2019-05-22 10:57:58 by Leonardo Taccari | Files touched by this commit (4) | |
Log message: curl: Update to 7.65.0 pkgsrc changes: - Remove patch-configure test(1) `==' -> `=' hunk applied upstream Changes: 7.65.0 ------ This release includes the following changes: o CURLOPT_DNS_USE_GLOBAL_CACHE: removed o CURLOPT_MAXAGE_CONN: set the maximum allowed age for conn reuse o pipelining: removed This release includes the following bugfixes: o CVE-2019-5435: Integer overflows in curl_url_set o CVE-2019-5436: tftp: use the current blksize for recvfrom() o --config: clarify that initial : and = might need quoting o AppVeyor: enable testing for WinSSL build o CURLMOPT_TIMERFUNCTION.3: warn about the recursive risk o CURLOPT_ADDRESS_SCOPE: fix range check and more o CURLOPT_CAINFO.3: with Schannel, you want Windows 8 or later o CURLOPT_CHUNK_BGN_FUNCTION.3: document the struct and time value o CURLOPT_READFUNCTION.3: see also CURLOPT_UPLOAD_BUFFERSIZE o CURL_MAX_INPUT_LENGTH: largest acceptable string input size o Curl_disconnect: treat all CONNECT_ONLY connections as "dead" o INTERNALS: Add code highlighting o OS400/ccsidcurl: replace use of Curl_vsetopt o OpenSSL: Report -fips in version if OpenSSL is built with FIPS o README.md: fix no-consecutive-blank-lines Codacy warning o VC15 project: remove MinimalRebuild o VS projects: use Unicode for VC10+ o WRITEFUNCTION: add missing set_in_callback around callback o altsvc: Fix building with cookies disabled o auth: Rename the various authentication clean up functions o base64: build conditionally if there are users o build-openssl.bat: Fixed support for OpenSSL v1.1.0+ o build: fix "clarify calculation precedence" warnings o checksrc.bat: ignore snprintf warnings in docs/examples o cirrus: Customize the disabled tests per FreeBSD version o cleanup: remove FIXME and TODO comments o cmake: avoid linking executable for some tests with cmake 3.6+ o cmake: clear CMAKE_REQUIRED_LIBRARIES after each use o cmake: rename CMAKE_USE_DARWINSSL to CMAKE_USE_SECTRANSP o cmake: set SSL_BACKENDS o configure: avoid unportable `==' test(1) operator o configure: error out if OpenSSL wasn't detected when asked for o configure: fix default location for fish completions o cookie: Guard against possible NULL ptr deref o curl: make code work with protocol-disabled libcurl o curl: report error for "--no-" on non-boolean options o curl_easy_getinfo.3: fix minor formatting mistake o curlver.h: use parenthesis in CURL_VERSION_BITS macro o docs/BUG-BOUNTY: bug bounty time o docs/INSTALL: fix broken link o docs/RELEASE-PROCEDURE: link to live iCalendar o documentation: Fix several typos o doh: acknowledge CURL_DISABLE_DOH o doh: disable DOH for the cases it doesn't work o examples: remove unused variables o ftplistparser: fix LGTM alert "Empty block without comment" o hostip: acknowledge CURL_DISABLE_SHUFFLE_DNS o http: Ignore HTTP/2 prior knowledge setting for HTTP proxies o http: acknowledge CURL_DISABLE_HTTP_AUTH o http: mark bundle as not for multiuse on < HTTP/2 response o http_digest: Don't expose functions when HTTP and Crypto Auth are disabled o http_negotiate: do not treat failure of gss_init_sec_context() as fatal o http_ntlm: Corrected the name of the include guard o http_ntlm_wb: Handle auth for only a single request o http_ntlm_wb: Return the correct error on receiving an empty auth message o lib509: add missing include for strdup o lib557: initialize variables o makedebug: Fix ERRORLEVEL detection after running where.exe o mbedtls: enable use of EC keys o mime: acknowledge CURL_DISABLE_MIME o multi: improved HTTP_1_1_REQUIRED handling o netrc: acknowledge CURL_DISABLE_NETRC o nss: allow fifos and character devices for certificates o nss: provide more specific error messages on failed init o ntlm: Fix misaligned function comments for Curl_auth_ntlm_cleanup o ntlm: Support the NT response in the type-3 when OpenSSL doesn't include MD4 o openssl: mark connection for close on TLS close_notify o openvms: Remove pre-processor for SecureTransport o openvms: Remove pre-processors for Windows o parse_proxy: use the URL parser API o parsedate: disabled on CURL_DISABLE_PARSEDATE o pingpong: disable more when no pingpong protocols are enabled o polarssl_threadlock: remove conditionally unused code o progress: acknowledge CURL_DISABLE_PROGRESS_METER o proxy: acknowledge DISABLE_PROXY more o resolve: apply Happy Eyeballs philosophy to parallel c-ares queries o revert "multi: support verbose conncache closure handle" o sasl: Don't send authcid as authzid for the PLAIN mechanism as per RFC 4616 o sasl: only enable if there's a protocol enabled using it o scripts: fix typos o singleipconnect: show port in the verbose "Trying ..." message o smtp: fix compiler warning o socks5: user name and passwords must be shorter than 256 o socks: fix error message o socksd: new SOCKS 4+5 server for tests o spnego_gssapi: fix return code on gss_init_sec_context() failure o ssh-libssh: remove unused variable o ssh: define USE_SSH if SSH is enabled (any backend) o ssh: move variable declaration to where it's used o test1002: correct the name o test2100: Fix typos in test description o tests/server/util: fix Windows Unicode build o tests: Run global cleanup at end of tests o tests: make Impacket (SMB server) Python 3 compatible o tool_cb_wrt: fix bad-function-cast warning o tool_formparse: remove redundant assignment o tool_help: Warn if curl and libcurl versions do not match o tool_help: include <strings.h> for strcasecmp o transfer: fix LGTM alert "Comparison is always true" o travis: add an osx http-only build o travis: allow builds on branches named "ci" o travis: install dependencies only when needed o travis: update some builds do Xenial o travis: updated mesalink builds o url: always clone the CUROPT_CURLU handle o url: convert the zone id from a IPv6 URL to correct scope id o urlapi: add CURLUPART_ZONEID to set and get o urlapi: increase supported scheme length to 40 bytes o urlapi: require a non-zero host name length when parsing URL o urlapi: stricter CURLUPART_PORT parsing o urlapi: strip off zone id from numerical IPv6 addresses o urlapi: urlencode characters above 0x7f correctly o vauth/cleartext: update the PLAIN login to match RFC 4616 o vauth/oauth2: Fix OAUTHBEARER token generation o vauth: Fix incorrect function description for Curl_auth_user_contains_domain o vtls: fix potential ssl_buffer stack overflow o wildcard: disable from build when FTP isn't present o winbuild: Support MultiSSL builds o xattr: skip unittest on unsupported platforms |
2019-05-22 10:56:25 by Leonardo Taccari | Files touched by this commit (1) |
Log message: curl: adjust indentation (NFC) |
2019-03-31 22:41:29 by Leonardo Taccari | Files touched by this commit (5) | |
Log message: curl: Update to 7.64.1 pkgsrc changes: - No longer install MANUAL, it is no longer available - Remove patch-lib_hostcheck.c, <netinet/in.h> is already included few lines before - Take MAINTAINERSHIP Changes: 7.64.1 ====== This release includes the following changes: o alt-svc: experiemental support added [74] o configure: add --with-amissl [84] This release includes the following bugfixes: o AppVeyor: add MinGW-w64 and classic Mingw builds [55] o AppVeyor: switch VS 2015 builds to VS 2017 image [49] o CURLU: fix NULL dereference when used over proxy [73] o Curl_easy: remove req.maxfd - never used! [58] o Curl_now: figure out windows version in win32_init: [11] o Curl_resolv: fix a gcc -Werror=maybe-uninitialized warning [20] o DoH: inherit some SSL options from user's easy handle [80] o Secure Transport: no more "darwinssl" [56] o Secure Transport: tvOS 11 is required for ALPN support [94] o cirrus: Added FreeBSD builds using Cirrus CI o cleanup: make local functions static [5] o cli tool: do not use mime.h private structures [27] o cmdline-opts/proxytunnel.d: the option tunnnels all protocols [83] o configure: add additional libraries to check for LDAP support [45] o configure: remove the unused fdopen macro [40] o configure: show features as well in the final summary [15] o conncache: use conn->data to know if a transfer owns it [95] o connection: never reuse CONNECT_ONLY connections [35] o connection_check: restore original conn->data after the check [14] o connection_check: set ->data to the transfer doing the check [3] o cookie: Add support for cookie prefixes [29] o cookies: dotless names can set cookies again [81] o cookies: fix NULL dereference if flushing cookies with no CookieInfo set [47] o curl.1: --user and --proxy-user are hidden from ps output [86] o curl.1: mark the argument to --cookie as <data|filename> [87] o curl.h: use __has_declspec_attribute for shared builds [52] o curl: display --version features sorted alphabetically [51] o curl: fix FreeBSD compiler warning in the --xattr code [2] o curl: remove MANUAL from -M output [38] o curl_easy_duphandle.3: clarify that a duped handle has no shares [64] o curl_multi_remove_handle.3: use at any time, just not from within callbacks o curl_url.3: this API is not experimental anymore o dns: release sharelock as soon as possible [1] o docs: update max-redirs.d phrasing [59] o easy: fix win32 init to work without CURL_GLOBAL_WIN32 [30] o examples/10-at-a-time.c: improve readability and simplify o examples/cacertinmem.c: use multiple certificates for loading CA-chain [54] o examples/crawler: Fix the Accept-Encoding setting o examples/ephiperfifo.c: various fixes [63] o examples/externalsocket: add missing close socket calls [78] o examples/http2-download: cleaned up o examples/http2-serverpush: add some sensible error checks [31] o examples/http2-upload: cleaned up o examples/httpcustomheader: Value stored to 'res' is never read o examples/postinmemory: Potential leak of memory pointed to by 'chunk.memory' o examples/sftpuploadresume: Value stored to 'result' is never read o examples: only include <curl/curl.h> [70] o examples: remove recursive calls to curl_multi_socket_action [42] o examples: remove superfluous null-pointer checks o file: fix "Checking if unsigned variable 'readcount' is less than \ zero." [90] o fnmatch: disable if FTP is disabled [25] o gnutls: remove call to deprecated gnutls_compression_get_name [66] o gopher: remove check for path == NULL [69] o gssapi: fix deprecated header warnings [16] o hostip: make create_hostcache_id avoid alloc + free [4] o http2: multi_connchanged() moved from multi.c, only used for h2 [21] o http2: verify :athority in push promise requests [37] o http: make adding a blank header thread-safe [33] o http: send payload when (proxy) authentication is done [89] o http: set state.infilesize when sending multipart formposts [57] o makefile: make checksrc and hugefile commands "silent" [85] o mbedtls: make it build even if MBEDTLS_VERSION_C isn't set [24] o mbedtls: release sessionid resources on error [28] o memdebug: log pointer before freeing its data [91] o memdebug: make debug-specific functions use curl_dbg_ prefix [82] o mime: put the boundary buffer into the curl_mime struct [18] o multi: call multi_done on connect timeouts, fixes CURLINFO_TOTAL_TIME [43] o multi: remove verbose "Expire in" ... messages [23] o multi: removed unused code for request retries [79] o multi: support verbose conncache closure handle [72] o negotiate: fix for HTTP POST with Negotiate [88] o openssl: add support for TLS ASYNC state [46] o openssl: if cert type is ENG and no key specified, key is ENG too [93] o pretransfer: don't strlen() POSTFIELDS set for GET requests [22] o rand: Fix a mismatch between comments in source and header [32] o runtests: detect "schannel" as an alias for "winssl" [50] o schannel: be quiet - remove verbose output [19] o schannel: close TLS before removing conn from cache [10] o schannel: support CALG_ECDH_EPHEM algorithm [44] o scripts/completion.pl: also generate fish completion file [67] o singlesocket: fix the 'sincebefore' placement [36] o source: fix two 'nread' may be used uninitialized warnings [68] o ssh: fix Condition '!status' is always true [60] o ssh: loop the state machine if not done and not blocking [71] o strerror: make the strerror function use local buffers [48] o system_win32: move win32_init here from easy.c [65] o test578: make it read data from the correct test o tests: Fixed XML validation errors in some test files o tests: add stderr comparison to the test suite [26] o tests: fix multiple may be used uninitialized warnings o threaded-resolver: shutdown the resolver thread without error message [61] o tool_cb_wrt: fix writing to Windows null device NUL [96] o tool_getpass: termios.h is present on AmigaOS 3, but no tcgetattr/tcsetattr [84] o tool_operate: build on AmigaOS [84] o tool_operate: fix typecheck warning [9] o transfer.c: do not compute length of undefined hex buffer o travis: add build using gnutls [75] o travis: add scan-build [13] o travis: bump the used wolfSSL version to 4.0.0 [92] o travis: enable valgrind for the iconv tests [12] o travis: use updated compiler versions: clang 7 and gcc 8 [77] o unit1307: require FTP support [17] o unit1651: survive curl_easy_init() fails o url/idnconvert: remove scan for <= 32 ascii values [6] o url: change conn shutdown order to ensure SOCKETFUNCTION callbacks [39] o urlapi: reduce variable scope, remove unreachable 'break' [7] o urldata: convert bools to bitfields and move to end [53] o urldata: simplify bytecounters [62] o urlglob: Argument with 'nonnull' attribute passed null o version.c: silent scan-build even when librtmp is not enabled o vtls: rename some of the SSL functions [84] o wolfssl: stop custom-adding curves [41] o x509asn1: "Dereference of null pointer" o x509asn1: cleanup and unify code layout [34] o zsh.pl: escape ':' character [8] o zsh.pl: update regex to better match curl -h output [8] |
2019-02-06 09:02:48 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message: curl: updated to 7.64.0 curl and libcurl 7.64.0 This release includes the following changes: * cookies: leave secure cookies alone * hostip: support wildcard hosts * http: Implement trailing headers for chunked transfers * http: added options for allowing HTTP/0.9 responses * timeval: Use high resolution timestamps on Windows This release includes the following bugfixes: * CVE-2018-16890: NTLM type-2 out-of-bounds buffer read * CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow * CVE-2019-3823: SMTP end-of-response out-of-bounds read * FAQ: remove mention of sourceforge for github * OS400: handle memory error in list conversion * OS400: upgrade ILE/RPG binding. * README: add codacy code quality badge * Revert http_negotiate: do not close connection * THANKS: added several missing names from year <= 2000 * build: make 'tidy' target work for metalink builds * cmake: added checks for variadic macros * cmake: updated check for HAVE_POLL_FINE to match autotools * cmake: use lowercase for function name like the rest of the code * configure: detect xlclang separately from clang * configure: fix recv/send/select detection on Android * configure: rewrite --enable-code-coverage * conncache_unlock: avoid indirection by changing input argument type * cookie: fix comment typo * cookies: allow secure override when done over HTTPS * cookies: extend domain checks to non psl builds * cookies: skip custom cookies when redirecting cross-site * curl --xattr: strip credentials from any URL that is stored * curl -J: refuse to append to the destination file * curl/urlapi.h: include "curl.h" first * curl_multi_remove_handle() don't block terminating c-ares requests * darwinssl: accept setting max-tls with default min-tls * disconnect: separate connections and easy handles better * disconnect: set conn->data for protocol disconnect * docs/version.d: mention MultiSSL * docs: fix the --tls-max description * docs: use $(INSTALL_DATA) to install man page * docs: use meaningless port number in CURLOPT_LOCALPORT example * gopher: always include the entire gopher-path in request * http2: clear pause stream id if it gets closed * if2ip: remove unused function Curl_if_is_interface_name * libssh: do not let libssh create socket * libssh: enable CURLOPT_SSH_KNOWNHOSTS and CURLOPT_SSH_KEYFUNCTION for libssh * libssh: free sftp_canonicalize_path() data correctly * libtest/stub_gssapi: use "real" snprintf * mbedtls: use VERIFYHOST * multi: multiplexing improvements * multi: set the EXPIRE_*TIMEOUT timers at TIMER_STARTSINGLE time * ntlm: fix NTMLv2 compliance * ntlm_sspi: add support for channel binding * openssl: adapt to 3.0.0, OpenSSL_version_num() is deprecated * openssl: fix the SSL_get_tlsext_status_ocsp_resp call * openvms: fix OpenSSL discovery on VAX * openvms: fix typos in documentation * os400: add a missing closing bracket * os400: fix extra parameter syntax error * pingpong: change default response timeout to 120 seconds * pingpong: ignore regular timeout in disconnect phase * printf: fix format specifiers * runtests.pl: Fix perl call to include srcdir * schannel: fix compiler warning * schannel: preserve original certificate path parameter * schannel: stop calling it "winssl" * sigpipe: if mbedTLS is used, ignore SIGPIPE * smb: fix incorrect path in request if connection reused * ssh: log the libssh2 error message when ssh session startup fails * test1558: verify CURLINFO_PROTOCOL on file:// transfer * test1561: improve test name * test1653: make it survive torture tests * tests: allow tests to pass by 2037-02-12 * tests: move objnames-* from lib into tests * timediff: fix math for unsigned time_t * timeval: Disable MSVC Analyzer GetTickCount warning * tool_cb_prg: avoid integer overflow * travis: added cmake build for osx * urlapi: Fix port parsing of eol colon * urlapi: distinguish possibly empty query * urlapi: fix parsing ipv6 with zone index * urldata: rename easy_conn to just conn * winbuild: conditionally use /DZLIB_WINAPI * wolfssl: fix memory-leak in threaded use * spnego_sspi: add support for channel binding |
2019-02-01 19:10:21 by Greg Troxel | Files touched by this commit (1) |
Log message: curl: Drop redundant comment |
2018-12-13 20:52:27 by Adam Ciarcinski | Files touched by this commit (668) |
Log message: revbump for boost 1.69.0 |
2018-12-12 12:09:55 by Leonardo Taccari | Files touched by this commit (4) |
Log message: curl: Update www/curl to 7.63.0 pkgsrc changes: - Remove no longer needed patch-lib_connect.c: imported upstream Changes: 7.63.0 ------ This release includes the following changes: o curl: add %{stderr} and %{stdout} for --write-out o curl: add undocumented option --dump-module-paths for win32 o setopt: add CURLOPT_CURLU This release includes the following bugfixes: o (lib)curl.rc: fixup for minor bugs o CURLINFO_REDIRECT_URL: extract the Location: header field unvalidated o CURLOPT_HEADERFUNCTION.3: match 'nitems' name in synopsis and description o CURLOPT_WRITEFUNCTION.3: spell out that it gets called many times o Curl_follow: accept non-supported schemes for "fake" redirects o KNOWN_BUGS: add --proxy-any connection issue o NTLM: Remove redundant ifdef USE_OPENSSL o NTLM: force the connection to HTTP/1.1 o OS400: add URL API ccsid wrappers and sync ILE/RPG bindings o SECURITY-PROCESS: bountygraph shuts down again o TODO: Have the URL API offer IDN decoding o ares: remove fd from multi fd set when ares is about to close the fd o axtls: removed o checksrc: add COPYRIGHTYEAR check o cmake: fix MIT/Heimdal Kerberos detection o configure: include all libraries in ssl-libs fetch o configure: show CFLAGS, LDFLAGS etc in summary o connect: fix building for recent versions of Minix o cookies: create the cookiejar even if no cookies to save o cookies: expire "Max-Age=0" immediately o curl: --local-port range was not "including" o curl: fix --local-port integer overflow o curl: fix memory leak reading --writeout from file o curl: fixed UTF-8 in current console code page (Windows) o curl_easy_perform: fix timeout handling o curl_global_sslset(): id == -1 is not necessarily an error o curl_multibyte: fix a malloc overcalculation o curle: move deprecated error code to ifndef block o docs: curl_formadd field and file names are now escaped o docs: escape "\n" codes o doh: fix memory leak in OOM situation o doh: make it work for h2-disabled builds too o examples/ephiperfifo: report error when epoll_ctl fails o ftp: avoid two unsigned int overflows in FTP listing parser o host names: allow trailing dot in name resolve, then strip it o http2: Upon HTTP_1_1_REQUIRED, retry the request with HTTP/1.1 o http: don't set CURLINFO_CONDITION_UNMET for http status code 204 o http: fix HTTP Digest auth to include query in URI o http_negotiate: do not close connection until negotiation is completed o impacket: add LICENSE o infof: clearly indicate truncation o ldap: fix LDAP URL parsing regressions o libcurl: stop reading from paused transfers o mprintf: avoid unsigned integer overflow warning o netrc: don't ignore the login name specified with "--user" o nss: Fall back to latest supported SSL version o nss: Fix compatibility with nss versions 3.14 to 3.15 o nss: fix fallthrough comment to fix picky compiler warning o nss: remove version selecting dead code o nss: set default max-tls to 1.3/1.2 o openssl: Remove SSLEAY leftovers o openssl: do not log excess "TLS app data" lines for TLS 1.3 o openssl: do not use file BIOs if not requested o openssl: fix unused variable compiler warning with old openssl o openssl: support session resume with TLS 1.3 o openvms: fix example name o os400: Add curl_easy_conn_upkeep() to ILE/RPG binding o os400: add CURLOPT_CURLU to ILE/RPG binding o os400: fix return type of curl_easy_pause() in ILE/RPG binding o packages: remove old leftover files and dirs o pop3: only do APOP with a valid timestamp o runtests: use the local curl for verifying o schannel: be consistent in Schannel capitalization o schannel: better CURLOPT_CERTINFO support o schannel: use Curl_ prefix for global private symbols o snprintf: renamed and we now only use msnprintf() o ssl: fix compilation with OpenSSL 0.9.7 o ssl: replace all internal uses of CURLE_SSL_CACERT o symbols-in-versions: add missing CURLU_ symbols o test328: verify Content-Encoding: none o tests: disable SO_EXCLUSIVEADDRUSE for stunnel on Windows o tests: drop http_pipe.py script no longer used o tool_cb_wrt: Silence function cast compiler warning o tool_doswin: Fix uninitialized field warning o travis: build with clang sanitizers o travis: remove curl before a normal build o url: a short host name + port is not a scheme o url: fix IPv6 numeral address parser o urlapi: only skip encoding the first '=' with APPENDQUERY set This release includes the following known bugs: o see docs/KNOWN_BUGS (https://curl.haxx.se/docs/knownbugs.html) This release would not have looked like this without help, code, reports and advice from friends like these: Alessandro Ghedini, Alexey Melnichuk, Antoni Villalonga, Ben Greear, bobmitchell1956 on github, Brad King, Brian Carpenter, daboul on github, Daniel Gustafsson, Daniel Stenberg, Dave Reisner, David Benjamin, Dheeraj Sangamkar, dtmsecurity on github, Elia Tufarolo, Frank Gevaerts, Gergely Nagy, Gisle Vanem, Hagai Auro, Han Han, infinnovation-dev on github, James Knight, Jérémy Rocher, Jeroen Ooms, Jim Fuller, Johannes Schindelin, Kamil Dudka, Konstantin Kushnir, Marcel Raad, Marc Hörsken, Marcos Diazr, Michael Kaufmann, NTMan on Github, Patrick Monnerat, Paul Howarth, Pavel Pavlov, Peter Wu, Ray Satiro, Rod Widdowson, Romain Fliedel, Samuel Surtees, Sevan Janiyan, Stefan Kanthak, Sven Blumenstein, Tim Rühsen, Tobias Hintze, Tomas Hoger, tonystz on Github, tpaukrt on github, Viktor Szakats, Yasuhiro Matsumoto, (51 contributors) Thanks! (and sorry if I forgot to mention someone) |
2018-11-28 02:32:25 by Sevan Janiyan | Files touched by this commit (1) |
Log message: Need pthread support, make sure a substitue is present if OS lacks support natively, e.g Minix at present. |
2018-11-28 02:31:45 by Sevan Janiyan | Files touched by this commit (3) |
Log message: Support Minix |
2018-10-31 09:06:24 by Leonardo Taccari | Files touched by this commit (3) | |
Log message: curl: Update www/curl to 7.62.0 Changes: 7.62.0 ------ This release includes the following changes: o multiplex: enable by default o url: default to CURL_HTTP_VERSION_2TLS if built h2-enabled o setopt: add CURLOPT_DOH_URL o curl: --doh-url added o setopt: add CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size o imap: change from "FETCH" to "UID FETCH" o configure: add option to disable automatic OpenSSL config loading o upkeep: add a connection upkeep API: curl_easy_upkeep() o URL-API: added five new functions o vtls: MesaLink is a new TLS backend This release includes the following bugfixes: o CVE-2018-16839: SASL password overflow via integer overflow o CVE-2018-16840: use-after-free in handle close o CVE-2018-16842: warning message out-of-buffer read o CURLOPT_DNS_USE_GLOBAL_CACHE: deprecated o Curl_dedotdotify(): always nul terminate returned string o Curl_follow: Always free the passed new URL o Curl_http2_done: fix memleak in error path o Curl_retry_request: fix memory leak o Curl_saferealloc: Fixed typo in docblock o FILE: fix CURLOPT_NOBODY and CURLOPT_HEADER output o GnutTLS: TLS 1.3 support o SECURITY-PROCESS: mention the bountygraph program o VS projects: add USE_IPV6: o Windows: fixes for MinGW targeting Windows Vista o anyauthput: fix compiler warning on 64-bit Windows o appveyor: add WinSSL builds o appveyor: run test suite (on Windows!) o certs: generate tests certs with sha256 digest algorithm o checksrc: enable strict mode and warnings o checksrc: handle zero scoped ignore commands o cmake: Backport to work with CMake 3.0 again o cmake: Improve config installation o cmake: add support for transitive ZLIB target o cmake: disable -Wpedantic-ms-format o cmake: don't require OpenSSL if USE_OPENSSL=OFF o cmake: fixed path used in generation of docs/tests o cmake: remove unused *SOCKLEN_T variables o cmake: suppress MSVC warning C4127 for libtest o cmake: test and set missed defines during configuration o comment: Fix multiple typos in function parameters o config: Remove unused SIZEOF_VOIDP o config_win32: enable LDAPS o configure: force-use -lpthreads on HPUX o configure: remove CURL_CONFIGURE_CURL_SOCKLEN_T o configure: s/AC_RUN_IFELSE/CURL_RUN_IFELSE o cookies: Remove redundant expired check o cookies: fix leak when writing cookies to file o curl-config.in: remove dependency on bc o curl.1: --ipv6 mutexes ipv4 (fixed typo) o curl: enabled Windows VT Support and UTF-8 output o curl: update the documentation of --tlsv1.0 o curl_multi_wait: call getsock before figuring out timeout o curl_ntlm_wb: check aprintf() return codes o curl_threads: fix classic MinGW compile break o darwinssl: Fix realloc memleak o darwinssl: more specific and unified error codes o data-binary.d: clarify default content-type is x-www-form-urlencoded o docs/BUG-BOUNTY: explain the bounty program o docs/CIPHERS: Mention the options used to set TLS 1.3 ciphers o docs/CIPHERS: fix the TLS 1.3 cipher names o docs/CIPHERS: mention the colon separation for OpenSSL o docs/examples: URL updates o docs: add "see also" links for SSL options o example/asiohiper: insert warning comment about its status o example/htmltidy: fix include paths of tidy libraries o examples/Makefile.m32: sync with core o examples/http2-pushinmemory: receive HTTP/2 pushed files in memory o examples/parseurl.c: show off the URL API o examples: Fix memory leaks from realloc errors o examples: do not wait when no transfers are running o ftp: include command in Curl_ftpsend sendbuffer o gskit: make sure to terminate version string o gtls: Values stored to but never read o hostip: fix check on Curl_shuffle_addr return value o http2: fix memory leaks on error-path o http: fix memleak in rewind error path o krb5: fix memory leak in krb_auth o ldap: show precise LDAP call in error message on Windows o lib: fix gcc8 warning on Windows o memory: add missing curl_printf header o memory: ensure to check allocation results o multi: Fix error handling in the SENDPROTOCONNECT state o multi: fix memory leak in content encoding related error path o multi: make the closure handle "inherit" CURLOPT_NOSIGNAL o netrc: free temporary strings if memory allocation fails o nss: fix nssckbi module loading on Windows o nss: try to connect even if libnssckbi.so fails to load o ntlm_wb: Fix memory leaks in ntlm_wb_response o ntlm_wb: bail out if the response gets overly large o openssl: assume engine support in 0.9.8 or later o openssl: enable TLS 1.3 post-handshake auth o openssl: fix gcc8 warning o openssl: load built-in engines too o openssl: make 'done' a proper boolean o openssl: output the correct cipher list on TLS 1.3 error o openssl: return CURLE_PEER_FAILED_VERIFICATION on failure to parse issuer o openssl: show "proper" version number for libressl builds o pipelining: deprecated o rand: add comment to skip a clang-tidy false positive o rtmp: fix for compiling with lwIP o runtests: ignore disabled even when ranges are given o runtests: skip ld_preload tests on macOS o runtests: use Windows paths for Windows curl o schannel: unified error code handling o sendf: Fix whitespace in infof/failf concatenation o ssh: free the session on init failures o ssl: deprecate CURLE_SSL_CACERT in favour of a unified error code o system.h: use proper setting with Sun C++ as well o test1299: use single quotes around asterisk o test1452: mark as flaky o test1651: unit test Curl_extract_certinfo() o test320: strip out more HTML when comparing o tests/negtelnetserver.py: fix Python2-ism in neg TELNET server o tests: add unit tests for url.c o timeval: fix use of weak symbol clock_gettime() on Apple platforms o tool_cb_hdr: handle failure of rename() o travis: add a "make tidy" build that runs clang-tidy o travis: add build for "configure --disable-verbose" o travis: bump the Secure Transport build to use xcode o travis: make distcheck scan for BOM markers o unit1300: fix stack-use-after-scope AddressSanitizer warning o urldata: Fix "connecting" comment o urlglob: improve error message on bad globs o vtls: fix ssl version "or later" behavior change for many backends o x509asn1: Fix SAN IP address verification o x509asn1: always check return code from getASN1Element() o x509asn1: return CURLE_PEER_FAILED_VERIFICATION on failure to parse cert o x509asn1: suppress left shift on signed value |