1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-23 00:28:48 -05:00
Commit Graph

4637 Commits

Author SHA1 Message Date
Daniel Stenberg
6e1632c606 - Kamil Dudka provided a fix for libcurl-NSS reported by Michael Cronenworth
at https://bugzilla.redhat.com/show_bug.cgi?id=453612#c12

  If an incorrect password is given while loading a private key, libcurl ends
  up in an infinite loop consuming memory. The bug is critical.
2009-05-11 09:13:49 +00:00
Daniel Stenberg
56dab605f1 - I fixed the problem with doing NTLM, POST and then following a 302 redirect,
as reported by Ebenezer Ikonne (on curl-users) and Laurent Rabret (on
  curl-library). The transfer was mistakenly marked to get more data to send
  but since it didn't actually have that, it just hung there...
2009-05-11 08:55:58 +00:00
Daniel Stenberg
3aa3d7e629 Internal cleanup: KEEP_WRITE and KEEP_READ are now called KEEP_SEND and
KEEP_RECV to better match the general terminology: receive and send is what we
do from the (remote) servers. We read and write from and to the local fs.
2009-05-11 07:53:38 +00:00
Daniel Stenberg
effbd99384 - Andre Guibert de Bruet correctly pointed out an over-alloc with one wasted
byte in the digest code.
2009-05-10 21:33:55 +00:00
Yang Tse
b8c438f22d Fix function call pointed data size argument mismatch on 64Bit systems 2009-05-10 10:25:23 +00:00
Yang Tse
a85271ce0a Fix type cast 2009-05-10 10:24:53 +00:00
Daniel Stenberg
fd5e69f769 ConnectPlease() fixed for the new proxy connect functionality to make sure
'connected' truly is false when the socks connect fails.

Curl_done() fixed for the check-conn->bits.done-before-Curl_getoff_all_pipelines case
2009-05-09 21:34:48 +00:00
Yang Tse
ddb0b8d8b8 Fix libssh2 preprocessor symbol definition check 2009-05-09 15:32:59 +00:00
Yang Tse
f77f2709a9 Ignore more files for cvs 2009-05-09 10:09:33 +00:00
Yang Tse
9314e9e853 Fix CR 2009-05-08 19:09:36 +00:00
Yang Tse
838ddf8f55 Renamed vc6 workspace and project files to avoid filename clash when used for conversion to later VS versions. 2009-05-08 18:55:42 +00:00
Yang Tse
619869c639 Renamed vc6 workspace and project files to avoid filename clash when used for conversion to later VS versions. 2009-05-08 17:51:44 +00:00
Daniel Stenberg
e84c7db049 - Constantine Sapuntzakis fixed bug report #2784055
(http://curl.haxx.se/bug/view.cgi?id=2784055) identifying a problem to
  connect to SOCKS proxies when using the multi interface. It turned out to
  almost not work at all previously. We need to wait for the TCP connect to
  be properly verified before doing the SOCKS magic.

  There's still a flaw in the FTP code for this.
2009-05-08 10:59:40 +00:00
Daniel Stenberg
6ca321ca75 Curl_sndbufset is (at times) defined in the header, no need to do it again here 2009-05-07 20:02:51 +00:00
Daniel Stenberg
9c788a529b - Made the SO_SNDBUF setting for the data connection socket for ftp uploads as
well. See change 28 Apr 2009.
2009-05-07 20:00:44 +00:00
Yang Tse
ac9d92587e Fix an issue, affecting FTP transfers, introduced with the transfer.c patch committed May 4.
Additionally some identation fixes.
2009-05-07 18:03:49 +00:00
Daniel Stenberg
7bdd14a994 - Vijay G filed bug report #2723236
(http://curl.haxx.se/bug/view.cgi?id=2723236) identifying a problem with
  libcurl's TFTP code and its lack of dealing with the OACK packet.
2009-05-07 08:30:43 +00:00
Yang Tse
a1708730c3 fix compiler warning 2009-05-05 13:04:33 +00:00
Daniel Stenberg
b40b989523 I simplified the SSL session id re-use code now to *always* ditch the previous
one and store the current one, as it makes the code less complex and I'm not
even sure I can check for the same session id using memcmp() like that.
2009-05-05 08:33:29 +00:00
Daniel Stenberg
915dfb494e - Inspired by Michael Smith's session id fix for OpenSSL, I did the
corresponding fix in the GnuTLS code: make sure to store the new session id
  in case the re-used one is rejected.
2009-05-04 22:20:09 +00:00
Daniel Stenberg
a16cca7680 - Michael Smith posted bug report #2786255
(http://curl.haxx.se/bug/view.cgi?id=2786255) with a patch, identifying how
  libcurl did not deal with SSL session ids properly if the server rejected a
  re-use of one. Starting now, it will forget the rejected one and remember
  the new. This change was for OpenSSL only, it is likely that other SSL lib
  code needs similar fixes.
2009-05-04 21:57:14 +00:00
Yang Tse
4422f80ae7 David McCreedy's "transfer.c fixes for CURL_DO_LINEEND_CONV and non-ASCII platform HTTP requests" patch 2009-05-04 09:47:02 +00:00
Yang Tse
9137e717b0 Use build-time configured curl_socklen_t instead of socklen_t 2009-05-02 02:37:32 +00:00
Yang Tse
0569c9c1be David McCreedy's "http.c fix to Curl_proxyCONNECT for non-ASCII platforms" patch 2009-05-01 13:00:38 +00:00
Yang Tse
5a91746b80 David McCreedy's "TPF-platform specific changes to various files" patch 2009-05-01 12:39:40 +00:00
Yang Tse
c174b13f8b fix compiler warning: unused parameter 2009-04-30 09:32:02 +00:00
Yang Tse
dd50e5bdf2 Use 'unsigned int' instead of size_t attempting to avoid header inclusion 2009-04-30 01:34:04 +00:00
Yang Tse
504ecd5f7a NetWare LibC's getpeername() third argument data type is size_t 2009-04-30 00:11:20 +00:00
Yang Tse
01dabb774a curl_socklen_t NetWare follow-up 2009-04-29 17:07:19 +00:00
Daniel Stenberg
e2c6e00570 - Based on bug report #2723219 (http://curl.haxx.se/bug/view.cgi?id=2723219)
I've now made TFTP "connections" not being kept for re-use within libcurl.
  TFTP is UDP-based so the benefit was really low (if even existing) to begin
  with so instead of tracking down to fix this problem we instead removed the
  re-use. I also enabled test case 1099 that I wrote a few days ago to verify
  that this change fixes the reported problem.
2009-04-29 11:30:03 +00:00
Daniel Stenberg
d068001102 - Constantine Sapuntzakis filed bug report #2783090
(http://curl.haxx.se/bug/view.cgi?id=2783090) pointing out that on windows
  we need to grow the SO_SNDBUF buffer somewhat to get really good upload
  speeds. http://support.microsoft.com/kb/823764 has the details. Friends
  confirmed that simply adding 32 to CURL_MAX_WRITE_SIZE is enough.
2009-04-28 20:27:06 +00:00
Yang Tse
d576be58dc allow usage of in-tree c-ares when building from outside of the cvs tree 2009-04-28 19:29:50 +00:00
Daniel Stenberg
e01b7c1ede - Bug report #2709004 (http://curl.haxx.se/bug/view.cgi?id=2709004) by Tim
Chen pointed out how curl couldn't upload with resume when reading from a
  pipe.

  This ended up with the introduction of a new return code for the
  CURLOPT_SEEKFUNCTION callback that basically says that the seek failed but
  that libcurl may try to resolve the situation anyway. In our case this means
  libcurl will attempt to instead read that much data from the stream instead
  of seeking and that way curl can now upload with resume when data is read
  from a stream!
2009-04-28 11:19:10 +00:00
Daniel Stenberg
d27519c0ca Add missing cmake files to the tarball (thanks to Richard Atterer's report) 2009-04-27 12:26:41 +00:00
Daniel Stenberg
14df44dd3f - Bug report #2779733 (http://curl.haxx.se/bug/view.cgi?id=2779733) by Sven
Wegener pointed out that CURLINFO_APPCONNECT_TIME didn't work with the multi
  interface and provided a patch that fixed the problem!
2009-04-26 11:56:22 +00:00
Yang Tse
c0d929bed9 Further narrow the use of the icc 9.1 optimizer workaround.
Previous workaround proved useful, and finally did not trigger any warning!
2009-04-25 10:24:11 +00:00
Daniel Stenberg
828a26286d - Kamil Dudka fixed another NSS-related leak when client certs were used. 2009-04-24 21:55:18 +00:00
Yang Tse
651b4b9efa Try a simpler variation of the 'volatile' variables icc 9.1 on unix IA32 workaround.
Previous workaround proved useful, but triggered the following warning:

warning #556: a value of type "volatile Curl_addrinfo *" cannot be assigned to an entity of type "Curl_addrinfo *"
2009-04-24 10:38:12 +00:00
Yang Tse
2236a247d9 Try another variation of the 'volatile' variables icc 9.1 on unix IA32 workaround.
The #pragma optimize("", off) attempt did not fix the problem and SIGSEGV's in Curl_freeaddrinfo() were back.
2009-04-23 11:09:20 +00:00
Dan Fandrich
7291f50e8d Added new libcurl source files to Amiga, RiscOS and VC6 build files. 2009-04-23 04:12:04 +00:00
Yang Tse
bc5677a47b Disable optimizations when compiling function Curl_freeaddrinfo() with icc 9.1 on unix IA32.
Previous 'volatile' variables workaround proved useful, but it triggered the following warning:

warning #167: argument of type "volatile Curl_addrinfo *" is incompatible with parameter of type "void *"
2009-04-22 15:03:05 +00:00
Yang Tse
33a3753c3f libcurl's memory.h renamed to curl_memory.h 2009-04-21 11:46:16 +00:00
Yang Tse
9770899a4b Moved potential inclusion of system's malloc.h and memory.h header files to
setup_once.h.  Inclusion of each header file is based on the definition of
NEED_MALLOC_H and NEED_MEMORY_H respectively.
2009-04-21 10:26:58 +00:00
Yang Tse
fe8eeb5641 remove unnecessary typecast 2009-04-21 09:03:15 +00:00
Daniel Stenberg
b84876ba69 - Leanic Lefever reported a crash and did some detailed research on why and
how it occurs (http://curl.haxx.se/mail/lib-2009-04/0289.html). The
  conclusion was that if an error is detected and Curl_done() is called for
  the connection, ftp_done() could at times return another error code that
  then would take precedence and that new code confused existing logic that
  works for the first error code (CURLE_SEND_ERROR) only.
2009-04-20 21:41:17 +00:00
Yang Tse
4882078469 attempt to workaround icc 9.1 optimizer induced problem 2009-04-19 05:20:04 +00:00
Gisle Vanem
53b2ff4b04 Added 'slist.obj'. 2009-04-18 16:54:15 +00:00
Gisle Vanem
0c89d71aee Added HAVE_LIMITS_H. 2009-04-18 16:50:09 +00:00
Daniel Stenberg
30f7a2ff20 - Pramod Sharma reported and tracked down a bug when doing FTP over a HTTP
proxy. libcurl would then wrongly close the connection after each
  request. In his case it had the weird side-effect that it killed NTLM auth
  for the proxy causing an inifinite loop!

  I added test case 1098 to verify this fix. The test case does however not
  properly verify that the transfers are done persistently - as I couldn't
  think of a clever way to achieve it right now - but you need to read the
  stderr output after a test run to see that it truly did the right thing.
2009-04-17 12:48:24 +00:00
Yang Tse
ce7b565595 further narrow the use of the icc 9.1 optimizer workaround 2009-04-17 07:30:25 +00:00
Yang Tse
41fd08bb0d attempt to workaround icc 9.1 optimizer induced problem 2009-04-16 08:31:09 +00:00
Gunter Knauf
f7400212fc moved HAVE_LIMITS_H to common defines (no idea why I didnt this initially already) 2009-04-15 04:11:33 +00:00
Yang Tse
6434b42481 HAVE_LIMITS_H definition for NetWare CLIB 2009-04-14 23:51:12 +00:00
Daniel Stenberg
dd0b38b32f first take at bundling cmake-related files in the tarball 2009-04-14 22:00:37 +00:00
Yang Tse
9cc6ab3922 use HAVE_LIMITS_H symbol to protect limits.h inclusion 2009-04-14 13:50:32 +00:00
Yang Tse
2c27e24bb4 include <limits.h> for INT_MAX definition 2009-04-14 13:26:06 +00:00
Yang Tse
c382c550e7 fix compiler warning: implicit conversion shortens 64-bit value into a 32-bit value 2009-04-14 12:53:53 +00:00
Daniel Stenberg
97f27ea585 Kamil Dudka's follow-up fix 2009-04-14 09:40:53 +00:00
Daniel Stenberg
379bfa5a36 - bug report #2727981 (http://curl.haxx.se/bug/view.cgi?id=2727981) by Martin
Storsjo pointed out how setting CURLOPT_NOBODY to 0 could be downright
  confusing as it set the method to either GET or HEAD. The example he showed
  looked like:

   curl_easy_setopt(curl, CURLOPT_PUT, 1);
   curl_easy_setopt(curl, CURLOPT_NOBODY, 0);

  The new way doesn't alter the method until the request is about to start. If
  CURLOPT_NOBODY is then 1 the HTTP request will be HEAD. If CURLOPT_NOBODY is
  0 and the request happens to have been set to HEAD, it will then instead be
  set to GET. I believe this will be less surprising to users, and hopefully
  not hit any existing users badly.
2009-04-13 18:01:02 +00:00
Daniel Stenberg
235c0077b8 - Toshio Kuratomi reported a memory leak problem with libcurl+NSS that turned
out to be leaking cacerts. Kamil Dudka helped me complete the fix. The issue
  is found in Redhat's bug tracker:
  https://bugzilla.redhat.com/show_bug.cgi?id=453612

  There are still memory leaks present, but they seem to have other reasons.
2009-04-13 17:42:10 +00:00
Yang Tse
c621546bd6 fix compiler warning: implicit conversion shortens 64-bit value into a 32-bit value 2009-04-13 07:18:39 +00:00
Dan Fandrich
e43606eb4d Added new libcurl source files to Symbian OS build files.
Improved Symbian support for SSL.
2009-04-11 07:06:34 +00:00
Yang Tse
6a378a28b4 Use 'curl_socket_t' instead of 'int' for socket.
Avoid unnecessary'if-else' nesting.
2009-04-11 06:36:47 +00:00
Yang Tse
95368d9cb4 fix compiler warning: enumerated type mixed with another type 2009-04-11 02:11:02 +00:00
Benoit Neil
4d396169c8 Cleaned up the custom definition I added (replaced by CURL_STATICLIB) 2009-04-09 19:59:38 +00:00
Gunter Knauf
4cd950900b some minor Makefile tweaks for latest libssh2. 2009-04-09 02:50:09 +00:00
Benoit Neil
0e98f938c4 Fixed missing HAVE_PROCESS_H (caused a warning) 2009-04-08 20:54:36 +00:00
Benoit Neil
25f626cc52 Fixed compile defines in CMake scripts 2009-04-08 11:42:45 +00:00
Benoit Neil
8cb8371011 Made the CMake scripts read Makefile.inc. Needs testing I guess. 2009-04-06 22:45:17 +00:00
Benoit Neil
b85154f13f Added tests (exes) targets, refactor a few things.
PS: Once again, sorry if the added files have executable perms on Linux.
2009-04-06 21:05:44 +00:00
Benoit Neil
06047d9103 Added curl (exe) target, fixed static/dynamic linking errors.
PS: Sorry if the added file has executable perms on Linux, I didn't found anything related to it...
2009-04-06 20:44:01 +00:00
Benoit Neil
2362637e90 Removed the "lib" prefix under linux ("was "liblibcurl") and fixed import library name under Win32 (Added "_imp" for dynamically linked). 2009-04-06 19:43:52 +00:00
Yang Tse
0211e420ed fix compiler warning: passing arg 1 of `sk_num' from incompatible pointer type 2009-04-03 12:08:32 +00:00
Benoit Neil
9a184e0bb1 Added basic OpenSSL support in CMake scripts (Thanks to Bill Hoffman) 2009-04-02 23:12:22 +00:00
Benoit Neil
4c5307b456 Initial CMake scripts (libcurl only), based on the merge of tetest scripts and mine. These are far to be functionnal yet.
PS: Hello world :)
2009-04-02 13:14:53 +00:00
Daniel Stenberg
a06b36dee0 - Andre Guibert de Bruet fixed a NULL pointer use in an infof() call if a
strdup() call failed.
2009-04-01 12:15:37 +00:00
Dan Fandrich
18e1bee8d5 Properly return an error code in curl_easy_recv (reported by Jim Freeman). 2009-03-31 14:49:25 +00:00
Gunter Knauf
41f76801eb some minor Makefile tweaks. 2009-03-29 19:40:00 +00:00
Daniel Stenberg
5f19822e37 - Kamil Dudka brought a patch that enables 6 additional crypto algorithms when
NSS is used. These ciphers were added in NSS 3.4 and require to be enabled
  explicitly.
2009-03-18 12:48:51 +00:00
Gisle Vanem
0ac8e1d80b If CURL_DISABLE_PROXY is defined, we must allow socks_sspi.c to call
Curl_blockread_all(). It is needed in code inside USE_WINDOWS_SSPI.
2009-03-15 13:43:47 +00:00
Daniel Stenberg
74ba4d7950 - Use libssh2_version() to present the libssh2 version in case the libssh2
library is found to support it.
2009-03-13 09:58:15 +00:00
Yang Tse
fa96436661 Fix TELNET transfers not being aborted upon write callback failures 2009-03-12 13:18:25 +00:00
Yang Tse
d15b8273d6 Add Curl_read() return code checking 2009-03-12 02:12:05 +00:00
Yang Tse
dd53b356ff fix previous commit misplaced break statement 2009-03-11 04:45:18 +00:00
Yang Tse
f1db505778 Added TELNET timeout support for Windows builds 2009-03-11 04:15:33 +00:00
Daniel Stenberg
bdec6f2b20 - Frank Hempel found out a bug and provided the fix:
curl_easy_duphandle did not necessarily duplicate the CURLOPT_COOKIEFILE
  option. It only enabled the cookie engine in the destination handle if
  data->cookies is not NULL (where data is the source handle). In case of a
  newly initialized handle which just had the cookie support enabled by a
  curl_easy_setopt(handle, CURL_COOKIEFILE, "")-call, handle->cookies was
  still NULL because the setopt-call only appends the value to
  data->change.cookielist, hence duplicating this handle would not have the
  cookie engine switched on.

  We also concluded that the slist-functionality would be suitable for being
  put in its own module rather than simply hanging out in lib/sendf.c so I
  created lib/slist.[ch] for them.
2009-03-09 12:21:46 +00:00
Dan Fandrich
a9a03b9708 Avoid a compile warning in --disable-proxy case 2009-03-09 04:32:51 +00:00
Daniel Stenberg
f4e8c406bb - Andre Guibert de Bruet found and fixed a code segment in ssluse.c where the
allocation of the memory BIO was not being properly checked.
2009-03-08 22:56:55 +00:00
Daniel Stenberg
12bfcb501c - Andre Guibert de Bruet fixed the gnutls-using code: There are a few places
in the gnutls code where we were checking for negative values for errors,
  when the man pages state that GNUTLS_E_SUCCESS is returned on success and
  other values indicate error conditions.
2009-03-08 22:52:05 +00:00
Daniel Stenberg
0fc1782dd4 Andre Guibert de Bruet fixed a typo in the error message 2009-03-08 22:45:59 +00:00
Yang Tse
94bb7fe5cb Fix NTLM authentication memory leak on SSPI enabled Windows builds 2009-03-05 01:23:14 +00:00
Daniel Stenberg
ee73fc361b - David James brought a patch that make libcurl close (all) dead connections
whenever you attempt to open a new connection.
2009-03-03 11:01:24 +00:00
Daniel Stenberg
042cc1f69e - David Kierznowski notified us about a security flaw
(http://curl.haxx.se/docs/adv_20090303.html also known as CVE-2009-0037) in
  which previous libcurl versions (by design) can be tricked to access an
  arbitrary local/different file instead of a remote one when
  CURLOPT_FOLLOWLOCATION is enabled. This flaw is now fixed in this release
  together this the addition of two new setopt options for controlling this
  new behavior:

  o CURLOPT_REDIR_PROTOCOLS controls what protocols libcurl is allowed to
  follow to when CURLOPT_FOLLOWLOCATION is enabled. By default, this option
  excludes the FILE and SCP protocols and thus you nee to explicitly allow
  them in your app if you really want that behavior.

  o CURLOPT_PROTOCOLS controls what protocol(s) libcurl is allowed to fetch
  using the primary URL option. This is useful if you want to allow a user or
  other outsiders control what URL to pass to libcurl and yet not allow all
  protocols libcurl may have been built to support.
2009-03-02 23:05:31 +00:00
Yang Tse
8d78a33e60 for portability reasons: s/inet_pton/Curl_inet_pton/ 2009-02-28 01:35:53 +00:00
Yang Tse
df07537ccf fix compiler warning 2009-02-28 01:11:57 +00:00
Daniel Stenberg
7b7db23633 - Senthil Raja Velu reported a problem when CURLOPT_INTERFACE and
CURLOPT_LOCALPORT were used together (the local port bind failed), and
  Markus Koetter provided the fix!
2009-02-27 12:07:14 +00:00
Daniel Stenberg
794b4da840 Indentation fixes, untabify and related whitespace-cleanup. No code changed. 2009-02-27 08:53:10 +00:00
Daniel Stenberg
e9ea3ba4a2 corrected and clarified the top comment 2009-02-25 12:51:39 +00:00
Daniel Stenberg
d207ea1652 - As Daniel Fandrich figured out, we must do the GnuTLS initing in the
curl_global_init() function to properly maintain the performing functions
  thread-safe. We've previously (28 April 2007) moved the init to a later time
  just to avoid it to fail very early when libgcrypt dislikes the situation,
  but that move was bad and the fix should rather be in libgcrypt or
  elsewhere.
2009-02-25 12:51:17 +00:00
Daniel Stenberg
ea6531cf32 - Brian J. Murrell found out that Negotiate proxy authentication didn't work.
It happened because the code used the struct for server-based auth all the
  time for both proxy and server auth which of course was wrong.
2009-02-24 08:30:09 +00:00