- Detect all spellings of <file>, <file name> etc as well as <path>.
- Only complete directories for <dir>.
- Complete URLs for <URL>.
- Complete --request and --ftp-method.
Closes#8363
- Change library link check for ngtcp2_crypto_{gnutls,openssl} to
to use function ngtcp2_crypto_recv_client_initial_cb instead of
ngtcp2_crypto_ctx_initial.
The latter function is no longer external since two days ago in
ngtcp2/ngtcp2@533451f. curl HTTP/3 CI builds have been failing since
then because they would not link to the ngtcp2 crypto library.
Ref: https://github.com/ngtcp2/ngtcp2/pull/356
Closes https://github.com/curl/curl/pull/8372
Adds these test cases:
383 - simple single command line option
384 - reading it from stdin
385 - getting two --json options on command line
386 - --next works after --json
Closes#8314
Fix a bug that does not require a new CVE as discussed on hackerone.com.
Previously `connection_id` was accessed after returning connection to
the shared pool.
Bug: https://hackerone.com/reports/1463013Closes#8355
The callback gets called because of the call to PR_Recv() done to
attempt to avoid RST on the TCP connection. The conn->bundle pointer is
already cleared at this point so avoid dereferencing it.
Reported-by: Eric Musser
Fixes#8341Closes#8342
mbedtls/certs.h file contains only certificates example (all definitions
is beginning by mbedtls_test_*). None of them is used so we can avoid
include the file.
Closes#8343
- Disable all MSYS2 path transformation in test3021 and test3022.
Prior to this change path transformation in those tests was disabled
only for arguments that start with forward slashes. However arguments
that are in base64 contain forward slashes at any position and caused
unwanted translations.
== Info: Denied establishing ssh session: mismatch sha256 fingerprint.
Remote +/EYG2YDzDGm6yiwepEMSuExgRRMoTi8Di1UN3kixZw= is not equal to
+C:/msys64/EYG2YDzDGm6yiwepEMSuExgRRMoTi8Di1UN3kixZw
In the above example an argument containing a base64 sha256 fingerprint
was passed to curl after MSYS2 translated +/ into +C:/msys64/, and then
the fingerprint didn't match what was expected.
Ref: https://www.msys2.org/wiki/Porting/
Fixes https://github.com/curl/curl/issues/8084
Closes https://github.com/curl/curl/pull/8325
The TLS backends convert the host name to SNI name and need to use that.
This involves cutting off any trailing dot and lowercasing.
Co-authored-by: Jay Satiro
Closes#8320
Reverts 5de8d84098 (May 2014, shipped in 7.37.0) and the
follow-up changes done afterward.
Keep the dot in names for everything except the SNI to make curl behave
more similar to current browsers. This means 'name' and 'name.' send the
same SNI for different 'Host:' headers.
Updated test 1322 accordingly
Fixes#8290
Reported-by: Charles Cazabon
Closes#8320
This is the total number of bytes allocated, increasing for new
allocations and never reduced when freed. The existing "Maximum
allocated" is the high water mark.
Closes#8330
Avoids the need to clone the strings before check, thus avoiding
mallocs, which for cases where there are many SAN names in a cert could
end up numerous.
Closes#8321
- Wrap OpenSSL / wolfSSL MD5 functions instead of taking their function
addresses during static initialization.
Depending on how curl was built the old way may have used a dllimport
function address during static initialization, which is not standard
compliant, resulting in Visual Studio warning C4232 (nonstandard
extension). Instead the function pointers now point to the wrappers
which call the MD5 functions.
This change only affects OpenSSL and wolfSSL because calls to other SSL
libraries' md5 functions were already wrapped. Also sha256.c already
does this for all SSL libraries.
Ref: https://github.com/curl/curl/pull/8298
Closes https://github.com/curl/curl/pull/8318
