Skip to content
Snippets Groups Projects
This project is mirrored from https://gitlab.com/gitlab-org/build/omnibus-mirror/curl.git. Pull mirroring failed .
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer or owner.
Last successful update .
  1. Nov 07, 2018
  2. Nov 06, 2018
    • Daniel Stenberg's avatar
      url: a short host name + port is not a scheme · 9df8dc10
      Daniel Stenberg authored
      The function identifying a leading "scheme" part of the URL considered a
      few letters ending with a colon to be a scheme, making something like
      "short:80" to become an unknown scheme instead of a short host name and
      a port number.
      
      Extended test 1560 to verify.
      
      Also fixed test203 to use file_pwd to make it get the correct path on
      windows. Removed test 2070 since it was a duplicate of 203.
      
      Assisted-by: Marcel Raad
      Reported-by: Hagai Auro
      Fixes #3220
      Fixes #3233
      Closes #3223
      Closes #3235
      9df8dc10
  3. Nov 03, 2018
    • Daniel Gustafsson's avatar
      infof: clearly indicate truncation · c37b66aa
      Daniel Gustafsson authored
      
      The internal buffer in infof() is limited to 2048 bytes of payload plus
      an additional byte for NULL termination. Servers with very long error
      messages can however cause truncation of the string, which currently
      isn't very clear, and leads to badly formatted output.
      
      This appends a "...\n" (or just "..." in case the format didn't with a
      newline char) marker to the end of the string to clearly show
      that it has been truncated.
      
      Also include a unittest covering infof() to try and catch any bugs
      introduced in this quite important function.
      
      Closes #3216
      Reviewed-by: default avatarDaniel Stenberg <daniel@haxx.se>
      Reviewed-by: default avatarMarcel Raad <Marcel.Raad@teamviewer.com>
      c37b66aa
  4. Nov 02, 2018
  5. Oct 30, 2018
  6. Oct 27, 2018
  7. Sep 08, 2018
    • Daniel Stenberg's avatar
      URL-API · fb30ac5a
      Daniel Stenberg authored
      See header file and man pages for API. All documented API details work
      and are tested in the 1560 test case.
      
      Closes #2842
      fb30ac5a
  8. Sep 06, 2018
  9. Sep 05, 2018
  10. Aug 15, 2018
  11. Aug 14, 2018
  12. Aug 13, 2018
    • Daniel Stenberg's avatar
      http: fix for tiny "HTTP/0.9" response · 8440616f
      Daniel Stenberg authored
      Deal with tiny "HTTP/0.9" (header-less) responses by checking the
      status-line early, even before a full "HTTP/" is received to allow
      detecting 0.9 properly.
      
      Test 1266 and 1267 added to verify.
      
      Fixes #2420
      Closes #2872
      8440616f
  13. Aug 11, 2018
  14. Jul 28, 2018
  15. Jun 23, 2018
  16. Jun 16, 2018
    • Daniel Stenberg's avatar
      multi: fix memory leak when stopped during name resolve · ac9a179f
      Daniel Stenberg authored
      When the application just started the transfer and then stops it while
      the name resolve in the background thread hasn't completed, we need to
      wait for the resolve to complete and then cleanup data accordingly.
      
      Enabled test 1553 again and added test 1590 to also check when the host
      name resolves successfully.
      
      Detected by OSS-fuzz.
      Closes #1968
      ac9a179f
  17. Jun 01, 2018
  18. May 31, 2018
  19. May 24, 2018
  20. May 22, 2018
  21. May 12, 2018
    • Patrick Monnerat's avatar
      cookies: do not take cookie name as a parameter · 1b55d270
      Patrick Monnerat authored
      RFC 6265 section 4.2.1 does not set restrictions on cookie names.
      This is a follow-up to commit 7f7fcd0d.
      Also explicitly check proper syntax of cookie name/value pair.
      
      New test 1155 checks that cookie names are not reserved words.
      
      Reported-By: anshnd at github
      Fixes #2564
      Closes #2566
      1b55d270
  22. Apr 18, 2018
    • Dan McNulty's avatar
      schannel: add support for CURLOPT_CAINFO · 89963002
      Dan McNulty authored
      - Move verify_certificate functionality in schannel.c into a new
        file called schannel_verify.c. Additionally, some structure defintions
        from schannel.c have been moved to schannel.h to allow them to be
        used in schannel_verify.c.
      
      - Make verify_certificate functionality for Schannel available on
        all versions of Windows instead of just Windows CE. verify_certificate
        will be invoked on Windows CE or when the user specifies
        CURLOPT_CAINFO and CURLOPT_SSL_VERIFYPEER.
      
      - In verify_certificate, create a custom certificate chain engine that
        exclusively trusts the certificate store backed by the CURLOPT_CAINFO
        file.
      
      - doc updates of --cacert/CAINFO support for schannel
      
      - Use CERT_NAME_SEARCH_ALL_NAMES_FLAG when invoking CertGetNameString
        when available. This implements a TODO in schannel.c to improve
        handling of multiple SANs in a certificate. In particular, all SANs
        will now be searched instead of just the first name.
      
      - Update tool_operate.c to not search for the curl-ca-bundle.crt file
        when using Schannel to maintain backward compatibility. Previously,
        any curl-ca-bundle.crt file found in that search would have been
        ignored by Schannel. But, with CAINFO support, the file found by
        that search would have been used as the certificate store and
        could cause issues for any users that have curl-ca-bundle.crt in
        the search path.
      
      - Update url.c to not set the build time CURL_CA_BUNDLE if the selected
        SSL backend is Schannel. We allow setting CA location for schannel
        only when explicitly specified by the user via CURLOPT_CAINFO /
        --cacert.
      
      - Add new test cases 3000 and 3001. These test cases check that the first
        and last SAN, respectively, matches the connection hostname. New test
        certificates have been added for these cases. For 3000, the certificate
        prefix is Server-localhost-firstSAN and for 3001, the certificate
        prefix is Server-localhost-secondSAN.
      
      - Remove TODO 15.2 (Add support for custom server certificate
        validation), this commit addresses it.
      
      Closes https://github.com/curl/curl/pull/1325
      89963002
  23. Mar 17, 2018
    • Rick Deist's avatar
      resolve: add CURLOPT_DNS_SHUFFLE_ADDRESSES · d95f3dc0
      Rick Deist authored
      This patch adds CURLOPT_DNS_SHUFFLE_ADDRESSES to explicitly request
      shuffling of IP addresses returned for a hostname when there is more
      than one. This is useful when the application knows that a round robin
      approach is appropriate and is willing to accept the consequences of
      potentially discarding some preference order returned by the system's
      implementation.
      
      Closes #1694
      d95f3dc0
    • Lawrence Matthews's avatar
      CURLOPT_HAPROXYPROTOCOL: support the HAProxy PROXY protocol · 6baeb6df
      Lawrence Matthews authored
      Add --haproxy-protocol for the command line tool
      
      Closes #2162
      6baeb6df
  24. Mar 15, 2018
  25. Mar 12, 2018
  26. Mar 11, 2018
  27. Mar 04, 2018
  28. Feb 22, 2018
    • Francisco Sedano's avatar
      url: Add option CURLOPT_RESOLVER_START_FUNCTION · 23713645
      Francisco Sedano authored
      - Add new option CURLOPT_RESOLVER_START_FUNCTION to set a callback that
        will be called every time before a new resolve request is started
        (ie before a host is resolved) with a pointer to backend-specific
        resolver data. Currently this is only useful for ares.
      
      - Add new option CURLOPT_RESOLVER_START_DATA to set a user pointer to
        pass to the resolver start callback.
      
      Closes https://github.com/curl/curl/pull/2311
      23713645
  29. Feb 20, 2018
  30. Feb 16, 2018
  31. Feb 15, 2018
  32. Feb 13, 2018
    • Patrick Monnerat's avatar
      tests: new tests for http raw mode · e551910f
      Patrick Monnerat authored
      Test 319 checks proper raw mode data with non-chunked gzip
      transfer-encoded server data.
      Test 326 checks raw mode with chunked server data.
      
      Bug: #2303
      Closes #2308
      e551910f
  33. Feb 12, 2018
    • Patrick Monnerat's avatar
      smtp: fix processing of initial dot in data · 62cf2d18
      Patrick Monnerat authored
      RFC 5321 4.1.1.4 specifies the CRLF terminating the DATA command
      should be taken into account when chasing the <CRLF>.<CRLF> end marker.
      Thus a leading dot character in data is also subject to escaping.
      
      Tests 911 and test server are adapted to this situation.
      New tests 951 and 952 check proper handling of initial dot in data.
      
      Closes #2304
      62cf2d18
  34. Jan 23, 2018
  35. Jan 22, 2018
  36. Jan 14, 2018
    • Patrick Monnerat's avatar
      mime: clone mime tree upon easy handle duplication. · e44ddfd4
      Patrick Monnerat authored
      A mime tree attached to an easy handle using CURLOPT_MIMEPOST is
      strongly bound to the handle: there is a pointer to the easy handle in
      each item of the mime tree and following the parent pointer list
      of mime items ends in a dummy part stored within the handle.
      
      Because of this binding, a mime tree cannot be shared between different
      easy handles, thus it needs to be cloned upon easy handle duplication.
      
      There is no way for the caller to get the duplicated mime tree
      handle: it is then set to be automatically destroyed upon freeing the
      new easy handle.
      
      New test 654 checks proper mime structure duplication/release.
      
      Add a warning note in curl_mime_data_cb() documentation about sharing
      user data between duplicated handles.
      
      Closes #2235
      e44ddfd4