patch he posted to the Debian bug
tracker. It corrected two lines that started with apostrophes, which isn't
- legal nroff format. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326511
+ legal nroff format. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326511
- Added --ftp-skip-pasv-ip to the command line tool, that sets the new
CURLOPT_FTP_SKIP_PASV_IP option. It makes libcurl re-use the control
- Eric Cooper reported about a problem with HTTP servers that responds with
binary zeroes within the headers. They confused libcurl to do wrong so the
downloaded headers become incomplete. The fix is now verified with test case
- 262. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=310948
+ 262. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=310948
Daniel (25 May 2005)
- Fixed problems with the test suite, and in particular the FTP test cases
Daniel (22 February 2005)
- NTLM and ftp-krb4 buffer overflow fixed, as reported here:
http://www.securityfocus.com/archive/1/391042 and the CAN report here:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0490
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0490
If these security guys were serious, we'd been notified in advance and we
could've saved a few of you a little surprise, but now we weren't.
http://www.greenhills.co.uk/mak/gentoo/curl-eintr-bug.c, I now made the
select() and poll() calls properly loop if they return -1 and errno is
EINTR. glibc docs for this is found here:
- http://www.gnu.org/software/libc/manual/html_node/Interrupted-Primitives.html
+ https://www.gnu.org/software/libc/manual/html_node/Interrupted-Primitives.html
This last link says BSD doesn't have this "effect". Will there be a problem
if we do this unconditionally?
PASV ftp transfers. It could make libcurl crash.
Details in bug report #530562:
- http://sourceforge.net/tracker/?func=detail&atid=100976&aid=530562&group_id=976
+ https://sourceforge.net/p/curl/bugs/178/
Daniel (15 March 2002)
- Jun-ichiro itojun Hagino filed bug report #530204 that clearly pointed out
- Richard Archer brought back the ability to compile and build with OpenSSL
versions before 0.9.5.
- [http://sourceforge.net/tracker/?func=detail&atid=100976&aid=504163&group_id=976]
+ [https://sourceforge.net/p/curl/bugs/149/]
- The DNS cache code didn't take the port number into account, which made it
work rather bad on IPv6-enabled hosts (especially when doing passive
to do "LIST -a" or similar to see them.
The application thus needs to parse the LIST output. One such existing
- list parser is available at http://cr.yp.to/ftpparse.html Versions of
+ list parser is available at https://cr.yp.to/ftpparse.html Versions of
libcurl since 7.21.0 also provide the ability to specify a wildcard to
download multiple files from one FTP directory.
some risks in the ways in which applications commonly use libcurl and
potential mitigations of those risks. It is by no means comprehensive, but
shows classes of attacks that robust applications should consider. The
-Common Weakness Enumeration project at http://cwe.mitre.org/ is a good
+Common Weakness Enumeration project at https://cwe.mitre.org/ is a good
reference for many of these and similar types of weaknesses of which
application writers should be aware.
/* When you run a program that uses the Windows Sockets API, you may
experience slow performance when you copy data to a TCP server.
- http://support.microsoft.com/kb/823764
+ https://support.microsoft.com/kb/823764
Work-around: Make the Socket Send Buffer Size Larger Than the Program Send
Buffer Size
/* When you run a program that uses the Windows Sockets API, you may
experience slow performance when you copy data to a TCP server.
- http://support.microsoft.com/kb/823764
+ https://support.microsoft.com/kb/823764
Work-around: Make the Socket Send Buffer Size Larger Than the Program Send
Buffer Size
* by delegating the NTLM challenge/response protocal to a helper
* in ntlm_auth.
* http://devel.squid-cache.org/ntlm/squid_helper_protocol.html
- * http://www.samba.org/samba/docs/man/manpages-3/winbindd.8.html
- * http://www.samba.org/samba/docs/man/manpages-3/ntlm_auth.1.html
+ * https://www.samba.org/samba/docs/man/manpages-3/winbindd.8.html
+ * https://www.samba.org/samba/docs/man/manpages-3/ntlm_auth.1.html
* Preprocessor symbol 'NTLM_WB_ENABLED' is defined when this
* feature is enabled and 'NTLM_WB_FILE' symbol holds absolute
* filename of ntlm_auth helper.
static Curl_send rtmp_send;
/*
- * RTMP protocol handler.h, based on http://rtmpdump.mplayerhq.hu
+ * RTMP protocol handler.h, based on https://rtmpdump.mplayerhq.hu
*/
const struct Curl_handler Curl_handler_rtmp = {
/*
* "Remove Dot Segments"
- * http://tools.ietf.org/html/rfc3986#section-5.2.4
+ * https://tools.ietf.org/html/rfc3986#section-5.2.4
*/
/*
/* Portable character check (remember EBCDIC). Do not use isalnum() because
its behavior is altered by the current locale.
- See http://tools.ietf.org/html/rfc3986#section-2.3
+ See https://tools.ietf.org/html/rfc3986#section-2.3
*/
static bool Curl_isunreserved(unsigned char in)
{
* "foo.host.com" matches "*.host.com".
*
* We use the matching rule described in RFC6125, section 6.4.3.
- * http://tools.ietf.org/html/rfc6125#section-6.4.3
+ * https://tools.ietf.org/html/rfc6125#section-6.4.3
*
* In addition: ignore trailing dots in the host names and wildcards, so that
* the names are used normalized. This is what the browsers do.
Apache servers can be set to do the Digest IE-style automatically using
the BrowserMatch feature:
- http://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html#msie
+ https://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html#msie
Further details on Digest implementation differences:
http://www.fngtps.com/2006/09/http-authentication
/*
Some hackish cast macros based on:
- http://library.gnome.org/devel/glib/unstable/glib-Type-Conversion-Macros.html
+ https://developer.gnome.org/glib/unstable/glib-Type-Conversion-Macros.html
*/
#ifndef GNUTLS_POINTER_TO_INT_CAST
#define GNUTLS_POINTER_TO_INT_CAST(p) ((int) (long) (p))
}
memset(connssl->cred, 0, sizeof(struct curl_schannel_cred));
- /* http://msdn.microsoft.com/en-us/library/windows/desktop/aa374716.aspx */
+ /* https://msdn.microsoft.com/en-us/library/windows/desktop/aa374716.aspx
+ */
sspi_status =
s_pSecFn->AcquireCredentialsHandle(NULL, (TCHAR *)UNISP_NAME,
SECPKG_CRED_OUTBOUND, NULL,
if(!host_name)
return CURLE_OUT_OF_MEMORY;
- /* http://msdn.microsoft.com/en-us/library/windows/desktop/aa375924.aspx */
+ /* https://msdn.microsoft.com/en-us/library/windows/desktop/aa375924.aspx */
sspi_status = s_pSecFn->InitializeSecurityContext(
&connssl->cred->cred_handle, NULL, host_name,
if(!host_name)
return CURLE_OUT_OF_MEMORY;
- /* http://msdn.microsoft.com/en-us/library/windows/desktop/aa375924.aspx */
-
+ /* https://msdn.microsoft.com/en-us/library/windows/desktop/aa375924.aspx
+ */
sspi_status = s_pSecFn->InitializeSecurityContext(
&connssl->cred->cred_handle, &connssl->ctxt->ctxt_handle,
host_name, connssl->req_flags, 0, 0, &inbuf_desc, 0, NULL,
/* copy data into output buffer */
memcpy(outbuf[1].pvBuffer, buf, len);
- /* http://msdn.microsoft.com/en-us/library/windows/desktop/aa375390.aspx */
+ /* https://msdn.microsoft.com/en-us/library/windows/desktop/aa375390.aspx */
sspi_status = s_pSecFn->EncryptMessage(&connssl->ctxt->ctxt_handle, 0,
&outbuf_desc, 0);
InitSecBuffer(&inbuf[3], SECBUFFER_EMPTY, NULL, 0);
InitSecBufferDesc(&inbuf_desc, inbuf, 4);
- /* http://msdn.microsoft.com/en-us/library/windows/desktop/aa375348.aspx */
+ /* https://msdn.microsoft.com/en-us/library/windows/desktop/aa375348.aspx
+ */
sspi_status = s_pSecFn->DecryptMessage(&connssl->ctxt->ctxt_handle,
&inbuf_desc, 0, NULL);
int Curl_schannel_shutdown(struct connectdata *conn, int sockindex)
{
- /* See http://msdn.microsoft.com/en-us/library/windows/desktop/aa380138.aspx
+ /* See https://msdn.microsoft.com/en-us/library/windows/desktop/aa380138.aspx
* Shutting Down an Schannel Connection
*/
struct SessionHandle *data = conn->data;
defines/macros #defined by the lib-specific header files.
"SSL/TLS Strong Encryption: An Introduction"
- http://httpd.apache.org/docs-2.0/ssl/ssl_intro.html
+ https://httpd.apache.org/docs/2.0/ssl/ssl_intro.html
*/
#include "curl_setup.h"
#define SHA256_DIGEST_LENGTH 32 /* fixed size */
#endif
-/* see http://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-04 */
+/* see https://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-04 */
#define ALPN_HTTP_1_1_LENGTH 8
#define ALPN_HTTP_1_1 "http/1.1"
rem
rem Do not set %ERRORLEVEL% to anything. %ERRORLEVEL% is a special variable
rem that only contains errorlevel when %ERRORLEVEL% is not set. Same for %CD%.
-rem http://blogs.msdn.com/b/oldnewthing/archive/2008/09/26/8965755.aspx
+rem https://blogs.msdn.microsoft.com/oldnewthing/20080926-00/?p=20743/
rem If you need to set the errorlevel do this instead: CALL :seterr [#]
:begin
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
-# http://www.apache.org/licenses/LICENSE-2.0
+# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
* other handle types supported by WaitForMultipleObjectsEx() as
* well as disk files, anonymous and names pipes, and character input.
*
- * http://msdn.microsoft.com/en-us/library/windows/desktop/ms687028.aspx
- * http://msdn.microsoft.com/en-us/library/windows/desktop/ms741572.aspx
+ * https://msdn.microsoft.com/en-us/library/windows/desktop/ms687028.aspx
+ * https://msdn.microsoft.com/en-us/library/windows/desktop/ms741572.aspx
*/
struct select_ws_wait_data {
HANDLE handle; /* actual handle to wait for during select */
projects / curl / commitdiff