Stefan Schantl [Fri, 2 Apr 2021 08:47:55 +0000 (10:47 +0200)]
ids.cgi: Add section for additional provider actions.
This section only will be displayed when an existing provider will be
edited and allows to reset a provider back to it's defaults or to force
a ruleset update.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Thu, 1 Apr 2021 18:02:48 +0000 (20:02 +0200)]
IDS: Redesign backend for enabled/disabled sids in rulefiles.
The enabled or disabled sids now will be written to an own
provider exclusive configuration file which dynamically will
be included by oinkmaster if needed.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Thu, 1 Apr 2021 09:39:57 +0000 (11:39 +0200)]
IDS: Redesign backend for used provider rulesfiles.
The selected rulesfiles of a provider now will be written to an own
provider exclusive yaml file, which will be included dynamically when
the provider is enabled or not.
This allows very easy handling to enable or disable a provider, in this
case the file which keeps the enabled providers rulesets only needs to
be included in the main file or even not.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Mon, 29 Mar 2021 14:51:18 +0000 (16:51 +0200)]
ids-functions.pl: Rework oinkmaster() function.
Rework the function to work with the latest changes and multiple
providers.
The function now does the following:
* Extract the stored rules tarballs for all enabled providers.
* Copy rules files for enabled providers which provide plain files.
* Still calls oinkmaster to set up the rules and modify them.
* Calls the merge functions for classification and sid to msg files.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Fri, 26 Mar 2021 12:24:26 +0000 (13:24 +0100)]
ids-functions.pl: Allow downloadruleset() function to deal with
multiple ruleset providers.
When calling the function now a single ruleset provider handle
can be specified to only download this ruleset or by adding "all" or
leaving the handle blank a download of all configured rulesets can be
triggered.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Adolf Belka [Thu, 5 Aug 2021 13:14:30 +0000 (15:14 +0200)]
client175: Convert python2 modules in source tarball to python3
- Patch created to convert all python modules to python3 compatibility that need it.
2to3 converter used for this.
- Start initscript changed to use python3
- No change required in rootfile
- Execution of patch added to lfs file
- Tested in vm machine. WUI page showed the same as with the python version.
scan of directory for mp3 (.flac) files was successful. Could not test actual audio
playing capability as my vm testbed does not have any audio setup at this time.
I believe that the purpose of client175 is to provide the WUI page and for that my
testing seemed to show everything working as expected.
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Tue, 3 Aug 2021 13:11:11 +0000 (15:11 +0200)]
ncat: Update to 7.91 and fix #12647 ncat segfault if virtmanager try to connect libvirt
- Update from 7.80 to 7.91
- Update of rootfile
- Changelog is too long to include here
Full details can be found in the CHANGELOG file in the source tarball
- Added patch to fix segfault - https://github.com/nmap/nmap/issues/2154
- Ran with unpatched 7.91 version
$ touch /tmp/foo
$ nc -U /tmp/foo
Segmentation fault - flagged problem in #12647
- Ran with patched 7.91 version
$ touch /tmp/foo
$ nc -U /tmp/foo
Ncat: Connection refused. - Expected behaviour
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Sun, 1 Aug 2021 16:13:20 +0000 (18:13 +0200)]
e2fsprogs: Update to version 1.46.3
- Update from 1.44.4 to 1.46.3
- Update of rootfile
- Changelog from 1.44.4 to 1.46.3 is too long to display.
Full details can be found at http://e2fsprogs.sourceforge.net/e2fsprogs-release.html
Most of the 14 version updates have bug fixes in them.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Sat, 31 Jul 2021 21:50:06 +0000 (23:50 +0200)]
faad2: Update to version 2.10.0
- Update from 2.8.8 to 2.10.0
- Update of rootfile carried out
- Changelog
2.10.0:
[ tatsuz ]
* updated Visual Studio projects to VS 2019 (#54)
[ Fabian Greffrath ]
* mp4read.c: fix stack-buffer-overflow in stringin()/ftypin()
* fix heap-buffer-overflow in mp4read.c
[ Clayton Smith ]
* Remove non-ASCII characters
* Remove trailing whitespace
[ Andrew Wesie ]
* Check return value of ltp_data.
* Restrict SBR frame length to 960 and 1024 samples.
* Support object type 29.
* Support implicit SBR signaling in frontend.
* Fix PNS decoding when only right channel is noise.
* Initialize element_id array with an invalid id.
* Fix NULL pointer dereferences.
* Fix infinite loop in adts_parse.
* Fix infinite loop in huffman_getescape.
* Check for error after each channel decode.
* Check for inconsistent number of channels.
2.9.2:
[ Michał Janiszewski ]
* Only use x86-assembly when explicitly on x86
* Use unsigned integers correctly
* Initialize pointers that might otherwise not be
[ Fabian Greffrath ]
* update README esp. WRT directory structure
[ Rosen Penev ]
* fix compilation without SBR/PS_DEC (#48)
* fix compilation with LC_ONLY_DECODER (#47)
[ Fabian Greffrath ]
* fix "inline function 'cfftf1' declared but never defined" compiler warning
* fix some inconsistencies in the frontend output
* mp4read_open: add check for failed frame buffer allocation
* stszin: add check for allocation error and integer overflow
* add a pkg-config file
[ Stefan Pöschel ]
* frontend: address compile warning + add missing LF (#50)
[ François Cartegnie ]
* library name is faad (#52)
* Unbreak PS audio (#51)
2.9.1:
[ Fabian Greffrath ]
* Include stdio.h in libfaad/ps_dec.c for stderr (Michael Fink)
* Fix Tille -> Title typo in frontend/mp4read.c (Alexander Thomas)
2.9.0:
[ Krzysztof Nikiel ]
* Build system fixes and code clean-up
[ LoRd_MuldeR ]
* Fix compiler warnings and code indentation
* Fix compilation with GCC <= 4.7.3
* MSVC solution file clean-up
[ Cameron Cawley ]
* Fix compilation with GCC 4.7.4
* Fix compilation with MinGW
[ Michael Fink ]
* MSVC 2017 project file update
[ Hugo Lefeuvre ]
* Fix crash with unsupported MP4 files (NULL pointer dereference,
division by zero)
* CVE-2019-6956: ps_dec: sanitize iid_index before mixing
* CVE-2018-20196: sbr_fbt: sanitize sbr->M (should not exceed MAX_M)
* CVE-2018-20199, CVE-2018-20360: specrec: better handle unexpected
parametric stereo (PS)
* CVE-2018-20362, CVE-2018-19504, CVE-2018-20195, CVE-2018-20198,
CVE-2018-20358: syntax.c: check for syntax element inconsistencies
* CVE-2018-20194, CVE-2018-19503, CVE-2018-20197, CVE-2018-20357,
CVE-2018-20359, CVE-2018-20361: sbr_hfadj: sanitize frequency band
borders
[ Hugo Beauzée-Luyssen ]
* CVE-2019-15296, CVE-2018-19502: Fix a couple buffer overflows
[ Filip Roséen ]
* Prevent crash on SCE followed by CPE
[ Gianfranco Costamagna ]
* Fix linking with GCC 9 and "-Wl,--as-needed"
[ Fabian Greffrath ]
* Enable the frontend to be built reproducibly
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Sat, 31 Jul 2021 19:06:52 +0000 (21:06 +0200)]
ncdu: Update to version 1.16
- Update from 1.15.1 to 1.16
- Update of rootfile not required
- Changelog
1.16 - 2021-07-02
- Increase width of size bar depending on terminal size (Christian Göttsche)
- Set/increment $NCDU_LEVEL variable when spawning a shell
- Indicate whether apparent size or disk usage is being displayed
- Display setuid, setgid and sticky bits in file flags in extended mode
- Fix error handling while reading --exclude-from file
- Improve JSON import to allow for several future extensions to the format
- Export link count in JSON dumps
- Don't export inode in JSON dumps for non-hardlinks
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Sat, 31 Jul 2021 19:06:34 +0000 (21:06 +0200)]
lynis: Update to version 3.0.6
- Update from 3.0.3 to 3.0.6
- Update of rootfile carried out
- Changelog
## Lynis 3.0.6 (2021-07-22)
### Added
- OS detection: Artix Linux, macOS Monterey, NethServer, openSUSE MicroOS
- Check for outdated translation files
### Changed
- DBS-1826 - Check if PostgreSQL is being used
- DBS-1828 - Test multiple PostgreSQL configuration file(s)
- KRNL-5830 - Sort kernels by version instead of modification date
- PKGS-7410 - Don't show exception for systems using LXC
- GetHostID function: fallback options added for Linux systems
- Fix: macOS Big Sur detection
- Fix: show correct text when egrep is missing
- Fix: variable name for PostgreSQL
- German and Spanish translations extended
## Lynis 3.0.5 (2021-07-02)
### Added
- OS detection of Arch Linux 32, BunsenLabs Linux, and Rocky Linux
- CRYP-8006 - Check MemoryOverwriteRequest bit to protect against cold-boot attacks (Linux)
### Changed
- ACCT-9622 - Corrected typo
- HRDN-7231 - When calling wc, use the short -l flag instead of --lines (Busybox compatibility)
- PKGS-7320 - extended to Arch Linux 32
- Generation of host identifiers (hostid/hostid2) extended
- Linux host identifiers are now using ip as preferred input source
- Improved logging in several areas
## Lynis 3.0.4 (2021-05-11)
### Added
- ACCT-9670 - Detection of cmd tooling
- ACCT-9672 - Test cmd configuration file
- BOOT-5140 - Check for ELILO boot loader presence
- OS detection of AlmaLinux, Garuda Linux, Manjaro (ARM), and others
### Changed
- BOOT-5104 - Add service manager detection support for runit
- FILE-6430 - Report suggestion only when at least one kernel module is not in the blacklist
- FIRE-4540 - Corrected nftables empy ruleset test
- LOGG-2138 - Do not check for klogd when metalog is being used
- TIME-3185 - Improved support for Debian stretch
- Corrected issue when Lynis is not executed directly from lynis directory
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Sat, 31 Jul 2021 19:04:43 +0000 (21:04 +0200)]
bird: Update to version 2.0.8
- Update from 2.0.7 to 2.0.8
- Update of rootfile not required
- Changelog
Version 2.0.8 (2021-03-18)
o Automatic channel reloads based on RPKI changes
o Multiple static routes with the same network
o Use bitmaps to keep track of exported routes
o Per-channel debug flags
o CLI commands show info from multiple protocols
o Linux: IPv4 routes with IPv6 nexthops
o Filter: Optimized redesign of prefix sets
o Filter: Improved type checking of user filters
o Filter: New src/dst accessors for Flowspec and SADR
o Filter: New 'weight' route attribute
o Filter: BGP path mask loop operator
o Filter: Remove quitbird command
o RIP: Demand circuit support (RFC 2091)
o BGP: New 'allow as sets' and 'enforce first as' options
o BGP: Support for BGP hostname capability
o BGP: Support for MD5SIG with dynamic BGP
o BFD: Optional separation of IPv4 / IPv6 BFD instances
o BFD: Per-peer session options
o RPKI: Allow build without libSSH
o RPKI: New 'ignore max length' option
o OSPF: Redesign of handling of unnumbered PtPs
o OSPF: Allow key id 0 in authentication
o Babel: Use onlink flag for routes with unreachable next hop
o Many bugfixes
Notes:
Automatic channel reloads based on RPKI changes are enabled by default,
but require import table enabled when used in BGP import filter.
BIRD now uses bitmaps to keep track of exported routes instead of
re-evaluation of export filters. That should improve speed and accuracy in
route export handling during reconfiguration, but takes some more memory.
Per-channel debug logging and some CLI commands (like 'show ospf neighbors')
defaulting to all protocol instances lead to some minor changes in log and
CLI output. Caution is recommended when logs or CLI output are monitored by
scripts.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
For details see:
https://mmonit.com/monit/changes/
New: Issue #979: If filesystem mount flags changed, show both old
and new value. Originally only the new value was reported.
Fixed: Issue #960: The memory usage may report wrong value if system
memory size changed after Monit start. The problem was frequent
on KVM/LXC containers where MemTotal is dynamicaly updated.
Fixed: Issue #965: Monit CLI: if a custom configuration file was
used with the -c option, and the file cannot be read by Monit,
an AssertException was thrown. Monit will report normal error
instead of the exception now.
Fixed: Issue #966: Monit CLI: The service name pattern was changed
to case-sensitive in Monit 5.28.0. Revert the behaviour back
to case-insensitive.
Fixed: Issue #971: The LINK UP and LINK DOWN tests now support short
form of the optional ELSE condition, in addition to the verbose ELSE
IF <SUCCEEDED|FAILED> form.
Fixed: Issue #976: The space free test recovery always reported
value in percent, regardless of the test setting. If the test uses
absolute limit, Monit will report absolute space usage now.
Fixed: Issue #986: Services checks with custom schedule (the EVERY
statement) did set the data collection timestamp even if the
monitoring was skipped in the given cycle. The timestamp is now
updated only when the check was performed.
Fixed: Issue #990: Monit built with libressl may crash during
verification of the expired SSL certificate.
Fixed: Issue #968: Systemd and upstart templates: templates used
to set the path to the configuration file in the sysconfdir, which
is optionally set via the configure script during the compilation.
The path wasn't fully expanded in the template though, so it was
invalid. The template doesn't specify the explicit path now and lets
Monit search for the configuration file in all supported locations
(including the sysconfdir).
Changed: Issue #984: The permission check of the SSL PEM key file
allows group read permissions now (originally Monit enforced that
the file is readable only by the file owner).
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Stefan Schantl [Fri, 30 Jul 2021 17:57:01 +0000 (19:57 +0200)]
qos.cgi: Fix truncated status output
In the past only the fist line of the status output has been passed
to the cleanhtml() function and displayed. Now the whole output will be
converted to a string, cleaned and displyed on the WUI again.
Fixes #12666.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Wed, 28 Jul 2021 20:46:00 +0000 (22:46 +0200)]
sudo: Update to version 1.9.7p2
- Update from 1.9.7p1 to 1.9.7p2
- Update of rootfile not required.
- Changelog - more details can be found at https://www.sudo.ws/changes.html
Major changes between version 1.9.7p2 and 1.9.7p1:
When formatting JSON output, octal numbers are now stored as strings, not numbers.
The JSON spec does not actually support octal numbers with a 0 prefix.
Fixed a compilation issue on Solaris 9.
Sudo now can handle the getgroups() function returning a different number of groups
for subsequent invocations. GitHub PR #106.
When loading a Python plugin, python_plugin.so now verifies that the module loaded
matches the one we tried to load. This allows sudo to display a more useful error
message when trying to load a plugin with a name that conflicts with a Python
module installed in the system location.
Sudo no longer sets the the open files resource limit to unlimited while it runs.
This avoids a problem where sudo's closefrom() emulation would need to close a
very large number of descriptors on systems without a way to determine which ones
are actually open.
Sudo now includes a configure check for va_copy or __va_copy and only defines its
own version if the configure test fails.
Fixed a bug in sudo's utmp file handling which prevented old entries from being
reused. As a result, the utmp (or utmpx) file was appended to unnecessarily.
GitHub PR #107.
Fixed a bug introduced in sudo 1.9.7 that prevented sudo_logsrvd from accepting TLS
connections when OpenSSL is used. Bug #988.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Michael Tremer [Tue, 27 Jul 2021 08:59:00 +0000 (08:59 +0000)]
initscripts: Add switch to start processes in background
Since systemd, many programs no longer behave like a well-behaved
daemon. To avoid any extra solutions, this patch adds a -b switch which
will start a program in the background and throw away any output.
The behaviour remains unchanged for any other programs.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Mon, 26 Jul 2021 16:35:16 +0000 (18:35 +0200)]
libidn: Update to version 1.38
- Update from 1.36 to 1.38
- Update of rootfile
- Changelog
version 1.38
build: Fix --disable-tld builds.
Simplify building of gdoc-generated man/texi outputs.
Rebuild GTK-DOC HTML/PDF outputs on version number changes.
doc: Rebuild idn.1 when version number changes.
build: Fix --disable-tld builds.
cicd: Add pages.
doc: Improve GTK-DOC manual.
cicd: Fix Ubuntu 12.04 builds.
Improve GTK-DOC manual.
Fix build errors related to doc/idn--help.texi.
doc: Fix release process.
doc: Improve HACKING instructions.
Bootstrap cache.
version 1.37
Use gnulib's bootstrap.
Drop old unused WERROR_CFLAGS usage.
Improve URLs.
Fix links for git and valgrind.
Fix self check for --disable-tld.
Sync with TP.
Doc fixes.
Don't dist ps/html/pdf. Drop custom css.
Improve ./configure summary output.
Use gnulib langinfo module.
More ./configure summary output.
Use AM_GNU_GETTEXT_VERSION to get intl.m4 too.
Disable some complex gnulib self-tests that add lots of dependencies and fail on mingw.
Drop second gnulib tests directory since only one is supported.
Require more recent automake and gtk-doc.
Fix .gitignore.
doc: Fix JDK dependency for Fedora.
Drop warning stuff covered by manywarnings.m4 now.
Disable VLA from gettext.
Remove autopoint-generated files that are in gnulib too.
Update autoconf archive macros.
Prefer gnulib's M4 files over autopoint.
Modernize autoconf usage.
Use AM_GNU_GETTEXT_REQUIRE_VERSION.
Update gnulib files.
Modernize configure.ac.
Require autoconf 2.64 for newer gnulib.
Avoid including copyright info in idn example.
Fix manual copyright years.
Fix syntax-check.
Update copyright years.
Improve HACKING.
Drop obsolete PGP key from AUTHORS.
Revert last patch, clearly src/ was being built before doc/.
Build doc/ after src/ so that src/idn exists for help2man of doc/idn.1.
Fix recommended package installs.
Drop .gitlab-ci.yml.
Doc fix.
Sync with TP.
Fix typos, inspired by codespell.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Mon, 26 Jul 2021 16:34:39 +0000 (18:34 +0200)]
curl: Update to version 7.78.0
- Update from 7.77.0 to 7.78.0
- Update of rootfile not required
- Changelog
Changes:
curl_url_set: reject spaces in URLs w/o CURLU_ALLOW_SPACE
CURLE_SETOPT_OPTION_SYNTAX: new error name for wrong setopt syntax
hostip: make 'localhost' return fixed values
mbedtls: add support for cert and key blob options
metalink: remove all support for it
mqtt: add support for username and password
Bugfixes:
--socks4[a]: clarify where the host name is resolved
ares: always store IPv6 addresses first
asyn-ares: remove check for 'data' in Curl_resolver_cancel
bearssl: explicitly initialize all fields of Curl_ssl
bearssl: remove incorrect const on variable that is modified
build: fix compiler warnings when CURL_DISABLE_VERBOSE_STRINGS
c-hyper: abort CONNECT response reading early on non 2xx responses
c-hyper: add support for transfer-encoding in the request
c-hyper: bail on too long response headers
c-hyper: clear NTLM auth buffer when request is issued
c-hyper: convert HYPERE_INVALID_PEER_MESSAGE to CURLE_UNSUPPORTED_PROTOCOL
c-hyper: fix NTLM on closed connection tested with test159
c-hyper: fix the uploaded field in progress callbacks
c-hyper: handle NULL from hyper_buf_copy()
c-hyper: support CURLINFO_STARTTRANSFER_TIME
c-hyper: support CURLOPT_HEADER
ccsidcurl: fix the compile errors
CI/cirrus: install impacket from PyPI instead of FreeBSD packages
CI: add bearssl build
CI: add Circle CI
CI: add jobs using Zuul
CI: delete --enable-hsts option (it is the default now)
CI: remove travis details
cleanup: spell DoH with a lowercase o
cmake: add CURL_DISABLE_NTLM option
cmake: avoid leaking absolute paths into exported config
cmake: fix IoctlSocket FIONBIO check
cmake: fix support for UnixSockets feature on Win32
cmake: remove libssh2 feature checks
cmake: try well-known send/recv signature for Apple
configure.ac: make non-executable
configure/cmake: remove checks for many unused functions
configure: add --disable-ntlm option
configure: disable RTSP when hyper is selected
configure: do not strip out debug flags
configure: fix nghttp2 library name for static builds
configure: inhibit the implicit-fallthrough warning on gcc-12
configure: rename get-easy-option configure option to get-easy-options
conn_shutdown: if closed during CONNECT cleanup properly
conncache: lowercase the hash key for better match
cookies: track expiration in jar to optimize removals
copyright: add boiler-plate headers to CI config files
crustls: bump crustls version and use new URL
curl.h: <sys/select.h> is supported by VxWorks7
curl.h: include sys/select.h for NuttX RTOS
curl: ignore blank --output-dir
curl_endian: remove the unused Curl_write64_le function
curl_multibyte: Remove local encoding fallbacks
Curl_ntlm_core_mk_nt_hash: fix OOM in error path
Curl_ssl_getsessionid: fail if no session cache exists
CURLOPT_WRITEFUNCTION.3: minor update of the example
docs/BINDINGS: fix outdated links
docs/examples: use curl_multi_poll() in multi examples
docs/INSTALL: remove mentions of configure --with-darwin-ssl
docs: document missing arguments to commands
docs: fix inconsistencies in EGDSOCKET documentation
docs: fix incorrect argument name reference
docs: Fix typos
docs: make docs for --etag-save match the program behaviour
docs: use --max-redirs instead of --max-redir
doh: (void)-prefix call to curl_easy_setopt
doh: fix wrong DEBUGASSERT for doh private_data
easy: during upkeep, attach Curl_easy to connections in the cache
examples/multi-single: fix scan-build warning
examples: length-limit two sscanf() uses of %s
examples: safer and more proper read callback logic
filecheck: quietly remove test-place/*~
formdata: avoid "Argument cannot be negative" warning
formdata: correct typecast in curl_mime_data call
GHA: add a linux-hyper job
GHA: add several libcurl tests to the hyper job
GHA: run the newly fixed tests with hyper
github: timeout jobs on macOS after 90 minutes
glob: pass an 'int' as len when using printf's %*s
gnutls: set the preferred TLS versions in correct order
GOVERNANCE: add 'user', 'committer' and 'contributor'
hostip: (macOS) free returned memory of SCDynamicStoreCopyProxies
hostip: bad CURLOPT_RESOLVE syntax now returns error
hsts: ignore numberical IP address hosts
HSTS: not experimental anymore
http2: clarify 'Using HTTP2' verbose message
http2: init recvbuf struct for pushed streams
http2_connisdead: handle trailing GOAWAY better
http: fix crash in rate-limited upload
http: make the haproxy support work with unix domain sockets
http_proxy: deal with non-200 CONNECT response with Hyper
hyper: propagate errors back up from read callbacks
HYPER: remove mentions of deprecated development branch
idn: fix libidn2 with windows unicode builds
infof: remove newline from format strings, always append it
lib: don't compare fd to FD_SETSIZE when using poll
lib: fix compiler warnings with CURL_DISABLE_NETRC
lib: fix type of len passed to *printf's %*s
lib: more %u for port and int for %*s fixes
lib: use %u instead of %ld for port number printf
libcurl-security.3: mention file descriptors and forks
libssh2: limit time a disconnect can take to 1 second
mbedtls: make mbedtls_strerror always work
mbedtls: Remove unnecessary include
mqtt: detect illegal and too large file size
mqtt: extend the error message for no topic
msnprintf: return number of printed characters excluding null byte
multi: add scan-build-6 work-around in curl_multi_fdset
multi: alter transfer timeout ordering
multi: do not switch off connect_only flag when closing
multi: fix crash in curl_multi_wait / curl_multi_poll
netrc: skip 'macdef' definitions
ngtcp2: disable TLSv1.3 compatible mode when using GnuTLS
openssl: avoid static variable for seed flag
openssl: don't remove session id entry in disassociate
pinnedpubkey.d: fix formatting for version support lists
proto.d: fix formatting for paragraphs after margin changes
quiche: use send() instead of sendto() to avoid macOS issue
Revert "c-hyper: handle body on HYPER_TASK_EMPTY"
Revert "ftp: Expression 'ftpc->wait_data_conn' is always false"
runtests: also find the last test in Makefile.inc
runtests: enable 'hyper mode' only for HTTP tests
runtests: init $VERSION to avoid warnings when using -l
runtests: parse data/Makefile.inc instead of using make
runtests: skip disabled tests unless -f is used
rustls: remove native_roots fallback
schannel: set ALPN length correctly for HTTP/2
SChannel: Use '_tcsncmp()' instead
sectransp: check for client certs by name first, then file
setopt: fix incorrect comments
socketpair: fix potential hangs
socks4: scan for the IPv4 address in resolve results
ssl: read pending close notify alert before closing the connection
sws: malloc request struct instead of using stack
telnet: fix option parser to not send uninitialized contents
test1116: hyper doesn't pass through "surprise-trailers"
test1147: hyper doesn't allow "crazy" request headers like built-in
test1151: added missing CRLF to work with hyper
test1216: adjusted for hyper mode
test1218: adjusted for hyper mode
test1230: adjust to work in hyper mode
test1340/1341: adjusted for hyper mode
test1438/1457: add HTTP keyword to make hyper mode work
test1514: add a CRLF to the response to make it correct
test1518: adjusted to work with hyper
test1519: adjusted to work with hyper
test1594/1595/1596: fix to work in hyper mode
test269: disable for hyper
test3010: work with hyper mode
test328: avoid a header-looking body to make hyper mode work
test339: CRLFify better to work in hyper mode
test347: CRLFify to work in hyper mode
test393: make Content-Length fit within 64 bit for hyper
test394: hyper returns a different error
test395: hyper cannot work around > 64 bit content-lengths like built-in
test433: adjust for hyper mode
test434: add HTTP keyword
test500: adjust to work with hyper mode
test566: adjust to work with hyper mode
test599: adjusted to work in hyper mode
test644: remove as duplicate of test 587
tests: fix Accept-Encoding strips to work with Hyper builds
TLS: prevent shutdown loops to get stuck
tool: make _lseeki64() macro work with the PellesC compiler
tool_help: document that --tlspassword takes a password
tool_help: remove unused define
url.c: remove two variable assigns that are never read
url: (void)-prefix a curl_url_get() call
url: bad CURLOPT_CONNECT_TO syntax now returns error
version: turn version number functions into returning void
vtls: exit addsessionid if no cache is inited
vtls: fix connection reuse checks for issuer cert and case sensitivity
vtls: only store TIMER_APPCONNECT for non-proxy connect
vtls: use free() not curl_free()
warnless: simplify type size handling
Win32: fix build with Watt-32
winbuild/README: VC should be set to 6 'or larger'
winbuild: support alternate nghttp2 static lib name
wolfssl: failing to set a session id is not reason to error out
write-out.d: clarify urlnum is not unique for de-globbed URLs
zuul: use the new rustls directory name
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
projects / people / stevee / ipfire-2.x.git / log
