1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-17 23:15:08 -05:00
Commit Graph

8135 Commits

Author SHA1 Message Date
Steve Holme
325a64d8a2 openldap: Prefer use of 'CURLcode result' 2014-12-27 22:50:50 +00:00
Steve Holme
e9e48a6ff2 openldap: Use 'LDAPMessage *msg' for messages
This frees up the 'result' variable for CURLcode based result codes.
2014-12-27 22:50:47 +00:00
Steve Holme
2728caa613 nss: Don't ignore Curl_extract_certinfo() OOM failure 2014-12-27 22:18:08 +00:00
Steve Holme
0943045108 nss: Don't ignore Curl_ssl_init_certinfo() OOM failure 2014-12-27 21:25:41 +00:00
Steve Holme
b235c29366 nss: Use 'CURLcode result' for curl result codes
...and don't use CURLE_OK in failure/success comparisons.
2014-12-27 21:13:44 +00:00
Steve Holme
f0a9221897 getinfo: Code style policing 2014-12-27 17:49:33 +00:00
Steve Holme
fd281e9c4b getinfo: Use 'CURLcode result' for curl result codes 2014-12-27 17:46:25 +00:00
Steve Holme
e0d265d3eb darwinssl: Use 'CURLcode result' for curl result codes 2014-12-27 17:36:35 +00:00
Steve Holme
98d37c5a0c polarssl: Use 'CURLcode result' for curl result codes 2014-12-27 17:30:51 +00:00
Steve Holme
151ae59436 code/docs: Use correct case for IPv4 and IPv6
For consistency, as we seem to have a bit of a mixed bag, changed all
instances of ipv4 and ipv6 in comments and documentations to use the
correct case.
2014-12-27 11:31:55 +00:00
Steve Holme
1abe65d928 code/docs: Use Unix rather than UNIX to avoid use of the trademark
Use Unix when generically writing about Unix based systems as UNIX is
the trademark and should only be used in a particular product's name.
2014-12-26 21:42:44 +00:00
Steve Holme
b7f740f2fc ip2ip.c: Fixed compilation warning when IPv6 Scope ID not supported
if2ip.c:119: warning: unused parameter 'remote_scope_id'

...and some minor code style policing in the same function.
2014-12-26 13:28:29 +00:00
Steve Holme
cdc1cc22e7 vtls: Don't set cert info count until memory allocation is successful
Otherwise Curl_ssl_init_certinfo() can fail and set the num_of_certs
member variable to the requested count, which could then be used
incorrectly as libcurl closes down.
2014-12-26 13:11:43 +00:00
Steve Holme
fe43a662a2 vtls: Use CURLcode for Curl_ssl_init_certinfo() return type
The return type for this function was 0 on success and 1 on error. This
was then examined by the calling functions and, in most cases, used to
return CURLE_OUT_OF_MEMORY.

Instead use CURLcode for the return type and return the out of memory
error directly, propagating it up the call stack.
2014-12-26 13:11:40 +00:00
Steve Holme
6cb7b0c0ac vtls: Use bool for Curl_ssl_getsessionid() return type
The return type of this function is a boolean value, and even uses a
bool internally, so use bool in the function declaration as well as
the variables that store the return value, to avoid any confusion.
2014-12-25 17:15:15 +00:00
Steve Holme
38aaf6c380 schannel: Minor code style policing for casts 2014-12-25 13:48:44 +00:00
Steve Holme
ed4c0b53cc schannel: Prefer 'CURLcode result' for curl result codes 2014-12-25 13:45:29 +00:00
Steve Holme
95f78b2b56 cyassl: Prefer 'CURLcode result' for curl result codes 2014-12-25 13:45:27 +00:00
Steve Holme
ed16a1695f curl_ntlm_core.c: Fixed compilation warnings
curl_ntlm_core.c:301: warning: pointer targets in passing argument 2 of
                      'CryptImportKey' differ in signedness
curl_ntlm_core.c:310: warning: passing argument 6 of 'CryptEncrypt' from
                      incompatible pointer type
curl_ntlm_core.c:540: warning: passing argument 4 of 'CryptGetHashParam'
                      from incompatible pointer type
2014-12-24 22:22:07 +00:00
Steve Holme
8830df8b66 gtls: Use preferred 'CURLcode result' 2014-12-24 17:25:35 +00:00
Steve Holme
a89ec793d0 openldap: Use standard naming for setup connection function
Renamed ldap_setup() to ldap_setup_connection() to follow more widely
used function naming.
2014-12-24 17:13:37 +00:00
Steve Holme
ce2a80b482 rtmp: Use standard naming for setup connection function
Renamed rtmp_setup() to rtmp_setup_connection() to follow more widely
used function naming.
2014-12-24 17:12:12 +00:00
Steve Holme
93e6273b68 smb: Use standard naming for setup connection function
Renamed smb_setup() to smb_setup_connection() to follow more widely
used function naming.
2014-12-24 17:10:28 +00:00
Steve Holme
68cc1e0c77 config-win32.h: Fixed line length > 79 columns 2014-12-24 16:33:28 +00:00
Steve Holme
2568928070 openssl: Prefer we don't use NULL in comparisons 2014-12-24 16:14:33 +00:00
Steve Holme
a4d9158509 openssl.c Fix for compilation errors with older versions of OpenSSL
openssl.c:1408: error: 'TLS1_1_VERSION' undeclared
openssl.c:1411: error: 'TLS1_2_VERSION' undeclared
2014-12-23 00:16:07 +00:00
Daniel Stenberg
6dae798824 openssl: fix SSL/TLS versions in verbose output 2014-12-22 14:21:17 +01:00
Daniel Stenberg
577286e0e2 openssl: make it compile against openssl 1.1.0-DEV master branch 2014-12-22 14:21:17 +01:00
Daniel Stenberg
03e206d18a openssl: warn for SRP set if SSLv3 is used, not for TLS version
... as it requires TLS and it was was left to warn on the default from
when default was SSL...
2014-12-21 23:25:49 +01:00
Daniel Stenberg
2c5f346d3a smb: use memcpy() instead of strncpy()
... as it never copies the trailing zero anyway and always just the four
bytes so let's not mislead anyone into thinking it is actually treated
as a string.

Coverity CID: 1260214
2014-12-21 23:21:16 +01:00
John E. Malmberg
f9cf3de70b VMS: Updates for 0740-0D1220
lib/setup-vms.h : VAX HP OpenSSL port is ancient, needs help.
                  More defines to set symbols to uppercase.

src/tool_main.c : Fix parameter to vms_special_exit() call.

packages/vms/ :
  backup_gnv_curl_src.com : Fix the error message to have the correct package.

  build_curl-config_script.com : Rewrite to be more accurate.

  build_libcurl_pc.com : Use tool_version.h now.

  build_vms.com : Fix to handle lib/vtls directory.

  curl_gnv_build_steps.txt : Updated build procedure documentation.

  generate_config_vms_h_curl.com :
       * VAX does not support 64 bit ints, so no NTLM support for now.
       * VAX HP SSL port is ancient, needs some help.
       * Disable NGHTTP2 for now, not ported to VMS.
       * Disable UNIX_SOCKETS, not available on VMS yet.
       * HP GSSAPI port does not have gss_nt_service_name.

  gnv_link_curl.com : Update for new curl structure.

  pcsi_product_gnv_curl.com : Set up to optionally do a complete build.
2014-12-21 16:55:28 +01:00
Steve Holme
2c7f099253 non-ascii: Reduce variable usage
Removed 'next' variable in Curl_convert_form(). Rather than setting it
from 'form->next' and using that to set 'form' after the conversion
just use 'form = form->next' instead.
2014-12-20 14:43:02 +00:00
Steve Holme
ee9de01665 non-ascii: Prefer while loop rather than a do loop
This also removes the need to check that the 'form' argument is valid.
2014-12-20 12:47:09 +00:00
Steve Holme
f2a5283cbc non-ascii: Reduce variable scope
As 'result' isn't used out side the conversion callback code and
previously caused variable shadowing in the libiconv based code.
2014-12-20 12:38:31 +00:00
Steve Holme
3e1625c787 non-ascii: We prefer 'CURLcode result'
This also fixes a variable shadowing issue when HAVE_ICONV is defined
as rc was declared for the result code of libiconv based functions.
2014-12-19 20:20:30 +00:00
Patrick Monnerat
a390329f60 if2ip: dummy scope parameter for Curl_if2ip() call in SIOCGIFADDR-enabled code. 2014-12-18 11:05:18 +01:00
Kyle J. McKay
14c3601583 parseurlandfillconn(): fix improper non-numeric scope_id stripping.
Fixes SF bug 1149: http://sourceforge.net/p/curl/bugs/1449/
2014-12-17 15:52:07 +01:00
Patrick Monnerat
9081014c2c IPV6: address scope != scope id
There was a confusion between these: this commit tries to disambiguate them.
- Scope can be computed from the address itself.
- Scope id is scope dependent: it is currently defined as 1-based local
  interface index for link-local scoped addresses, and as a site index(?) for
  (obsolete) site-local addresses. Linux only supports it for link-local
  addresses.
The URL parser properly parses a scope id as an interface index, but stores it
in a field named "scope": confusion. The field has been renamed into "scope_id".
Curl_if2ip() used the scope id as it was a scope. This caused failures
to bind to an interface.
Scope is now computed from the addresses and Curl_if2ip() matches them.
If redundantly specified in the URL, scope id is check for mismatch with
the interface index.

This commit should fix SF bug #1451.
2014-12-16 13:52:06 +01:00
Patrick Monnerat
759d049ae8 connect: singleipconnect(): properly try other address families after failure 2014-12-16 13:52:06 +01:00
Daniel Stenberg
1befebc950 SFTP: work-around servers that return zero size on STAT
Bug: http://curl.haxx.se/mail/lib-2014-12/0103.html
Pathed-by: Marc Renault
2014-12-16 09:49:17 +01:00
Nick Zitzmann
93227ddca5 darwinssl: fix incorrect usage of aprintf()
Commit b13923f changed an snprintf() to use aprintf(), but the API usage
wasn't correct, and was causing a crash to occur. This fixes it.
2014-12-15 00:56:09 -06:00
Steve Holme
cedf996073 copyright: Updated the copyright year following recent updates 2014-12-14 22:39:27 +00:00
Marc Hoersken
8676ce68e3 lib: Fixed multiple code analysis warnings if SAL are available
warning C28252: Inconsistent annotation for function:
parameter has another annotation on this instance
2014-12-14 22:16:23 +01:00
Steve Holme
91669584cf smb.c: Fixed code analysis warning
smb.c:320: warning C6297: Arithmetic overflow: 32-bit value is shifted,
           then cast to 64-bit value. Result may not be an expected
           value
2014-12-14 21:01:09 +00:00
Steve Holme
b9950e3b33 smb: Use HAVE_PROCESS_H for process.h inclusion
Rather than testing against _WIN32 use the preferred HAVE_PROCESS_H
pre-processor define when including process.h.
2014-12-14 16:42:08 +00:00
Daniel Stenberg
b13923f0f7 darwinssl: aprintf() to allocate the session key
... to avoid using a fixed memory size that risks being too large or too
small.
2014-12-14 17:34:02 +01:00
Marc Hoersken
212e3e26bc curl_schannel: Improvements to memory re-allocation strategy
- do not grow memory by doubling its size
- do not leak previously allocated memory if reallocation fails
- replace while-loop with a single check to make sure
  that the requested amount of data fits into the buffer

Bug: http://curl.haxx.se/bug/view.cgi?id=1450
Reported-by: Warren Menzer
2014-12-14 17:27:31 +01:00
Steve Holme
125f655131 asyn-ares: We prefer use of 'CURLcode result' 2014-12-14 16:21:01 +00:00
Marc Hoersken
c98b50753f curl_schannel.c: Data may be available before connection shutdown 2014-12-14 16:40:49 +01:00
Steve Holme
96d3c9363f http2: Use 'CURLcode result' for curl result codes 2014-12-14 13:11:35 +00:00
Steve Holme
4d2c539b6c asyn-thread: We prefer 'CURLcode result' 2014-12-14 12:55:22 +00:00
Steve Holme
35fae251dd smb: Fixed unnecessary initialisation of struct member variables
There is no need to set the 'state' and 'result' member variables to
SMB_REQUESTING (0) and CURLE_OK (0) after the allocation via calloc()
as calloc() initialises the contents to zero.
2014-12-14 12:27:57 +00:00
Steve Holme
52a4d6b8ae ntlm: Fixed return code for bad type-2 Target Info
Use CURLE_BAD_CONTENT_ENCODING for bad type-2 Target Info security
buffers just like we do for bad decodes.
2014-12-14 12:11:04 +00:00
Steve Holme
18f58c437f ntlm: Remove unnecessary casts in readshort_le()
I don't think both of my fix ups from yesterday were needed to fix the
compilation warning, so remove the one that I think is unnecessary and
let the next Android autobuild prove/disprove it.
2014-12-14 11:45:14 +00:00
Steve Holme
2924dd6703 curl_ntlm_msgs.c: Another attempt to fix compilation warning
curl_ntlm_msgs.c:170: warning: conversion to 'short unsigned int' from
                      'int' may alter its value
2014-12-13 14:55:26 +00:00
Steve Holme
bd7d7f4523 smb.c: Fixed line longer than 79 columns 2014-12-13 13:10:05 +00:00
Steve Holme
172963005a curl_ntlm_msgs.c: Fixed compilation warning from commit 783b5c3b11
curl_ntlm_msgs.c:169: warning: conversion to 'short unsigned int' from
                      'int' may alter its value
2014-12-13 12:51:11 +00:00
Guenter Knauf
834608c39d mk-ca-bundle.pl: restored forced run again. 2014-12-13 13:46:45 +01:00
Steve Holme
5f5814ca5e ftp.c: Fixed compilation warning when no verbose string support
ftp.c:819: warning: unused parameter 'lineno'
2014-12-13 12:32:32 +00:00
Steve Holme
2ecce667a6 smb: Added state change functions to assist with debugging
For debugging purposes, and as per other protocols within curl, added
state change functions rather than changing the states directly.
2014-12-13 12:16:36 +00:00
Steve Holme
783b5c3b11 ntlm: Use short integer when decoding 16-bit values 2014-12-13 11:18:00 +00:00
Steve Holme
6291a16b20 smtp.c: Fixed compilation warnings
smtp.c:2357 warning: adding 'size_t' (aka 'unsigned long') to a string
            does not append to the string
smtp.c:2375 warning: adding 'size_t' (aka 'unsigned long') to a string
            does not append to the string
smtp.c:2386 warning: adding 'size_t' (aka 'unsigned long') to a string
            does not append to the string

Used array index notation instead.
2014-12-12 23:03:46 +00:00
Steve Holme
24b30d259c smb: Disable SMB when 64-bit integers are not supported
This fixes compilation issues with compilers that don't support 64-bit
integers through long long or __int64.
2014-12-12 22:34:18 +00:00
Steve Holme
82fdb87b27 ntlm: Disable NTLM v2 when 64-bit integers are not supported
This fixes compilation issues with compilers that don't support 64-bit
integers through long long or __int64 which was introduced in commit
07b66cbfa4.
2014-12-12 22:34:16 +00:00
Steve Holme
97e90d7b89 ntlm: Allow NTLM2Session messages when USE_NTRESPONSES manually defined
Previously USE_NTLM2SESSION would only be defined automatically when
USE_NTRESPONSES wasn't already defined. Separated the two definitions
so that the user can manually set USE_NTRESPONSES themselves but
USE_NTLM2SESSION is defined automatically if they don't define it.
2014-12-12 22:33:57 +00:00
Steve Holme
10be4ec2c3 smtp.c: Fixed line longer than 79 columns 2014-12-12 21:23:11 +00:00
Steve Holme
bd2231104b config-win32.h: Don't enable Windows Crypt API if using OpenSSL
As the OpenSSL and NSS Crypto engines are prefered by the core NTLM
routines, to the Windows Crypt API, don't define USE_WIN32_CRYPT
automatically when either OpenSSL or NSS are in use - doing so would
disable NTLM2Session responses in NTLM type-3 messages.
2014-12-12 19:57:00 +00:00
Steve Holme
8a4ce7d0f5 smtp: Fixed inappropriate free of the scratch buffer
If the scratch buffer was allocated in a previous call to
Curl_smtp_escape_eob(), a new buffer not allocated in the subsequent
call and no action taken by that call, then an attempt would be made to
try and free the buffer which, by now, would be part of the data->state
structure.

This bug was introduced in commit 4bd860a001.
2014-12-12 19:15:10 +00:00
Steve Holme
f0ecdd04d3 smtp: Fixed dot stuffing when EOL characters were at end of input buffers
Fixed a problem with the CRLF. detection when multiple buffers were
used to upload an email to libcurl and the line ending character(s)
appeared at the end of each buffer. This meant any lines which started
with . would not be escaped into .. and could be interpreted as the end
of transmission string instead.

This only affected libcurl based applications that used a read function
and wasn't reproducible with the curl command-line tool.

Bug: http://curl.haxx.se/bug/view.cgi?id=1456
Assisted-by: Patrick Monnerat
2014-12-12 19:15:08 +00:00
Daniel Stenberg
2f5c70b2b0 telnet: fix "cast increases required alignment of target type" 2014-12-11 09:15:04 +01:00
Daniel Stenberg
f4b5f8cdf0 ntlm_wb_response: fix "statement not reached"
... and I could use a break instead of a goto to end the loop.

Bug: http://curl.haxx.se/mail/lib-2014-12/0089.html
Reported-by: Tor Arntsen
2014-12-10 22:45:19 +01:00
Daniel Stenberg
1cc5194337 Curl_unix2addr: avoid using the variable name 'sun'
I suspect this causes compile failures on Solaris:

Bug: http://curl.haxx.se/mail/lib-2014-12/0081.html
2014-12-10 13:13:31 +01:00
Steve Holme
0da4524a22 url.c: Fixed compilation warning when USE_NTLM is not defined
url.c:3078: warning: variable 'credentialsMatch' set but not used
2014-12-10 11:57:11 +00:00
Steve Holme
664b9baf67 parsedate.c: Fixed compilation warning
parsedate.c:548: warning: 'parsed' may be used uninitialized in this
                 function

As curl_getdate() returns -1 when parsedate() fails we can initialise
parsed to -1.
2014-12-10 11:38:38 +00:00
Daniel Stenberg
086ad79970 ldap: check Curl_client_write() return codes
There might be one or two memory leaks left in the error paths.
2014-12-10 00:41:32 +01:00
Daniel Stenberg
0e8158eabc ldap: rename variables to comply to curl standards 2014-12-10 00:36:31 +01:00
Dan Fandrich
41f1f6e830 cookies: Improved OOM handling in cookies
This fixes the test 506 torture test. The internal cookie API really
ought to be improved to separate cookie parsing errors (which may be
ignored) with OOM errors (which should be fatal).
2014-12-09 23:58:30 +01:00
Daniel Stenberg
fc32b81382 smb: fix unused return code warning 2014-12-09 15:47:28 +01:00
Patrick Monnerat
6ea4ee94f9 Curl_client_write() & al.: chop long data, convert data only once. 2014-12-09 15:43:51 +01:00
Daniel Stenberg
145c263a4b schannel_recv: return the correct code
Bug: http://curl.haxx.se/bug/view.cgi?id=1462
Reported-by: Tae Hyoung Ahn
2014-12-09 11:46:11 +01:00
Daniel Stenberg
680d5fd041 http2: avoid logging neg "failure" if h2 was not requested 2014-12-09 00:09:24 +01:00
Daniel Stenberg
65d141e6da openldap: do not ignore Curl_client_write() return codes 2014-12-08 15:33:14 +01:00
Daniel Stenberg
0d99cdbeed compile: warn on unused return code from Curl_client_write() 2014-12-08 15:31:53 +01:00
Patrick Monnerat
dca257f27e SMB: Fix a data size mismatch that broke SMB on big-endian platforms 2014-12-08 15:30:11 +01:00
Steve Holme
dcd484a238 smb: Fixed Windows autoconf builds following commit eb88d778e7
As Windows based autoconf builds don't yet define USE_WIN32_CRYPTO
either explicitly through --enable-win32-cypto or automatically on
_WIN32 based platforms, subsequent builds broke with the following
error message:

"Can't compile NTLM support without a crypto library."
2014-12-07 20:47:54 +00:00
Bill Nagel
526603ff05 smb: Build with SSPI enabled
Build SMB/CIFS protocol support when SSPI is enabled.
2014-12-07 18:36:23 +00:00
Bill Nagel
eb88d778e7 ntlm: Use Windows Crypt API
Allow the use of the Windows Crypt API for NTLMv1 functions.
2014-12-07 18:32:59 +00:00
Dan Fandrich
2adf294602 cookie.c: Refactored cleanup code to simplify
Also, fixed the outdated comments on the cookie API.
2014-12-07 12:22:52 +01:00
Steve Holme
ef91f04927 ftp.c: Fixed compilation warnings when proxy support disabled
ftp.c:1827 warning: unused parameter 'newhost'
ftp.c:1827 warning: unused parameter 'newport'
2014-12-06 22:14:50 +00:00
Steve Holme
befe9a10b9 smb: Fixed a problem with large file transfers
Fixed an issue with the message size calculation where the raw bytes
from the buffer were interpreted as signed values rather than unsigned
values.

Reported-by: Gisle Vanem
Assisted-by: Bill Nagel
2014-12-06 21:44:00 +00:00
Steve Holme
36d45eabc0 smb: Moved the URL decoding into a separate function 2014-12-06 21:02:06 +00:00
Steve Holme
864f17d894 smb: Fixed URL encoded URLs not working 2014-12-06 20:56:59 +00:00
Steve Holme
4bdb1ca8d6 Makefile.inc: Updated file formatting
Aligned continuation character and used space as the separator
character as per other makefile files.
2014-12-06 19:50:00 +00:00
Steve Holme
d89285e8d6 curl_md4.h: Updated copyright year following recent edit
...and minor layout adjustment.
2014-12-06 19:36:27 +00:00
Patrick Monnerat
e17220ffcb SMB: Fix big endian problems. Make it OS/400 aware. 2014-12-05 18:42:39 +01:00
Patrick Monnerat
9b0b9f209e OS400: enable NTLM authentication 2014-12-05 18:42:39 +01:00
Steve Holme
adbee7ecf5 multi.c: Fixed compilation warning
multi.c:2695: warning: declaration of `exp' shadows a global declaration
2014-12-05 14:13:09 +00:00
Guenter Knauf
ccfa139c71 build: updated dependencies in makefiles. 2014-12-05 14:54:25 +01:00
Steve Holme
aa0e2ac451 sasl: Corrected formatting of function descriptions 2014-12-05 07:57:29 +00:00
Steve Holme
f4ca16058e sasl_gssapi: Added missing function description 2014-12-05 00:58:58 +00:00
Steve Holme
45229fae8e sasl_sspi: Corrected some typos 2014-12-05 00:23:47 +00:00
Steve Holme
ef5b98742f sasl_sspi: Don't use hard coded sizes in Kerberos V5 security data
Don't use a hard coded size of 4 for the security layer and buffer size
in Curl_sasl_create_gssapi_security_message(), instead, use sizeof() as
we have done in the sasl_gssapi module.
2014-12-05 00:22:34 +00:00
Steve Holme
697592b3dd sasl_sspi: Free the Kerberos V5 challenge as soon as we're done with it
Reduced the amount of free's required for the decoded challenge message
in Curl_sasl_create_gssapi_security_message() as a result of coding it
differently in the sasl_gssapi module.
2014-12-05 00:18:13 +00:00
Steve Holme
ee1d729ce0 gssapi: Corrected typo in comments 2014-12-05 00:10:11 +00:00
Steve Holme
7b29c2803f sasl_gssapi: Added body to Curl_sasl_create_gssapi_security_message() 2014-12-05 00:08:59 +00:00
Stefan Bühler
576ac00eb3 http_perhapsrewind: don't abort CONNECT requests
...they never have a body
2014-12-04 14:46:31 -08:00
Stefan Bühler
87c4abb611 HTTP: Free (proxy)userpwd for NTLM/Negotiate after sending a request
Sending NTLM/Negotiate header again after successful authentication
breaks the connection with certain Proxies and request types (POST to MS
Forefront).
2014-12-04 14:46:13 -08:00
Stefan Bühler
5dc68dd609 HTTP: don't abort connections with pending Negotiate authentication
... similarly to how NTLM works as Negotiate is in fact often NTLM with
another name.
2014-12-04 14:41:48 -08:00
Steve Holme
0b311834eb sasl_gssapi: Fixed missing include from commit d3cca934ee 2014-12-04 22:32:49 +00:00
Steve Holme
d3cca934ee sasl_gssapi: Fixed missing decoding debug failure message 2014-12-04 22:24:24 +00:00
Steve Holme
750203bde4 sasl_gssapi: Fixed honouring of no mutual authentication 2014-12-04 22:05:14 +00:00
Steve Holme
0fcd74b836 sasl_sspi: Added more Kerberos V5 decoding debug failure messages 2014-12-04 21:09:06 +00:00
Anthon Pang
1b3a398ec1 docs: Fix FAILONERROR typos
It returns error for >= 400 HTTP responses.

Bug: https://github.com/bagder/curl/pull/129
2014-12-04 12:14:59 -08:00
Patrick Monnerat
4ce87e33ee OS400: enable Unix sockets. 2014-12-04 15:34:03 +01:00
Daniel Stenberg
9730c9fb70 updateconninfo: clear destination struct before getsockname()
Otherwise we may read uninitialized bytes later in the unix-domain
sockets case.
2014-12-04 02:52:19 +01:00
Peter Wu
970c22f970 libcurl: add UNIX domain sockets support
The ability to do HTTP requests over a UNIX domain socket has been
requested before, in Apr 2008 [0][1] and Sep 2010 [2]. While a
discussion happened, no patch seems to get through. I decided to give it
a go since I need to test a nginx HTTP server which listens on a UNIX
domain socket.

One patch [3] seems to make it possible to use the
CURLOPT_OPENSOCKETFUNCTION function to gain a UNIX domain socket.
Another person wrote a Go program which can do HTTP over a UNIX socket
for Docker[4] which uses a special URL scheme (though the name contains
cURL, it has no relation to the cURL library).

This patch considers support for UNIX domain sockets at the same level
as HTTP proxies / IPv6, it acts as an intermediate socket provider and
not as a separate protocol. Since this feature affects network
operations, a new feature flag was added ("unix-sockets") with a
corresponding CURL_VERSION_UNIX_SOCKETS macro.

A new CURLOPT_UNIX_SOCKET_PATH option is added and documented. This
option enables UNIX domain sockets support for all requests on the
handle (replacing IP sockets and skipping proxies).

A new configure option (--enable-unix-sockets) and CMake option
(ENABLE_UNIX_SOCKETS) can disable this optional feature. Note that I
deliberately did not mark this feature as advanced, this is a
feature/component that should easily be available.

 [0]: http://curl.haxx.se/mail/lib-2008-04/0279.html
 [1]: http://daniel.haxx.se/blog/2008/04/14/http-over-unix-domain-sockets/
 [2]: http://sourceforge.net/p/curl/feature-requests/53/
 [3]: http://curl.haxx.se/mail/lib-2008-04/0361.html
 [4]: https://github.com/Soulou/curl-unix-socket

Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-12-04 02:52:19 +01:00
Steve Holme
fa437e14a4 sasl_gssapi: Added body to Curl_sasl_create_gssapi_user_message() 2014-12-03 19:58:59 +00:00
Steve Holme
61e71a8bc8 sasl_gssapi: Added body to Curl_sasl_gssapi_cleanup() 2014-12-03 18:59:08 +00:00
Steve Holme
71dd581127 sasl_gssapi: Added Curl_sasl_build_gssapi_spn() function
Added helper function for returning a GSS-API compatible SPN.
2014-12-03 18:36:48 +00:00
Daniel Stenberg
26b57832fe NSS: enable the CAPATH option
Bug: http://curl.haxx.se/bug/view.cgi?id=1457
Patch-by: Tomasz Kojm
2014-12-03 06:21:29 -08:00
Steve Holme
884df3a51f sasl_gssapi: Enable USE_KERBEROS5 for GSS-API based builds 2014-12-03 13:16:17 +00:00
Steve Holme
86b889485d sasl_gssapi: Added GSS-API based Kerberos V5 variables 2014-12-03 07:47:05 +00:00
Steve Holme
2b604eada5 sasl_gssapi: Made log_gss_error() a common GSS-API function
Made log_gss_error() a common function so that it can be used in both
the http_negotiate code as well as the curl_sasl_gssapi code.
2014-12-02 22:27:02 +00:00
Steve Holme
018b9d421a sasl_gssapi: Introduced GSS-API based SASL module
Added the initial version of curl_sasl_gssapi.c and updated the project
files in preparation for adding GSS-API based Kerberos V5 support.
2014-12-02 21:57:45 +00:00
Steve Holme
f9b7132175 smb: Don't try to connect with empty credentials
On some platforms curl would crash if no credentials were used. As such
added detection of such a use case to prevent this from happening.

Reported-by: Gisle Vanem
2014-12-02 21:04:23 +00:00
Steve Holme
bbccbfe9d1 smb.c: Coding policing of pointer usage 2014-12-02 20:50:49 +00:00
Guenter Knauf
228f1ee9f2 build: in Makefile.m32 simplified autodetection. 2014-12-01 16:39:56 +01:00
Peter Wu
aba5888f6b lib/connect: restrict IP/TCP options to said sockets
This patch prepares for adding UNIX domain sockets support.

TCP_NODELAY and TCP_KEEPALIVE are specific to TCP/IP sockets, so do not
apply these to other socket types. bindlocal only works for IP sockets
(independent of TCP/UDP), so filter that out too for other types.

Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-11-30 23:21:14 +01:00
Daniel Stenberg
397a634ebd smb.c: use size_t as input argument types for msg sizes
This fixes warnings about conversions to int
2014-11-30 23:12:24 +01:00
Steve Holme
6b8e5c0e8a smb.c: Fixed compilation warnings
smb.c:398: warning: comparison of integers of different signs:
           'ssize_t' (aka 'long') and 'unsigned long'
smb.c:443: warning: comparison of integers of different signs:
           'ssize_t' (aka 'long') and 'unsigned long'
2014-11-30 21:20:19 +00:00
Steve Holme
ce2d84b3bb libcurl: Exclude SMB from the protocol redirect
As local files could be accessed through \\localhost\c$.
2014-11-30 20:42:05 +00:00
Bill Nagel
6f2419342f libcurl: Enable support for the SMB protocol
This patch enables SMB/CIFS support in libcurl.
2014-11-30 20:25:28 +00:00
Steve Holme
d95cb3edc8 smb.c: Fixed compilation warnings
smb.c:322: warning: conversion to 'short unsigned int' from 'unsigned
           int' may alter its value
smb.c:323: warning: conversion to 'short unsigned int' from 'unsigned
           int' may alter its value
smb.c:482: warning: conversion to 'short unsigned int' from 'int' may
           alter its value
smb.c:521: warning: conversion to 'unsigned int' from 'curl_off_t' may
           alter its value
smb.c:549: warning: conversion to 'unsigned int' from 'curl_off_t' may
           alter its value
smb.c:550: warning: conversion to 'short unsigned int' from 'int' may
           alter its value
2014-11-30 20:17:53 +00:00
Steve Holme
99c2bad222 smb.c: Renamed SMB command message variables to avoid compiler warnings
smb.c:489: warning: declaration of 'close' shadows a global declaration
smb.c:511: warning: declaration of 'read' shadows a global declaration
smb.c:528: warning: declaration of 'write' shadows a global declaration
2014-11-30 18:59:41 +00:00
Steve Holme
069f63c893 smb.c: Fixed compilation warnings
smb.c:212: warning: unused parameter 'done'
smb.c:380: warning: ISO C does not allow extra ';' outside of a function
smb.c:812: warning: unused parameter 'premature'
smb.c:822: warning: unused parameter 'dead'
2014-11-30 18:33:37 +00:00
Steve Holme
676f79f8d2 smb.c: Fixed compilation warnings
smb.c:311: warning: conversion from 'unsigned __int64' to 'u_short',
           possible loss of data
smb.c:425: warning: conversion from '__int64' to 'unsigned short',
           possible loss of data
smb.c:452: warning: conversion from '__int64' to 'unsigned short',
           possible loss of data
2014-11-30 18:11:12 +00:00
Steve Holme
cef28131f7 smb.c: Fixed compilation warnings
smb.c:162: error: comma at end of enumerator list
smb.c:469: warning: conversion from 'size_t' to 'unsigned short',
           possible loss of data
smb.c:517: warning: conversion from 'curl_off_t' to 'unsigned int',
           possible loss of data
smb.c:545: warning: conversion from 'curl_off_t' to 'unsigned int',
           possible loss of data
2014-11-30 18:08:01 +00:00
Bill Nagel
02d2c0a08d smb: Added initial SMB functionality
Initial implementation of the SMB/CIFS protocol.
2014-11-30 18:01:15 +00:00
Bill Nagel
aec2e865f0 smb: Added SMB handler interfaces
Added the SMB and SMBS handler interface structures and associated
functions required for SMB/CIFS operation.
2014-11-30 15:56:30 +00:00
Steve Holme
56120ca04b transfer: Code style policing
Prefer ! rather than NULL in if statements, added comments and updated
function spacing, argument spacing and line spacing to be more readble.
2014-11-30 15:06:16 +00:00
Steve Holme
785d76d681 transfer: Fixed existing scratch buffer being checked for NULL twice
If the scratch buffer already existed when the CRLF conversion was
performed then the buffer pointer would be checked twice for NULL. This
second check is only necessary if the call to malloc() was performed by
the first check.
2014-11-30 15:06:13 +00:00
Steve Holme
9afd97022e smtp: Fixed dot stuffing being performed when no new data read
Whilst I had moved the dot stuffing code from being performed before
CRLF conversion takes place to after it, in commit 4bd860a001, I had
moved it outside the 'when something read' block of code when meant
it could perform the dot stuffing twice on partial send if nread
happened to contain the right values. It also meant the function could
potentially read past the end of buffer. This was highlighted by the
following warning:

warning: `nread' might be used uninitialized in this function
2014-11-30 14:24:35 +00:00
Daniel Stenberg
5409f32984 smb.h: fixed picky compiler warning
smb.h:30:16: error: comma at end of enumerator list [-Werror=pedantic]
2014-11-29 23:06:04 +01:00
Bill Nagel
557658776f smb: Added SMB protocol and port definitions
Added the necessary protocol and port definitions in order to support
SMB/CIFS.
2014-11-29 21:26:40 +00:00
Bill Nagel
0627c48dde smb: Added internal SMB definitions and structures
Added the internal definitions and structures necessary for SMB/CIFS
support.
2014-11-29 20:32:34 +00:00
Bill Nagel
7c00ba10da smb: Added SMB connection structure
Added the connection structure that will be required in urldata.h for
SMB/CIFS based connections.
2014-11-29 20:16:51 +00:00
Bill Nagel
e80d9d5902 smb: Added initial source files for SMB
Added the initial source files and updated the relevant project files in
order to support SMB/CIFS.
2014-11-29 18:10:41 +00:00
Steve Holme
93e080cbaa http.c: Fixed compilation warnings from features being disabled
warning: unused variable 'data'
warning: variable 'addcookies' set but not used

...and some very minor coding style policing.
2014-11-27 22:29:31 +00:00
Steve Holme
854049f962 smtp: Fixed const'ness of nread parameter in Curl_smtp_escape_eob()
...and some comment typos!
2014-11-26 23:31:57 +00:00
Steve Holme
4bd860a001 smtp: Added support for the conversion of Unix newlines during mail send
Added support for the automatic conversion of Unix newlines to CRLF
during mail uploads.

Feature: http://curl.haxx.se/bug/view.cgi?id=1456
2014-11-26 23:31:54 +00:00
Daniel Stenberg
700843d69f select.c: fix compilation for VxWorks
Reported-by: Brian
Bug: http://curl.haxx.se/bug/view.cgi?id=1455
2014-11-25 08:55:17 +01:00
be1a505189 SSL: Add PEM format support for public key pinning 2014-11-24 19:30:09 +01:00
Steve Holme
53e2e4c721 multi.c: Fixed compilation warnings when no verbose string support
warning: variable 'connection_id' set but not used
warning: unused parameter 'lineno'
2014-11-23 19:51:24 +00:00
Steve Holme
1450712e76 sasl: Tidied up some parameter comments 2014-11-23 16:50:15 +00:00
Steve Holme
bfdef6301c sasl: Reduced the need for two sets of NTLM functions 2014-11-23 16:45:30 +00:00
Steve Holme
33be9e29be ntlm: Moved NSS initialisation to base decode function 2014-11-23 16:07:59 +00:00
Steve Holme
8ed2420dbb http_ntlm: Fixed additional NSS initialisation call when decoding type-2
After commit 48d19acb7c the HTTP code would call Curl_nss_force_init()
twice when decoding a NTLM type-2 message, once directly and the other
through the call to Curl_sasl_decode_ntlm_type2_message().
2014-11-23 16:05:08 +00:00
Steve Holme
409265a571 ntlm: Fixed static'ness of local decode function 2014-11-23 10:38:54 +00:00
Steve Holme
885119bf50 ntlm: Corrected some parameter names and comments 2014-11-23 10:38:35 +00:00
Daniel Stenberg
d62706ec6d http.c: log if it notices HTTP 1.1 after a upgrade to http2 2014-11-20 23:33:34 +01:00
Tatsuhiro Tsujikawa
7d1f2ac769 http: Disable pipelining for HTTP/2 and upgraded connections
This commit disables pipelining for HTTP/2 or upgraded connections.  For
HTTP/2, we do not support multiplexing.  In general, requests cannot be
pipelined in an upgraded connection, since it is now different protocol.
2014-11-20 14:41:17 +01:00
Steve Holme
34cb17b930 conncache: Fixed specifiers in infof() for long and size_t variables 2014-11-19 20:04:21 +00:00
Jon Spencer
2933698677 multi: inform about closed sockets before they are closed
When the connection code decides to close a socket it informs the multi
system via the Curl_multi_closed function. The multi system may, in
turn, invoke the CURLMOPT_SOCKETFUNCTION function with
CURL_POLL_REMOVE. This happens after the socket has already been
closed. Reorder the code so that CURL_POLL_REMOVE is called before the
socket is closed.
2014-11-19 13:22:07 +01:00
Guenter Knauf
cf510ad781 build: in Makefile.m32 moved target autodetection.
Moved target autodetection block after defining CC macro.
2014-11-19 12:39:20 +01:00
Guenter Knauf
140ca2dcc2 build: in Makefile.m32 simplify platform flags. 2014-11-19 11:46:02 +01:00
Guenter Knauf
a08decdfed build: in Makefile.m32 try to detect 64bit target. 2014-11-19 11:40:04 +01:00
Carlo Wood
013d5c18c3 debug: added new connection cache output, plus fixups
Debug output 'typo' fix.

Don't print an extra "0x" in
  * Pipe broke: handle 0x0x2546d88, url = /

Add debug output.
Print the number of connections in the connection cache when
  adding one, and not only when one is removed.

Fix typos in comments.
2014-11-18 23:02:40 +01:00
Daniel Stenberg
b77ff4d589 multi: move the ending condition into the loop as well
... as it was before I changed the loop in commit e04ccbd50. It caused
test 2030 and 2032 to fail.
2014-11-18 22:57:22 +01:00
Steve Holme
36f7b399de multi: Prefer we don't use CURLE_OK and NULL in comparisons 2014-11-18 20:25:05 +00:00
Daniel Stenberg
c068284882 multi_runsingle: use 'result' for local CURLcode storage
... and assign data->result only at the end. Makes the code more compact
(easier to read) and more similar to other code.
2014-11-18 15:18:21 +01:00
Daniel Stenberg
e05f801271 multi_runsingle: rename result to rc
save 'result' for CURLcode types
2014-11-18 14:47:15 +01:00
Daniel Stenberg
e04ccbd506 multi: make multi_runsingle loop internally
simplifies the use of this function at little cost.
2014-11-18 14:47:15 +01:00
Carlo Wood
1342a96ecf multi: when leaving for timeout, close accordingly
Fixes the problem when a transfer in a pipeline times out.
2014-11-18 14:47:15 +01:00
Guenter Knauf
4bc47bec57 build: in Makefile.m32 add -m32 flag for 32bit. 2014-11-18 14:25:41 +01:00
Guenter Knauf
e126ec4fc4 mk-ca-bundle.vbs: update copyright year. 2014-11-18 13:47:13 +01:00
Guenter Knauf
46ae340f24 build: in Makefile.m32 pass -F flag to windres. 2014-11-18 13:44:03 +01:00
Steve Holme
6cc79dc79d config-win32: Fixed build targets for the VS2012+ Windows XP toolset
Even though commit 23e70e1cc6 mentioned the v110_xp toolset, I had
forgotten to include the relevant pre-processor definitions.
2014-11-17 23:49:05 +00:00
Steve Holme
62a6230e1c sasl_sspi: Removed note about the NTLM functions being a wrapper 2014-11-16 22:49:30 +00:00
Steve Holme
43da5b2066 connect.c: Fixed compilation warning when no verbose string support
warning: unused parameter 'reason'
2014-11-16 18:21:12 +00:00
Steve Holme
591d5ca41b easy.c: Fixed compilation warning when no verbose string support
warning: unused parameter 'easy'
2014-11-16 18:21:03 +00:00
Steve Holme
4be80d5109 win32: Updated some legacy APIs to use the newer extended versions
Updated the usage of some legacy APIs, that are preventing curl from
compiling for Windows Store and Windows Phone build targets.

Suggested-by: Stefan Neis
Feature: http://sourceforge.net/p/curl/feature-requests/82/
2014-11-16 17:30:17 +00:00
Steve Holme
23e70e1cc6 config-win32: Introduce build targets for VS2012+
Visual Studio 2012 introduced support for Windows Store apps as well as
supporting Windows Phone 8. Introduced build targets that allow more
modern APIs to be used as certain legacy ones are not available on these
new platforms.
2014-11-16 17:24:48 +00:00
Steve Holme
800094802e sasl_sspi: Fixed compilation warnings when no verbose string support 2014-11-16 14:52:27 +00:00
Steve Holme
9669794e7a sasl_sspi: Added base64 decoding debug failure messages
Just like in the NTLM code, added infof() failure messages for
DIGEST-MD5 and GSSAPI authentication when base64 decoding fails.
2014-11-16 14:35:51 +00:00
Steve Holme
30892709d7 ntlm: Moved the SSPI based Type-3 message generation into the SASL module 2014-11-16 14:16:07 +00:00
Steve Holme
a3fead9706 ntlm: Moved the SSPI based Type-2 message decoding into the SASL module 2014-11-16 13:59:11 +00:00
Steve Holme
201d0df50b ntlm: Moved the SSPI based Type-1 message generation into the SASL module 2014-11-16 13:39:13 +00:00
Michael Osipov
9f10e45e42 kerberos: Use symbol qualified with _KERBEROS5
For consistency renamed USE_KRB5 to USE_KERBEROS5.
2014-11-16 13:29:04 +00:00
Tatsuhiro Tsujikawa
ed77fdf389 http2: Don't send Upgrade headers when we already do HTTP/2 2014-11-15 21:00:23 +01:00
Steve Holme
08f9c90981 sasl: Corrected Curl_sasl_build_spn() function description
There was a mismatch in function parameter names.
2014-11-15 18:35:40 +00:00
Steve Holme
2e16100609 urldata: Don't define sec_complete when no GSS-API support present
This variable is only used with HAVE_GSSAPI is defined by the FTP code
so let's place the definition with the other GSS-API based variables.
2014-11-15 13:15:02 +00:00
Michael Osipov
d54b551f6c docs: Use consistent naming for Kerberos 2014-11-15 13:10:45 +00:00
Steve Holme
cca12abf6e sasl_sspi: Corrected a couple of comment typos 2014-11-14 23:27:19 +00:00
Steve Holme
18e53fa91a sasl: Moved Curl_sasl_gssapi_cleanup() definition into header file
Rather than define the function as extern in the source files that use
it, moved the function declaration into the SASL header file just like
the Digest and NTLM clean-up functions.

Additionally, added a function description comment block.
2014-11-14 22:11:48 +00:00
Steve Holme
8c58dea899 sasl_sspi: Added missing RFC reference for HTTP Digest authentication 2014-11-14 22:03:27 +00:00
Steve Holme
9dfbcef272 ntlm: Clean-up and standardisation of base64 decoding 2014-11-14 22:02:06 +00:00
Steve Holme
7faaca7118 ntlm: We prefer 'CURLcode result' 2014-11-14 22:00:04 +00:00
Daniel Stenberg
2ee3c63b13 http2: fix switched macro when http2 is not enabled 2014-11-13 15:39:15 +01:00
Tatsuhiro Tsujikawa
7b7f0da4a7 http2: Deal with HTTP/2 data inside response header buffer
Previously if HTTP/2 traffic is appended to HTTP Upgrade response header
(thus they are in the same buffer), the trailing HTTP/2 traffic is not
processed and lost.  The appended data is most likely SETTINGS frame.
If it is lost, nghttp2 library complains server does not obey the HTTP/2
protocol and issues GOAWAY frame and curl eventually drops connection.
This commit fixes this problem and now trailing data is processed.
2014-11-13 15:38:12 +01:00
Daniel Stenberg
f64dbb08c2 multi: removed Curl_multi_set_easy_connection
It isn't used anywhere!

Reported-by: Carlo Wood
2014-11-10 10:09:40 +01:00
Peter Wu
17d27805f9 cmake: add ENABLE_THREADED_RESOLVER, rename ARES
Fix detection of the AsynchDNS feature which not just depends on
pthreads support, but also on whether USE_POSIX_THREADS is set or not.
Caught by test 1014.

This patch adds a new ENABLE_THREADED_RESOLVER option (corresponding to
--enable-threaded-resolver of autotools) which also needs a check for
HAVE_PTHREAD_H.

For symmetry with autotools, CURL_USE_ARES is renamed to ENABLE_ARES
(--enable-ares). Checks that test for the availability actually use
USE_ARES instead as that is the result of whether a-res is available or
not (in practice this does not matter as CARES is marked as required
package, but nevertheless it is better to write the intent).

Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-11-10 09:09:25 +01:00
Steve Holme
bfc63bfb19 vtls.h: Fixed compiler warning when compiled without SSL
vtls.c:185:46: warning: unused parameter 'data'
2014-11-09 18:09:58 +00:00
Steve Holme
2fbf23875f ntlm: Added separate SSPI based functions
In preparation for moving the NTLM message code into the SASL module,
and separating the native code from the SSPI code, added functions that
simply call the functions in curl_ntlm_msg.c.
2014-11-09 15:12:35 +00:00
Steve Holme
48d19acb7c http_ntlm: Use the SASL functions instead
In preparation for moving the NTLM message code into the SASL module
use the SASL functions in the HTTP code instead.
2014-11-09 14:58:20 +00:00
Daniel Stenberg
9dbbba9976 libssh2: detect features based on version, not configure checks
... so that non-configure builds get the correct functions too based on
the libssh2 version used.
2014-11-09 15:43:27 +01:00
Nobuhiro Ban
18e1a3022d SSH: use the port number as well for known_known checks
... if the libssh2 version is new enough.

Bug: http://curl.haxx.se/bug/view.cgi?id=1448
2014-11-09 15:43:27 +01:00
Steve Holme
520dc64369 build: Fixed no NTLM support for email when CURL_DISABLE_HTTP is defined
USE_NTLM would only be defined if: HTTP support was enabled, NTLM and
cryptography weren't disabled, and either a supporting cryptography
library or Windows SSPI was being compiled against.

This means it was not possible to build libcurl without HTTP support
and use NTLM for other protocols such as IMAP, POP3 and SMTP. Rather
than introduce a new SASL pre-processor definition, removed the HTTP
prerequisite just like USE_SPNEGO and USE_KRB5.

Note: Winbind support still needs to be dependent on CURL_DISABLE_HTTP
as it is only available to HTTP at present.

This bug dates back to August 2011 when I started to add support for
NTLM to SMTP.
2014-11-09 12:54:34 +00:00
Steve Holme
8145f92dcc ntlm: Removed an unnecessary free of native Target Info
Due to commit 40ee1ba0dc the free in Curl_ntlm_decode_type2_target() is
longer required.
2014-11-09 11:54:50 +00:00
Steve Holme
40ee1ba0dc ntlm: Moved the native Target Info clean-up from HTTP specific function 2014-11-09 11:47:40 +00:00
Steve Holme
474442dd56 ntlm: Moved SSPI clean-up code into SASL module 2014-11-09 11:10:34 +00:00
Steve Holme
dc867bbf3a Makefile.vc6: Added support for WinIDN 2014-11-08 18:31:29 +00:00
Steve Holme
7599143dcc version info: Added Kerberos V5 to the supported features 2014-11-07 10:55:14 +00:00
Guenter Knauf
f28c856e33 mk-ca-bundle.vbs: switch to new certdata.txt url. 2014-11-07 10:27:26 +01:00
Steve Holme
dcad09e125 http_digest: Fixed some memory leaks introduced in commit 6f8d8131b1
Fixed a couple of memory leaks as a result of moving code that used to
populate allocuserpwd and relied on it's clean up.
2014-11-07 00:11:20 +00:00
Steve Holme
0a925d7834 sasl_sspi: Tidy up of the existing digest code
Following the addition of SSPI support for HTTP digest, synchronised
elements of the email digest code with that of the new HTTP code.
2014-11-06 23:26:27 +00:00
Steve Holme
70100d5509 http_digest: Post SSPI support tidy up
Post tidy up to ensure commonality of code style and variable names.
2014-11-06 23:15:24 +00:00
Steve Holme
cfe4252744 http_digest: Fixed auth retry loop when SSPI based authentication fails 2014-11-06 15:27:27 +00:00
Steve Holme
500d2db302 http_digest: Reworked the SSPI based input token storage
Reworked the input token (challenge message) storage as what is passed
to the buf and desc in the response generation are typically blobs of
data rather than strings, so this is more in keeping with other areas
of the SSPI code, such as the NTLM message functions.
2014-11-06 14:59:53 +00:00
Steve Holme
6d45f952e6 sasl_sspi: Fixed compilation warning from commit 2d2a62e3d9
Added void reference to unused 'data' parameter back to fix compilation
warning.
2014-11-06 13:32:04 +00:00
Steve Holme
3aa0e57ce6 sspi: Align definition values to even columns as we use 2 char spacing 2014-11-06 13:09:48 +00:00
Steve Holme
a10976b961 sspi: Fixed missing definition of ISC_REQ_USE_HTTP_STYLE
Some versions of Microsoft's sspi.h don't define this.
2014-11-06 13:04:24 +00:00
Steve Holme
93859e2c9a sasl: Removed non-SSPI Digest functions and defines from SSPI based builds
Introduced in commit 7e6d51a73c these functions and definitions are only
required by the internal challenge-response functions now.
2014-11-06 12:37:59 +00:00
Steve Holme
2d2a62e3d9 sasl_sspi: Added HTTP digest response generation code 2014-11-06 12:07:04 +00:00
Steve Holme
f0d3be29f2 http_digest: Added SSPI based challenge decoding code 2014-11-06 11:53:02 +00:00
Steve Holme
21fa0d86b1 http_digest: Added SSPI based clean-up code 2014-11-06 11:36:55 +00:00
Steve Holme
3d6b865654 http_digest: Added SSPI based authentication functions
This temporarily breaks HTTP digest authentication in SSPI based builds,
causing CURLE_NOT_BUILT_IN to be returned. A follow up commit will
resume normal operation.
2014-11-06 11:10:10 +00:00
Steve Holme
1033acd92d http_digest: Added required SSPI based variables to digest structure 2014-11-06 11:10:08 +00:00
Steve Holme
783c7f97ba http_digest: Fixed memory leaks from commit 6f8d8131b1 2014-11-05 21:45:10 +00:00
Steve Holme
f4af38120a sasl: Fixed compilation warning from commit 25264131e2
Added forward declaration of digestdata to overcome the following
compilation warning:

warning: 'struct digestdata' declared inside parameter list

Additionally made the ntlmdata forward declaration dependent on
USE_NTLM similar to how digestdata and kerberosdata are.
2014-11-05 18:36:57 +00:00
Steve Holme
259f4f3d01 sasl: Fixed HTTP digest challenges with spaces between auth parameters
Broken as part of the rework, in commit 7e6d51a73c, to assist with the
addition of HTTP digest via Windows SSPI.
2014-11-05 17:58:07 +00:00
Steve Holme
f697d7fdd5 http_digest: Fixed compilation errors from commit 6f8d8131b1
error: invalid operands to binary
warning: pointer targets in assignment differ in signedness
2014-11-05 15:48:19 +00:00
Steve Holme
6f8d8131b1 http_digest: Moved response generation into SASL module 2014-11-05 15:33:21 +00:00
Steve Holme
7e6d51a73c http_digest: Moved challenge decoding into SASL module 2014-11-05 14:39:13 +00:00
Steve Holme
25264131e2 http_digest: Moved clean-up function into SASL module 2014-11-05 13:51:11 +00:00
Steve Holme
d7bfce3951 http_digest: Moved algorithm definitions to SASL module 2014-11-05 13:40:08 +00:00
Gisle Vanem
3cfe3bc001 ssh: Fixed build on platforms where R_OK is not defined
Bug: http://curl.haxx.se/mail/lib-2014-11/0035.html
Reported-by: Jan Ehrhardt
2014-11-05 13:09:08 +00:00
Steve Holme
92e7e346f3 strdup: Removed irrelevant comment
...as Curl_memdup() duplicates an area of fix size memory, that may be
binary, and not a null terminated string.
2014-11-05 12:53:06 +00:00
Steve Holme
e8cea8d70f url.c: Fixed compilation warning
conversion from 'curl_off_t' to 'size_t', possible loss of data
2014-11-05 12:42:35 +00:00
Steve Holme
efe4bab29b http_digest: Use CURLcode instead of CURLdigest
To provide consistent behaviour between the various HTTP authentication
functions use CURLcode based error codes for Curl_input_digest()
especially as the calling code doesn't use the specific error code just
that it failed.
2014-11-05 12:13:47 +00:00
Steve Holme
d62cb0f5d0 sspi: Define authentication package name constants
These were previously hard coded, and whilst defined in security.h,
they may or may not be present in old header files given that these
defines were never used in the original code.

Not only that, but there appears to be some ambiguity between the ANSI
and UNICODE NTLM definition name in security.h.
2014-11-05 11:54:02 +00:00
Daniel Stenberg
b387560692 curl_easy_duphandle: CURLOPT_COPYPOSTFIELDS read out of bounds
When duplicating a handle, the data to post was duplicated using
strdup() when it could be binary and contain zeroes and it was not even
zero terminated! This caused read out of bounds crashes/segfaults.

Since the lib/strdup.c file no longer is easily shared with the curl
tool with this change, it now uses its own version instead.

Bug: http://curl.haxx.se/docs/adv_20141105.html
CVE: CVE-2014-3707
Reported-By: Symeon Paraschoudis
2014-11-05 08:05:14 +01:00
Jay Satiro
e819c3a4ca SSL: PolarSSL default min SSL version TLS 1.0
- Prior to this change no SSL minimum version was set by default at
runtime for PolarSSL. Therefore in most cases PolarSSL would probably
have defaulted to a minimum version of SSLv3 which is no longer secure.
2014-11-04 11:40:51 +01:00
Carlo Wood
15c4d51d39 Curl_single_getsock: fix hold/pause sock handling
The previous condition that checked if the socket was marked as readable
when also adding a writable one, was incorrect and didn't take the pause
bits properly into account.
2014-11-03 09:40:13 +01:00
Peter Wu
b2bb51f339 cmake: drop _BSD_SOURCE macro usage
autotools does not use features.h nor _BSD_SOURCE. As this macro
triggers warnings since glibc 2.20, remove it. It should not have
functional differences.

Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-11-03 09:10:54 +01:00
Steve Holme
b6821dbb91 sasl: Fixed Kerberos V5 inclusion when CURL_DISABLE_CRYPTO_AUTH is used
Typically the USE_WINDOWS_SSPI definition would not be used when the
CURL_DISABLE_CRYPTO_AUTH define is, however, it is still a valid build
configuration and, as such, the SASL Kerberos V5 (GSSAPI) authentication
data structures and functions would incorrectly be used when they
shouldn't be.

Introduced a new USE_KRB5 definition that takes into account the use of
CURL_DISABLE_CRYPTO_AUTH like USE_SPNEGO and USE_NTLM do.
2014-11-02 00:35:16 +00:00
Steve Holme
b04eef1318 openssl: Use 'CURLcode result'
More CURLcode fixes.
2014-11-02 00:14:07 +00:00
Daniel Stenberg
9bc2582c31 resume: consider a resume from [content-length] to be OK
Basically since servers often then don't respond well to this and
instead send the full contents and then libcurl would instead error out
with the assumption that the server doesn't support resume. As the data
is then already transfered, this is now considered fine.

Test case 1434 added to verify this. Test case 1042 slightly modified.

Reported-by: hugo
Bug: http://curl.haxx.se/bug/view.cgi?id=1443
2014-11-01 23:09:24 +01:00
Steve Holme
f0b4bc12f8 openssl: Use 'CURLcode result'
More standardisation of CURLcode usage and coding style.
2014-11-01 17:16:42 +00:00
Steve Holme
14b4707d9a openssl: Use 'CURLcode result'
...and some minor code style changes.
2014-11-01 16:14:05 +00:00
Steve Holme
beb478a24b ftplistparser: We prefer 'CURLcode result' 2014-11-01 12:12:09 +00:00