1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-23 08:38:49 -05:00
Commit Graph

1502 Commits

Author SHA1 Message Date
Kamil Dudka
86c64f3daf curl_sasl: initialize NSS before using crypto 2013-10-18 15:37:18 +02:00
Daniel Stenberg
1dcc433661 bump: start working on 7.33.1 2013-10-14 23:11:20 +02:00
Daniel Stenberg
f77e89c5d2 RELEASE-NOTES: synced with 92cf6141ed 2013-10-13 23:24:21 +02:00
Kamil Dudka
d015f4ccac ssh: improve the logic for detecting blocking direction
This fixes a regression introduced by commit 0feeab78 limiting the speed
of SCP upload to 16384 B/s on a fast connection (such as localhost).
2013-10-12 23:03:28 +02:00
Daniel Stenberg
b46491900d RELEASE-NOTES: add twos refs to bug reports 2013-10-07 00:10:59 +02:00
Daniel Stenberg
725288bf2f RELEASE-NOTES: synced with 173160c0d0 2013-10-06 23:36:21 +02:00
Daniel Stenberg
77dc4ba877 RELEASE-NOTES: added recent contributors missing 2013-09-23 23:23:51 +02:00
Steve Holme
59c1743c78 RELEASE-NOTES: Corrected missed addition
Somehow commit 60a2046162 missed the last item in the sync list
even though I'm sure I added it during editing.
2013-09-21 22:28:07 +01:00
Steve Holme
60a2046162 RELEASE-NOTES: Synced with 6dd8bd8d2f 2013-09-21 22:20:40 +01:00
Steve Holme
18db743851 pop3: Added basic SASL XOAUTH2 support
Added the ability to use an XOAUTH2 bearer token [RFC6750] with POP3 for
authentication using RFC6749 "OAuth 2.0 Authorization Framework".

The bearer token is expected to be valid for the user specified in
conn->user. If CURLOPT_XOAUTH2_BEARER is defined and the connection has
an advertised auth mechanism of "XOAUTH2", the user and access token are
formatted as a base64 encoded string and sent to the server as
"AUTH XOAUTH2 <bearer token>".
2013-09-20 21:56:30 +01:00
Steve Holme
fbcefc0ce0 imap: Fixed response check for NOOP command 2013-09-14 10:44:28 +01:00
Steve Holme
f3c9749a40 imap: Fixed response check for LSUB and UID commands 2013-09-11 20:15:21 +01:00
Jiri Hruska
5c14a7f068 imap/pop3/smtp: Speed up SSL connection initialization
Don't wait for the next callback call (usually 1 second) before
continuing with protocol specific connection initialization.
2013-09-10 19:47:54 +01:00
Steve Holme
d89eb55906 RELEASE-NOTES: Corrected duplicate in bfefe2400a 2013-09-10 15:35:20 +01:00
Steve Holme
4a85e60cfe RELEASE-NOTES: Corrected typo from bfefe2400a 2013-09-10 14:06:50 +01:00
Steve Holme
bfefe2400a RELEASE-NOTES: synced with 25c6890375 2013-09-10 13:12:56 +01:00
Kamil Dudka
c639d725a3 url: handle abortion by read/write callbacks, too
Otherwise, the FTP protocol would unnecessarily hang 60 seconds if
aborted in the CURLOPT_HEADERFUNCTION callback.

Reported by: Tomas Mlcoch
Bug: https://bugzilla.redhat.com/1005686
2013-09-09 13:23:04 +02:00
Daniel Stenberg
2eabb7d590 curl: add --http1.1 and --http2.0 options 2013-09-04 22:29:38 +02:00
Steve Holme
f3849a7b84 imap: Fixed response check for EXPUNGE command 2013-08-31 10:49:49 +01:00
Daniel Stenberg
c3b513e75c bump: next release is 7.33.0 due to added features 2013-08-28 09:32:48 +02:00
Steve Holme
9d957294cb RELEASE-NOTES: synced with acf59be7f0 2013-08-26 23:27:07 +01:00
Daniel Stenberg
bb55293313 FTP: remove krb4 support
We've announced this pending removal for a long time and we've
repeatedly asked if anyone would care or if anyone objects. Nobody has
objected. It has probably not even been working for a good while since
nobody has tested/used this code recently.

The stuff in krb4.h that was generic enough to be used by other sources
is now present in security.h
2013-08-25 19:16:36 +02:00
Daniel Stenberg
ea464d72e9 RELEASE-NOTES: synced with 22adb46a32 2013-08-23 15:39:03 +02:00
Daniel Stenberg
e3ee73b70c version number: bump to 7.32.1 for now
Start working on the next version and up some counters.
2013-08-12 13:16:44 +02:00
Daniel Stenberg
4c40fe64b8 RELEASE-NOTES: synced with d20def2046 2013-08-08 16:37:17 +02:00
Daniel Stenberg
55ea83d622 RELEASE-NOTES: synced with b5478a0e03 2013-07-29 14:51:09 +02:00
Daniel Stenberg
6ed2bcc5f5 RELEASE-NOTES: synced with d529f3882b 2013-07-19 23:38:43 +02:00
Kamil Dudka
abca89aaa0 url: restore the functionality of 'curl -u :'
This commit fixes a regression introduced in
fddb7b44a7.

Reported by: Markus Moeller
Bug: http://curl.haxx.se/mail/archive-2013-06/0052.html
2013-06-30 20:13:14 +02:00
Daniel Stenberg
aff7562922 RELEASE-NOTES: synced with 365c5ba395
The 10 first bug fixes for the pending release...
2013-06-25 10:35:21 +02:00
Daniel Stenberg
ec248b590d bump: start working towards what most likely will become 7.32.0 2013-06-22 14:13:28 +02:00
Daniel Stenberg
85c710e11e RELEASE-NOTES: synced with 0de7249bb3 - 7.31.0 2013-06-22 11:30:31 +02:00
Daniel Stenberg
a9f5ad0e2a RELEASE-NOTES: synced with e305f5ec71 2013-06-20 22:27:33 +02:00
Daniel Stenberg
1826c768ab RELEASE-NOTES: synced with 9c3e098259
Mention 7 recent bug fixes and their associated contributors
2013-06-13 23:01:32 +02:00
Daniel Stenberg
dc19e656b5 RELEASE-NOTES: synced with 87cf677eca
Added 11 bugs and 7 contributors
2013-06-07 10:39:21 +02:00
Daniel Stenberg
01eede2662 RELEASE-NOTES: synced with ae26ee3489 2013-05-12 14:36:04 +02:00
Jared Jennings
865d4138a0 curl -E: allow to escape ':' in cert nickname 2013-05-06 14:32:26 +02:00
Steve Holme
7632bc911b RELEASE-NOTES: synced with 92ef5f19c8 2013-05-04 10:13:43 +01:00
Steve Holme
b52cf5d2cd smtp: Fixed unknown percentage complete in progress bar
The curl command line utility would display the the completed progress
bar with a percentage of zero as the progress routines didn't know the
size of the transfer.
2013-04-29 22:34:26 +01:00
Nick Zitzmann
a5c0e20939 darwinssl: add TLS crypto authentication
Users using the Secure Transport (darwinssl) back-end can now use a
certificate and private key to authenticate with a site using TLS. Because
Apple's security system is based around the keychain and does not have any
non-public function to create a SecIdentityRef data structure from data
loaded outside of the Keychain, the certificate and private key have to be
loaded into the Keychain first (using the certtool command line tool or
the Security framework's C API) before we can find it and use it.
2013-04-27 23:15:07 -06:00
Daniel Stenberg
219358b93d bump version
Since we're adding new stuff, the next release will bump the minor
version and we're looking forward to 7.31.0
2013-04-27 23:15:35 +02:00
Steve Holme
f133719f73 RELEASE-NOTES: synced with f4e6e201b1 2013-04-27 20:43:55 +01:00
Zdenek Pavlas
b37b5233ca url: initialize speed-check data for file:// protocol
... in order to prevent an artificial timeout event based on stale
speed-check data from a previous network transfer.  This commit fixes
a regression caused by 9dd85bced5.

Bug: https://bugzilla.redhat.com/906031
2013-04-26 15:38:22 +02:00
Steve Holme
c0d502785f RELEASE-NOTES: synced with a8c92cb608 2013-04-24 19:40:06 +01:00
Steve Holme
5821d5f111 RELEASE-NOTES: synced with d535c4a2e1 2013-04-20 09:56:16 +01:00
Steve Holme
95ba6cdd54 RELEASE-NOTES: Removed erroneous spaces 2013-04-13 18:35:16 +01:00
Steve Holme
7ce6cb9ab4 RELEASE-NOTES: synced with 8723cade21 2013-04-13 16:43:30 +01:00
Daniel Stenberg
e0cff02061 bump: start working towards next release 2013-04-12 11:30:32 +02:00
Daniel Stenberg
80d241046e RELEASE-NOTES: cleaned up for 7.30 (synced with 5c5e1a1cd2)
Most notable the security advisory:
http://curl.haxx.se/docs/adv_20130412.html
2013-04-12 00:05:39 +02:00
Daniel Stenberg
4594ee5e14 RELEASe-NOTES: synced with 29fdb2700f
added "tcpkeepalive on Mac OS X"
2013-04-09 14:49:27 +02:00
Nick Zitzmann
d7f4c3772e darwinssl: disable insecure ciphers by default
I noticed that aria2's SecureTransport code disables insecure ciphers such
as NULL, anonymous, IDEA, and weak-key ciphers used by SSLv3 and later.
That's a good idea, and now we do the same thing in order to prevent curl
from accessing a "secure" site that only negotiates insecure ciphersuites.
2013-04-08 17:07:20 -06:00
Steve Holme
4990f46856 RELEASE-NOTES: Corrected duplicate NTLM memory leaks 2013-04-08 20:59:50 +01:00
Steve Holme
5e24db0cba RELEASE-NOTES: Removed trailing full stop 2013-04-08 20:34:29 +01:00
Daniel Stenberg
9141c75bfb RELEASE-NOTES: sync with 704a5dfca9 2013-04-08 08:43:18 +02:00
Daniel Stenberg
bf7a270e0b RELEASE-NOTES: synced with 5e722b2d09
3 more bug fixes, 6 more contributors
2013-04-05 23:31:00 +02:00
Daniel Stenberg
c7e56db050 RELEASE-NOTES: synced with 0614b90213 2013-04-01 00:36:50 +02:00
Steve Holme
048726a5a2 RELEASE-NOTES: Corrected typo 2013-03-27 20:35:28 +00:00
Daniel Stenberg
b8c195974c RELEASE-NOTES: add two references 2013-03-27 15:36:15 +01:00
Daniel Stenberg
11219b3c93 RELEASE-NOTES: synced with bc6037ed3e
More changes, bugfixes and contributors!
2013-03-23 23:29:40 +01:00
Nick Zitzmann
6f1f7e5de8 darwinssl: disable ECC ciphers under Mountain Lion by default
I found out that ECC doesn't work as of OS X 10.8.3, so those ciphers are
turned off until the next point release of OS X.
2013-03-19 15:21:34 -06:00
Zdenek Pavlas
57ccdfa8d2 curl_global_init: accept the CURL_GLOBAL_ACK_EINTR flag
The flag can be used in pycurl-based applications where using the multi
interface would not be acceptable because of the performance lost caused
by implementing the select() loop in python.

Bug: http://curl.haxx.se/bug/view.cgi?id=1168
Downstream Bug: https://bugzilla.redhat.com/919127
2013-03-12 10:58:20 +01:00
Kamil Dudka
491e026ccd easy: do not ignore poll() failures other than EINTR 2013-03-12 10:58:19 +01:00
Daniel Stenberg
cb07bca689 RELEASE-NOTES: synced with ca3c0ed3a9
8 more bugfixes, one change and a bunch of contributors
2013-03-09 16:32:23 +01:00
Daniel Stenberg
6d8d306905 RELEASE-NOTES: mention that krb4 is up for consideration 2013-03-08 22:33:27 +01:00
Daniel Stenberg
442084cdb5 version bump: the next release will be 7.30.0 2013-03-07 11:14:16 +01:00
Steve Holme
9ceee69ff7 RELEASE-NOTES: Added missing imap fixes and additions
With all the recent imap changes it wasn't clear what new features and
fixes should be included in the release notes.
2013-03-07 10:03:28 +00:00
Nick Zitzmann
a9cc5ee0c6 RELEASE-NOTES: brought this up-to-date with the latest changes 2013-03-06 20:03:18 -07:00
Kamil Dudka
9d0af3018c nss: fix misplaced code enabling non-blocking socket mode
The option needs to be set on the SSL socket.  Setting it on the model
takes no effect.  Note that the non-blocking mode is still not enabled
for the handshake because the code is not yet ready for that.
2013-03-06 13:34:10 +01:00
Daniel Stenberg
d4703fa428 Guile-curl: a new libcurl binding 2013-02-16 14:26:28 +01:00
Steve Holme
ff8c5a329e RELEASE-NOTES: Updated following the recent imap/pop3/smtp changes 2013-02-10 22:32:47 +00:00
Steve Holme
8170d1f828 RELEASE-NOTES: synced with 92f7606f29 2013-02-10 11:41:42 +00:00
Steve Holme
ce4b554e5d RELEASE-NOTES: Added new imap features 2013-02-07 21:20:11 +00:00
Daniel Stenberg
2488a01337 7.29.1: onwards! 2013-02-06 14:50:39 +01:00
Daniel Stenberg
0f1deac71e RELEASE-NOTES: mention the SASL buffer overflow 2013-02-06 11:06:33 +01:00
Daniel Stenberg
25d13822ae RELEASE-NOTES: synced with 25f351424b
8 more bug fixes mentioned
2013-02-05 23:19:19 +01:00
Steve Holme
03577a355e RELEASE-NOTES: Updated following recent changes to the email protocols
Added recent additions and fixes following the changes to imap, pop3
and smtp. Additionally added another contributor that helped to test
the imap sasl changes.
2013-02-05 00:11:24 +00:00
Daniel Stenberg
38ec16d671 RELEASE-NOTES: only list Nick once
Even though he's a fine dude, once is enough for this time!
2013-01-28 22:32:11 +01:00
Daniel Stenberg
446afec71a RELEASE-NOTES: add references to several bugfixes+changes 2013-01-18 15:57:11 +01:00
Steve Holme
e2bfae239f RELEASE-NOTES: Added missing imap fix
Added missing imap fix as per commit 709b3506cd.
2013-01-18 12:15:37 +00:00
Daniel Stenberg
0e1855d9d3 RELEASE-NOTES: synced with c43127414d 2013-01-18 00:12:18 +01:00
Kamil Dudka
26613d7817 nss: fix error messages for CURLE_SSL_{CACERT,CRL}_BADFILE
Do not use the error messages from NSS for errors not occurring in NSS.
2013-01-15 13:20:56 +01:00
Kamil Dudka
b36f1d26f8 nss: clear session cache if a client cert from file is used
This commit fixes a regression introduced in 052a08ff.

NSS caches certs/keys returned by the SSL_GetClientAuthDataHook callback
and if we connect second time to the same server, the cached cert/key
pair is used.  If we use multiple client certificates for different
paths on the same server, we need to clear the session cache to force
NSS to call the hook again.  The commit 052a08ff prevented the session
cache from being cleared if a client certificate from file was used.

The condition is now fixed to cover both cases: consssl->client_nickname
is not NULL if a client certificate from the NSS database is used and
connssl->obj_clicert is not NULL if a client certificate from file is
used.

Review by: Kai Engert
2013-01-11 10:59:11 +01:00
Daniel Stenberg
431ead1c9a RELEASE-NOTES: synced with e3ed2b82e6 2012-12-27 20:15:07 +01:00
Kamil Dudka
68d2830ee9 nss: prevent NSS from crashing on client auth hook failure
Although it is not explicitly stated in the documentation, NSS uses
*pRetCert and *pRetKey even if the client authentication hook returns
a failure.  Namely, if we destroy *pRetCert without clearing *pRetCert
afterwards, NSS destroys the certificate once again, which causes a
double free.

Reported by: Bob Relyea
2012-12-03 13:34:36 +01:00
Daniel Stenberg
ba476bb6d8 bump: start working on 7.28.2 2012-11-20 10:27:36 +01:00
Daniel Stenberg
b9fdb721f2 RELEASE-NOTES: synced with 52af6e69f0 / 7.28.1 2012-11-20 08:05:42 +01:00
Anthony Bryan
c830115c48 RELEASE-NOTES: NSS can be used for metalink hashing 2012-11-20 00:14:31 +01:00
Kamil Dudka
32be348af2 test2032: spurious failure caused by premature termination
Bug: http://curl.haxx.se/mail/lib-2012-11/0095.html
2012-11-19 13:36:10 +01:00
Daniel Stenberg
dd75cba3ef RELEASE-NOTES: synced with ee588fe088
4 more bug fixes and 4 more contributors
2012-11-17 14:23:41 +01:00
Daniel Stenberg
53c83ee3ed RELEASE-NOTES: synced with fa1ae0abcd 2012-11-14 22:32:19 +01:00
Daniel Stenberg
6a4bdb027b RELEASE-NOTES: synced with 7c0cbcf2f6 2012-11-13 13:03:38 +01:00
Kamil Dudka
49c37e6c1c tool_metalink: allow to use hash algorithms provided by NSS
Fixes bug #3578163:
http://sourceforge.net/tracker/?func=detail&atid=100976&aid=3578163&group_id=976
2012-11-09 10:42:54 +01:00
Daniel Stenberg
9096f4f451 RELEASE-NOTES: synced with 487538e87a
6 new bugfixes and 3 more contributors...
2012-11-07 23:21:55 +01:00
Daniel Stenberg
0da6c113ce RELEASE-NOTES: synced with fa6d78829f 2012-11-06 12:03:29 +01:00
Daniel Stenberg
ff32546d81 version-bump: towards 7.28.1! 2012-10-10 22:35:08 +02:00
Daniel Stenberg
33c02d4771 RELEASE-NOTES: synced with 8373ca3641
One bug, one contributor. Getting ready for release.
2012-10-10 21:58:16 +02:00
Daniel Stenberg
6b18f18b4c RELEASE-NOTES: synced with 971f5bcedd
9 new bug fixes, 5 changes, 6 more contributors
2012-10-02 10:39:51 +02:00
Kamil Dudka
f05e51362f ssh: do not crash if MD5 fingerprint is not provided by libssh2
The MD5 fingerprint cannot be computed when running in FIPS mode.
2012-09-12 16:49:10 +02:00
Daniel Stenberg
a492632022 RELEASE-NOTES: synced with 6c6f1f64c2
6 bug fixes to mention, 5 contributors
2012-09-09 14:55:52 +02:00
Daniel Stenberg
cb2feb9def RELEASE-NOTES: synced with abb0da9193 2012-09-03 23:20:33 +02:00
Kamil Dudka
52b6eda4f2 nss: do not print misleading NSS error codes 2012-08-09 13:33:49 +02:00