]>
granicus.if.org Git - curl/log
Daniel Stenberg [Tue, 22 Sep 2015 20:21:58 +0000 (22:21 +0200)]
RELEASE-NOTES: synced with
6b56901b56e
Mike Crowe [Mon, 21 Sep 2015 09:34:55 +0000 (11:34 +0200)]
gnutls: Support CURLOPT_KEYPASSWD
The gnutls vtls back-end was previously ignoring any password set via
CURLOPT_KEYPASSWD. Presumably this was because
gnutls_certificate_set_x509_key_file did not support encrypted keys.
gnutls now has a gnutls_certificate_set_x509_key_file2 function that
does support encrypted keys. Let's determine at compile time whether the
available gnutls supports this new function. If it does then use it to
pass the password. If it does not then emit a helpful diagnostic if a
password is set. This is preferable to the previous behaviour of just
failing to read the certificate without giving a reason in that case.
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Daniel Stenberg [Tue, 22 Sep 2015 15:21:37 +0000 (17:21 +0200)]
CURLINFO_TLS_SESSION: always return backend info
... even for those that don't support providing anything in the
'internals' struct member since it offers a convenient way for
applications to figure this out.
Daniel Hwang [Tue, 22 Sep 2015 04:06:42 +0000 (21:06 -0700)]
tool: remove redundant libcurl check
The easysrc generation is run only when --libcurl is initialized.
Ref: https://github.com/bagder/curl/issues/429
Closes #448
Richard van den Berg [Tue, 22 Sep 2015 11:45:41 +0000 (13:45 +0200)]
CURLOPT_PROXY.3: A proxy given as env variable gets no special treatment
Closes #449
Daniel Stenberg [Tue, 22 Sep 2015 08:53:55 +0000 (10:53 +0200)]
TODO: 5.7 More compressions
Like for example brotli, as being implemented in Firefox now.
Jay Satiro [Mon, 21 Sep 2015 06:21:38 +0000 (02:21 -0400)]
tool_operate: Don't call easysrc cleanup unless --libcurl
- Review of
4d95491 .
The author changed it so easysrc only initializes when --libcurl but did
not do the same for the call to easysrc cleanup.
Ref: https://github.com/bagder/curl/issues/429
Viktor Szakats [Sun, 20 Sep 2015 14:08:15 +0000 (16:08 +0200)]
CURLOPT_PINNEDPUBLICKEY.3: replace test.com with example.com
closes #443
Daniel Stenberg [Sun, 20 Sep 2015 11:34:16 +0000 (13:34 +0200)]
KNOWN_BUGS: 91 "curl_easy_perform hangs with imap and PolarSSL"
Closes #334
Daniel Stenberg [Sun, 20 Sep 2015 11:31:22 +0000 (13:31 +0200)]
KNOWN_BUGS: add link to #85
Daniel Stenberg [Sun, 20 Sep 2015 11:12:44 +0000 (13:12 +0200)]
tests: disable 1801 until fixed
It is unreliable and causes CI problems on github
Closes #380
Daniel Stenberg [Sun, 20 Sep 2015 11:00:19 +0000 (13:00 +0200)]
RELEASE-NOTES: synced with
4d95491636ee
Daniel Lee Hwang [Sun, 20 Sep 2015 06:16:23 +0000 (23:16 -0700)]
tool: generate easysrc only on --libcurl
Code should only be generated when --libcurl is used.
Bug: https://github.com/bagder/curl/issues/429
Reported-by: @greafhe, Jay Satiro
Closes #429
Closes #442
Jay Satiro [Sun, 20 Sep 2015 02:40:40 +0000 (22:40 -0400)]
vtls: Change designator name for server's pubkey hash
- Change the designator name we use to show the base64 encoded sha256
hash of the server's public key from 'pinnedpubkey' to
'public key hash'.
Though the server's public key hash is only shown when comparing pinned
public key hashes, the server's hash may not match one of the pinned.
Isaac Boukris [Wed, 16 Sep 2015 00:52:36 +0000 (03:52 +0300)]
NTLM: Reset auth-done when using a fresh connection
With NTLM a new connection will always require authentication.
Fixes #435
Daniel Hwang [Sat, 12 Sep 2015 21:35:12 +0000 (14:35 -0700)]
ssl: add server cert's "sha256//" hash to verbose
Add a "pinnedpubkey" section to the "Server Certificate" verbose
Bug: https://github.com/bagder/curl/issues/410
Reported-by: W. Mark Kubacki
Closes #430
Closes #410
Jakub Zakrzewski [Thu, 17 Sep 2015 16:36:07 +0000 (18:36 +0200)]
openldap: only part of LDAP query results received
Introduced with commit
65d141e6da5c6003a1592bbc87ee550b0ad75c2f
Closes #440
Alessandro Ghedini [Mon, 14 Sep 2015 10:26:12 +0000 (12:26 +0200)]
openssl: don't output certinfo data
Alessandro Ghedini [Sat, 12 Sep 2015 13:30:44 +0000 (15:30 +0200)]
openssl: refactor certificate parsing to use OpenSSL memory BIO
Fixes #427
Kamil Dudka [Fri, 18 Sep 2015 15:10:05 +0000 (17:10 +0200)]
nss: prevent NSS from incorrectly re-using a session
Without this workaround, NSS re-uses a session cache entry despite the
server name does not match. This causes SNI host name to differ from
the actual host name. Consequently, certain servers (e.g. github.com)
respond by 400 to such requests.
Bug: https://bugzilla.mozilla.org/
1202264
Kamil Dudka [Fri, 18 Sep 2015 15:07:22 +0000 (17:07 +0200)]
nss: check return values of NSS functions
Daniel Stenberg [Thu, 17 Sep 2015 06:50:51 +0000 (08:50 +0200)]
CURLOPT_PINNEDPUBLICKEY.3: mention error code
Daniel Stenberg [Thu, 17 Sep 2015 06:48:43 +0000 (08:48 +0200)]
openssl: build with < 0.9.8
... without sha256 support and no define saying so.
Reported-by: Rajkumar Mandal
Daniel Stenberg [Thu, 17 Sep 2015 06:48:15 +0000 (08:48 +0200)]
libcurl-errors.3: add two missing error codes
CURLE_SSL_PINNEDPUBKEYNOTMATCH and CURLE_SSL_INVALIDCERTSTATUS
Jay Satiro [Mon, 14 Sep 2015 07:16:04 +0000 (03:16 -0400)]
CURLOPT_PINNEDPUBLICKEY.3: Improve pubkey extraction example
- Show how a certificate can be obtained using OpenSSL.
Bug: https://github.com/bagder/curl/pull/430
Reported-by: Daniel Hwang
Daniel Stenberg [Sun, 13 Sep 2015 14:32:59 +0000 (16:32 +0200)]
http2: removed unused function
Daniel Stenberg [Sat, 12 Sep 2015 21:37:52 +0000 (23:37 +0200)]
CURLINFO_ACTIVESOCKET.3: mention it replaces *LASTSOCKET
Daniel Stenberg [Sat, 12 Sep 2015 21:22:33 +0000 (23:22 +0200)]
opts: add CURLINFO_* man pages to dist
Daniel Stenberg [Sat, 12 Sep 2015 21:13:08 +0000 (23:13 +0200)]
opts: 19 more CURLINFO_* options made into stand-alone man pages
Daniel Stenberg [Sat, 12 Sep 2015 10:54:58 +0000 (12:54 +0200)]
RELEASE-NOTES: synced with
fad9604613
Daniel Stenberg [Fri, 11 Sep 2015 16:49:28 +0000 (18:49 +0200)]
curl: customrequest_helper: deal with NULL custom method
Svyatoslav Mishyn [Fri, 11 Sep 2015 14:52:01 +0000 (17:52 +0300)]
CURLOPT_FNMATCH_FUNCTION.3: fix typo
s => is
Closes #428
Daniel Stenberg [Sat, 29 Aug 2015 21:56:28 +0000 (23:56 +0200)]
curl: point out unnecessary uses of -X in verbose mode
It uses 'Note:' as a prefix as opposed to the common 'Warning:' to take
down the tone a bit.
It adds a warning for using -XHEAD on other methods becasue that may
lead to a hanging connection.
Jay Satiro [Thu, 10 Sep 2015 06:17:33 +0000 (02:17 -0400)]
curl_sspi: fix possibly undefined CRYPT_E_REVOKED
Bug: https://github.com/bagder/curl/pull/411
Reported-by: Viktor Szakats
Jay Satiro [Wed, 9 Sep 2015 06:46:48 +0000 (02:46 -0400)]
buildconf.bat: fix syntax error
Benjamin Kircher [Tue, 8 Sep 2015 14:22:39 +0000 (16:22 +0200)]
winbuild: run buildconf.bat if necessary
Svyatoslav Mishyn [Wed, 9 Sep 2015 01:17:50 +0000 (21:17 -0400)]
docs: fix argument type for CURLINFO_SPEED_*, CURLINFO_SIZE_*
long => double
Sergei Nikulov [Thu, 3 Sep 2015 12:20:32 +0000 (15:20 +0300)]
cmake: IPv6 : disable Unix header check on Windows platform
Closes #409
Daniel Stenberg [Tue, 8 Sep 2015 11:42:48 +0000 (13:42 +0200)]
parse_proxy: reject illegal port numbers
If the port number in the proxy string ended weirdly or the number is
too large, skip it. Mostly as a means to bail out early if a "bare" IPv6
numerical address is used without enclosing brackets.
Also mention the bracket requirement for IPv6 numerical addresses to the
man page for CURLOPT_PROXY.
Closes #415
Reported-by: Marcel Raad
Daniel Stenberg [Tue, 8 Sep 2015 07:29:03 +0000 (09:29 +0200)]
FTP: do_more: add check for wait_data_conn in upload case
In some timing-dependnt cases when a 4xx response immediately followed
after a 150 when a STOR was issued, this function would wrongly return
'complete == true' while 'wait_data_conn' was still set.
Closes #405
Reported-by: Patricia Muscalu
Svyatoslav Mishyn [Sun, 6 Sep 2015 16:42:33 +0000 (19:42 +0300)]
CURLOPT_TLSAUTH_TYPE.3: update description
Closes #414
Closes #413
Svyatoslav Mishyn [Sat, 5 Sep 2015 08:45:25 +0000 (11:45 +0300)]
CURLOPT_PATH_AS_IS.3: fix typo
leavit => leaveit
closes #412
Svyatoslav Mishyn [Sat, 5 Sep 2015 08:34:01 +0000 (11:34 +0300)]
CURLINFO_SSL_VERIFYRESULT.3: add short description
Svyatoslav Mishyn [Sat, 5 Sep 2015 08:30:51 +0000 (11:30 +0300)]
CURLINFO_SSL_ENGINES.3: add short description
Svyatoslav Mishyn [Sat, 5 Sep 2015 08:23:59 +0000 (11:23 +0300)]
CURLINFO_CONTENT_LENGTH_UPLOAD.3: replace "receive" with "get" for consistency
Svyatoslav Mishyn [Sat, 5 Sep 2015 08:19:40 +0000 (11:19 +0300)]
CURLINFO_REDIRECT_TIME.3: remove redundant '!'
Kamil Dudka [Fri, 4 Sep 2015 14:10:44 +0000 (16:10 +0200)]
Revert "has: generate the curl/has.h header"
This reverts commit
a60bde79f9adeb135d5c642a07f0d783fbfbbc25 I have
pushed by mistake. Apologies for my incompetent use of the git repo!
Kamil Dudka [Fri, 4 Sep 2015 12:35:36 +0000 (14:35 +0200)]
nss: do not directly access SSL_ImplementedCiphers[]
It causes dynamic linking issues at run-time after an update of NSS.
Bug: https://lists.fedoraproject.org/pipermail/devel/2015-September/214117.html
Daniel Stenberg [Wed, 2 Sep 2015 22:04:10 +0000 (00:04 +0200)]
has: generate the curl/has.h header
changed macro name, moved and renamed script to become docs/libcurl/has.pl,
generate code that is checksrc compliant
Daniel Stenberg [Thu, 3 Sep 2015 21:35:41 +0000 (23:35 +0200)]
gitignore: ignore more generated VC Makefiles
Daniel Stenberg [Thu, 3 Sep 2015 21:34:53 +0000 (23:34 +0200)]
projects/Windows/.gitignore: ignore generated files for release
Daniel Stenberg [Thu, 3 Sep 2015 20:23:50 +0000 (22:23 +0200)]
http2: don't pass on Connection: headers
RFC 7540 section 8.1.2.2 states: "An endpoint MUST NOT generate an
HTTP/2 message containing connection-specific header fields; any message
containing connection-specific header fields MUST be treated as
malformed"
Closes #401
Daniel Stenberg [Thu, 3 Sep 2015 17:52:23 +0000 (19:52 +0200)]
curl.1: update RFC references
Daniel Stenberg [Thu, 3 Sep 2015 15:33:16 +0000 (17:33 +0200)]
CURLOPT_POSTREDIR.3: update RFC number and section
Daniel Stenberg [Thu, 3 Sep 2015 15:27:40 +0000 (17:27 +0200)]
CURLOPT_FOLLOWLOCATION.3: mention methods for redirects
and some general cleaning up
Marcel Raad [Thu, 3 Sep 2015 09:32:39 +0000 (11:32 +0200)]
inet_pton.c: Fix MSVC run-time check failure (2)
This fixes another run-time check failure because of a narrowing cast on
Visual C++.
Closes #408
Jay Satiro [Thu, 3 Sep 2015 06:35:11 +0000 (02:35 -0400)]
docs: Warn about any-domain cookies and multiple transfers
- Warn that cookies without a domain are sent to any domain:
CURLOPT_COOKIELIST, CURLOPT_COOKIEFILE, --cookie
- Note that imported Set-Cookie cookies without a domain are no longer
exported:
CURLINFO_COOKIELIST, CURLOPT_COOKIEJAR, --cookie-jar
Steve Holme [Wed, 2 Sep 2015 05:52:12 +0000 (06:52 +0100)]
tool_sdecls.h: Fixed compilation warning from commit
4a889441d3
tool_sdecls.h:139 warning: comma at end of enumerator list
Daniel Stenberg [Tue, 1 Sep 2015 22:00:53 +0000 (00:00 +0200)]
opts: 8 more CURLINFO* options as stand-alone man pages
Daniel Stenberg [Mon, 31 Aug 2015 21:17:53 +0000 (23:17 +0200)]
RELEASE-NOTES: synced with
c764cb4add1a8
Daniel Stenberg [Mon, 31 Aug 2015 14:03:53 +0000 (16:03 +0200)]
man-pages: more SEE ALSO links
Daniel Stenberg [Mon, 31 Aug 2015 13:27:58 +0000 (15:27 +0200)]
opts: more CURLINFO_* options as stand-alone man pages
Steve Holme [Mon, 31 Aug 2015 10:49:31 +0000 (11:49 +0100)]
sasl: Only define Curl_sasl_digest_get_pair() when CRYPTO_AUTH enabled
Introduced in commit
59f3f92ba6 this function is only implemented when
CURL_DISABLE_CRYPTO_AUTH is not defined. As such we shouldn't define
the function in the header file either.
Steve Holme [Mon, 31 Aug 2015 10:45:47 +0000 (11:45 +0100)]
sasl: Updated SPN variables and comments for consistency
In places the "host name" and "realm" variable was referred to as
"instance" whilst in others it was referred to as "host".
Daniel Stenberg [Sun, 30 Aug 2015 21:20:31 +0000 (23:20 +0200)]
configure: check for HMAC_Update in openssl
Turns out HMAC_Init is now deprecated in openssl master (and I spelled
HMAC_Init_ex wrong in previous commit)
Steve Holme [Sun, 30 Aug 2015 19:50:52 +0000 (20:50 +0100)]
win32: Use DES_set_odd_parity() from OpenSSL/BoringSSL by default
Set HAVE_DES_SET_ODD_PARITY when using OpenSSL/BoringSSL as native
Windows builds don't use the autoconf tools.
Steve Holme [Sun, 30 Aug 2015 19:45:30 +0000 (20:45 +0100)]
des: Fixed compilation warning from commit
613e5022fe
curl_ntlm_core.c:150: warning 'Curl_des_set_odd_parity' undefined;
assuming extern returning int
Steve Holme [Sun, 30 Aug 2015 14:09:43 +0000 (15:09 +0100)]
buildconf.bat: Fixed double blank line in 'curl manual' warning output
Steve Holme [Sun, 30 Aug 2015 10:51:55 +0000 (11:51 +0100)]
makefiles: Added our standard copyright header
But kept the original author, when they were specified in a comment, as
the initial copyright holder.
Jay Satiro [Sun, 30 Aug 2015 03:23:58 +0000 (23:23 -0400)]
CURLOPT_FILETIME.3: CURLINFO_FILETIME has its own manpage now
Daniel Stenberg [Sat, 29 Aug 2015 11:55:00 +0000 (13:55 +0200)]
CURLINFO_RESPONSE_CODE.3: added short description
Daniel Stenberg [Fri, 28 Aug 2015 20:58:00 +0000 (22:58 +0200)]
opts: 7 initial CURLINFO_* options as stand-alone man pages
Nikolai Kondrashov [Fri, 28 Aug 2015 16:53:41 +0000 (19:53 +0300)]
libcurl.m4: Put braces around empty if body
Put braces around empty "if" body in libcurl.m4 check to avoid warning:
suggest braces around empty body in an 'if' statement
and make it work with -Werror builds.
Closes #402
Svyatoslav Mishyn [Tue, 25 Aug 2015 05:31:02 +0000 (08:31 +0300)]
curl_easy_escape.3: escape '\n'
Closes #398
Svyatoslav Mishyn [Tue, 25 Aug 2015 03:49:01 +0000 (06:49 +0300)]
curl_easy_{escape,setopt}.3: fix example
remove redundant '}'
Sergei Nikulov [Tue, 25 Aug 2015 11:56:55 +0000 (14:56 +0300)]
cmake: added Windows SSL support
Closes #399
Daniel Stenberg [Tue, 25 Aug 2015 07:20:56 +0000 (09:20 +0200)]
curl: point out the conflicting HTTP methods if used
It isn't always clear to the user which options that cause the HTTP
methods to conflict so by spelling them out it should hopefully be
easier to understand why curl complains.
Daniel Stenberg [Mon, 24 Aug 2015 22:04:03 +0000 (00:04 +0200)]
curl: clarify that users can only specify one _METHOD_
Svyatoslav Mishyn [Sun, 23 Aug 2015 11:43:04 +0000 (14:43 +0300)]
curl_easy_{escape,unescape}.3: "char *" vs. "const char *"
Closes #395
Patrick Monnerat [Mon, 24 Aug 2015 12:20:34 +0000 (14:20 +0200)]
os400: include new options in wrappers and update ILE/RPG binding.
Daniel Stenberg [Mon, 24 Aug 2015 10:56:20 +0000 (12:56 +0200)]
KNOWN_BUGS: #2, not reading a HEAD response-body is not a bug
... since HTTP is forbidden to return any such.
Daniel Stenberg [Mon, 24 Aug 2015 10:53:38 +0000 (12:53 +0200)]
KNOWN_BUGS: #78 zero-length files is already fixed!
Razvan Cojocaru [Fri, 21 Aug 2015 08:29:05 +0000 (10:29 +0200)]
getinfo: added CURLINFO_ACTIVESOCKET
This patch addresses known bug #76, where on 64-bit Windows SOCKET is 64
bits wide, but long is only 32, making CURLINFO_LASTSOCKET unreliable.
Signed-off-by: Razvan Cojocaru <rcojocaru@bitdefender.com>
Daniel Stenberg [Mon, 24 Aug 2015 09:31:45 +0000 (11:31 +0200)]
http2: remove dead code
Leftovers from when we removed the private socket hash.
Coverity CID
1317365 , "Logically dead code"
Daniel Stenberg [Mon, 24 Aug 2015 09:29:22 +0000 (11:29 +0200)]
ntlm: mark deliberate switch case fall-through
Coverity CID
1317367 , "Missing break in switch"
Daniel Stenberg [Mon, 24 Aug 2015 09:26:30 +0000 (11:26 +0200)]
http2: on_frame_recv: get a proper 'conn' for the debug logging
"Explicit null dereferenced (FORWARD_NULL)"
Coverity CID
1317366
Daniel Stenberg [Sun, 23 Aug 2015 22:21:08 +0000 (00:21 +0200)]
RELEASE-NOTES: synced with
2acaf3c804
Dan Fandrich [Sun, 23 Aug 2015 18:57:17 +0000 (20:57 +0200)]
tool: fix memory leak with --proto-default option
Nathaniel Waisbrot [Sun, 23 Aug 2015 01:49:26 +0000 (21:49 -0400)]
CURLOPT_DEFAULT_PROTOCOL: added
- Add new option CURLOPT_DEFAULT_PROTOCOL to allow specifying a default
protocol for schemeless URLs.
- Add new tool option --proto-default to expose
CURLOPT_DEFAULT_PROTOCOL.
In the case of schemeless URLs libcurl will behave in this way:
When the option is used libcurl will use the supplied default.
When the option is not used, libcurl will follow its usual plan of
guessing from the hostname and falling back to 'http'.
Jay Satiro [Sun, 23 Aug 2015 01:19:34 +0000 (21:19 -0400)]
runtests: Allow for spaces in server-verify curl custom path
Daniel Stenberg [Sat, 22 Aug 2015 21:56:55 +0000 (23:56 +0200)]
NTLM: recent boringssl brought DES_set_odd_parity back
... so improve the #ifdefs for using our local implementation.
Daniel Stenberg [Fri, 21 Aug 2015 22:05:03 +0000 (00:05 +0200)]
configure: detect latest boringssl
Since boringssl brought back DES_set_odd_parity again, it cannot be used
to differentiate from boringssl. Using the OPENSSL_IS_BORINGSSL define
seems better anyway.
URL: https://android.googlesource.com/platform/external/curl/+/
f551028d5caab29d4b4a4ae8c159c76c3cfd4887 %5E!/
Original-patch-by: Bertrand Simonnet
Closes #393
Daniel Stenberg [Fri, 21 Aug 2015 21:58:24 +0000 (23:58 +0200)]
configure: change functions to detect openssl (clones)
... since boringssl moved the former ones and the check started to fail.
URL: https://android.googlesource.com/platform/external/curl/+/
f551028d5caab29d4b4a4ae8c159c76c3cfd4887 %5E!/
Original-patch-by: Bertrand Simonnet
Alessandro Ghedini [Fri, 21 Aug 2015 12:50:45 +0000 (14:50 +0200)]
openssl: handle lack of server cert when strict checking disabled
If strict certificate checking is disabled (CURLOPT_SSL_VERIFYPEER
and CURLOPT_SSL_VERIFYHOST are disabled) do not fail if the server
doesn't present a certificate at all.
Closes #392
Daniel Stenberg [Fri, 21 Aug 2015 11:30:08 +0000 (13:30 +0200)]
ftp: clear the do_more bit when the server has connected
The multi state machine would otherwise go into the DO_MORE state after
DO, even for the case when the FTP state machine had already performed
those duties, which caused libcurl to get stuck in that state and fail
miserably. This occured for for active ftp uploads.
Reported-by: Patricia Muscalu
Jactry Zeng [Fri, 21 Aug 2015 04:10:59 +0000 (12:10 +0800)]
travis.yml: Add OS X testbot.
Rémy Léone [Mon, 17 Aug 2015 16:08:55 +0000 (18:08 +0200)]
travis: Upgrading to container based build
http://docs.travis-ci.com/user/migrating-from-legacy
Closes #388
Daniel Stenberg [Thu, 20 Aug 2015 21:12:21 +0000 (23:12 +0200)]
RELEASE-NOTES: synced with
14ff86256b13e
Erik Janssen [Thu, 20 Aug 2015 21:07:03 +0000 (23:07 +0200)]
rtsp: stop reading empty DESCRIBE responses
Based-on-patch-by: Jim Hollinger
Erik Janssen [Thu, 20 Aug 2015 21:02:28 +0000 (23:02 +0200)]
rtsp: support basic/digest authentication