1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-17 06:55:02 -05:00
Commit Graph

455 Commits

Author SHA1 Message Date
Julien Chaffraix
add5766dd4 urldata: Capitalize enum protect_level values.
This makes it easier to spot the enum values from the variables.
Removed some unneeded DEBUGASSERT added in the previous commit.
2010-11-13 14:42:34 -08:00
Julien Chaffraix
8d59d69449 security: tighten enum protection_level usage.
While changing Curl_sec_read_msg to accept an enum protection_level
instead of an int, I went ahead and fixed the usage of the associated
fields.

Some code was assuming that prot_clear == 0. Fixed those to use the
proper value. Added assertions prior to any code that would set the
protection level.
2010-11-13 14:12:43 -08:00
Daniel Stenberg
a1f32ffee5 ip_version: moved to connection struct
The IP version choice was previously only in the UserDefined struct
within the SessionHandle, but since we sometimes alter that option
during a request we need to have it on a per-connection basis.

I also moved more "init conn" code into the allocate_conn() function
which is designed for that purpose more or less.
2010-11-11 15:16:21 +01:00
Daniel Stenberg
1b24b89cca CURLOPT_RESOLVE: added
CURLOPT_RESOLVE is a new option that sends along a curl_slist with
name:port:address sets that will populate the DNS cache with entries so
that request can be "fooled" to use another host than what otherwise
would've been used. Previously we've encouraged the use of Host: for
that when dealing with HTTP, but this new feature has the added bonus
that it allows the name from the URL to be used for TLS SNI and server
certificate name checks as well.

This is a first change. Surely more will follow to make it decent.
2010-11-08 08:56:21 +01:00
Daniel Stenberg
87374a47c9 Revert: use Host: name for SNI and cert name checks
This reverts commit b0fd03f5b8,
4b2fbe1e97, afecd1aa13, 68cde058f6
2010-11-05 10:25:58 +01:00
Daniel Stenberg
afecd1aa13 host: get the custom Host: name more genericly
When given a custom host name in a Host: header, we can use it for
several different purposes other than just cookies, so we rename it and
use it for SSL SNI etc.
2010-11-04 14:58:15 +01:00
Julien Chaffraix
512a82d395 security.c: Remove out_buffer as it was never written into. 2010-09-22 23:34:36 +02:00
Cameron Kaiser
201637d468 Gopher protocol support (initial release) 2010-08-25 14:19:58 +02:00
Daniel Stenberg
6b6a3bcb61 http: handle trailer headers in all chunked responses
HTTP allows that a server sends trailing headers after all the chunks
have been sent WITHOUT signalling their presence in the first response
headers. The "Trailer:" header is only a SHOULD there and as we need to
handle the situation even without that header I made libcurl ignore
Trailer: completely.

Test case 1116 was added to verify this and to make sure we handle more
than one trailer header properly.

Reported by: Patrick McManus
Bug: http://curl.haxx.se/bug/view.cgi?id=3052450
2010-08-25 13:42:14 +02:00
Daniel Stenberg
232ad6549a multi: support timeouts
Curl_expire() is now expanded to hold a list of timeouts for each easy
handle. Only the closest in time will be the one used as the primary
timeout for the handle and will be used for the splay tree (which sorts
and lists all handles within the multi handle).

When the main timeout has triggered/expired, the next timeout in time
that is kept in the list will be moved to the main timeout position and
used as the key to splay with. This way, all timeouts that are set with
Curl_expire() internally will end up as a proper timeout. Previously any
Curl_expire() that set a _later_ timeout than what was already set was
just silently ignored and thus missed.

Setting Curl_expire() with timeout 0 (zero) will cancel all previously
added timeouts.

Corrects known bug #62.
2010-08-15 13:16:39 +02:00
Daniel Stenberg
dc2157a087 parse_remote_port: fix ;type= URL suffix over HTTP proxy
Test 563 is enabled now and verifies that the combo FTP type=A URL,
CURLOPT_PORT set and proxy work fine. As a bonus I managed to remove the
somewhat odd FTP check in parse_remote_port() and instead converted it
to a better and more generic 'slash_removed' struct field. Checking the
->protocol field isn't right since when an FTP:// URL is sent over a
HTTP proxy, the protocol is HTTP but the URL was handled by the FTP code
and thus slash_removed is set TRUE for this case.
2010-08-10 00:56:45 +02:00
Frank Meier
8098d9417c getinfo: added *_PRIMARY_PORT, *_LOCAL_IP and *_LOCAL_PORT 2010-06-05 00:31:36 +02:00
Kamil Dudka
2ffe834bff ftp wildcard: a new option CURLOPT_FNMATCH_DATA 2010-05-16 02:52:33 +02:00
Hoi-Ho Chan
83305cbf9f Remove support for BSD version of PolarSSL
"The BSD version of PolarSSL was made for migratory purposes only and is not
maintained. The GPL version of PolarSSL is actually the only actively
developed version, so I would be very reluctant to use the BSD version." /
Paul Bakker, PolarSSL hacker.

Signed-off-by: Hoi-Ho Chan <hoiho.chan@gmail.com>
2010-05-13 21:50:52 +02:00
Pavel Raiskup
0825cd80a6 FTP: WILDCARDMATCH/CHUNKING/FNMATCH added 2010-05-12 23:17:51 +02:00
Howard Chu
04cb15ae9d RTMP: initial support added, powered by librtmp
librtmp is found at http://rtmpdump.mplayerhq.hu/
2010-05-12 23:07:20 +02:00
Howard Chu
bc8fc9803f sendrecv: make them two pairs of send/recv to properly deal with FTPS
FTP(S) use two connections that can be set to different recv and
send functions independently, so by introducing recv+send pairs
in the same manner we already have sockets/connections we can
work with FTPS fine.

This commit fixes the FTPS regression introduced in change d64bd82.
2010-05-11 22:48:38 +02:00
Howard Chu
d64bd82bdc sendrecv: split the I/O handling into private handler
Howard Chu brought the bulk work of this patch that properly
moves out the sending and recving of data to the parts of the
code that are properly responsible for the various ways of doing
so.

Daniel Stenberg assisted with polishing a few bits and fixed some
minor flaws in the original patch.

Another upside of this patch is that we now abuse CURLcodes less
with the "magic" -1 return codes and instead use CURLE_AGAIN more
consistently.
2010-05-07 15:05:34 +02:00
Hoi-Ho Chan
51427e1947 PolarSSL: initial support added
This is Hoi-Ho Chan's patch with some minor fixes by me. There
are some potential issues in this, but none worse than we can
sort out on the list and over time.
2010-05-05 22:30:46 +02:00
Ben Greear
38d2afcefb telnet: Allow programatic use of telnet.
The main change is to allow input from user-specified methods,
when they are specified with CURLOPT_READFUNCTION.
All calls to fflush(stdout) in telnet.c were removed, which makes
using 'curl telnet://foo.com' painful since prompts and other data
are not always returned to the user promptly.  Use
'curl --no-buffer telnet://foo.com' instead.  In general,
the user should have their CURLOPT_WRITEFUNCTION do a fflush
for interactive use.

Also fix assumption that reading from stdin never returns < 0.
Old code could crash in that case.

Call progress functions in telnet main loop.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-04-29 08:55:11 +02:00
Jerome Vouillon
c2888604d7 GnuTLS: make the connection phase non-blocking
When multi interface is used, the SSL handshake is no longer
blocking when GnuTLS is used.
2010-04-16 22:43:01 +02:00
Daniel Stenberg
93e6b1cb7c PROT_CLOSEACTION should not include TFTP
TFTP is not a protocol that uses close actions so it should
not be set in that bitmask!
2010-03-25 19:56:50 +01:00
Daniel Stenberg
2309b4e330 remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
Yang Tse
1435864030 Definitions of resolver specialty compile-time defines CURLRES_* moved
from hostip.h to setup.h in order to allow proper inclusion in any file.

This represents no functional change at all in which resolver is used,
everything still works as usual, internally and externally there is no
difference in behavior.
2010-01-22 20:27:48 +00:00
Daniel Stenberg
bc4582b68a Chris Conroy brought support for RTSP transfers, and with it comes 8(!) new
libcurl options for controlling what to get and how to receive posssibly
interleaved RTP data. Initial commit.
2010-01-21 13:58:30 +00:00
Daniel Stenberg
a62f32d3c2 update copyright year since we are in 2010 now 2010-01-01 14:52:50 +00:00
Daniel Stenberg
605bbfc4c0 - Ingmar Runge enhanced libcurl's FTP engine to support the PRET command. This
command is a special "hack" used by the drftpd server, but even though it is
  a custom extension I've deemed it fine to add to libcurl since this server
  seems to survive and people keep using it and want libcurl to support
  it. The new libcurl option is named CURLOPT_FTP_USE_PRET, and it is also
  usable from the curl tool with --ftp-pret. Using this option on a server
  that doesn't support this command will make libcurl fail.
2010-01-01 14:44:44 +00:00
Daniel Stenberg
3f3f6be825 turned CURLOPT_MAIL_RCPT into a curl_slist list instead to support multiple
receivers, and made the command line tool thus support the option specified
many times
2009-12-31 21:52:01 +00:00
Daniel Stenberg
54c60d0067 Stop overloading the conn->protocol field with the PROT_MISSING bit. It
really didn't belong there and had no real point.
2009-12-17 16:03:39 +00:00
Daniel Stenberg
91d05903b4 Remove pointless storing of the protocol as a string within the connectdata
struct, and instead use the already stored string in the handler struct.
2009-12-17 15:45:04 +00:00
Daniel Stenberg
83a6b34803 split out more protocol-specific structs from urldata.h into their own
protocol-specific header files
2009-12-12 22:17:51 +00:00
Daniel Stenberg
ec3bb8f727 introducing IMAP, POP3 and SMTP support (still lots of polish left to do) 2009-12-12 21:54:01 +00:00
Daniel Stenberg
6e38cc9048 - Markus Koetter provided a polished and updated version of Chad Monroe's TFTP
rework patch that now integrates TFTP properly into libcurl so that it can
  be used non-blocking with the multi interface and more. BLKSIZE also works.

  The --tftp-blksize option was added to allow setting the TFTP BLKSIZE from
  the command line.
2009-11-27 23:46:29 +00:00
Yang Tse
90bc6ee8f3 - Constantine Sapuntzakis provided the fix that ensures that an SSL connection
won't be reused unless protection level for peer and host verification match.
2009-11-14 02:30:30 +00:00
Kamil Dudka
571309dc3e - libcurl-NSS now tries to reconnect with TLS disabled in case it detects
a broken TLS server. However it does not happen if SSL version is selected
  manually. The approach was originally taken from PSM. Kaspar Brand helped me
  to complete the patch. Original bug reports:
  https://bugzilla.redhat.com/525496
  https://bugzilla.redhat.com/527771
2009-11-12 11:16:31 +00:00
Yang Tse
b205525d34 Take in account c-ares 1.6.1 will use __declspec function decoration
for Win32 and Symbian unless CARES_STATICLIB is defined to use static
library linkage.
2009-10-29 03:48:00 +00:00
Kamil Dudka
66fcebdc9e - Implemented a protocol independent way to specify blocking direction, used by
transfer.c for blocking. It is currently used only by SCP and SFTP protocols.
  This enhancement resolves an issue with 100% CPU usage during SFTP upload,
  reported by Vourhey.
2009-09-26 08:31:48 +00:00
Patrick Monnerat
b0b2824b58 - Introduced a SYST-based test to properly set-up name format when dealing with the OS/400 FTP server.
- Fixed an ftp_readresp() bug preventing detection of failing control socket  and causing FTP client to loop forever.
2009-08-24 12:57:25 +00:00
Daniel Stenberg
1048043963 - Lots of good work by Krister Johansen, mostly related to pipelining:
Fix SIGSEGV on free'd easy_conn when pipe unexpectedly breaks
  Fix data corruption issue with re-connected transfers
  Fix use after free if we're completed but easy_conn not NULL
2009-08-21 07:11:20 +00:00
Daniel Stenberg
47c392e135 - Added CURLOPT_SSH_KNOWNHOSTS, CURLOPT_SSH_KEYFUNCTION, CURLOPT_SSH_KEYDATA.
They introduce known_host support for SSH keys to libcurl. See docs for
  details.
2009-07-22 22:49:01 +00:00
Kamil Dudka
5f0cae8037 - Claes Jakobsson improved the support for client certificates handling
in NSS-powered libcurl. Now the client certificates can be selected
  automatically by a NSS built-in hook. Additionally pre-login to all PKCS11
  slots is no more performed. It used to cause problems with HW tokens.

- Fixed reference counting for NSS client certificates. Now the PEM reader
  module should be always properly unloaded on Curl_nss_cleanup(). If the unload
  fails though, libcurl will try to reuse the already loaded instance.
2009-07-20 21:50:21 +00:00
Michal Marek
0b317b72ae - When doing non-anonymous ftp via http proxies and the password is not
provided in the url, add it there (squid needs this).
2009-06-16 13:16:28 +00:00
Daniel Stenberg
3e0c067e43 - Claes Jakobsson provided a patch for libcurl-NSS that fixed a bad refcount
issue with client certs that caused issues like segfaults.
  http://curl.haxx.se/mail/lib-2009-05/0316.html
2009-06-08 21:25:16 +00:00
Daniel Stenberg
3aa3d7e629 Internal cleanup: KEEP_WRITE and KEEP_READ are now called KEEP_SEND and
KEEP_RECV to better match the general terminology: receive and send is what we
do from the (remote) servers. We read and write from and to the local fs.
2009-05-11 07:53:38 +00:00
Daniel Stenberg
828a26286d - Kamil Dudka fixed another NSS-related leak when client certs were used. 2009-04-24 21:55:18 +00:00
Daniel Stenberg
235c0077b8 - Toshio Kuratomi reported a memory leak problem with libcurl+NSS that turned
out to be leaking cacerts. Kamil Dudka helped me complete the fix. The issue
  is found in Redhat's bug tracker:
  https://bugzilla.redhat.com/show_bug.cgi?id=453612

  There are still memory leaks present, but they seem to have other reasons.
2009-04-13 17:42:10 +00:00
Daniel Stenberg
042cc1f69e - David Kierznowski notified us about a security flaw
(http://curl.haxx.se/docs/adv_20090303.html also known as CVE-2009-0037) in
  which previous libcurl versions (by design) can be tricked to access an
  arbitrary local/different file instead of a remote one when
  CURLOPT_FOLLOWLOCATION is enabled. This flaw is now fixed in this release
  together this the addition of two new setopt options for controlling this
  new behavior:

  o CURLOPT_REDIR_PROTOCOLS controls what protocols libcurl is allowed to
  follow to when CURLOPT_FOLLOWLOCATION is enabled. By default, this option
  excludes the FILE and SCP protocols and thus you nee to explicitly allow
  them in your app if you really want that behavior.

  o CURLOPT_PROTOCOLS controls what protocol(s) libcurl is allowed to fetch
  using the primary URL option. This is useful if you want to allow a user or
  other outsiders control what URL to pass to libcurl and yet not allow all
  protocols libcurl may have been built to support.
2009-03-02 23:05:31 +00:00
Daniel Stenberg
af91ff0e06 - Linus Nielsen Feltzing reported and helped me repeat and fix a problem with
FTP with the multi interface: when a transfer fails, like when aborted by a
  write callback, the control connection was wrongly closed and thus not
  re-used properly.

  This change is also an attempt to cleanup the code somewhat in this area, as
  now the FTP code attempts to keep (better) track on pending responses
  necessary to get read in ftp_done().
2009-02-20 08:16:03 +00:00
Daniel Stenberg
8f81fd6be5 - CURLOPT_FTP_CREATE_MISSING_DIRS can now be set to 2 in addition to 1 for
plain FTP connections, and it will then allow MKD to fail once and retry the
  CWD afterwards. This is especially useful if you're doing many simultanoes
  connections against the same server and they all have this option enabled,
  as then CWD may first fail but then another connection does MKD before this
  connection and thus MKD fails but trying CWD works! The numbers can
  (should?) now be set with the convenience enums now called
  CURLFTP_CREATE_DIR and CURLFTP_CREATE_DIR_RETRY.

  Tests has proven that if you're making an application that uploads a set of
  files to an ftp server, you will get a noticable gain in speed if you're
  using multiple connections and this option will be then be very useful.
2009-02-17 09:07:25 +00:00
Daniel Stenberg
002cf105c6 - CURLINFO_CONDITION_UNMET was added to allow an application to get to know if
the condition in the previous request was unmet. This is typically a time
  condition set with CURLOPT_TIMECONDITION and was previously not possible to
  reliably figure out. From bug report #2565128
  (http://curl.haxx.se/bug/view.cgi?id=2565128)
2009-02-11 21:47:14 +00:00