1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-23 00:28:48 -05:00
Commit Graph

20603 Commits

Author SHA1 Message Date
Steve Holme
156b8287a7 krb5_gssapi: Only process challenge when present
This wouldn't cause a problem because of the way the function is called,
but prior to this change, we were processing the challenge message when
the credentials were NULL rather than when the challenge message was
populated.

This also brings this part of the Kerberos 5 code in line with the
Negotiate code.
2016-04-03 17:17:20 +01:00
Steve Holme
73f1096335 krb5: Fixed missing client response when mutual authentication enabled
Although mutual authentication is currently turned off and can only be
enabled by changing libcurl source code, authentication using Kerberos
5 has been broken since commit 79543caf90 in this use case.
2016-04-03 17:02:44 +01:00
Steve Holme
61152e7d94 krb5_sspi: Only process challenge when present
This wouldn't cause a problem because of the way the function is called,
but prior to this change, we were processing the challenge message when
the credentials were NULL rather than when the challenge message was
populated.

This also brings this part of the Kerberos 5 code in line with the
Negotiate code.
2016-04-03 11:45:02 +01:00
Steve Holme
228cd71c6f krb5_sspi: Only generate the output token when its not allocated
Prior to this change, we were generating the output token when the
credentials were NULL rather than when the output token was NULL.

This also brings this part of the Kerberos 5 code in line with the
Negotiate code.
2016-04-03 11:25:12 +01:00
Steve Holme
2d2c67e3ed krb5: Only generate a SPN when its not known
Prior to this change, we were generating the SPN in the SSPI code when
the credentials were NULL and in the GSS-API code when the context was
empty. It is better to decouple the SPN generation from these checks
and only generate it when the SPN itself is NULL.

This also brings this part of the Kerberos 5 code in line with the
Negotiate code.
2016-04-03 11:15:03 +01:00
Daniel Stenberg
365322b8bc tests/libtest: follow our code style guidelines better
... checksrc of all test code is pending.
2016-04-03 11:57:34 +02:00
Daniel Stenberg
c7e4266a2e checksrc.whitelist: remove fopen() uses 2016-04-03 11:57:21 +02:00
Daniel Stenberg
36b5dff030 formdata: use appropriate fopen() macros 2016-04-03 11:57:04 +02:00
Daniel Stenberg
5ea3d2ff06 checksrc: improve the fopen() parser somewhat
The quote scanner was too fragile, now look for a comma instead to find
the mode argument.
2016-04-03 11:29:14 +02:00
Daniel Stenberg
d4d87d7ead unit1604: fix snprintf
follow-up to 0326b06

sizeof(pointer) is no good for the buffer size!

Reported-by: Viktor Szakats
2016-04-03 10:47:13 +02:00
Steve Holme
0326b06770 unittests: Fixed compilation warnings
warning: implicit declaration of function 'sprintf_was_used'
         [-Wimplicit-function-declaration]

Follow up to the modications made to tests/libtest in commit 55452ebdff
as we prefer not to use sprintf() now.
2016-04-03 00:02:19 +01:00
Daniel Stenberg
e238253d06 curl.1: -w filename_effective was introduced in 7.26.0
We never made a 7.25.1 release
2016-04-02 17:59:25 +02:00
Daniel Stenberg
c40e85334d 7.49.0: next release version 2016-04-02 17:26:54 +02:00
Daniel Stenberg
eca93542d6 http2: make use of the nghttp2 error callback
It offers extra info from nghttp2 in certain error cases. Like for
example when trying prior-knowledge http2 on a server that doesn't speak
http2 at all. The error message is passed on as a verbose message to
libcurl.

Discussed in #722

The error callback was added in nghttp2 1.9.0
2016-04-02 16:27:30 +02:00
Steve Holme
2aaa63b555 spnego: Renamed the context's SPN variable
To be consistent with the Kerberos 5 context and other authentication
code.
2016-04-02 06:41:29 +01:00
Steve Holme
9173dc0682 krb5_gssapi: Renamed the status variables
For consistency with the spnego code.
2016-04-02 06:25:30 +01:00
Steve Holme
ced0cbb5b7 krb5: Moved host from Curl_auth_create_gssapi_user_message() to be argument
For consistency with the spnego and oauth2 code moved the setting of
the host name outside of the Curl_auth_create_gssapi_user_messag()
function.

This will allow us to more easily override it in the future.
2016-04-02 06:15:29 +01:00
Steve Holme
4edcfc6bf0 test1119: Fixed missing CURL_DID_MEMORY_FUNC_TYPEDEFS symbol 2016-04-02 00:30:33 +01:00
Steve Holme
3aa76ba164 RELEASE-NOTES: Removed "http_negotiate: Corrected host and proxy host name"
As this was introduced in the recent vauth changes and not a prior
release.
2016-04-01 22:20:58 +01:00
Daniel Stenberg
53fc6cb81b RELEASE-NOTES: synced with 0aa8da10bb 2016-04-01 23:15:29 +02:00
Steve Holme
0aa8da10bb http_negotiate: Corrected host and proxy host name being wrong way round
I had accidentally used the proxy server name for the host and the host
server name for the proxy in commit ad5e9bfd5d and 6d6f9ca1d9. Whilst
Windows SSPI was quite happy with this, GSS-API wasn't.

Thanks-to:  Michael Osipov
2016-04-01 21:48:35 +01:00
Steve Holme
7bc64561a2 build: Changed the Visual Studio projects warning level from 3 to 4
After squashing most of our compiler warnings, up'ed the default
warning level from 3 to 4 in order to increase the likelyhood of
catching future warnings.
2016-04-01 20:39:34 +01:00
ehlertjd@gmail.com
8f654f29de IMAP: check pointer before dereferencing it
may be null in the CURLOPT_CONNECT_ONLY case

Fixes #747
2016-04-01 21:18:46 +02:00
Steve Holme
8010376fad .gitignore: Added new VC14 SQLite based program database files 2016-04-01 20:00:05 +01:00
Steve Holme
a29a6c2ab5 curl_memory.h: Fixed typo in comment
From commit 7218b52c49.
2016-04-01 19:12:39 +01:00
Steve Holme
5bdb4c13c2 spnego: Corrected some typos in comments
Corrected typos from commit ad5e9bfd5d and 6d6f9ca1d9.
2016-04-01 19:07:49 +01:00
Steve Holme
0c331b8999 memdebug: Ensure curl/curl.h is included before curl_memory.h
Follow up to commit 7db9782dd6.
2016-04-01 13:21:12 +01:00
Daniel Stenberg
3e005a8555 upload: missing rewind call could make libcurl hang
When an upload is done, there are two places where that can be detected
and only one of them would rewind the input stream - which sometimes is
necessary for example when doing NTLM HTTP POSTs and more.

This could then end up libcurl hanging.

Figured-out-by: Isaac Boukris
Reported-by: Anatol Belski

Fixes #741
2016-04-01 13:57:15 +02:00
Daniel Stenberg
7db9782dd6 curl.h: define CURL_DID_MEMORY_FUNC_TYPEDEFS
So that we only do the extra typedefs in curl_memory.h when we really
need to and avoid double typedefs.

follow-up commit to 7218b52c49

Thanks-to: Steve Holme
2016-04-01 13:14:57 +02:00
Daniel Stenberg
55452ebdff curl/mprintf.h: remove support for _MPRINTF_REPLACE
The define is not in our name space and is therefore not protected by
our API promises.

It was only really used by libcurl internals but was mostly erased from
there already in 8aabbf5 (March 2015). This is supposedly the final
death blow to that define from everywhere.

As a side-effect, making sure _MPRINTF_REPLACE is gone and not used, I
made the lib tests in tests/libtest/ use curl_printf.h for its redefine
magic and then subsequently the use of sprintf() got banned in the tests
as well (as it is in libcurl internals) and I then replaced them all
with snprintf().

In the unlikely event that any users is actually using this define and
gets sad by this change, it is very easily copied to the user's own
code.
2016-04-01 10:46:36 +02:00
Daniel Stenberg
7218b52c49 curl_memory.h: avoid the curl/curl.h include
Discussed in #743
2016-04-01 10:07:38 +02:00
Steve Holme
9a8aef1365 url: Corrected get protocol family for FTP and LDAP
Fixed copy/paste error from commit a5aec58726.
2016-04-01 07:24:39 +01:00
Jay Satiro
7c314fd9f8 strerror: don't bit shift a signed integer
Bug: https://github.com/curl/curl/issues/744
Reported-by: Alexis La Goutte
2016-03-31 21:05:29 -04:00
Daniel Stenberg
213d3c7b0c http2: more documentation for prior knowledge 2016-03-31 22:23:15 +02:00
Diego Bes
324a97ecf8 http2: support "prior knowledge", no upgrade from HTTP/1.1
Supports HTTP/2 over clear TCP

- Optimize switching to HTTP/2 by removing calls to init and setup
before switching. Switching will eventually call setup and setup calls
init.

- Supports new version to “force” the use of HTTP/2 over clean TCP

- Add common line parameter “--http2-prior-knowledge” to the Curl
  command line tool.
2016-03-31 22:23:11 +02:00
Daniel Stenberg
e683182918 imap: remove duplicated function
The list and search response functions were identical! Merged into one
now. Detected by PVS Studio.

Reported-by: Alexis La Goutte
2016-03-31 15:12:22 +02:00
Daniel Stenberg
0ee0d30a9f SOCKS5_gssapi_negotiate: don't assume little-endian ints
The code copied one byte from a 32bit integer, which works fine as long
as the byte order is the same. Not a fine assumption. Reported by PVS
Studio.

Reported-by: Alexis La Goutte
2016-03-31 10:22:42 +02:00
Daniel Stenberg
541027876d http: remove ((expression)) double parentheses 2016-03-31 10:10:58 +02:00
Daniel Stenberg
b22a954736 Curl_add_buffer_send: avoid possible NULL dereference
... as we check for a NULL pointer below, we move the derefence to after
the check. Detected by PVS Studio.

Reported-by: Alexis La Goutte
2016-03-31 10:10:58 +02:00
Daniel Stenberg
b3912d9dd7 file: remove duplicate checks of the same variable
... as it doesn't change in between. Deteced by PVS Studio.

Reported-by: Alexis La Goutte
2016-03-31 10:10:58 +02:00
Marcel Raad
4dae049157 openssl: Fix compilation warnings
When compiling with OpenSSL 1.1.0 (so that the HAVE_X509_GET0_SIGNATURE
&& HAVE_X509_GET0_EXTENSIONS pre-processor block is active), Visual C++
14 complains:

warning C4701: potentially uninitialized local variable 'palg' used
warning C4701: potentially uninitialized local variable 'psig' used
2016-03-30 23:55:00 +01:00
Daniel Stenberg
575e885db0 multi: turn Curl_done into file local multi_done
... as it now is used by multi.c only.
2016-03-30 07:52:28 +02:00
Daniel Stenberg
93935c08c1 multi: multi_reconnect_request is the former Curl_reconnect_request
now a file local function in multi.c
2016-03-30 07:52:28 +02:00
Daniel Stenberg
6b61d8160d multi: move Curl_do and Curl_do_done to multi.c and make static
... called multi_do and multi_do_done as they're file local now.
2016-03-30 07:52:28 +02:00
Jay Satiro
7921628714 wolfssl: Use ECC supported curves extension
https://github.com/wolfSSL/wolfssl/issues/366
2016-03-29 19:06:55 -04:00
Jay Satiro
27c99a37ba build-wolfssl: Allow a broader range of ciphers (Visual Studio)
This is an update to the build-time options used to build wolfSSL in
Visual Studio for greater compatibility, and make it behave similar to
the way OpenSSL 1.0.2 behaves. Starting in wolfSSL v3.6.6 static ciphers
and SSLv3 are disabled by default at build time, but we can use both.

- Enable static cipher suites TLS_ECDH_ and TLS_RSA_.

- Enable SSLv3 hello. Though in libcurl we disable it by default at
runtime, we make it available so the user can manually select it if
necessary.
2016-03-29 18:50:12 -04:00
Isaac Boukris
d5fc6e14b0 GSS: make Curl_gss_log_error more verbose
Also display the GSS_C_GSS_CODE (major code) when specified instead of
only GSS_C_MECH_CODE (minor code).

In addition, the old code was printing a colon twice after the prefix
and also miscalculated the length of the buffer in between calls to
gss_display_status (the length of ": " was missing).

Also, gss_buffer is not guaranteed to be NULL terminated and thus need
to restrict reading by its length.

Closes #738
2016-03-29 16:51:29 +02:00
Daniel Stenberg
d532645afd build: use roffit 0.11 feature
... load file specified as argument.
2016-03-29 16:45:17 +02:00
Daniel Stenberg
1fc767210c http2: set correct scheme in handler structs [regression]
Since commit a5aec58 the handler schemes need to match for the
connections to be reused and for HTTP/2 multiplexing to work, reusing
connections is very important!

Closes #736
2016-03-29 16:08:38 +02:00
Daniel Stenberg
2505fbbdb5 hostip.c: minor white space edit for style 2016-03-29 15:19:21 +02:00