1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-17 23:15:08 -05:00
Commit Graph

591 Commits

Author SHA1 Message Date
Daniel Stenberg
81f151c912 header_callback: strip off file path separated with backslashes
If the filename contains a backslash, only use filename portion. The
idea is that even systems that don't handle backslashes as path
separators probably want that path removed for convenience.

This flaw is considered a security problem, see the curl security
vulnerability http://curl.haxx.se/docs/adv_20101013.html
2010-10-12 22:56:21 +02:00
Daniel Stenberg
d8041a7ea5 whitespace: unified source
if ( => if(
while ( => while(

and some other changes in the similar spirit, trying to make the
whole file use the same style
2010-09-16 23:32:24 +02:00
Daniel Stenberg
abde4c9d84 remote-header-name: don't output filename when NULL 2010-09-16 23:27:03 +02:00
Dan Fandrich
6882ae8dee Use checkprefix() to compare protocol-specific strings
Otherwise, there could be problems running in certain locales.
2010-09-02 21:12:14 -07:00
Cameron Kaiser
201637d468 Gopher protocol support (initial release) 2010-08-25 14:19:58 +02:00
Dan Fandrich
77ba147e76 Fixed a NULL pointer dereference in form posting
It was introduced in commit eeb2cb05 along with the -F type=
change. Also fixed a typo in the name of the magic filename=
parameter. Tweaked tests 39 and 173 to better test this path.
2010-08-24 16:45:31 -07:00
Daniel Stenberg
eeb2cb05a1 cmdline: make -F type= accept ;charset=
The -F option allows some custom parameters within the given string, and
those strings are separated with semicolons. You can for example specify
"name=daniel;type=text/plain" to set content-type for the
field. However, the use of semicolons like that made it not work fine if
you specified one within the content-type, like for:
"name=daniel;type=text/plain;charset=UTF-8"
... as the second one would be seen as a separator and "charset" is no
parameter curl knows anything about so it was just silently discarded.

The new logic now checks if the semicolon and following keyword looks
like a parameter it knows about and if it isn't it is assumed to be
meant to be used within the content-type string itself.

I modified test case 186 to verify that this works as intended.

Reported by: Larry Stone
Bug: http://curl.haxx.se/bug/view.cgi?id=3048988
2010-08-21 00:21:24 +02:00
Dan Fandrich
dc4adc484f Use the S_ISREG macro to determine what is a regular file 2010-08-19 11:49:01 -07:00
Kamil Dudka
5907777153 curl -T: ignore file size of special files
original bug report at https://bugzilla.redhat.com/622520
2010-08-15 11:26:13 +02:00
Daniel Stenberg
f38e52071e retry: consider retrying even if -f is used
The --retry logic does retry HTTP when some specific response codes are
returned, but because the -f option sets the CURLOPT_FAILONERROR to
libcurl, the return codes are different for such situations and then the
curl tool failed to consider it for retrying.

Reported by: Mike Power
Bug: http://curl.haxx.se/bug/view.cgi?id=3037362
2010-08-02 00:10:18 +02:00
Jeff Pohlmeyer
d76874a665 remote-header-name: chop filename at next semicolon
The --remote-header-name option for the command-line tool assumes that
everything beyond the filename= field is part of the filename, but that
might not always be the case, for example:

Content-Disposition: attachment; filename=file.txt; modification-date=...

This fix chops the filename off at the next semicolon, if there is one.
2010-07-17 20:12:47 +02:00
Daniel Stenberg
c8d42b2f1c --retry: access violation with URL part sets continued
When getting multiple URLs, curl didn't properly reset the byte counter
after a successful transfer so if the subsequent transfer failed it
would wrongly use the previous byte counter and behave badly (segfault)
because of that. The code assumes that the byte counter and the 'stream'
pointer is well in synch.

Reported by: Jon Sargeant
Bug: http://curl.haxx.se/bug/view.cgi?id=3028241
2010-07-14 23:50:01 +02:00
Tor Arntsen
e7743aa7b4 upload: Avoid infinite loop when checking for auth bits
The test would loop forever if authtype bit 0 wasn't set.
2010-07-07 19:35:03 +02:00
Daniel Stenberg
915032ea02 upload: warn users trying to upload from stdin with anyauth
Since uploading from stdin is very likely to not work with anyauth and
its multi-phase probing for what authentication to actually use, alert
the user about it. Multi-phase negotiate almost certainly will involve
sending data and thus libcurl will need to rewind the stream to send
again, and it cannot do that with stdin.
2010-07-06 23:25:32 +02:00
Daniel Stenberg
bd36927f18 --libcurl: list the tricky options instead of using [REMARK]
I think the [REMARK] and commented function calls cluttered the code a
bit too much and made the generated code ugly to read. Now we instead
track the remarks one specially and just lists them at the end of the
generated code more as additional information.
2010-07-06 22:44:19 +02:00
Daniel Stenberg
0417d34533 curl: avoid setting libcurl options to its default
it makes the --libcurl output easier to follow.
2010-07-06 22:43:05 +02:00
Daniel Stenberg
a57611e308 --libcurl: hide setopt() calls setting default options
And additionally, don't show function or object pointers actual value
since they make no sense to anyone. Show 'functionpointer' and
'objectpointer' instead.
2010-07-06 22:13:22 +02:00
Daniel Stenberg
12533bb184 --libcurl: use *_LARGE options with typecasted constants
In the generated code --libcurl makes, all calls to curl_easy_setopt()
that use *_LARGE options now have the value typecasted to curl_off_t, so
that it works correctly for 32bit systems with 64bit curl_off_t type.
2010-07-06 19:19:52 +02:00
Yang Tse
b38189c7b4 fix compiler warning: enumerated type mixed with another type 2010-06-01 12:25:14 +02:00
Yang Tse
5ae6db321f fix compiler warning: enumerated type mixed with another type 2010-05-31 17:34:28 +02:00
Kamil Dudka
20ae9d4f71 strtoofft: rename CURL_LLONG_MIN -> CURL_OFF_T_MIN
... and CURL_LLONG_MAX -> CURL_OFF_T_MAX
2010-05-29 21:28:16 +02:00
Ben Greear
38d2afcefb telnet: Allow programatic use of telnet.
The main change is to allow input from user-specified methods,
when they are specified with CURLOPT_READFUNCTION.
All calls to fflush(stdout) in telnet.c were removed, which makes
using 'curl telnet://foo.com' painful since prompts and other data
are not always returned to the user promptly.  Use
'curl --no-buffer telnet://foo.com' instead.  In general,
the user should have their CURLOPT_WRITEFUNCTION do a fflush
for interactive use.

Also fix assumption that reading from stdin never returns < 0.
Old code could crash in that case.

Call progress functions in telnet main loop.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-04-29 08:55:11 +02:00
Alex Bligh
36e245658b curl: added --proto and --proto-redir
--proto tells curl to use the listed protocols for its initial
retrieval

--proto-redir tells curl to use the listed protocols after a
redirect
2010-04-24 12:18:04 +02:00
Daniel Stenberg
71be565cf4 curl: -O crash on windows
The -O option caused curl to crash on windows and DOS due to the
tool writing out of boundary memory.
2010-04-21 23:20:18 +02:00
Daniel Stenberg
47dda4a1d4 parse_filename: strip trailing CRs and LFs
The feature that uses the file name given in a
Content-disposition: header didn't properly skip trailing
carriage returns and linefeed characters from the end of the file
name when it was given without quotes.
2010-04-19 17:05:46 +02:00
Daniel Stenberg
5d93525f30 parseconfig: Value stored to 'line' is never read
Make the function call with (void) as we don't care about the
return code.
2010-04-17 18:59:54 +02:00
Daniel Stenberg
fd10ed56d5 use size_t to hold string length
using int is not fine on 64bit systems
2010-03-29 16:11:02 +02:00
Daniel Stenberg
2309b4e330 remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
Dan Fandrich
12bb308cab Factored out some code into a few independent functions 2010-03-16 05:18:21 +00:00
Yang Tse
6a8aa246ff Fixed bug report #2958074 indicating
(http://curl.haxx.se/bug/view.cgi?id=2958074) that curl on Windows with
option --trace-time did not use local time when timestamping trace lines.
This could also happen on other systems depending on time souurce.
2010-02-25 06:59:04 +00:00
Daniel Stenberg
bb2d9c3704 use (void) in front of fwrite() calls that ignore the return code 2010-02-15 21:29:19 +00:00
Daniel Stenberg
dc6adb54fb CURLOPT_MAIL_RCPT is *not* a string so we must not try to printf() it 2010-02-12 22:19:48 +00:00
Daniel Stenberg
2138ee7628 free --mail-from strings properly 2010-02-12 22:16:21 +00:00
Yang Tse
3205ac35b0 Fix progressmode Configurable struct member data type. Changed to
'int' which fits better with existing CURL_PROGRESS_* definitions.
2010-02-03 10:57:42 +00:00
Yang Tse
d28b8d3158 Fix compiler warnings:
(1) conversion from 'const int ' to 'unsigned char ', possible loss of data
(2) conditional expression is constant
2010-02-02 16:21:37 +00:00
Yang Tse
4d19ebe738 fix printf-style format strings 2010-01-29 12:29:26 +00:00
Yang Tse
bbefdf88fd fix compiler warning 2010-01-27 03:43:34 +00:00
Yang Tse
4bb80cfd75 fix compiler warning 2010-01-25 04:36:13 +00:00
Bjorn Stenberg
80675818e0 Added -J/--remote-header-name. 2010-01-23 20:07:12 +00:00
Daniel Stenberg
2c93ec5303 - Make curl support --ssl and --ssl-reqd instead of the previous FTP-specific
versions --ftp-ssl and --ftp-ssl-reqd as these options are now used to
  control SSL/TLS for IMAP, POP3 and SMTP as well in addition to FTP. The old
  option names are still working but the new ones are the prefered ones
  (listed and documented).
2010-01-02 22:09:31 +00:00
Daniel Stenberg
a62f32d3c2 update copyright year since we are in 2010 now 2010-01-01 14:52:50 +00:00
Daniel Stenberg
605bbfc4c0 - Ingmar Runge enhanced libcurl's FTP engine to support the PRET command. This
command is a special "hack" used by the drftpd server, but even though it is
  a custom extension I've deemed it fine to add to libcurl since this server
  seems to survive and people keep using it and want libcurl to support
  it. The new libcurl option is named CURLOPT_FTP_USE_PRET, and it is also
  usable from the curl tool with --ftp-pret. Using this option on a server
  that doesn't support this command will make libcurl fail.
2010-01-01 14:44:44 +00:00
Daniel Stenberg
3f3f6be825 turned CURLOPT_MAIL_RCPT into a curl_slist list instead to support multiple
receivers, and made the command line tool thus support the option specified
many times
2009-12-31 21:52:01 +00:00
Daniel Stenberg
99e9938617 s/CURLOPT_WRITEHEADER/CURLOPT_HEADERDATA simply because it is a better name 2009-12-30 23:14:00 +00:00
Yang Tse
3184a91ec8 VMS specific preprocessor symbol checking adjustments 2009-12-30 17:59:56 +00:00
Daniel Stenberg
ec3bb8f727 introducing IMAP, POP3 and SMTP support (still lots of polish left to do) 2009-12-12 21:54:01 +00:00
Daniel Stenberg
296ebf382c - Siegfried Gyuricsko found out that the curl manual said --retry would retry
on FTP errors in the transient 5xx range. Transient FTP errors are in the
  4xx range. The code itself only tried on 5xx errors that occured _at login_.
  Now the retry code retries on all FTP transfer failures that ended with a
  4xx response.

  (http://curl.haxx.se/bug/view.cgi?id=2911279)
2009-12-10 21:02:11 +00:00
Yang Tse
5ce6454d33 - Fixed curl erroneously reporting output stream write failures with disabled buffering 2009-12-10 16:46:21 +00:00
Daniel Stenberg
6e38cc9048 - Markus Koetter provided a polished and updated version of Chad Monroe's TFTP
rework patch that now integrates TFTP properly into libcurl so that it can
  be used non-blocking with the multi interface and more. BLKSIZE also works.

  The --tftp-blksize option was added to allow setting the TFTP BLKSIZE from
  the command line.
2009-11-27 23:46:29 +00:00
Daniel Stenberg
1fddcb3f88 - Bjorn Augustsson reported a bug which made curl not report any problems even
though it failed to write a very small download to disk (done in a single
  fwrite call). It turned out to be because fwrite() returned success, but
  there was insufficient error-checking for the fclose() call which tricked
  curl to believe things were fine.
2009-11-23 13:56:45 +00:00