]> granicus.if.org Git - curl/log
curl
9 years agoftp: allow CURLOPT_IGNORE_CONTENT_LENGTH to ignore size
Kurt Fankhauser [Fri, 23 Oct 2015 12:57:30 +0000 (14:57 +0200)]
ftp: allow CURLOPT_IGNORE_CONTENT_LENGTH to ignore size

This allows FTP transfers with growing (or shrinking) files without
causing a transfer error.

Closes #480

9 years agoCURLOPT_STREAM_WEIGHT.3: call argument 'weight' too
Daniel Stenberg [Fri, 23 Oct 2015 07:23:46 +0000 (09:23 +0200)]
CURLOPT_STREAM_WEIGHT.3: call argument 'weight' too

... and add a little example of what the weight actually means. "Relative
proportion of bandwidth".

9 years agohttp2: add stream options to dist and curl_easy_setopt.3
Daniel Stenberg [Fri, 23 Oct 2015 07:16:00 +0000 (09:16 +0200)]
http2: add stream options to dist and curl_easy_setopt.3

9 years agohttp2: s/priority/weight
Daniel Stenberg [Wed, 21 Oct 2015 20:47:24 +0000 (22:47 +0200)]
http2: s/priority/weight

9 years agohttp2: on_frame_recv: trust the conn/data input
Daniel Stenberg [Wed, 21 Oct 2015 13:45:07 +0000 (15:45 +0200)]
http2: on_frame_recv: trust the conn/data input

Removed wrong assert()s

The 'conn' passed in as userdata can be used and there can be other
sessionhandles ('data') than the single one this checked for.

9 years agohttp2: added three stream prio/deps options
Daniel Stenberg [Sun, 13 Sep 2015 14:07:05 +0000 (16:07 +0200)]
http2: added three stream prio/deps options

CURLOPT_STREAM_DEPENDS

CURLOPT_STREAM_DEPENDS_E

CURLOPT_STREAM_PRIORITY

9 years agoRELEASE-NOTES: synced with ace68fdc0cfed83d
Daniel Stenberg [Thu, 22 Oct 2015 16:40:53 +0000 (18:40 +0200)]
RELEASE-NOTES: synced with ace68fdc0cfed83d

9 years agombedtls:new profile with RSA min key len = 1024.
m-gardet [Wed, 21 Oct 2015 07:30:31 +0000 (09:30 +0200)]
mbedtls:new profile with RSA min key len = 1024.

Closes #502

9 years agochecksrc: add crude // detection
Daniel Stenberg [Wed, 21 Oct 2015 11:46:03 +0000 (13:46 +0200)]
checksrc: add crude // detection

9 years agobuild: fix for MSDOS/djgpp
Gisle Vanem [Wed, 21 Oct 2015 16:59:43 +0000 (12:59 -0400)]
build: fix for MSDOS/djgpp

- Add a VPATH-statement for the vtls/*.c files.

- Due to 'vtls/*.c', remove that subdir part from $(OBJECTS).

9 years agocopyrights: update Gisle Vanem's email
Daniel Stenberg [Tue, 20 Oct 2015 11:33:01 +0000 (13:33 +0200)]
copyrights: update Gisle Vanem's email

9 years agovtls: fix compiler warning for TLS backends without sha256
Daniel Stenberg [Tue, 20 Oct 2015 06:12:44 +0000 (08:12 +0200)]
vtls: fix compiler warning for TLS backends without sha256

... noticed with mbedTLS.

9 years agovtls: added support for mbedTLS
Jonas Minnberg [Mon, 19 Oct 2015 12:25:34 +0000 (14:25 +0200)]
vtls: added support for mbedTLS

closes #496

9 years agocmake: Fix for add_subdirectory(curl) use-case
Javier G. Sogo [Mon, 19 Oct 2015 14:09:14 +0000 (16:09 +0200)]
cmake: Fix for add_subdirectory(curl) use-case

- Use CURL_BINARY_DIR instead of CMAKE_BINARY_DIR.

When including CURL using add_subdirectory the variables
CMAKE_BINARY_DIR and CURL_BINARY_DIR hold different paths.

Closes https://github.com/bagder/curl/pull/488
Closes https://github.com/bagder/curl/pull/498

9 years agoRELEASE-NOTES: synced with 4c773bcb474e
Daniel Stenberg [Sun, 18 Oct 2015 21:48:07 +0000 (23:48 +0200)]
RELEASE-NOTES: synced with 4c773bcb474e

9 years agotests/FILEFORMAT: mention PSL as a valid feture to check for
Daniel Stenberg [Sun, 18 Oct 2015 21:25:26 +0000 (23:25 +0200)]
tests/FILEFORMAT: mention PSL as a valid feture to check for

For example in test 1136

9 years agoteste1136: only run when PSL is enabled
Daniel Stenberg [Sun, 18 Oct 2015 21:20:08 +0000 (23:20 +0200)]
teste1136: only run when PSL is enabled

9 years agocurl: slist_wc: remove curl_memory.h inclusion
Daniel Stenberg [Sat, 17 Oct 2015 22:43:37 +0000 (00:43 +0200)]
curl: slist_wc: remove curl_memory.h inclusion

... that's for the library only.

9 years agoconfigure: add PSL to the list of features
Daniel Stenberg [Sat, 17 Oct 2015 22:11:13 +0000 (00:11 +0200)]
configure: add PSL to the list of features

... to make test 1014 work again after e77b5b7453.

9 years agotool: Generate easysrc with last cache linked-list
Daniel Hwang [Sat, 17 Oct 2015 21:57:58 +0000 (23:57 +0200)]
tool: Generate easysrc with last cache linked-list

Using a last cache linked-list improves the performance of easysrc
generation.

Bug: https://github.com/bagder/curl/issues/444
Ref: https://github.com/bagder/curl/issues/429

Closes #452

9 years agocookies: Add support for Mozilla's Publix Suffix List
Tim Rühsen [Tue, 29 Sep 2015 09:33:01 +0000 (11:33 +0200)]
cookies: Add support for Mozilla's Publix Suffix List

Use libpsl to check the domain value of Set-Cookie headers (and cookie
jar entries) for not being a Publix Suffix.

The configure script checks for "libpsl" by default. Disable the check
with --without-libpsl.

Ref: https://publicsuffix.org/
Ref: https://github.com/publicsuffix/list
Ref: https://github.com/rockdaboot/libpsl

9 years agocurlbuild.h: Fix non-configure compiling to mips and sh4 targets
Richard Hosking [Fri, 16 Oct 2015 20:29:29 +0000 (21:29 +0100)]
curlbuild.h: Fix non-configure compiling to mips and sh4 targets

9 years agohttp2: Don't pass unitialized name+len pairs to nghttp2_submit_request
Anders Bakken [Fri, 16 Oct 2015 18:51:12 +0000 (11:51 -0700)]
http2: Don't pass unitialized name+len pairs to nghttp2_submit_request

bug introduced by 18691642931e5c7ac8af83ac3a84fbcb36000f96.

Closes #493

9 years agotest1601: fix compilation with --enable-debug and --disable-crypto-auth
Dan Fandrich [Fri, 16 Oct 2015 19:43:56 +0000 (21:43 +0200)]
test1601: fix compilation with --enable-debug and --disable-crypto-auth

9 years agomulti: fix off-by-one finit[] array size
Daniel Stenberg [Fri, 16 Oct 2015 20:42:30 +0000 (22:42 +0200)]
multi: fix off-by-one finit[] array size

introduced in c6aedf680f6. It needs to be CURLM_STATE_LAST big since it
must hande the range 0 .. CURLM_STATE_MSGSENT (18) and CURLM_STATE_LAST
is 19 right now.

Reported-by: Dan Fandrich
Bug: http://curl.haxx.se/mail/lib-2015-10/0069.html

9 years agofread_func: move callback pointer from set to state struct
Daniel Stenberg [Mon, 5 Oct 2015 18:39:10 +0000 (20:39 +0200)]
fread_func: move callback pointer from set to state struct

... and assign it from the set.fread_func_set pointer in the
Curl_init_CONNECT function. This A) avoids that we have code that
assigns fields in the 'set' struct (which we always knew was bad) and
more importantly B) it makes it impossibly to accidentally leave the
wrong value for when the handle is re-used etc.

Introducing a state-init functionality in multi.c, so that we can set a
specific function to get called when we enter a state. The
Curl_init_CONNECT is thus called when switching to the CONNECT state.

Bug: https://github.com/bagder/curl/issues/346

Closes #346

9 years agotest1531: case the size to fix the test on non-largefile builds
Dan Fandrich [Wed, 14 Oct 2015 20:00:09 +0000 (22:00 +0200)]
test1531: case the size to fix the test on non-largefile builds

9 years agoacinclude: remove PKGCONFIG override
Daniel Stenberg [Tue, 13 Oct 2015 10:56:42 +0000 (12:56 +0200)]
acinclude: remove PKGCONFIG override

... and allow it to get set by a caller easier.

Reported-by: Rainer Jung
Bug: http://curl.haxx.se/mail/lib-2015-10/0035.html

9 years agodocs/INSTALL: Updated example minimal binary sizes
Dan Fandrich [Mon, 12 Oct 2015 21:47:10 +0000 (23:47 +0200)]
docs/INSTALL: Updated example minimal binary sizes

9 years agoopenssl: Fix set up of pkcs12 certificate verification chain
Erik Johansson [Fri, 9 Oct 2015 19:02:13 +0000 (21:02 +0200)]
openssl: Fix set up of pkcs12 certificate verification chain

sk_X509_pop will decrease the size of the stack which means that the loop would
end after having added only half of the certificates.

Also make sure that the X509 certificate is freed in case
SSL_CTX_add_extra_chain_cert fails.

9 years agontlm: error out without 64bit support as the code needs it
Daniel Stenberg [Fri, 9 Oct 2015 21:51:54 +0000 (23:51 +0200)]
ntlm: error out without 64bit support as the code needs it

It makes it a clearer message for developers reaching that point without
the necessary support.

Thanks-by: Jay Satiro
Closes #78

9 years agocurl_global_init: set the memory function pointers correct
Daniel Stenberg [Fri, 9 Oct 2015 14:13:54 +0000 (16:13 +0200)]
curl_global_init: set the memory function pointers correct

follow-up from 6f8ecea0

9 years agocurl_global_init_mem: set function pointers before doing init
Daniel Stenberg [Fri, 9 Oct 2015 14:04:11 +0000 (16:04 +0200)]
curl_global_init_mem: set function pointers before doing init

... as in the polarssl TLS backend for example it uses memory functions.

9 years agohttp2: Fix http2_recv to return -1 if recv returned -1
Jay Satiro [Thu, 8 Oct 2015 06:48:44 +0000 (02:48 -0400)]
http2: Fix http2_recv to return -1 if recv returned -1

If the underlying recv called by http2_recv returns -1 then that is the
value http2_recv returns to the caller.

9 years agocurl_easy_recv.3: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET
Svyatoslav Mishyn [Thu, 8 Oct 2015 16:28:30 +0000 (19:28 +0300)]
curl_easy_recv.3: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET

Closes #479

9 years agocurl_easy_send.3: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET
Svyatoslav Mishyn [Thu, 8 Oct 2015 16:26:47 +0000 (19:26 +0300)]
curl_easy_send.3: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET

9 years agoCURLOPT_CONNECT_ONLY.3: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET
Svyatoslav Mishyn [Thu, 8 Oct 2015 15:14:18 +0000 (18:14 +0300)]
CURLOPT_CONNECT_ONLY.3: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET

9 years agoCURLOPT_CERTINFO.3: fix reference to CURLINFO_CERTINFO
Daniel Stenberg [Thu, 8 Oct 2015 11:47:52 +0000 (13:47 +0200)]
CURLOPT_CERTINFO.3: fix reference to CURLINFO_CERTINFO

9 years agontlm: get rid of unconditional use of long long
Daniel Stenberg [Thu, 8 Oct 2015 10:30:22 +0000 (12:30 +0200)]
ntlm: get rid of unconditional use of long long

... since some compilers don't have it and instead use other types, such
as __int64.

Reported by: gkinseyhpw
Closes #478

9 years agodes: Fix header conditional for Curl_des_set_odd_parity
Anders Bakken [Wed, 7 Oct 2015 19:40:23 +0000 (12:40 -0700)]
des: Fix header conditional for Curl_des_set_odd_parity

Follow up to 613e502.

9 years agoconfigure: build silently by default
Daniel Stenberg [Wed, 7 Oct 2015 12:56:07 +0000 (14:56 +0200)]
configure: build silently by default

'make V=1' will make the build verbose like before

9 years agobump: start climbing toward 7.46.0
Daniel Stenberg [Wed, 7 Oct 2015 12:52:32 +0000 (14:52 +0200)]
bump: start climbing toward 7.46.0

9 years agoRELEASE-PROCEDURE: add the github HTTPS download step
Daniel Stenberg [Wed, 7 Oct 2015 12:46:49 +0000 (14:46 +0200)]
RELEASE-PROCEDURE: add the github HTTPS download step

9 years agoTHANKS: 19 new contributors from the 7.45.0 announcement curl-7_45_0
Daniel Stenberg [Wed, 7 Oct 2015 08:12:39 +0000 (10:12 +0200)]
THANKS: 19 new contributors from the 7.45.0 announcement

9 years agoRELEASE-NOTES: synced with 69ea57970080
Daniel Stenberg [Mon, 5 Oct 2015 17:36:31 +0000 (19:36 +0200)]
RELEASE-NOTES: synced with 69ea57970080

9 years agogetinfo: Fix return code for unknown CURLINFO options
Jay Satiro [Thu, 1 Oct 2015 20:39:40 +0000 (16:39 -0400)]
getinfo: Fix return code for unknown CURLINFO options

- If a CURLINFO option is unknown return CURLE_UNKNOWN_OPTION.

Prior to this change CURLE_BAD_FUNCTION_ARGUMENT was returned on
unknown. That return value is contradicted by the CURLINFO option
documentation which specifies a return of CURLE_UNKNOWN_OPTION on
unknown.

9 years agohiperfifo: fix the pointer passed to WRITEDATA
rouzier [Sun, 4 Oct 2015 18:30:07 +0000 (14:30 -0400)]
hiperfifo: fix the pointer passed to WRITEDATA

Closes https://github.com/bagder/curl/pull/471

9 years agotool_setopt: fix c_escape truncated octal
Maksim Stsepanenka [Fri, 2 Oct 2015 06:43:57 +0000 (02:43 -0400)]
tool_setopt: fix c_escape truncated octal

Closes https://github.com/bagder/curl/pull/469

9 years agogopher: don't send NUL byte
Orange Tsai [Thu, 1 Oct 2015 15:17:58 +0000 (23:17 +0800)]
gopher: don't send NUL byte

Closes #466

9 years agoruntests: Fix pid check in checkdied
Jay Satiro [Wed, 30 Sep 2015 02:08:57 +0000 (22:08 -0400)]
runtests: Fix pid check in checkdied

Because the 'not' operator has a very low precedence and as a result the
entire statement was erroneously negated and could never be true.

9 years agowin32: make recent Borland compilers use long long
Thorsten Schöning [Tue, 29 Sep 2015 22:03:35 +0000 (00:03 +0200)]
win32: make recent Borland compilers use long long

9 years agoRELEASE-NOTES: synced with 69b89050d4
Daniel Stenberg [Tue, 29 Sep 2015 08:57:42 +0000 (10:57 +0200)]
RELEASE-NOTES: synced with 69b89050d4

9 years agoopenssl: Fix algorithm init
Michael Kalinin [Tue, 22 Sep 2015 06:49:54 +0000 (02:49 -0400)]
openssl: Fix algorithm init

- Change algorithm init to happen after OpenSSL config load.

Additional algorithms may be available due to the user's config so we
initialize the algorithms after the user's config is loaded.

Bug: https://github.com/bagder/curl/issues/447
Reported-by: Denis Feklushkin
9 years agodocs: fix unescaped '\n' in man pages
Svyatoslav Mishyn [Mon, 28 Sep 2015 03:44:31 +0000 (23:44 -0400)]
docs: fix unescaped '\n' in man pages

Closes https://github.com/bagder/curl/pull/459

9 years agohttp2: set TCP_NODELAY unconditionally
Daniel Stenberg [Sun, 27 Sep 2015 21:20:13 +0000 (23:20 +0200)]
http2: set TCP_NODELAY unconditionally

For a single-stream download from localhost, we managed to increase
transfer speed from 1.6MB/sec to around 400MB/sec, mostly because of
this single fix.

9 years agohttp2: avoid superfluous Curl_expire() calls
Daniel Stenberg [Sun, 27 Sep 2015 17:40:20 +0000 (19:40 +0200)]
http2: avoid superfluous Curl_expire() calls

... only call it when there is data arriving for another handle than the
one that is currently driving it.

Improves single-stream download performance quite a lot.

Thanks-to: Tatsuhiro Tsujikawa
Bug: http://curl.haxx.se/mail/lib-2015-09/0097.html

9 years agoreadwrite_data: set a max number of loops
Daniel Stenberg [Sun, 27 Sep 2015 18:48:35 +0000 (20:48 +0200)]
readwrite_data: set a max number of loops

... as otherwise a really fast pipe can "lock" one transfer for some
protocols, like with HTTP/2.

9 years agoCI: Added AppVeyor-CI for curl
Sergei Nikulov [Thu, 17 Sep 2015 13:34:47 +0000 (16:34 +0300)]
CI: Added AppVeyor-CI for curl

Closes #439

9 years agoFTP: fix uploading ASCII with unknown size
Daniel Stenberg [Sat, 26 Sep 2015 21:36:25 +0000 (23:36 +0200)]
FTP: fix uploading ASCII with unknown size

... don't try to increase the supposed file size on newlines if we don't
know what file size it is!

Patch-by: lzsiga
9 years agobuild: fix failures with -Wcast-align and -Werror
Tatsuhiro Tsujikawa [Sat, 26 Sep 2015 08:24:34 +0000 (17:24 +0900)]
build: fix failures with -Wcast-align and -Werror

Closes #457

9 years agocurl-confopts.m4: Add missing ')'
Tatsuhiro Tsujikawa [Sat, 26 Sep 2015 08:23:35 +0000 (17:23 +0900)]
curl-confopts.m4: Add missing ')'

... for CURL_CHECK_OPTION_RT

Closes #456

9 years agocurl_easy_getinfo.3: Add brief description for each CURLINFO
Jay Satiro [Fri, 25 Sep 2015 06:37:42 +0000 (02:37 -0400)]
curl_easy_getinfo.3: Add brief description for each CURLINFO

9 years agoCMake: Ensure discovered include dirs are considered
Jakub Zakrzewski [Wed, 16 Sep 2015 15:33:23 +0000 (17:33 +0200)]
CMake: Ensure discovered include dirs are considered

...during header checks. Otherwise some following header tests
(incorrectly) fail.

Closes #436

9 years agoCMake: Put "winsock2.h" before "windows.h" during configure checks
Jakub Zakrzewski [Wed, 16 Sep 2015 15:27:13 +0000 (17:27 +0200)]
CMake: Put "winsock2.h" before "windows.h" during configure checks

"windows.h" includes "winsock.h" what causes many redefinition errors
if "winsock2.h" is included afterwards and can cause build to fail.

9 years agotests: disable 1510 due to CI-problems on github
Daniel Stenberg [Wed, 23 Sep 2015 11:53:38 +0000 (13:53 +0200)]
tests: disable 1510 due to CI-problems on github

9 years agognutls: Report actual GnuTLS error message for certificate errors
Mike Crowe [Wed, 23 Sep 2015 11:31:29 +0000 (13:31 +0200)]
gnutls: Report actual GnuTLS error message for certificate errors

If GnuTLS fails to read the certificate then include whatever reason it
provides in the failure message reported to the client.

Signed-off-by: Mike Crowe <mac@mcrowe.com>
9 years agoRELEASE-NOTES: synced with 6b56901b56e
Daniel Stenberg [Tue, 22 Sep 2015 20:21:58 +0000 (22:21 +0200)]
RELEASE-NOTES: synced with 6b56901b56e

9 years agognutls: Support CURLOPT_KEYPASSWD
Mike Crowe [Mon, 21 Sep 2015 09:34:55 +0000 (11:34 +0200)]
gnutls: Support CURLOPT_KEYPASSWD

The gnutls vtls back-end was previously ignoring any password set via
CURLOPT_KEYPASSWD. Presumably this was because
gnutls_certificate_set_x509_key_file did not support encrypted keys.

gnutls now has a gnutls_certificate_set_x509_key_file2 function that
does support encrypted keys. Let's determine at compile time whether the
available gnutls supports this new function. If it does then use it to
pass the password. If it does not then emit a helpful diagnostic if a
password is set. This is preferable to the previous behaviour of just
failing to read the certificate without giving a reason in that case.

Signed-off-by: Mike Crowe <mac@mcrowe.com>
9 years agoCURLINFO_TLS_SESSION: always return backend info
Daniel Stenberg [Tue, 22 Sep 2015 15:21:37 +0000 (17:21 +0200)]
CURLINFO_TLS_SESSION: always return backend info

... even for those that don't support providing anything in the
'internals' struct member since it offers a convenient way for
applications to figure this out.

9 years agotool: remove redundant libcurl check
Daniel Hwang [Tue, 22 Sep 2015 04:06:42 +0000 (21:06 -0700)]
tool: remove redundant libcurl check

The easysrc generation is run only when --libcurl is initialized.

Ref: https://github.com/bagder/curl/issues/429

Closes #448

9 years agoCURLOPT_PROXY.3: A proxy given as env variable gets no special treatment
Richard van den Berg [Tue, 22 Sep 2015 11:45:41 +0000 (13:45 +0200)]
CURLOPT_PROXY.3: A proxy given as env variable gets no special treatment

Closes #449

9 years agoTODO: 5.7 More compressions
Daniel Stenberg [Tue, 22 Sep 2015 08:53:55 +0000 (10:53 +0200)]
TODO: 5.7 More compressions

Like for example brotli, as being implemented in Firefox now.

9 years agotool_operate: Don't call easysrc cleanup unless --libcurl
Jay Satiro [Mon, 21 Sep 2015 06:21:38 +0000 (02:21 -0400)]
tool_operate: Don't call easysrc cleanup unless --libcurl

- Review of 4d95491.

The author changed it so easysrc only initializes when --libcurl but did
not do the same for the call to easysrc cleanup.

Ref: https://github.com/bagder/curl/issues/429

9 years agoCURLOPT_PINNEDPUBLICKEY.3: replace test.com with example.com
Viktor Szakats [Sun, 20 Sep 2015 14:08:15 +0000 (16:08 +0200)]
CURLOPT_PINNEDPUBLICKEY.3: replace test.com with example.com

closes #443

9 years agoKNOWN_BUGS: 91 "curl_easy_perform hangs with imap and PolarSSL"
Daniel Stenberg [Sun, 20 Sep 2015 11:34:16 +0000 (13:34 +0200)]
KNOWN_BUGS: 91 "curl_easy_perform hangs with imap and PolarSSL"

Closes #334

9 years agoKNOWN_BUGS: add link to #85
Daniel Stenberg [Sun, 20 Sep 2015 11:31:22 +0000 (13:31 +0200)]
KNOWN_BUGS: add link to #85

9 years agotests: disable 1801 until fixed
Daniel Stenberg [Sun, 20 Sep 2015 11:12:44 +0000 (13:12 +0200)]
tests: disable 1801 until fixed

It is unreliable and causes CI problems on github

Closes #380

9 years agoRELEASE-NOTES: synced with 4d95491636ee
Daniel Stenberg [Sun, 20 Sep 2015 11:00:19 +0000 (13:00 +0200)]
RELEASE-NOTES: synced with 4d95491636ee

9 years agotool: generate easysrc only on --libcurl
Daniel Lee Hwang [Sun, 20 Sep 2015 06:16:23 +0000 (23:16 -0700)]
tool: generate easysrc only on --libcurl

Code should only be generated when --libcurl is used.

Bug: https://github.com/bagder/curl/issues/429
Reported-by: @greafhe, Jay Satiro
Closes #429
Closes #442

9 years agovtls: Change designator name for server's pubkey hash
Jay Satiro [Sun, 20 Sep 2015 02:40:40 +0000 (22:40 -0400)]
vtls: Change designator name for server's pubkey hash

- Change the designator name we use to show the base64 encoded sha256
hash of the server's public key from 'pinnedpubkey' to
'public key hash'.

Though the server's public key hash is only shown when comparing pinned
public key hashes, the server's hash may not match one of the pinned.

9 years agoNTLM: Reset auth-done when using a fresh connection
Isaac Boukris [Wed, 16 Sep 2015 00:52:36 +0000 (03:52 +0300)]
NTLM: Reset auth-done when using a fresh connection

With NTLM a new connection will always require authentication.
Fixes #435

9 years agossl: add server cert's "sha256//" hash to verbose
Daniel Hwang [Sat, 12 Sep 2015 21:35:12 +0000 (14:35 -0700)]
ssl: add server cert's "sha256//" hash to verbose

Add a "pinnedpubkey" section to the "Server Certificate" verbose

Bug: https://github.com/bagder/curl/issues/410
Reported-by: W. Mark Kubacki
Closes #430
Closes #410

9 years agoopenldap: only part of LDAP query results received
Jakub Zakrzewski [Thu, 17 Sep 2015 16:36:07 +0000 (18:36 +0200)]
openldap: only part of LDAP query results received

Introduced with commit 65d141e6da5c6003a1592bbc87ee550b0ad75c2f

Closes #440

9 years agoopenssl: don't output certinfo data
Alessandro Ghedini [Mon, 14 Sep 2015 10:26:12 +0000 (12:26 +0200)]
openssl: don't output certinfo data

9 years agoopenssl: refactor certificate parsing to use OpenSSL memory BIO
Alessandro Ghedini [Sat, 12 Sep 2015 13:30:44 +0000 (15:30 +0200)]
openssl: refactor certificate parsing to use OpenSSL memory BIO

Fixes #427

9 years agonss: prevent NSS from incorrectly re-using a session
Kamil Dudka [Fri, 18 Sep 2015 15:10:05 +0000 (17:10 +0200)]
nss: prevent NSS from incorrectly re-using a session

Without this workaround, NSS re-uses a session cache entry despite the
server name does not match.  This causes SNI host name to differ from
the actual host name.  Consequently, certain servers (e.g. github.com)
respond by 400 to such requests.

Bug: https://bugzilla.mozilla.org/1202264

9 years agonss: check return values of NSS functions
Kamil Dudka [Fri, 18 Sep 2015 15:07:22 +0000 (17:07 +0200)]
nss: check return values of NSS functions

9 years agoCURLOPT_PINNEDPUBLICKEY.3: mention error code
Daniel Stenberg [Thu, 17 Sep 2015 06:50:51 +0000 (08:50 +0200)]
CURLOPT_PINNEDPUBLICKEY.3: mention error code

9 years agoopenssl: build with < 0.9.8
Daniel Stenberg [Thu, 17 Sep 2015 06:48:43 +0000 (08:48 +0200)]
openssl: build with < 0.9.8

... without sha256 support and no define saying so.

Reported-by: Rajkumar Mandal
9 years agolibcurl-errors.3: add two missing error codes
Daniel Stenberg [Thu, 17 Sep 2015 06:48:15 +0000 (08:48 +0200)]
libcurl-errors.3: add two missing error codes

CURLE_SSL_PINNEDPUBKEYNOTMATCH and CURLE_SSL_INVALIDCERTSTATUS

9 years agoCURLOPT_PINNEDPUBLICKEY.3: Improve pubkey extraction example
Jay Satiro [Mon, 14 Sep 2015 07:16:04 +0000 (03:16 -0400)]
CURLOPT_PINNEDPUBLICKEY.3: Improve pubkey extraction example

- Show how a certificate can be obtained using OpenSSL.

Bug: https://github.com/bagder/curl/pull/430
Reported-by: Daniel Hwang
9 years agohttp2: removed unused function
Daniel Stenberg [Sun, 13 Sep 2015 14:32:59 +0000 (16:32 +0200)]
http2: removed unused function

9 years agoCURLINFO_ACTIVESOCKET.3: mention it replaces *LASTSOCKET
Daniel Stenberg [Sat, 12 Sep 2015 21:37:52 +0000 (23:37 +0200)]
CURLINFO_ACTIVESOCKET.3: mention it replaces *LASTSOCKET

9 years agoopts: add CURLINFO_* man pages to dist
Daniel Stenberg [Sat, 12 Sep 2015 21:22:33 +0000 (23:22 +0200)]
opts: add CURLINFO_* man pages to dist

9 years agoopts: 19 more CURLINFO_* options made into stand-alone man pages
Daniel Stenberg [Sat, 12 Sep 2015 21:13:08 +0000 (23:13 +0200)]
opts: 19 more CURLINFO_* options made into stand-alone man pages

9 years agoRELEASE-NOTES: synced with fad9604613
Daniel Stenberg [Sat, 12 Sep 2015 10:54:58 +0000 (12:54 +0200)]
RELEASE-NOTES: synced with fad9604613

9 years agocurl: customrequest_helper: deal with NULL custom method
Daniel Stenberg [Fri, 11 Sep 2015 16:49:28 +0000 (18:49 +0200)]
curl: customrequest_helper: deal with NULL custom method

9 years agoCURLOPT_FNMATCH_FUNCTION.3: fix typo
Svyatoslav Mishyn [Fri, 11 Sep 2015 14:52:01 +0000 (17:52 +0300)]
CURLOPT_FNMATCH_FUNCTION.3: fix typo

s => is

Closes #428

9 years agocurl: point out unnecessary uses of -X in verbose mode
Daniel Stenberg [Sat, 29 Aug 2015 21:56:28 +0000 (23:56 +0200)]
curl: point out unnecessary uses of -X in verbose mode

It uses 'Note:' as a prefix as opposed to the common 'Warning:' to take
down the tone a bit.

It adds a warning for using -XHEAD on other methods becasue that may
lead to a hanging connection.

9 years agocurl_sspi: fix possibly undefined CRYPT_E_REVOKED
Jay Satiro [Thu, 10 Sep 2015 06:17:33 +0000 (02:17 -0400)]
curl_sspi: fix possibly undefined CRYPT_E_REVOKED

Bug: https://github.com/bagder/curl/pull/411
Reported-by: Viktor Szakats