1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-10 19:45:04 -05:00
Commit Graph

6275 Commits

Author SHA1 Message Date
Daniel Stenberg
775cc1be66 parse_proxy: treat "socks://x" as a socks4 proxy
Selected socks proxy in Google's Chrome browser. Resulting in the
following environment variables:

NO_PROXY=localhost,127.0.0.0/8
ALL_PROXY=socks://localhost:1080/
all_proxy=socks://localhost:1080/
no_proxy=localhost,127.0.0.0/8

... and libcurl didn't treat 'socks://' as socks but instead picked HTTP
proxy.

Reported by: Scott Bailey

Bug: http://curl.haxx.se/bug/view.cgi?id=3566860
2012-09-13 22:57:38 +02:00
Kamil Dudka
f05e51362f ssh: do not crash if MD5 fingerprint is not provided by libssh2
The MD5 fingerprint cannot be computed when running in FIPS mode.
2012-09-12 16:49:10 +02:00
Kamil Dudka
ce515e993f ssh: move the fingerprint checking code to a separate fnc 2012-09-12 16:49:09 +02:00
Marc Hoersken
7f7e2ea72f wincrypt: Fixed cross-compilation issues caused by include name
For some reason WinCrypt.h is named wincrypt.h under MinGW.
2012-09-11 14:35:18 +02:00
Marc Hoersken
4d384a8714 md5.c: Added support for Microsoft Windows CryptoAPI 2012-09-11 14:12:41 +02:00
Marc Hoersken
e6ba048701 nss.c: Fixed warning: 'err' may be used uninitialized in this function 2012-09-11 09:49:23 +02:00
Marc Hoersken
160312d945 curl_schannel.c: Reference count the credential/session handle
Reference counting the credential handle should avoid that such a
handle is freed while it is still required for connection shutdown
2012-09-09 12:36:54 +02:00
Nick Zitzmann
badb81769a darwinssl: fixed for older Mac OS X versions
SSL didn't work on older cats if built on a newer cat with weak-linking
turned on to support the older cat
2012-09-08 22:35:14 +02:00
Daniel Stenberg
2e7d2c8f74 SOCKS: truly disable it if CURL_DISABLE_PROXY is defined
Bug: http://curl.haxx.se/bug/view.cgi?id=3561305

Patch by: Marcel Raad
2012-09-06 20:51:30 +02:00
Daniel Stenberg
3a0b64489f mk-ca-bundle: detect start of trust section better
Each certificate section of the input certdata.txt file has a trust
section following it with details.

This script failed to detect the start of the trust for at least one
cert[*], which made the script continue pass that section into the next
one where it found an 'untrusted' marker and as a result that certficate
was not included in the output.

[*] = "Hellenic Academic and Research Institutions RootCA 2011"

Bug: http://curl.haxx.se/mail/lib-2012-09/0019.html
2012-09-04 23:21:15 +02:00
Alessandro Ghedini
ee3551e45e gnutls: do not fail on non-fatal handshake errors
Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685402
2012-09-04 22:11:58 +02:00
František Kučera
0a0f3c63a6 SMTP: only send SIZE if supported
SMTP client will send SIZE parameter in MAIL FROM command only if server
supports it. Without this patch server might say "504 Command parameter
not implemented" and reject the message.

Bug: http://curl.haxx.se/bug/view.cgi?id=3564114
2012-09-04 16:54:41 +02:00
Sara Golemon
de24d7bd4c multi: add curl_multi_wait()
/*
 * Name:     curl_multi_wait()
 *
 * Desc:     Poll on all fds within a CURLM set as well as any
 *           additional fds passed to the function.
 *
 * Returns:  CURLMcode type, general multi error code.
 */
CURL_EXTERN CURLMcode curl_multi_wait(CURLM *multi_handle,
                                      struct curl_waitfd extra_fds[],
                                      unsigned int extra_nfds,
                                      int timeout_ms);
2012-09-01 23:10:53 +02:00
Nick Zitzmann
2f6e1a8cc3 darwinssl: Bugfix for previous commit for older cats
I accidentally broke functionality for versions of OS X prior to Mountain
Lion in the previous commit. This commit fixes the problems.
2012-09-01 20:24:05 +02:00
Joe Mason
5ede86ae51 NTLM: re-use existing connection better
If we need an NTLM connection and one already exists, always choose that
one.
2012-08-31 22:54:23 +02:00
Nick Zitzmann
d792e75f2c darwinssl: add TLS 1.1 and 1.2 support, replace deprecated functions
In Mountain Lion, Apple added TLS 1.1 and 1.2, and deprecated a number
of SecureTransport functions, some of which we were using. We now check
to see if the replacement functions are present, and if so, we use them
instead.  The old functions are still present for users of older
cats. Also fixed a build warning that started to appear under Mountain
Lion
2012-08-18 20:36:45 +02:00
Gokhan Sengun
82b0aebef3 ftp: active conn, place calling sockopt callback at the end of function
Commit b91d29a28e170c16d65d956db79f2cd3a82372d2 introduces a bug and breaks Curl_closesocket function. sock_accepted flag for the second socket should be tagged as TRUE before the sockopt callback is called because in case the callback returns an error, Curl_closesocket function is going to call the - fclosesocket - callback for the accept()ed socket
2012-08-16 23:20:12 +02:00
Gokhan Sengun
23ef5e4ba2 ftp: active conn, allow application to set sockopt after accept() call
For active FTP connections, applications may need setting the sockopt after accept() call returns successful. This fix gives a call to the callback registered with CURL_SOCKOPTFUNCTION option. Also a new sock type - CURLSOCKTYPE_ACCEPT - is added. This type is to be passed to application callbacks with - purpose - parameter. Applications may use this parameter to distinguish between socket types.
2012-08-16 23:20:08 +02:00
Daniel Stenberg
99f0e45b61 ssh: use the libssh2 agent API conditionally
Commit e351972bc8 brought in the ssh agent support but some uses of
the libssh2 agent API was done unconditionally which wasn't good enough
since that API hasn't always been present.
2012-08-10 08:59:36 +02:00
Daniel Stenberg
7520f9f1c3 white space fix: shorten long line
... to please checksrc.pl
2012-08-10 08:59:36 +02:00
Kamil Dudka
f208bf5a2d docs: update the links to cipher-suites supported by NSS
... and make the list of cipher-suites in nss.c readable by humans.

Bug: http://curl.haxx.se/mail/archive-2012-08/0016.html
2012-08-09 16:24:53 +02:00
Kamil Dudka
52b6eda4f2 nss: do not print misleading NSS error codes 2012-08-09 13:33:49 +02:00
Armel Asselin
e351972bc8 SSH: added agent based authentication
CURLSSH_AUTH_AGENT is a new auth type for SSH
2012-08-08 23:03:10 +02:00
Daniel Stenberg
31f39120b7 curl_version: fixed Value stored to 'len' is never read
Fixed this (harmless) clang-analyzer warning. Also fixed the source
indentation level.
2012-08-08 14:58:09 +02:00
Daniel Stenberg
14afbf361a add_next_timeout: minor restructure of code
By reading the ->head pointer and using that instead of the ->size
number to figure out if there's a list remaining we avoid the (false
positive) clang-analyzer warning that we might dereference of a null
pointer.
2012-08-08 14:50:32 +02:00
Daniel Stenberg
bf6dc61967 verbose messages: fixed output of hostnames in re-used connections
I suspect this is a regression introduced in commit 207cf150, included
since 7.24.0.

Avoid showing '(nil)' as hostname in verbose output by making sure the
hostname fixup function is called early enough to set the pointers that
are used for this. The name data is set again for each request even for
re-used connections to handle multiple hostnames over the same
connection (like with proxy) or that the casing etc of the host name is
changed between requests (which has proven to be important at least once
in the past).

Test1011 was modified to use a redirect with a re-used a connection
since it then showed the bug and now lo longer does. There's currently
no easy way to have the test suite detect 'nil' texts in verbose ouputs
so no tests will detect if this problem gets reintroduced.

Bug: http://curl.haxx.se/mail/lib-2012-07/0111.html
Reported by: Gisle Vanem
2012-08-08 13:57:56 +02:00
Mike Crowe
15108d6308 Avoid leak of local device string when reusing connection
Ensure that the copy of the CURLOPT_INTERFACE string is freed if we
decide we can reuse an existing connection.
2012-08-07 23:35:35 +02:00
Daniel Stenberg
c771968ab6 Curl_socket_check: fix timeout return value for select users
This is the same fix applied for the conditional code that uses select()
that was already done for the poll specific code in commit
b61e8b81f5.
2012-08-07 23:30:05 +02:00
Maxime Larocque
b61e8b81f5 Curl_socket_check: fix return code for timeout
We found a problem with ftp transfer using libcurl (7.23 and 7.25)
inside an application which is receiving unix signals (SIGUSR1,
SIGUSR2...) almost continuously. (Linux 2.4, PowerPC, HAVE_POLL_FINE
defined).

Curl_socket_check() uses poll() to wait for the socket, and retries it
when a signal is received (EINTR). However, if a signal is received and
it also happens that the timeout has been reached, Curl_socket_check()
returns -1 instead of 0 (indicating an error instead of a timeout).

In our case, the result is an aborted connection even before the ftp
banner is received from the server, and a return value of
CURLE_OUT_OF_MEMORY from curl_easy_perform() (Curl_pp_multi_statemach(),
in pingpong.c, actually returns OOM if Curl_socket_check() fails :-)
Funny to debug on a system on which OOM is a possible cause).

Bug: http://curl.haxx.se/mail/lib-2012-07/0122.html
2012-08-07 23:24:13 +02:00
Daniel Stenberg
8bad5f2a61 WSAPoll: disabled on all windows builds
Due to WSAPoll bugs, libcurl does not work as intended. When the cURL
library is used to setup a connection to an incorrect port, normally the
result is CURLE_COULDNT_CONNECT, /* 7 */, but due to the bug in WSAPoll,
the result now is CURLE_OPERATION_TIMEDOUT, /* 28 - the timeout time was
reached */.

On August 1, Jan Koen Annot opened a case for this to Microsoft Premier
Online (https://premier.microsoft.com/).  The support engineer handling
the case wrote that the case description is quite clear.  He will try to
reproduce the issue and then proceed with troubleshooting it.

Reported by: Jan Koen Annot
Bug: http://curl.haxx.se/mail/lib-2012-07/0310.html
2012-08-07 20:47:31 +02:00
Daniel Stenberg
f0d611df9e retry request: only access the HTTP data if in fact HTTP
When figuring out if the data stream needs to be rewound when the
request is to be resent, we must not access the HTTP struct unless the
protocol used is indeed HTTP...

Bug: http://curl.haxx.se/bug/view.cgi?id=3544688
2012-08-07 14:55:19 +02:00
Daniel Stenberg
0b08491f83 VC build: add define for openssl
This fixes a build failure of lib/ssluse.c.

Bug: http://curl.haxx.se/bug/view.cgi?id=3552997
2012-08-07 13:57:13 +02:00
Daniel Stenberg
986c7949c0 gtls: fix build failure by including nettle-specific headers
Bug: http://curl.haxx.se/bug/view.cgi?id=3554668
Reported by: Anthony G. Basile
2012-08-06 15:04:25 +02:00
Joe Mason
50b87c4e68 Cleanup handshake after clean NTLM failure 2012-08-03 17:01:54 -04:00
Joe Mason
ce8311c7e4 Zero out auth structs before transfer 2012-08-03 17:01:02 -04:00
Kamil Dudka
1f8518c5d9 file: use fdopen() for uploaded files if available
It eliminates noisy events when using inotify and fixes a TOCTOU issue.

Bug: https://bugzilla.redhat.com/844385
2012-07-30 15:04:38 +02:00
Guenter Knauf
11a7ac0d6a Fixed compiler warning 'unused parameter'. 2012-07-27 03:54:58 +02:00
Guenter Knauf
b13106339e Added prototypes to kill compiler warning. 2012-07-27 03:27:51 +02:00
Guenter Knauf
33b815e894 Changed Windows IDN text to 'WinIDN'.
Synced the output to the same short form as we now use for
Windows SSL (WinSSL).
2012-07-26 02:49:39 +02:00
Nick Zitzmann
f92779198d darwinssl: fixed freeze involving the multi interface
Previously the curl_multi interface would freeze if darwinssl was
enabled and at least one of the handles tried to connect to a Web site
using HTTPS. Removed the "wouldblock" state darwinssl was using because
I figured out a solution for our "would block but in which direction?"
dilemma.
2012-07-25 23:22:11 +02:00
Guenter Knauf
9ac5cdfc2f Added support for tls-srp to MinGW builds. 2012-07-25 13:16:22 +02:00
Daniel Stenberg
c0f8340c7c keepalive: multiply value for OS-specific units
DragonFly uses milliseconds, while our API and Linux use full seconds.

Reported by: John Marino
Bug: http://curl.haxx.se/bug/view.cgi?id=3546257
2012-07-22 22:42:42 +02:00
Kamil Dudka
d317ca50ae http: print reason phrase from HTTP status line on error
Bug: https://bugzilla.redhat.com/676596
2012-07-22 02:12:43 +02:00
Anton Yabchinskiy
2c7cfd2926 Client's "qop" value should not be quoted (RFC2617, section 3.2.2). 2012-07-21 22:21:17 +02:00
Daniel Stenberg
9d11716933 multi_runsingle: added precaution against easy_conn NULL pointer
In many states the easy_conn pointer is referenced and just assumed to
be working. This is an added extra check since analyzing indicates
there's a risk we can end up in these states with a NULL pointer there.
2012-07-15 20:33:11 +02:00
Daniel Stenberg
9ca3137987 parse_proxy: remove dead assignment
Spotted by clang-analyzer
2012-07-13 14:28:12 +02:00
Daniel Stenberg
20ff8a0988 ftp_do_more: add missing check of return code
Spotted by clang-analyzer. The return code was never checked, just
stored.
2012-07-13 14:12:39 +02:00
Daniel Stenberg
771e91374b getinfo: use va_end and cut off Curl_ from static funcs
va_end() needs to be used after va_start() and we don't normally use
Curl_ prefixes for purely static functions.
2012-07-13 13:47:34 +02:00
Philip Craig
1a74e54e8b Split up Curl_getinfo
This avoids false positives from clang's scan-build.
2012-07-13 13:20:32 +02:00
Guenter Knauf
a39789c85c Minor fixes to MinGW makefiles. 2012-07-12 14:15:58 +02:00