1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-16 14:35:03 -05:00
Commit Graph

7824 Commits

Author SHA1 Message Date
Steve Holme
34cb17b930 conncache: Fixed specifiers in infof() for long and size_t variables 2014-11-19 20:04:21 +00:00
Jon Spencer
2933698677 multi: inform about closed sockets before they are closed
When the connection code decides to close a socket it informs the multi
system via the Curl_multi_closed function. The multi system may, in
turn, invoke the CURLMOPT_SOCKETFUNCTION function with
CURL_POLL_REMOVE. This happens after the socket has already been
closed. Reorder the code so that CURL_POLL_REMOVE is called before the
socket is closed.
2014-11-19 13:22:07 +01:00
Guenter Knauf
cf510ad781 build: in Makefile.m32 moved target autodetection.
Moved target autodetection block after defining CC macro.
2014-11-19 12:39:20 +01:00
Guenter Knauf
140ca2dcc2 build: in Makefile.m32 simplify platform flags. 2014-11-19 11:46:02 +01:00
Guenter Knauf
a08decdfed build: in Makefile.m32 try to detect 64bit target. 2014-11-19 11:40:04 +01:00
Carlo Wood
013d5c18c3 debug: added new connection cache output, plus fixups
Debug output 'typo' fix.

Don't print an extra "0x" in
  * Pipe broke: handle 0x0x2546d88, url = /

Add debug output.
Print the number of connections in the connection cache when
  adding one, and not only when one is removed.

Fix typos in comments.
2014-11-18 23:02:40 +01:00
Daniel Stenberg
b77ff4d589 multi: move the ending condition into the loop as well
... as it was before I changed the loop in commit e04ccbd50. It caused
test 2030 and 2032 to fail.
2014-11-18 22:57:22 +01:00
Steve Holme
36f7b399de multi: Prefer we don't use CURLE_OK and NULL in comparisons 2014-11-18 20:25:05 +00:00
Daniel Stenberg
c068284882 multi_runsingle: use 'result' for local CURLcode storage
... and assign data->result only at the end. Makes the code more compact
(easier to read) and more similar to other code.
2014-11-18 15:18:21 +01:00
Daniel Stenberg
e05f801271 multi_runsingle: rename result to rc
save 'result' for CURLcode types
2014-11-18 14:47:15 +01:00
Daniel Stenberg
e04ccbd506 multi: make multi_runsingle loop internally
simplifies the use of this function at little cost.
2014-11-18 14:47:15 +01:00
Carlo Wood
1342a96ecf multi: when leaving for timeout, close accordingly
Fixes the problem when a transfer in a pipeline times out.
2014-11-18 14:47:15 +01:00
Guenter Knauf
4bc47bec57 build: in Makefile.m32 add -m32 flag for 32bit. 2014-11-18 14:25:41 +01:00
Guenter Knauf
e126ec4fc4 mk-ca-bundle.vbs: update copyright year. 2014-11-18 13:47:13 +01:00
Guenter Knauf
46ae340f24 build: in Makefile.m32 pass -F flag to windres. 2014-11-18 13:44:03 +01:00
Steve Holme
6cc79dc79d config-win32: Fixed build targets for the VS2012+ Windows XP toolset
Even though commit 23e70e1cc6 mentioned the v110_xp toolset, I had
forgotten to include the relevant pre-processor definitions.
2014-11-17 23:49:05 +00:00
Steve Holme
62a6230e1c sasl_sspi: Removed note about the NTLM functions being a wrapper 2014-11-16 22:49:30 +00:00
Steve Holme
43da5b2066 connect.c: Fixed compilation warning when no verbose string support
warning: unused parameter 'reason'
2014-11-16 18:21:12 +00:00
Steve Holme
591d5ca41b easy.c: Fixed compilation warning when no verbose string support
warning: unused parameter 'easy'
2014-11-16 18:21:03 +00:00
Steve Holme
4be80d5109 win32: Updated some legacy APIs to use the newer extended versions
Updated the usage of some legacy APIs, that are preventing curl from
compiling for Windows Store and Windows Phone build targets.

Suggested-by: Stefan Neis
Feature: http://sourceforge.net/p/curl/feature-requests/82/
2014-11-16 17:30:17 +00:00
Steve Holme
23e70e1cc6 config-win32: Introduce build targets for VS2012+
Visual Studio 2012 introduced support for Windows Store apps as well as
supporting Windows Phone 8. Introduced build targets that allow more
modern APIs to be used as certain legacy ones are not available on these
new platforms.
2014-11-16 17:24:48 +00:00
Steve Holme
800094802e sasl_sspi: Fixed compilation warnings when no verbose string support 2014-11-16 14:52:27 +00:00
Steve Holme
9669794e7a sasl_sspi: Added base64 decoding debug failure messages
Just like in the NTLM code, added infof() failure messages for
DIGEST-MD5 and GSSAPI authentication when base64 decoding fails.
2014-11-16 14:35:51 +00:00
Steve Holme
30892709d7 ntlm: Moved the SSPI based Type-3 message generation into the SASL module 2014-11-16 14:16:07 +00:00
Steve Holme
a3fead9706 ntlm: Moved the SSPI based Type-2 message decoding into the SASL module 2014-11-16 13:59:11 +00:00
Steve Holme
201d0df50b ntlm: Moved the SSPI based Type-1 message generation into the SASL module 2014-11-16 13:39:13 +00:00
Michael Osipov
9f10e45e42 kerberos: Use symbol qualified with _KERBEROS5
For consistency renamed USE_KRB5 to USE_KERBEROS5.
2014-11-16 13:29:04 +00:00
Tatsuhiro Tsujikawa
ed77fdf389 http2: Don't send Upgrade headers when we already do HTTP/2 2014-11-15 21:00:23 +01:00
Steve Holme
08f9c90981 sasl: Corrected Curl_sasl_build_spn() function description
There was a mismatch in function parameter names.
2014-11-15 18:35:40 +00:00
Steve Holme
2e16100609 urldata: Don't define sec_complete when no GSS-API support present
This variable is only used with HAVE_GSSAPI is defined by the FTP code
so let's place the definition with the other GSS-API based variables.
2014-11-15 13:15:02 +00:00
Michael Osipov
d54b551f6c docs: Use consistent naming for Kerberos 2014-11-15 13:10:45 +00:00
Steve Holme
cca12abf6e sasl_sspi: Corrected a couple of comment typos 2014-11-14 23:27:19 +00:00
Steve Holme
18e53fa91a sasl: Moved Curl_sasl_gssapi_cleanup() definition into header file
Rather than define the function as extern in the source files that use
it, moved the function declaration into the SASL header file just like
the Digest and NTLM clean-up functions.

Additionally, added a function description comment block.
2014-11-14 22:11:48 +00:00
Steve Holme
8c58dea899 sasl_sspi: Added missing RFC reference for HTTP Digest authentication 2014-11-14 22:03:27 +00:00
Steve Holme
9dfbcef272 ntlm: Clean-up and standardisation of base64 decoding 2014-11-14 22:02:06 +00:00
Steve Holme
7faaca7118 ntlm: We prefer 'CURLcode result' 2014-11-14 22:00:04 +00:00
Daniel Stenberg
2ee3c63b13 http2: fix switched macro when http2 is not enabled 2014-11-13 15:39:15 +01:00
Tatsuhiro Tsujikawa
7b7f0da4a7 http2: Deal with HTTP/2 data inside response header buffer
Previously if HTTP/2 traffic is appended to HTTP Upgrade response header
(thus they are in the same buffer), the trailing HTTP/2 traffic is not
processed and lost.  The appended data is most likely SETTINGS frame.
If it is lost, nghttp2 library complains server does not obey the HTTP/2
protocol and issues GOAWAY frame and curl eventually drops connection.
This commit fixes this problem and now trailing data is processed.
2014-11-13 15:38:12 +01:00
Daniel Stenberg
f64dbb08c2 multi: removed Curl_multi_set_easy_connection
It isn't used anywhere!

Reported-by: Carlo Wood
2014-11-10 10:09:40 +01:00
Peter Wu
17d27805f9 cmake: add ENABLE_THREADED_RESOLVER, rename ARES
Fix detection of the AsynchDNS feature which not just depends on
pthreads support, but also on whether USE_POSIX_THREADS is set or not.
Caught by test 1014.

This patch adds a new ENABLE_THREADED_RESOLVER option (corresponding to
--enable-threaded-resolver of autotools) which also needs a check for
HAVE_PTHREAD_H.

For symmetry with autotools, CURL_USE_ARES is renamed to ENABLE_ARES
(--enable-ares). Checks that test for the availability actually use
USE_ARES instead as that is the result of whether a-res is available or
not (in practice this does not matter as CARES is marked as required
package, but nevertheless it is better to write the intent).

Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-11-10 09:09:25 +01:00
Steve Holme
bfc63bfb19 vtls.h: Fixed compiler warning when compiled without SSL
vtls.c:185:46: warning: unused parameter 'data'
2014-11-09 18:09:58 +00:00
Steve Holme
2fbf23875f ntlm: Added separate SSPI based functions
In preparation for moving the NTLM message code into the SASL module,
and separating the native code from the SSPI code, added functions that
simply call the functions in curl_ntlm_msg.c.
2014-11-09 15:12:35 +00:00
Steve Holme
48d19acb7c http_ntlm: Use the SASL functions instead
In preparation for moving the NTLM message code into the SASL module
use the SASL functions in the HTTP code instead.
2014-11-09 14:58:20 +00:00
Daniel Stenberg
9dbbba9976 libssh2: detect features based on version, not configure checks
... so that non-configure builds get the correct functions too based on
the libssh2 version used.
2014-11-09 15:43:27 +01:00
Nobuhiro Ban
18e1a3022d SSH: use the port number as well for known_known checks
... if the libssh2 version is new enough.

Bug: http://curl.haxx.se/bug/view.cgi?id=1448
2014-11-09 15:43:27 +01:00
Steve Holme
520dc64369 build: Fixed no NTLM support for email when CURL_DISABLE_HTTP is defined
USE_NTLM would only be defined if: HTTP support was enabled, NTLM and
cryptography weren't disabled, and either a supporting cryptography
library or Windows SSPI was being compiled against.

This means it was not possible to build libcurl without HTTP support
and use NTLM for other protocols such as IMAP, POP3 and SMTP. Rather
than introduce a new SASL pre-processor definition, removed the HTTP
prerequisite just like USE_SPNEGO and USE_KRB5.

Note: Winbind support still needs to be dependent on CURL_DISABLE_HTTP
as it is only available to HTTP at present.

This bug dates back to August 2011 when I started to add support for
NTLM to SMTP.
2014-11-09 12:54:34 +00:00
Steve Holme
8145f92dcc ntlm: Removed an unnecessary free of native Target Info
Due to commit 40ee1ba0dc the free in Curl_ntlm_decode_type2_target() is
longer required.
2014-11-09 11:54:50 +00:00
Steve Holme
40ee1ba0dc ntlm: Moved the native Target Info clean-up from HTTP specific function 2014-11-09 11:47:40 +00:00
Steve Holme
474442dd56 ntlm: Moved SSPI clean-up code into SASL module 2014-11-09 11:10:34 +00:00
Steve Holme
dc867bbf3a Makefile.vc6: Added support for WinIDN 2014-11-08 18:31:29 +00:00
Steve Holme
7599143dcc version info: Added Kerberos V5 to the supported features 2014-11-07 10:55:14 +00:00
Guenter Knauf
f28c856e33 mk-ca-bundle.vbs: switch to new certdata.txt url. 2014-11-07 10:27:26 +01:00
Steve Holme
dcad09e125 http_digest: Fixed some memory leaks introduced in commit 6f8d8131b1
Fixed a couple of memory leaks as a result of moving code that used to
populate allocuserpwd and relied on it's clean up.
2014-11-07 00:11:20 +00:00
Steve Holme
0a925d7834 sasl_sspi: Tidy up of the existing digest code
Following the addition of SSPI support for HTTP digest, synchronised
elements of the email digest code with that of the new HTTP code.
2014-11-06 23:26:27 +00:00
Steve Holme
70100d5509 http_digest: Post SSPI support tidy up
Post tidy up to ensure commonality of code style and variable names.
2014-11-06 23:15:24 +00:00
Steve Holme
cfe4252744 http_digest: Fixed auth retry loop when SSPI based authentication fails 2014-11-06 15:27:27 +00:00
Steve Holme
500d2db302 http_digest: Reworked the SSPI based input token storage
Reworked the input token (challenge message) storage as what is passed
to the buf and desc in the response generation are typically blobs of
data rather than strings, so this is more in keeping with other areas
of the SSPI code, such as the NTLM message functions.
2014-11-06 14:59:53 +00:00
Steve Holme
6d45f952e6 sasl_sspi: Fixed compilation warning from commit 2d2a62e3d9
Added void reference to unused 'data' parameter back to fix compilation
warning.
2014-11-06 13:32:04 +00:00
Steve Holme
3aa0e57ce6 sspi: Align definition values to even columns as we use 2 char spacing 2014-11-06 13:09:48 +00:00
Steve Holme
a10976b961 sspi: Fixed missing definition of ISC_REQ_USE_HTTP_STYLE
Some versions of Microsoft's sspi.h don't define this.
2014-11-06 13:04:24 +00:00
Steve Holme
93859e2c9a sasl: Removed non-SSPI Digest functions and defines from SSPI based builds
Introduced in commit 7e6d51a73c these functions and definitions are only
required by the internal challenge-response functions now.
2014-11-06 12:37:59 +00:00
Steve Holme
2d2a62e3d9 sasl_sspi: Added HTTP digest response generation code 2014-11-06 12:07:04 +00:00
Steve Holme
f0d3be29f2 http_digest: Added SSPI based challenge decoding code 2014-11-06 11:53:02 +00:00
Steve Holme
21fa0d86b1 http_digest: Added SSPI based clean-up code 2014-11-06 11:36:55 +00:00
Steve Holme
3d6b865654 http_digest: Added SSPI based authentication functions
This temporarily breaks HTTP digest authentication in SSPI based builds,
causing CURLE_NOT_BUILT_IN to be returned. A follow up commit will
resume normal operation.
2014-11-06 11:10:10 +00:00
Steve Holme
1033acd92d http_digest: Added required SSPI based variables to digest structure 2014-11-06 11:10:08 +00:00
Steve Holme
783c7f97ba http_digest: Fixed memory leaks from commit 6f8d8131b1 2014-11-05 21:45:10 +00:00
Steve Holme
f4af38120a sasl: Fixed compilation warning from commit 25264131e2
Added forward declaration of digestdata to overcome the following
compilation warning:

warning: 'struct digestdata' declared inside parameter list

Additionally made the ntlmdata forward declaration dependent on
USE_NTLM similar to how digestdata and kerberosdata are.
2014-11-05 18:36:57 +00:00
Steve Holme
259f4f3d01 sasl: Fixed HTTP digest challenges with spaces between auth parameters
Broken as part of the rework, in commit 7e6d51a73c, to assist with the
addition of HTTP digest via Windows SSPI.
2014-11-05 17:58:07 +00:00
Steve Holme
f697d7fdd5 http_digest: Fixed compilation errors from commit 6f8d8131b1
error: invalid operands to binary
warning: pointer targets in assignment differ in signedness
2014-11-05 15:48:19 +00:00
Steve Holme
6f8d8131b1 http_digest: Moved response generation into SASL module 2014-11-05 15:33:21 +00:00
Steve Holme
7e6d51a73c http_digest: Moved challenge decoding into SASL module 2014-11-05 14:39:13 +00:00
Steve Holme
25264131e2 http_digest: Moved clean-up function into SASL module 2014-11-05 13:51:11 +00:00
Steve Holme
d7bfce3951 http_digest: Moved algorithm definitions to SASL module 2014-11-05 13:40:08 +00:00
Gisle Vanem
3cfe3bc001 ssh: Fixed build on platforms where R_OK is not defined
Bug: http://curl.haxx.se/mail/lib-2014-11/0035.html
Reported-by: Jan Ehrhardt
2014-11-05 13:09:08 +00:00
Steve Holme
92e7e346f3 strdup: Removed irrelevant comment
...as Curl_memdup() duplicates an area of fix size memory, that may be
binary, and not a null terminated string.
2014-11-05 12:53:06 +00:00
Steve Holme
e8cea8d70f url.c: Fixed compilation warning
conversion from 'curl_off_t' to 'size_t', possible loss of data
2014-11-05 12:42:35 +00:00
Steve Holme
efe4bab29b http_digest: Use CURLcode instead of CURLdigest
To provide consistent behaviour between the various HTTP authentication
functions use CURLcode based error codes for Curl_input_digest()
especially as the calling code doesn't use the specific error code just
that it failed.
2014-11-05 12:13:47 +00:00
Steve Holme
d62cb0f5d0 sspi: Define authentication package name constants
These were previously hard coded, and whilst defined in security.h,
they may or may not be present in old header files given that these
defines were never used in the original code.

Not only that, but there appears to be some ambiguity between the ANSI
and UNICODE NTLM definition name in security.h.
2014-11-05 11:54:02 +00:00
Daniel Stenberg
b387560692 curl_easy_duphandle: CURLOPT_COPYPOSTFIELDS read out of bounds
When duplicating a handle, the data to post was duplicated using
strdup() when it could be binary and contain zeroes and it was not even
zero terminated! This caused read out of bounds crashes/segfaults.

Since the lib/strdup.c file no longer is easily shared with the curl
tool with this change, it now uses its own version instead.

Bug: http://curl.haxx.se/docs/adv_20141105.html
CVE: CVE-2014-3707
Reported-By: Symeon Paraschoudis
2014-11-05 08:05:14 +01:00
Jay Satiro
e819c3a4ca SSL: PolarSSL default min SSL version TLS 1.0
- Prior to this change no SSL minimum version was set by default at
runtime for PolarSSL. Therefore in most cases PolarSSL would probably
have defaulted to a minimum version of SSLv3 which is no longer secure.
2014-11-04 11:40:51 +01:00
Carlo Wood
15c4d51d39 Curl_single_getsock: fix hold/pause sock handling
The previous condition that checked if the socket was marked as readable
when also adding a writable one, was incorrect and didn't take the pause
bits properly into account.
2014-11-03 09:40:13 +01:00
Peter Wu
b2bb51f339 cmake: drop _BSD_SOURCE macro usage
autotools does not use features.h nor _BSD_SOURCE. As this macro
triggers warnings since glibc 2.20, remove it. It should not have
functional differences.

Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-11-03 09:10:54 +01:00
Steve Holme
b6821dbb91 sasl: Fixed Kerberos V5 inclusion when CURL_DISABLE_CRYPTO_AUTH is used
Typically the USE_WINDOWS_SSPI definition would not be used when the
CURL_DISABLE_CRYPTO_AUTH define is, however, it is still a valid build
configuration and, as such, the SASL Kerberos V5 (GSSAPI) authentication
data structures and functions would incorrectly be used when they
shouldn't be.

Introduced a new USE_KRB5 definition that takes into account the use of
CURL_DISABLE_CRYPTO_AUTH like USE_SPNEGO and USE_NTLM do.
2014-11-02 00:35:16 +00:00
Steve Holme
b04eef1318 openssl: Use 'CURLcode result'
More CURLcode fixes.
2014-11-02 00:14:07 +00:00
Daniel Stenberg
9bc2582c31 resume: consider a resume from [content-length] to be OK
Basically since servers often then don't respond well to this and
instead send the full contents and then libcurl would instead error out
with the assumption that the server doesn't support resume. As the data
is then already transfered, this is now considered fine.

Test case 1434 added to verify this. Test case 1042 slightly modified.

Reported-by: hugo
Bug: http://curl.haxx.se/bug/view.cgi?id=1443
2014-11-01 23:09:24 +01:00
Steve Holme
f0b4bc12f8 openssl: Use 'CURLcode result'
More standardisation of CURLcode usage and coding style.
2014-11-01 17:16:42 +00:00
Steve Holme
14b4707d9a openssl: Use 'CURLcode result'
...and some minor code style changes.
2014-11-01 16:14:05 +00:00
Steve Holme
beb478a24b ftplistparser: We prefer 'CURLcode result' 2014-11-01 12:12:09 +00:00
Steve Holme
befbc8f56b code cleanup: Use 'CURLcode result' 2014-10-30 23:14:45 +00:00
Guenter Knauf
f29b88c246 build: added Watcom support to build with WinSSL. 2014-10-30 16:43:29 +01:00
Daniel Stenberg
697aa67d18 openssl: enable NPN separately from ALPN
... and allow building with nghttp2 but completely without NPN and ALPN,
as nghttp2 can still be used for plain-text HTTP.

Reported-by: Lucas Pardue
2014-10-29 22:42:46 +01:00
Steve Holme
32913182dc vtls.c: Fixed compilation warning
conversion from 'size_t' to 'unsigned int', possible loss of data
2014-10-29 19:12:27 +00:00
Steve Holme
f3fc3d021d sspi: Return CURLE_LOGIN_DENIED on AcquireCredentialsHandle() failure
Return a more appropriate error, rather than CURLE_OUT_OF_MEMORY when
acquiring the credentials handle fails. This is then consistent with
the code prior to commit f7e24683c4 when log-in credentials were empty.
2014-10-29 14:26:48 +00:00
Steve Holme
f7e24683c4 sasl_sspi: Allow DIGEST-MD5 to use current windows credentials
Fixed the ability to use the current log-in credentials with DIGEST-MD5.
I had previously disabled this functionality in commit 607883f13c as I
couldn't get this to work under Windows 8, however, from testing HTTP
Digest authentication through Windows SSPI and then further testing of
this code I have found it works in Windows 7.

Some further investigation is required to see what the differences are
between Windows 7 and 8, but for now enable this functionality as the
code will return an error when AcquireCredentialsHandle() fails.
2014-10-29 14:24:38 +00:00
Kamil Dudka
276741af4d transfer: drop the code handling the ssl_connect_retry flag
Its last use has been removed by the previous commit.
2014-10-29 14:34:46 +01:00
Kamil Dudka
3f430c9c3a nss: drop the code for libcurl-level downgrade to SSLv3
This code was already deactivated by commit
ec783dc142.
2014-10-29 14:34:46 +01:00
Kamil Dudka
07048941a4 openssl: fix a line length warning 2014-10-29 14:34:46 +01:00
Guenter Knauf
b5ed5843a4 Added NetWare support to build with nghttp2. 2014-10-29 03:31:34 +01:00
Guenter Knauf
357a15a649 Fixed error message since we require ALPN support. 2014-10-29 01:37:18 +01:00