1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-23 08:38:49 -05:00
Commit Graph

14713 Commits

Author SHA1 Message Date
Johannes Bauer
6ea7acf5a9 OpenSSL: fix PKCS#12 certificate parsing related memory leak
Leak triggered when CURLOPT_SSLCERTTYPE and CURLOPT_SSLKEYTYPE set to P12
and both CURLOPT_SSLCERT and CURLOPT_SSLKEY point to the same PKCS#12 file.
2012-01-18 13:39:12 +01:00
Yang Tse
a20daf90e3 OpenSSL: SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option is no longer enabled
SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option enabling allowed successfull
interoperability with web server Netscape Enterprise Server 2.0.1 released
back in 1996 more than 15 years ago.

Due to CVE-2010-4180, option SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG has
become ineffective as of OpenSSL 0.9.8q and 1.0.0c. In order to mitigate
CVE-2010-4180 when using previous OpenSSL versions we no longer enable
this option regardless of OpenSSL version and SSL_OP_ALL definition.
2012-01-18 11:59:20 +01:00
Yang Tse
24526d0c0f tests: enable time tracing on tests 500, 573 and 585 2012-01-17 21:33:17 +01:00
Yang Tse
a752850acc tests: testtrace.[ch] provides debug callback for libtest usage
Allows tests from the libtest subdir to generate log traces
similar to those of curl with --tracetime and --trace-ascii
options but with output going to stderr.
2012-01-17 21:32:05 +01:00
Yang Tse
2b9fafd622 sws.c: fix proxy mode secondary connection monitoring condition 2012-01-17 12:28:28 +01:00
Yang Tse
0ce2bca741 add LF termination to infof() trace string 2012-01-16 21:14:05 +01:00
Yang Tse
b15024be4d sws.c: improve proxy mode torture testing support - followup to 18c6c8a5 2012-01-16 19:01:35 +01:00
Daniel Stenberg
21401840fa url2file: new simple example
Just showing how to download the contents of a given URL into a local
file.

Based on a suggestion and example code by Georg Potthast
2012-01-16 14:47:00 +01:00
Daniel Stenberg
e3e24e5b36 imap.c: a dead simple imap example
Just to show that IMAP is used just like other protocols
2012-01-16 14:47:00 +01:00
Yang Tse
18c6c8a5e7 sws.c: improve proxy mode torture testing support - followup to c731fc58 2012-01-16 12:30:03 +01:00
Yang Tse
c731fc58ea sws.c: improve proxy mode torture testing support - followup to d4bf87dc 2012-01-15 20:13:32 +01:00
Yang Tse
6d62c5a6fc Curl_proxyCONNECT() trace known bug #39 2012-01-15 19:21:55 +01:00
Daniel Stenberg
f1092b387e test: verify HTTP response code 308
This newly speced HTTP status code already works as intended in the new
spec:
http://greenbytes.de/tech/webdav/draft-reschke-http-status-308-02.html

Test 1325 is added to verify that the method is kept after the redirect
2012-01-14 16:34:59 +01:00
Yang Tse
8e82ef9c32 http_negotiate_sspi.c: fix compiler warning 2012-01-13 13:34:43 +01:00
Yang Tse
d016f5f5f5 ssh.c: fix compiler warning 2012-01-13 12:57:09 +01:00
Yang Tse
d4bf87dc0e sws.c: improve proxy mode torture testing support 2012-01-13 05:13:48 +01:00
Daniel Stenberg
54dede4166 RELEASE-NOTES: synced with 9f20379fe4
5 bug fixes, 3 more contributors
2012-01-12 23:30:19 +01:00
Daniel Stenberg
9f20379fe4 hostip: avoid getaddrinfo when c-ares is used
Some functions using getaddrinfo and gethostbyname were still
mistakingly being used/linked even if c-ares was selected as resolver
backend.

Reported by: Arthur Murray
Bug: http://curl.haxx.se/mail/lib-2012-01/0160.html
2012-01-12 23:13:19 +01:00
Yang Tse
123c92c904 sws.c: replace sleep() usage with wait_ms() 2012-01-09 22:50:47 +01:00
gsengun
d28411c3cc FTP: CURLE_PARTIAL_FILE should not cause control connection to be closed
Test 161 updated accordingly
2012-01-09 22:50:20 +01:00
Yang Tse
2705af6267 sws.c: some compiler warning fixes 2012-01-08 19:28:46 +01:00
Yang Tse
f34ddb90e6 lib/setup.h: portable symbolic names for Winsock shutdown() mode flags 2012-01-08 02:32:51 +01:00
Yang Tse
dd69a3e868 sws.c: 812fa73057 follow-up 2012-01-06 01:52:45 +01:00
Yang Tse
812fa73057 sws.c: some IPv6 proxy mode peparatory adjustments 2012-01-05 20:52:48 +01:00
Daniel Stenberg
52824ed1ab curl.h: provide backwards compatible symbols
In commit c834213ad5 we re-used some obsolete error codes, and here are
two defines that makes sure existing source codes that happen to use any
of these deprecated ones will still compile.

As usual, define CURL_NO_OLDIES to avoid getting these "precaution
defines".
2012-01-05 19:57:39 +01:00
Daniel Stenberg
4897f4e517 win32-threaded-resolver: stop using a dummy socket
Previously the code would create a dummy socket while resolving just to
have curl_multi_fdset() return something but the non-win32 version
doesn't do it this way and the creation and use of a socket that isn't
made with the common create-socket callback can be confusing to apps
using the multi_socket API etc.

This change removes the dummy socket and thus will cause
curl_multi_fdset() to return with maxfd == -1 more often.
2012-01-04 23:16:30 +01:00
Peter Sylvester
81524cbfa0 OpenSSL: remove reference to openssl internal struct
With this change, curl compiles with the new OPENSSL_NO_SSL_INTERN
cflag. This flag might become the default in some distant future.
2012-01-04 23:02:36 +01:00
Yang Tse
8ef7a5706e test1320 test1321: avoid User-Agent comparison 2012-01-04 19:34:52 +01:00
Yang Tse
c358bab809 httpserver.pl: reorder sws command line options
make 'pidfile' and 'logfile' options appear first on command line in order
to ensure that processing of other options which write to logfile do this
to intended file and not the default one.
2012-01-04 19:28:22 +01:00
Yang Tse
4bc6c1a026 sws.c: fix proxy mode segfault 2012-01-04 19:14:19 +01:00
Yang Tse
3a55daee3d tool_formparse.c: fix compiler warning: enumerated type mixed with another type 2012-01-04 19:11:55 +01:00
Yang Tse
7bd2add06f krb5.c: fix compiler warning: variable set but not used 2012-01-04 19:11:54 +01:00
Daniel Stenberg
3b06f1fb36 KNOWN_BUGS: #77 CURLOPT_FORBID_REUSE kills NTLM 2012-01-04 16:33:33 +01:00
Steve Holme
db4f69ef06 Fixed use of CURLUSESSL_TRY for POP3 and IMAP based connections.
Fixed a problem in POP3 and IMAP where a connection would fail when
CURLUSESSL_TRY was specified for a server that didn't support
SSL/TLS connections rather than continuing.
2012-01-04 00:48:20 +01:00
Steve Holme
277022b2e4 Fixed incorrect error code being returned in STARTTLS
The STARTTLS response code in SMTP, POP3 and IMAP would return
CURLE_LOGIN_DENIED rather than CURLE_USE_SSL_FAILED when SSL/TLS
was not available on the server.

Reported by: Gokhan Sengun
Bug: http://curl.haxx.se/mail/lib-2012-01/0018.html
2012-01-04 00:47:58 +01:00
Daniel Stenberg
0f8239d5b4 curl_easy_setopt: refer to the most recent URI RFC 2012-01-03 23:39:22 +01:00
Daniel Stenberg
a4202be655 RELEASE-NOTES: synced with 2f4a487a68
Two bugfixes, two more contributors
2012-01-03 23:33:52 +01:00
Daniel Stenberg
2f4a487a68 tests: test IMAP, POP3 and SMTP over HTTP proxy tunnel 2012-01-03 16:12:58 +01:00
Daniel Stenberg
82180643f4 test proxy supports CONNECT
There's a new 'http-proxy' server for tests that runs on a separate port
and lets clients do HTTP CONNECT to other ports on the same host to
allow us to test HTTP "tunneling" properly.

Test cases now have a <proxy> section in <verify> to check that the
proxy protocol part matches correctly.

Test case 80, 83, 95, 275, 503 and 1078 have been converted. Test 1316
was added.
2012-01-03 15:01:22 +01:00
Daniel Stenberg
585b89a6c3 curl_easy_strerror.3: minor synopsis edit of the look 2012-01-02 16:00:46 +01:00
Yang Tse
cc69e56ce3 hostip.c: fix potential write past the end of string buffer 2012-01-02 13:44:56 +01:00
Yang Tse
8e25d1b93b hostip.c: fix Curl_loadhostpairs() OOM handling 2012-01-02 13:41:09 +01:00
Yang Tse
63e2718f8d runtests.pl: on test failure, don't show trace log files of other tests 2012-01-02 13:40:12 +01:00
Daniel Stenberg
7f472618de Curl_input_negotiate: use the correct buffer for input
Unfortunately we have no test cases for this and I have no SSPI build or
server to verify this with. The change seems simple enough though.

Bug: http://curl.haxx.se/bug/view.cgi?id=3466497
Reported by: Patrice Guerin
2012-01-01 22:36:32 +01:00
Daniel Stenberg
08107111ac runtests: put trace outputs in log/trace[num] for all tests 2012-01-01 19:48:24 +01:00
Daniel Stenberg
a3403db02f just a stupid typo 2011-12-31 23:53:52 +01:00
Daniel Stenberg
c9a3cab6c4 SFTP dir: increase buffer size counter
When the buffer gets realloced to hold the file name in the
SSH_SFTP_READDIR_LINK state, the counter was not bumped accordingly.

Reported by: Armel Asselin
Patch by: Armel Asselin
Bug: http://curl.haxx.se/mail/lib-2011-12/0249.html
2011-12-31 23:52:15 +01:00
Daniel Stenberg
f4949e56eb RELEASE-NOTES: synced with 81ebdd9e28
6 more bugfixes, 3 more contributors
2011-12-31 11:22:26 +01:00
Daniel Stenberg
81ebdd9e28 create_hostcache_id: use the key lower cased
... to make sure the DNS cache is properly case insensitive
2011-12-31 10:58:05 +01:00
Daniel Stenberg
207cf15032 changed case: use new host name for subsequent HTTP requests
When a HTTP connection is re-used for a subsequent request without
proxy, it would always re-use the Host: header of the first request. As
host names are case insensitive it would make curl send another host
name case that what the particular request used.

Now it will instead always use the most recent host name to always use
the desired casing.

Added test case 1318 to verify.

Bug: http://curl.haxx.se/mail/lib-2011-12/0314.html
Reported by: Alex Vinnik
2011-12-31 10:45:28 +01:00