1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-14 05:25:06 -05:00
Commit Graph

5432 Commits

Author SHA1 Message Date
Guenter Knauf
308db9d780 Some Borland C++ makefile tweaks. 2011-01-11 17:51:14 +01:00
Guenter Knauf
03ea06b8e3 Borland C++ doesnt have struct sockaddr_storage. 2011-01-11 17:40:13 +01:00
Daniel Stenberg
08a65b10fb connect: use UDP correctly
The idea that the protocol and socktype is part of name resolving in the
libc functions is nuts. We keep the name resolver functions assume
TCP/STREAM and we make sure that when we want to connect to a UDP
service we use the correct UDP/DGRAM set instead. This bug was because
the ->protocol field was not always set correctly.

This bug was only affecting ipv6-disabled non-cares non-threaded builds.

Bug: http://curl.haxx.se/bug/view.cgi?id=3154436
Reported by: "dperham"
2011-01-11 00:14:36 +01:00
Quinn Slack
1238edaeaf SSL: fix memory leak
In OOM situation. Follow-up fix to commit a9cd4f4ed4.
2011-01-10 13:53:57 +01:00
Daniel Stenberg
a9cd4f4ed4 gtls: fix memory leak
Bug: http://curl.haxx.se/mail/lib-2011-01/0079.html
Reported by: Quinn Slack
2011-01-08 19:14:28 +01:00
Marcel Roelofs
1d28efb9d1 HTTP: HTTP Negotiate authentication using SSPI
Only under Windows
2011-01-07 23:48:40 +01:00
Daniel Stenberg
53014175e8 SSH: speedcheck clobbered existing error
The just added speedcheck must not ruin the error code if already set
due to a problem.
2011-01-06 00:19:17 +01:00
Daniel Stenberg
d45ed0ecf5 SSH: acknowledge speedcheck
Check for speedcheck limits during the state machine traversals
2011-01-05 14:09:53 +01:00
Daniel Stenberg
adb49ad8bb Curl_timeleft: s/conn/data in first argument
As the function doesn't really use the connectdata struct but only the
SessionHanadle struct I modified what argument it wants.
2011-01-04 23:13:10 +01:00
Kamil Dudka
d8f6d1c334 nss: avoid CURLE_OUT_OF_MEMORY given a file name without any slash
Bug: https://bugzilla.redhat.com/623663
2011-01-04 17:20:43 +01:00
Daniel Stenberg
c0c89cd44e get_cert_chain: support larger data sets
512 bytes turned out too short for some data, so now we allocate a
larger buffer instead

Bug: http://curl.haxx.se/mail/archive-2011-01/0002.html
2011-01-04 10:20:28 +01:00
Daniel Stenberg
53640a3ce0 unittesting: build a separate static lib
When configure --enable-debug has been used, all files in lib/ are now
built twice and a separate static library crafted for unit-testing will
be linked. The unit tests in the tests/unit subdir will use that
library.
2011-01-03 22:16:16 +01:00
Daniel Stenberg
45cea71968 SSH: avoid PATH_MAX with alloc
We cannot assume that PATH_MAX will be enough for the remote path name
so allocating room for it is the only sensible approach.
2011-01-03 13:36:45 +01:00
Daniel Stenberg
2b3fbc8cdb Curl_nss_connect: avoid PATH_MAX
Since some systems don't have PATH_MAX and it isn't that clever to
assume a fixed maximum path length, the code now allocates buffer space
instead of using stack.

Reported by: Samuel Thibault
Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608521
2011-01-02 23:43:03 +01:00
Daniel Stenberg
1ad5764feb SFTP: make pwd output result to header callback
Sending "pwd" as a QUOTE command only sent the reply to the
DEBUGFUNCTION. Now it also sends an FTP-like header to the header
callback to allow similar operations as with FTP, and apps can re-use
the same parser.
2011-01-01 15:35:53 +01:00
Daniel Stenberg
ae29142198 pubkey_show: allocate buffer to fit any-size result
The loop condition was wrong so keys larger than 340 bits would overflow
the local stack-based buffer.
2011-01-01 15:33:57 +01:00
Luke Amery
0dc8479b89 ssh: honour the CURLINFO_FTP_ENTRY_PATH curl_getinfo option 2010-12-30 23:42:44 +01:00
Pierre Joye
420eac5542 IDN: use win32 API if told to
The functionality is provided in a new source file: lib/idn_win32.c
2010-12-28 20:01:03 +01:00
Daniel Stenberg
b6a3e2be8e c-ares: fix cancelled resolves
When built IPv6-enabled, we could do Curl_done() with one of the two
resolves having returned already, so when ares_cancel() is called the
resolve callback ends up doing funny things (sometimes resulting in a
segfault) since it would try to actually store the previous resolve even
though we're shutting down the resolve.

This bug was introduced in commit 8ab137b2bc so it hasn't been
included in any public release.

Bug: http://curl.haxx.se/bug/view.cgi?id=3145445
Reported by: Pedro Larroy
2010-12-27 10:01:44 +01:00
Daniel Stenberg
49465fffdb cookies: tricked dotcounter fixed
Providing multiple dots in a series in the domain field (domain=..com) could
trick the cookie engine to wrongly accept the cookie believing it to be
fine. Since the tailmatching would then match all .com sites, the cookie would
then be sent to all of them.

The code now requires at least one letter between each dot for them to be
counted. Edited test case 61 to verify this.
2010-12-23 22:52:32 +01:00
Daniel Stenberg
5825aa149d multi: connect fail => use next IP address
When using the multi interface and connecting to a host name that
resolves to multiple IP addresses, there was no logic that made it
continue to the next IP if connecting to the first address times
out. This is now corrected.
2010-12-23 22:21:24 +01:00
Daniel Stenberg
2dded8fedb ossl_seed: no more RAND_screen
RAND_screen() is slow, not thread-safe and not needed anymore since OpenSSL
uses the thread-safe win32 CryptoAPI nowadays.
2010-12-23 14:36:07 +01:00
Daniel Stenberg
be16b227b7 multi: inhibit some verbose outputs
The info about pipe status and expire cleared are clearly debug-related
and not anything mere mortals will or should care about so they are now
ifdef'ed DEBUGBUILD
2010-12-22 15:29:21 +01:00
Brad Hards
375aa41ba1 SMTP: add brackets for MAIL FROM
Similar to what is done already for RCPT TO, the code now checks for and
adds angle brackets (<>) around the email address that is provided for
CURLOPT_MAIL_RCPT unless the app has done so itself.
2010-12-22 14:41:53 +01:00
Guenter Knauf
5f829456c1 Added support for axTLS to NetWare build. 2010-12-22 04:45:41 +01:00
Guenter Knauf
a834e00454 Fixed include: memory.h -> curl_memory.h. 2010-12-22 03:34:13 +01:00
Brad Hards
f37d681166 Typo fixes. 2010-12-21 22:39:56 +01:00
Yang Tse
71ab0ceaa0 build: sort configuration hunks in lib/Makefile.vc6
sorted to reflect same internal order as the one shown
in the usage message.
2010-12-21 00:14:55 +01:00
Daniel Stenberg
af54fbbcb5 loadhostpairs: return errorcode
Make sure that Curl_cache_addr() errors are propagated to callers of
loadhostpairs().

(this loadhostpairs function caused a scan-build warning due to the
'dns' variable getting assigned but never used)
2010-12-20 22:22:02 +01:00
Yang Tse
8d569c7bb0 build: refactoring of msvc makefiles to allow overriding of library filenames.
Default libcurl's file names are kept equal to those used since Y2K.
2010-12-20 21:53:44 +01:00
Daniel Stenberg
7f3b87d878 ftp_parselist: fix compiler warning
Doing curlx_strtoofft() on the size just to figure out the end of it
causes a compiler warning since the result wasn't used, but is also a
bit of a waste.
2010-12-19 00:15:12 +01:00
Pasha Kuznetsov
6b5dc72575 Curl_do: avoid using stale conn pointer
Since the original `conn' pointer was used after the `connectdata' it
points to has been closed/cleaned up by Curl_reconnect_request it caused
a crash. We must make sure to use the newly created connection instead!

URL: http://curl.haxx.se/mail/lib-2010-12/0202.html
2010-12-18 22:35:37 +01:00
Tommie Gannert
8ab137b2bc ares: ask for both IPv4 and IPv6 addresses
Make the c-ares resolver code ask for both IPv4 and IPv6 addresses when
IPv6 is enabled.

This is a workaround for the missing ares_getaddrinfo() and is a lot
easier to implement.

Note that as long as c-ares returns IPv4 addresses when IPv6 addresses
were requested but missing, this will cause a host's IPv4 addresses to
occur twice in the DNS cache.

URL: http://curl.haxx.se/mail/lib-2010-12/0041.html
2010-12-18 22:33:27 +01:00
Brad Hards
f0aad0089e Trival comment fix. 2010-12-18 17:08:23 +01:00
Daniel Stenberg
c75a9fef59 axtls_connect: allow connect without peer verification
The SSL_SERVER_VERIFY_LATER bit in the ssl_ctx_new() call allows the
code to verify the peer certificate explicitly after the handshake and
then the "data->set.ssl.verifypeer" option works.
2010-12-15 16:05:17 +01:00
Daniel Stenberg
9035709e25 axTLS: allow "default" SSL version as well
When no explicit version is selected we should try to use whatever is
best for us, and in the axTLS case that means TLSv1.
2010-12-15 16:05:17 +01:00
Daniel Stenberg
b88ead62e7 axtls.c: cleanup
Removed trailing whitespace
Removed several compiler warnings
Removed odd backslashes at some line endings
2010-12-15 16:05:17 +01:00
Daniel Stenberg
b998b04c02 urldate: undef hideous memory defines
The public axTLS header (at least as of 1.2.7) redefines the memory
functions. We #undef those again immediately after the public header to
limit the damage. This should be fixed in axTLS.
2010-12-15 16:05:17 +01:00
Eric Hu
a7cf30f808 Minor fixes to pass tests 301 and 306 with a patched axTLS. 2010-12-15 16:05:17 +01:00
Eric Hu
be312336f6 Initial axTLS integration. Connections can be made and some tests pass.
Failed HTTPS tests: 301, 306, 311, 312, 313, 560
311, 312 need more detailed error reporting from axTLS.
313 relates to CRL, which hasn't been implemented yet.
2010-12-15 16:05:17 +01:00
Eric Hu
108d7693a4 Preparing for axTLS. Actual SSL API functions are only stubbed.
Added axTLS to autotool files and glue code to misc other files.
axtls.h maps SSL API functions, but may change.
axtls.c is just a stub file and will definitely change.
2010-12-15 16:05:17 +01:00
Daniel Stenberg
a865bd9fba IsPipeliningPossible: only for HTTP
The function that checks if pipelining is possible now requires the HTTP
bit to be set so that it doesn't mistakenly tries to do it for other
protocols.

Bug: http://curl.haxx.se/mail/lib-2010-12/0152.html
Reported by: Dmitri Shubin
2010-12-13 13:44:50 +01:00
Daniel Stenberg
0fd439ebac multi_runsingle: don't timeout completed handles
The generic timeout code must not check easy handles that are already
completed. Going to completed (again) within there risked decreasing the
number of alive handles again and thus it could go negative.

This regression bug was added in 7.21.2 in commit ca10e28f06
2010-12-13 12:51:48 +01:00
Yang Tse
0b5901bec6 easy: fix compiler warning: end-of-loop code not reached 2010-12-07 03:27:59 +01:00
Daniel Stenberg
5965d4554d disconnect: pass on the dead_connection argument
Cleanup fix after Kamil's commit 5c7c9a768d
2010-12-06 15:33:38 +01:00
Heinrich Ko
315e5277dc ossl_connect_common: detect connection re-use
ossl_connect_common() now checks whether or not 'struct
connectdata->state' is equal 'ssl_connection_complete' and if so, will
return CURLE_OK with 'done' set to 'TRUE'. This check prevents
ossl_connect_common() from creating a new ssl connection on an existing
ssl session which causes openssl to fail when it tries to parse an
encrypted TLS packet since the cipher data was effectively thrown away
when the new ssl connection was created.

Bug: http://curl.haxx.se/mail/lib-2010-11/0169.html
2010-12-06 14:41:18 +01:00
Kamil Dudka
5c7c9a768d url: provide dead_connection flag in Curl_handler::disconnect
It helps to prevent a hangup with some FTP servers in case idle session
timeout has exceeded.  But it may be useful also for other protocols
that send any quit message on disconnect.  Currently used by FTP, POP3,
IMAP and SMTP.
2010-12-06 14:35:42 +01:00
Yang Tse
bf1c102b80 ssh: fix a download resume point calculation 2010-12-06 14:29:16 +01:00
Daniel Stenberg
2271b60b71 Curl_wait_for_resolv: correct timeout
When looping in this function and checking for the timeout being
expired, it was not updating the reference time when calculating the
timediff since previous round which made it think each subsequent loop
to have taken longer than it actually did.

I also modified the function to use the generic Curl_timeleft() function
instead of the custom logic.

Bug: http://curl.haxx.se/bug/view.cgi?id=3112579
2010-12-05 23:39:41 +01:00
Daniel Stenberg
c2bfe60086 Curl_send/recv_plain: return errno on failure
When send() and recv() fail, we now store the errno value to allow the
app to access it.

Bug: http://curl.haxx.se/bug/view.cgi?id=3128121
Reported by: Yuri
2010-12-05 23:04:11 +01:00
Guenter Knauf
63598059cd Updated OpenSSL version. 2010-12-05 10:59:58 +01:00
Yang Tse
c1901f7ed0 fix compiler warning: conversion may lose significant bits 2010-12-04 05:53:07 +01:00
Yang Tse
9c4ff4874e fix compiler warning: assignment within conditional expression 2010-12-03 16:53:11 +01:00
Yang Tse
46a0062dff fix getinfo CURLINFO_LOCAL* for reused connections (take 2) follow-up
- Show address string from proper buffer in case of connection failure.

- Try next address when inet_ntop() fails.
2010-12-03 14:30:00 +01:00
Yang Tse
d534cd0027 build: provide SIZEOF_SIZE_T DOS definition 2010-12-03 04:15:39 +01:00
Yang Tse
afd6e738f7 build: lib/config.dos renamed to lib/config-dos.h 2010-12-03 04:13:33 +01:00
Yang Tse
de670efeab build: provide SIZEOF_SIZE_T VMS definition 2010-12-03 03:40:16 +01:00
Yang Tse
421d918da3 build: move config-vms.h from subdir 'packages/vms' into 'lib' 2010-12-03 02:36:22 +01:00
Yang Tse
99a07a1fdf build: provide SIZEOF_SIZE_T definition for non-configure builds 2010-12-02 21:41:23 +01:00
Yang Tse
81c16c2e30 build: provide SIZEOF_SIZE_T netware definition 2010-12-02 20:53:42 +01:00
Yang Tse
07f60235b0 fix compiler warning: rounding, sign extension, or loss of accuracy may result 2010-12-02 18:46:13 +01:00
Yang Tse
5580fb2b9c fix compiler warning: statement is not reachable 2010-12-02 16:35:02 +01:00
Yang Tse
7e3f0bffe5 fix compiler warning: conversion may lose significant bits 2010-12-01 23:33:43 +01:00
Yang Tse
5d47bf3776 connect: fix compiler warning: unused variable 2010-12-01 17:30:52 +01:00
Yang Tse
11cddb68e0 fix getinfo CURLINFO_LOCAL* for reused connections (take 2) 2010-11-30 22:14:37 +01:00
Yang Tse
1b2b93e074 fix getinfo CURLINFO_LOCAL* for reused connections follow-up
Reinstate IPV6 build variable that got removed.
2010-11-30 13:42:02 +01:00
Yang Tse
c328214a2d fix getinfo CURLINFO_LOCAL* for reused connections
Failed to commit this file changes along with the others.
2010-11-30 13:31:25 +01:00
Yang Tse
f6f5d7874f fix getinfo CURLINFO_LOCAL* for reused connections 2010-11-30 06:20:54 +01:00
Yang Tse
5db0a412ff atoi: remove atoi usage 2010-11-28 23:11:14 +01:00
Yang Tse
cbe67a1b71 multi: fix compiler warning: conversion may lose significant bits follow-up 2010-11-28 20:49:40 +01:00
Yang Tse
23245ca83a ftp: fix 'bool' data type implementation dependant usage 2010-11-26 20:19:45 +01:00
Yang Tse
3590874999 multi: fix compiler warning: conversion may lose significant bits 2010-11-26 19:57:27 +01:00
Yang Tse
e39ab6f203 multi: fix compiler warning: enumerated type mixed with another type 2010-11-26 19:34:10 +01:00
Yang Tse
c9081a8280 hostip: edit comment 2010-11-26 18:18:26 +01:00
Yang Tse
c2ba8ca81f s/isspace/ISSPACE 2010-11-26 13:59:01 +01:00
Yang Tse
5087f89ac8 curl_multi_info_read: fix compiler warning: conversion may lose significant bits 2010-11-25 02:58:59 +01:00
Yang Tse
b3d39275f5 inet_pton: fix compiler warning
warning C4146: unary minus operator applied to unsigned type, result still unsigned
2010-11-25 02:20:14 +01:00
Yang Tse
1d75d30816 Curl_getaddrinfo_ex: sanitize function results follow-up. 2010-11-24 04:36:57 +01:00
Yang Tse
6fe18add71 Curl_getaddrinfo_ex: sanitize function results.
Ensure that spurious results from system's getaddrinfo() ares not propagated
by Curl_getaddrinfo_ex() into the library.

Also ensure that the ai_addrlen member of Curl_getaddrinfo_ex()'s output linked
list of Curl_addrinfo structures has appropriate family-specific address size.
2010-11-23 21:38:20 +01:00
Kamil Dudka
d212fe43af openldap: use remote port in URL passed to ldap_init_fd()
... not the proxy port.  It makes no difference unless a proxy is used.
2010-11-22 23:59:59 +01:00
Yang Tse
13d537e404 gtls: define and use gtls_EAGAIN, gtls_EINTR and gtls_EIO.
Winsock builds clobber some errno.h defines in setup_once.
2010-11-20 05:02:02 +01:00
Matthias Bolte
a83870ef9d Detect socket errors in GnuTLS on Windows
On Windows, translate WSAGetLastError() to errno values as GNU
TLS does it internally, too. This is necessary because send() and
recv() on Windows don't set errno when they fail but GNU TLS
expects a proper errno value.

Bug: http://curl.haxx.se/bug/view.cgi?id=3110991
2010-11-19 13:34:07 -08:00
Daniel Stenberg
cbf4961bf3 gnutls->handshake: improved timeout handling
When no timeout is set, we call the socket_ready function with a timeout
value of 0 during handshake, which makes it loop too much/fast in this
function. It also made this function return CURLE_OPERATION_TIMEDOUT
wrongly on a slow handshake.

However, the particular bug report that highlighted this problem is not
solved by this fix, as this fix only makes the more proper error get
reported instead.

Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594150
Reported by: Johannes Ernst
2010-11-14 12:42:29 +01:00
Julien Chaffraix
add5766dd4 urldata: Capitalize enum protect_level values.
This makes it easier to spot the enum values from the variables.
Removed some unneeded DEBUGASSERT added in the previous commit.
2010-11-13 14:42:34 -08:00
Julien Chaffraix
8d59d69449 security: tighten enum protection_level usage.
While changing Curl_sec_read_msg to accept an enum protection_level
instead of an int, I went ahead and fixed the usage of the associated
fields.

Some code was assuming that prot_clear == 0. Fixed those to use the
proper value. Added assertions prior to any code that would set the
protection level.
2010-11-13 14:12:43 -08:00
Julien Chaffraix
c79f816c32 krb5: Use GSS_ERROR to check for error.
This is the advised way of checking for errors in the GSS-API RFC.
Also added some '\n' to the error message so that they are not mixed
with other outputs.
2010-11-12 08:24:32 -08:00
Julien Chaffraix
c8a7df108f security: Pass the right parameter to init.
init is expecting app_data. Passing it the struct connecdata would make
us crash later.
2010-11-12 08:24:32 -08:00
Daniel Stenberg
a1f32ffee5 ip_version: moved to connection struct
The IP version choice was previously only in the UserDefined struct
within the SessionHandle, but since we sometimes alter that option
during a request we need to have it on a per-connection basis.

I also moved more "init conn" code into the allocate_conn() function
which is designed for that purpose more or less.
2010-11-11 15:16:21 +01:00
Rutger Hofman
592df29f9c TFTP: resend the correct data
I found a bug in tftp_tx() in tftp.c. If a data resend is done after
reception of an ACK/OACK, the call to sendto is wrong.
2010-11-10 15:08:18 +01:00
Kamil Dudka
12b2412c52 ftp: treat server's response 421 as CURLE_OPERATION_TIMEDOUT
Bug: https://bugzilla.redhat.com/650255
Reported by: Simon H.
2010-11-09 18:13:20 +01:00
Kamil Dudka
c6b97a8278 ftp: close connection as soon as ABOR has been sent
... and do not send ABOR unless really necessary.

Bug: https://bugzilla.redhat.com/649347
Reported by: Simon H.
2010-11-08 20:50:52 +01:00
Daniel Stenberg
1b24b89cca CURLOPT_RESOLVE: added
CURLOPT_RESOLVE is a new option that sends along a curl_slist with
name:port:address sets that will populate the DNS cache with entries so
that request can be "fooled" to use another host than what otherwise
would've been used. Previously we've encouraged the use of Host: for
that when dealing with HTTP, but this new feature has the added bonus
that it allows the name from the URL to be used for TLS SNI and server
certificate name checks as well.

This is a first change. Surely more will follow to make it decent.
2010-11-08 08:56:21 +01:00
Yang Tse
dc3e7df1c9 fix compiler warning 2010-11-08 04:03:11 +01:00
Alfred Gebert
6a07e704ca LDAP: detect non-binary attributes properly
If the query result has a binary attribute, the binary attribute is
base64 encoded. But all following non binary attributes are also base64
encoded which is wrong.

This is a test (LDAP server is public).

curl
ldap://x500.bund.de:389/o=Bund,c=DE?userCertificate,certificateSerialNumber?sub
?cn=*Woehleke*
2010-11-05 15:53:41 +01:00
Daniel Stenberg
87374a47c9 Revert: use Host: name for SNI and cert name checks
This reverts commit b0fd03f5b8,
4b2fbe1e97, afecd1aa13, 68cde058f6
2010-11-05 10:25:58 +01:00
Daniel Stenberg
b0fd03f5b8 certcheck: use the custom Host: name for checks
If you use a custom Host: name in a request to a SSL server, libcurl
will now use that given name when it verifies the server certificate to
be correct rather than using the host name used in the actual URL.
2010-11-04 15:18:35 +01:00
Daniel Stenberg
4b2fbe1e97 SNI: simplify the custom host name use
The redirect check is already done at the position where the customhost
field is assigned so there's no point in doing that a second time.
2010-11-04 15:16:27 +01:00
Daniel Stenberg
afecd1aa13 host: get the custom Host: name more genericly
When given a custom host name in a Host: header, we can use it for
several different purposes other than just cookies, so we rename it and
use it for SSL SNI etc.
2010-11-04 14:58:15 +01:00
Hongli Lai (Phusion)
68cde058f6 SNI: set name to custom Host header
OpenSSL SNI host name should be set to the custom Host header, if the
user provided one.
2010-11-04 14:10:56 +01:00
Kamil Dudka
0c8e5f7e6a ftp: prevent server from hanging on closed data connection
Some FTP servers (e.g. Pure-ftpd) end up hanging if we close the data
connection before transferring all the requested data.  If we send ABOR
in that case, it prevents the server from hanging.

Bug: https://bugzilla.redhat.com/643656
Reported by: Pasi Karkkainen, Patrick Monnerat
2010-10-29 12:01:19 +02:00