moparisthebest
/
curl
mirror of https://github.com/moparisthebest/curl
1
0
Fork 0
Code Issues Releases Wiki Activity
17,781 Commits 10 Branches 144 Tags 113 MiB
Commit Graph

7371 Commits

Author SHA1 Message Date
Daniel Stenberg 710f14edba handler: make 'protocol' always specified as a single bit 
This makes the findprotocol() function work as intended so that libcurl
can properly be restricted to not support HTTP while still supporting
HTTPS - since the HTTPS handler previously set both the HTTP and HTTPS
bits in the protocol field.

This fixes --proto and --proto-redir for most SSL protocols.

This is done by adding a few new convenience defines that groups HTTP
and HTTPS, FTP and FTPS etc that should then be used when the code wants
to check for both protocols at once. PROTO_FAMILY_[protocol] style.

Bug: https://github.com/bagder/curl/pull/97
Reported-by: drizzt
 2014-04-23 22:36:01 +02:00
Dan Fandrich 0204e17bc6 cyassl: Use error-ssl.h when available 
Versions since at least 2.9.4 renamed error.h to error-ssl.h, so use
whichever one is available.
 2014-04-23 11:01:30 +02:00
Daniel Stenberg 386ed2d590 gtls: fix NULL pointer dereference 
gnutls_x509_crt_import() must not be called with a NULL certificate

Bug: http://curl.haxx.se/mail/lib-2014-04/0145.html
Reported-by: Damian Dixon
 2014-04-22 23:24:31 +02:00
Daniel Stenberg 5b463e97fa curl_global_init_mem: bump initialized even if already initialized 
As this makes curl_global_init_mem() behave the same way as
curl_global_init() already does in that aspect - the same number of
curl_global_cleanup() calls is then required to again decrease the
counter and then eventually do the cleanup.

Bug: http://curl.haxx.se/bug/view.cgi?id=1362
Reported-by: Tristan
 2014-04-22 23:08:14 +02:00
Kamil Dudka 8868a226cd nss: implement non-blocking SSL handshake 2014-04-22 22:56:14 +02:00
Kamil Dudka a43bba3a34 nss: split Curl_nss_connect() into 4 functions 2014-04-22 22:56:14 +02:00
Marc Hoersken ee6791128f multi.c: fix possible invalid memory access in case nfds overflows 
ufds might not be allocated in case nfds overflows to zero while
extra_nfds is still non-zero. udfs is then accessed within the
extra_nfds-based for loop.
 2014-04-19 16:02:14 +02:00
Marc Hoersken 549b4a659a netrc.c: fix multiple possible dereferences of null pointers 2014-04-19 16:00:43 +02:00
Marc Hoersken 9146f37973 parsedate.c: check sscanf result before passing it to strlen 2014-04-19 15:47:07 +02:00
Marc Hoersken 662fc62517 telnet.c: check sscanf results before passing them to snprintf 2014-04-19 15:23:04 +02:00
Marc Hoersken f9ffbfce90 telnet.c: fix possible use of uninitialized variable 2014-04-19 15:18:19 +02:00
Marc Hoersken aa0fbe3537 telnet.c: fix possible use of non-null-terminated strings 2014-04-19 14:26:02 +02:00
Marc Hoersken c48b996cf2 url.c: fix possible use of non-null-terminated string with strlen 
Follow up on b0e742544b
 2014-04-19 14:25:32 +02:00
Marc Hoersken b0e742544b url.c: fix possible use of non-null-terminated string with strlen 2014-04-19 00:17:21 +02:00
Marc Hoersken 7296fc9e7e connect.c: fix multiple possible dereferences of null pointers 
In case the first address in the tempaddr array is NULL,
the code would previously dereference an unchecked null pointer.
 2014-04-18 23:56:54 +02:00
Marc Hoersken 3f74e149f8 tftp.c: fix possible dereference of null pointer 2014-04-18 23:53:48 +02:00
Marc Hoersken e81bdab13e socks_sspi.c: added pointer guards to FreeContextBuffer calls 
The FreeContextBuffer SAL declaration does not declare the pointer
as optional, therefore it must not be NULL.
 2014-04-18 23:24:41 +02:00
Marc Hoersken 54df616729 md5.c: fix use of uninitialized variable 2014-04-18 22:59:25 +02:00
Marc Hoersken 6f72c2fe31 curl_schannel.c: added explicit cast of structure pointers 2014-04-18 22:38:42 +02:00
Marc Hoersken a703914e60 curl_schannel.c: fix possible dereference of null pointer 2014-04-18 22:36:12 +02:00
Steve Holme d7ed8da43e imap: Extended FETCH support to include PARTIAL URL specifier 2014-04-18 20:14:09 +01:00
Steve Holme e2c14bde22 url.c: Fixed typo in comment 2014-04-18 17:51:26 +01:00
Steve Holme 84c0aabe65 imap: Expanded mailbox SEARCH support to use URL query strings 2014-04-18 16:51:48 +01:00
Steve Holme ca63d4feba imap: Added support for parsing URL query strings 
Added support for parsing query strings from the URL as defined by
RFC-5092.
 2014-04-18 16:43:57 +01:00
Steve Holme f804378d16 imap: Introduced the SEARCH state 2014-04-18 15:32:13 +01:00
Steve Holme 2c6b41e98a imap: Fixed untagged response detection when no data after command 
Should a command return untagged responses that contained no data then
the imap_matchresp() function would not detect them as valid responses,
as it wasn't taking the CRLF characters into account at the end of each
line.
 2014-04-18 15:01:57 +01:00
Daniel Stenberg b166117c60 README.http2: mention some alt-svc thoughts 2014-04-17 19:23:39 +02:00
Dan Fandrich 263ed02da6 url: only use if_nametoindex() if IFNAMSIZ is available 2014-04-14 08:02:06 +02:00
Steve Holme b574e83079 sas: Added DIGEST-MD5 qop-option validation in native challange handling 
Given that we presently support "auth" and not "auth-int" or "auth-conf"
for native challenge-response messages, added client side validation of
the quality-of-protection options from the server's challenge message.
 2014-04-08 21:24:34 +01:00
Daniel Stenberg 73b7a03c3f strerror: fix comment about vxworks' strerror_r buffer size 
Bug: http://curl.haxx.se/mail/lib-2014-04/0063.html
Reported-by: Jeroen Koekkoek
 2014-04-06 23:13:08 +02:00
Steve Holme 64381f5091 sasl: Added forward declaration of structures following recent changes 
To avoid urldata.h being included from the header file or that the
source file has the correct include order as highlighted by one of
the auto builds recently.
 2014-04-06 17:20:08 +01:00
Steve Holme 537b571c90 sasl: Fixed compilation warning 
warning: no previous prototype for 'Curl_sasl_create_digest_md5_message'
 2014-04-06 16:32:28 +01:00
Steve Holme fe15ea67cc sasl: Added curl_memory.h include as per test 1132 2014-04-06 16:09:19 +01:00
Steve Holme 2af28a147b sasl: Fixed compilation warning in SSPI builds 
warning: 'sasl_digest_get_key_value' defined but not used
 2014-04-06 16:01:55 +01:00
Steve Holme f700eb7d9a sasl: Corrected missing free of decoded challenge message from 607883f13c 2014-04-06 14:18:31 +01:00
Steve Holme 175b605331 sasl: Corrected add of Curl_sasl_decode_digest_md5_message() from 2c49e96092 2014-04-06 14:02:10 +01:00
Steve Holme ee40136f6c sasl: Post DIGEST-MD5 SSPI code tidy up 
* Added comments to SSPI NTLM message generation
* Added comments to native DIGEST-MD5 code
* Removed redundant identity pointer
 2014-04-06 13:30:52 +01:00
Steve Holme 19a514237d sasl: Corrected pre-processor inclusion of SSPI based DIGEST-MD5 code 
When CURL_DISABLE_CRYPTO_AUTH is defined the DIGEST-MD5 code should not
be included, regardless of whether USE__WINDOWS_SSPI is defined or not.
This is indicated by the definition of USE_HTTP_NEGOTIATE and USE_NTLM
in curl_setup.h.
 2014-04-06 13:01:14 +01:00
Steve Holme 607883f13c sasl: Added support for DIGEST-MD5 via Windows SSPI 2014-04-06 12:49:32 +01:00
Steve Holme d4150c317c http_negotiate_sspi: Fixed compilation when USE_HTTP_NEGOTIATE not defined 2014-04-06 01:46:53 +01:00
Steve Holme 0bc14c9faf Makefile.vc6: Added curl_sasl_sspi.c 2014-04-06 00:57:23 +01:00
Steve Holme c469941293 ntlm: Moved the identity generation into shared SSPI code 2014-04-06 00:35:22 +01:00
Steve Holme ff853960bd sasl: Renamed SSPI module following short name clash 2014-04-06 00:35:01 +01:00
Steve Holme 2c49e96092 sasl: Added initial stub functions for SSPI DIGEST-MD support 2014-04-05 23:16:51 +01:00
Steve Holme 3a92de5636 sasl: Combined DIGEST-MD5 message decoding and generation 2014-04-05 23:09:04 +01:00
Tatsuhiro Tsujikawa 9e86209d04 http2: Compile with current nghttp2, which supports h2-11 2014-04-05 19:30:12 +02:00
Daniel Stenberg 74851340bd PROXYHEADER: send these headers in "normal" proxy requests too 
Updated the docs to clarify and the code accordingly, with test 1528 to
verify:

When CURLHEADER_SEPARATE is set and libcurl is asked to send a request
to a proxy but it isn't CONNECT, then _both_ header lists
(CURLOPT_HTTPHEADER and CURLOPT_PROXYHEADER) will be used since the
single request is then made for both the proxy and the server.
 2014-04-04 17:03:43 +02:00
Daniel Stenberg ef6be35bae CURLOPT_HEADEROPT: added 
Modified the logic so that CURLOPT_HEADEROPT now controls if PROXYHEADER
is actually used or not.
 2014-04-04 17:03:43 +02:00
Daniel Stenberg ac887eedbc CURLOPT_PROXYHEADER: set headers for proxy-only 
Includes docs and new test cases: 1525, 1526 and 1527

Co-written-by: Vijay Panghal
 2014-04-04 17:03:43 +02:00
Daniel Stenberg 42937f87e6 HTTP: don't send Content-Length: 0 _and_ Expect: 100-continue 
Without request body there's no point in asking for 100-continue.

Bug: http://curl.haxx.se/bug/view.cgi?id=1349
Reported-by: JimS
 2014-04-04 15:46:35 +02:00