aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/utils/curl
Commit message (Collapse)AuthorAgeFilesLines
* curl: Update to 7.59Rosen Penev2018-03-191-2/+2
| | | | | | Compile tested on ar71xx. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* curl: fix interface with mbedtls_sha256Russell Senior2018-02-171-0/+11
| | | | | | | | | Between mbedtls 2.6.0 and 2.7.0, the void returning mbedtls_MODULE* functions were deprecated in favor of functions returning an int error code. Use the new function mbedtls_sha256_ret(). Signed-off-by: Russell Senior <russell@personaltelco.net> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* curl: bump to 7.58.0Hans Dedecker2018-01-282-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a0b5e8944 progress-bar: get screen width on windows 65ceb20df test1454: --connect-to with IPv6 address w/o IPv6 support! eb6e3c4f6 CONNECT_TO: fail attempt to set an IPv6 numerical without IPv6 support 96186de1f docs: fix man page syntax to make test 1140 OK again af32cd385 http: prevent custom Authorization headers in redirects 993dd5651 curl: progress bar refresh, get width using ioctl() 9d82cde7b RELEASE-NOTES: synced with bb0ffcc36 bb0ffcc36 libcurl-env.3: first take ec122c4c8 TODO: two possible name resolver improvements a5e6d6ebc http2: don't close connection when single transfer is stopped 87ddeee59 test558: fix for multissl builds da07dbb86 examples/url2file.c: add missing curl_global_cleanup() call ddafd45af SSH: Fix state machine for ssh-agent authentication 9e4ad1e2a openssl: fix potential memory leak in SSLKEYLOGFILE logic ca9c93e3e openssl: fix the libressl build again 2c0c4dff0 unit1307: test many wildcards too 2a1b2b4ef curl_fnmatch: only allow 5 '*' sections in a single pattern cb5accab9 ftp-wildcard: fix matching an empty string with "*[^a]" 25c40c9af SMB: fix numeric constant suffix and variable types 945df7410 CURLOPT_TCP_NODELAY.3: fix typo 8dd4edeb9 smtp/pop3/imap_get_message: decrease the data length too... 84fcaa2e7 openssl: enable SSLKEYLOGFILE support by default e44ddfd47 mime: clone mime tree upon easy handle duplication. 2c821bba8 docs: comment about CURLE_READ_ERROR returned by curl_mime_filedata a06311be2 test395: HTTP with overflow Content-Length value 67595e7d2 test394: verify abort of rubbish in Content-Length: value ac17d7947 test393: verify --max-filesize with excessive Content-Length f68e67271 HTTP: bail out on negative Content-Length: values 0616dfa1e configure.ac: append extra linker flags instead of prepending them. 650b9c1d6 RELEASE-NOTES: synced with 6fa10c8fa 6fa10c8fa setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values 3b548ffde setopt: reintroduce non-static Curl_vsetopt() for OS400 support fa3dbb9a1 http2: fix incorrect trailer buffer size 2a6dbb815 easy: fix connection ownership in curl_easy_pause 89f680473 system.h: Additionally check __LONG_MAX__ for defining curl_off_t 14d07be37 COPYING: it's 2018! a8ce5efba progress: calculate transfer speed on milliseconds if possible d4e40f069 scripts: allow all perl scripts to be run directly e4f86025d mail-rcpt.d: fix short-text description 908a9a674 build: remove HAVE_LIMITS_H check 129390a51 openssl: fix memory leak of SSLKEYLOGFILE filename 272613df0 Revert "curl/system.h: fix compilation with gcc on AIX PPC and IA64 HP-UX" 481539e90 test1554: improve the error handling 593dcc553 test1554: add global initialization and cleanup dc831260b curl_version_info.3: call the argument 'age' 58d7cd28a brotli: data at the end of content can be lost a0f3eaf25 examples/cacertinmem: ignore cert-already-exists error 859ac3602 tool_getparam: Support size modifiers for --max-filesize b399b0490 build: Fixed incorrect script termination from commit ad1dc10e61 a9b774a77 Makefile.vc: Added our standard copyright header 22fddb85a winbuild: Added support for VC15 ad1dc10e6 build: Added Visual Studio 2017 project files d409640d6 build-wolfssl.bat: Added support for VC15 a4e88317d build-openssl.bat: Added support for VC15 c97648b55 curl/system.h: fix compilation with gcc on AIX PPC and IA64 HP-UX b43755789 examples/rtsp: fix error handling macros f009bbe1f curl_easy_reset: release mime-related data. 4acc9d3d1 content_encoding: rework zlib_inflate e639d4ca4 brotli: allow compiling with version 0.6.0. 9c6a6be88 CURLOPT_READFUNCTION.3: refer to argument with correct name 02f207a76 rand: add a clang-analyzer work-around 13ce373a5 krb5: fix a potential access of uninitialized memory 41982b6ac conncache: fix a return code [regression] 5d0ba70e1 curl: support >256 bytes warning messsages 188a43a8f libssh: fix a syntax error in configure.ac 7ef0c2d86 examples/smtp-mail.c: use separate defines for options and mail 621b24505 THANKS: added missing names cc0cca1ba mailmap: added/clarified several names 9d7a59c8f setopt: less *or equal* than INT_MAX/1000 should be fine 2437dbbf1 vtls: replaced getenv() with curl_getenv() ef5633d4b RELEASE-NOTES: synced with 3b9ea70ee 3b9ea70ee TODO: Expose tried IP addresses that failed 48c184a60 curl.1: mention http:// and https:// as valid proxy prefixes 76db03dd9 curl.1: documented two missing valid exit codes 63e58b8b4 CURLOPT_DNS_LOCAL_IP4.3: fixed the seel also to not self-reference 671f0b506 Revert "curl: don't set CURLOPT_INTERLEAVEDATA" 4b6f3cff7 tests: mark data files as non-executable in git 98c572ed3 tests: update .gitignore for libtests e959f16c5 multi_done: prune DNS cache 06a0a26fb mailmap: fixup two old git Author "aliases" 7ab4e7adb openssl: Disable file buffering for Win32 SSLKEYLOGFILE b1b94305d RESOLVE: output verbose text when trying to set a duplicate name bbea75ad6 CURLOPT_DNS_CACHE_TIMEOUT.3: see also CURLOPT_RESOLVE a4a56ec93 sftp: allow quoted commands to use relative paths 9fb5a943f CURLOPT_PRIVATE.3: fix grammar 179ee78e8 curl: remove __EMX__ #ifdefs 9dfb19483 openssl: improve data-pending check for https proxy 9ffad8eb1 curl: don't set CURLOPT_INTERLEAVEDATA 912324024 curl.h: remove incorrect comment about ERRORBUFFER ebaab4d17 configure: add AX_CODE_COVERAGE only if using gcc b5881d1fb curl: limit -# update frequency for unknown total size 546e7db78 BINDINGS: another PostgreSQL client 55e609890 CONNECT: keep close connection flag in http_connect_state struct c103cac3c include: get netinet/in.h before linux/tcp.h 00cda0f9b openldap: fix checksrc nits ff07f07cc openldap: add commented out debug possibilities bb0ca2d44 examples: move threaded-shared-conn.c to the "complicated" ones 4fb85b87b RELEASE-NOTES: synced with b261c44e8 b261c44e8 URL: tolerate backslash after drive letter for FILE: 24dcd7466 tests: added netinet/in6.h includes in test servers 76ebd5417 configure: check for netinet/in6.h 0c65678e7 curl-config: add --ssl-backends ea3a5d07d conncache: only allow multiplexing within same multi handle 415b8dff8 threaded-shared-conn.c: fixed typo in commenta 5254d8bf2 threaded-shared-conn.c: new example 07cb27c98 conncache: fix several lock issues 85f0133ea libssh: remove dead code in sftp_qoute 615edc1f7 sasl_getmesssage: make sure we have a long enough string to pass 440140946 libssh2: remove dead code from SSH_SFTP_QUOTE 6401ddad4 ssh-libssh.c: please checksrc 918530752 libssh: fixed dereference in statvfs access 8dad32bcf RESOURCES: update spec names a08f5a77c libssh: corrected use of sftp_statvfs() in SSH_SFTP_QUOTE_STATVFS 8843c0939 libssh: no need to call sftp_get_error as ssh_get_error is sufficient 3cef6f22e libssh: fix minor static code analyzer nits 10bb0b471 openssl: pkcs12 is supported by boringssl 8eff32f0b travis: use pip2 instead of pip b7f534597 lib582: do not verify host for SFTP a2f396680 libssh: added SFTP support c75c9d4fb symbols-in-versions: added new symbols with 7.56.3 version 05675ab5a .travis.yml: added build --with-libssh 38aef6dc4 libssh2: return CURLE_UPLOAD_FAILED on failure to upload 75427291e libssh2: send the correct CURLE error code on scp file not found c92d2e14c Added support for libssh SSH SCP back-end 3973ee6a6 RELEASE-NOTES: synced with af8cc7a69 af8cc7a69 curlver: towards 7.57.1 4b4142491 lib: don't export all symbols, just everything curl_* 9194a9959 SSL: Avoid magic allocation of SSL backend specific data 744ee5838 examples/xmlstream.c: don't switch off CURL_GLOBAL_SSL 270494e1a travis: add boringssl build Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* curl: bump to 7.57.0 (3 CVEs)Hans Dedecker2017-11-302-4/+4
| | | | | | | | | | CVE-2017-8816: NTLM buffer overflow via integer overflow CVE-2017-8817: FTP wildcard out of bounds read CVE-2017-8818: SSL out of buffer access For other bugfixes and changes in 7.57.0 see https://curl.haxx.se/changes.html Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* add PKG_CPE_ID ids to package and toolsAlexander Couzens2017-11-171-0/+1
| | | | | | | | | | | CPE ids helps to tracks CVE in packages. https://cpe.mitre.org/specification/ Thanks to swalker for CPE to package mapping and keep tracking CVEs. Acked-by: Jo-Philipp Wich <jo@mein.io> Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* curl: bump to 7.56.1Hans Dedecker2017-10-293-41/+5
| | | | | | | | | | | Refresh patches Remove 320-curl-confopts.m4-fix-disable-threaded-resolver.patch as integrated upstream See https://curl.haxx.se/changes.html for the bugfixes in 7.56.0 and 7.56.1 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* curl: add nghttp2 supportHans Dedecker2017-10-072-2/+9
| | | | | | Add config option support for nghttp2 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* curl: fix disable threaded resolverHans Dedecker2017-09-271-0/+36
| | | | | | | | | | | Bump to 7.55.1 broke the disable threaded resolver feature as reported in https://github.com/curl/curl/issues/1784. As a result curl is always compiled with the threaded resolver feature enabled which causes a dependency issue on pthread for uclibc. Fix this issue by backporting the upstream curl commit which fixes disable threaded resolver. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* curl: bump to 7.55.1Stijn Tintel2017-09-253-11/+11
| | | | | | | | | | | | Update 200-no_docs_tests.patch. Refresh patches. Fixes the following CVEs: - CVE-2017-1000099 - CVE-2017-1000100 - CVE-2017-1000101 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* cyassl,curl,libustream-ssl: rename every `cyassl` to `wolfssl`Alexandru Ardelean2017-09-172-5/+5
| | | | | | | | | | | | This is to eliminate any ambiguity about the cyassl/wolfssl lib. The rename happened some time ago (~3+ years). As time goes by, people will start to forget cyassl and start to get confused about the wolfSSL vs cyassl thing. It's a good idea to keep up with the times (moving forward). Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* curl: bump to version 7.54.1Alif M. Ahmad2017-07-143-5/+5
| | | | | | Upgrade the curl package to latest version. Patches refreshed. Signed-off-by: Alif M. Ahmad <alive4ever@live.com>
* network/utils/curl: Update to 7.54.0Daniel Engberg2017-05-163-16/+16
| | | | | | | Update curl to 7.54.0 Update and fresh patches Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* curl: Adjust URLsDaniel Engberg2017-03-151-6/+4
| | | | | | | Update mirror list, add main site as last resort Source: https://github.com/curl/curl-www/blob/master/latest.pl Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* curl: update to version 7.53.1Hauke Mehrtens2017-03-134-42/+6
| | | | | | | This fixes the following security problem: * CVE-2017-2629 SSL_VERIFYSTATUS ignored Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* curl: fix HTTPS network timeouts with OpenSSLStijn Segers2017-01-161-0/+36
| | | | | | | | | Backport an upstream change to fix HTTPS timeouts with OpenSSL. Upstream curl bug #1174. Signed-off-by: Stijn Segers <francesco.borromini@inventati.org> [Jo-Philipp Wich: reword commit message, rename patch to 001-*] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* curl: Remove PolarSSL and adjust default to mbedTLSRosen Penev2017-01-034-30/+14
| | | | | | | luci-ssl has already made the switch since mainline support for PolarSSL is almost over (2016). Signed-off-by: Rosen Penev <rosenp@gmail.com>
* curl: update to version 7.52.1Hauke Mehrtens2017-01-022-4/+4
| | | | | | | | | | | This fixes the folowing security problems: CVE-2016-9586: printf floating point buffer overflow CVE-2016-9952: Win CE schannel cert wildcard matches too much CVE-2016-9953: Win CE schannel cert name out of buffer read CVE-2016-9594: unititialized random Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* treewide: clean up download hashesFelix Fietkau2016-12-161-1/+1
| | | | | | Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* curl: update to version 7.51.0Hauke Mehrtens2016-12-033-6/+6
| | | | | | | | | | | | | | | | | This fixes the following security problems: CVE-2016-8615: cookie injection for other servers CVE-2016-8616: case insensitive password comparison CVE-2016-8617: OOB write via unchecked multiplication CVE-2016-8618: double-free in curl_maprintf CVE-2016-8619: double-free in krb5 code CVE-2016-8620: glob parser write/read out of bounds CVE-2016-8621: curl_getdate read out of bounds CVE-2016-8622: URL unescape heap overflow via integer truncation CVE-2016-8623: Use-after-free via shared cookies CVE-2016-8624: invalid URL parsing with '#' CVE-2016-8625: IDNA 2003 makes curl use wrong host Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* curl: update to version 7.50.3Hauke Mehrtens2016-09-242-3/+3
| | | | | | | | | | | | | | This fixes the following security problems: 7.50.1: CVE-2016-5419 TLS session resumption client cert bypass CVE-2016-5420 Re-using connections with wrong client cert CVE-2016-5421 use of connection struct after free 7.50.2: CVE-2016-7141 Incorrect reuse of client certificates 7.50.3: CVE-2016-7167 curl escape and unescape integer overflows Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* curl: update to version 7.50.0Hauke Mehrtens2016-07-242-4/+4
| | | | | | | | | | | | | | Changelog: https://curl.haxx.se/changes.html old sizes: libcurl_7.49.0-1_mips_34kc_dsp.ipk 97569 curl_7.49.0-1_mips_34kc_dsp.ipk 37925 new sizes: libcurl_7.50.0-1_mips_34kc_dsp.ipk 97578 curl_7.50.0-1_mips_34kc_dsp.ipk 38017 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* curl: remove axtls config option, the library does not exist in our treeFelix Fietkau2016-05-192-6/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* curl: update to 7.49Dirk Neukirchen2016-05-194-40/+14
| | | | | | | | | | | | | | | | fixes: CVE-2016-3739: TLS certificate check bypass with mbedTLS/PolarSSL - remove crypto auth compile fix curl changelog of 7.46 states its fixed - fix mbedtls and cyassl usability #19621 : add path to certificate file (from Mozilla via curl) and provide this in a new package tested on ar71xx w. curl/mbedtls/wolfssl Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
* curl: remove file accidentally committed in r49197Hauke Mehrtens2016-04-191-162/+0
| | | | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 49199
* oxnas: add support for Akitio MyCloud miniHauke Mehrtens2016-04-191-0/+162
| | | | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org> SVN-Revision: 49197
* curl: fix deprecated 'depends' syntaxHauke Mehrtens2016-04-171-1/+1
| | | | | | | | | This was introduced in r49183 Reported-by: swalker Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 49192
* curl: add flags to allow gc-sections to strip out unused codeHauke Mehrtens2016-04-171-1/+2
| | | | | | | Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 49184
* curl: add config option for NTLM supportHauke Mehrtens2016-04-172-1/+8
| | | | | | | Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 49183
* curl: upstep to latest version 7.48.0Hauke Mehrtens2016-04-174-7/+7
| | | | | | | Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 49182
* curl: add support for mbedtlsHauke Mehrtens2016-02-013-1/+17
| | | | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 48615
* curl: update curl to version 7.47.0Hauke Mehrtens2016-02-013-8/+8
| | | | | | | | | | | | | | This fixes the following security problems: CVE-2016-0754: remote file name path traversal in curl tool for Windows http://curl.haxx.se/docs/adv_20160127A.html CVE-2016-0755: NTLM credentials not-checked for proxy connection re-use http://curl.haxx.se/docs/adv_20160127B.html Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 48614
* curl: update curl to version 7.43.0Hauke Mehrtens2015-07-035-23/+13
| | | | | | | | | | | | | | | | | | | This brings curl to version 7.43.0 and contains fixes for the following security vulnerabilities: CVE-2015-3236: lingering HTTP credentials in connection re-use http://curl.haxx.se/docs/adv_20150617A.html CVE-2015-3237: SMB send off unrelated memory contents http://curl.haxx.se/docs/adv_20150617B.html The 100-check_long_long patch is not needed any more, because the upstream autoconf script already checks for long long when cyassl is selected. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 46169
* curl: replace polarssl run-time version check with a compile-time oneFelix Fietkau2015-05-051-0/+11
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45609
* curl: fix PKG_CONFIG_DEPENDSJohn Crispin2015-03-211-33/+33
| | | | | | Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> SVN-Revision: 44925
* cURL: implement new functionality with cleanup and fixesJohn Crispin2015-02-022-96/+155
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | remove obsolete configuration settings --disable-thread --enable-nonblocking --without-krb4 remove SSPI support only supported on windows correct --with/without-ca-path handling only supported with OpenSSL and PolarSSL correct LDAP/LDAPS protocol add dependency libopenldap added SCP/SFTP protocol default "No" depends on libssh2 added IDN support default "No" depends on libidn added SMB protocol (new in 7.40) default "No" require 'cryptographic authentication' and either 'GnuTLS' or 'OpenSSL' selected added Unix sockets support (new in 7.40) default "No" added error verbose messages default "No" changes to Makefile Increase PKG_RELEASE PKG_CONFIG_DEPENDS and CONFIGURE_ARGS extended for new functionality use "autoconf_bool" for all --enable/--disable options restructure for easier reading changes to Config.in extended for new functionality implement dependencies restructure and grouping for easier reading build tested on XUbuntu 14.10 x86 for x86 (generic) and ar71xx (WNDR3800) Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com> SVN-Revision: 44243
* curl: fix build with --disable-crypto-auth (#18838)Jo-Philipp Wich2015-01-291-0/+25
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 44192
* curl: fix typo in 2 config symbolsNicolas Thill2015-01-291-4/+4
| | | | | | Signed-off-by: Nicolas Thill <nico@openwrt.org> SVN-Revision: 44191
* cURL: Update to version 7.40.0John Crispin2015-01-284-17/+10
| | | | | | | | | | | * Update to version 7.40.0 * remove non existing config options around enable/disable HTTPS protocoll * remove --with-ca-path if ssl support disabled * set proxy support as default like all versions before CC did Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com> SVN-Revision: 44176
* curl: allow enabling https protocolJohn Crispin2015-01-172-0/+6
| | | | | | | | Provide optional --enable-https flag for curl. Signed-off-by: Lars Kruse <devel@sumpfralle.de> SVN-Revision: 43997
* package/*: replace occurences of 'ln -sf' to '$(LN)'Nicolas Thill2014-11-061-1/+1
| | | | | | Signed-off-by: Nicolas Thill <nico@openwrt.org> SVN-Revision: 43205
* curl: only set ca path for opensslFelix Fietkau2014-09-251-1/+1
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 42662
* curl: use the system certificatesFelix Fietkau2014-09-251-0/+1
| | | | | | Signed-off-by: Cristian Morales Vega <cristian@samknows.com> SVN-Revision: 42661
* curl: 7.36.0 -> 7.38.0Hauke Mehrtens2014-09-135-65/+7
| | | | | | | | | | | | | | | | | | Main changes: - URL parser: IPv6 zone identifiers are now supported - cyassl: Use error-ssl.h when available (drop local patch) - polarssl: support CURLOPT_CAPATH / --capath - mkhelp: generate code for --disable-manual as well (drop local patch) Full release notes: http://curl.haxx.se/changes.html MIPS 34kc binary size: - 7.36.0 before: 82,539 bytes - 7.38.0 after: 83,321 bytes Signed-off-by: Catalin Patulea <cat@vv.carleton.ca> SVN-Revision: 42517
* curl: move to core packagesJo-Philipp Wich2014-06-116-0/+363
SVN-Revision: 41143