1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-17 23:15:08 -05:00
Commit Graph

6843 Commits

Author SHA1 Message Date
Pierre Ynard
4d2737bcb2 remove write-only variable 2012-01-28 13:58:49 +01:00
Daniel Stenberg
70f71bb99f gnutls: enforced use of SSLv3
With advice from Nikos Mavrogiannopoulos, changed the priority string to
add "actual priorities" and favour ARCFOUR. This makes libcurl work
better when enforcing SSLv3 with GnuTLS. Both in the sense that the
libmicrohttpd test is now working again but also that it mitigates a
weakness in the older SSL/TLS protocols.

Bug: http://curl.haxx.se/mail/lib-2012-01/0225.html
Reported by: Christian Grothoff
2012-01-24 08:54:26 +01:00
Daniel Stenberg
75ca568fa1 URL sanitize: reject URLs containing bad data
Protocols (IMAP, POP3 and SMTP) that use the path part of a URL in a
decoded manner now use the new Curl_urldecode() function to reject URLs
with embedded control codes (anything that is or decodes to a byte value
less than 32).

URLs containing such codes could easily otherwise be used to do harm and
allow users to do unintended actions with otherwise innocent tools and
applications. Like for example using a URL like
pop3://pop3.example.com/1%0d%0aDELE%201 when the app wants a URL to get
a mail and instead this would delete one.

This flaw is considered a security vulnerability: CVE-2012-0036

Security advisory at: http://curl.haxx.se/docs/adv_20120124.html

Reported by: Dan Fandrich
2012-01-24 08:54:26 +01:00
Daniel Stenberg
db1a856b4f OpenSSL: don't disable security work-around
OpenSSL added a work-around for a SSL 3.0/TLS 1.0 CBC vulnerability
(http://www.openssl.org/~bodo/tls-cbc.txt). In 0.9.6e they added a bit
to SSL_OP_ALL that _disables_ that work-around despite the fact that
SSL_OP_ALL is documented to do "rather harmless" workarounds.

The libcurl code uses the SSL_OP_ALL define and thus logically always
disables the OpenSSL fix.

In order to keep the secure work-around workding, the
SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS bit must not be set and this change
makes sure of this.

Reported by: product-security at Apple
2012-01-24 08:54:26 +01:00
Daniel Stenberg
7883cd5af3 URL parse: user name with ipv6 numerical address
Using a URL with embedded user name and password didn't work if the host
was given as a numerical IPv6 string, like ftp://user:password@[::1]/

Reported by: Brandon Wang
Bug: http://curl.haxx.se/mail/archive-2012-01/0047.html
2012-01-20 23:32:43 +01:00
Yang Tse
d7af7de5b2 telnet.c: fix OOM triggered segfault 2012-01-20 00:11:15 +01:00
Yang Tse
e64d332e79 OpenSSL: follow-up for commit a20daf90e3
avoid checking preprocessor definition official value
2012-01-19 22:29:00 +01:00
Yang Tse
d56b4c3f89 ssl session caching: fix compiler warnings 2012-01-18 23:42:39 +01:00
Daniel Stenberg
d1becc3231 polarssl: show cipher suite name correctly with 1.1.0
Apparently ssl_get_ciphersuite() is needed to get the name of the used
cipher suite.
2012-01-18 23:19:37 +01:00
Daniel Stenberg
f55f95d49c polarssl: show error code correctly
The value was turned negative when it shouldn't have been
2012-01-18 23:19:01 +01:00
Daniel Stenberg
61d31a3caf polarssl: havege_rand is not present in version 1.1.0
... it is now named havege_random!

Reported by: Robert Schumann
Bug: http://curl.haxx.se/mail/lib-2012-01/0178.html
2012-01-18 23:17:54 +01:00
Colin Hogben
4563eeb9f4 Use correct file descriptor for telnet upload.
Fix a bug where input was read from stdin even when a different FILE *
had been configured via CURLOPT_READDATA
2012-01-18 22:17:10 +01:00
Yang Tse
2cafb0e97c OpenLDAP: fix LDAP connection phase memory leak
bug: http://curl.haxx.se/bug/view.cgi?id=3474308
2012-01-18 16:06:29 +01:00
Johannes Bauer
6ea7acf5a9 OpenSSL: fix PKCS#12 certificate parsing related memory leak
Leak triggered when CURLOPT_SSLCERTTYPE and CURLOPT_SSLKEYTYPE set to P12
and both CURLOPT_SSLCERT and CURLOPT_SSLKEY point to the same PKCS#12 file.
2012-01-18 13:39:12 +01:00
Yang Tse
a20daf90e3 OpenSSL: SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option is no longer enabled
SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option enabling allowed successfull
interoperability with web server Netscape Enterprise Server 2.0.1 released
back in 1996 more than 15 years ago.

Due to CVE-2010-4180, option SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG has
become ineffective as of OpenSSL 0.9.8q and 1.0.0c. In order to mitigate
CVE-2010-4180 when using previous OpenSSL versions we no longer enable
this option regardless of OpenSSL version and SSL_OP_ALL definition.
2012-01-18 11:59:20 +01:00
Yang Tse
0ce2bca741 add LF termination to infof() trace string 2012-01-16 21:14:05 +01:00
Yang Tse
6d62c5a6fc Curl_proxyCONNECT() trace known bug #39 2012-01-15 19:21:55 +01:00
Yang Tse
8e82ef9c32 http_negotiate_sspi.c: fix compiler warning 2012-01-13 13:34:43 +01:00
Yang Tse
d016f5f5f5 ssh.c: fix compiler warning 2012-01-13 12:57:09 +01:00
Daniel Stenberg
9f20379fe4 hostip: avoid getaddrinfo when c-ares is used
Some functions using getaddrinfo and gethostbyname were still
mistakingly being used/linked even if c-ares was selected as resolver
backend.

Reported by: Arthur Murray
Bug: http://curl.haxx.se/mail/lib-2012-01/0160.html
2012-01-12 23:13:19 +01:00
gsengun
d28411c3cc FTP: CURLE_PARTIAL_FILE should not cause control connection to be closed
Test 161 updated accordingly
2012-01-09 22:50:20 +01:00
Yang Tse
f34ddb90e6 lib/setup.h: portable symbolic names for Winsock shutdown() mode flags 2012-01-08 02:32:51 +01:00
Daniel Stenberg
4897f4e517 win32-threaded-resolver: stop using a dummy socket
Previously the code would create a dummy socket while resolving just to
have curl_multi_fdset() return something but the non-win32 version
doesn't do it this way and the creation and use of a socket that isn't
made with the common create-socket callback can be confusing to apps
using the multi_socket API etc.

This change removes the dummy socket and thus will cause
curl_multi_fdset() to return with maxfd == -1 more often.
2012-01-04 23:16:30 +01:00
Peter Sylvester
81524cbfa0 OpenSSL: remove reference to openssl internal struct
With this change, curl compiles with the new OPENSSL_NO_SSL_INTERN
cflag. This flag might become the default in some distant future.
2012-01-04 23:02:36 +01:00
Yang Tse
7bd2add06f krb5.c: fix compiler warning: variable set but not used 2012-01-04 19:11:54 +01:00
Steve Holme
db4f69ef06 Fixed use of CURLUSESSL_TRY for POP3 and IMAP based connections.
Fixed a problem in POP3 and IMAP where a connection would fail when
CURLUSESSL_TRY was specified for a server that didn't support
SSL/TLS connections rather than continuing.
2012-01-04 00:48:20 +01:00
Steve Holme
277022b2e4 Fixed incorrect error code being returned in STARTTLS
The STARTTLS response code in SMTP, POP3 and IMAP would return
CURLE_LOGIN_DENIED rather than CURLE_USE_SSL_FAILED when SSL/TLS
was not available on the server.

Reported by: Gokhan Sengun
Bug: http://curl.haxx.se/mail/lib-2012-01/0018.html
2012-01-04 00:47:58 +01:00
Yang Tse
cc69e56ce3 hostip.c: fix potential write past the end of string buffer 2012-01-02 13:44:56 +01:00
Yang Tse
8e25d1b93b hostip.c: fix Curl_loadhostpairs() OOM handling 2012-01-02 13:41:09 +01:00
Daniel Stenberg
7f472618de Curl_input_negotiate: use the correct buffer for input
Unfortunately we have no test cases for this and I have no SSPI build or
server to verify this with. The change seems simple enough though.

Bug: http://curl.haxx.se/bug/view.cgi?id=3466497
Reported by: Patrice Guerin
2012-01-01 22:36:32 +01:00
Daniel Stenberg
a3403db02f just a stupid typo 2011-12-31 23:53:52 +01:00
Daniel Stenberg
c9a3cab6c4 SFTP dir: increase buffer size counter
When the buffer gets realloced to hold the file name in the
SSH_SFTP_READDIR_LINK state, the counter was not bumped accordingly.

Reported by: Armel Asselin
Patch by: Armel Asselin
Bug: http://curl.haxx.se/mail/lib-2011-12/0249.html
2011-12-31 23:52:15 +01:00
Daniel Stenberg
81ebdd9e28 create_hostcache_id: use the key lower cased
... to make sure the DNS cache is properly case insensitive
2011-12-31 10:58:05 +01:00
Daniel Stenberg
207cf15032 changed case: use new host name for subsequent HTTP requests
When a HTTP connection is re-used for a subsequent request without
proxy, it would always re-use the Host: header of the first request. As
host names are case insensitive it would make curl send another host
name case that what the particular request used.

Now it will instead always use the most recent host name to always use
the desired casing.

Added test case 1318 to verify.

Bug: http://curl.haxx.se/mail/lib-2011-12/0314.html
Reported by: Alex Vinnik
2011-12-31 10:45:28 +01:00
Daniel Stenberg
5e0a44e4d5 CURLOPT_RESOLVE: avoid adding already present host names
The load host names to DNS cache function was moved to hostip.c and it
now makes sure to not add host names that already are present in the
cache. It would previously lead to memory leaks when for example using
the --resolve and multiple URLs on the command line.
2011-12-31 10:45:27 +01:00
Yang Tse
ed0364343d removed trailing whitespace 2011-12-30 03:36:18 +01:00
Kamil Dudka
9f7f6a62ff transfer: avoid unnecessary timeout event when waiting for 100-continue
The commit 9dd85bc unintentionally changed the way we compute the time
spent waiting for 100-continue.  In particular, when using a SSL client
certificate, the time spent by SSL handshake was included and could
cause the CURL_TIMEOUT_EXPECT_100 timeout to be mistakenly fired up.

Bug: https://bugzilla.redhat.com/767490
Reported by: Mamoru Tasaka
2011-12-25 22:37:24 +01:00
Yang Tse
98292bcdd0 transfer.c: move a logging statement placement 2011-12-25 12:11:51 +01:00
Yang Tse
996f2454ba hash.c: fix OOM triggered segfault 2011-12-25 11:35:45 +01:00
Daniel Stenberg
99a12baa34 ftp_do_more: don't return success until all is done
ftp_do_more() returns after accepting the server connect however it
needs to fall through and set "*complete" to TRUE before exit from the
function.

Bug: http://curl.haxx.se/mail/lib-2011-12/0250.html
Reported by: Gokhan Sengun
2011-12-24 00:12:00 +01:00
Daniel Stenberg
4f8db8bf95 Curl_do_more: fix typo logic
In the recent do_more fix the new logic was mistakenly checking the
pointer instead of what it points to.

Reported by: Gokhan Sengun
Bug: http://curl.haxx.se/mail/lib-2011-12/0250.html
2011-12-24 00:09:41 +01:00
Daniel Stenberg
5ac9ec7205 SFTP mkdir: use correct permission
When sending quote command to a SFTP server and 'mkdir' was used, it
would send fixed permissions and not use the CURLOPT_NEW_DIRECTORY_PERMS
as it should.

Reported by: Armel
Patch by: Armel
Bug: http://curl.haxx.se/mail/lib-2011-12/0249.html
2011-12-24 00:04:04 +01:00
Daniel Stenberg
2caa454dc1 resolve: don't leak pre-populated dns entries
CURLOPT_RESOLVE populates the DNS cache with entries that are marked as
eternally in use. Those entries need to be taken care of when the cache
is killed off.

Bug: http://curl.haxx.se/bug/view.cgi?id=3463121
Reported by: "tw84452852"
2011-12-23 14:46:20 +01:00
Yang Tse
1afbccc676 formdata.c: OOM handling fixes 2011-12-21 15:39:44 +01:00
Daniel Stenberg
926916e28e Curl_socket_check: enlarge poll struct array to 3
This function was introduced in commit 5527417afa and as pointed out
by Gokhan Sengun, the array with poll structs must large enough to hold
3 sockets since that is what the function can accept. It could be noted
that he had this fixed in his patch as posted in
http://curl.haxx.se/mail/lib-2011-12/0179.html

Bug: http://curl.haxx.se/mail/lib-2011-12/0228.html
Reported by: Gokhan Sengun
2011-12-20 23:33:54 +01:00
Daniel Stenberg
130fac6c16 timeleft_accept: ack global timeout, moved to ftp.c
First off the timeout for accepting a server connect back must of course
respect a global timeout. Then the timeleft function is only used by ftp
code so it was moved to ftp.c and made static.
2011-12-20 20:55:54 +01:00
Daniel Stenberg
377471f387 FTP: move FTP-specific struct field to ftpc_conn
"wait_data_conn" was added to the connectionbits in commit c834213ad5 for
handling active FTP connections but as it is purely FTP specific and now
only ever accessed by ftp.c I moved it into the FTP connection struct.
2011-12-20 20:30:38 +01:00
Daniel Stenberg
dfdac61522 non-blocking active FTP: cleanup multi state usage
Backpedaled out the funny double-change of state in the multi state
machine by adding a new argument to the do_more() function to signal
completion. This way it can remain in the DO_MORE state properly until
done. Long term, the entire DO_MORE logic should be moved into the FTP
code and be hidden from the multi code as the logic is only used for
FTP.
2011-12-20 20:30:02 +01:00
Gokhan Sengun
c834213ad5 FTP: perform active connections non-blocking
1- Two new error codes are introduced.

CURLE_FTP_ACCEPT_FAILED to be set whenever ACCEPTing fails because of
FTP server connected.

CURLE_FTP_ACCEPT_TIMEOUT to be set whenever ACCEPTing timeouts.

Neither of these errors are considered fatal and control connection
remains OK because it could just be a firewall blocking server to
connect to the client.

2- One new setopt option was introduced.

CURLOPT_ACCEPTTIMEOUT_MS

It sets the maximum amount of time FTP client is going to wait for a
server to connect. Internal default accept timeout is 60 seconds.
2011-12-20 20:30:02 +01:00
Daniel Stenberg
5527417afa sockets: new Curl_socket_check() can wait for 3 sockets
This offers an alternative to the existing Curl_socket_ready() API which
only checks one socket for read and one for write.
2011-12-20 20:30:02 +01:00
Daniel Stenberg
51d4885ca0 Curl_pgrsTime: store now in an auto variable
It makes it easier to introduce debug outputs in this function, and
everything in the function is using the value anyway so it might even be
more efficient.
2011-12-20 15:05:50 +01:00
Daniel Stenberg
ce896875f8 timer: restore PRETRANSFER timing
Regression introduced in 7.23.0 with commit 9dd85bce. The function in
which the PRETRANSFER time stamp was recorded was moved in time causing
it be stored very quickly after the start timestamp. On most systems
shorter than 1 millisecond and thus it wouldn't even show with -w
"%{time_pretransfer}" using the command line tool.

Bug: http://curl.haxx.se/mail/archive-2011-12/0022.html
Reported by: Toni Moreno
2011-12-20 14:59:46 +01:00
Daniel Stenberg
5c71544fc6 gitignore: ignore the symbol versioning file 2011-12-20 11:07:23 +01:00
Alessandro Ghedini
7cc2e8b349 configure: add symbols versioning option
Allow, at configure time, the production of versioned symbols. The
symbols will look like "CURL_<FLAVOUR>_<VERSION> <SYMBOL>", where
<FLAVOUR> represents the SSL flavour (e.g. OPENSSL, GNUTLS, NSS, ...),
<VERSION> is the major SONAME version and <SYMBOL> is the actual symbol
name. If no SSL library is enabled the symbols will be just
"CURL_<VERSION> <SYMBOL>".
2011-12-19 23:25:36 +01:00
Sven Wegener
3c18b38dcc Use Curl_ssl_connect for non-blocking connect fallback
This gets the appconnect time right for ssl backends, which don't
support non-blocking connects.

Signed-off-by: Sven Wegener <sven.wegener@stealer.net>
2011-12-19 22:37:37 +01:00
Daniel Stenberg
583a902789 Curl_proxyCONNECT: use newlines in debug output 2011-12-19 09:32:54 +01:00
Yang Tse
4c4e8ba1f0 if2ip.[ch]: fix compilation with MinGW
Avoid 'interface' literal that some MinGW versions define as a macro
2011-12-13 18:37:33 +01:00
Yang Tse
de6f4f356e connect.c: fix compiler warning 'enumerated type is mixed with another type' 2011-12-13 16:18:08 +01:00
Yang Tse
66c5076252 if2ip.c: fix compiler warning 'unused parameter' 2011-12-13 16:08:42 +01:00
Yang Tse
b9b772fefe pop3.c: fix compiler warning variable may be used uninitialized 2011-12-13 15:58:02 +01:00
Yang Tse
07efe110cc if2ip.c: fix compiler warning 'enumerated type is mixed with another type' 2011-12-13 15:47:26 +01:00
Jason Glasgow
6e4835c795 CURLOPT_INTERFACE: avoid resolving interfaces names
Do not try to resolve interfaces names via DNS by recognizing interface
names in a few ways.  If the interface option argument has a prefix of
"if!" then treat the argument as only an interface.  Similarly, if the
interface argument is the name of an interface (even if it does not have
an IP address assigned), treat it as an interface name.  Finally, if the
interface argument is prefixed by "host!" treat it as a hostname that
must be resolved by /etc/hosts or DNS.

These changes allow a client using the multi interfaces to avoid
blocking on name resolution if the interface loses its IP address or
disappears.
2011-12-12 23:12:37 +01:00
Steve Holme
1259ccf747 ConnectionExists: Fix reuse for TLS upgraded connections
Fixed the connection reuse detection in ConnectionExists() when
comparing a new connection that is non-SSL based against that of a SSL
based connection that has become so by being upgraded via TLS.
2011-12-12 00:32:47 +01:00
Daniel Stenberg
07e3b7512c create_conn: don't switch to HTTP protocol if tunneling is enabled
This is a regression since who knows when. When spotting that a HTTP
proxy is used we must not uncondititionally enable the HTTP protocol
since if we do tunneling through the proxy we're still using the target
protocol.

Reported by: Naveen Chandran
2011-12-09 22:51:08 +01:00
Gokhan Sengun
1cacf853da Curl_closesocket: clear sock_accepted on close
As a follow-up from commit d5b5f64bce, clear the sock_accepted status
when such a socket is closed to avoid a re-used connection to retain the
state wrongly.

Bug: http://curl.haxx.se/mail/lib-2011-12/0079.html
2011-12-07 16:03:00 +01:00
Gokhan Sengun
2b24dd870e multi interface: fix block when CONNECT_ONLY option is used 2011-12-07 15:37:05 +01:00
Daniel Stenberg
2b0e09b0f9 OpenSSL: check for the SSLv2 function in configure
If no SSLv2 was detected in OpenSSL by configure, then we enforce the
OPENSSL_NO_SSL2 define as it seems some people report it not being
defined properly in the OpenSSL headers.
2011-12-06 14:22:45 +01:00
Daniel Stenberg
347f951c39 SSH: fix CURLOPT_SSH_HOST_PUBLIC_KEY_MD5
When a 32 digit hex key is given as a hostkey md5 checksum, the code
would still run it against the knownhost check and not properly
acknowledge that the md5 should then be the sole guide for.

The verbose output now includes the evaluated MD5 hostkey checksum.

Some related source code comments were also updated.

Bug: http://curl.haxx.se/bug/view.cgi?id=3451592
Reported by: Reza Arbab
2011-12-05 22:24:28 +01:00
Daniel Stenberg
c50dbf670f Curl_resolver_is_resolved: differentiate between host/proxy errors
As there are different return codes for host vs proxy errors, this function
now properly returns the code properly depending on what was attempted to get
resolved.

Bug: http://curl.haxx.se/mail/archive-2011-12/0010.html
Reported by: Jason Liu
2011-12-05 12:44:55 +01:00
Daniel Stenberg
0cf05af744 c-ares: return proxy failure for all proxy types
When making a distinction which return code to return, the code previously
only regarded HTTP proxies to be proxies and thus return host-related errors
for failures on other proxy types than HTTP. Now all proxy types will be
considered proxies...
2011-12-05 12:41:38 +01:00
Daniel Stenberg
d5b5f64bce FTP: close callback fix
Keep track of which sockets that are the result of accept() calls and
refuse to call the closesocket callback for those sockets. Test case 596
now verifies that the open socket callback is called the same number of
times as the closed socket callback for active FTP connections.

Bug: http://curl.haxx.se/mail/lib-2011-12/0018.html
Reported by: Gokhan Sengun
2011-12-05 12:34:27 +01:00
Daniel Stenberg
088ba97a24 FTP: call opensocket callback properly
When the new socket is created for an active connection, it is now done
using the open socket callback.

Test case 596 was modified to run fine, although it hides the fact that
the close callback is still called too many times, as it also gets
called for closing sockets that were created with accept().
2011-12-05 11:42:10 +01:00
Daniel Stenberg
9109cdec11 Curl_socket: internal replacement for socket()
Moved out into a separate function to work as a "generic" socket()
replacement.
2011-12-05 10:58:38 +01:00
Jason Glasgow
62d3652b43 CURLOPT_DNS_SERVERS: set name servers if possible (fix)
Ensure that CURLE_OK is returned if setting the name servers is successfull.
2011-12-02 21:54:15 +01:00
Daniel Stenberg
d81f5ea3e0 multi interface: only use non-NULL function pointer!
If the socket callback function pointer hasn't been set, we must not
attempt to use it. Commit adc88ca20 made it more likely to occur.
2011-12-02 21:10:28 +01:00
Jason Glasgow
adc88ca203 multi: handle timeouts on DNS servers by checking for new sockets
If the first name server is not available, the multi interface does
not invoke the socket_cb when the DNS request to the first name server
timesout.  Ensure that the list of sockets are always updated after
calling Curl_resolver_is_resolved.

This bug can be reproduced if Curl is complied with --enable_ares and
your code uses the multi socket interfaces and the
CURLMOPT_SOCKETFUNCTION option.  To test try:
  iptables -I INPUT \
           -s $(sed -n -e '/name/{s/.* //p;q}' /etc/resolv.conf)/32 \
           -j REJECT
and then run a program which uses the multi-interface.
2011-12-02 10:18:52 +01:00
Steve Holme
bdb647814e POP3: fixed escaped dot not being striped out
Changed the eob detection to work across the whole of the buffer so that
lines that begin with a dot (which the server will have escaped) are
passed to the client application correctly.
2011-12-01 00:06:47 +01:00
Yang Tse
1038d0aa16 pop3.c: fix compiler warning 2011-11-29 20:28:49 +01:00
Daniel Stenberg
af64666434 POP3: detect when LIST returns no mails
By making sure the function can detect an "end of body" sequence
immediately on the first line, test 811 is now enabled.
2011-11-29 13:43:46 +01:00
Daniel Stenberg
dda815b776 POP3: fix end of body detection
Curl_pop3_write() now has a state machine that scans for the end of a
POP3 body so that the CR LF '.' CR LF sequence can come in everything
from one up to five subsequent packets.

Test case 810 is modified to use SLOWDOWN which makes the server pause
between each single byte and thus makes the POP3 body get sent to curl
basically one byte at a time.
2011-11-29 00:25:21 +01:00
Yang Tse
2d833852f6 CyaSSL 2.0+ library initialization adjustment 2011-11-25 17:23:36 +01:00
Jonas Schnelli
0604b2fb90 rectify comment 2011-11-25 15:02:43 +01:00
Daniel Stenberg
8f50a5c7e5 SSLSESSION_SHARED: new macro to check if session is shared
Added convenience macro to use to check if a handle is using a shared
SSL session, and fixed so that Curl_ssl_close_all() doesn't lock when
the session isn't shared.
2011-11-25 15:00:37 +01:00
Yang Tse
703fa0a6a8 telnet.c: fix MSVC compiler warning 2011-11-25 14:30:53 +01:00
Yang Tse
97d7a9260e tvdiff_secs(): sub-zero time difference adjustment
Skip a floating point addition operation when integral part of time difference
is zero. This avoids potential floating point addition rounding problems while
preserving decimal part value.
2011-11-25 13:51:55 +01:00
Daniel Stenberg
4a4d04446d telnet: fix macros to allow proper semicolon use
Macros that look like function calls need to be made so that we can use
semicolons properly for indentation and for reducing the risk for
mistakes when using them.
2011-11-25 10:56:18 +01:00
Laurent Rabret
b9223a17b8 TELNET: improved treatment of options
1) enables the Window Size option
2) allows the server to enable the echo mode
3) allows an app using libcurl to disable the default binary mode

Signed-off-by: Laurent Rabret
2011-11-25 10:46:49 +01:00
Jonas Schnelli
2c905fd1f8 query-part: ignore the URI part for given protocols
By setting PROTOPT_NOURLQUERY in the protocol handler struct, the
protocol will get the "query part" of the URL cut off before the data is
handled by the protocol-specific code. This makes libcurl adhere to
RFC3986 section 2.2.

Test 1220 is added to verify a file:// URL with query-part.
2011-11-24 23:31:19 +01:00
Yang Tse
46bd8b330a getinfo.c: reset app connect time when clearing session-info time variables 2011-11-24 18:13:09 +01:00
Yang Tse
78feaff9d8 Fix unreleased regression when using windows gnutls versions older than 2.8 2011-11-24 12:11:52 +01:00
Mark Brand
28bac99674 gnutls: only translate winsock errors for old versions
Bugfix: https handshake fails using gnutls 3 on windows
http://sourceforge.net/tracker/index.php?func=detail&aid=3441084&group_id=976&atid=100976

New gnutls versions have an error handler that knows about Winsock
errors, which is why gnutls_transport_set_global_errno() was deprecated
and then removed.

This is a correction of commit f5bb370 (blame me) which meant to
reimplement gnutls_transport_set_global_errno(), which is not necessary.
2011-11-23 22:38:11 +01:00
Daniel Stenberg
7248439fec protocol_connect: show verbose connect and set connect time
Regression: commit b998d95b (shipped first in release 7.22.0) made the
condition always equal false that should reset the TIMER_CONNECT timer
and call the Curl_verboseconnect() function.

Reported by: "Captain Basil"
Bug: http://curl.haxx.se/mail/archive-2011-11/0035.html
2011-11-21 23:36:21 +01:00
Martin Storsjo
64f328c787 Add support for using nettle instead of gcrypt as gnutls backend 2011-11-19 22:23:14 +01:00
Jonas Schnelli
f64812ca63 SFTP: support '*' prefix for quote operations
prefixing a command with '*' means it is allowed to fail without
aborting the chain actions
2011-11-18 16:04:52 +01:00
Daniel Stenberg
10ecdf5078 getsessionid: don't ever return while locked
Also, check for the session sharing bit instead of comparing pointers
2011-11-17 23:57:21 +01:00
Daniel Stenberg
bb4eb58996 Curl_ssl_getsessionid: increase the value, not the pointer 2011-11-17 23:46:29 +01:00
Alejandro Alvarez Ayllon
35f61c404d SSL session share: move the age counter to the share object
Previously the age counter would be counted individually in each easy
handle that shared SSL sessions!
2011-11-17 23:34:38 +01:00
Jason Glasgow
8d0a504f0d CURLOPT_DNS_SERVERS: set name servers if possible 2011-11-17 22:52:33 +01:00
Guenter Knauf
fd765c627f Fix to skip untrusted certs. 2011-11-08 05:46:46 +01:00
Daniel Stenberg
e3166df1bb ftp PORT: don't hang if bind() fails
When the user requests PORT with a specific port or port range, the code
could lock up in an endless loop. There's now an extra conditional that
makes sure to special treat the error and try the local address only
once so a second failure will abort the loop correctly.

Bug: http://curl.haxx.se/bug/view.cgi?id=3433968
Reported by: Gokhan Sengun
2011-11-06 23:02:27 +01:00
Daniel Stenberg
06a83e8050 pingpong: change two comments wrongly referring "FTP"
Just a sign of where the code originally was ripped out from. Now it is
generic "pingpong".
2011-11-06 17:38:36 +01:00
Rene Bernhardt
4851dafcf1 HTTP auth: fix proxy Negotiate bug
If a proxy offers several Authentication schemes where NTLM and
Negotiate are offered by the proxy and you tell libcurl not to use the
Negotiate scheme then the request never returns when the proxy answers
with its HTTP 407 reply.

It is reproducible by the following steps:

- Use a proxy that offers NTLM and Negotiate ( CURLOPT_PROXY and
CURLOPT_PROXYPORT )

- Tell libcurl NOT to use Negotiate CURL_EASY_SETOPT(CURLOPT_PROXYAUTH,
CURLAUTH_BASIC | CURLAUTH_DIGEST | CURLAUTH_NTLM )

- Start the request

The call to CURL_EASY_PERFORM never returns. If you switch on debug
logging you can see that libcurl issues a new request As soon as it
received the 407 reply. Instead it should return and set the response
code to 407.

Bug: http://curl.haxx.se/mail/lib-2011-10/0323.html
2011-11-06 17:19:37 +01:00
Yang Tse
73029dca5a ssluse.c: fix calling of OpenSSL's ERR_remove_state(0)
Move calling of ERR_remove_state(0) a.k.a ERR_remove_thread_state(NULL)
from Curl_ossl_close_all() to Curl_ossl_cleanup().

In this way ERR_remove_state(0) is now only called in libcurl by
curl_global_cleanup(). Previously it would get called by functions
curl_easy_cleanup(), curl_multi_cleanup and potentially each time a
connection was removed from a connection cache leading to premature
destruction of OpenSSL's thread local state hash.

Multi-threaded apps using OpenSSL enabled libcurl should still call
function ERR_remove_state(0) or ERR_remove_thread_state(NULL) at the
very end end of threads that do not call curl_global_cleanup().
2011-11-04 13:08:37 +01:00
Yang Tse
6fa6567b92 url.c and file.c: fix OOM triggered segfault 2011-11-03 21:56:51 +01:00
Daniel Stenberg
93e57d0628 rename ftp_ssl: the struct field is used for many protocols
Now called 'use_ssl' instead, which better matches the current CURLOPT
name and since the option is used for all pingpong protocols (at least)
it makes sense to not use 'ftp' in the name.
2011-11-03 09:54:12 +01:00
Daniel Stenberg
a873b95c21 gtls_connect_step1: remove use of deprecated functions
Use gnutls_priority_set_direct() instead of gnutls_protocol_set_priority().

Remove the gnutls_certificate_type_set_priority() use since x509 is the
default certificate type anyway.

Reported by: Vincent Torri
2011-11-02 22:44:22 +01:00
Yang Tse
6bdeca967d url.c and transfer.c: nullify connection pointer when free()'ed 2011-11-02 22:34:41 +01:00
Yang Tse
f7dfe2b87a multi.c: OOM handling fix 2011-11-01 14:38:21 +01:00
Yang Tse
49e3b2e03a setup.h: fix compiler warning 2011-10-31 22:42:43 +01:00
Yang Tse
f5bb370186 gtls.c: gnutls_transport_set_global_errno() deprecated in version 2.12.3 2011-10-29 14:58:50 +02:00
Yang Tse
ddeab48245 multi.c: OOM handling fix
Fix curl_multi_cleanup() segfault when using weird cleanup sequence.
2011-10-27 17:08:02 +02:00
Daniel Stenberg
b0d42da26b multi: start ftp state machine when switching to DO_MORE
This extends the fix from commit d7934b8bd4

When the multi state is changed within the multi_runsingle from DOING to
DO_MORE, we didn't immediately start the FTP state machine again. That
then left the FTP state in FTP_STOP. When curl_multi_fdset() was
subsequently called, the ftp_domore_getsock() function would return the
wrong fd info.

Reported by: Gokhan Sengun
2011-10-27 12:46:29 +02:00
Yang Tse
e8d8843a02 ftp.c: some OOM handling fixes 2011-10-24 20:45:13 +02:00
Daniel Stenberg
d7934b8bd4 curl_multi_fdset: correct fdset with FTP PORT use
After a PORT has been issued, and the multi handle would switch to the
CURLM_STATE_DO_MORE state (which is unique for FTP), libcurl would
return the wrong fdset to wait for when curl_multi_fdset() is
called. The code would blindly assume that it was waiting for a connect
of the second connection, while that isn't true immediately after the
PORT command.

Also, the function multi.c:domore_getsock() was highly FTP-centric and
therefore ugly to keep in protocol-agnostic code. I solved this problem
by introducing a new function pointer in the Curl_handler struct called
domore_getsock() which is only called during the DOMORE state for
protocols that set that pointer.

The new ftp.c:ftp_domore_getsock() function now returns fdset info about
the control connection's command/response handling while such a state is
in use, and goes over to waiting for a writable second connection first
once the commands are done.

The original problem could be seen by running test 525 and checking the
time stamps in the FTP server log. I can verify that this fix at least
fixes this problem.

Bug: http://curl.haxx.se/mail/lib-2011-10/0250.html
Reported by: Gokhan Sengun
2011-10-21 23:36:54 +02:00
Yang Tse
95d23d1ceb file.c: OOM handling fix
file_disconnect() free's resources for multi API
2011-10-21 16:52:17 +02:00
Yang Tse
a4758c3276 multi.c: fix segfault 2011-10-21 16:52:16 +02:00
Dan Fandrich
90fcad63cb Fixed compilation when HTTP or cookies are disabled 2011-10-20 17:54:18 -07:00
Daniel Stenberg
ff0a295cdb Curl_http_input_auth: handle multiple auths in WWW-Authenticate
The fix is pretty much the one Nick Zitzmann provided, just edited to do
the right indent levels and with test case 1204 added to verify the fix.

Bug: http://curl.haxx.se/mail/lib-2011-10/0190.html
Reported by: Nick Zitzmann
2011-10-20 13:12:02 +02:00
Daniel Stenberg
4fa0166173 Curl_smtp_escape_eob: first byte is index 0...
Fix a bug with with commit 2621dd42a4 that happened due to my last
second pre-commit cleanup of the change without proper testing
afterwards!
2011-10-20 13:12:02 +02:00
Tim Harder
8036da870c gtls: only call gnutls_transport_set_lowat with <gnutls-2.12.0
The default lowat level for gnutls-2.12* is set to zero to avoid
unnecessary system calls and the gnutls_transport_set_lowat function has
been totally removed in >=gnutls-3 which causes build failures.

Therefore, the function shouldn't be used except for versions that
require it, <gnutls-2.12.0.
2011-10-20 00:28:29 +02:00
Daniel Stenberg
2621dd42a4 Curl_smtp_escape_eob: fix EOB escaping
As the EOB string can come byte by byte over a series of writes we must
match byte-wise.

Bug: http://curl.haxx.se/mail/lib-2011-10/0172.html
2011-10-20 00:13:09 +02:00
Daniel Stenberg
ecbb08cea3 singleipconnect: unstick the ipv6-connection boolean
Previously the bit was set before the connection was found working so if
it would first fail to an ipv6 address and then connect fine to a IPv4
address the variable would still be TRUE.

Reported by: Thomas L. Shinnick
Bug: http://curl.haxx.se/bug/view.cgi?id=3421912
2011-10-17 23:12:58 +02:00
Kamil Dudka
491c5a497c nss: avoid a SIGSEGV with immature version of NSS
Bug: https://bugzilla.redhat.com/733685
2011-10-17 12:13:44 +02:00
Kamil Dudka
06e6755e87 nss: big cleanup in nss_load_cert() and cert_stuff() 2011-10-17 12:13:42 +02:00
Kamil Dudka
052a08ff59 nss: refactor fmt_nickname() -> dup_nickname()
Do not use artificial nicknames for certificates from files.
2011-10-17 12:11:40 +02:00
Kamil Dudka
f6980bbf24 nss: select client certificates by DER
... instead of nicknames, which are not unique.
2011-10-17 12:11:38 +02:00
Daniel Stenberg
840eff44f2 formdata: ack read callback abort
When doing a multipart formpost with a read callback, and that callback
returns CURL_READFUNC_ABORT, that return code must be properly
propagated back and handled accordingly. Previously it would be handled
as a zero byte read which would cause a hang!

Added test case 587 to verify. It uses the lib554.c source code with a
small ifdef.

Reported by: Anton Bychkov
Bug: http://curl.haxx.se/mail/lib-2011-10/0097.html
2011-10-16 01:09:56 +02:00
Daniel Stenberg
1a416cd27a singleipconnect: don't clobber errno
Save the errno value immediately after a connect() failure so that it
won't get reset to something else before we read it.

Bug: http://curl.haxx.se/mail/lib-2011-10/0066.html
Reported by: Frank Van Uffelen and Fabian Hiernaux
2011-10-15 23:44:28 +02:00
Yang Tse
8af94de50a file.c: fix compiler warning 2011-10-14 18:23:16 +02:00
Yang Tse
1bab38780b url.c: fix endless loop upon transport connection timeout
Jerry Wu detected and provided detailed info about this issue.
2011-10-14 17:34:42 +02:00
Yang Tse
ea12c72d12 curl_gethostname.c: fix signed/unsigned comparison and avoid a double copy
both introduced in 42be24af
2011-10-13 23:00:24 +02:00
Yang Tse
47e4537ac6 curl_ntlm_msgs.c: fix variable shadowing declaration introduced in 185ed340 2011-10-13 22:59:36 +02:00
Marcin Adamski
03adff1eba tftp.c: TFTP timeout and unexpected block adjustments
Set ACK timeout to 5 seconds.

If we are waiting for block X and receive block Y that is the expected one, we
should send ACK and increase X (which is already implemented). Otherwise drop
the packet and don't increase retry counter.
2011-10-13 19:45:36 +02:00
Yang Tse
34770b8ab0 multi.c: OOM handling fixes
Prevent modification of easy handle being added with curl_multi_add_handle()
unless this function actually suceeds.

Run Curl_posttransfer() to allow restoring of SIGPIPE handler when
Curl_connect() fails early in multi_runsingle().
2011-10-13 18:04:56 +02:00
Yang Tse
880cf0bedc url.c: make line shorter than 80 chars 2011-10-13 01:52:56 +02:00
Yang Tse
bff78cc18e OOM handling/cleanup slight adjustments 2011-10-12 21:32:10 +02:00
Yang Tse
584dc8b8af OOM handling/cleanup slight adjustments 2011-10-11 19:41:30 +02:00
Yang Tse
71c9453393 telnet.c: fix compiler warning 2011-10-08 01:27:03 +02:00
Yang Tse
17f48fe879 libcurl: some OOM handling fixes 2011-10-07 20:50:57 +02:00
Yang Tse
b82bd05354 multi.c: OOM handling fixes making torture tests 560 580 581 pass 2011-10-06 20:30:34 +02:00
Daniel Stenberg
ca2c326361 curl_share_cleanup: avoid compiler warning
Move the variable declaration to within the #ifdef
2011-10-04 16:34:45 +02:00
Daniel Stenberg
5c809178c2 struct Curl_share: provide sslsession unconditionally
It makes much nicer and less convuluted code everywhere if this struct
member is always present even when libcurl is built without SSL support.

This reverts parts of commit 15e3e45170
2011-10-04 16:33:07 +02:00
Daniel Stenberg
fa77f54a03 ftp: improved the failed PORT host name resolved error message 2011-10-04 16:24:50 +02:00
Daniel Stenberg
bc007d8ef5 codepolicing 2011-10-03 23:28:17 +02:00
Daniel Stenberg
d0dbd1e98e sspi build fix
define away Curl_ntlm_sspi_cleanup() when no windows SSPI build
2011-10-03 23:28:17 +02:00
Steve Holme
4d327d20c6 smtp: Added support for NTLM authentication
Modified smtp_endofresp() to detect NTLM from the server specified list
of supported authentication mechanisms.

Modified smtp_authenticate() to start the sending of the NTLM data.

Added smtp_auth_ntlm_type1_message() which creates a NTLM type-1
message. This function is used by authenticate() to start the sending
of data and by smtp_state_auth_ntlm_resp() when the AUTH command
doesn't contain the type-1 message as part of the initial response.
This lack of initial response can happen if an OOM error occurs or the
type-1 message is longer than 504 characters. As the main AUTH command
is limited to 512 character the data has to be transmitted in two
parts; one containing the AUTH NTLM and the second containing the
type-1 message.

Added smtp_state_auth_ntlm_type2msg_resp() which handles the incoming
type-2 message and sends an outgoing type-3 message. This type-2
message is sent by the server in response to our type-1 message.

Modified smtp_state_auth_resp() to handle the response to: the AUTH
NTLM without the initial response and the type-2 response.

Modified smtp_disconnect() to cleanup the NTLM SSPI stack.
2011-10-03 23:28:17 +02:00
Steve Holme
185ed3409a Curl_ntlm_create_typeX_message: Added the outlen parameter
Added the output message length as a parameter to both
Curl_ntlm_create_type1_message() and Curl_ntlm_create_type3_message()
for use by future functions that require it.

Updated curl_ntlm.c to cater for the extra parameter on these two
functions.
2011-10-03 23:28:17 +02:00
Steve Holme
d54bcebad4 smtp: General tidy up ready for adding NTLM support
Changed the name of variable l, in several functions, which represents
the length of strings being sent to the server, to len which is more
meaningful and consistent with other code in smtp.c and elsewhere.

Reworked smtp_authenticate() to be simpler and easier to follow.
Variables and now initialised in their definitions and if no username
and password are specified the function sets the state to SMTP_STOP and
returns immediately, rather than being part of a huge if statement.
2011-10-03 23:28:17 +02:00
Steve Holme
56ed07f7df smtp_mail: fixed another memory leak
... introduced in 7f304ab84f
2011-10-03 22:55:25 +02:00
Daniel Stenberg
15e3e45170 share: don't use SSL unless enabled
Don't even declare the struct members for disabled features

Introducing the CURLSHE_NOT_BUILT_IN return code for the share interface
when trying to set a sharing option that has been disabled (or not
enabled) in the library.
2011-10-03 22:35:04 +02:00
Daniel Stenberg
9dd85bced5 multi: progress function abort must close connection
When the progress function returns to cancel the request, we must mark
the connection to get closed and it must do to the DONE state.

do_init() must be called as early as possible so that state variables
for new connections are reset early. We could otherwise see that the old
values were still there when a connection was to be disconnected very
early and it would make it behave wrongly.

Bug: http://curl.haxx.se/mail/lib-2011-10/0006.html
Reported by: Vladimir Grishchenko
2011-10-02 19:28:39 +02:00
Daniel Stenberg
3d19e1eedf multi_runsingle: change state on callback abort
Reported by: Marcin Adamski
Bug: http://curl.haxx.se/mail/lib-2011-09/0329.html
2011-09-30 22:59:50 +02:00
Yang Tse
0c903ea189 Fix SSL disabled builds broken with 'SSL session sharing' commit 5793bc37 2011-09-30 21:09:59 +02:00
Daniel Stenberg
affed6725e smtp_mail: fix memory leak
... introduced in 7f304ab84f
2011-09-29 23:45:36 +02:00
Steve Holme
7f304ab84f smtp_mail: Added support to MAIL FROM for the optional SIZE parameter
The size of the email can now be set via CURLOPT_INFILESIZE. This
allows the email to be rejected by the server, if supported, and the
maximum size has been configured on the server.
2011-09-29 23:15:46 +02:00
Alejandro Alvarez
5793bc370c SSL session sharing support added
With locking, plus test, plus documentation
2011-09-28 23:06:34 +02:00
Guenter Knauf
b4fccc1d8e Added SPNEGO to NetWare build. 2011-09-27 16:02:07 +02:00
Yang Tse
d9f686db88 remove short-lived CURL_WRITEFUNC_OUT_OF_MEMORY 2011-09-26 13:05:42 +02:00
Steve Holme
400055bfaa smtp_connect: use defined buffer length for hostname 2011-09-26 00:01:09 +02:00
Steve Holme
5801ddb85c Curl_ntlm_create_type3_message: Tidied up the use of Curl_gethostname.
Removed the code that striped off the domain name when Curl_gethostname
returned the fully qualified domain name as the function has been
updated to return the un-qualified host name.

Replaced the use of HOSTNAME_MAX as the size of the buffer in the call
to Curl_gethostname with sizeof(host) as this is safer should the buffer
size ever be changed.
2011-09-25 23:59:53 +02:00
Steve Holme
38b5744266 HOSTNAME_MAX: Moved to curl_gethostname.h
Moved HOSTNAME_MAX #define into curl_gethostname.h rather than being
locally defined in curl_gethostname.c, curl_ntlm_msgs.c and smtp.c.
2011-09-25 23:58:47 +02:00
Yang Tse
d2a47021c0 Q&D fix header inclusion order 2011-09-25 19:08:12 +02:00
Yang Tse
119f43360b allow write callbacks to indicate OOM to libcurl
Allow (*curl_write_callback) write callbacks to return
CURL_WRITEFUNC_OUT_OF_MEMORY to properly indicate libcurl of OOM conditions
inside the callback itself.
2011-09-25 19:05:46 +02:00
Daniel Stenberg
2d6796aac5 curl_multi_fdset: avoid FD_SET out of bounds
If a socket is larger than FD_SETSIZE, avoid using FD_SET() on the
platforms where this is possible.

Bug: http://curl.haxx.se/bug/view.cgi?id=3413274
Reported by: Tim Starling
2011-09-25 17:34:12 +02:00
Guenter Knauf
230459dd00 NetWare makefile tweaks to select different builds. 2011-09-25 16:29:08 +02:00
Daniel Stenberg
5f0764870f http header: allow Content-Length to be replaced
In some cases Content-Length: couldn't be replaced by an application

Also, indented some code properly
2011-09-24 00:05:58 +02:00
Daniel Stenberg
40c27e299f Curl_pgrsStartNow: keep HEADERS_OUT set
To avoid that the progress meter headers get output between each
transfer, make sure the bits gets kept when (re-)inited.

Reported by: Christopher Stone
2011-09-22 22:41:06 +02:00
Guenter Knauf
3c3aa09c65 Added NetWare examples makefile. 2011-09-22 14:35:49 +02:00
Yang Tse
01c172f5e8 NTLM_WB: fix disabling of NTLM_WB when NTLM is disabled 2011-09-22 00:24:02 +02:00
Gisle Vanem
322f3d5af7 smtp: without a MAIL_FROM, send blank MAIL FROM
I think curl should ignore this case and smtp.c should test for this.
Since RFC-2821 seems to allow a "null reverse-path". Ref.  "MAIL
FROM:<>" in section 3.7, page 25.
2011-09-21 22:24:45 +02:00
Dave Reisner
c1057fc9aa lib/http: add missing whitespace in verbose output
Example:
* upload completely sent off: 35out of 35 bytes

Should be:
* upload completely sent off: 35 out of 35 bytes
2011-09-21 22:19:53 +02:00
Guenter Knauf
e4172d934d Changed suffix rules to pattern rules.
Suffix rules cannot have any prerequisites of their own.
2011-09-21 03:25:19 +02:00
Guenter Knauf
977825a68c Added dependency so that curlbuild.h is created. 2011-09-21 02:13:18 +02:00
Guenter Knauf
a6b69b64ad Some more MinGW build tweaks.
Added envvars to specify OpenSSL include, libpath and lib.
Added rule to create curlbuild.h from curlbuild.h.dist.
2011-09-21 02:06:05 +02:00
Guenter Knauf
a6c168b893 A bunch of MinGW build tweaks.
All paths to dependencies now quoted; synced examples makefile.
2011-09-20 15:05:28 +02:00
Guenter Knauf
dee7a08f64 Changed Windows 64bit OS define to x86_64.
Also added check for __x86_64__ define since MinGW64 seems to define
the _M_X64 macro through a header not available for config-win32.h.
2011-09-20 12:32:04 +02:00
Guenter Knauf
cd3cf55b47 Also skip certs masked as CKT_NSS_TRUST_UNKNOWN.
Fix posted by Tomas Hoger <thoger redhat com>.
2011-09-20 12:05:31 +02:00
Guenter Knauf
98a61d8e2e Added _WIN32_WINNT define for IPv6 builds. 2011-09-20 11:59:49 +02:00
Daniel Stenberg
81b41095ef Curl_follow: handle redirects to "//hostname/path" 2011-09-20 11:16:40 +02:00
Steve Holme
42be24af89 Curl_gethostname: return un-qualified machine name
Fixed Curl_gethostname() so that it always returns the un-qualified
machine name rather than being dependent on the socket provider.

Note: The return of getenv("CURL_GETHOSTNAME") is also parsed in case
the developer / test harness provided a fully qualified domain name as
it's value as well.
2011-09-18 13:24:58 +02:00
Yang Tse
ff9d858722 Make Curl_safefree() macro assign NULL to given pointer when free'd 2011-09-15 17:35:23 +02:00
Yang Tse
0216e517d0 ftp.c: add a couple of failure messages 2011-09-14 11:30:22 +02:00
warp kawada
aff70e2e95 Curl_add_custom_headers: support headers with no data
A custom HTTP header ending in a semicolon instead of a colon
will be treated as a header to be added without any data
portion.
2011-09-13 16:17:21 -07:00
Daniel Stenberg
73b18a9d24 codestyle: minor whitespace fix 2011-09-13 18:46:09 +02:00
Jeff Pohlmeyer
1bac153ea3 polarssl: build with PolarSSL-1.0.0
With this fix, it should work for PolarSSL-1.0.0 (and SVN-1091 trunk)
and retain compatibility with earlier versions. (Tested with 0.14.1)

PolarSSL still doesn't play nicely with curl's CA bundle (we discussed
this before) but I was at least able to retrieve the
https://www.gmail.com/ login page using a modified ca-certificates.crt
file with all 3 versions of PolarSSL.
2011-09-13 18:44:41 +02:00
Yang Tse
4e9a1c5bba ftp.c: fix socket leak torture tests detected 2011-08-30
Also fix inappropriate error handling when sending ftp EPRT or PORT commands.
2011-09-12 15:16:07 +02:00
Daniel Stenberg
94d64f8d4c spell-checked comments 2011-09-11 19:26:17 +02:00
Guenter Knauf
2a9fec16cc Updated makefiles to latest libssh2. 2011-09-11 16:50:30 +02:00
Yang Tse
72c14bd6f0 ftp.c: fix ftp active connects which got broken with commit fdf157abdf 2011-09-10 05:05:27 +02:00
Yang Tse
a7d8894291 ssh.c: revert needless commit 7b7c45879e 2011-09-10 00:52:13 +02:00
Daniel Stenberg
303c90074d tcpnodelay: rename variable
Renamed the variable from 'proto' to 'level' simply because it is not
protocol you set but level and that is the name of the argument used in
man pages and the POSIX documentation of the setsockopt function.
2011-09-09 15:31:11 +02:00
Yang Tse
7b7c45879e libssh2: use calloc as alloc function for libssh2 versions older than 1.3
This workarounds old libssh2 versions not properly initializing
some ssh session variables, which would trigger memory debuggers
warnings on memory being used without having been initialized.
2011-09-08 11:08:00 +02:00
Adriano Meirelles
81ead2c4e7 Curl_speedcheck: don't mistakenly clear Curl_expire()
The current version of speedcheck.c may disable timeout by setting zero
to Curl_expire. Which is fine using the curl_multi_perform, because it
recheck all timeout internals, but when using custom event poller (like
hiperfifo.c) it may keep stalle connection forever.
2011-09-08 08:39:53 +02:00
Daniel Stenberg
2147492050 ftp_state_use_port: minor code indent fix 2011-09-07 22:46:06 +02:00
Daniel Stenberg
58a7c51362 checksrc: detect "}else" uses as well 2011-09-07 22:45:43 +02:00
Yang Tse
5658aa9574 ssh.c: fix memory leaks triggered upon OOM or other failures 2011-09-07 01:26:43 +02:00
Yang Tse
e9e894905c pingpong.c: avoid a memmove call in function Curl_pp_vsendf 2011-09-05 23:45:04 +02:00
Yang Tse
a50210710a fix bool variables checking and assignment 2011-09-05 20:46:09 +02:00
Guenter Knauf
d52f3eb598 Fixed final message output. 2011-09-04 22:05:32 +02:00
Yang Tse
196e0d699f setup_once.h cleanup and sync 2011-09-04 17:10:51 +02:00
Guenter Knauf
809cde5416 Fix to skip untrusted certs. 2011-09-04 17:05:49 +02:00
Guenter Knauf
476f194d7f Added SPNEGO to MinGW makefiles. 2011-09-04 10:03:08 +02:00
Yang Tse
bdc311cf98 NTLM WB: fix file descriptor leak upon OOM condition 2011-09-04 01:56:30 +02:00
Yang Tse
a405a8976d revert changes not intended to be pushed with commit 6b75d2c2 2011-09-03 18:26:21 +02:00
Yang Tse
6b75d2c2df fix a bunch of MSVC compiler warnings 2011-09-03 16:07:09 +02:00
Guenter Knauf
2be65bb0c5 Updated dependecies versions. 2011-09-03 14:01:09 +02:00
Guenter Knauf
f02325ea65 Some MinGW makefile tweaks for MinGW64. 2011-09-03 13:55:16 +02:00
Guenter Knauf
b98594c8bf Changed MinGW to use own winidn prototypes. 2011-09-03 13:39:22 +02:00
Dan Fandrich
ded3638d97 Fix NTLM winbind support to pass the torture tests
Calling sclose() both in the child and the parent fools the
socket leak detector into thinking it's been closed twice.
Calling close() in the child instead overcomes this problem. It's
not as portable as the sclose() macro, but this code is highly
POSIX-specific, anyway.
2011-09-02 13:22:20 -07:00
Yang Tse
9194e17003 MemoryTracking: fix logging of free() calls done where Curl_safefree is called
Just internal stuff...

Curl_safefree is now a macro defined in memdebug.h instead of a function
prototyped in url.h and implemented in url.c, so inclusion of url.h is no
longer required in order to simply use Curl_safefree.

Provide definition of macro WHILE_FALSE in setup_once.h in order to allow
other macros such as DEBUGF and DEBUGASSERT, and code using it, to compile
without 'conditional expression is constant' warnings.

The WHILE_FALSE stuff fixes 150+ MSVC compiler warnings.
2011-09-02 19:40:53 +02:00
Yang Tse
749dbfbc87 transfer.c: fix parentheses/braces placement for vi/emacs delimiter matching 2011-09-02 17:41:39 +02:00
Yang Tse
6b59bc1805 transfer.c: fix loadhostpairs() OOM handling 2011-09-02 00:06:19 +02:00
Yang Tse
f2285a6d39 hostip.c: return immediately from Curl_resolv_timeout() upon expired timeout.
Ensure existing logic in Curl_resolv_timeout() is not subverted upon getting a
negative timeout from resolve_server(). The timeout in resolve_server() could
be checked to avoid calling Curl_resolv_timeout() with an expired timeout, but
fixing this in this way allows existing logic in resolve_server() to be kept
unchanged.
2011-09-01 17:09:46 +02:00
Yang Tse
fdf157abdf ftp.c: fix some leaks torture tests detected 2011-08-30 - follow-up
follow-up for commit d20408e8
2011-09-01 15:38:30 +02:00
Yang Tse
5ea65fbc79 ssh.c: fix realloc() OOM handling 2011-08-31 18:15:29 +02:00
Yang Tse
0b018a0a05 ftp.c: fix some leaks torture tests detected 2011-08-30 - follow-up
follow-up for commit c06de200
2011-08-31 18:14:38 +02:00
Yang Tse
d20408e816 fix some leaks torture tests detected 2011-08-30 2011-08-31 03:50:07 +02:00
Yang Tse
c06de20025 fix some leaks torture tests detected 2011-08-30 2011-08-31 01:58:06 +02:00
Yang Tse
5a45dc4a29 pingpong.c: fix Curl_pp_vsendf() arbitrary restrictions on command length
This removes command length restrictions on calling functions.
2011-08-29 14:27:06 +02:00
Yang Tse
78199b6030 NTLM: header inclusion cleanup follow-up 2011-08-28 11:29:09 +02:00
Yang Tse
05ef245170 NTLM: header inclusion cleanup 2011-08-28 07:15:46 +02:00
Yang Tse
662c1d87f3 NTLM: END of refactoring/splitting/moving
First:

File curl_ntlm.h renamed curl_ntlm_msgs.h
File curl_ntlm.c renamed curl_ntlm_msgs.c

Afterwards:

File http_ntlm.c renamed curl_ntlm.c
File http_ntlm.h renamed curl_ntlm.h
2011-08-28 02:00:02 +02:00
Yang Tse
135f694058 NTLM: move NTLM core specifics into curl_ntlm_core.[ch] 2011-08-28 01:19:08 +02:00
Yang Tse
260ee6b7bf NTLM_WB: move NTLM_WB specifics into curl_ntlm_wb.[ch] 2011-08-27 19:16:10 +02:00
Yang Tse
b976d108f1 NTLM_WB: final congruency naming adjustments
Configure script option --enable-wb-ntlm-auth renamed to --enable-ntlm-wb
Configure script option --disable-wb-ntlm-auth renamed to --disable-ntlm-wb

Preprocessor symbol WINBIND_NTLM_AUTH_ENABLED renamed to NTLM_WB_ENABLED
Preprocessor symbol WINBIND_NTLM_AUTH_FILE renamed to NTLM_WB_FILE

Test harness env var CURL_NTLM_AUTH renamed to CURL_NTLM_WB_FILE

Static function wb_ntlm_close renamed to ntlm_wb_cleanup
Static function wb_ntlm_initiate renamed to ntlm_wb_init
Static function wb_ntlm_response renamed to ntlm_wb_response
2011-08-27 06:31:18 +02:00
Yang Tse
b4f6319cf7 NTLM single-sign on adjustments (XI)
Feature string literal NTLM_SSO renamed to NTLM_WB.
Preprocessor symbol USE_NTLM_SSO renamed to WINBIND_NTLM_AUTH_ENABLED.
curl's 'long' option 'ntlm-sso' renamed to 'ntlm-wb'.
Fix some comments to make clear that this is actually a NTLM delegation.
2011-08-27 01:33:35 +02:00
Daniel Stenberg
0fd2bf3726 Curl_read_plain: indent code 2011-08-26 23:20:27 +02:00
Yang Tse
407e08baad NTLM single-sign on adjustments (X)
Functions renamed:

Curl_output_ntlm_sso -> Curl_output_ntlm_wb
sso_ntlm_close -> wb_ntlm_close
sso_ntlm_response -> wb_ntlm_response
sso_ntlm_initiate -> wb_ntlm_initiate

Preprocessor symbols renamed:

CURLAUTH_NTLM_SSO -> CURLAUTH_NTLM_WB
CURL_VERSION_NTLM_SSO -> CURL_VERSION_NTLM_WB
2011-08-26 18:57:50 +02:00
Steve Holme
d535cff775 http NTLM: refactoring followup
Output of Curl_ntlm_create_type1_message() and Curl_ntlm_create_type3_message()
functions is now already base64 encoded.
2011-08-25 15:13:13 +02:00
Yang Tse
e83421baf4 include limits.h for INT_MAX 2011-08-24 14:00:42 +02:00
Yang Tse
aa5c72af15 add missing semicolons 2011-08-24 13:58:37 +02:00
Daniel Stenberg
b9c63b9a73 add missing semicolons 2011-08-24 11:56:23 +02:00
Daniel Stenberg
cb5e72bf62 safefree use: fix compiler warning
include the prototype header
2011-08-24 11:55:49 +02:00
Steve Holme
e882416e75 SMTP authentication: fix ordering of preferred authentication method
Fixed the order of the preferred SMTP authentication method to:
AUTH CRAM-MD5, AUTH LOGIN then AUTH PLAIN.

AUTH PLAIN should be the last as it slightly more insecure than AUTH LOGIN
as the username and password are sent together - there is no handshaking
between the client and server like there is with AUTH LOGIN.
2011-08-24 08:55:25 +02:00
Yang Tse
fd00b382b2 base64: fix Curl_base64_encode and Curl_base64_decode interfaces
Previous interfaces for these libcurl internal functions did not allow to tell
apart a legitimate zero size result from an error condition. These functions
now return a CURLcode indicating function success or otherwise specific error.
Output size is returned using a pointer argument.

All usage of these two functions, and others closely related, has been adapted
to the new interfaces. Relative error and OOM handling adapted or added where
missing. Unit test 1302 also adapted.
2011-08-24 08:10:30 +02:00
Steve Holme
006b011cdf http NTLM: remaining bits from 0001-Moved-ntlm-[...]-curl_ntlm-mod_3.patch
* Added function comments:
    - Curl_ntlm_decode_type2_message
    - Curl_ntlm_create_type1_message
    - Curl_ntlm_create_type3_message

* Modification of ntlm processing state to NTLMSTATE_TYPE2 is now done
  only when Curl_ntlm_decode_type2_message() has fully succeeded.
2011-08-22 16:42:59 +02:00
Yang Tse
1c400b4e5e zlib: ensure user provided memory functions are used by zlib, when given
As a bonus, this lets our MemoryTracking subsystem track zlib operations.
And also fixes a shortcut some zlib 1.2.x versions took using malloc()
instead of calloc(), which would trigger memory debuggers warnings on
memory being used without having been initialized.
2011-08-21 13:24:46 +02:00
Yang Tse
aaab5fa299 MemoryTracking: adjust initialization calling
Calling of curl_memdebug() was still done with a pending free()
2011-08-20 17:26:42 +02:00
Daniel Stenberg
2d7c79af76 tcpconnect: follow-up commit after b998d95b
As I modified conn->bits.tcpconnect to become an array that holds one
bool for each potential connection all uses of that struct field must
index it correctly.
2011-08-19 23:39:56 +02:00
Yang Tse
38c5e81a67 ssh.c: add PATH_MAX definition for WIN32 2011-08-19 21:25:39 +02:00
Daniel Stenberg
3af9ba166c connect: set TIMER_CONNECT
When connecting, make sure TIMER_CONNECT is set.
2011-08-19 00:16:01 +02:00
Daniel Stenberg
b998d95b4d FTP: fix proxy connect race condition
When using the multi interface, a SOCKS proxy, and a connection that
wouldn't immediately consider itself connected (which my Linux tests do
by default), libcurl would be tricked into doing _two_ connects to the
SOCKS proxy when it setup the data connection and then of course the
second attempt would fail miserably and cause error.

This problem is a regression that was introduced by commit
4a42e5cdaa that was introduced in the 7.21.7 release.

Bug: http://curl.haxx.se/mail/lib-2011-08/0199.html
Reported by: Fabian Keil
2011-08-18 23:35:15 +02:00
Daniel Stenberg
d44896508c Curl_SOCKS4: minor code compression 2011-08-18 23:28:50 +02:00
Yang Tse
9afb343368 zlib: enforce full initialization of our data space z_stream structs 2011-08-18 20:10:51 +02:00
Daniel Stenberg
1833984664 VC makefiles: fixed variable name mistake 2011-08-17 23:51:37 +02:00
Yang Tse
31a1af5ebb MemoryTracking: adjust curl_domalloc() and curl_dofree() memory filling
Until 2011-08-17 libcurl's Memory Tracking feature also performed
automatic malloc and free filling operations using 0xA5 and 0x13
values. Our own preinitialization of dynamically allocated memory
might be useful when not using third party memory debuggers, but
on the other hand this would fool memory debuggers into thinking
that all dynamically allocated memory is properly initialized.

As a default setting, libcurl's Memory Tracking feature no longer
performs preinitialization of dynamically allocated memory on its
own. If you know what you are doing, and really want to retain old
behavior, you can achieve this compiling with preprocessor symbols
CURL_MT_MALLOC_FILL and CURL_MT_FREE_FILL defined with appropriate
values.
2011-08-17 19:02:42 +02:00
Yang Tse
9710f387c4 MemoryTracking: make curl_docalloc() call calloc() avoiding our zero fill 2011-08-16 22:24:23 +02:00
Daniel Stenberg
4ed7abb537 MSVC makefiles: provide SSH build targets
"release-ssl-ssh2-zlib" and "debug-ssl-ssh2-zlib" are two new makefile
targets that build libcurl with MSVC and link with libssh2

Bug: http://curl.haxx.se/bug/view.cgi?id=3388920
Reported by: "kdekker"
2011-08-15 23:22:06 +02:00
Daniel Stenberg
93ba8b9560 Curl_pgrsStartNow: clear all flags but HIDE
As bug 3385258 pointed out but I missed up the fix for. This is another
take at a fix.

Bug: http://curl.haxx.se/bug/view.cgi?id=3392101
Reported by: Wu Yongzheng
2011-08-15 22:13:18 +02:00
Kamil Dudka
d6f319fb64 nss: start with no database if the selected database is broken
Bug: https://bugzilla.redhat.com/728562
2011-08-15 14:44:49 +02:00
Yang Tse
b9d5e72adc http NTLM: reinstate "nssg.h" "curl_sspi.h" header inclusions 2011-08-15 01:34:34 +02:00
Daniel Stenberg
44b44a751d telnet: allow programatic use on Windows
Summary of the issue can be found at:
http://curl.haxx.se/mail/lib-2010-04/0367.html

That patch only updated the unix sockets code - the winsock code was not
updated and no longer works the same was as the unix code. This change
updates the windows code accordingly.

Bug: http://curl.haxx.se/bug/view.cgi?id=3163118
2011-08-14 23:30:15 +02:00
Yang Tse
e575cbc815 http NTLM: reinstate "memdebug.h" header inclusion
Inclusion of header "memdebug.h" in http_ntlm.c got lost in commit 98fb0ef7.
2011-08-14 21:19:22 +02:00
Daniel Stenberg
f0c59c6c2c RTSP: GET_PARAMETER requests have a body
Bug: http://curl.haxx.se/bug/view.cgi?id=3383692
2011-08-14 19:07:54 +02:00
Daniel Stenberg
dfb18da5dc Curl_output_ntlm: remove unused variable 2011-08-14 18:54:21 +02:00
Yang Tse
dc4f9d185d http NTLM: fix 8 compiler warnings
Strict splitting of http_ntlm.[ch] may trigger 8 compiler warnings when
building with some compilers and strict compiler warnings enabled, depending
on other specific configuration options some could get triggered or not.

Seven are related with 'unused function parameters' and another one with
'var may be used before its value is set'.
2011-08-14 16:36:47 +02:00
Yang Tse
98fb0ef73e http NTLM: split http_ntlm.[ch] between http_ntlm.[ch] and curl_ntlm.[ch]
For modularity purposes, huge chunks of NTLM existing code is transformed into
functions to allow future internal code reuse.

Resulting three new libcurl private functions:

 - Curl_ntlm_create_type1_message()
 - Curl_ntlm_create_type3_message()
 - Curl_ntlm_decode_type2_message()

Changing static ntlm_sspi_cleanup() into non-static Curl_ntlm_sspi_cleanup()

This 'refactoring' has been prepared by previous commits to allow that this
specific one does not introduce any change to existing code. All existing
goodness and badness previous to this commit should remain the same once it is
applied, the only difference should be that existing code is moved into
functions.

Given the quite big portions of code being moved around, and the importance of
change traceability, this commit has been done in such a way that it is
possible to perform a three-way diff from initial http_ntlm.[ch] to resulting
http_ntlm.[ch] and curl_ntlm.[ch] to actually verify that no functional change
is introduced here.

Notice that Steve Holme has provided several patches, but these included this
refactoring along with 'extra' fixes. I really wanted this 'clean' refactoring
done first, in order to allow discussion or committing of 'extra' fixes on a
case by case basis, so, I had to bite the bullet ;-)

Comments, line adjustments, compiler warning fixes, whatever, may follow
afterwards.
2011-08-14 15:45:19 +02:00
Yang Tse
08b05efd20 http_negotiate_sspi.c: fix compiler warning
warning C4706: assignment within conditional expression
2011-08-14 00:05:05 +02:00
Yang Tse
b4d6db83de http NTLM: change return type of Curl_input_ntlm() to CURLcode
Remove CURLntlm enum, no longer required.
2011-08-13 23:59:29 +02:00
Daniel Stenberg
a30ede868a VC6 makefiles: added embedded documentation
Just a note about the fact that all VC[6/8/9/10] makefiles are generated
from the VC6 one as source.
2011-08-13 22:30:56 +02:00
Daniel Stenberg
e40c663d36 Curl_retry_request: check return code!
Curl_readrewind() was called without checking its return code, which
could lead to badness.

Bug: http://curl.haxx.se/bug/view.cgi?id=3349227
2011-08-13 00:51:16 +02:00
Yang Tse
1e4187f8bf http NTLM: update NTLM type-* message structure descriptions - followup 2011-08-13 00:20:51 +02:00
Yang Tse
a472ceb174 http NTLM: fix inclusion of curl_ntlm.h 2011-08-12 22:01:27 +02:00
Yang Tse
092189c664 http NTLM: update NTLM message structure notes 2011-08-12 21:13:01 +02:00
Steve Holme
301e907aed http NTLM: move portions of http_ntlm.h into new curl_ntlm.h 2011-08-12 20:02:01 +02:00
Yang Tse
3293150da2 http NTLM: more adjustments in preparation of code refactoring
Use preprocessor symbol NTLM_BUFSIZE to define private NTLM buffer fixed size.

Use a SessionHandle 'data' pointer variable to ease refactoring.

Update NTLM type-* message structure descriptions.

Fix some more spacing and typos (Steve Holme).
2011-08-12 19:51:50 +02:00
Yang Tse
448f982d54 http NTLM: fix compiler warning 2011-08-11 09:06:06 +02:00
Steve Holme
f396d94736 http NTLM: Tidied up more inconsistent spacing.
Moved NTLMSSP_SIGNATURE, HOSTNAME_MAX, SHORTPAIR and LONGQUARTET definitions in ready for move to curl_ntlm.c.

Used separate variables for Windows SSPI and native code to ease moving of code to curl_ntlm.c.

Fixed typographical erros where SPPI should be SSPI.

Fixed compilation warnings on 64-bit builds when calling Windows SSPI functions.
2011-08-11 02:18:16 +02:00
Yang Tse
c7fb556f26 http NTLM: Further tiding up to libcurl standards 2011-08-09 22:57:22 +02:00
Steve Holme
5ed17de326 http NTLM: Tidied up http_ntlm prior to splitting the ntlm specific code 2011-08-09 22:57:22 +02:00
Daniel Stenberg
7c21c1c4f9 cookie parser: handle 'secure='
There are two keywords in cookie headers that don't follow the regular
name=value style: secure and httponly. Still we must support that they
are written like 'secure=' and then treat them as if they were written
'secure'. Test case 31 was much extended by Rob Ward to test this.

Bug: http://curl.haxx.se/bug/view.cgi?id=3349227
Reported by: "gnombat"
2011-08-09 14:02:05 +02:00
Daniel Stenberg
45d883d88d CURLFORM_BUFFER: insert filename as documented
A regression where CURLFORM_BUFFER stopped to properly insert the file
name part in the formpart. Bug introduced in commit f851f76857.

Added CURLFORM_BUFFER use to test 554 to verify this.

Bug: http://curl.haxx.se/mail/lib-2011-07/0176.html
Reported by: Henry Ludemann
2011-08-08 18:45:03 +02:00
Daniel Stenberg
3dcc0df5cc SOCKS: fix the connect timeout
The connect timeout logic when using SOCKS was done wrong

Bug: http://curl.haxx.se/mail/lib-2011-07/0177.html
Reported by: "Spoon Man"
2011-08-08 11:23:31 +02:00
Daniel Stenberg
da3ae20da5 ftp_doing: bail out on error properly
When a failure has been detected we must abort immdiately.

Bug: http://curl.haxx.se/mail/lib-2011-07/0177.html
Reported by: "Spoon Man"
2011-08-08 10:43:09 +02:00
Cristian Rodríguez
3d919440c8 OpenSSL: Use SSL_MODE_RELEASE_BUFFERS if available, reduces memory use
See also :
http://www.openssl.org/docs/ssl/SSL_CTX_set_mode.html
http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html

Signed-off-by: Cristian Rodríguez <crrodriguez@opensuse.org>
2011-08-07 22:58:31 +02:00
Daniel Stenberg
15379f0614 Curl_pgrsStartNow: clear all bits except HIDE
Bug: http://curl.haxx.se/bug/view.cgi?id=3385258
Reported by: Ben Winslow
2011-08-07 22:26:57 +02:00
Daniel Stenberg
f2a6373629 readwrite_data: improved C-E decoding error message 2011-08-07 19:55:23 +02:00
Yang Tse
2ccffbb37e BSD-style lwIP TCP/IP stack support - followup
lwIP library initialization.
2011-08-07 08:45:57 +02:00
Yang Tse
1db023d3cb NTLM single-sign on adjustments (IX)
Use swrite/sread instead of write/read to avoid SIGPIPE
2011-08-07 03:05:04 +02:00
Yang Tse
91ad42412f config-win32.h: comments adjustments 2011-08-06 19:18:43 +02:00
Christian Hägele
704dc18440 asyn-thread: check for dotted addresses before thread starts 2011-08-06 15:21:42 +02:00
Yang Tse
40e1d03c5d checksrc.pl: add quotes to var 2011-08-05 21:24:59 +02:00
Yang Tse
c95fec5e5b keep a single copy of config-win32.h in version control repository - followup
Allow configure builds to generate src/config-win32.h

Skip checksrc on src/config-win32.h contents already checked at lib/config-win32.h

Allow multiple -W in checksrc.pl
2011-08-05 21:01:39 +02:00
Yang Tse
f6272dd9b8 BSD-style lwIP TCP/IP stack support - followup 2011-08-05 15:53:00 +02:00
Yang Tse
f0fae85acd keep a single copy of config-win32.h in version control repository.
maketgz and buildconf.bat updated to reflect this.
2011-08-05 13:20:22 +02:00
Daniel Stenberg
17f343290c create_conn: mark non-HTTP proxies accordingly
A proxy could be marked 'httpproxy' wrongly before if set with an
environment variable or with the CURLOPT_PROXY option with a socks*://
prefix or similar.

Added test 710 to verify

Bug: http://curl.haxx.se/mail/lib-2011-07/0194.html
2011-08-05 00:44:40 +02:00
Yang Tse
a6ed2b8426 BSD-style lwIP TCP/IP stack support:
Allow compilation of libcurl and curl using BSD-style lwIP on Win32.

In order to compile libcurl and curl with this support it is necessary
to edit files lib/config-win32.h and src/config-win32.h and uncomment
a line to make definition of preprocessor symbol USE_LWIPSOCK visible.

Afterwards you can compile as usual.

In order to use compiled library with BSD-style lwIP TCP/IP stack in
your program it is mandatory that you include lwIP header file <lwip/opt.h>
before including <curl/curl.h> or <curl/multi.h>

Compilation has been verified with lwIP 1.4.0 and contrib-1.4.0 from:

http://download.savannah.gnu.org/releases/lwip/lwip-1.4.0.zip
http://download.savannah.gnu.org/releases/lwip/contrib-1.4.0.zip

Have fun!
2011-08-04 21:27:29 +02:00
Kamil Dudka
ddf0b30ffd curl_gssapi: add a missing include of sendf.h
... to avoid build failure when GSS_C_DELEG_POLICY_FLAG is not defined.

Reported by: Paul Howarth
2011-08-03 18:07:07 +02:00
Kamil Dudka
a7864c41db curl_gssapi: refine the handling of CURLOPT_GSSAPI_DELEGATION
Suggested by Richard Silverman.
2011-08-03 10:56:41 +02:00
Adam Tkac
ebf42c4be7 Add new CURLOPT_GSSAPI_DELEGATION option.
Curl_gss_init_sec_context got new parameter - SessionHandle.

Signed-off-by: Adam Tkac <atkac@redhat.com>
2011-08-03 10:23:34 +02:00
Yang Tse
10a0bed485 NTLM single-sign on adjustments (VIII)
Use preprocessor symbols WINBIND_NTLM_AUTH_ENABLED and WINBIND_NTLM_AUTH_FILE
for Samba's winbind daemon ntlm_auth helper code implementation and filename.

Retain preprocessor symbol USE_NTLM_SSO for NTLM single-sign-on feature
availability implementation independent.

For test harness, prefix NTLM_AUTH environment vars with CURL_

Refactor and rename configure option --with-ntlm-auth to --enable-wb-ntlm-auth[=FILE]
2011-07-31 20:44:41 +02:00
Yang Tse
ad8193fbb9 NTLM single-sign on adjustments (VII)
Initialize variables when connectdata object is created.
2011-07-29 16:27:15 +02:00
Yang Tse
bcbac913d6 socketpair() usage tracking to allow fd leak detection 2011-07-29 13:27:10 +02:00
Dan Fandrich
c01c000b16 Avoid a "shadows global declaration" warning on old MIT Kerberos
Defining NCOMPAT eliminates the backwards-compatibility macros
that are the source of the problem and which we don't need,
anyway.
2011-07-28 14:04:13 -07:00
Dan Fandrich
9779553221 Give the NTLM SSO helper a moment to cleanly shut down if needed 2011-07-28 12:42:39 -07:00
Dan Fandrich
435e2bc757 Removed an extraneous \n that violated the SSO daemon protocol
This caused fake_ntlm to abort due to an invalid command
causing sporadic test 2005 failures.
2011-07-28 12:41:44 -07:00
Dan Fandrich
02e59579ef Fixed a couple of memory leaks in NTLM SSO support 2011-07-27 18:08:10 -07:00
Yang Tse
dddf9aa610 NTLM single-sign on adjustments (IV)
Fix compiler warning
2011-07-27 20:10:02 +02:00
Yang Tse
4eb08ac1c0 NTLM single-sign on adjustments (III)
Provide some error tracing and fix execl() calling.
2011-07-27 19:12:06 +02:00
Yang Tse
41c6c78a08 fix compiler warning 2011-07-26 21:36:35 +02:00
Yang Tse
78bbd0eecf fix compiler warning 2011-07-26 19:42:16 +02:00
Yang Tse
f1586cb477 stdio.h, stdlib.h, string.h, stdarg.h and ctype.h inclusion done in setup_once.h 2011-07-26 17:23:27 +02:00
Yang Tse
983f3d70f9 WIN32 io.h and fcntl.h inclusion done in setup_once.h 2011-07-25 05:30:14 +02:00
Yang Tse
0337b87197 time.h and sys/time.h inclusion conditionally done in setup_once.h 2011-07-25 04:08:08 +02:00
Yang Tse
0a26b0e3e7 errno.h inclusion conditionally done in setup_once.h - followup 2011-07-25 03:10:24 +02:00
Yang Tse
ef2176109f errno.h inclusion conditionally done in setup_once.h 2011-07-24 04:39:43 +02:00
Ben Winslow
27b8814017 progress: reset flags at transfer start
When an easy handle is used to download an URI which has no
Content-Length header (or equivalent) after downloading an URI which
does, the value from the previous transfer is reused and returned by
CURLINFO_CONTENT_LENGTH_DOWNLOAD. This is because the progress flags
(used to determine whether such a header was received) are not reset
between transfers.

Bug: http://curl.haxx.se/bug/view.cgi?id=3370895
2011-07-22 22:50:58 +02:00
Daniel Stenberg
3f9b4afdfd http error response: stop sending when error is received
When libcurl has said to the server that there's a POST or PUT coming
(with a content-length and all) it has to either deliver that amount of
data or it needs to close the connection before trying a second request.

Adds test case 1129, 1130 and 1131

The bug report is about when used with 100-continue, but the change is
more generic.

Bug: http://curl.haxx.se/mail/lib-2011-06/0191.html
Reported by: Steven Parkes
2011-07-20 00:08:41 +02:00
Michael Mueller
d007c3ca76 sso_ntlm_initiate: unassigned variable
Bug: http://curl.haxx.se/mail/lib-2011-07/0109.html
2011-07-19 23:54:21 +02:00
Mandy Wu
a6d4807d02 NTLM single-sign on supported
With the use of the 'ntlm_auth' tool from the Samba project
2011-07-18 23:36:36 +02:00
Julien Chaffraix
6e3285d5b1 curl_gssapi: Guard files with HAVE_GSSAPI.
Bug: http://curl.haxx.se/mail/lib-2011-07/0074.html
Reported and fix suggested by: Ben Greear
2011-07-13 21:16:03 -07:00
Daniel Stenberg
44b5847237 gssapi: rename our files to avoid conflicts
gssapi.h is used as a header name by Heimdal-style GSSAPI so it would
conflict with a private header using that name, and while renaming the
header I figured we should name the .c file accordingly as well.

Bug: http://curl.haxx.se/mail/lib-2011-07/0071.html
Reported by: Ben Greear
2011-07-13 22:54:54 +02:00
Daniel Stenberg
ee4ed46128 silence picky compilers: mark unused parameters
Modern gcc versions (4.6.X) get more picky by default and have started
to warn for unused parameters, but luckily gcc also allows us to mark
them as unused so that we can avoid the warnings.
2011-07-12 23:24:52 +02:00
Julien Chaffraix
2af0287856 gssapi.c: Simplified the function.
Removed the parameters that were common to all our invocation.
2011-07-12 07:06:26 -07:00
Julien Chaffraix
20485a4885 Added Curl_gss_init_sec_context.
This function wraps our calls to gss_init_sec_context so that we
have a unified way to talk to GSSAPI.
2011-07-12 07:06:25 -07:00
Julien Chaffraix
6488e03f44 http_negociate: Be consistent in gss_init_sec_context attributes.
This change makes this callsite match the rest of the code.
2011-07-12 07:06:25 -07:00
Daniel Stenberg
b680fd180b code style: space between close paren and open brace 2011-07-04 22:10:32 +02:00
Daniel Stenberg
dc97475ded checksrc: detect open brace without space
We use "if(condition) {" with a space between the close paren and the
open brace.
2011-07-04 22:08:14 +02:00
Daniel Stenberg
c6e3081090 polarssl.h: remove CVS leftover 2011-07-04 22:04:04 +02:00
Daniel Stenberg
bcf50283fc Curl_http_readwrite_headers: minor indent fix 2011-07-01 22:57:28 +02:00
Daniel Stenberg
2e2e5f247a get_gss_name: proxy auth without proxy set equals error
Previously it would access a NULL pointer and die.

Bug: http://curl.haxx.se/mail/lib-2011-06/0170.html
Reported by: Christian Hagele
2011-06-29 12:27:37 +02:00
Daniel Stenberg
57d51be60c parsedate: detect more invalid dates better 2011-06-23 13:49:29 +02:00
Daniel Stenberg
5c314c6bb4 Curl_input_negotiate: do not delegate GSSAPI credentials
This is a security flaw. See curl advisory 20110623 for details.

Reported by: Richard Silverman
2011-06-22 23:04:26 +02:00
Josue Andrade Gomes
9016958aa8 windows build: use correct MS CRT 2011-06-21 20:05:06 +02:00
Ori Avtalion
af6dcc92d5 [pop3] remove extra space in LIST command
Some servers, e.g. mail.bezeqint.net:110, consider it a syntax error
2011-06-21 18:12:05 +03:00
Yang Tse
57064e4a0d http: fix compiler warning
compiler warning: conditional expression is constant
2011-06-21 16:28:15 +02:00
Yang Tse
d9e71809cb asyn-thread: fix compiler warning
compiler warning: variable is initialized but not referenced
2011-06-21 16:06:56 +02:00
Yang Tse
a7cc54a5a8 cmake: remove spurious definition 2011-06-21 15:28:03 +02:00
Amr Shahin
c9f16e67ef unitteset: Curl_llist_move
adding unit test for Curl_llist_move, documenting unit-tested functions
in llist.c, changing unit-test to unittest, replacing assert calls with
abort_unless calls
2011-06-19 22:22:49 +02:00
Daniel Stenberg
f851f76857 CURLFORM_STREAM: acknowledge CURLFORM_FILENAME
The CURLFORM_STREAM is documented to only insert a file name (and thus
look like a file upload) in the part if CURLFORM_FILENAME is set, but in
reality it always inserted a filename="" and if CURLFORM_FILENAME wasn't
set, it would insert insert rubbish (or possibly crash).

This is now fixed to work as documented, and test 554 has been extended
to verify this.

Reported by: Sascha Swiercy
Bug: http://curl.haxx.se/mail/lib-2011-06/0070.html
2011-06-17 22:23:42 +02:00
Daniel Stenberg
0aedccc18a curl_formget: fix FILE * leak
Properly deal with the fact that the last fread() call most probably is
a short read, and when using callbacks in fact all calls can be short
reads. No longer consider a file read done until it returns a 0 from the
read function.

Reported by: Aaron Orenstein
Bug: http://curl.haxx.se/mail/lib-2011-06/0048.html
2011-06-13 22:32:00 +02:00
Daniel Stenberg
85881f9f35 curl_formget: treat CURLFORM_STREAM better
If a piece is set to use a callback to get the data, it should not be
treated as data. It unfortunately also requires that curl_easy_perform()
or similar has been used as otherwise the callback function hasn't been
figured out and curl_formget won't know how to get the content.
2011-06-13 22:05:13 +02:00
Daniel Stenberg
ee015947d4 long/int mess
Typecast when converting to int from long to avoid some compiler warnings
2011-06-11 22:56:45 +02:00
Daniel Stenberg
c4dd8df081 splay: add unit tests
The test code that was #ifdef'ed in the code was converted into unit
tests in test case 1309. I also removed the #if 0'ed code from splay.c
2011-06-10 20:19:35 +02:00
Daniel Stenberg
0f7bea7c3a unittest: mark all unit tested functions
With "@unittest: [num]" in the header comment for each tested function.
Shows we have a log way to go still...
2011-06-10 14:40:46 +02:00
Kamil Dudka
f551aa5c16 disconnect: wipe out the keeps_speed time stamp
When closing a connection, the speedchecker's timestamp is now deleted
so that it cannot accidentally be used by a fresh connection on the same
handle when examining the transfer speed.

Bug: https://bugzilla.redhat.com/679709
2011-06-08 00:23:41 +02:00
Yang Tse
377f88364e urldata: use uniform inclusion style for OpenSSL headers 2011-06-07 18:35:42 +02:00
Daniel Stenberg
c0b9dd27b5 HTTP time condition: force closure for 200 OK
When a time condition isn't met, so that no body is delivered to the
application even though a 2xx response is being read from the server, we
must close the connection to avoid a re-use of the connection to be
completely tricked.

Added test 1128 to verify.
2011-06-07 13:40:11 +02:00
Daniel Stenberg
7559b77727 wait_ms: takes an int argument
Typecasts added since I changed more code to use long for timeouts
2011-06-05 12:06:50 +02:00
Daniel Stenberg
4f170ee8f9 Curl_socket_ready: make timeout a 'long'
It was mostly typecasted to int all over the code so switching to long
instead all over should be a net gain.
2011-06-04 21:19:14 +02:00
Daniel Stenberg
9776f3445d cookie_output: made private 2011-06-03 20:02:07 +02:00
Daniel Stenberg
adeac15d8e digest_cleanup_one: made private 2011-06-03 19:54:17 +02:00
Daniel Stenberg
5d4e5593d5 privatise: make private functions static 2011-06-03 19:51:08 +02:00
Daniel Stenberg
c2eb8c932d Curl_fileinfo_dup: removed, not used 2011-06-03 19:33:23 +02:00
Daniel Stenberg
a6f14e17b7 parsedate: turn private and static
I removed the prefix as well accordingly.
2011-06-03 19:31:32 +02:00
Yang Tse
65a9fa59dc Remove unnecessary typecast 2011-06-02 19:42:24 +02:00
Yang Tse
9eea43dce2 compiler warning: fix
Fix compiler warning: cast increases required alignment
2011-06-02 19:19:36 +02:00
Yang Tse
970117ef2d OpenSSL enabled: require OPENSSL_VERSION_NUMBER definition before usage. 2011-06-02 12:52:52 +02:00
Yang Tse
aa76dec33a unit tests: more build adjustments 2011-06-01 21:40:09 +02:00
Yang Tse
685359d4c3 makefile: avoid preprocessor definition usage when linking 2011-06-01 14:43:25 +02:00
Yang Tse
a689072f33 warnless: icc 9.1 workaround 2011-06-01 12:13:42 +02:00
Yang Tse
ecfe0b5b18 Makefile.am: fix spurious CFLAGS duplication 2011-05-30 22:34:06 +02:00
Yang Tse
7dd449d843 warnless: header inclusion fix 2011-05-27 06:56:56 +02:00
Yang Tse
f461c6e61d Make checksrc.pl work on more out-of-tree builds
Source files given with relative paths do not have the
-D directory specifier prepended.
2011-05-26 19:17:10 +02:00
Yang Tse
3c9ff41a1f compiler warning: fix
Fix compiler warning: conversion may lose significant bits
2011-05-26 15:44:53 +02:00
Yang Tse
c8c8816a97 socks: fix unaligned memory access 2011-05-26 14:53:13 +02:00
Daniel Stenberg
017ee34bba create_conn: only switch protocol handler if necessary
When switching to HTTP because a HTTP proxy is being used, the existing
handler is now checked if it already is "compatible". This allows the https
handler remain while other non-http handlers will be redirected.

Bug: http://curl.haxx.se/mail/lib-2011-05/0214.html
Reported by: Jerome Robert
2011-05-25 15:57:38 +02:00
Yang Tse
a947a9ac62 compiler warning: fix followup
Fix compiler warning: variable was set but never used

Fix compiler warning: clobber ignored
2011-05-25 09:56:57 +02:00
Yang Tse
b735717606 compiler warning: fix
Fix compiler warning: variable was set but never used

Fix compiler warning: clobber ignored
2011-05-24 20:39:58 +02:00
Yang Tse
a41c7f9736 build: inclusion guard
Enclose header file in an inclusion guard
2011-05-24 15:42:02 +02:00
Yang Tse
512b2f7740 compiler warning: fix
Fix compiler warning: expression has no effect
2011-05-24 15:18:26 +02:00
Yang Tse
8bdc48eddb compiler warning: fix
Fix compiler warning: `keycheck' might be used uninitialized in this function.
Fix compiler warning: `keybit' might be used uninitialized in this function.
2011-05-23 19:37:41 +02:00
Yang Tse
328600e02b compiler warning: fix
Fix variable declaration placement
2011-05-23 19:04:49 +02:00
Yang Tse
e2747ebbc0 compiler warning: fix
Fix missing semicolon
2011-05-23 16:59:43 +02:00
Yang Tse
41ebda02b2 compiler warning: fix
Fix compiler warning: expression has no effect

Fix OOM handling
2011-05-23 16:55:49 +02:00
Yang Tse
30c9799f72 compiler warning: fix
Fix compiler warning: expression has no effect
2011-05-23 16:55:09 +02:00
Yang Tse
bed6b89a2f compiler warning: fix
Fix compiler warning: unused variable 'data'
2011-05-23 12:57:23 +02:00
Yang Tse
3e70c28ce5 compiler warning: fix
Fix compiler warning: enumerated type mixed with another type
2011-05-21 15:06:50 +02:00
Yang Tse
79cc6c244a compiler warning: fix
Fix compiler warning: enumerated type mixed with another type
2011-05-21 14:59:03 +02:00
Yang Tse
d30ddd9977 compiler warning: fix
Fix compiler warning: enumerated type mixed with another type
2011-05-21 14:55:10 +02:00
Yang Tse
fce7276f54 compiler warning: fix
Fix compiler warning: enumerated type mixed with another type
2011-05-21 14:10:17 +02:00
Yang Tse
004d84fcc1 compiler warning: fix
Fix compiler warning: empty body in an if-statement
2011-05-21 13:46:37 +02:00
Ola Mork
3912e7bde3 cyassl: build without filesystem
Get cyassl's NO_FILESYSTEM to work with libcurl. Otherwise I'd get linker
errors for the missing "SSL_CTX_load_verify_locations" functions.
2011-05-20 23:40:59 +02:00
Yang Tse
5db30a1d8c version: linkage fix
Fix linkage on c-ares enabled Windows static builds
2011-05-19 11:50:20 +02:00
Daniel Stenberg
60f0ebbdc9 CLOSESOCKETFUNCTION: use the callback
Fix the return type of the callback to match close() and make use of it.
2011-05-18 22:56:46 +02:00
Daniel Stenberg
b5d170b551 CLOSESOCKETFUNCTION: added
Introduced the initial setup to allow closesocket callbacks by making
sure sclose() is only ever called from one place in the libcurl source
and still run all test cases fine.
2011-05-18 22:56:46 +02:00
Daniel Stenberg
d4e000906a GnuTLS handshake: fix timeout
Commit cbf4961bf3 garbled the timeout handling while doing SSL
handshaking (in an attempt at fixing another bug). This puts sanity
back.

Bug: http://curl.haxx.se/mail/lib-2011-05/0167.html
Reported by: Ethan Glasser Camp
2011-05-18 20:48:42 +02:00
Daniel Stenberg
bb7ff942d3 checksrc: trailing whitespace detection fix 2011-05-16 15:21:32 +02:00
Marcel Roelofs
48a40f0402 negotiate sspi: fix sequential requests 2011-05-16 15:21:32 +02:00
Dan Fandrich
2a02c07a15 Fixed compilation when RTSP is disabled 2011-05-06 13:48:59 -07:00
Dan Fandrich
212d8c8f65 Fixed LDAP after RTSP readwrite change 2011-05-06 13:48:24 -07:00
Daniel Stenberg
32001ac414 set_userpass: convert from protocol-specific to generic
The protocol handler's flags field now can set that the protocol
requires a password, so that the set_userpass function doesn't have to
have the specific knowledge of which protocols that do.
2011-05-05 17:07:21 +02:00
Daniel Stenberg
9c629e5348 RTSP: cleanups
Made several functions static

Made one function defined to nothing when RTSP is disabled to avoid
the #ifdefs in code.

Removed explicit rtsp.h includes
2011-05-05 16:53:05 +02:00
Daniel Stenberg
f0612f166a RTSP: convert protocol-specific checks to generic
Add a 'readwrite' function to the protocol handler struct and use that
for the extra readwrite functionality RTSP needs.
2011-05-05 16:27:03 +02:00
Daniel Stenberg
e34131db78 SSL: check for SSL, not specific protocols
Code cleanup to check less for protocols and more for the specific
relevant feature. Like if SSL is required.
2011-05-05 15:49:43 +02:00
Daniel Stenberg
335dfa793c http_perhapsrewind: remove HTTP check
No need to check for HTTP as this is now a HTTP-specific function
2011-05-05 15:38:01 +02:00
Daniel Stenberg
574aecee20 http_perhapsrewind:
make it static, remove Curl_ prefix
2011-05-05 15:18:31 +02:00
Daniel Stenberg
51075a6777 remove FILE protocol-specific checks
Also, convert the BANPROXY flag into NONETWORK for the protocols
(file:// only atm) that don't work over networks.
2011-05-05 15:14:19 +02:00
Daniel Stenberg
558f997e99 socks proxy: allow socks5h:// prefix too
Using 'socks5h' as proxy protocol will make it a
CURLPROXY_SOCKS5_HOSTNAME proxy which is SOCKS5 and asking the proxy to
resolve host names. I found no "standard" protocol name for this.
2011-05-05 11:47:55 +02:00
Daniel Stenberg
61877b569f Corrected comments
closepolicy has been deprecated and unused for years
2011-05-05 00:02:39 +02:00
Daniel Stenberg
dc15a88076 ConnectionStore: remove unused return code 2011-05-04 23:56:18 +02:00
Daniel Stenberg
adae5926dd indent correctly 2011-05-04 23:45:30 +02:00
Daniel Stenberg
7d94af497d SSH: set non-blocking earlier
Introduce an INIT state for the SSH state machine and set libssh2
non-blocking in that so that it is set properly before
libssh2_session_startup() is called.

Bug: http://curl.haxx.se/mail/archive-2011-05/0001.html
2011-05-01 23:02:39 +02:00
Daniel Stenberg
821301de15 ConnectionExists: avoid NULL dereference
When checking for connections that are bound to a particular device we
must make sure we don't compare with a NULL pointer.
2011-04-29 16:46:49 +02:00
Daniel Stenberg
3440f4d374 resolver_error: remove bad semicolon 2011-04-29 16:33:45 +02:00
Daniel Stenberg
5b7e1f9efe gai_strerror: provide private implementation
There are systems (like NetWare) without its own gai_strerror()
function.
2011-04-28 15:25:03 +02:00
Daniel Stenberg
c33aee1667 treaded-resolver: better error messages
Now use gai_strerror() to get proper error messages when getaddrinfo()
has failed. Detect the function in configure.

Code based on work and suggestions by Jeff Pohlmeyer and Guenter Knauf
2011-04-28 15:25:03 +02:00
Daniel Stenberg
3b1b26578f proxy: allow socks:// prefix in proxy string
Inspired by a patch from OB.Conseil. Added test case 708 to verify.
2011-04-28 15:08:09 +02:00
Zmey Petroff
2cbe885c1a CMake: improve library search, implement install.
Improved library search by check_function_exists_concat() macro:
it does not revert the list of libraries any more.

Improved OpenSSL library search: first find zlib, then search for
openssl libraries that may depend on zlib.

For Unix: openssl libraries can now be detected in nonstandard
locations. Supply CMAKE_LIBRARY_PATH to CMake on command line.

Added installation capability (very basic one yet).
2011-04-28 10:12:33 +02:00
Daniel Stenberg
4a42e5cdaa multi-socks: fix connect to proxy
When connecting to a socks or similar proxy we do the proxy handshake at
once when we know the TCP connect is completed and we only consider the
"connection" complete after the proxy handshake. This fixes test 564
which is now no longer considered disabled.

Reported by: Dmitri Shubin
Bug: http://curl.haxx.se/mail/lib-2011-04/0127.html
2011-04-28 10:06:49 +02:00
Daniel Stenberg
53ef3493bf cleanup: remove old unused debug code 2011-04-28 09:21:20 +02:00
Dan Fandrich
cbd98b2c28 Make checksrc.pl work on out-of-tree builds
Source files given with absolute paths do not have the
-D directory specifier prepended.
2011-04-27 12:42:15 -07:00
Daniel Stenberg
4685db9462 make: add checksrc.pl to dist 2011-04-27 11:42:02 +02:00
Daniel Stenberg
45de057920 make: add 'checksrc' as target to check code style
The make target checksrc now works in the root makefile and in both the
src and lib directories.

It is also run automatically on "all" if configure --enable-debug was
used.
2011-04-27 10:23:27 +02:00
Daniel Stenberg
6a6981503e checksrc: add -W to allow a file to be whitelisted
Useful when a known file just doesn't comply and there's no intention to
make it do so.
2011-04-27 09:09:35 +02:00
Daniel Stenberg
889d1e973f whitespace cleanup: no space first in conditionals
"if(a)" is our style, not "if( a )"
2011-04-27 09:09:35 +02:00
Daniel Stenberg
1b758b01c1 lib/make: run checksrc.pl once for all files
Since it now supports multiple files this will be faster and will show
problems for more file than one at a time - more convenient.
2011-04-27 09:09:35 +02:00
Daniel Stenberg
7ddcc8fea4 checksrc: scan many files, more checks
It now scans multiple files and outputs an error+warning count summary
at the end in case at least one was detected.

-D can be used to specify in which dir the files are located

The script now scans for conditions that starts with a space for
if/while/for lines.
2011-04-27 09:09:35 +02:00
Daniel Stenberg
068d656c6d Makefile: run checksrc if debug enabled
And make the build fail if a warning or error was detected
2011-04-27 09:09:35 +02:00
Daniel Stenberg
92f722017c checksrc: exit error code if warnings or errors 2011-04-27 09:09:35 +02:00
Daniel Stenberg
9869668884 SSH: move knownhost logic to separate function 2011-04-27 09:09:35 +02:00
Daniel Stenberg
b903186fa0 source cleanup: unify look, style and indent levels
By the use of a the new lib/checksrc.pl script that checks that our
basic source style rules are followed.
2011-04-27 09:09:35 +02:00
Guenter Knauf
592eda8e3f Windows native IDN fixes.
For now provide prototypes instead of including the
non-standard normalisation.h which is only available in the
"Internationalized Domain Names Mitigation APIs" download.
2011-04-27 03:53:03 +02:00
Dan Fandrich
6d013b0aab Fixed compiler warning in Windows SSPI case 2011-04-25 21:58:37 -07:00
Dan Fandrich
bcc29cda8e Fixed compilation when the synchronous resolver is used 2011-04-25 19:01:40 -07:00
Dan Fandrich
4235457129 Added new resolver sources to Symbian and VC6 build files 2011-04-25 18:07:32 -07:00
Daniel Stenberg
e9542ccab6 hostip: comment fixed to state current situation 2011-04-25 19:50:56 +02:00
Daniel Stenberg
7de2f9271c async resolvers: further cleanups
asyn-ares.c and asyn-thread.c are two separate backends that implement
the same (internal) async resolver API for libcurl to use. Backend is
specified at build time.

The internal resolver API is defined in asyn.h for asynch resolvers.
2011-04-25 19:47:16 +02:00
Daniel Stenberg
24d84da073 asynch resolvers: cleanup
Fixed indents, coding conventions and white space edits.

Modified the c-ares completion callback function to again NOT read the
conn data when the ares handle is being taken down as then it may have
been freed already.
2011-04-25 19:47:16 +02:00
Vsevolod Novikov
ca015f1a45 asynch resolvers: unified
Introducing an internal API for handling of different async resolver
backends.
2011-04-25 19:47:16 +02:00
Guenter Knauf
722f286f80 Enabled OpenWatcom native Windows IDN build.
For now we directly import the Idn* symbols with the linker;
an upcoming release of OWC will have these added to the import
lib normaliz.lib, and prototypes are added to winnnls.h.
2011-04-24 18:58:07 +02:00
Daniel Stenberg
f20b4606de NTLM: work with unicode
Rewritten code from a patch brought by Matteo Rocco.
2011-04-22 22:04:10 +02:00
Dan Fandrich
17df5d8caa Include unistd.h to declare close() 2011-04-21 14:47:07 -07:00
Fabian Keil
210278d9a1 In lib/, change 'wanna' to 'want to'.
Found with codespell.
2011-04-21 07:55:53 -07:00
Fabian Keil
1702a2c08d Fix a couple of spelling errors in lib/
Found with codespell.
2011-04-21 07:55:53 -07:00
Julien Chaffraix
9230be0797 transfer.c: Fixed indentation in readwrite_data. 2011-04-21 07:55:53 -07:00
Daniel Stenberg
3242abd87a SFTP: close file before postquote
Make sure that files are closed before the post quote commands run as if
they operate on the just transferred file they could otherwise easily
fail.

Patch by: Rajesh Naganathan (edited)
2011-04-20 23:37:29 +02:00
Daniel Stenberg
c2c8948190 Curl_http_connect: detect HTTPS properly after CONNECT
libcurl failed to check the correct struct for HTTPS after CONNECT was
issued to the proxy, so it didn't do the TLS handshake and subsequently
failed the connection. A regression released in 7.21.5 (introduced
around commit 8831000bc0).

Bug: http://curl.haxx.se/mail/lib-2011-04/0134.html
Reported by: Josue Andrade Gomes
2011-04-20 22:50:04 +02:00
Gisle Vanem
9039d19f01 CURL_DOES_CONVERSIONS: fixes
Made it compile and work again after the code move.
2011-04-20 15:23:57 +02:00
Daniel Stenberg
c828646f60 CURL_DOES_CONVERSIONS: cleanup
Massively reduce #ifdefs all over (23 #ifdef lines less so far)
Moved conversion-specific code to non-ascii.c
2011-04-20 00:50:07 +02:00
Guenter Knauf
eb65a49bef Improve MinGW static makefile builds.
It is now possible to use any combination of features without
having to 1st add makefile targets to the main makefile. The
main makefile now passes the 'mingw32-feat1-feat2' as var CFG,
and the ./[lib|src]/Makefile.m32 parses the CFG var to determine
the features to be enabled.
2011-04-19 20:59:24 +02:00
Guenter Knauf
b2140a09f8 Enabled MinGW native Windows IDN build. 2011-04-19 17:28:28 +02:00
Guenter Knauf
519bec7c91 Windows native IDN fixes.
changed windows.h include to system header;
changed obsolete 2nd check for str_w to str_utf8 in order to catch
malloc() failure and avoid a free(NULL);
changed calls to GetLastError() to void to kill unsused var compiler
warnings;
moved one call to GetLastError() into else case so that its only
called when WideCharToMultiByte() really fails.
2011-04-19 17:13:09 +02:00
Guenter Knauf
24e5a40156 Windows native IDN fixes.
Provide prototype for curl_win32_idn_to_ascii();
remove wrong 3rd parameter from curl_win32_idn_to_ascii() call.
2011-04-19 16:48:32 +02:00
Guenter Knauf
24667466f0 Updated default (recommended) dependency versions. 2011-04-19 14:26:51 +02:00
Daniel Stenberg
5aae3c13e2 transfer-encoding: document the options
The new libcurl and command line options are now described.
2011-04-18 19:46:21 +02:00
Daniel Stenberg
8e4fb01e64 transfer-encoding: added new option and cmdline
Added CURLOPT_TRANSFER_ENCODING as the option to set to request Transfer
Encoding in HTTP requests (if built zlib enabled). I also renamed
CURLOPT_ENCODING to CURLOPT_ACCEPT_ENCODING (while keeping the old name
around) to reduce the confusion when we have to encoding options for
HTTP.

--tr-encoding is now the new command line option for curl to request
this, and thus I updated the test cases accordingly.
2011-04-18 19:46:21 +02:00
Daniel Stenberg
ebb37eac8b CURLE_BAD_CONTENT_ENCODING: now used for transfer encoding too 2011-04-18 19:46:21 +02:00
Daniel Stenberg
9d191a6a40 TE: do the Connection: header
When TE: is inserted in the request, we must add a "Connection: TE" as
well to be HTTP 1.1 compliant. If a custom Connection: header is passed
in, we must use that and only append TE to it. Test case 1125 verifies
TE: + custom Connection:.
2011-04-18 19:46:21 +02:00
Daniel Stenberg
2db6f7e703 TE: rename struct field content_encoding
Since this struct member is used in the code to determine what and how
to decode automatically and since it is now also used for compressed
Transfer-Encodings, I renamed it to the more suitable 'auto_decoding'
2011-04-18 19:46:21 +02:00
Daniel Stenberg
0790b27910 HTTP: add support for gzip and deflate Transfer-Encoding
Transfer-Encoding differs from Content-Encoding in a few subtle ways,
but primarily it concerns the transfer only and not the content so when
discovered to be compressed we know we have to uncompress it. There will
only arrive compressed transfers in a response after we have requested
them with the appropriate TE: header.

Test case 1122 and 1123 verify.
2011-04-18 19:46:21 +02:00
Daniel Stenberg
a5ee8d50c3 base64.c: removed wrong comment 2011-04-17 23:03:33 +02:00
Daniel Stenberg
6cfbf21acf Curl_ssl_shutdown: restore send/recv pointers
When going back from SSL, put the send/recv function pointers back to
the plain versions.

Bug: http://curl.haxx.se/mail/lib-2011-04/0070.html
Reported by: Mehmet Bozkurt
2011-04-16 00:16:25 +02:00
Guenter Knauf
72da921942 Changed email per Gisle's request. 2011-04-16 00:11:43 +02:00
Andrei Benea
fb80a0a082 Fix a buffer overflow in pubkey_show(). 2011-04-14 23:02:29 +02:00
Guenter Knauf
e84730948d Replaced var manipulations with perlish hacks. 2011-04-14 01:27:39 +02:00
Daniel Stenberg
f01df19798 checkconnection: don't call with NULL pointer
When checking if an existing RTSP connection is alive or not, the
checkconnection function might be called with a SessionHandle pointer
being NULL and then referenced causing a crash. This happened only using
the multi interface.

Reported by: Tinus van den Berg

Bug: http://curl.haxx.se/bug/view.cgi?id=3280739
2011-04-11 13:17:55 +02:00
Daniel Stenberg
c66b0b32fb OpenSSL: no-sslv2 aware
Allow openSSL without SSL2 to be used. This fix is inspired by the fix
provided by Cristian Rodrguez.

Reported by: Cristian Rodrguez
2011-04-10 19:14:22 +02:00
Kamil Dudka
1a6e7da13d nss: allow to use multiple client certificates for a single host
In case a client certificate is used, invalidate SSL session cache
at the end of a session.  This forces NSS to ask for a new client
certificate when connecting second time to the same host.

Bug: https://bugzilla.redhat.com/689031
2011-04-08 13:35:26 +02:00
Daniel Stenberg
23544f35fd mk-ca-bundle.pl: show full URL in output
When I decided to search for a potential error with the cacert bundle it
struck me I wanted to see the full source URL in the output...
2011-04-07 22:42:22 +02:00
Gisle Vanem
89fa3b3efb lib/Makefile.b32: updates
* Rename the object object directory from 'objs' to 'BCC_obj'. I feel
 it should be named properly. Ref. Makefile.Watcom where it's called
 'WC_Win32.obj'.

* Turn off these warnings to keep the build totally silent (with CBuilder-6
 that is).
  -w-inl    8026 Functions X are not expanded inline.
  -w-pia   8060 Possibly incorrect assignment
  -w-pin  8061 Initialization is only partially bracketed

I'm sure the warnings could be fixed the "proper" way or with some added
"#pragma" statements. But that just clutters the sources IMHO.

* $(MKDIR) and $(RMDIR) have been replaced with the shell-commands 'md'
 and 'rd'. When having MingW/Msys programs 'mkdir.exe' and 'rmdir.exe' in
$PATH, this confuses Borland's make and the result (the cleaning etc.) would
 not be as expected.

* Added a ".path.int = $(OBJDIR)" to tell make where the $(PREPROCESSED)
 files are. Why we need the preprocess step in the fist place is beyond me
(Yang?). But I'll leave that for now.
2011-04-07 15:17:58 +02:00
Chris Smowton
d54668eb00 HTTP pipelining: Fix handling of zero-length responses
Also add test case 584 for the same

Bug: http://curl.haxx.se/bug/view.cgi?id=3214223
2011-04-07 14:18:07 +02:00
Dan Fandrich
c22c258029 Changed some nonportable types 2011-04-05 22:31:45 -07:00
Dan Fandrich
6eb484942b Don't list NTLM in curl-config when HTTP is disabled
Also, fixed Curl_proxyCONNECT() stub with HTTP disabled.
2011-04-05 22:29:21 -07:00
Daniel Stenberg
01f05d0c75 return code cleanup: build, init and run-time errors
Stop the abuse of CURLE_FAILED_INIT as return code for things not being
init related by introducing two new return codes:

CURLE_NOT_BUILT_IN and CURLE_UNKNOWN_OPTION

CURLE_NOT_BUILT_IN replaces return code 4 that has been obsoleted for
several years. It is used for returning error when something is
attempted to be used but the feature/option was not enabled or
explictitly disabled at build-time. Getting this error mostly means that
libcurl needs to be rebuilt.

CURLE_FAILED_INIT is now saved and used strictly for init
failures. Getting this problem means something went seriously wrong,
like a resource shortage or similar.

CURLE_UNKNOWN_OPTION is the option formerly known as
CURLE_UNKNOWN_TELNET_OPTION (and the old name is still present,
separately defined to be removed in a very distant future). This error
code is meant to be used to return when an option is given to libcurl
that isn't known. This problem would mostly indicate a problem in the
program that uses libcurl.
2011-04-05 15:14:02 +02:00
Daniel Stenberg
8321a367ee FTP+proxy: macrofied functions when proxy disabled
In my attempts to reduce #ifdefs in code, the SOCKS functions are now
macros when libcurl is built without proxy support and therefore the FTP
code could avoid some #ifs.
2011-04-05 13:55:11 +02:00
Ben Noordhuis
db59b6202d [pop3 starttls] PASS command was not sent after upgrade to TLS. 2011-04-05 13:38:31 +02:00
Ben Noordhuis
e7837bfd03 [pop3 starttls] the command to send is STLS, not STARTTLS. 2011-04-05 13:38:31 +02:00
Daniel Stenberg
02dbfa2192 http-proxy: move proxy code to http_proxy.c
The new http_proxy.* files now host HTTP proxy specific code (500+ lines
moved out from http.c), and as a consequence there is a macro introduced
for the Curl_proxyCONNECT() function so that code can use it without
actually supporting proxy (or HTTP) in builds.
2011-04-04 19:38:00 +02:00
Daniel Stenberg
9d1e914a56 disable cookies: remove ifdefs, move code
1 - make sure to #define macros for cookie functions in the cookie
header when cookies are disabled to avoid having to use #ifdefs in code
using those functions.

2 - move cookie-specific code to cookie.c and use the functio
conditionally as mentioned in (1).

net result: 6 #if lines removed, and 9 lines of code less
2011-04-04 19:27:26 +02:00
Kamil Dudka
d3408d0593 nss: fix a crash within SSL_AuthCertificate()
The bug was introduced in 806dbb0 (a wrong value was passed in as the
first argument to the default callback in our wrapper).
2011-04-04 18:34:19 +02:00
Daniel Stenberg
318c5c802b multi: shorten lines
We keep them less than 80 columns
2011-04-03 00:07:32 +02:00
Daniel Stenberg
c2459c4328 multi: conn goes bad when data change
Within multi_socket when conn is used as a shorthand, data could be
changed and multi_runsingle could modify the connectdata struct to deal
with. This bug has not been included in a public release.

Using 'conn' like that turned out to be ugly. This change is a partial
revert of commit f1c6cd42f4.

Reported by: Miroslav Spousta
Bug: http://curl.haxx.se/bug/view.cgi?id=3265485
2011-04-02 23:44:11 +02:00
Guenter Knauf
c37ad9e909 Increased script version. 2011-04-01 15:04:53 +02:00
Guenter Knauf
5eda4bf726 Make use of proxy vars if set.
Posted to the list by Quanah Gibson-Mount [quanah zimbra.com].
2011-04-01 14:58:36 +02:00
Guenter Knauf
e02c90dc19 Use var again instead of hard-coded filename. 2011-04-01 14:38:01 +02:00
Gisle Vanem
f1c6cd42f4 typo fix 2011-03-29 13:08:01 +02:00
Peter Sylvester
2531cd94a5 TSL-SRP: enabled with OpenSSL
If a new enough OpenSSL version is used, configure detects the TLS-SRP
support and enables it.
2011-03-25 23:09:28 +01:00
Daniel Stenberg
11c2db2aa2 fix: re-use of bound connections
When asked to bind the local end of a connection when doing a request,
the code will now disqualify other existing connections from re-use even
if they are connected to the correct remote host.

This will also affect which connections that can be used for pipelining,
so that only connections that aren't bound or bound to the same
device/port you're asking for will be considered.
2011-03-25 16:03:37 +01:00
Daniel Stenberg
cc9e4321d3 rtsp: move protocol code to dedicated file
The RTSP-specific function for checking for "dead" connection is better
located in rtsp.c. The code using this is now written without #ifdefs as
the function call is instead turned into a macro (in rtsp.h) when RTSP
is disabled.
2011-03-23 17:27:58 +01:00
Daniel Stenberg
67eb679264 ipv6: only probe once
Move ipv6-functional-probe into a single function that is used from all
places that need to know.

Make the probe function store the result in a static variable so that
subsequent invokes just returns the previous result and won't have to
probe again.
2011-03-23 11:10:55 +01:00
Julien Chaffraix
34ef39015e progress: don't print the last update on a separate line.
Curl_posttransfer is called too soon to add the final new line.
Moved the new line logic to pgrsDone as there is no more call to
update the progress status after this call.

Reported by: Dmitri Shubin <sbn_at_tbricks.com>
http://curl.haxx.se/mail/lib-2010-12/0162.html
2011-03-21 21:00:56 -07:00
Daniel Stenberg
058fb33557 retry-request: rewind if data was sent
When libcurl sends a HTTP request on a re-used connection and detects it
being closed (ie no data at all was read from it), it is important to
rewind if any data in the request was sent using the read callback or
was read from file, as otherwise the retried request will be broken.

Reported by: Chris Smowton
Bug: http://curl.haxx.se/bug/view.cgi?id=3195205
2011-03-20 23:24:45 +01:00
Julien Chaffraix
0f07142509 url: 0 is PROTOPT_NONE.
Tiny tweak after Daniel's refactoring of the protocol handlers.
2011-03-19 22:42:12 -07:00
Daniel Stenberg
3a87dd8b20 pop3: add state name in debug array
We have an array with the state names only built and used when built
debug enabled and this need to list all the states from the .h
2011-03-19 11:05:45 +01:00
Dan Fandrich
663a52c2f8 pop3: use Curl_safefree() to allow torture tests to succeed 2011-03-18 11:20:24 -07:00
Daniel Stenberg
0c05ee3a33 pop3: remove unused variable 2011-03-18 09:18:22 +01:00
Dan Fandrich
ef1c18b952 Added support for LISTing a single POP3 message
Added tests for a number of POP3 LIST operations, including one
that shows a curl problem when listing no messages, so is
disabled.
2011-03-17 16:59:30 -07:00
Dan Fandrich
409867e62b pop3: fixed memory leak in an error retrieval case 2011-03-17 16:28:12 -07:00
Daniel Stenberg
93290f69d0 connection setup: if HTTP is disabled asking for HTTP proxy is bad 2011-03-17 11:45:58 +01:00
Daniel Stenberg
e114648991 scan-build warning
Value stored to 'len' is never read
2011-03-16 00:19:26 +01:00
Daniel Stenberg
b8118dd495 ldap_recv: check return code from ldap_get_dn_ber 2011-03-16 00:16:34 +01:00
Daniel Stenberg
025b9368f8 compiler warnings fixed
Use (void)[variable] to inhibit unused argument/variables warnings.
2011-03-16 00:08:32 +01:00
Ben Noordhuis
521e88e009 SMTP-multi: non-blocking connect
Use Curl_ssl_connect_nonblocking() when upgrading the connection to
TLS/SSL while using the multi interface.
2011-03-15 20:10:02 +01:00
Ben Noordhuis
88e825de86 SMTP in multi mode: use Curl_ssl_connect_nonblocking() when connecting. 2011-03-15 20:09:51 +01:00
Daniel Stenberg
36cb24ec19 buildfix: spell define correctly 2011-03-15 16:49:27 +01:00
Kamil Dudka
806dbb022b nss: do not ignore value of CURLOPT_SSL_VERIFYPEER
When NSS-powered libcurl connected to a SSL server with
CURLOPT_SSL_VERIFYPEER equal to zero, NSS remembered that the peer
certificate was accepted by libcurl and did not ask the second time when
connecting to the same server with CURLOPT_SSL_VERIFYPEER equal to one.

This patch turns off the SSL session cache for the particular SSL socket
if peer verification is disabled.  In order to avoid any performance
impact, the peer verification is completely skipped in that case, which
makes it even faster than before.

Bug: https://bugzilla.redhat.com/678580
2011-03-15 15:48:24 +01:00
Daniel Stenberg
cc228ea6f6 protocol handler cleanup: SSL awareness
As a follow-up to commit 8831000bc0: don't assume that the SSL powered
protocol alternatives are available.
2011-03-15 10:02:05 +01:00
Daniel Stenberg
211504ba8a ldap: use the new protocol handler setup
Use the new flags field and stop using the old protocol defines.
2011-03-15 09:13:11 +01:00
Daniel Stenberg
13b64d7558 protocols: use CURLPROTO_ internally
The PROT_* set of internal defines for the protocols is no longer
used. We now use the same bits internally as we have defined in the
public header using the CURLPROTO_ prefix. This is for simplicity and
because the PROT_* prefix was already used duplicated internally for a
set of KRB4 values.

The PROTOPT_* defines were moved up to just below the struct definition
within which they are used.
2011-03-14 22:52:14 +01:00
Daniel Stenberg
8831000bc0 protocol handler: added flags field
The protocol handler struct got a 'flags' field for special information
and characteristics of the given protocol.

This now enables us to move away central protocol information such as
CLOSEACTION and DUALCHANNEL from single defines in a central place, out
to each protocol's definition. It also made us stop abusing the protocol
field for other info than the protocol, and we could start cleaning up
other protocol-specific things by adding flags bits to set in the
handler struct.

The "protocol" field connectdata struct was removed as well and the code
now refers directly to the conn->handler->protocol field instead. To
make things work properly, the code now always store a conn->given
pointer that points out the original handler struct so that the code can
learn details from the original protocol even if conn->handler is
modified along the way - for example when switching to go over a HTTP
proxy.
2011-03-14 22:22:22 +01:00
Daniel Stenberg
fdaa8da75d sslgen: define Curl_ssl_connect_nonblocking for non-SSL
The non-blocking connect improvement for IMAP showed that we didn't
properly define the Curl_ssl_connect_nonblocking function for non-SSL
builds.

Reported by: Tor Arntsen
2011-03-14 11:13:12 +01:00
Ask Bjørn Hansen
3e00af34c8 mk-ca-bundle.pl: Only download if modified
Only download and convert the certdata to the ca-bundle.crt if Mozilla
changed the data

The Perl LWP module (which in a bit of a circular reference is used by
mk-ca-bundle.pl) is now indirectly using this script. I made this small
tweak to make it easier to automatically maintain the generated
ca-bundle.crt file in version control.
2011-03-14 10:20:21 +01:00
Daniel Stenberg
3eac14b43c SSH: add protocol lock direction
Some protocols have to call the underlying functions without regard to
what exact state the socket signals. For example even if the socket says
"readable", the send function might need to be called while uploading,
or vice versa. This is the case for libssh2 based protocols: SCP and
SFTP and we now introduce a define to set those protocols and we make
the multi interface code aware of this concept.

This is another fix to make test 582 run properly.
2011-03-13 23:21:03 +01:00
Daniel Stenberg
60406ff7f8 state: add missing state to debug table
As a new state recently was added to the IMAP state machine it has to be
in the array of names as well as otherwise libcurl crashes when a debug
version runs...
2011-03-13 14:19:16 +01:00
Daniel Stenberg
ca37692bf4 ssh_statemach_act: set cselect for sftp upload
For uploads we want to use the _sending_ function even when the socket
turns out readable as the underlying libssh2 sftp send function will
deal with both accordingly. This is what the cselect_bits magic is for.

Fixes test 582.
2011-03-13 14:10:27 +01:00
Daniel Stenberg
c8fba59731 Merge branch 'imap' of https://github.com/bnoordhuis/curl into bnoordhuis-imap 2011-03-13 00:36:38 +01:00
Karl M
05ebc6f0cc VC: add missing file
http_negotiate_sspi.c was added to the source tree recently
2011-03-13 00:23:04 +01:00
Marcus Sundberg
6f0ee717c3 GSS: handle reuse fix
Make GSS authentication work when a curl handle is reused for multiple
authenticated requests, by always setting negdata->state in
output_auth_headers().

Signed-off-by: Marcus Sundberg <marcus.sundberg@aptilo.com>
2011-03-13 00:21:07 +01:00
Daniel Stenberg
60172a0446 SFTP: gracefully handle shutdown early
When using the multi interface and a handle using SFTP was removed very
early on, we would get a segfault due to the code assumed data was there
that hadn't yet been setup.

Bug: http://curl.haxx.se/mail/lib-2011-03/0066.html
Reported by: Saqib Ali
2011-03-13 00:15:59 +01:00
Daniel Stenberg
bec9692a77 PROT_CLOSEACTION: added SFTP and SCP
Both SFTP and SCP are protocols that need to shut down stuff properly
when the connection is about to get torned down. The primary effect of
not doing this shows up as memory leaks (when using SCP or SFTP with the
multi interface).

This is one of the problems detected by test 582.
2011-03-12 23:08:10 +01:00
Daniel Stenberg
a07a865d5d readwrite_upload: stop upload at file size
As we know how much to send, we can and should stop once we've sent that
much data as it avoids having to rely on other mechanisms to detect the
end.

This is one of the problems detected by test 582.

Reported by: Henry Ludemann <misc@hl.id.au>
2011-03-12 23:05:11 +01:00
Daniel Stenberg
cccba72920 sftp upload: expire to advance state machine
When using the multi_socket API to do SFTP upload, it is important that
we set a quick expire when leaving the SSH_SFTP_UPLOAD_INIT state as
there's nothing happening on the socket so there's no read or write to
wait for, but the next libssh2 API function needs to be called to get
the ball rolling.

This is one of the problems detected by test 582.

Reported by: Henry Ludemann <misc@hl.id.au>
2011-03-12 23:02:04 +01:00
Daniel Stenberg
1aeb635cdd sources: update source headers
All C and H files now (should) feature the proper project curl source
code header, which includes basic info, a copyright statement and some
basic disclaimers.
2011-03-10 12:04:33 +01:00
Daniel Stenberg
d6b9f76943 cyassl: fix compiler warnings 2011-03-08 14:09:20 +01:00
Todd A Ouska
9e60d8fd9e SSL: (part 2) Added CyaSSL to SSL abstraction layer
This is the modified existing files commit.
2011-03-08 13:54:58 +01:00
Todd A Ouska
a8f30fa555 SSL: Added CyaSSL to SSL abstraction layer
CyaSSL (available from git@github.com:cyassl/cyassl.git) has been
added to the SSL abstraction layer.

To test:
1) git CyaSSL sources
2) autoreconf -i
3) ./configure --disable-static
4) make
5) sudo make install
6) autoreconf -i
7) git curl sources (and this patch)
8) ./configure --disable-shared --with-cyassl --without-ssl --enable-debug
9) make
10) normal testing

Please send questions or comments to todd@yassl.com .
2011-03-08 13:06:38 +01:00
Dan Fandrich
29f0898525 Fixed libcurl to honour the --disable-ldaps configure option 2011-03-07 17:45:33 -08:00
Daniel Stenberg
c9ee341bfb cpp: correct #endif placement
The end-of-file #endif in rawstr.h was not correcly positioned after all
prototypes.

Reported by: Boris
Bug: http://curl.haxx.se/bug/view.cgi?id=3195205
2011-03-06 23:00:28 +01:00
Stefan Krause
8511b6436c transfer: avoid insane conversion of time_t 2011-03-04 21:17:08 +01:00
Daniel Stenberg
17de1cc382 ssh_connect: treat libssh2 return code better
libssh2_knownhost_readfile() returns a negative value on error or
otherwise number of parsed known hosts - this was previously not
documented correctly in the libssh2 man page for the function.

Bug: http://curl.haxx.se/mail/lib-2011-02/0327.html
Reported by: murat
2011-02-26 11:00:44 +01:00
Julien Chaffraix
5719e56168 http: removed wrong unused comment.
|premature| is used in Curl_http_done.
2011-02-25 20:54:39 -08:00
Julien Chaffraix
d7846237a4 http: removed code duplication for stubbed https_getsock function. 2011-02-25 20:50:26 -08:00
Kamil Dudka
7aa2d10e0d nss: do not ignore failure of SSL handshake
Flaw introduced in fc77790 and present in curl-7.21.4.
Bug: https://bugzilla.redhat.com/669702#c16
2011-02-22 13:19:57 +01:00
Julien Chaffraix
0b8cdc0635 netrc: Removed _NETRC_DEBUG code.
This is not needed anymore as we have unit testing running on it.
2011-02-20 21:11:53 -08:00
Julien Chaffraix
9f8e960a1a tests: Cleaned up netrc testing.
Removed the "netrc_debug" keyword replaced with --netrc-file additions.
Removed the debug code from Curl_parsenetrc as it is superseeded by
--netrc-file.
2011-02-20 21:11:52 -08:00
Ben Noordhuis
dd3760f2eb IMAP in multi mode: use Curl_ssl_connect_nonblocking() when upgrading the connection to TLS/SSL. 2011-02-20 21:11:12 +01:00
Ben Noordhuis
45ca048f44 IMAP in multi mode: use Curl_ssl_connect_nonblocking() when connecting. 2011-02-20 21:11:12 +01:00
Mike Crowe
c4369f34b9 multi: close connection on timeout
After a request times out, the connection wasn't properly closed and
prevented to get re-used, so subsequent transfers could still mistakenly
get to use the previously aborted connection.
2011-02-18 23:19:14 +01:00
Daniel Stenberg
d85cae9225 multi: better failed connect treatment
When failing to connect the protocol during the CURLM_STATE_PROTOCONNECT
state, Curl_done() has to be called with the premature flag set TRUE as
for the pingpong protocols this can be important.

When Curl_done() is called with premature == TRUE, it needs to call
Curl_disconnect() with its 'dead_connection' argument set to TRUE as
well so that any protocol handler's disconnect function won't attempt to
use the (control) connection for anything.

This problem caused the pingpong protocols to fail to disconnect when
STARTTLS failed.

Reported by: Alona Rossen
Bug: http://curl.haxx.se/mail/lib-2011-02/0195.html
2011-02-18 23:01:55 +01:00
Hoi-Ho Chan
05895927f5 PolarSSL: Return 0 on receiving TLS CLOSE_NOTIFY alert
Signed-off-by: Hoi-Ho Chan <hoiho.chan@gmail.com>
2011-02-18 09:17:32 +01:00
Daniel Stenberg
1c3c0162c6 SOCKOPTFUNCTION: callback can say already-connected
Introducing a few CURL_SOCKOPT* defines for conveniance. The new
CURL_SOCKOPT_ALREADY_CONNECTED signals to libcurl that the socket is to
be treated as already connected and thus it will skip the connect()
call.
2011-02-17 22:32:01 +01:00
Kamil Dudka
a40f58d2ef nss: avoid memory leak on SSL connection failure 2011-02-17 17:57:16 +01:00
Guenter Knauf
827f0a318c Set -fpcc-struct-return only for gcc compiler. 2011-02-17 11:46:41 +01:00
Daniel Stenberg
c3a6116dc9 nss_load_key: fix unused variable warning 2011-02-16 19:34:04 +01:00
Daniel Stenberg
f19ace8d33 gmtime: remove define
It turns out some systems rely on the gmtime or gmtime_r to be defined
already in the system headers and thus my "precaution" redefining of
them only caused trouble. They are now removed.
2011-02-14 13:42:01 +01:00
Guenter Knauf
c2dff28c41 Added -m32 to CFLAGS to compile with x86_64 gcc. 2011-02-13 14:31:22 +01:00
Guenter Knauf
e36c039a07 Updated OpenSSL version, added links to docu. 2011-02-13 12:13:21 +01:00
Dan Fandrich
61fc9044c7 Call ERR_peek_error instead of ERR_peek_last_error
The latter isn't available in older OpenSSL versions, and is
less useful since it returns the most recent error instead of
the first one encountered.
2011-02-10 12:29:34 -08:00
Julien Chaffraix
39d0d787d2 test1304: Added some unit tests for Curl_parsenetrc.
Moved some definitons into the header file so that we can reuse them.
2011-02-10 07:38:48 -08:00
Quinn Slack
3cffcba3d0 CURLE_TLSAUTH_FAILED: removed
On second thought, I think CURLE_TLSAUTH_FAILED should be eliminated. It
was only being raised when an internal error occurred while allocating
or setting the GnuTLS SRP client credentials struct. For TLS
authentication failures, the general CURLE_SSL_CONNECT_ERROR seems
appropriate; its error string already includes "passwords" as a possible
cause. Having a separate TLS auth error code might also cause people to
think that a TLS auth failure means the wrong username or password was
entered, when it could also be a sign of a man-in-the-middle attack.
2011-02-09 23:34:30 +01:00
Daniel Stenberg
b370fcd300 CURLOPT_SOCKOPTFUNCTION: return proper error code
When the callback returns an error, this function must make sure to return
CURLE_ABORTED_BY_CALLBACK properly and not CURLE_OK as before to allow the
callback to properly abort the operation.
2011-02-09 15:36:36 +01:00
Julien Chaffraix
266bcb06d7 netrc: Removed dead code.
The main has not been updated from some time and is out of sync with
the code. The code is now tested by several test cases so no need for
a seperate code path.
2011-02-07 20:15:35 -08:00
Julien Chaffraix
fe165c69de netrc: Tightened up the type checks.
The state should not be anonymous so that we can check if the values
are fine. Added 2 unreachables states to the switch as a result of this
change.
2011-02-07 20:15:35 -08:00
Julien Chaffraix
4e2ac742c9 imap: Fixed typo in a comment. 2011-02-07 20:15:35 -08:00
Daniel Stenberg
0696260122 Curl_gmtime: avoid future mistakes
Document Curl_gmtime() and define away the old functions so that they
won't be used internally again by mistake.
2011-02-07 15:09:24 +01:00
Daniel Stenberg
54d9f060b4 Curl_gmtime: added a portable gmtime
Instead of polluting many places with #ifdefs, we create a single place
for this function, and also check return code properly so that a NULL
pointer returned won't cause problems.
2011-02-07 15:00:48 +01:00
Guenter Knauf
2cacd82661 mk-ca-bundle.vbs: use new cacert url
The official Mozilla page at http://www.mozilla.org/projects/security/certs/
points out a new place as the "proper" place to get Mozilla's CA certs from
so this script is now updated to use that instead.

Reported by: Daniel Mentz
2011-02-03 09:59:00 +01:00
Daniel Stenberg
ec7978c512 mk-ca-bundle.pl: use new cacert url
The official Mozilla page at
http://www.mozilla.org/projects/security/certs/ points out a new place
as the "proper" place to get Mozilla's CA certs from so this script is
now updated to use that instead.

Reported by: Daniel Mentz
2011-02-02 22:22:15 +01:00
Bjoern Sikora
0e9626ba39 ssluse: improved error message on SSL_CTX_new failures
"SSL: couldn't create a context" really isn't that helpful, now it'll
also extract an explanation from OpenSSL and append to the right.
2011-02-02 18:25:57 +01:00
Nicholas Maniscalco
73eb9965cf multi: fix CURLM_STATE_TOOFAST for multi_socket
The code in the toofast state needs to first recalculate the values
before it uses them again since it may have been a while since it last
did it when it reaches this point.
2011-02-02 13:41:22 +01:00
Dave Reisner
b89122a2bf file: add support for CURLOPT_TIMECONDITION 2011-01-31 14:49:51 +01:00
Dave Reisner
99dcb11ed8 transfer: add Curl_meets_timecondition()
This will be used by file_do() and Curl_readwrite() as a unified method
of checking to see if a remote document meets the supplied
CURLOPT_TIMEVAL and CURLOPT_TIMECONDITION.

Signed-off-by: Dave Reisner <d@falconindy.com>
2011-01-31 14:29:48 +01:00
Daniel Stenberg
ef19e30985 ares: memory leak fix
The double name resolve trick used with c-ares could leave allocated
memory in 'temp_ai' if the operation was aborted in the middle.
2011-01-27 14:41:07 +01:00
Daniel Stenberg
2d356ba168 ares_query_completed_cb: don't touch invalid data
When this callback is called due to the destruction of the ares handle,
the connection pointer passed in as an argument may no longer pointing
to valid data and this function doesn't need to do anything with it
anyway so we make sure it doesn't.

Bug: http://curl.haxx.se/mail/lib-2011-01/0333.html
Reported by: Vsevolod Novikov
2011-01-27 14:41:07 +01:00
Kamil Dudka
dc0a7161f8 nss: avoid memory leaks and failure of NSS shutdown
... in case more than one CA is loaded.

Bug: https://bugzilla.redhat.com/670802
2011-01-27 11:14:18 +01:00
Daniel Stenberg
dbcaa00657 HTTP: memory leak on multiple Location:
The HTTP parser allocated memory on each received Location: header
without properly freeing old data. Starting now, the code only considers
the first Location: header and will blissfully ignore subsequent ones.

Bug: http://curl.haxx.se/bug/view.cgi?id=3165129
Reported by: Martin Lemke
2011-01-25 12:06:50 +01:00
Darshan Mody
03be2c99ba Fixed compile using OpenSSL versions < 0.9.4a 2011-01-20 12:11:22 -08:00
Quinn Slack
59cf93ccdb TLS-SRP: support added when using GnuTLS 2011-01-19 20:35:02 +01:00
Kamil Dudka
fc77790bcd nss: fix a bug in handling of CURLOPT_CAPATH
... and update the curl.1 and curl_easy_setopt.3 man pages such that
they do not suggest to use an OpenSSL utility if curl is not built
against OpenSSL.

Bug: https://bugzilla.redhat.com/669702
2011-01-18 14:30:49 +01:00
Guenter Knauf
ef46fcdd90 Avoid redefines. 2011-01-17 01:27:57 +01:00
Guenter Knauf
8fa7b8cb9b Added casts to silent gcc warnings. 2011-01-14 12:39:54 +01:00
Yang Tse
fd6b4b3e9b build: BCC - makefile.b32 tweak
Get rid of stdout redirection to NUL and move stderr redirection
into RM and RMDIR macros.
2011-01-13 15:54:14 +01:00
Yang Tse
1da65c3d4d build: BCC - makefile.b32 tweak
Check for BCCDIR environment var done now as other checks.
2011-01-13 15:33:34 +01:00
Guenter Knauf
d541085407 Use env var for PSDK instead of hardcoded path. 2011-01-13 05:55:09 +01:00
Guenter Knauf
c73e5e839d Enabled SSPI support by default. 2011-01-13 02:55:26 +01:00
Yang Tse
61623b74e3 build: BCC - require Borlands's MAKE for Makefile.b32 processing. 2011-01-12 20:53:28 +01:00
Yang Tse
5f7d34811a build: BCC - recover lost functionality from commit 3d81320426
Borland's $(MAKEDIR) expands to the path where make.exe is located,
use this feature to define BCCDIR when user has not defined BCCDIR.
2011-01-12 18:07:04 +01:00
Yang Tse
42f5e8a0f1 build: use external preprocessor cpp32 when building with Borland C 2011-01-12 02:35:14 +01:00
Guenter Knauf
b5cc77bd25 Disable LDAP support since BCC headers are insufficient. 2011-01-11 18:32:38 +01:00
Guenter Knauf
3d81320426 Instead of exiting with error lets set BCCDIR self. 2011-01-11 18:22:42 +01:00
Guenter Knauf
308db9d780 Some Borland C++ makefile tweaks. 2011-01-11 17:51:14 +01:00
Guenter Knauf
03ea06b8e3 Borland C++ doesnt have struct sockaddr_storage. 2011-01-11 17:40:13 +01:00
Daniel Stenberg
08a65b10fb connect: use UDP correctly
The idea that the protocol and socktype is part of name resolving in the
libc functions is nuts. We keep the name resolver functions assume
TCP/STREAM and we make sure that when we want to connect to a UDP
service we use the correct UDP/DGRAM set instead. This bug was because
the ->protocol field was not always set correctly.

This bug was only affecting ipv6-disabled non-cares non-threaded builds.

Bug: http://curl.haxx.se/bug/view.cgi?id=3154436
Reported by: "dperham"
2011-01-11 00:14:36 +01:00
Quinn Slack
1238edaeaf SSL: fix memory leak
In OOM situation. Follow-up fix to commit a9cd4f4ed4.
2011-01-10 13:53:57 +01:00
Daniel Stenberg
a9cd4f4ed4 gtls: fix memory leak
Bug: http://curl.haxx.se/mail/lib-2011-01/0079.html
Reported by: Quinn Slack
2011-01-08 19:14:28 +01:00
Marcel Roelofs
1d28efb9d1 HTTP: HTTP Negotiate authentication using SSPI
Only under Windows
2011-01-07 23:48:40 +01:00
Daniel Stenberg
53014175e8 SSH: speedcheck clobbered existing error
The just added speedcheck must not ruin the error code if already set
due to a problem.
2011-01-06 00:19:17 +01:00
Daniel Stenberg
d45ed0ecf5 SSH: acknowledge speedcheck
Check for speedcheck limits during the state machine traversals
2011-01-05 14:09:53 +01:00
Daniel Stenberg
adb49ad8bb Curl_timeleft: s/conn/data in first argument
As the function doesn't really use the connectdata struct but only the
SessionHanadle struct I modified what argument it wants.
2011-01-04 23:13:10 +01:00
Kamil Dudka
d8f6d1c334 nss: avoid CURLE_OUT_OF_MEMORY given a file name without any slash
Bug: https://bugzilla.redhat.com/623663
2011-01-04 17:20:43 +01:00
Daniel Stenberg
c0c89cd44e get_cert_chain: support larger data sets
512 bytes turned out too short for some data, so now we allocate a
larger buffer instead

Bug: http://curl.haxx.se/mail/archive-2011-01/0002.html
2011-01-04 10:20:28 +01:00
Daniel Stenberg
53640a3ce0 unittesting: build a separate static lib
When configure --enable-debug has been used, all files in lib/ are now
built twice and a separate static library crafted for unit-testing will
be linked. The unit tests in the tests/unit subdir will use that
library.
2011-01-03 22:16:16 +01:00
Daniel Stenberg
45cea71968 SSH: avoid PATH_MAX with alloc
We cannot assume that PATH_MAX will be enough for the remote path name
so allocating room for it is the only sensible approach.
2011-01-03 13:36:45 +01:00
Daniel Stenberg
2b3fbc8cdb Curl_nss_connect: avoid PATH_MAX
Since some systems don't have PATH_MAX and it isn't that clever to
assume a fixed maximum path length, the code now allocates buffer space
instead of using stack.

Reported by: Samuel Thibault
Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608521
2011-01-02 23:43:03 +01:00
Daniel Stenberg
1ad5764feb SFTP: make pwd output result to header callback
Sending "pwd" as a QUOTE command only sent the reply to the
DEBUGFUNCTION. Now it also sends an FTP-like header to the header
callback to allow similar operations as with FTP, and apps can re-use
the same parser.
2011-01-01 15:35:53 +01:00
Daniel Stenberg
ae29142198 pubkey_show: allocate buffer to fit any-size result
The loop condition was wrong so keys larger than 340 bits would overflow
the local stack-based buffer.
2011-01-01 15:33:57 +01:00
Luke Amery
0dc8479b89 ssh: honour the CURLINFO_FTP_ENTRY_PATH curl_getinfo option 2010-12-30 23:42:44 +01:00
Pierre Joye
420eac5542 IDN: use win32 API if told to
The functionality is provided in a new source file: lib/idn_win32.c
2010-12-28 20:01:03 +01:00
Daniel Stenberg
b6a3e2be8e c-ares: fix cancelled resolves
When built IPv6-enabled, we could do Curl_done() with one of the two
resolves having returned already, so when ares_cancel() is called the
resolve callback ends up doing funny things (sometimes resulting in a
segfault) since it would try to actually store the previous resolve even
though we're shutting down the resolve.

This bug was introduced in commit 8ab137b2bc so it hasn't been
included in any public release.

Bug: http://curl.haxx.se/bug/view.cgi?id=3145445
Reported by: Pedro Larroy
2010-12-27 10:01:44 +01:00
Daniel Stenberg
49465fffdb cookies: tricked dotcounter fixed
Providing multiple dots in a series in the domain field (domain=..com) could
trick the cookie engine to wrongly accept the cookie believing it to be
fine. Since the tailmatching would then match all .com sites, the cookie would
then be sent to all of them.

The code now requires at least one letter between each dot for them to be
counted. Edited test case 61 to verify this.
2010-12-23 22:52:32 +01:00
Daniel Stenberg
5825aa149d multi: connect fail => use next IP address
When using the multi interface and connecting to a host name that
resolves to multiple IP addresses, there was no logic that made it
continue to the next IP if connecting to the first address times
out. This is now corrected.
2010-12-23 22:21:24 +01:00
Daniel Stenberg
2dded8fedb ossl_seed: no more RAND_screen
RAND_screen() is slow, not thread-safe and not needed anymore since OpenSSL
uses the thread-safe win32 CryptoAPI nowadays.
2010-12-23 14:36:07 +01:00
Daniel Stenberg
be16b227b7 multi: inhibit some verbose outputs
The info about pipe status and expire cleared are clearly debug-related
and not anything mere mortals will or should care about so they are now
ifdef'ed DEBUGBUILD
2010-12-22 15:29:21 +01:00
Brad Hards
375aa41ba1 SMTP: add brackets for MAIL FROM
Similar to what is done already for RCPT TO, the code now checks for and
adds angle brackets (<>) around the email address that is provided for
CURLOPT_MAIL_RCPT unless the app has done so itself.
2010-12-22 14:41:53 +01:00
Guenter Knauf
5f829456c1 Added support for axTLS to NetWare build. 2010-12-22 04:45:41 +01:00
Guenter Knauf
a834e00454 Fixed include: memory.h -> curl_memory.h. 2010-12-22 03:34:13 +01:00
Brad Hards
f37d681166 Typo fixes. 2010-12-21 22:39:56 +01:00
Yang Tse
71ab0ceaa0 build: sort configuration hunks in lib/Makefile.vc6
sorted to reflect same internal order as the one shown
in the usage message.
2010-12-21 00:14:55 +01:00
Daniel Stenberg
af54fbbcb5 loadhostpairs: return errorcode
Make sure that Curl_cache_addr() errors are propagated to callers of
loadhostpairs().

(this loadhostpairs function caused a scan-build warning due to the
'dns' variable getting assigned but never used)
2010-12-20 22:22:02 +01:00
Yang Tse
8d569c7bb0 build: refactoring of msvc makefiles to allow overriding of library filenames.
Default libcurl's file names are kept equal to those used since Y2K.
2010-12-20 21:53:44 +01:00
Daniel Stenberg
7f3b87d878 ftp_parselist: fix compiler warning
Doing curlx_strtoofft() on the size just to figure out the end of it
causes a compiler warning since the result wasn't used, but is also a
bit of a waste.
2010-12-19 00:15:12 +01:00
Pasha Kuznetsov
6b5dc72575 Curl_do: avoid using stale conn pointer
Since the original `conn' pointer was used after the `connectdata' it
points to has been closed/cleaned up by Curl_reconnect_request it caused
a crash. We must make sure to use the newly created connection instead!

URL: http://curl.haxx.se/mail/lib-2010-12/0202.html
2010-12-18 22:35:37 +01:00
Tommie Gannert
8ab137b2bc ares: ask for both IPv4 and IPv6 addresses
Make the c-ares resolver code ask for both IPv4 and IPv6 addresses when
IPv6 is enabled.

This is a workaround for the missing ares_getaddrinfo() and is a lot
easier to implement.

Note that as long as c-ares returns IPv4 addresses when IPv6 addresses
were requested but missing, this will cause a host's IPv4 addresses to
occur twice in the DNS cache.

URL: http://curl.haxx.se/mail/lib-2010-12/0041.html
2010-12-18 22:33:27 +01:00
Brad Hards
f0aad0089e Trival comment fix. 2010-12-18 17:08:23 +01:00
Daniel Stenberg
c75a9fef59 axtls_connect: allow connect without peer verification
The SSL_SERVER_VERIFY_LATER bit in the ssl_ctx_new() call allows the
code to verify the peer certificate explicitly after the handshake and
then the "data->set.ssl.verifypeer" option works.
2010-12-15 16:05:17 +01:00
Daniel Stenberg
9035709e25 axTLS: allow "default" SSL version as well
When no explicit version is selected we should try to use whatever is
best for us, and in the axTLS case that means TLSv1.
2010-12-15 16:05:17 +01:00
Daniel Stenberg
b88ead62e7 axtls.c: cleanup
Removed trailing whitespace
Removed several compiler warnings
Removed odd backslashes at some line endings
2010-12-15 16:05:17 +01:00
Daniel Stenberg
b998b04c02 urldate: undef hideous memory defines
The public axTLS header (at least as of 1.2.7) redefines the memory
functions. We #undef those again immediately after the public header to
limit the damage. This should be fixed in axTLS.
2010-12-15 16:05:17 +01:00
Eric Hu
a7cf30f808 Minor fixes to pass tests 301 and 306 with a patched axTLS. 2010-12-15 16:05:17 +01:00
Eric Hu
be312336f6 Initial axTLS integration. Connections can be made and some tests pass.
Failed HTTPS tests: 301, 306, 311, 312, 313, 560
311, 312 need more detailed error reporting from axTLS.
313 relates to CRL, which hasn't been implemented yet.
2010-12-15 16:05:17 +01:00
Eric Hu
108d7693a4 Preparing for axTLS. Actual SSL API functions are only stubbed.
Added axTLS to autotool files and glue code to misc other files.
axtls.h maps SSL API functions, but may change.
axtls.c is just a stub file and will definitely change.
2010-12-15 16:05:17 +01:00
Daniel Stenberg
a865bd9fba IsPipeliningPossible: only for HTTP
The function that checks if pipelining is possible now requires the HTTP
bit to be set so that it doesn't mistakenly tries to do it for other
protocols.

Bug: http://curl.haxx.se/mail/lib-2010-12/0152.html
Reported by: Dmitri Shubin
2010-12-13 13:44:50 +01:00
Daniel Stenberg
0fd439ebac multi_runsingle: don't timeout completed handles
The generic timeout code must not check easy handles that are already
completed. Going to completed (again) within there risked decreasing the
number of alive handles again and thus it could go negative.

This regression bug was added in 7.21.2 in commit ca10e28f06
2010-12-13 12:51:48 +01:00
Yang Tse
0b5901bec6 easy: fix compiler warning: end-of-loop code not reached 2010-12-07 03:27:59 +01:00
Daniel Stenberg
5965d4554d disconnect: pass on the dead_connection argument
Cleanup fix after Kamil's commit 5c7c9a768d
2010-12-06 15:33:38 +01:00
Heinrich Ko
315e5277dc ossl_connect_common: detect connection re-use
ossl_connect_common() now checks whether or not 'struct
connectdata->state' is equal 'ssl_connection_complete' and if so, will
return CURLE_OK with 'done' set to 'TRUE'. This check prevents
ossl_connect_common() from creating a new ssl connection on an existing
ssl session which causes openssl to fail when it tries to parse an
encrypted TLS packet since the cipher data was effectively thrown away
when the new ssl connection was created.

Bug: http://curl.haxx.se/mail/lib-2010-11/0169.html
2010-12-06 14:41:18 +01:00
Kamil Dudka
5c7c9a768d url: provide dead_connection flag in Curl_handler::disconnect
It helps to prevent a hangup with some FTP servers in case idle session
timeout has exceeded.  But it may be useful also for other protocols
that send any quit message on disconnect.  Currently used by FTP, POP3,
IMAP and SMTP.
2010-12-06 14:35:42 +01:00
Yang Tse
bf1c102b80 ssh: fix a download resume point calculation 2010-12-06 14:29:16 +01:00
Daniel Stenberg
2271b60b71 Curl_wait_for_resolv: correct timeout
When looping in this function and checking for the timeout being
expired, it was not updating the reference time when calculating the
timediff since previous round which made it think each subsequent loop
to have taken longer than it actually did.

I also modified the function to use the generic Curl_timeleft() function
instead of the custom logic.

Bug: http://curl.haxx.se/bug/view.cgi?id=3112579
2010-12-05 23:39:41 +01:00
Daniel Stenberg
c2bfe60086 Curl_send/recv_plain: return errno on failure
When send() and recv() fail, we now store the errno value to allow the
app to access it.

Bug: http://curl.haxx.se/bug/view.cgi?id=3128121
Reported by: Yuri
2010-12-05 23:04:11 +01:00
Guenter Knauf
63598059cd Updated OpenSSL version. 2010-12-05 10:59:58 +01:00
Yang Tse
c1901f7ed0 fix compiler warning: conversion may lose significant bits 2010-12-04 05:53:07 +01:00
Yang Tse
9c4ff4874e fix compiler warning: assignment within conditional expression 2010-12-03 16:53:11 +01:00
Yang Tse
46a0062dff fix getinfo CURLINFO_LOCAL* for reused connections (take 2) follow-up
- Show address string from proper buffer in case of connection failure.

- Try next address when inet_ntop() fails.
2010-12-03 14:30:00 +01:00
Yang Tse
d534cd0027 build: provide SIZEOF_SIZE_T DOS definition 2010-12-03 04:15:39 +01:00
Yang Tse
afd6e738f7 build: lib/config.dos renamed to lib/config-dos.h 2010-12-03 04:13:33 +01:00
Yang Tse
de670efeab build: provide SIZEOF_SIZE_T VMS definition 2010-12-03 03:40:16 +01:00
Yang Tse
421d918da3 build: move config-vms.h from subdir 'packages/vms' into 'lib' 2010-12-03 02:36:22 +01:00
Yang Tse
99a07a1fdf build: provide SIZEOF_SIZE_T definition for non-configure builds 2010-12-02 21:41:23 +01:00
Yang Tse
81c16c2e30 build: provide SIZEOF_SIZE_T netware definition 2010-12-02 20:53:42 +01:00
Yang Tse
07f60235b0 fix compiler warning: rounding, sign extension, or loss of accuracy may result 2010-12-02 18:46:13 +01:00
Yang Tse
5580fb2b9c fix compiler warning: statement is not reachable 2010-12-02 16:35:02 +01:00
Yang Tse
7e3f0bffe5 fix compiler warning: conversion may lose significant bits 2010-12-01 23:33:43 +01:00
Yang Tse
5d47bf3776 connect: fix compiler warning: unused variable 2010-12-01 17:30:52 +01:00
Yang Tse
11cddb68e0 fix getinfo CURLINFO_LOCAL* for reused connections (take 2) 2010-11-30 22:14:37 +01:00
Yang Tse
1b2b93e074 fix getinfo CURLINFO_LOCAL* for reused connections follow-up
Reinstate IPV6 build variable that got removed.
2010-11-30 13:42:02 +01:00
Yang Tse
c328214a2d fix getinfo CURLINFO_LOCAL* for reused connections
Failed to commit this file changes along with the others.
2010-11-30 13:31:25 +01:00
Yang Tse
f6f5d7874f fix getinfo CURLINFO_LOCAL* for reused connections 2010-11-30 06:20:54 +01:00
Yang Tse
5db0a412ff atoi: remove atoi usage 2010-11-28 23:11:14 +01:00
Yang Tse
cbe67a1b71 multi: fix compiler warning: conversion may lose significant bits follow-up 2010-11-28 20:49:40 +01:00
Yang Tse
23245ca83a ftp: fix 'bool' data type implementation dependant usage 2010-11-26 20:19:45 +01:00
Yang Tse
3590874999 multi: fix compiler warning: conversion may lose significant bits 2010-11-26 19:57:27 +01:00
Yang Tse
e39ab6f203 multi: fix compiler warning: enumerated type mixed with another type 2010-11-26 19:34:10 +01:00
Yang Tse
c9081a8280 hostip: edit comment 2010-11-26 18:18:26 +01:00
Yang Tse
c2ba8ca81f s/isspace/ISSPACE 2010-11-26 13:59:01 +01:00
Yang Tse
5087f89ac8 curl_multi_info_read: fix compiler warning: conversion may lose significant bits 2010-11-25 02:58:59 +01:00
Yang Tse
b3d39275f5 inet_pton: fix compiler warning
warning C4146: unary minus operator applied to unsigned type, result still unsigned
2010-11-25 02:20:14 +01:00
Yang Tse
1d75d30816 Curl_getaddrinfo_ex: sanitize function results follow-up. 2010-11-24 04:36:57 +01:00
Yang Tse
6fe18add71 Curl_getaddrinfo_ex: sanitize function results.
Ensure that spurious results from system's getaddrinfo() ares not propagated
by Curl_getaddrinfo_ex() into the library.

Also ensure that the ai_addrlen member of Curl_getaddrinfo_ex()'s output linked
list of Curl_addrinfo structures has appropriate family-specific address size.
2010-11-23 21:38:20 +01:00
Kamil Dudka
d212fe43af openldap: use remote port in URL passed to ldap_init_fd()
... not the proxy port.  It makes no difference unless a proxy is used.
2010-11-22 23:59:59 +01:00
Yang Tse
13d537e404 gtls: define and use gtls_EAGAIN, gtls_EINTR and gtls_EIO.
Winsock builds clobber some errno.h defines in setup_once.
2010-11-20 05:02:02 +01:00
Matthias Bolte
a83870ef9d Detect socket errors in GnuTLS on Windows
On Windows, translate WSAGetLastError() to errno values as GNU
TLS does it internally, too. This is necessary because send() and
recv() on Windows don't set errno when they fail but GNU TLS
expects a proper errno value.

Bug: http://curl.haxx.se/bug/view.cgi?id=3110991
2010-11-19 13:34:07 -08:00
Daniel Stenberg
cbf4961bf3 gnutls->handshake: improved timeout handling
When no timeout is set, we call the socket_ready function with a timeout
value of 0 during handshake, which makes it loop too much/fast in this
function. It also made this function return CURLE_OPERATION_TIMEDOUT
wrongly on a slow handshake.

However, the particular bug report that highlighted this problem is not
solved by this fix, as this fix only makes the more proper error get
reported instead.

Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594150
Reported by: Johannes Ernst
2010-11-14 12:42:29 +01:00
Julien Chaffraix
add5766dd4 urldata: Capitalize enum protect_level values.
This makes it easier to spot the enum values from the variables.
Removed some unneeded DEBUGASSERT added in the previous commit.
2010-11-13 14:42:34 -08:00
Julien Chaffraix
8d59d69449 security: tighten enum protection_level usage.
While changing Curl_sec_read_msg to accept an enum protection_level
instead of an int, I went ahead and fixed the usage of the associated
fields.

Some code was assuming that prot_clear == 0. Fixed those to use the
proper value. Added assertions prior to any code that would set the
protection level.
2010-11-13 14:12:43 -08:00
Julien Chaffraix
c79f816c32 krb5: Use GSS_ERROR to check for error.
This is the advised way of checking for errors in the GSS-API RFC.
Also added some '\n' to the error message so that they are not mixed
with other outputs.
2010-11-12 08:24:32 -08:00
Julien Chaffraix
c8a7df108f security: Pass the right parameter to init.
init is expecting app_data. Passing it the struct connecdata would make
us crash later.
2010-11-12 08:24:32 -08:00
Daniel Stenberg
a1f32ffee5 ip_version: moved to connection struct
The IP version choice was previously only in the UserDefined struct
within the SessionHandle, but since we sometimes alter that option
during a request we need to have it on a per-connection basis.

I also moved more "init conn" code into the allocate_conn() function
which is designed for that purpose more or less.
2010-11-11 15:16:21 +01:00
Rutger Hofman
592df29f9c TFTP: resend the correct data
I found a bug in tftp_tx() in tftp.c. If a data resend is done after
reception of an ACK/OACK, the call to sendto is wrong.
2010-11-10 15:08:18 +01:00
Kamil Dudka
12b2412c52 ftp: treat server's response 421 as CURLE_OPERATION_TIMEDOUT
Bug: https://bugzilla.redhat.com/650255
Reported by: Simon H.
2010-11-09 18:13:20 +01:00
Kamil Dudka
c6b97a8278 ftp: close connection as soon as ABOR has been sent
... and do not send ABOR unless really necessary.

Bug: https://bugzilla.redhat.com/649347
Reported by: Simon H.
2010-11-08 20:50:52 +01:00
Daniel Stenberg
1b24b89cca CURLOPT_RESOLVE: added
CURLOPT_RESOLVE is a new option that sends along a curl_slist with
name:port:address sets that will populate the DNS cache with entries so
that request can be "fooled" to use another host than what otherwise
would've been used. Previously we've encouraged the use of Host: for
that when dealing with HTTP, but this new feature has the added bonus
that it allows the name from the URL to be used for TLS SNI and server
certificate name checks as well.

This is a first change. Surely more will follow to make it decent.
2010-11-08 08:56:21 +01:00
Yang Tse
dc3e7df1c9 fix compiler warning 2010-11-08 04:03:11 +01:00
Alfred Gebert
6a07e704ca LDAP: detect non-binary attributes properly
If the query result has a binary attribute, the binary attribute is
base64 encoded. But all following non binary attributes are also base64
encoded which is wrong.

This is a test (LDAP server is public).

curl
ldap://x500.bund.de:389/o=Bund,c=DE?userCertificate,certificateSerialNumber?sub
?cn=*Woehleke*
2010-11-05 15:53:41 +01:00
Daniel Stenberg
87374a47c9 Revert: use Host: name for SNI and cert name checks
This reverts commit b0fd03f5b8,
4b2fbe1e97, afecd1aa13, 68cde058f6
2010-11-05 10:25:58 +01:00
Daniel Stenberg
b0fd03f5b8 certcheck: use the custom Host: name for checks
If you use a custom Host: name in a request to a SSL server, libcurl
will now use that given name when it verifies the server certificate to
be correct rather than using the host name used in the actual URL.
2010-11-04 15:18:35 +01:00
Daniel Stenberg
4b2fbe1e97 SNI: simplify the custom host name use
The redirect check is already done at the position where the customhost
field is assigned so there's no point in doing that a second time.
2010-11-04 15:16:27 +01:00
Daniel Stenberg
afecd1aa13 host: get the custom Host: name more genericly
When given a custom host name in a Host: header, we can use it for
several different purposes other than just cookies, so we rename it and
use it for SSL SNI etc.
2010-11-04 14:58:15 +01:00
Hongli Lai (Phusion)
68cde058f6 SNI: set name to custom Host header
OpenSSL SNI host name should be set to the custom Host header, if the
user provided one.
2010-11-04 14:10:56 +01:00
Kamil Dudka
0c8e5f7e6a ftp: prevent server from hanging on closed data connection
Some FTP servers (e.g. Pure-ftpd) end up hanging if we close the data
connection before transferring all the requested data.  If we send ABOR
in that case, it prevents the server from hanging.

Bug: https://bugzilla.redhat.com/643656
Reported by: Pasi Karkkainen, Patrick Monnerat
2010-10-29 12:01:19 +02:00
Dan Fandrich
59db31902c Removed a leftover mention of FTP in an error message 2010-10-28 15:47:57 -07:00
Dan Fandrich
c36b00a166 Removed the native Makefile.riscos files
These haven't worked in at least 8 years due to missing source
files, and most active RiscOS developers these days apparently
cross-compile anyway.

Signed-off-by: James Bursa <james@zamez.org>
2010-10-21 14:33:35 -07:00
Dan Fandrich
59f07ddf28 Lightened the stack in wc_statemach to permit deeper recursion
Also, added a few hints to help compilers to perform tail call
recursion optimization.
2010-10-20 18:27:56 -07:00
Daniel Stenberg
e214cd4a73 SSH: use libssh2_session_handshake()
In libssh2 1.2.8, libssh2_session_handshake() replaces
libssh2_session_startup() to fix the previous portability problem with
the socket type that was too small for win64 and thus easily could cause
crashes and more.
2010-10-20 23:31:34 +02:00
Daniel Stenberg
5997f54a71 SSH: avoid using the libssh2_ prefix
It is a bad idea to use the public prefix used by another library and
now we realize that libssh2 introduces a symbol in the upcoming version
1.2.8 that conflicts with our static function named libssh2_free.
2010-10-20 23:29:37 +02:00
Daniel Stenberg
e8c442952d formdata: provide error message
When failing to build form post due to an error, the code now does a
proper failf(). Previously libcurl would report an error like "failed
creating formpost data" when a file wasn't possible to open which was
not easy for users to figure out.

I also lower cased a function name to be named more curl-style and
removed some unnecessary code.
2010-10-20 14:57:43 +02:00
Daniel Stenberg
98d9dc7840 URL-parsing: consider ? a divider
The URL parser got a little stricter as it now considers a ? to be a
host name divider so that the slightly sloppier URLs work too. The
problem that made me do this change was the reported problem with an URL
like: www.example.com?email=name@example.com This form of URL is not
really a legal URL (due to the missing slash after the host name) but is
widely accepted by all major browsers and libcurl also already accepted
it, it was just the '@' letter that triggered the problem now.

The side-effect of this change is that now libcurl no longer accepts the
?  letter as part of user-name or password when given in the URL, which
it used to accept (and is tested in test 191). That letter is however
mentioned in RFC3986 to be required to be percent encoded since it is
used as a divider.

Bug: http://curl.haxx.se/bug/view.cgi?id=3090268
2010-10-19 20:20:06 +02:00
Daniel Stenberg
d09a905751 krb4.h: removed unused prototypes 2010-10-18 16:20:13 +02:00
Daniel Stenberg
0152dbbe23 krb4: make a few functions static 2010-10-18 10:00:37 +02:00
Daniel Stenberg
09a2d93a0f http_chunks: remove debug output
Accidentally left in there during my previous debugging of this
2010-10-17 18:50:38 +02:00
Daniel Stenberg
b0ccd24a72 Curl_setopt: disallow CURLOPT_USE_SSL without SSL support
In order to avoid for example the pingpong protocols to issue STARTTLS
(or equivalent) even though there's no SSL support built-in.

Reported by: Sune Ahlgren
Bug: http://curl.haxx.se/mail/archive-2010-10/0045.html
2010-10-14 22:33:20 +02:00
Guenter Knauf
0cb3d7913c Some more small Watcom makefile fixes. 2010-10-14 01:22:40 +02:00
Guenter Knauf
7b79c8bf96 Modified Watcom makefiles to work on Linux too. 2010-10-13 17:29:47 +02:00
Daniel Stenberg
987168d6b9 gitignore: ignore Makefile.vc10.dist made by maketgz 2010-10-13 00:26:19 +02:00
Guenter Knauf
2d3c7b7e01 Fixed Watcom makefile. 2010-10-12 15:31:41 +02:00
Guenter Knauf
edf9566c3b Added build bits for librtmp / libssh2 to Watcom makefiles. 2010-10-12 06:55:01 +02:00
Guenter Knauf
331531f70e Added build bits for librtmp to NetWare makefiles. 2010-10-12 04:31:56 +02:00
Daniel Stenberg
51b8d30dc4 SFTP: more ignoring negative file sizes
As the change in 5f0ae7a062 added a precaution against negative
file sizes that for some reason managed to get returned, this change now
introduces the same check at the second place in the code where the file
size from the libssh2 stat call is used.

This check might not be suitable for a 32 bit curl_off_t, but libssh2.h
assumes long long to work and to be 64 bit so I believe such a small
curl_off_t will be very unlikely to occur in the wild.
2010-10-12 00:01:40 +02:00
Daniel Stenberg
450c994a49 SMTP: debug output for no known auth mechanisms supported
... and some minor source code whitespace edits
2010-10-11 21:31:12 +02:00
Guenter Knauf
6a90aa3f3d Added build bits for librtmp to MingW32 makefiles. 2010-10-11 00:39:24 +02:00
Guenter Knauf
81e107010e Some NetWare makefile tweaks.
Renamed SDK_* to NDK_*; made NDK_* defines overwriteable from
environment; removed now obsolete YACC macro;
moved some curl_config.h defines to IPv6 section since they
are only needed when IPv6 is enabled - this makes libcurl compile
with older NDKs too which were not IPv6-aware.
2010-10-03 23:02:41 +02:00
Julien Chaffraix
fc137ee272 krb5-gssapi: Removed a memory leak in krb5_auth.
We forgot to release the buffer passed to gss_init_sec_context.

The previous logic was difficult to read as we were reusing the same
variable (gssbuf) for both input buffer and output buffer. Splitted the
logic in 2 variables to better underline who needs to be released.
Also made the code break at 80 lines.
2010-10-02 10:00:42 -07:00
Julien Chaffraix
79cd7ef9ab krb5-gssapi: Made the function always return a value.
kr5_auth missed a final 'return' statement. This is not an error in
gcc but can lead to potential bugs.
2010-10-02 10:00:42 -07:00
Julien Chaffraix
4b69f641a6 krb5-gssapi: Delete the GSS-API context.
This fixes a memory leak related to the GSS-API code.

Added a krb5_init and krb5_end functions. Also removed a work-around
the lack of proper initialization of the GSS-API context.
2010-10-02 10:00:42 -07:00
Daniel Stenberg
2ae6c47d5d HTTP: remove special case for 416
It was pointed out that the special case libcurl did for 416 was
incorrect and wrong. 416 is not really different to other errors so the
response body must be handled like for other errors/http responses.

Reported by: Chris Smowton
Bug: http://curl.haxx.se/bug/view.cgi?id=3076808
2010-10-02 00:22:48 +02:00
Daniel Stenberg
750c9179ca README.ares: we know require c-ares 1.6.0 2010-09-30 23:14:58 +02:00
Daniel Stenberg
5f0ae7a062 SFTP: avoid downloading negative sizes!
It is still not clarified exactly why this happens, but libssh2
sometimes report a negative file size for the remote SFTP file and that
deeply confuses libcurl (or crashes it) so this precaution is added to
avoid badness.

Reported by: Ernest Beinrohr
Bug: http://curl.haxx.se/bug/view.cgi?id=3076430
2010-09-30 23:08:37 +02:00
Julien Chaffraix
87badbef84 krb5-gssapi: Remove several memory leaks.
Remove a leak seen on Kerberos/MIT (gss_OID is copied internally and
we were leaking it). Now we just pass NULL as advised in RFC2744.

|tmp| was never set back to buf->data.

Cleaned up Curl_sec_end to take into account failure in Curl_sec_login
(where conn->mech would be NULL but not conn->app_data or
conn->in_buffer->data).
2010-09-28 22:05:24 -07:00
Julien Chaffraix
e3811ed7c3 security.c: Remove Curl_sec_fflush_fd.
The current implementation would make us send wrong data on a closed
socket. We don't buffer our data so the method can be safely removed.
2010-09-28 22:05:24 -07:00
Julien Chaffraix
dacc44ddc2 security.c: We should always register the socket handler.
Following a change in the way socket handler are registered, the custom
recv and send method were conditionaly registered.
We need to register them everytime to handle the ftp security
extensions.

Re-added the clear text handling in sec_recv.
2010-09-28 22:05:24 -07:00
Julien Chaffraix
fc9f369829 security.c: Fix Curl_sec_login after rewrite.
Curl_sec_login was returning the opposite result that the code in ftp.c
was expecting. Simplified the return code (using a CURLcode) so to see
more clearly what is going on.
2010-09-28 22:05:24 -07:00
Julien Chaffraix
bfbc4c7e00 security.c: Readd the '\n' to the infof() calls.
They are not automatically added and make the output of the verbose
mode a lot more readable.
2010-09-28 22:05:24 -07:00
Julien Chaffraix
05b72a6af2 security.c: Fix typo (PSBZ -> PBSZ) 2010-09-28 22:05:24 -07:00
Julien Chaffraix
1e2056fecb security.c: Fix ftp_send_command.
My use of va_args was completely wrong. Fixed the usage so that
we send the right commands!
2010-09-28 22:05:24 -07:00
Daniel Stenberg
5df13c3173 curl_easy_escape: don't escape "unreserved" characters
According to RFC3986 section 2.3 the letters -, ., _ and ~ should not be
percent-encoded.

Reported by: Miguel Diaz
Bug: http://curl.haxx.se/mail/lib-2010-09/0227.html
2010-09-28 23:49:32 +02:00
Daniel Stenberg
ed4eecc05e multi: don't expire timeouts at disonnect or done
The functions Curl_disconnect() and Curl_done() are both used within the
scope of a single request so they cannot be allowed to use
Curl_expire(... 0) to kill all timeouts as there are some timeouts that
are set before a request that are supposed to remain until the request
is done.

The timeouts are now instead cleared at curl_easy_cleanup() and when the
multi state machine changes a handle to the complete state.
2010-09-28 23:49:32 +02:00
Dirk Manske
397e61128f multi_runsingle: set timeout error messages
With the latest changes to fix the timeout handling with multi interface
we lost the timeout error messages. This patch brings them back.
2010-09-27 21:12:49 +02:00
Daniel Stenberg
4d58f97f60 parsedate: allow time specified without seconds
The date format in RFC822 allows that the seconds part of HH:MM:SS is
left out, but this function didn't allow it. This change also includes a
modified test case that makes sure that this now works.

Reported by: Matt Ford
Bug: http://curl.haxx.se/bug/view.cgi?id=3076529
2010-09-27 16:54:02 +02:00
Daniel Stenberg
33c3bb057b TFTP: re-indented the source code
Just made sure that the good old curl indentation style is used all over
this file.
2010-09-26 23:38:00 +02:00
Tim Newsome
6bf2014745 TFTP: Work around tftpd-hpa upload bug
tftpd-hpa has a bug where it will send an incorrect ack when the block
counter wraps and tftp options have been sent. Work around that by
accepting an ack for 65535 when we're expecting one for 0.
2010-09-26 23:30:56 +02:00
Daniel Stenberg
a10f5b34ff Revert "security.c: buffer_read various fixes."
This reverts commit fbb38de415.
2010-09-24 00:20:02 +02:00
Daniel Stenberg
b1df37c60e security.c: removed superfluous parentheses
And also removed the FIXME where memory was zeroed just before freed,
and some other minor whitespace changes.
2010-09-22 23:41:28 +02:00
Julien Chaffraix
31d59fb2cc security.c: Update the #include statements after the rewrite. 2010-09-22 23:34:36 +02:00
Julien Chaffraix
562d40e671 security.c: sec_write tweaks
- |fd| is now a curl_socket_t and |len| a size_t to avoid conversions.
- Added 2 FIXMEs about the 2 unsigned -> signed conversions.
- Included 2 minor changes to Curl_sec_end.
2010-09-22 23:34:36 +02:00
Julien Chaffraix
612832e4c0 security.c: _sec_send tweaks
- Renamed the method to sec_send now that we
  renamed sec_send to do_sec_send.
- Some more variable renaming.
2010-09-22 23:34:36 +02:00
Julien Chaffraix
3c69a08e3b security.c: sec_read tweaks
- Renamed the function to sec_recv.
- Renamed the parameters and variable to match the rest of the code.
2010-09-22 23:34:36 +02:00
Julien Chaffraix
5ea9e78bd7 security.c: Curl_sec_fflush_fd tweaks
- Use an early return as it makes the code more readable.
- Added a FIXME about a conversion.
2010-09-22 23:34:36 +02:00
Julien Chaffraix
69d7c48072 security.c: sec_send tweaks
- Renamed it to do_sec_send as it is the function doing the actual
  transfer.
- Do not return any values as no one was checking it and it never
  reported a failure (added a FIXME about checking for errors).
- Renamed the variables to make their use more specific.
- Removed some casts (int -> curl_socket_t, ...)
- Avoid doing the htnl <-> nthl twice by caching the 2 results.
2010-09-22 23:34:36 +02:00
Julien Chaffraix
7d4f8c2809 security.c: Curl_sec_read_msg tweaks
- Renamed the variables name to better match their intend.
- Unified the |decoded_len| checks.
- Added some FIXMEs to flag some improvement that did not go in this
  change.
2010-09-22 23:34:36 +02:00
Julien Chaffraix
d23c59ecfc security.c: Curl_sec_set_protection_level tweaking
- Removed sec_prot_internal as it is now inlined in the function (this removed
  a redundant check).
- Changed the prototype to return an error code.
- Updated the method to use the new ftp_send_command function.
- Added a level_to_char helper method to avoid relying on the compiler's
  bound checks. This default to the maximum security we have in case of a
  wrong input.
2010-09-22 23:34:36 +02:00
Julien Chaffraix
1d95a48fe9 security.c: factored the logic from Curl_sec_login into a dedicated method that better reflect its intent.
Introduced a helper method ftp_send_command that synchronously send
an FTP query.
2010-09-22 23:34:36 +02:00
Julien Chaffraix
512a82d395 security.c: Remove out_buffer as it was never written into. 2010-09-22 23:34:36 +02:00
Julien Chaffraix
fbb38de415 security.c: buffer_read various fixes.
Tighten the type of the |data| parameter to avoid a cast. Also made
it const as we should not modify it.

Added a DEBUGASSERT on the size to be written while changing it.
2010-09-22 23:34:36 +02:00
Julien Chaffraix
0006cdddee security.c: Made block_write return a CURLcode.
While doing so, renamed it to socket_write to better match its
function.
2010-09-22 23:34:36 +02:00
Julien Chaffraix
b684ccd8b1 security.c: Made block_read and sec_get_data return CURLcode.
To do so, made block_read call Curl_read_plain instead of read.

While changing them renamed block_read to socket_read and sec_get_data
to read_data to better match their function.

Also fixed a potential memory leak in block_read.
2010-09-22 23:34:36 +02:00
Julien Chaffraix
3f64d05d34 Security.c: Fix headers guard to match the rest of the code. 2010-09-22 23:34:35 +02:00
Daniel Stenberg
8665d4e593 parse_remote_port: ignore colons without port number
Obviously, browsers ignore a colon without a following port number. Both
Firefox and Chrome just removes the colon for such URLs. This change
does not remove the colon for URLs sent over a HTTP proxy, so we should
consider doing that change as well.

Reported by: github user 'kreshano'
2010-09-21 19:51:30 +02:00
Daniel Stenberg
19f45eaa79 duphandle: use ares_dup()
curl_easy_duphandle() was not properly duping the ares channel. The
ares_dup() function was introduced in c-ares 1.6.0 so by starting to use
this function we also raise the bar and require c-ares >= 1.6.0
(released Dec 9, 2008) for such builds.

Reported by: Ning Dong
Bug: http://curl.haxx.se/mail/lib-2010-08/0318.html
2010-09-21 16:41:14 +02:00
Daniel Stenberg
8a00c94b0f FTP: fix bad check of Curl_timeleft() return code
When it returns 0 it means no timeout. Only a negative value means that
we're out of time.
2010-09-18 23:08:32 +02:00
Daniel Stenberg
9de4b26643 LDAP: moved variable declaration to avoid compiler warn
If built without HTTP or proxy support it would cause a compiler warning
due to the unused variable. I moved the declaration of it into the only
scope it is used.
2010-09-18 22:50:04 +02:00
Tor Arntsen
3208757c1a LDAP: Use FALSE instead of bool_false when setting bits.close
bool_false is the internal name used in the setup_once.h definition
we fall back to for non-C99 non-stdbool systems, it's not the actual
name to use in assignments (we use bool_false, bool_true there to
avoid global namespace problems, see comment in setup_once.h).
The correct C99 value to use is 'false', but let's use FALSE as
used elsewhere when assigning to bits.close. FALSE is set equal
to 'false' in setup_once.h when possible.

This fixes a build problem on C99 targets.
2010-09-18 14:27:08 +02:00
Tor Arntsen
fae19aed8d LDAP: Add missing declaration for 'result' 2010-09-18 14:23:34 +02:00
Mauro Iorio
c59dba338e LDAP: Support for tunnelling queries through HTTP proxy
As of curl-7.21.1 tunnelling ldap queries through HTTP Proxies is not
supported. Actually if --proxytunnel command-line option (or equivalent
CURLOPT_HTTPPROXYTUNNEL) is used for ldap queries like
ldap://ldap.my.server.com/... You are unable to successfully execute the
query. In facts ldap_*_bind is executed directly against the ldap server
and proxy is totally ignored. This is true for both openLDAP and
Microsoft LDAP API.

Step to reproduce the error:
Just launch "curl --proxytunnel --proxy 192.168.1.1:8080
ldap://ldap.my.server.com/dc=... "

This fix adds an invocation to Curl_proxyCONNECT against the provided
proxy address and on successful "CONNECT" it tunnels ldap query to the
final ldap server through the HTTP proxy. As far as I know Microsoft
LDAP APIs don't permit tunnelling in any way so the patch provided is
for OpenLDAP only.  The patch has been developed against OpenLDAP 2.4.23
and has been tested with Microsoft ISA Server 2006 and works properly
with basic, digest and NTLM authentication.
2010-09-18 00:03:23 +02:00
Daniel Stenberg
a76f852ca4 timeout: use the correct start value as offset
Rodric provide an awesome recipe that proved libcurl didn't timeout at
the requested time - it instead often timed out at [connect time] +
[timeout time] instead of the documented and intended [timeout time]
only. This bug was due to the code using the wrong base offset when
comparing against "now". I could also take the oppurtinity to simplify
the code by properly using of the generic help function for this:
Curl_timeleft.

Reported by: Rodric Glaser
Bug: http://curl.haxx.se/bug/view.cgi?id=3061535
2010-09-17 23:02:33 +02:00
Daniel Stenberg
3880dd3741 Curl_timeleft: avoid returning "no timeout" by mistake
As this function uses return code 0 to mean that there is no timeout, it
needs to check that it doesn't return a time left value that is exactly
zero. It could lead to libcurl doing an extra 1000 ms select() call and
thus not timing out as accurately as it should.

I fell over this bug when working on the bug 3061535 but this fix does
not correct that problem alone, although this is a problem that needs to
be fixed.

Reported by: Rodric Glaser
Bug: http://curl.haxx.se/bug/view.cgi?id=3061535
2010-09-17 22:58:08 +02:00
Daniel Stenberg
296b246b9c multi: don't do extra expire calls for the connection
The timeout is set for the connect phase already at the start of the
request so we should not add a new one, and we MUST not set expire to 0
as that will remove any other potentially existing timeouts.
2010-09-14 22:40:05 +02:00
Daniel Stenberg
22085f7d6e inflate_stream: remove redundant check that is always true 2010-09-12 16:34:16 +02:00
Daniel Stenberg
2c1b4e74e4 digest: make it clear the condition is always true 2010-09-12 16:29:05 +02:00
Daniel Stenberg
aca67e2775 ssluse: removed redundant check that is always true 2010-09-12 16:29:04 +02:00
Daniel Stenberg
18a758d907 chunky parser: only rewind if needed
The code reading chunked encoding attempts to rewind the code if it had
read more data than the chunky parser consumes. The rewinding can fail
and it will then cause an error. This change now makes the rewinding
only happen if pipelining is in use - as that's the only time it really
needs to be done.

Bug: http://curl.haxx.se/mail/lib-2010-08/0297.html
Reported by: Ron Parker
2010-09-07 18:29:03 +02:00
Kamil Dudka
7aea2d522d rtsp: avoid SIGSEGV on malformed header 2010-09-06 16:03:37 +02:00
Kamil Dudka
f3e3f5f1b2 rtsp: avoid SIGSEGV on malformed header 2010-09-06 15:31:01 +02:00
Daniel Stenberg
62ef465262 warning: fix conversion to 'int' from 'size_t' 2010-09-06 00:18:58 +02:00
Daniel Stenberg
c6fa1952a1 portabilty: use proper variable type to hold sockets
Curl_getconnectinfo() is changed to return a proper curl_socket_t for
the last socket so that it'll work more portably (and cause less
compiler warnings).
2010-09-06 00:02:54 +02:00
Guenter Knauf
d47bd396ce Trial to fix another compiler warning with braces. 2010-09-03 20:35:34 +02:00
Guenter Knauf
a00297158e Moved S_ISREG define to setup as suggested by Dan. 2010-09-02 04:37:13 +02:00
Guenter Knauf
413cbdce3c Use own typedef as workaround for broken sspi.h header (f.e. Watcom). 2010-09-02 00:38:16 +02:00
Guenter Knauf
3238ef5b69 Added S_ISREG define for Win32. 2010-09-02 00:07:05 +02:00
Daniel Stenberg
ca10e28f06 multi: fixes for timing out handles
Add a timeout check for handles in the state machine so that they will
timeout in all states disregarding what actions that may or may not
happen.

Fixed a bug in socket_action introduced recently when looping over timed
out handles: it wouldn't assign the 'data' variable and thus it wouldn't
properly take care of handles.

In the update_timer function, the code now checks if the timeout has
been removed and then it tells the application. Previously it would
always let the remaining timeout(s) just linger to expire later on.
2010-09-01 16:52:23 +02:00
Daniel Stenberg
5e92015711 threaded resolver: no more expire 0 calls
Curl_expire() set to 0 expires ALL timeouts so it should only be called
if we truly and really want to remove all timeouts for the handle.
2010-09-01 16:47:42 +02:00
Daniel Stenberg
ce00c2ef5d resolve_server: simplify code
Make use of the helper function Curl_timeleft() instead of duplicating
code.
2010-09-01 16:04:39 +02:00
Daniel Stenberg
0db9140747 multi: make sure the next timeout is used when one expires
Each easy handle has a list of timeouts, so as soon as the main timeout
for a handle expires, we must make sure to get the next entry from the
list and re-add the handle to the splay tree.

This was attempted previously but was done poorly in my commit
232ad6549a.
2010-08-31 00:10:44 +02:00
Daniel Stenberg
3af696f7c4 multi: set timeouts when transfer begins
When a new transfer is about to start we now set the proper timeouts to
expire for the multi interface if they are set for the handle. This is a
follow-up bugfix to make sure that easy handles timeout properly when
the times expire and the multi interface is used. This also improves
curl_multi_timeout().
2010-08-29 00:16:34 +02:00
Daniel Stenberg
29439acfeb Makefile: add gopher.c file to build
As the VC and RISCOS makefiles don't use the .inc file
2010-08-25 15:56:35 +02:00
Daniel Stenberg
40e1623649 gopher: enable the header callback/verbosity 2010-08-25 14:21:25 +02:00
Daniel Stenberg
cb64c987a0 gopher: fix memory leak and busyloop
The fix for the busyloop really only is a temporary work-around.  It
causes a BLOCKING behavior which is a NO-NO. This function should rather
be split up in a do and a doing piece where the pieces that aren't
possible to send now will be sent in the doing function repeatedly until
the entire request is sent.
2010-08-25 14:21:25 +02:00
Cameron Kaiser
67d1616018 Gopher using Curl_write; test suite (4 tests) 2010-08-25 14:21:25 +02:00
Cameron Kaiser
65629f2915 Remove url.c test 2010-08-25 14:19:58 +02:00
Cameron Kaiser
795107453d Forgot gopher.h in Makefile.inc 2010-08-25 14:19:58 +02:00
Cameron Kaiser
201637d468 Gopher protocol support (initial release) 2010-08-25 14:19:58 +02:00
Daniel Stenberg
6b6a3bcb61 http: handle trailer headers in all chunked responses
HTTP allows that a server sends trailing headers after all the chunks
have been sent WITHOUT signalling their presence in the first response
headers. The "Trailer:" header is only a SHOULD there and as we need to
handle the situation even without that header I made libcurl ignore
Trailer: completely.

Test case 1116 was added to verify this and to make sure we handle more
than one trailer header properly.

Reported by: Patrick McManus
Bug: http://curl.haxx.se/bug/view.cgi?id=3052450
2010-08-25 13:42:14 +02:00
Ben Greear
bed311eda2 multi: Fix compile warning on 64-bit systems 2010-08-24 18:30:26 +02:00
Dirk Manske
ab6681c2c8 Curl_is_connected: use correct errno
The correctly extracted errno contents were mistakenly overwritten by a newer
value that wasn't the correct error value.

Bug: http://curl.haxx.se/mail/lib-2010-08/0242.html
2010-08-21 00:29:35 +02:00
Guenter Knauf
daa96f9928 Added mk-ca-bundle.vbs script.
The script works exactly same as the Perl one except for one thing:
when the text descriptions generated with openssl are included then
the md5 fingerprints are missing; seems openssl has either a bug or
a feature which prints the md5 fingerprint output to stdout instead
of writing them to specified file; this script could here do the same
as what the Perl scripr does (redirect stdout into file) but this
makes the script take up double the time because it needs to launch
cmd.exe 140 times (fo each openssl call). So I think for now we just
ommit the md5 fingerprints, and see if openssl will be fixed.
2010-08-20 03:02:49 +02:00
Dan Fandrich
ab81f6c7c4 Fixed a memory leak during OOM in the multi timeout code 2010-08-18 23:08:18 -07:00
Daniel Stenberg
280d2cff2e multi: avoid sending multiple complete messages
I fell over this bug report that mentioned that libcurl could wrongly
send more than one complete messages at the end of a transfer. Reading
the code confirmed this, so I've added a new multi state to make it not
happen. The mentioned bug report was made by Brad Jorsch but is (oddly
enough) filed in Debian's bug tracker for the "wmweather+" tool.

Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=593390
2010-08-18 19:59:46 +02:00
Guenter Knauf
2b6208a6de It is sufficient to pipe stderr to NUL to get rid of the nasty messages. 2010-08-18 16:08:20 +02:00
Guenter Knauf
2f0532a072 Added SSPI build to Watcom makefile. 2010-08-18 15:17:05 +02:00
Julien Chaffraix
6b490ed33c progress: callback for POSTs less than MAX_INITIAL_POST_SIZE
Add a call to Curl_pgrsSetUploadSize in this case valided by a test
case.

Reported by: Никита Дорохин.
Bug: http://curl.haxx.se/mail/lib-2010-04/0173.html
2010-08-16 22:56:43 +02:00
Daniel Stenberg
13b8fc46a3 negotiation: Wrong proxy authorization
There's an error in http_negotiation.c where a mistake is using only
userpwd even for proxy requests. Ludek provided a patch, but I decided
to write the fix slightly different using his patch as inspiration.

Reported by: Ludek Finstrle
Bug: http://curl.haxx.se/bug/view.cgi?id=3046066
2010-08-16 22:26:52 +02:00
Guenter Knauf
8f6189600f Syncroniszed vclean target; fixed some comments. 2010-08-15 16:56:03 +02:00
Daniel Stenberg
9124bfba45 multi: use timeouts properly for MAX_RECV/SEND_SPEED
When detecting that the send or recv speed, the multi interface changes
state to TOOFAST and previously there was no timeout set that would
force a recheck but it would rely on the application to somehow call
libcurl anyway. This now sets a timeout for a suitable future time to
check again if the average transfer speed is then below the threshold
again.
2010-08-15 13:16:39 +02:00
Daniel Stenberg
232ad6549a multi: support timeouts
Curl_expire() is now expanded to hold a list of timeouts for each easy
handle. Only the closest in time will be the one used as the primary
timeout for the handle and will be used for the splay tree (which sorts
and lists all handles within the multi handle).

When the main timeout has triggered/expired, the next timeout in time
that is kept in the list will be moved to the main timeout position and
used as the key to splay with. This way, all timeouts that are set with
Curl_expire() internally will end up as a proper timeout. Previously any
Curl_expire() that set a _later_ timeout than what was already set was
just silently ignored and thus missed.

Setting Curl_expire() with timeout 0 (zero) will cancel all previously
added timeouts.

Corrects known bug #62.
2010-08-15 13:16:39 +02:00
Daniel Stenberg
03da3ba1c0 Curl_llist_insert_next: allow insertion first in the list
When we specify the "insert after" entry as NULL, this function now
inserts the new entry first in the list.
2010-08-15 13:16:39 +02:00
Daniel Stenberg
4d53dc5d80 multi: make curl_multi_info_read perform O(1)
Instead of looping over all attached easy handles, this now keeps a list
of messages in the multi handle. It allows curl_multi_info_read() to
perform O(1) no matter how many easy handles that are handled. This is
of importance since this function may be polled very frequently by apps
using the multi interface.
2010-08-15 13:16:39 +02:00
Guenter Knauf
3c2ee9c341 Added OpenSSL builds to Watcom makefiles. 2010-08-11 18:08:39 +02:00
Daniel Stenberg
8348dd96dd warning: silence the compiler
warning: conversion to 'long int' from 'time_t' may alter its value

... on win64 when time_t is 64bit and long is 32bit.
2010-08-11 00:06:20 +02:00
Daniel Stenberg
37201e3c36 callbacks: acknowledge progress callback error returns
When the progress callback is called during the TCP connection, an error
return would accidentally not abort the operation as intended but would
instead be counted as a failure to connect to that particular IP and
libcurl would just continue to try the next. I made singleipconnect()
and trynextip() return CURLcode properly.

Added bonus: it corrected the error code for bad --interface usages,
like tested in test 1084 and test 1085.

Reported by: Adam Light
Bug: http://curl.haxx.se/mail/lib-2010-08/0105.html
2010-08-10 23:16:08 +02:00
Guenter Knauf
06869597c3 More Watcom makefile fixes ...
Final fix (hopefully!) for dll wlink loader;
prefer faster internal rm if available.
2010-08-10 21:27:01 +02:00
Guenter Knauf
517f3a1b8f Fixed my wrong edit. 2010-08-10 17:41:48 +02:00
Guenter Knauf
495d3e07d4 More Watcom makefile fixes.
Added the -br switch to dynamic builds which fixes the issue I saw
with curl's --version output. Added debug info and symfile for debug
builds to linker opts. Added DLL loader for wlink back, but this time
dependend on wlink version.
Patch posted to the list by malak.jiri AT gmail.com.
2010-08-10 17:29:06 +02:00
Guenter Knauf
44e5e37f38 Changed test for -u switch in order to enable other wmake switches.
The var %MAKEFLAGS is only set in 3 cases: if set as environment
var or as macro definition from commandline, and either with the
-u or -ms switch. Since all these cases are unlikely for the average
user it should be safe to only test if %MAKEFLAGS is defined; this
has the benefit that now all other switches can be used again in
addition to the -u which was formerly not possible.
2010-08-10 15:32:56 +02:00
Daniel Stenberg
1d594772fd llist: hide Curl_llist_init
Curl_llist_init is never used outside of llist.c and thus it should be
static. I also removed the protos for Curl_llist_insert_prev and
Curl_llist_remove_next which are functions we removed from llist.c ages
ago.
2010-08-10 11:07:38 +02:00
Guenter Knauf
d7134036b2 Updated lib dependency versions. 2010-08-10 05:51:38 +02:00
Daniel Stenberg
dc2157a087 parse_remote_port: fix ;type= URL suffix over HTTP proxy
Test 563 is enabled now and verifies that the combo FTP type=A URL,
CURLOPT_PORT set and proxy work fine. As a bonus I managed to remove the
somewhat odd FTP check in parse_remote_port() and instead converted it
to a better and more generic 'slash_removed' struct field. Checking the
->protocol field isn't right since when an FTP:// URL is sent over a
HTTP proxy, the protocol is HTTP but the URL was handled by the FTP code
and thus slash_removed is set TRUE for this case.
2010-08-10 00:56:45 +02:00
Daniel Stenberg
5d5dd08e77 indent: white space fixes only 2010-08-10 00:07:06 +02:00
Daniel Stenberg
6ccbd1bee4 typo: remove duplicate semicolon 2010-08-08 22:51:37 +02:00
Daniel Stenberg
1267719735 multi: avoid a malloc() when a transfer is complete
The struct used for storing the message for a completed transfer is now
no longer allocated separatly but is kept within the main struct kept
for each easy handle so that we avoid one malloc (and the subsequent
free).
2010-08-08 22:50:09 +02:00
Guenter Knauf
6ea043a504 Fix to overwrite libcurl name. 2010-08-07 18:33:46 +02:00
U-D5B1PQ1J\Administrador
7d342c723c build: allow NTLM tests to run on more build configurations 2010-08-07 15:03:54 +02:00
Guenter Knauf
11958ed331 Block created curlbuild.h for NetWare to avoid usage from other platforms. 2010-08-07 01:29:04 +02:00
Daniel Stenberg
f91d578674 multi_socket: set timeout for 100-continue
When libcurl internally decided to wait for a 100-continue header, there
was no call to the timeout function so there was no timeout callback
called when the multi_socket API was used and thus applications became
either completely wrong or at least ineffecient depending on how they
handled the situation. We now set a timeout to get triggered.

Reported by: Ben Darnell
Bug: http://curl.haxx.se/bug/view.cgi?id=3039744
2010-08-06 11:00:17 +02:00
Guenter Knauf
9df8257301 Some more Watcom makefile massage ...
For now removed the .autodepend directive until I've figured out
which of my changes broke it again.
2010-08-06 03:46:34 +02:00
Yang Tse
992ceae386 build: fix libssh2_scp_send64() availability 2010-08-05 16:27:39 +02:00
Yang Tse
364fd2f1ad build: remove unneeded cast to (void *) 2010-08-04 19:05:09 +02:00
Daniel Stenberg
f8cf037ecf SCP: send large files properly with new enough libssh2
libssh2 1.2.6 and later handle >32bit file sizes properly even on 32bit
architectures and we make sure to use that ability.

Reported by: Mikael Johansson
Bug: http://curl.haxx.se/mail/lib-2010-08/0052.html
2010-08-04 18:29:13 +02:00
Yang Tse
6028fdb305 build: add missing new files to non-configure target build files 2010-08-03 13:09:39 +02:00
Yang Tse
45456135d5 md4: replace bcopy usage with memcpy 2010-08-03 12:00:32 +02:00
Daniel Stenberg
a1a5ba3d0a Curl_connected_proxy: skip the bits.tcpconnect check
Simply because the TCP might be connected already we cannot skip the
proxy connect procedure. We need to be careful to not overload more
meaning to the bits.tcpconnect field like this.

With this fix, SOCKS proxies work again when the multi interface is
used. I believe this regression was added with commit 4b351d018e,
released as 7.20.1.

Left todo: add a test case that verifies this functionality that
prevents us from breaking it again in the future!

Reported by: Robin Cornelius
Bug: http://curl.haxx.se/bug/view.cgi?id=3033966
2010-08-02 23:17:30 +02:00
Daniel Stenberg
40253e32fe build: add typecast to avoid warning
There is an implicit conversion from "unsigned long" to "long";
rounding, sign extension, or loss of accuracy may result.
2010-08-02 18:53:34 +02:00
Guenter Knauf
3cf658fc24 Removed ugly dependency lists since wmake knows the .autodepend directive. 2010-08-02 05:51:17 +02:00
Guenter Knauf
6f3dc2a726 Removed wlink from DLL loader list because it doesnt work with Watcom < 1.8. 2010-08-02 01:30:37 +02:00
Guenter Knauf
b01fb30f9c Moved the LDAP API defines from Makefile.Watcom to config-win32.h.
These defines are only needed for older Watcom versions (< 1280).
2010-08-02 01:28:46 +02:00
Daniel Stenberg
811fcccfc9 multi: fix FTPS connecting the data connection with OpenSSL
Commit 496002ea1c (released in 7.20.1) broke FTPS when using the
multi interface and OpenSSL was used. The condition for the non-blocking
connect was incorrect.

Reported by: Georg Lippitsch
Bug: http://curl.haxx.se/mail/lib-2010-07/0270.html
2010-08-01 23:50:46 +02:00
Guenter Knauf
b552ca223e Fixed curlbuild.h rule. 2010-08-01 04:48:29 +02:00
Guenter Knauf
a93522f68d Added rule to create curlbuild.h if not present (for builds from git). 2010-08-01 02:39:03 +02:00
Guenter Knauf
fbee86a9e2 Fixed curl.exe static linking. 2010-07-31 11:52:05 +02:00
Daniel Stenberg
2f0c118577 warning: silence a win64 compiler warning
conversion from 'size_t' to 'curl_socklen_t', possible loss of data

Reported by: Adam Light
2010-07-30 23:19:47 +02:00
Daniel Stenberg
314117cbf1 smtp_connect: always provide host name buffer
Previously the host name buffer was only used if gethostname() exists,
but since we converted that into a curl private function that function
always exists and will be used so the buffer needs to exist for all
cases/systems.
2010-07-30 22:36:31 +02:00
Kamil Dudka
b5c3feda17 NTLM tests: boost coverage by forcing the hostname
A shared library tests/libtest/.libs/lihostname.so is preloaded in NTLM
test-cases to override the system implementation of gethostname().  It
makes it possible to test the NTLM authentication for exact match, and
this way test the implementation of MD4 and DES.

If LD_PRELOAD doesn't work, a debug build willl also workk as debug
builds are now made to prefer a specific environment variable and will
then return that content as host name instead of the actual one.

Kamil wrote the bulk of this, Daniel Stenberg polished it.
2010-07-30 00:51:24 +02:00
Guenter Knauf
01c309e186 Added a comment with an alternate idea to avoid the backslash line contination character. 2010-07-29 09:06:55 +02:00
Guenter Knauf
d873c820bd Changed comparison to match size_t var type. 2010-07-29 05:33:04 +02:00
Guenter Knauf
41cf1f4090 Removed unused vars to avoid compiler warnings. 2010-07-29 05:20:43 +02:00
Guenter Knauf
6ad0acb608 Make Watcom makefiles use Makefile.inc to reduce future maintainance.
lib/Makefile.Watcom works fine already, for src/Makefile.Watcom we
need first to tweak src/Makefile.inc a bit - therefore the handtweaked
list still exists for now.
2010-07-29 03:50:09 +02:00
Guenter Knauf
cfbb351e22 Watcom makefiles overhaul.
- make both libcurl and curl makefiles use register calling convention
  (previously libcurl had stack calling convention).
- added include paths to the Watcom headers so its no longer required
  to set the environment vars for this.
- added -wcd=201 to supress compiler warning about unreachable code.
- use macros for all tools, and removed dependency on GNU tools like rm.
- make ipv6 and debug builds controlable via env vars and so make them
  optional instead of default.
- commented WINLDAPAPI and WINBERAPI since they broke with OW 1.8, and
  it seems they're not needed (anymore?).
- added rule for hugehelp.c.cvs so that it will be created when not
  already exist - this is required for building from a release tarball
  since there we have no hugehelp.c.cvs, thus compilation broke.
- removed C_ARG creation from lib/Makefile.Watcom and use CFLAGS
  directly as done too in src/Makefile.Watcom - this has the benefit
  that we will see all active cflags and defines during compile.
- added LINK-ARG to src/Makefile.Watcom in order to better control
  linker input.
- a couple of other minor makefile tweaks here and there ...
- added largefile support for Watcom builds to config-win32.h. Not yet
  tested if it really works, but should since Win32 supports it.
- added loaddll stuff to speed up builds if supported.
2010-07-29 03:18:40 +02:00
Guenter Knauf
11f53b9a18 some cosmetic changes. 2010-07-28 08:05:00 +02:00
Dan Fandrich
eb33f5d1f8 Added md4.c to the Watcom makefile 2010-07-26 16:41:27 -07:00
Daniel Stenberg
6d2ccfed48 add_buffer_send: fix compiler warning
Win64's 32 bit long but 64 bit size_t caused a warning that we avoid
with a typecast. A small whitespace indent fix was also applied.

Reported by: Adam Light
2010-07-24 22:52:35 +02:00
Guenter Knauf
7738b15977 Updated library versions. 2010-07-22 04:34:54 +02:00
Guenter Knauf
0fa4b41c2b Fixed script version which was still based on CVS Revision tag. 2010-07-22 04:29:54 +02:00
Ben Greear
affff47b3d ssh: Fix compile error on 64-bit systems.
Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-07-21 21:31:37 +02:00
Ben Greear
d6981cb508 build: Enable configure --enable-werror
This passes -Werror to gcc when building curl and libcurl,
  allowing easy dection of compile warnings.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-07-21 21:29:47 +02:00
Ben Greear
40ecd6c9b8 pingpong: Fix indentation (whitespace change only)
Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-07-21 21:27:33 +02:00
Jan Van Boghout
181b08babb CUSTOMREQUEST: shouldn't be disabled when HTTP is disabled
... since FTP is using it as well, and potentially other protocols!

Also, an #endif CURL_DISABLE_HTTP was incorrectly marked, as it seems to
end the proxy block instead.
2010-07-18 20:23:08 +02:00
Jan Van Boghout
7abf3b97fe pingpong: response_time is milliseconds
Fixed the comment/document for the response_time struct member.
2010-07-18 00:49:29 +02:00
Jan Van Boghout
4a1384a8b4 ftp: response timeout bug in "quote" sending
The FTP implementation was missing a timestamp reset point, making the
waiting for responses after sending a post-transfer "QUOTE" command not
working as supposedly. This bug was introduced in 7.20.0
2010-07-18 00:44:25 +02:00
Constantine Sapuntzakis
d4e6404135 multi: fix condition that remove timers before trigger
curl_multi perform has two phases: run through every easy handle calling
multi_runsingle and remove expired timers (timer removal).

If a small timer (e.g. 1-10ms) is set during multi_runsingle, then it's
possible that the timer has passed by when the timer removal runs. The
timer which was just added is then removed. This will potentially cause
the timer list to be empty and cause the next call to curl_multi_timeout
to return -1. Ideally, curl_multi_timeout should return 0 in this case.

One way to fix this is to move the struct timeval now = Curl_tvnow(); to
the top of curl_multi_perform. The change does that.
2010-07-12 19:19:31 +02:00
Constantine Sapuntzakis
3992309285 threaded resolver: fix timeout issue
Reset old timer first so we can set a new one further in the future.
2010-07-12 19:03:51 +02:00
Daniel Stenberg
e01cc7737c http: don't enable chunked during authentication negotiations
As mentioned in bug report #2956968, the HTTP code wouldn't send the
first empty chunk during the auth negotiation phase of the HTTP request
sending, so the server would wait for data to come and libcurl would
wait for data to arrive... I've made the code not enable chunked
encoding until the auth negotiation is done and thus this scenario
doesn't occur anymore.

Reported by: Sidney San Martn
Bug: http://curl.haxx.se/bug/view.cgi?id=2956968
2010-07-06 22:50:21 +02:00
Daniel Stenberg
9be951a415 multi: CURLINFO_LASTSOCKET doesn't work after remove_handle
When curl_multi_remove_handle() is called and an easy handle is returned
to the connection cache held in the multi handle, then we cannot allow
CURLINFO_LASTSOCKET to extract it since that will more or less encourage
that the user uses the socket while it can get used by libcurl again.

Without this fix, we'd get a segfault in Curl_getconnectinfo() trying to
dereference the NULL pointer in 'data->state.connc'.

Bug: http://curl.haxx.se/bug/view.cgi?id=3023840
2010-07-01 23:32:20 +02:00
Pierre Joye
7239538d9a build: add enable IPV6 option for the VC makefiles 2010-06-30 19:42:37 +02:00
Kamil Dudka
f3b77e5611 http_ntlm: add support for NSS
When configured with '--without-ssl --with-nss', NTLM authentication
now uses NSS crypto library for MD5 and DES.  For MD4 we have a local
implementation in that case.  More details are available at
https://bugzilla.redhat.com/603783

In order to get it working, curl_global_init() must be called with
CURL_GLOBAL_SSL or CURL_GLOBAL_ALL.  That's necessary because NSS needs
to be initialized globally and we do so only when the NSS library is
actually required by protocol.  The mentioned call of curl_global_init()
is responsible for creating of the initialization mutex.

There was also slightly changed the NSS initialization scenario, in
particular, loading of the NSS PEM module.  It used to be loaded always
right after the NSS library was initialized.  Now the library is
initialized as soon as any SSL or NTLM is required, while the PEM module
is prevented from being loaded until the SSL is actually required.
2010-06-30 13:12:25 +02:00
Pavel Raiskup
f7ae7b3623 ftp wildcard: FTP LIST parser FIX
There was a problem when a UNIX-like server returned information
about directory size (total NNNNNN) at the first line of
response.
2010-06-24 23:45:44 +02:00
Daniel Stenberg
8da56e12c6 multi_socket: re-use of same socket without notifying app
When a hostname resolves to multiple IP addresses and the first one
tried doesn't work, the socket for the second attempt may get dropped on
the floor, causing the request to eventually time out. The issue is that
when using kqueue (as on mac and bsd platforms) instead of select, the
kernel removes the first fd from kqueue when it is closed (in trynextip,
connect.c:503). Trynextip() then goes on to open a new socket, which
gets assigned the same number as the one it just closed. Later in
multi.c, socket_cb is not called because the fd is already in
multi->sockhash, so the new socket is never added to kqueue.

The correct fix is to ensure that socket_cb is called to remove the fd
when trynextip() closes the socket, and again to re-add it after
singleipsocket(). I'm not sure how to cleanly do that, but the attached
patch works around the problem in an admittedly kludgy way by delaying
the close to ensure that the newly-opened socket gets a different fd.

Daniel's added comment: I didn't spot a way to easily do a nicer fix so
I've proceeded with Ben's patch.

Bug: http://curl.haxx.se/bug/view.cgi?id=3017819
Patch by: Ben Darnell
2010-06-24 23:22:24 +02:00
Pavel Raiskup
0a04078916 ftp-wildcard: avoid tight loop when used without any pattern
It was broken for URLs like "ftp://example.com/".
2010-06-24 10:18:17 +02:00
Daniel Stenberg
1b15b31c86 sendrecv: treat all negative values from send/recv as errors
For example the libssh2 based functions return other negative
values than -1 to signal errors and it is important that we catch
them properly. Right before this, various failures from libssh2
were treated as negative download amounts which caused havoc.
2010-06-19 00:18:14 +02:00
Daniel Stenberg
e6d85923c1 multi: prevent NULL pointer dereference
My additional call to Curl_pgrsUpdate() would sometimes get
called even though there's no connection (left) so a NULL pointer
would get passed, causing a segfault.
2010-06-18 23:46:09 +02:00
Daniel Stenberg
614bae813e smtp: fixed a few uses of size_t that seemed to believe it was signed
Reported-by: Steven M. Schweda
2010-06-18 16:20:41 +02:00
Dan Fandrich
bd6a695545 Fixed an OOM memory leak in the FTP wildcard code 2010-06-17 10:56:25 -07:00
Krister Johansen
43edcc4a2e multi: unmark handle as used when no longer head of pipeline 2010-06-17 15:46:27 +02:00
Daniel Stenberg
01c2b397aa multi: call the progress function only once and allow abort
1) no need to call the progress function twice when in the
CURLM_STATE_TOOFAST state.

2) Make sure that the progress callback's return code is
acknowledged when used
2010-06-17 15:19:30 +02:00
Daniel Stenberg
51a757c11b multi: call the progress callback in all states
As long as no error is reported, the progress function can get
called. This may be a little TOO often so we should keep an eye
on this and possibly make this conditional somehow.
2010-06-17 15:10:08 +02:00
Yang Tse
88af6fbf98 remove unused 'tmpdata' and 'backup' ftp_parselist_data struct members 2010-06-10 04:46:30 +02:00
Yang Tse
6b6fe2a4d5 replace isprint() with ISPRINT() 2010-06-10 02:33:45 +02:00
Yang Tse
54aca3c5ec ensure that Curl_wildcard_dtor() leaves WildcardData struct zero initialized 2010-06-10 02:30:23 +02:00
Yang Tse
343c4c7072 code simplification 2010-06-09 16:48:19 +02:00
Yang Tse
6a0d3233ff add Curl_ prefix to conform with cURL naming standards 2010-06-09 15:45:46 +02:00
Yang Tse
d3714b016d Merge branch 'master' of git@github.com:bagder/curl 2010-06-09 01:57:37 +02:00
Yang Tse
da6e992e1d fix compiler warning using curl_socket_t to store socket descriptor 2010-06-09 01:51:46 +02:00
Daniel Stenberg
bb60fe0c1a inet_pton: warnings: use size_t to store pointer deltas 2010-06-08 23:09:42 +02:00
Yang Tse
feecf63a96 avoid redundant work when reusing same connection 2010-06-08 19:29:20 +02:00
Yang Tse
cbdd1cbcde fix function result checking 2010-06-08 16:16:34 +02:00
Daniel Stenberg
b3d7161642 transfer: warning: implicit conversion
There is an implicit conversion from "unsigned long" to "long";
rounding, sign extension, or loss of accuracy may result.

Fixed by an added typecast.
2010-06-08 10:36:06 +02:00
Daniel Stenberg
3b47d231ac TFTP: fix compiler warning
Curl_fillreadbuffer()'s second argument takes an int, so
typecasting to another is a bad idea.
2010-06-08 10:35:06 +02:00
Daniel Stenberg
7977bc3dfa TFTP: fix warning for sendto() usage on non-POSIX systems
Older unixes want an 'int' instead of 'size_t' as the 3rd
argumment so before this change it would cause warnings such as:

There is an implicit conversion from "unsigned long" to "int";
rounding, sign extension, or loss of accuracy may result.
2010-06-08 10:19:39 +02:00
Dan Fandrich
00fdafb0a1 Include Makefile.inc to get the list of source files for Amiga
Signed-off-by: Diego Casorran <dcasorran@gmail.com>
2010-06-07 14:00:16 -07:00
Yang Tse
f737e94164 Curl_updateconninfo() error handling fix 2010-06-07 16:53:31 +02:00
Constantine Sapuntzakis
a0dd9df9ab OpenSSL: fix spurious SSL connection aborts
Was seeing spurious SSL connection aborts using libcurl and
OpenSSL. I tracked it down to uncleared error state on the
OpenSSL error stack - patch attached deals with that.

Rough idea of problem:

Code that uses libcurl calls some library that uses OpenSSL but
don't clear the OpenSSL error stack after an error.

ssluse.c calls SSL_read which eventually gets an EWOULDBLOCK from
the OS. Returns -1 to indicate an error

ssluse.c calls SSL_get_error. First thing, SSL_get_error calls
ERR_get_error to check the OpenSSL error stack, finds an old
error and returns SSL_ERROR_SSL instead of SSL_ERROR_WANT_READ or
SSL_ERROR_WANT_WRITE.

ssluse.c returns an error and aborts the connection

Solution:

Clear the openssl error stack before calling SSL_* operation if
we're going to call SSL_get_error afterwards.

Notes:

This is much more likely to happen with multi because it's easier
to intersperse other calls to the OpenSSL library in the same
thread.
2010-06-05 23:41:58 +02:00
Yang Tse
4724b9d966 replace socklen_t with curl_socklen_t 2010-06-05 15:08:26 +02:00
Frank Meier
8098d9417c getinfo: added *_PRIMARY_PORT, *_LOCAL_IP and *_LOCAL_PORT 2010-06-05 00:31:36 +02:00
Yang Tse
43d20d81a5 Enable OpenLDAP support for cygwin builds.
Enable OpenLDAP support for cygwin builds. This support was disabled back
in 2008 due to incompatibilities between OpenSSL and OpenLDAP headers.
cygwin's OpenSSL 0.9.8l and OpenLDAP 2.3.43 versions on cygwin 1.5.25
allow building an OpenLDAP enabled libcurl supporting back to Windows 95.

Remove non-functional CURL_LDAP_HYBRID code and references.
2010-06-04 15:14:31 +02:00
Kamil Dudka
bc0f3dd15e ftplistparser.c: oops, fix typo in the last commit 2010-06-02 23:55:45 +02:00
Kamil Dudka
475c19c42b ftplistparser.c: avoid some invalid dereferences 2010-06-02 23:50:38 +02:00
Kamil Dudka
c072bd4609 lib: eliminate some dead code 2010-06-02 23:50:38 +02:00
Daniel Stenberg
684830cb2a SSH: corrected the inability to respect the timeout
Jason McDonald posted bug report #3006786 when he found that the
SFTP code didn't timeout properly in several places in the code
even if a timeout was set properly.

Based on his suggested patch, I wrote a different implementation
that I think addressed the issue better and also uses the connect
timeout for the initial part of the SSH/SFTP done during the
"protocol connect" phase.

(http://curl.haxx.se/bug/view.cgi?id=3006786)
2010-06-02 23:33:51 +02:00
Yang Tse
3b24076c3b add missing new files to non-configure target build files 2010-06-02 15:09:39 +02:00
Yang Tse
077125e4a2 include libcurl standard internal headers 2010-06-02 14:13:02 +02:00
Yang Tse
d939e0f410 make setup.h first included file 2010-06-02 13:19:04 +02:00
Yang Tse
69d07feb14 fix spnego memory leak 2010-06-02 12:44:46 +02:00
Yang Tse
1c4538610b openldap header inclusions fix 2010-06-02 11:23:30 +02:00
Daniel Stenberg
2c72732ebf multi_socket: handles timer inaccuracy better for timeouts
Igor Novoseltsev reported a problem with the multi socket API and
using timeouts and timers. It boiled down to a problem with
libcurl's use of GetTickCount() interally to figure out the
current time, while Igor's own application code used another
function call.

It made his app call the socket API timeout function a bit
_before_ libcurl would consider the timeout to trigger, and that
could easily lead to timeouts or stalls in the app. It seems
GetTickCount() in general often has no better resolution than
16ms and switching to the alternative function
QueryPerformanceCounter has its share of problems:
http://www.virtualdub.org/blog/pivot/entry.php?id=106

We address this problem by simply having libcurl treat timers
that already has occured or will occur within 40ms subject for
treatment. I'm confident that there are other implementations and
operating systems with similarly in accurate timer functions so
it makes sense to have applied generically and I don't believe we
sacrifice much by adding a 40ms inaccuracy on these timeouts.
2010-06-01 23:20:16 +02:00
Yang Tse
89da532445 fix ldap related compilation issues 2010-06-01 17:25:03 +02:00
Yang Tse
b38189c7b4 fix compiler warning: enumerated type mixed with another type 2010-06-01 12:25:14 +02:00
Yang Tse
1bb04927f3 fix compiler warning: enumerated type mixed with another type 2010-05-31 19:55:22 +02:00
Patrick Monnerat
3fd01be648 smtp_authenticate: avoid compiler warnings 2010-05-31 17:37:00 +02:00
Yang Tse
0546d448ce fix compiler warning: enumerated type mixed with another type 2010-05-31 17:22:43 +02:00
Yang Tse
b4fa27ae4b fix compiler warning: enumerated type mixed with another type 2010-05-31 17:11:51 +02:00
Yang Tse
a9483b1f4a fix compiler warning: enumerated type mixed with another type 2010-05-31 16:36:05 +02:00
Yang Tse
40f8aaedb7 fix compiler warning: external declaration in primary source file 2010-05-31 16:24:01 +02:00
Yang Tse
374f48675b update year in copyright notice 2010-05-31 13:51:29 +02:00
Kamil Dudka
20ae9d4f71 strtoofft: rename CURL_LLONG_MIN -> CURL_OFF_T_MIN
... and CURL_LLONG_MAX -> CURL_OFF_T_MAX
2010-05-29 21:28:16 +02:00
Kamil Dudka
35955179c6 CURL_LLONG_MAX: avoid constant overflow
... when (CURL_SIZEOF_CURL_OFF_T == 4)
2010-05-29 21:23:18 +02:00
Howard Chu
b1c1b9bb76 LDAPS: list availability depending on SSL's presence 2010-05-28 12:23:28 +02:00
Howard Chu
123f80ae54 LDAP: make it build without SSL if no such support is available
of course it also goes for the case where SSL is explicitly
disabled
2010-05-28 12:22:35 +02:00
Kamil Dudka
233ec511db lib: eliminate 'statement not reached' warnings 2010-05-28 09:45:17 +02:00
Howard Chu
c03cbb38ad openldap: fix compiler warnings 2010-05-27 22:37:38 +02:00
Daniel Stenberg
63661d8e83 indent: some whitespace edits 2010-05-27 22:37:38 +02:00
Kamil Dudka
4a0493f789 wildcard.c: add missing include of "setup.h" 2010-05-27 20:56:01 +02:00
Pavel Raiskup
9190e2876e wildcard.c: add missing include of "curl_memory.h" 2010-05-27 18:41:29 +02:00
Tor Arntsen
b4f0e1291f setup_once: use enum type for 'bool' on non-C99 platforms
An enum will catch non-bool assignments to bool on platforms with
a strict compiler, e.g MIPSPro.

Signed-off-by: Kamil Dudka <kdudka@redhat.com>
2010-05-27 18:15:17 +02:00
Kamil Dudka
dd8568739c url.c: avoid implied cast to bool 2010-05-27 16:35:31 +02:00
Tor Arntsen
97b497a75f curl_fnmatch: remove use of register keyword
Using the 'register' keyword rarely improves anything with modern
compilers and architectures.
2010-05-27 16:34:57 +02:00
Julien Chaffraix
d3c813e726 RTMP: Fix compiler warnings 2010-05-26 00:41:45 +02:00
Julien Chaffraix
9e480973eb OOM fixes in http_negociate.c and lib/splay.c
Fix 2 OOM errors: a missing NULL-check in lib/http_negociate.c
and a potential NULL dereferencing in lib/splay.c
2010-05-26 00:40:26 +02:00
Howard Chu
2e056353b0 LDAP: properly implemented as a curl_handler
makes the LDAP code much cleaner, nicer and in general being a
better libcurl citizen. If a new enough OpenLDAP version is
detect, the new and shiny lib/openldap.c code is then used
instead of the old cruft

Code by Howard, minor cleanups by Daniel.
2010-05-25 00:44:42 +02:00
Tor Arntsen
606b933a4f curl_fnmatch: Use int not bool when function returns int
bool in curl internals is unsigned char and should not be used
to receive return value from functions returning int - this fails
when using IBM VisualAge and Tru64 compilers.
2010-05-21 23:42:55 +02:00
Daniel Stenberg
d17709da31 TFTP: send legal timeout value
Eric Mertens posted bug #3003705: when we made TFTP use the
correct timeout option when sent to the server (fixed May 18th
2010) it became obvious that libcurl used invalid timeout values
(300 by default while the RFC allows nothing above 255). While of
course it is obvious that as TFTP has worked thus far without
being able to set timeout at all, just removing the setting
wouldn't make any difference in behavior. I decided to still keep
it (but fix the problem) as it now actually allows for easier
(future) customization of the timeout.

(http://curl.haxx.se/bug/view.cgi?id=3003705)
2010-05-21 23:29:52 +02:00
Daniel Stenberg
0bb6deda72 TFTP: don't ack if wrong block num is received
If an unexpected block number was received, break out of the
switch loop.
2010-05-21 23:07:59 +02:00
Daniel Stenberg
0a29e2445c TFTP: block id wrap bug fix
In a normal expression, doing [unsigned short] + 1 will not wrap
at 16 bits so the comparisons and outputs were done wrong. I
added a macro do make sure it gets done right.

Douglas Kilpatrick filed bug report #3004787 about it:
http://curl.haxx.se/bug/view.cgi?id=3004787
2010-05-21 23:04:15 +02:00
Ben Greear
700335103e Fix build warnings.
Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-05-20 23:16:46 +02:00
Ben Greear
368fd5d27b setopt: Fix setting of set.is_fwrite_set
Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-05-20 23:15:34 +02:00
Tanguy Fautre
81239edb89 build: allow curl to build with Microsoft VC10
By undefing a bunch of E* defines that VC10 has started to define
but that we redefine internally to their WSA* alternatives when
building for Windows.
2010-05-20 22:40:48 +02:00
Tor Arntsen
5f53c9d94a lib: Fix AIX build failure 2010-05-19 22:09:35 +02:00
Dan Fandrich
04cfef24a1 Fixed some memory leaks in the POP3 torture tests 2010-05-19 12:18:06 -07:00
Dan Fandrich
1d26151d5f Fixed a memory leak in the SMTP torture tests 2010-05-18 14:44:19 -07:00
Daniel Stenberg
aabd27d9aa TFTP: send timeout option correctly
Eric Mertens posted bug report #3003005 pointing out that the
libcurl TFTP code was not sending the timeout option properly to
the server, and suggested a fix.

(http://curl.haxx.se/bug/view.cgi?id=3003005)
2010-05-18 23:14:00 +02:00
Tor Arntsen
dcc061543a lib: Change some CRLF line endings to LF
An update had added a couple of lines with DOS line endings,
and some compilers will choke on that (e.g. the Tru64 compiler).
2010-05-16 22:34:02 +02:00
Kamil Dudka
2ffe834bff ftp wildcard: a new option CURLOPT_FNMATCH_DATA 2010-05-16 02:52:33 +02:00
Howard Chu
027ceb37a1 RMTP: the version code is now rtmp aware 2010-05-15 22:13:17 +02:00
Howard Chu
510836f80b RTMP: fix wrong #ifdef 2010-05-15 22:02:44 +02:00
Pavel Raiskup
e4af5d6efc ftp wildcard: fix int32_t and size/group mixups 2010-05-15 21:58:50 +02:00
Daniel Stenberg
77cfeadfa6 OpenSSL: multi interface handshake could hang
John-Mark Bell filed bug #3000052 that identified a problem (with
an associated patch) with the OpenSSL handshake state machine
when the multi interface is used:

Performing an https request using a curl multi handle and using
select or epoll to wait for events results in a hang. It appears
that the cause is the fix for bug #2958179, which makes
ossl_connect_common unconditionally return from the step 2 loop
when fetching from a multi handle.

When ossl_connect_step2 has completed, it updates
connssl->connecting_state to ssl_connect_3. ossl_connect_common
will then return to the caller, as a multi handle is in
use. Eventually, the client code will call curl_multi_fdset to
obtain an updated fdset to select or epoll on. For https
requests, curl_multi_fdset will cause https_getsock to be called.
https_getsock will only return a socket handle if the
connecting_state is ssl_connect_2_reading or
ssl_connect_2_writing.  Therefore, the client will never obtain a
valid fdset, and thus not drive the multi handle, resulting in a
hang.

(http://curl.haxx.se/bug/view.cgi?id=3000052)
2010-05-14 22:35:08 +02:00
Daniel Stenberg
7764795c06 follow redirect: ignore response-body on redirect even if compressed
Sebastian V reported bug #3000056 identifying a problem with
redirect following. It showed that when curl followed redirects
it didn't properly ignore the response body of the 30X response
if that response was using compressed Content-Encoding!

(http://curl.haxx.se/bug/view.cgi?id=3000056)
2010-05-14 22:12:07 +02:00
Hoi-Ho Chan
83305cbf9f Remove support for BSD version of PolarSSL
"The BSD version of PolarSSL was made for migratory purposes only and is not
maintained. The GPL version of PolarSSL is actually the only actively
developed version, so I would be very reluctant to use the BSD version." /
Paul Bakker, PolarSSL hacker.

Signed-off-by: Hoi-Ho Chan <hoiho.chan@gmail.com>
2010-05-13 21:50:52 +02:00
Dan Fandrich
76255cfdc9 Added Polar SSL and RTMP files to the non-autoconf build files
I didn't bother with a few that have little hope of running the required
dependent libraries.
2010-05-12 19:05:58 -07:00
Dan Fandrich
ad6bc4d82e Added the new ftp source files to the non-autoconf build files 2010-05-12 17:32:10 -07:00
Daniel Stenberg
a799162bc7 style: minor whitespace change 2010-05-12 23:32:42 +02:00
Pavel Raiskup
0825cd80a6 FTP: WILDCARDMATCH/CHUNKING/FNMATCH added 2010-05-12 23:17:51 +02:00
Howard Chu
04cb15ae9d RTMP: initial support added, powered by librtmp
librtmp is found at http://rtmpdump.mplayerhq.hu/
2010-05-12 23:07:20 +02:00
Howard Chu
bc8fc9803f sendrecv: make them two pairs of send/recv to properly deal with FTPS
FTP(S) use two connections that can be set to different recv and
send functions independently, so by introducing recv+send pairs
in the same manner we already have sockets/connections we can
work with FTPS fine.

This commit fixes the FTPS regression introduced in change d64bd82.
2010-05-11 22:48:38 +02:00
Kamil Dudka
3e759f4fb6 nss: make it possible to read ASCII and DER CRL 2010-05-11 14:39:08 +02:00
Kamil Dudka
2e8b21833a nss: add CRL to cache instead of read-only NSS db 2010-05-11 14:37:43 +02:00
Hacki
d2621445f1 moved vars into conditional since seems that winsock implementation doesnt use them. 2010-05-08 05:38:42 +02:00
Daniel Stenberg
adaf87530d multi interface: missed storing connection time
Dirk Manske reported a regression. When connecting with the multi
interface, there were situations where libcurl wouldn't store
connect time correctly as it used to (and is documented to) do.

Using his fine sample program we could repeat it, and I wrote up
test case 573 using that code. The problem does not easily show
itself using the local test suite though.

The fix, also as suggested by Dirk, is a bit on the ugly side as
it adds yet another call to Curl_verboseconnect() and setting the
TIMER_CONNECT time.  That situation is subject for some closer
inspection in the future.
2010-05-07 23:49:29 +02:00
Daniel Stenberg
8914857092 verboseconnect: so the verbose checking within the function
As the function is used more than once and libcurl can be built
without it, do the conditional check within the verboseconnect()
function itself.
2010-05-07 23:24:47 +02:00
Howard Chu
d64bd82bdc sendrecv: split the I/O handling into private handler
Howard Chu brought the bulk work of this patch that properly
moves out the sending and recving of data to the parts of the
code that are properly responsible for the various ways of doing
so.

Daniel Stenberg assisted with polishing a few bits and fixed some
minor flaws in the original patch.

Another upside of this patch is that we now abuse CURLcodes less
with the "magic" -1 return codes and instead use CURLE_AGAIN more
consistently.
2010-05-07 15:05:34 +02:00
Hoi-Ho Chan
51427e1947 PolarSSL: initial support added
This is Hoi-Ho Chan's patch with some minor fixes by me. There
are some potential issues in this, but none worse than we can
sort out on the list and over time.
2010-05-05 22:30:46 +02:00
Ben Greear
38d2afcefb telnet: Allow programatic use of telnet.
The main change is to allow input from user-specified methods,
when they are specified with CURLOPT_READFUNCTION.
All calls to fflush(stdout) in telnet.c were removed, which makes
using 'curl telnet://foo.com' painful since prompts and other data
are not always returned to the user promptly.  Use
'curl --no-buffer telnet://foo.com' instead.  In general,
the user should have their CURLOPT_WRITEFUNCTION do a fflush
for interactive use.

Also fix assumption that reading from stdin never returns < 0.
Old code could crash in that case.

Call progress functions in telnet main loop.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-04-29 08:55:11 +02:00
Daniel Stenberg
107146676e SSH: init and cleanup libssh2 in global_init/cleanup
The necessary libssh2 functions require libssh2 1.2.5 or later.
2010-04-26 00:36:25 +02:00
Kamil Dudka
82e9b78a38 nss: fix SSL handshake timeout underflow 2010-04-24 23:23:01 +02:00
Guenter Knauf
07f45946b5 encourage users to take latest lib dependencies. 2010-04-24 17:48:09 +02:00
Daniel Stenberg
7fb7f24131 socks5: please static code analyzer
Make sure we don't call memcpy() if the argument is NULL even
though we also passed a zero length then, as the clang analyzer
whined and we want to limit warnings (even false positives) when
they're this easy to fix.

The change of (char) to (unsigned char) will fix long user names
and passwords on systems that have the char type signed by
default.
2010-04-24 12:40:00 +02:00
Daniel Stenberg
5b40c11c2f gzip: Value stored to 'data' is never read 2010-04-24 12:37:11 +02:00
Yang Tse
81512cc02b hmac.c related compilation adjustment 2010-04-20 21:35:31 +02:00
Yang Tse
32236dad5e hmac.c related compilation adjustment 2010-04-20 21:23:53 +02:00
monnerat
b30ce34d84 Add compilation directives for hmac in Watcom,riscos and vc6 platform-specific makefiles. 2010-04-20 19:23:48 +02:00
Ruslan Gazizov
2164b6b463 replaced wsock32.lib usage with ws2_32.lib in MSVC makefiles 2010-04-20 16:30:10 +02:00
monnerat
7af5e3c39e Merge branch 'master' of github.com:bagder/curl 2010-04-19 17:37:51 +02:00
monnerat
42930155ab Remove null-effect leftover code. 2010-04-19 17:30:20 +02:00
Daniel Stenberg
a5b7e3205d Curl_HMAC_MD5: fix the array init to not warn with picky compilers 2010-04-19 16:19:36 +02:00
monnerat
dfce37da23 Fix GnuTLS compilation problem in md5.c 2010-04-19 14:09:45 +02:00
monnerat
14bfcb96f5 Fix compilation problem: declare Curl_HMAC_MD5 as extern in include file. 2010-04-19 12:44:17 +02:00
monnerat
87fbcb4494 Merge branch 'master' of github.com:bagder/curl 2010-04-19 11:17:46 +02:00
monnerat
4bfe07640c Implement SMTP authentication 2010-04-19 11:16:30 +02:00
Daniel Stenberg
b7848e4a72 parsedate: Value stored to 'found' is never read 2010-04-17 18:57:39 +02:00
Daniel Stenberg
99ec359b4d check_gzip_header: Value stored to 'data' is never read 2010-04-17 18:55:52 +02:00
Daniel Stenberg
dfad8a6dad dprintf_formatf: Value stored to 'left' is never read 2010-04-16 23:50:39 +02:00
Daniel Stenberg
d841ab82b8 curl_version: remove superfluous assignments 2010-04-16 23:49:03 +02:00
Daniel Stenberg
d6be52d80e FTP PORT: Value stored to 'rc' is never read 2010-04-16 23:45:05 +02:00
Daniel Stenberg
c0111460b0 Curl_setup_transfer: no longer returns anything
This function could only return CURLE_OK and by changing it to
a void instead, we can simplify code all over.
2010-04-16 23:43:04 +02:00
Daniel Stenberg
93981bb9b5 PASV response: Value stored to 'rc' is never read 2010-04-16 23:28:20 +02:00
Daniel Stenberg
8f136288c5 Curl_perform: Value stored to 'res2' is never read 2010-04-16 23:27:35 +02:00
Daniel Stenberg
9799dbebd6 sftp range: remove unnecessary check for NULL pointer 2010-04-16 23:20:50 +02:00
Daniel Stenberg
b025ac16a6 ftp_range: remove unnecessary check for NULL pointer 2010-04-16 23:20:07 +02:00
Daniel Stenberg
5d43c75c66 file_range: remove unnecessary check for NULL pointer 2010-04-16 23:18:43 +02:00
Daniel Stenberg
15fa5dcfe6 SOCKS4: Value stored to 'rc' is never read 2010-04-16 23:03:55 +02:00
Daniel Stenberg
516dfd1705 FTP PASV: Value stored to 'rc' is never read 2010-04-16 23:02:15 +02:00
Daniel Stenberg
743bd81e64 ftp_range: Value stored to 'totalsize' is never read
Simplified the code by removing a local variable completely.
2010-04-16 23:00:21 +02:00
Daniel Stenberg
520cee3fb7 SOCKS5: when name resolves fail return immediately
This makes the code flow more obvious and reacts on the return
code properly, even if the code acted the same way before.
2010-04-16 22:58:04 +02:00