This project is mirrored from https://gitlab.com/gitlab-org/build/omnibus-mirror/curl.git.
Pull mirroring failed .
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer or owner.
Last successful update .
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer or owner.
Last successful update .
- Feb 04, 2025
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
Made the netrc parser return a more consistent set of error codes and error messages, and also return error properly if the .netrc file is missing. Add test 697 to verify error on missing netrc file. Fixes #16163 Reported-by: arlt on github
-
Daniel Stenberg authored
Closes #16158
-
- Feb 03, 2025
-
-
Viktor Szakats authored
We don't pursue this, and the necessary `#pragma` got in the way of compiling curl with gcc 4.2 and older. Drop the logic completely. Follow-up to 8a266ac4 #15939 Reported-by: prpr19xx on Github Fixes #16152 Closes #16157
-
Daniel Stenberg authored
-
Edoardo Lolletti authored
Those 2 symbols were available since the first 7.1.1 release Closes #16141
-
Stefan Eissing authored
For ASN.1 tags with indefinite length, curl's own parser for TLS backends that do not support certificate inspection calls itself recursively. A malicious server certificate can then lead to high recursion level exhausting the stack space. This PR limits the recursion level to 16 which should be safe on all architectures. Added unit test 1657 to verify behaviour. Fixes #16135 Reported-by: z2_ Closes #16137
-
Calvin Ruocco authored
Closes #16118
-
mauke authored
The condition `!$cmdtype eq "perl"` (introduced in a4765b05) is always false. It checks whether a logical negation (giving true/false) is equal to the string `"perl"`. This is impossible, so the logging never worked. The intent was probably to negate the result of the string comparison:`!($cmdtype eq "perl")` or simply `$cmdtype ne "perl"`. Fixes #16128 Reported-by: Igor Todorovski Closes #16129
-
Dan Fandrich authored
While this is useful on CI to highlight issues in the scripts, it's a recipe for pain when enabled on users' builds. Suggested-by: Leon Timmermans Ref: #16128
-
Viktor Szakats authored
- replace deprecated `ares_init()` call with `ares_init_options()`. Follow-up to 0d4fdbf1 #16054 - dedupe `CARES_STATICLIB` initalizations into `curl_setup.h`, to ensure it's defined before the first (and every) `ares.h` include and avoid a potential confusion. - move `CARES_NO_DEPRECATED` from build level to `curl_setup.h`. To work regardless of build system. It is necessary because curl calls `ares_getsock()` from two places, of which one feeds a chain of wrappers: `Curl_ares_getsock()`, `Curl_resolver_getsock()`, `Curl_resolv_getsock()`. Closes #16131
-
- Jan 30, 2025
-
-
Viktor Szakats authored
-
Viktor Szakats authored
- drop `--quiet 2` option where used, to have uniform output. - replace `apt` with `apt-get` in one job. sync options with rest. - replace deprecated `apt-key` command with the alternative recommended by `apt-key(8)`. - drop stray `cd /tmp`, no longer needed after migrating to GHA. - shorten `--option Dpkg::Use-Pty=0` to `-o Dpkg::Use-Pty=0`. - add `-o Dpkg::Use-Pty=0` to hide `apt-get` progress bars taking vertical log space, where missing. - drop `-y --no-install-suggests --no-install-recommends` `apt-get` options. They are the default in the ubuntu-24.04 image. - GHA/distcheck: move `name:` to top in steps where not there. - scripts/cijobs.pl: catch `apt-get` lines with the `-o` option. Closes #16127
-
- Jan 29, 2025
-
-
Michael Schuster authored
Closes #16044
-
- Jan 28, 2025
-
-
Dan Fandrich authored
The socket was closed while the handle was still in use, so curl_easy_cleanup ended up setting nonblocking mode on a closed handle. Closes #16123
-
Viktor Szakats authored
To match existing warnings for Secure Transport and BearSSL. OpenSSL 1.1.1 or upper are offering TLS 1.3 support. Ref: https://wiki.openssl.org/index.php/TLS1.3 Closes #16120
-
Daniel Stenberg authored
Ref: #16118 Closes #16121
-
Viktor Szakats authored
-
Stefan Eissing authored
When parallel connects are attempted, the second one is started on a delay. Start it right away when the first one failed. Closes #16114
-
Viktor Szakats authored
Range matches are not supported with `+`: https://git-scm.com/docs/gitignore Also sync `.gitignore` file lists with source files and alphasort them. Follow-up to 5c31c2e6 #16093 Reported-by: Stefan Eissing Fixes #16112 Fixes #16115 Closes #16116
-
Stefan Eissing authored
When a QUIC connection using ngtcp2 failed immediately, the TLS instances were not always released. Closes #16113
-
Martin Harrigan authored
Closes #16110
-
Viktor Szakats authored
`lib/vtls/wolfssl.c` enforces it via a hard #error. Cherry-picked from #16104
-
Viktor Szakats authored
Before this patch this macro was used in `vtls/openssl.h` without setting it first, causing the `keylog_done` member be present in struct `ossl_ctx` while the code did not use it. Follow-up to 32101010 #13172 Closes #16105
-
Viktor Szakats authored
Follow-up to c31041b1 #13904 Closes #16103
-
Daniel Stenberg authored
Reported-by: Harry Sintonen Closes #16109
-
Andrew Kaster authored
RFC 6455 Section 5.2 notes that for bits RSV1, RSV2, and RSV3 of the framing header, a non-zero value that is not defined by a negotiated extension MUST Fail the WebSocket connection. Test 2310 verifies Closes #16069
-
Jay Satiro authored
- Use build-time CURL_DEFAULT_SSL_BACKEND as a fallback when environment variable CURL_SSL_BACKEND contains a backend that is unavailable. Prior to this change if CURL_SSL_BACKEND was set then CURL_DEFAULT_SSL_BACKEND was ignored even if the backend of the former was unavailable. In that case libcurl would instead select the first available backend in the list of backends. Bug: https://github.com/curl/curl/issues/16076#issuecomment-2617354254 Reported-by: Jeroen Ooms Closes https://github.com/curl/curl/pull/16108
-
Jay Satiro authored
- Detach and disconnect an attached connection before performing. Prior to this change it was not possible to safely reuse an easy handle with an attached connection in a second call to curl_easy_perform. The only known case of this is a connect-only type handle where the connection was detached when curl_easy_perform returned, only to be reattached by either curl_easy_send/recv. This commit effectively reverts 2f8ecd5d and be82a360, the latter of which treated the reuse as an error. Prior to that change undefined behavior may occur in such a case. Bug: https://curl.se/mail/lib-2025-01/0044.html Reported-by: Aleksander Mazur Closes https://github.com/curl/curl/pull/16008
-
Dexter Gerig authored
Closes #16107
-
Dexter Gerig authored
Store the received data correctly. Closes #16107
-
- Jan 27, 2025
-
-
Viktor Szakats authored
Follow-up to 71cf0d1f #14772
-
Viktor Szakats authored
Necessary to catch rare cases when `checksrc` hits these files when they are not populated yet: ``` ./curltool_unity.c:1:1: error: Missing copyright statement (COPYRIGHT) ^ ``` https://github.com/curl/curl/actions/runs/12995546740/job/36242556713?pr=16094#step:37:123 Follow-up to 71cf0d1f #14772 Closes #16102
-
Viktor Szakats authored
Also fix indentation/formatting around similar pragmas. Closes #16101
-
Viktor Szakats authored
It had shorthand aliases to launch `./configure` and `./configure --with-openssl`. The former hasn't worked for a long while because of missing TLS. Its `ca-bundle` and `ca-firefox` targets have been broken for 2.5 years till recently. These targets also exist in `./configure` and have been working all along. Also: - cmake: add support `curl-ca-bundle` and `curl-ca-firefox` targets. - tests/testcurl.pl: drop obsolete build logic. Closes #16094
-
Viktor Szakats authored
- `.gitignore`: delete, dedupe and move rules upwards. Ref: 6389ba87 #13311 - `.gitignore`: fix generated test sources. Follow-up to 71cf0d1f #14772 - `.gitignore`: replace exe listings with a wildcard. - lib: move `setup-*.h` from `EXTRA_DIST` to `CURL_HFILES`. - `makedebug.bat`: uppercase an argument to match docs. - GHA/non-native: delete stray env. Follow-up to 12a6de2f #16043 - sort source lists. Closes #16093
-
Daniel Stenberg authored
Problems that only trigger using *legacy* dependencies are not considered security problems. Closes #16086
-
Daniel Stenberg authored
By better sticking to listing the struct members sorted by size, this struct is now 48 bytes smaller on my fairly maximized build, without removing anything. Turned 'connect_only' into two bits instead of an unsigned char with two magic values. Also put the 'gssapi_delegation' field within ifdef HAVE_GSSAPI. Closes #16097
-