1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-16 06:25:03 -05:00
Commit Graph

4131 Commits

Author SHA1 Message Date
Daniel Stenberg
a81a16beac Added README.NSS to describe the current NSS situation. 2008-06-24 08:52:35 +00:00
Daniel Stenberg
d92945bb8a - Eduard Bloch filed the debian bug report #487567
(http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487567) pointing out that
  libcurl used Content-Range: instead of Range when doing a range request with
  --head (CURLOPT_NOBODY). This is now fixed and test case 1032 was added to
  verify.
2008-06-22 20:38:16 +00:00
Dan Fandrich
90a6a59a2f Stopped using ranges in scanf character sequences (e.g. %[a-z]) since that
is not ANSI C, just a common extension.  This caused problems on
at least Open Watcom C.
2008-06-22 06:57:00 +00:00
Daniel Stenberg
8bae3d9007 Oops, that was an experimental change not meant to be committed! 2008-06-21 21:21:29 +00:00
Daniel Stenberg
98042b858d made Curl_nss_send() take const data to kill compiler warning 2008-06-21 21:19:42 +00:00
Daniel Stenberg
da97f78ae0 - Phil Pellouchoud found a case where libcurl built with NSS failed to
handshake with a SSLv2 server, and it turned out to be because it didn't
  recognize the cipher named "rc4-md5". In our list that cipher was named
  plainly "rc4". I've now added rc4-md5 to work as an alias as Phil reported
  that it made things work for him again.
2008-06-20 11:15:54 +00:00
Daniel Stenberg
2e1a9da5e2 remove leftover proto that isn't used, I made it a macro instead 2008-06-20 10:45:26 +00:00
Daniel Stenberg
422fd933f5 - Hans-Jurgen May pointed out that trying SCP or SFTP over a SOCKS proxy
crashed libcurl. This is now addressed by making sure we use "plain send"
  internally when doing the socks handshake instead of the Curl_write()
  function which is designed to use the "target" protocol. That's then SCP or
  SFTP in this case. I also took the opportunity and cleaned up some ssh-
  related #ifdefs in the code for readability.
2008-06-20 10:43:32 +00:00
Daniel Stenberg
d09b6ecaa5 - Christopher Palow fixed a curl_multi_socket() issue which previous caused
libcurl to not tell the app properly when a socket was closed (when the name
  resolve done by c-ares is done) and then immediately re-created and put to
  use again (for the actual connection). Since the closure will make the
  "watch status" get lost in several event-based systems libcurl will need to
  tell the app about this close/re-create case.
2008-06-19 21:32:51 +00:00
Daniel Stenberg
fb2e71b9bd - Dengminwen found a bug in the connection re-use function when using the
multi interface with pipelining enabled as it would wrongly check for,
  detect and close "dead connections" even though that connection was already
  in use!
2008-06-19 08:31:22 +00:00
Daniel Stenberg
68b67e24f2 Removed the #define of ciphernum since keeping a define updated to be the
number of entries in a provided table is doomed to fail in the long run. Now
we use the NUM_OF_CIPHERS define instead to figure out the amount.
2008-06-19 05:47:27 +00:00
Daniel Stenberg
c1e2341f0a s/strcasecmp/strequal to make it more portable 2008-06-19 05:42:45 +00:00
Daniel Stenberg
e547bfa933 - Rob Crittenden brought a fix for the NSS layer that makes libcurl no longer
always fire up a new connection rather than using the existing one when the
  multi interface is used. Original bug report:
  https://bugzilla.redhat.com/show_bug.cgi?id=450140
2008-06-18 22:01:55 +00:00
Daniel Stenberg
36ddb13d1f removed warning about unused argument by simply removing that argument from
the check_issuer_cert() proto
2008-06-18 21:50:40 +00:00
Daniel Stenberg
74e3def5b3 check_issuer_cert() now builds and there's one warning less. Still one compiler
warning in the code though but we need NSS' base64.h header for that and we
don't currently have a suitable way to include it as our own base64.h header
kind of "blocks" it.
2008-06-18 21:48:51 +00:00
Daniel Stenberg
2597020d22 In checkPendPipeline() we can't be setting the TIMER_CONNECT correctly as that
is for the TCP connect. I changed it to TIMER_PRETRANSFER which seems to be
what was intended here.
2008-06-13 21:16:10 +00:00
Daniel Stenberg
5c56bdf229 fixed bad infof() usage! 2008-06-12 22:00:35 +00:00
Daniel Stenberg
04d5c8fb77 - I did a cleanup of the internal generic SSL layer and how the various SSL
libraries are supported. Starting now, each underlying SSL library support
  code does a set of defines for the 16 functions the generic layer (sslgen.c)
  uses (all these new function defines use the prefix "curlssl_"). This
  greatly simplified the generic layer in readability by involving much less
  #ifdefs and other preprocessor stuff and should make it easier for people to
  make libcurl work with new SSL libraries.

  Hopefully I can later on document these 16 functions somewhat as well.

  I also made most of the internal SSL-dependent functions (using Curl_ssl_
  prefix) #defined to nothing when no SSL support is requested - previously
  they would unnecessarily call mostly empty functions.
2008-06-11 17:01:58 +00:00
Yang Tse
5980b3cbb0 fix compiler warning: conversion from pointer to void' to pointer to int
function(pointer to char,int,int,pointer to void)' is compiler dependent
2008-06-11 15:26:04 +00:00
Daniel Stenberg
3940e69c91 fix warning in GnuTLS build by making sure Curl_gtls_send() takes a const
void *
2008-06-10 21:53:59 +00:00
Daniel Stenberg
0ace5f6553 - I made the OpenSSL code build again with OpenSSL 0.9.6. The CRLFILE
functionality killed it due to its unconditional use of
  X509_STORE_set_flags...
2008-06-10 20:49:17 +00:00
Gunter Knauf
72870e2c57 enable additional CFLAGS from commandline. 2008-06-08 22:29:34 +00:00
Gunter Knauf
d8bc4a0e9a use our *printf functions only. 2008-06-08 15:52:03 +00:00
Daniel Stenberg
a2e45a2211 code style cleanup 2008-06-06 20:57:32 +00:00
Daniel Stenberg
621c2b9015 - Axel Tillequin and Arnaud Ebalard added support for CURLOPT_ISSUERCERT, for
OpenSSL, NSS and GnuTLS-built libcurls.
2008-06-06 20:52:32 +00:00
Daniel Stenberg
3fe8251dfb - Axel Tillequin and Arnaud Ebalard added support for CURLOPT_CRLFILE, for
OpenSSL, NSS and GnuTLS-built libcurls.
2008-06-06 18:40:21 +00:00
Daniel Stenberg
930a45e7a9 - Added CURLINFO_PRIMARY_IP as a new information retrievable with
curl_easy_getinfo. It returns a pointer to a string with the most recently
  used IP address. Modified test case 500 to also verify this feature. The
  implementing of this feature was sponsored by Lenny Rachitsky at NeuStar.
2008-06-06 17:33:35 +00:00
Dan Fandrich
6f0a2608b4 Fixed a problem where telnet data would be lost if an EWOULDBLOCK
condition were encountered.
2008-06-03 18:03:11 +00:00
Yang Tse
4774582dfb Fix problem: 'result' may be used uninitialized.
Issue detected by Guenter Knauf's NetWare autobuild.
2008-05-31 01:37:21 +00:00
Daniel Stenberg
ec4f6e93c2 - Emil Romanus found a problem and helped me repeat it. It occured when using
the curl_multi_socket() API with HTTP pipelining enabled and could lead to
  the pipeline basically stalling for a very long period of time until it took
  off again.
2008-05-28 20:56:19 +00:00
Daniel Stenberg
b49dcfb52b - Jeff Weber reported memory leaks with aborted SCP and SFTP transfers and
provided excellent repeat recipes. I fixed the cases I managed to reproduce
  but Jeff still got some (SCP) problems even after these fixes:
  http://curl.haxx.se/mail/lib-2008-05/0342.html
2008-05-28 20:31:28 +00:00
Daniel Stenberg
f7815fa93c - Bug report #1973352 (http://curl.haxx.se/bug/view.cgi?id=1973352) identified
how the HTTP redirect following code didn't properly follow to a new URL if
  the new url was but a query string such as "Location: ?moo=foo". Test case
  1031 was added to verify this fix.
2008-05-26 20:39:41 +00:00
Daniel Stenberg
b97606f0b0 Andreas Faerber and Scott McCreary made (lib)curl build for the Haiku OS 2008-05-26 15:09:28 +00:00
Yang Tse
c57e748107 David Rosenstrauch reported that header files spnegohelp.h and
openssl/objects.h were needed to compile SPNEGO support.
2008-05-26 03:10:34 +00:00
Yang Tse
d6f8f16068 fix: preprocessor complaining about macro redefinition 2008-05-26 01:59:00 +00:00
Daniel Stenberg
d001f6a396 Dan Fandrich pointed out that this is the way we should increase the number
for 7.18.2 since we have added functions in this release.

http://curl.haxx.se/mail/lib-2008-05/0240.html
2008-05-23 17:56:03 +00:00
Daniel Stenberg
b8abeab6d3 we bump the SO "revision" for next release due to the new functions added 2008-05-22 20:34:47 +00:00
Dan Fandrich
4aa176c127 Fixed some include file problems on Windows reported by David Rosenstrauch 2008-05-22 19:44:10 +00:00
Dan Fandrich
791ad1210e Renamed MSDOS_FILESYSTEM to avoid conflict with MIT GSS 2008-05-21 21:36:42 +00:00
Dan Fandrich
100945694a Removed some duplicated #includes 2008-05-21 21:08:31 +00:00
Yang Tse
d8efc99217 fix: remove need and definition of HAVE_SOCKLEN_T symbol 2008-05-21 14:04:14 +00:00
Yang Tse
0163b5b8be fix: socklen_t definition comment 2008-05-21 13:57:50 +00:00
Patrick Monnerat
24bf52bc69 Adapting last changes to OS400:
_ Updated packages/OS400/curl.inc.in with new definitions.
_ New connect/bind/sendto/recvfrom wrappers to support AF_UNIX sockets.
_ Include files line length shortened below 100 chars.
_ Const parameter in lib/qssl.[ch].
_ Typos in packages/OS400/initscript.sh.
2008-05-20 10:21:50 +00:00
Daniel Stenberg
ae45a462e0 with pipelining disabled, the state should never be set to WAITDO but rather
go straight to DO

we had multiple states for which the internal function returned no socket at
all to wait for, with the effect that libcurl calls the socket callback (when
curl_multi_socket() is used) with REMOVE prematurely (as it would be added
again within very shortly)
2008-05-19 20:58:01 +00:00
Daniel Stenberg
3cb0dd6685 when the multi handle was in DO and DOING states, the HTTP and HTTPS protocol
handler functions didn't return that the socket should be waited for writing,
but instead it was treated as if no socket was needing monitoring so REMOVE
was called prematurely
2008-05-19 20:57:28 +00:00
Dan Fandrich
08aab6a620 Move the CURLDEBUG check after setup.h so it can be set there if necessary. 2008-05-14 23:36:26 +00:00
Daniel Stenberg
514592b892 - Introducing curl_easy_send() and curl_easy_recv(). They can be used to send
and receive data over a connection previously setup with curl_easy_perform()
  and its CURLOPT_CONNECT_ONLY option. The sendrecv.c example was added to
  show how they can be used.
2008-05-12 21:43:24 +00:00
Yang Tse
ed80eb5b0f configure script will now define HAVE_CLOCK_GETTIME_MONOTONIC symbol only
when function clock_gettime() is available and the monotonic timer is
also available. Otherwise, in some cases, librt or libposix4 could be used
for linking even when finally not using the clock_gettime() function due
to lack of the monotonic clock.
2008-05-12 02:04:21 +00:00
Yang Tse
60dd765b3d fix syntax error: missing semicolon 2008-05-10 23:50:55 +00:00
Yang Tse
19479ea021 Internal time differences now use monotonic time source if available.
This also implies the removal of the winmm.lib dependency for WIN32.
2008-05-09 16:31:51 +00:00
Daniel Stenberg
0510759bc4 - Stefan Krause reported a busy-looping case when using the multi interface
and doing CONNECT to a proxy. The app would then busy-loop until the proxy
  completed its response.
2008-05-09 12:59:24 +00:00
Daniel Stenberg
6d5cca5ed0 Removed an unused variable and one do-while loop that wasn't used either.
Added a few comments while at it.
2008-05-09 12:53:42 +00:00
Michal Marek
e2b82b4325 - Make Curl_write and it's callees accept a const pointer, in preparation
of tetetest's patch for curl_easy_send()
2008-05-09 11:27:54 +00:00
Yang Tse
d4e9b141db fix compiler warning: format '%ld' expects type 'long int' 2008-05-08 05:45:01 +00:00
Daniel Stenberg
e481d679b2 - Liam Healy filed the debian bug report #480044
(http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480044) identifying a
  segfault when using krb5 ftp, but the krb4 code had the same problem.
2008-05-07 21:02:21 +00:00
Yang Tse
eb68aa38e3 Christopher Palow provided the patch (edited by me) that introduces
the use of microsecond resolution keys for internal splay trees.

http://curl.haxx.se/mail/lib-2008-04/0513.html
2008-05-07 15:41:41 +00:00
Yang Tse
082237e2b5 fix compiler warning: enumerated type mixed with another type 2008-05-06 04:37:06 +00:00
Daniel Stenberg
19da3606f9 minor spell and language fix of a comment 2008-05-03 21:49:16 +00:00
Daniel Stenberg
fc9e0d2249 - Ben Van Hof filed bug report #1945240: "libcurl sometimes sends body twice
when using CURL_AUTH_ANY" (http://curl.haxx.se/bug/view.cgi?id=1945240).
  The problem was that when libcurl rewound a stream meant for upload when it
  would prepare for a second request, it could accidentally continue the
  sending of the rewound data on the first request instead of on the second.
  Ben also provided test case 1030 that verifies this fix.
2008-05-03 21:45:12 +00:00
Daniel Stenberg
21a0f09081 Added comments, check Curl_http_auth_act()'s return code and added a check
that closes the connection somewhat faster when perhapsrewind() has marked
the connection for closure.
2008-05-03 21:44:50 +00:00
Daniel Stenberg
b84b71f524 - Jean-Francois Bertrand reported a libcurl crash with CURLOPT_TCP_NODELAY
since libcurl used getprotobyname() and that isn't thread-safe. We now
  switched to use IPPROTO_TCP unconditionally, but perhaps the proper fix is
  to detect the thread-safe version of the function and use that.
  http://curl.haxx.se/mail/lib-2008-05/0011.html
2008-05-03 13:43:35 +00:00
Daniel Stenberg
3d29bda9f8 - Bart Whiteley provided a patch that made libcurl work properly when an app
uses the CURLOPT_OPENSOCKETFUNCTION callback to create a unix domain socket
  to a http server.
2008-05-01 21:34:34 +00:00
Daniel Stenberg
852989856d - To make it easier for applications that want lots of magic stuff done on
redirections and thus cannot use CURLOPT_FOLLOWLOCATION easily, we now
  introduce the new CURLINFO_REDIRECT_URL option that lets applications
  extract the URL libcurl would've redirected to if it had been told to. This
  then enables the application to continue to that URL as it thinks is
  suitable, without having to re-implement the magic of creating the new URL
  from the Location: header etc. Test 1029 verifies it.
2008-04-30 21:20:08 +00:00
Yang Tse
1eebb90030 improve easy interface resolving timeout handling in c-ares enabled builds 2008-04-29 04:18:02 +00:00
Daniel Stenberg
7a6cff4b3a - Norbert Frese filed bug report #1951588: "Problem with curlftpfs and
libcurl" (http://curl.haxx.se/bug/view.cgi?id=1951588) which seems to be an
  identical report to what Denis Golovan reported in
  http://curl.haxx.se/mail/lib-2008-02/0108.html The FTP code didn't reset the
  user/password pointers properly even though there might've been a new
  struct/cconnection getting used.
2008-04-28 21:29:17 +00:00
Dan Fandrich
3783b455c0 Symbian OS is a.k.a. EPOC32 2008-04-23 18:29:44 +00:00
Dan Fandrich
1960eebc2d Added support for running on Symbian OS. 2008-04-22 22:53:53 +00:00
Yang Tse
95fd093c4a Remove fflush() + fsync() previously introduced accelerated writing of
server input and response request files of the test harness sws server.

Reintroduce, for test # 1001, the <postcheck> small delay. The delay is
needed even with the accelerated writing of server input and response
request files in test harness sws server.

http://curl.haxx.se/mail/lib-2008-04/0385.html
2008-04-22 12:40:05 +00:00
Yang Tse
f48eb36f75 HAVE_FFLUSH and HAVE_FSYNC symbol definitions for WIN32 systems 2008-04-21 19:17:42 +00:00
Dan Fandrich
09777a4fc2 Some trivial changes 2008-04-17 00:45:33 +00:00
Daniel Stenberg
6a33a4456e - Stefan Krause reported a case where the OpenSSL handshake phase wasn't
properly acknowledging the timeout values, like if you pulled the network
  plug in the midst of it.
2008-04-14 15:26:34 +00:00
Daniel Stenberg
e0c2a39ad4 - Andre Guibert de Bruet fixed a second case of not checking the malloc()
return code in the Negotiate code.
2008-04-14 15:22:45 +00:00
Daniel Stenberg
79e06c4147 - Sandor Feldi reported bug #1942022
(http://curl.haxx.se/bug/view.cgi?id=1942022) pointing out a mistake in the
  lib/Makefile.vc[68] makefiles' release-ssl-dll target.
2008-04-14 15:19:05 +00:00
Daniel Stenberg
84eb9fee76 - Andre Guibert de Bruet found and fixed a case where malloc() was called but
was not checked for a NULL return, in the Negotiate code.
2008-04-12 11:50:51 +00:00
Patrick Monnerat
a08b6ae813 Adapt OS400 SSL (qssl.h) to V5R4
Fix qssl.c wrong error message
Upgrade OS400 wrappers and makefiles to 7.18.1
2008-04-07 13:09:17 +00:00
Michal Marek
d0a4b50e19 - Fix the MIT / Heimdal check for good:
Define HAVE_GSSMIT if <gssapi/{gssapi.h,gssapi_generic.h,gssapi_krb5.h}> are
  available, otherwise define HAVE_GSSHEIMDAL if <gssapi.h> is available.

  Only define GSS_C_NT_HOSTBASED_SERVICE to gss_nt_service_name if
  GSS_C_NT_HOSTBASED_SERVICE isn't declared by the gssapi headers. This should
  avoid breakage in case we wrongly recognize Heimdal as MIT again.
2008-04-07 09:26:30 +00:00
Daniel Stenberg
ebaf06a741 - Alexey Simak fixed curl_easy_reset() to reset the max redirect limit properly 2008-04-05 21:13:44 +00:00
Daniel Stenberg
34d837c2dd provide CURL_DEFAULT_PROXY_PORT set to 1080 for the default port libcurl
assumes proxies to use
2008-04-05 21:13:31 +00:00
Daniel Stenberg
7607d5145b - Based on the Debian bug report #474224 that complained about the FTP error
message when libcurl doesn't get a 220 back immediately on connect, I now
  changed it to be more specific on what the problem is. Also worth noticing:
  while the bug report contains an example where the response is:

    421 There are too many connected users, please try again later

  we cannot assume that the error message will always be this readable nor
  that it fits within a particular boundary etc.
2008-04-05 21:02:38 +00:00
Daniel Stenberg
a9c1ca9fc5 - Setting CURLOPT_NOBODY to FALSE will now switch the HTTP request method to
GET simply because previously when you set CURLOPT_NOBODY to TRUE first and
  then FALSE you'd end up in a broken state where a HTTP request would do a
  HEAD by still act a lot like for a GET and hang waiting for the content etc.
2008-04-03 21:44:49 +00:00
Daniel Stenberg
d051dd8087 Scott Barrett added support for CURLOPT_NOBODY over SFTP 2008-04-03 20:56:59 +00:00
Gunter Knauf
3d08b352a2 moved CURL_CA_BUNDLE define to generated config.h. 2008-03-31 12:51:44 +00:00
Michal Marek
d13be06aaa Removed the generated ca-bundle.h file. The verbatim value of $ca and
$capath is known to configure, so it can be defined in config.h instead.
2008-03-31 12:09:43 +00:00
Daniel Stenberg
f1c69192da expanded a comment around some of the new formpost callback usage 2008-03-31 10:16:34 +00:00
Daniel Stenberg
a2314225e0 - Added CURLFORM_STREAM as a supported option to curl_formadd() to allow an
application to provide data for a multipart with the read callback. Note
  that the size needs to be provided with CURLFORM_CONTENTSLENGTH when the
  stream option is used. This feature is verified by the new test case
  554. This feature was sponsored by Xponaut.
2008-03-31 10:02:23 +00:00
Daniel Stenberg
b425e851fb - As found out and reported by Dan Petitt, libcurl didn't show progress/call
the progress callback for the first (potentially huge) piece of body data
  sent together with the POST request headers in the initial send().
2008-03-27 13:07:12 +00:00
Daniel Stenberg
2c9763da3e - Made setting the CURLOPT_SSL_CTX_FUNCTION option return a failure in case
libcurl wasn't built to use OpenSSL as that is a prerequisite for this
  option to function!
2008-03-25 19:19:49 +00:00
Daniel Stenberg
95bd901efe - Fixed the problem with doing a zero byte SCP transfer, verified with test
case 617 (which was added by Daniel Fandrich 5 Mar 2008).
2008-03-22 22:00:21 +00:00
Michal Marek
86cbb23282 - Added --with-ca-path=DIRECTORY configure option to use an openSSL CApath by
default instead of a ca bundle. The configure script will also look for a
  ca path if no ca bundle is found and no option given.

- Fixed detection of previously installed curl-ca-bundle.crt
2008-03-20 08:09:23 +00:00
Dan Fandrich
e9a460411f Fixed an infinite loop when given an invalid SFTP quote command. 2008-03-18 22:59:04 +00:00
Michal Marek
6f3166c15b - Added curl_easy_getinfo typechecker.
- Added macros for curl_share_setopt and curl_multi_setopt to check at least
  the correct number of arguments.
2008-03-18 08:14:37 +00:00
Daniel Stenberg
ad4a9955c5 - Brian Ulm figured out that if you did an SFTP upload with
CURLOPT_FTP_CREATE_MISSING_DIRS to create a directory, and then re-used the
  handle and uploaded another file to another directory that needed to be
  created, the second upload would fail. Another case of a state variable that
  wasn't properly reset between requests.
2008-03-13 21:43:30 +00:00
Daniel Stenberg
553ed99e3b Change the confusing two variables for the expect 100 continue stuff into
a single state variable to make the code easier to follow and understand.
2008-03-13 20:56:13 +00:00
Daniel Stenberg
b9d66dca51 - Dmitry Popov filed bug report #1911069
(http://curl.haxx.se/bug/view.cgi?id=1911069) that identified a race
  condition in the name resolver code when the DNS cache is shared between
  multiple easy handles, each running in simultaneous threads that could cause
  crashes.
2008-03-11 22:55:23 +00:00
Michal Marek
7a8a20416f - Added a type checking macro for curl_easy_setopt(), needs gcc-4.3 and only
works in C mode atm (http://curl.haxx.se/mail/lib-2008-02/0267.html ,
  http://curl.haxx.se/mail/lib-2008-02/0292.html )
2008-03-11 07:37:40 +00:00
Daniel Stenberg
82e095a275 - Brian Ulm reported a crash when doing a second SFTP transfer on a re-used
easy handle if curl_easy_reset() was used between them. I fixed it and Brian
  verified that it cured his problem.

- Brian Ulm reported that if you first tried to download a non-existing SFTP
  file and then fetched an existing one and re-used the handle, libcurl would
  still report the second one as non-existing as well! I fixed it abd Brian
  verified that it cured his problem.
2008-03-09 11:37:48 +00:00
Yang Tse
8e9e33ae52 VS2005 and later dafault size for time_t is 64-bit, unless
_USE_32BIT_TIME_T has been defined to get a 32-bit time_t
2008-03-07 02:49:14 +00:00
Yang Tse
91aeebed26 Regression fix:
select/poll calls will only be retried upon EINTR failures as
it previously was in lib/select.c revision 1.29

In this way Curl_socket_ready() and Curl_poll() will again fail
on any select/poll errors different than EINTR.
2008-03-06 03:48:33 +00:00
Daniel Stenberg
0836893335 Mike Protts brought a patch that makes resumed transfers work with SFTP. 2008-03-04 11:53:15 +00:00
Daniel Stenberg
590f0358d8 - Anatoli Tubman found and fixed a crash with Negotiate authentication used on
a re-used connection where both requests used Negotiate.
2008-03-01 22:32:03 +00:00
Gunter Knauf
8f4fda1d6f fixed commented define for SSPI. 2008-02-28 11:34:08 +00:00
Gunter Knauf
7513d29a48 another small change to the makefiles to simplify rules. 2008-02-27 01:36:01 +00:00
Gunter Knauf
724ad15dad some more minor makefile changes; removed useless dist target. 2008-02-26 21:41:19 +00:00
Gunter Knauf
79aa6c841e fixed install target to create a ca-bundle.crt since we have no longer one in the project. 2008-02-26 21:24:03 +00:00
Gunter Knauf
9682c2037e Added support for server name indication (RFC 4366).
Patch submitted by Kaspar Brand.
2008-02-26 10:30:13 +00:00
Daniel Stenberg
74241e7d85 - Kaspar Brand made GnuTLS-built libcurl properly acknowledge the option that
forces it to prefer SSLv3.
2008-02-25 07:51:39 +00:00
Daniel Stenberg
6982ed4db7 - Sam Listopad provided a patch in feature-request #1900014
http://curl.haxx.se/bug/feature.cgi?id=1900014 that makes libcurl (built to
  use OpenSSL) support a full chain of certificates in a given PKCS12
  certificate.
2008-02-23 12:27:45 +00:00
Daniel Stenberg
e9bb7b7712 - Zmey Petroff found a crash when libcurl accessed a NULL pointer, which
happened if you set the connection cache size to 1 and for example failed to
  login to an FTP site. Bug report #1896698
  (http://curl.haxx.se/bug/view.cgi?id=1896698)
2008-02-21 17:52:16 +00:00
Daniel Stenberg
3bb4602227 assert that the *connp is a non-NULL pointer when Curl_done() is called 2008-02-21 12:28:45 +00:00
Daniel Stenberg
9019fc5671 oops, fixed to build 2008-02-20 10:01:28 +00:00
Daniel Stenberg
53a549000c - Based on initial work done by Gautam Kachroo to address a bug, we now keep
better control at the exact state of the connection's SSL status so that we
  know exactly when it has completed the SSL negotiation or not so that there
  won't be accidental re-uses of connections that are wrongly believed to be
  in SSL-completed-negotiate state.
2008-02-20 09:56:26 +00:00
Daniel Stenberg
55700cb01f - We no longer support setting the CURLOPT_URL option from inside a callback
such as the CURLOPT_SSL_CTX_FUNCTION one treat that as if it was a Location:
  following. The patch that introduced this feature was done for 7.11.0, but
  this code and functionality has been broken since about 7.15.4 (March 2006)
  with the introduction of non-blocking OpenSSL "connects".

  It was a hack to begin with and since it doesn't work and hasn't worked
  correctly for a long time and nobody has even noticed, I consider it a very
  suitable subject for plain removal. And so it was done.
2008-02-20 08:28:02 +00:00
Gunter Knauf
f9a6062081 applied patch to disable SSLv2 by default; discussion:
http://sourceforge.net/tracker/index.php?func=detail&aid=1767276&group_id=976&atid=350976
Submitted by Kaspar Brand.
2008-02-19 23:10:07 +00:00
Yang Tse
7b5c86033a fix compiler warnings: 'statement is unreachable' 2008-02-19 17:25:19 +00:00
Yang Tse
d2125cf501 fix compiler warnings: 'enumerated type mixed with another type' 2008-02-19 15:07:50 +00:00
Daniel Stenberg
0d722204c3 https_getsock() should be static all over (and did some fixed indenting) 2008-02-18 19:53:31 +00:00
Gunter Knauf
e2b50b203d added check symbol for linking with POSIX prelude. 2008-02-18 15:30:11 +00:00
Yang Tse
ab0de23d83 fix compiler warnings:
'enumerated type mixed with another type'

and

  'variable was set but never used'
2008-02-18 13:05:46 +00:00
Daniel Stenberg
fb23b85770 - We're no longer providing a very old ca-bundle in the curl tarball. You can
get a fresh one downloaded and created with 'make ca-bundle' or you can get
  one from here => http://curl.haxx.se/docs/caextract.html if you want a fresh
  new one extracted from Mozilla's recent list of ca certs.

  The configure option --with-ca-bundle now lets you specify what file to use
  as default ca bundle for your build. If not specified, the configure script
  will check a few known standard places for a global ca cert to use.
2008-02-18 11:35:12 +00:00
Daniel Stenberg
ba3e7a8656 rephrased comment 2008-02-17 13:49:01 +00:00
Daniel Stenberg
240bae4eb2 In Curl_done() if premature is TRUE, it means this connection was said to be
DONE before the entire request operation is complete and thus we can't know in
what state it is for re-using, so we're forced to close it. In a perfect world
we can add code that keep track of if we really must close it here or not, but
currently we have no such detail knowledge.

Jerome Muffat-Meridol helped us work this out.
2008-02-17 13:43:32 +00:00
Daniel Stenberg
4180ca7638 don't do the GOT_NOTHING error check if the DONE function was called with
premature set TRUE, which means it was done before the request comleted. It
could then very well not have received any data.
2008-02-17 13:40:35 +00:00
Daniel Stenberg
0e73361a06 added a comment about the ignoring of the Curl_done() return code 2008-02-17 13:38:19 +00:00
Daniel Stenberg
550d6f74b9 oops, that was debug code not meant to be committed like this... 2008-02-16 13:44:23 +00:00
Daniel Stenberg
f7b71c2abe fix warnings about shadowing 2008-02-16 13:41:55 +00:00
Gunter Knauf
0da90b5d91 seems that curently we dont need the imports from (l)ldapx.imp. 2008-02-16 00:44:14 +00:00
Gunter Knauf
3e635a2334 re-ordered the module dependency list;
removed unsused ldap module dependency since the module didnt autounload from protected address space.
2008-02-16 00:15:30 +00:00
Daniel Stenberg
e78652d850 - Made the gnutls code path not even try to get the server cert if no peer
verification is requested. Previously it would even return failure if gnutls
  failed to get the server cert even though no verification was asked for.

- Fix my Curl_timeleft() leftover mistake in the gnutls code
2008-02-15 22:37:00 +00:00
Daniel Stenberg
48918c3047 mention that we explicitly ignore the return code 2008-02-15 21:38:54 +00:00
Yang Tse
dc42d6fb8d log SSH public key authentication failure and reason 2008-02-15 17:00:56 +00:00
Daniel Stenberg
d25aab2704 - Pooyan McSporran found and fixed a flaw where you first would do a normal
http request and then you'd reuse the handle and replace the Accept: header,
  as then libcurl would send two Accept: headers!
2008-02-15 08:56:06 +00:00
Gunter Knauf
cfaf88aab4 fixed version var. 2008-02-15 00:41:54 +00:00
Gunter Knauf
ecc75be6f3 moved info block up before help block so that it can also be displayed before help option; trial to add a version number. 2008-02-15 00:26:26 +00:00
Daniel Stenberg
fcc320ee40 Yang Tse pointed out a few remaining quirks from my timeout refactoring from
Feb 7 that didn't abort properly on timeouts. These are actually old
problems but now they should be fixed.
2008-02-11 22:03:31 +00:00
Gunter Knauf
019f6a1926 open pipe to openssl commandline instead of writing into temp file. 2008-02-11 18:52:45 +00:00
Dan Fandrich
44fba11b34 Fixed unused variable warning. 2008-02-11 18:27:36 +00:00
Gunter Knauf
df07c87b89 added strict to make sure all vars are properly defined;
added -t switch to make text info of CAs optional;
added -q switch to be really quiet.
2008-02-11 15:00:00 +00:00
Yang Tse
736af32b49 Bug report #1888932 (http://curl.haxx.se/bug/view.cgi?id=1888932) points
out and provides test program that demonstrates that libcurl might not set
error description message for error CURLE_COULDNT_RESOLVE_HOST for Windows
threaded name resolver builds. Fixed now.
2008-02-10 04:20:09 +00:00
Gunter Knauf
08e5c0812f added -b switch to provide a backup functionality for existing ca-bundle.crt file. 2008-02-10 01:29:24 +00:00
Gunter Knauf
a8c71961e0 fixed another wrong var in error message. 2008-02-09 15:32:54 +00:00
Gunter Knauf
63d595a047 fixed wrong var in error message. 2008-02-09 15:00:07 +00:00
Daniel Stenberg
4c841a1f0c - Mike Hommey filed and fixed bug report #1889856
(http://curl.haxx.se/bug/view.cgi?id=1889856): When using the gnutls ssl
  layer, cleaning-up and reinitializing curl ends up with https requests
  failing with "ASN1 parser: Element was not found" errors. Obviously a
  regression added in 7.16.3.
2008-02-08 22:02:00 +00:00
Daniel Stenberg
a2bff51ede include mk-ca-bundle.pl in the tarballs 2008-02-08 09:56:23 +00:00
Gunter Knauf
c764331dd9 use argument to specify output filename if present. 2008-02-08 02:38:12 +00:00
Gunter Knauf
586444b6b8 fixed regex to fetch certdata.txt version since it was replaced by CVS (argh!)
added a switch to display certdata.txt version header.
2008-02-08 01:58:11 +00:00
Gunter Knauf
d76a74cc5e added Perl script to create a fresh ca-bundle.crt. 2008-02-08 01:08:25 +00:00
Daniel Stenberg
1b701c746f - Refactored a lot of timeout code into a few functions in an attempt to make
them all use the same (hopefully correct) logic to make it less error-prone
  and easier to introduce library-wide where it should be used.
2008-02-07 22:25:04 +00:00
Daniel Stenberg
15bf168527 ca-bundle.crt documentational updates that more clearly describe the bundle
ca-bundle.crt file as outdated and in need for replacement by anyone who wants
to verify modern peers as the one we have is from year 2000!
2008-02-07 15:43:36 +00:00
Yang Tse
20e9fc73e2 Fix problem in strdup replacement when dealing with absolutely huge strings. 2008-02-06 19:01:13 +00:00
Gunter Knauf
7bd098f670 fixed entry symbols when linked with posix prelude. 2008-02-04 22:40:59 +00:00