Daniel Stenberg [Tue, 20 Mar 2018 14:15:14 +0000 (15:15 +0100)]
vauth/cleartext: fix integer overflow check
Make the integer overflow check not rely on the undefined behavior that
a size_t wraps around on overflow.
Detected by lgtm.com
Closes #2408
Backported patch details:-
Link: https://github.com/curl/curl/commit/c1366571b609407cf0d4d9f4a2769d29e1313151.patch
Change-Id: Ib0c92fac4733910c2060e4af105060fe98b396ca
Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
Seonah Moon [Fri, 14 Sep 2018 02:10:38 +0000 (11:10 +0900)]
Enable ipv6 for TV profile
Change-Id: Ie275eadb0f141f23b06268bd07b9c99dca0511df
Seonah Moon [Mon, 2 Jul 2018 05:04:50 +0000 (14:04 +0900)]
pingpong: fix response cache memcpy overflow
Response data for a handle with a large buffer might be cached and then
used with the "closure" handle when it has a smaller buffer and then the
larger cache will be copied and overflow the new smaller heap based
buffer.
Reported-by: Dario Weisser
CVE: CVE-2018-1000300
Bug: https://curl.haxx.se/docs/adv_2018-82c2.htm
Change-Id: I02d35b9494356aaec1ca1f8eab0353a58c849e11
Seonah Moon [Mon, 2 Jul 2018 04:54:24 +0000 (13:54 +0900)]
... leaving the k->str could lead to buffer over-reads later on.
CVE: CVE-2018-1000301
Assisted-by: Max Dymond
Detected by OSS-Fuzz.
Bug: https://curl.haxx.se/docs/adv_2018-b138.html
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7105
Change-Id: I0bd3b891aef2bf08fdb485d135e695c2eeab86a7
chleun.moon [Fri, 27 Apr 2018 02:54:50 +0000 (11:54 +0900)]
Modify macro for tv profile
Change-Id: Idb324c07ce007d1949f790c75cf703ff269e342f
Signed-off-by: Cheoleun Moon <chleun.moon@samsung.com>
Seonah Moon [Wed, 18 Apr 2018 07:52:58 +0000 (16:52 +0900)]
Apply DLP feature
Change-Id: I5d53e6655bb57364d5008a1beab388b7ba53be66
Seonah Moon [Wed, 16 Aug 2017 09:21:40 +0000 (18:21 +0900)]
Use icu library for IDN feature
Change-Id: I13eaf3ca85d8b516dbc091acae9646e705a75f5e
Seonah Moon [Thu, 12 Apr 2018 07:48:50 +0000 (16:48 +0900)]
Update version to 7.59.0
Change-Id: Icc20991f769dcde22844d141a47ccba887002b52
Seonah Moon [Thu, 12 Apr 2018 07:25:13 +0000 (16:25 +0900)]
Imported Upstream version 7.59.0
Change-Id: I06221d49da39082f95030ab57617a1e23fbda58b
Seonah Moon [Thu, 25 Jan 2018 05:47:22 +0000 (14:47 +0900)]
Disable the IDN feature temporary
This feature will be enabled after resolving build dependency issue
Change-Id: I6b7d8292015adbe5b488210176cf19c085b0aaf1
taesub kim [Wed, 24 Jan 2018 04:54:47 +0000 (04:54 +0000)]
Merge "Use icu library for IDN feature" into tizen
taesub kim [Wed, 24 Jan 2018 04:48:31 +0000 (04:48 +0000)]
Merge "Use icu library for IDN feature" into tizen
Seonah Moon [Wed, 16 Aug 2017 09:21:40 +0000 (18:21 +0900)]
Use icu library for IDN feature
Change-Id: Ie0cae521c7eacfcd788a32b90adc20ba19ec66da
Abhishek Sansanwal [Mon, 22 Jan 2018 09:27:02 +0000 (14:57 +0530)]
Added hardening compiler flags in the spec file.
Description: Enabled stack protector, relro, PIE,
fortify source and other flags
Change-Id: I2e569da65cec7120f8ed250a06808f5efb408eb9
Signed-off-by: Abhishek Sansanwal <abhishek.s94@samsung.com>
tizen [Wed, 1 Nov 2017 18:08:44 +0000 (16:08 -0200)]
Fix dlclose issue when calling DLP feature
Change-Id: Id84c9f70c250b3798b4c2b730a45f817b5341c2a
Signed-off-by: tizen <s.moraes@samsung.com>
jungkon.kim [Thu, 19 Oct 2017 09:36:59 +0000 (18:36 +0900)]
fix the handle_leak (Svace 302948 and 302613)
Change-Id: Id67c2f7b034ead0a74db4b652a4065dac8e8b4d9
tizen [Wed, 18 Oct 2017 17:08:53 +0000 (15:08 -0200)]
Adding integration with DLP feature from privacy-guard
Change-Id: I2959feebaecfc6acbd87ab483a4f017d48b65de1
Signed-off-by: tizen <s.moraes@samsung.com>
taesub kim [Tue, 17 Oct 2017 05:59:17 +0000 (05:59 +0000)]
Revert "Integration w/ DLP feature from privacy-guard"
This reverts commit
a6b689d7dfbfaab9138d32e148b08bf51b175703.
Change-Id: I7d32406cd7f4368e8ee60e3ad8b068c3d2d86c84
Saulo Moraes [Tue, 12 Sep 2017 21:08:31 +0000 (18:08 -0300)]
Integration w/ DLP feature from privacy-guard
Change-Id: I5ccf039d400dfd5ba0d7bcab7e75bc82aef5b6e8
Seonah Moon [Wed, 16 Aug 2017 09:21:40 +0000 (18:21 +0900)]
Use icu library for IDN feature
Change-Id: I4c00d1921e5ee15f3572af5e5a060049e7815a14
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Wed, 9 Aug 2017 08:19:56 +0000 (17:19 +0900)]
Apply ASLR to curl command tool
Change-Id: Iffcece4c6629c0521545a1e841fe1858687befad
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Tue, 1 Aug 2017 06:57:10 +0000 (15:57 +0900)]
Fixed build error
Change-Id: Ib87d1e5101f430bfdde69d8f1afaddbfefc6c61b
Seonah Moon [Fri, 21 Jul 2017 07:24:55 +0000 (16:24 +0900)]
Remove unnecessary configure file
Change-Id: I84ad19bc5aa63967edc68c7797d524823a962b23
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Fri, 21 Jul 2017 06:54:13 +0000 (15:54 +0900)]
Add glib2 dependency to support IDN
Change-Id: Ie330340da408b1cf57fca5c30c0f7dac88d85eb7
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Daniel Stenberg [Tue, 6 Jun 2017 22:21:04 +0000 (00:21 +0200)]
[CVE-2017-9502] url: fix buffer overwrite with file protocol
https://github.com/curl/curl/issues/1540
Change-Id: Ic0c511886a16d0655e416882ee9719d1ac120be6
Jay Satiro [Wed, 22 Mar 2017 05:59:49 +0000 (01:59 -0400)]
[CVE-2017-7468] TLS: Fix switching off SSL session id when client cert is used
- Move the sessionid flag to ssl_primary_config so that ssl and
proxy_ssl will each have their own sessionid flag.
Regression since HTTPS-Proxy support was added in cb4e2be. Prior to that
this issue had been fixed in 247d890, CVE-2016-5419.
https://github.com/curl/curl/issues/1341
Change-Id: I3e6e176dafc6e6f103e5d9c077835f620783a3b1
Seonah Moon [Mon, 19 Jun 2017 01:15:46 +0000 (10:15 +0900)]
[CVE-2017-7407] --write-out out of buffer read
https://curl.haxx.se/docs/adv_20170403.html
Change-Id: I3cc866289e8929b52d31914f2f3164e18a2e1b5d
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
taesub kim [Fri, 9 Jun 2017 01:40:59 +0000 (01:40 +0000)]
Revert "Add dependency of nghttp2-devel"
This reverts commit
129a8fb222e334176769a51ab28cdc0923af4ece.
Change-Id: Icc2a618a477fec16c28256a2ea36dd8a10fe114c
Seonah Moon [Thu, 8 Jun 2017 06:15:47 +0000 (15:15 +0900)]
Add dependency of nghttp2-devel
Change-Id: Ib78ccd11318ed885fd19f3b809c1b47c94167b4f
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Tue, 28 Mar 2017 10:07:37 +0000 (19:07 +0900)]
Used %license macro
Change-Id: Ia5c38d98ea11d1e457014f7210913261a59f5b43
Seonah Moon [Thu, 23 Mar 2017 08:02:09 +0000 (17:02 +0900)]
Update version to 7.53.1
Change-Id: I1833883d4e258c60fb93020688eb7e3ff3e2eb47
taesub kim [Thu, 23 Mar 2017 07:45:32 +0000 (16:45 +0900)]
Imported Upstream version 7.53.1
Change-Id: Id0454e17b6cb083c803c5497d34964dd8fa0dbc6
taesub kim [Thu, 23 Mar 2017 07:38:33 +0000 (00:38 -0700)]
Revert "Imported Upstream version 7.53.1"
This reverts commit
e9bdad71c8277e20607fa1eaf0027d53a0dc1f37.
Change-Id: I4a4edd3ce2207a6f13162aaaf92467a7c1dffd72
taesub kim [Thu, 23 Mar 2017 07:35:59 +0000 (00:35 -0700)]
Revert "Changed the path of license by using '%license' macro"
This reverts commit
3487493aece049d88444f96dee3a2d3f4fdfbb9c.
Change-Id: I1e29fb50e16c45d649779de96404adbc184f1f5e
Seonah Moon [Wed, 22 Mar 2017 05:43:30 +0000 (14:43 +0900)]
Changed the path of license by using '%license' macro
Change-Id: I685efdeb2ab23b18d7935a95e42690d723db632c
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
taesub kim [Wed, 22 Mar 2017 05:21:38 +0000 (14:21 +0900)]
Imported Upstream version 7.53.1
Change-Id: I575eb99bf2face4938a57889412327e285116bf3
Daniel Stenberg [Tue, 7 Mar 2017 07:08:55 +0000 (08:08 +0100)]
ares: Curl_resolver_wait_resolv: clear *entry first in function
Change-Id: Ia55a6ca41ba2c75fedd114fcfb8aef8ddb968e4e
Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
Daniel Stenberg [Mon, 6 Mar 2017 21:45:10 +0000 (22:45 +0100)]
ares: better error return on timeouts
Assisted-by: Ray Satiro
Bug: https://curl.haxx.se/mail/lib-2017-03/0009.html
Change-Id: I7779aa144996b539d7a706b776cee09eebae6dcb
Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
Daniel Stenberg [Mon, 6 Mar 2017 08:21:01 +0000 (09:21 +0100)]
ares: return error at once if timed out before name resolve starts
Pointed-out-by: Ray Satiro
Bug: https://curl.haxx.se/mail/lib-2017-03/0004.html
Change-Id: I7c38e9dc6f386001692fa3b02f5bba00b59f4f45
Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
Seonah Moon [Thu, 29 Dec 2016 10:18:45 +0000 (19:18 +0900)]
[P161227-02691, P161220-01444] Force ongoing connections to close in close_all_connections()
Bug: https://curl.haxx.se/mail/lib-2016-10/0011.html
Bug: https://curl.haxx.se/mail/lib-2016-10/0059.html
Change-Id: I6e015569958cc0da3bd9b03f17d4b32d475ebd0e
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Thu, 24 Nov 2016 08:27:17 +0000 (17:27 +0900)]
Remove dependency with ca-certificates
Change-Id: Ic4b50ae08734463d9d1a37f86ec60a8f2459e818
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Tue, 22 Nov 2016 07:53:24 +0000 (16:53 +0900)]
[CVE-2016-7167] curl escape and unescape integer overflows
Change-Id: Iffbaa7823c992cd93b8961ce69e7f6ac3f903e36
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Mon, 14 Nov 2016 06:50:11 +0000 (15:50 +0900)]
Add default CA bundle
Change-Id: Icc8dd83f8ab59cb18e6d9d6a7f732c6d1ba7cfa4
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Thu, 1 Oct 2015 04:27:10 +0000 (13:27 +0900)]
Add default cipher list for TV
Change-Id: Ibe293221f37388b85aed58ec40793baac2cccd14
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Tue, 4 Oct 2016 07:35:59 +0000 (16:35 +0900)]
openssl: fix bad memory free (regression)
The allocation could be made by OpenSSL so the free must be made with OPENSSL_free() to avoid problems.
(https://github.com/curl/curl/issues/1005)
Change-Id: I07527924fe20ed859cbd5d7ade356410c64d71c7
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Fri, 23 Sep 2016 05:12:16 +0000 (14:12 +0900)]
Update to 7.50.2
Change-Id: I1c5ba709c310e2c1735c12102e48f71d3413146b
Seonah Moon [Fri, 23 Sep 2016 04:49:53 +0000 (13:49 +0900)]
Imported Upstream version 7.50.2
Change-Id: I91c6040940a21b2bebab9d6cab11d50767b7bac4
Seonah Moon [Fri, 26 Aug 2016 05:29:23 +0000 (14:29 +0900)]
Change build macro for Tizen TV
This macro is ignored on build.tizen.org
It's only for Tizen TV build system
Change-Id: I0aa69505ddcfc1973d864f260d2b5e3f2fd87a3d
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Thu, 1 Oct 2015 04:27:10 +0000 (13:27 +0900)]
Add default cipher list for TV
Change-Id: I91579c36473a9619d00990c5897831006d89670f
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Wed, 22 Jun 2016 05:43:54 +0000 (14:43 +0900)]
[CVE-2016-4802] Windows DLL hijacking
Change-Id: I52bc7cb34ac493c20588876294d59039af03cbe1
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Wed, 22 Jun 2016 05:23:07 +0000 (14:23 +0900)]
[CVE-2016-3739] TLS certificate check bypass with mbedTLS/PolarSSL
Change-Id: I76d120f5c9e696ecd402a2099b94759cc22a51e2
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Tue, 26 Apr 2016 05:52:32 +0000 (14:52 +0900)]
Merge branch 'upstream' into tizen
Upgrade version 7.48.0
Change-Id: Ibb643307cb5add844a733bb23cb6051bc0fdb100
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
taesubkim [Mon, 25 Apr 2016 01:21:23 +0000 (10:21 +0900)]
Imported Upstream version 7.48.0
Change-Id: Ibca5368d95ef0b73c945bb0df8b7ef9fc3e3bd82
Signed-off-by: Taesub Kim <taesub.kim@samsung.com>
seonah moon [Mon, 11 Apr 2016 11:05:33 +0000 (04:05 -0700)]
Revert "Imported Upstream version 7.44.0"
This reverts commit
8a08705db260779441360e959b97b6c172f8acb0.
Change-Id: Ie319aab9015869b714a03b8aa890a67ccbc9233e
seonah moon [Thu, 7 Apr 2016 06:59:58 +0000 (23:59 -0700)]
Revert "Update to 7.44.0"
This reverts commit
2bc9d6bb53df44a0c5174767de734620c2cdfd9e.
Change-Id: I831001a99b6ad80dc062c84b3877208e1b40b80a
Seonah Moon [Thu, 7 Apr 2016 04:35:45 +0000 (13:35 +0900)]
Update to 7.44.0
Change-Id: I5b1e06765d1fe3c75597ff7db9831228ea0cad05
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Seonah Moon [Thu, 7 Apr 2016 02:41:57 +0000 (11:41 +0900)]
Imported Upstream version 7.44.0
Change-Id: I04e7fac0b620653ff8c174e87039756e98c4fb02
seonah moon [Thu, 7 Apr 2016 02:31:17 +0000 (19:31 -0700)]
Revert "Imported Upstream version 7.44.0"
This reverts commit
31368b6eac8092a307849518e912b4c475c0238a.
Change-Id: I3428294b4931a00ba9684528d3ffb326f92ed4e8
Seonah Moon [Thu, 7 Apr 2016 01:07:19 +0000 (10:07 +0900)]
Imported Upstream version 7.44.0
Change-Id: Iacb2e604edff0cb8e7687289419ad1908a7a9de6
Seonah Moon [Wed, 9 Dec 2015 00:58:55 +0000 (09:58 +0900)]
Replace 'tizen_profile_name' to 'profile' for Tizen 3.0
Change-Id: I92101758608b72134f28d38fc11d01c527d2f05e
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
taesub.kim [Mon, 16 Nov 2015 10:07:08 +0000 (19:07 +0900)]
Upgrade upstream version to 7.40.0
Change-Id: I60df9f32924246f842db1056534bb707e77b431e
taesub.kim [Mon, 16 Nov 2015 08:28:24 +0000 (17:28 +0900)]
Imported Upstream version 7.40.0
Change-Id: I744943f451cb7db8f796a53f10dd6f57c297287d
taesub.kim [Mon, 16 Nov 2015 08:23:25 +0000 (17:23 +0900)]
Base code merged to SPIN 2.4
Change-Id: I345fdf6d033fc695d6f3f3ea0c55e7c8b542e348
taesub kim [Wed, 11 Nov 2015 05:34:24 +0000 (21:34 -0800)]
Revert "Update to 7.40.1"
This reverts commit
32de14ae0782822e9c54c3fbb28cdefc1f4de969.
Change-Id: I955d8a59ce444eac32b74264d98272297ac51b9b
Seonah Moon [Mon, 9 Nov 2015 06:25:57 +0000 (15:25 +0900)]
Update to 7.40.1
Change-Id: I91d61adf7c97502bbc4370c6b095bbe39aa6cb60
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
Kévin THIERRY [Thu, 30 Oct 2014 15:26:04 +0000 (16:26 +0100)]
Bump to version 7.37.1
Use upstream git instead of pristin-tar.
Also use "%__make" and "%make_install" rpm macros.
Bug-Tizen: TC-1807
Change-Id: If52b5604533d6e03826eae8ce35c01184cf208ab
Signed-off-by: Kévin THIERRY <kevin.thierry@open.eurogiciel.org>
Patrick McCarty [Wed, 4 Sep 2013 17:59:11 +0000 (10:59 -0700)]
Packaging cleanups
- Fix whitespace
- Package license for libcurl
- Fix RPM group tags
- Add the upstream URL
Change-Id: I101c1d0272da282dced66d439058d84ead13bd39
Patrick McCarty [Wed, 4 Sep 2013 17:45:38 +0000 (10:45 -0700)]
Update to 7.32.0
This update addresses the following CVEs:
- CVE-2011-2192
- CVE-2012-0036
- CVE-2013-1944
Change-Id: I58ed3c3561cbb670fb49ffc43a5e6b3be7c1a829
Alexandru Cornea [Fri, 28 Jun 2013 20:18:53 +0000 (23:18 +0300)]
resetting manifest requested domain to floor
Change-Id: Ib4fd617379bc46744c4a951b8232fabe30e7e4c1
Anas Nashif [Sat, 16 Feb 2013 06:37:24 +0000 (22:37 -0800)]
Add baselibs
Change-Id: I147e3da210e065be06ee455dd91c6d7548ed7492
Anas Nashif [Tue, 30 Oct 2012 22:51:57 +0000 (15:51 -0700)]
add packaging
Change-Id: Ia2b58e13b0000ced9c1e8c4895f0cdffb27cc877
Daniel Stenberg [Wed, 16 Jul 2014 14:29:02 +0000 (16:29 +0200)]
RELEASE-NOTES: synced with
4cb2521595
Daniel Stenberg [Tue, 15 Jul 2014 22:09:58 +0000 (00:09 +0200)]
test506: verify
aa6884845168
After the fixed cookie lock deadlock, this test now passes and it
detects double-locking and double-unlocking of mutexes.
Yousuke Kimoto [Mon, 14 Jul 2014 18:38:18 +0000 (20:38 +0200)]
cookie: avoid mutex deadlock
... by removing the extra mutex locks around th call to
Curl_flush_cookies() which takes care of the locking itself already.
Bug: http://curl.haxx.se/mail/lib-2014-02/0184.html
Daniel Stenberg [Tue, 15 Jul 2014 19:28:10 +0000 (21:28 +0200)]
gnutls: fix compiler warning
conversion to 'int' from 'long int' may alter its value
Dan Fandrich [Mon, 14 Jul 2014 23:01:39 +0000 (01:01 +0200)]
test320: strip off the actual negotiated cipher width
It's irrelevant to the test, and will change depending on which SSL
library is being used by libcurl.
Dan Fandrich [Mon, 14 Jul 2014 20:27:03 +0000 (22:27 +0200)]
gnutls: detect lack of SRP support in GnuTLS at run-time and try without
Reported-by: David Woodhouse
Michał Górny [Sun, 15 Jun 2014 10:42:30 +0000 (12:42 +0200)]
configure: respect host tool prefix for krb5-config
Use ${host_alias}-krb5-config if available. This improves cross-
compilation support and fixes multilib on Gentoo (at least).
David Woodhouse [Mon, 14 Jul 2014 18:04:55 +0000 (20:04 +0200)]
gnutls: handle IP address in cert name check
Before GnuTLS 3.3.6, the gnutls_x509_crt_check_hostname() function
didn't actually check IP addresses in SubjectAltName, even though it was
explicitly documented as doing so. So do it ourselves...
Dan Fandrich [Mon, 14 Jul 2014 08:40:33 +0000 (10:40 +0200)]
build: set _POSIX_PTHREAD_SEMANTICS on Solaris to get proper getpwuid_r
Daniel Stenberg [Mon, 14 Jul 2014 17:30:50 +0000 (19:30 +0200)]
RELEASE-NOTES: next one is called 7.37.1
Dan Fandrich [Sat, 12 Jul 2014 23:30:52 +0000 (01:30 +0200)]
gnutls: improved error message if setting cipher list fails
Reported-by: David Woodhouse
Dan Fandrich [Sat, 12 Jul 2014 22:18:40 +0000 (00:18 +0200)]
netrc: fixed thread safety problem by using getpwuid_r if available
The old way using getpwuid could cause problems in programs that enable
reading from netrc files simultaneously in multiple threads.
Reported-by: David Woodhouse
Dan Fandrich [Sat, 12 Jul 2014 21:39:22 +0000 (23:39 +0200)]
RELEASE-NOTES: add the reporter of the previous bug fix
Dan Fandrich [Sat, 12 Jul 2014 18:19:34 +0000 (20:19 +0200)]
netrc: treat failure to find home dir same as missing netrc file
This previously caused a fatal error (with a confusing error code, at
that).
Reported by: Glen A Johnson Jr.
Steve Holme [Sat, 12 Jul 2014 14:23:39 +0000 (15:23 +0100)]
RELEASE-NOTES: Synced with
aaaf9e50ec
Steve Holme [Sat, 12 Jul 2014 13:56:47 +0000 (14:56 +0100)]
ntlm_wb: Fixed buffer size not being large enough for NTLMv2 sessions
Bug: http://curl.haxx.se/mail/lib-2014-07/0103.html
Reported-by: David Woodhouse
Steve Holme [Sat, 28 Jun 2014 12:02:03 +0000 (13:02 +0100)]
build: Fixed overridden compiler PDB settings in VC7 to VC12
The curl tool project files for VC7 to VC12 would override the default
setting with the output filename being the same as the linker PDB file.
As such the compiler file would be overwritten with the linker file
for all debug builds.
To avoid this overwrite and for consistency with the libcurl project
files, removed the setting to force the default filename to be used.
Dan Fandrich [Fri, 11 Jul 2014 23:49:35 +0000 (01:49 +0200)]
tests: added globbing keyword to URL globbing tests
Dan Fandrich [Fri, 11 Jul 2014 23:39:56 +0000 (01:39 +0200)]
Fixed some "statement not reached" warnings
Dan Fandrich [Fri, 11 Jul 2014 23:31:12 +0000 (01:31 +0200)]
gnutls: fixed a couple of uninitialized variable references
Dan Fandrich [Fri, 11 Jul 2014 22:33:16 +0000 (00:33 +0200)]
gnutls: fixed compilation against versions < 2.12.0
The AES-GCM ciphers were added to GnuTLS as late as ver. 3.0.1 but
the code path in which they're referenced here is only ever used for
somewhat older GnuTLS versions. This caused undeclared identifier errors
when compiling against those.
Dan Fandrich [Fri, 11 Jul 2014 21:55:53 +0000 (23:55 +0200)]
gnutls: explicitly added SRP to the priority string
This seems to have become necessary for SRP support to work starting
with GnuTLS ver. 2.99.0. Since support for SRP was added to GnuTLS
before the function that takes this priority string, there should be no
issue with backward compatibility.
Dan Fandrich [Fri, 11 Jul 2014 21:43:13 +0000 (23:43 +0200)]
tests: adjust for capitalization differences in newer gnutls-serv
Dan Fandrich [Fri, 11 Jul 2014 21:40:01 +0000 (23:40 +0200)]
test320/1/2/4: fix the port number substitution variables
These tests have been broken since commit
1958fe57 in Oct. 2011
Dan Fandrich [Fri, 11 Jul 2014 21:33:55 +0000 (23:33 +0200)]
tests: document more test identifiers and variables
Dan Fandrich [Fri, 11 Jul 2014 21:21:31 +0000 (23:21 +0200)]
gnutls: ignore invalid certificate dates with VERIFYPEER disabled
This makes the behaviour consistent with what happens if a date can
be extracted from the certificate but is expired.
Steve Holme [Thu, 10 Jul 2014 21:30:30 +0000 (22:30 +0100)]
CURLOPT_UPLOAD: Corrected argument type
Daniel Stenberg [Thu, 10 Jul 2014 03:06:34 +0000 (22:06 -0500)]
FAQ: expand the thread-safe section
... with a mention of *NOSIGNAL, based on talk in bug #1386
Dan Fandrich [Mon, 7 Jul 2014 21:12:22 +0000 (23:12 +0200)]
url.c: Fixed memory leak on OOM
This showed itself on some systems with torture failures
in tests 1060 and 1061
projects / platform / upstream / curl.git / log