1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-24 00:58:48 -05:00
Commit Graph

5593 Commits

Author SHA1 Message Date
Kamil Dudka
b5c3feda17 NTLM tests: boost coverage by forcing the hostname
A shared library tests/libtest/.libs/lihostname.so is preloaded in NTLM
test-cases to override the system implementation of gethostname().  It
makes it possible to test the NTLM authentication for exact match, and
this way test the implementation of MD4 and DES.

If LD_PRELOAD doesn't work, a debug build willl also workk as debug
builds are now made to prefer a specific environment variable and will
then return that content as host name instead of the actual one.

Kamil wrote the bulk of this, Daniel Stenberg polished it.
2010-07-30 00:51:24 +02:00
Guenter Knauf
01c309e186 Added a comment with an alternate idea to avoid the backslash line contination character. 2010-07-29 09:06:55 +02:00
Guenter Knauf
d873c820bd Changed comparison to match size_t var type. 2010-07-29 05:33:04 +02:00
Guenter Knauf
41cf1f4090 Removed unused vars to avoid compiler warnings. 2010-07-29 05:20:43 +02:00
Guenter Knauf
6ad0acb608 Make Watcom makefiles use Makefile.inc to reduce future maintainance.
lib/Makefile.Watcom works fine already, for src/Makefile.Watcom we
need first to tweak src/Makefile.inc a bit - therefore the handtweaked
list still exists for now.
2010-07-29 03:50:09 +02:00
Guenter Knauf
cfbb351e22 Watcom makefiles overhaul.
- make both libcurl and curl makefiles use register calling convention
  (previously libcurl had stack calling convention).
- added include paths to the Watcom headers so its no longer required
  to set the environment vars for this.
- added -wcd=201 to supress compiler warning about unreachable code.
- use macros for all tools, and removed dependency on GNU tools like rm.
- make ipv6 and debug builds controlable via env vars and so make them
  optional instead of default.
- commented WINLDAPAPI and WINBERAPI since they broke with OW 1.8, and
  it seems they're not needed (anymore?).
- added rule for hugehelp.c.cvs so that it will be created when not
  already exist - this is required for building from a release tarball
  since there we have no hugehelp.c.cvs, thus compilation broke.
- removed C_ARG creation from lib/Makefile.Watcom and use CFLAGS
  directly as done too in src/Makefile.Watcom - this has the benefit
  that we will see all active cflags and defines during compile.
- added LINK-ARG to src/Makefile.Watcom in order to better control
  linker input.
- a couple of other minor makefile tweaks here and there ...
- added largefile support for Watcom builds to config-win32.h. Not yet
  tested if it really works, but should since Win32 supports it.
- added loaddll stuff to speed up builds if supported.
2010-07-29 03:18:40 +02:00
Guenter Knauf
11f53b9a18 some cosmetic changes. 2010-07-28 08:05:00 +02:00
Dan Fandrich
eb33f5d1f8 Added md4.c to the Watcom makefile 2010-07-26 16:41:27 -07:00
Daniel Stenberg
6d2ccfed48 add_buffer_send: fix compiler warning
Win64's 32 bit long but 64 bit size_t caused a warning that we avoid
with a typecast. A small whitespace indent fix was also applied.

Reported by: Adam Light
2010-07-24 22:52:35 +02:00
Guenter Knauf
7738b15977 Updated library versions. 2010-07-22 04:34:54 +02:00
Guenter Knauf
0fa4b41c2b Fixed script version which was still based on CVS Revision tag. 2010-07-22 04:29:54 +02:00
Ben Greear
affff47b3d ssh: Fix compile error on 64-bit systems.
Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-07-21 21:31:37 +02:00
Ben Greear
d6981cb508 build: Enable configure --enable-werror
This passes -Werror to gcc when building curl and libcurl,
  allowing easy dection of compile warnings.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-07-21 21:29:47 +02:00
Ben Greear
40ecd6c9b8 pingpong: Fix indentation (whitespace change only)
Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-07-21 21:27:33 +02:00
Jan Van Boghout
181b08babb CUSTOMREQUEST: shouldn't be disabled when HTTP is disabled
... since FTP is using it as well, and potentially other protocols!

Also, an #endif CURL_DISABLE_HTTP was incorrectly marked, as it seems to
end the proxy block instead.
2010-07-18 20:23:08 +02:00
Jan Van Boghout
7abf3b97fe pingpong: response_time is milliseconds
Fixed the comment/document for the response_time struct member.
2010-07-18 00:49:29 +02:00
Jan Van Boghout
4a1384a8b4 ftp: response timeout bug in "quote" sending
The FTP implementation was missing a timestamp reset point, making the
waiting for responses after sending a post-transfer "QUOTE" command not
working as supposedly. This bug was introduced in 7.20.0
2010-07-18 00:44:25 +02:00
Constantine Sapuntzakis
d4e6404135 multi: fix condition that remove timers before trigger
curl_multi perform has two phases: run through every easy handle calling
multi_runsingle and remove expired timers (timer removal).

If a small timer (e.g. 1-10ms) is set during multi_runsingle, then it's
possible that the timer has passed by when the timer removal runs. The
timer which was just added is then removed. This will potentially cause
the timer list to be empty and cause the next call to curl_multi_timeout
to return -1. Ideally, curl_multi_timeout should return 0 in this case.

One way to fix this is to move the struct timeval now = Curl_tvnow(); to
the top of curl_multi_perform. The change does that.
2010-07-12 19:19:31 +02:00
Constantine Sapuntzakis
3992309285 threaded resolver: fix timeout issue
Reset old timer first so we can set a new one further in the future.
2010-07-12 19:03:51 +02:00
Daniel Stenberg
e01cc7737c http: don't enable chunked during authentication negotiations
As mentioned in bug report #2956968, the HTTP code wouldn't send the
first empty chunk during the auth negotiation phase of the HTTP request
sending, so the server would wait for data to come and libcurl would
wait for data to arrive... I've made the code not enable chunked
encoding until the auth negotiation is done and thus this scenario
doesn't occur anymore.

Reported by: Sidney San Martn
Bug: http://curl.haxx.se/bug/view.cgi?id=2956968
2010-07-06 22:50:21 +02:00
Daniel Stenberg
9be951a415 multi: CURLINFO_LASTSOCKET doesn't work after remove_handle
When curl_multi_remove_handle() is called and an easy handle is returned
to the connection cache held in the multi handle, then we cannot allow
CURLINFO_LASTSOCKET to extract it since that will more or less encourage
that the user uses the socket while it can get used by libcurl again.

Without this fix, we'd get a segfault in Curl_getconnectinfo() trying to
dereference the NULL pointer in 'data->state.connc'.

Bug: http://curl.haxx.se/bug/view.cgi?id=3023840
2010-07-01 23:32:20 +02:00
Pierre Joye
7239538d9a build: add enable IPV6 option for the VC makefiles 2010-06-30 19:42:37 +02:00
Kamil Dudka
f3b77e5611 http_ntlm: add support for NSS
When configured with '--without-ssl --with-nss', NTLM authentication
now uses NSS crypto library for MD5 and DES.  For MD4 we have a local
implementation in that case.  More details are available at
https://bugzilla.redhat.com/603783

In order to get it working, curl_global_init() must be called with
CURL_GLOBAL_SSL or CURL_GLOBAL_ALL.  That's necessary because NSS needs
to be initialized globally and we do so only when the NSS library is
actually required by protocol.  The mentioned call of curl_global_init()
is responsible for creating of the initialization mutex.

There was also slightly changed the NSS initialization scenario, in
particular, loading of the NSS PEM module.  It used to be loaded always
right after the NSS library was initialized.  Now the library is
initialized as soon as any SSL or NTLM is required, while the PEM module
is prevented from being loaded until the SSL is actually required.
2010-06-30 13:12:25 +02:00
Pavel Raiskup
f7ae7b3623 ftp wildcard: FTP LIST parser FIX
There was a problem when a UNIX-like server returned information
about directory size (total NNNNNN) at the first line of
response.
2010-06-24 23:45:44 +02:00
Daniel Stenberg
8da56e12c6 multi_socket: re-use of same socket without notifying app
When a hostname resolves to multiple IP addresses and the first one
tried doesn't work, the socket for the second attempt may get dropped on
the floor, causing the request to eventually time out. The issue is that
when using kqueue (as on mac and bsd platforms) instead of select, the
kernel removes the first fd from kqueue when it is closed (in trynextip,
connect.c:503). Trynextip() then goes on to open a new socket, which
gets assigned the same number as the one it just closed. Later in
multi.c, socket_cb is not called because the fd is already in
multi->sockhash, so the new socket is never added to kqueue.

The correct fix is to ensure that socket_cb is called to remove the fd
when trynextip() closes the socket, and again to re-add it after
singleipsocket(). I'm not sure how to cleanly do that, but the attached
patch works around the problem in an admittedly kludgy way by delaying
the close to ensure that the newly-opened socket gets a different fd.

Daniel's added comment: I didn't spot a way to easily do a nicer fix so
I've proceeded with Ben's patch.

Bug: http://curl.haxx.se/bug/view.cgi?id=3017819
Patch by: Ben Darnell
2010-06-24 23:22:24 +02:00
Pavel Raiskup
0a04078916 ftp-wildcard: avoid tight loop when used without any pattern
It was broken for URLs like "ftp://example.com/".
2010-06-24 10:18:17 +02:00
Daniel Stenberg
1b15b31c86 sendrecv: treat all negative values from send/recv as errors
For example the libssh2 based functions return other negative
values than -1 to signal errors and it is important that we catch
them properly. Right before this, various failures from libssh2
were treated as negative download amounts which caused havoc.
2010-06-19 00:18:14 +02:00
Daniel Stenberg
e6d85923c1 multi: prevent NULL pointer dereference
My additional call to Curl_pgrsUpdate() would sometimes get
called even though there's no connection (left) so a NULL pointer
would get passed, causing a segfault.
2010-06-18 23:46:09 +02:00
Daniel Stenberg
614bae813e smtp: fixed a few uses of size_t that seemed to believe it was signed
Reported-by: Steven M. Schweda
2010-06-18 16:20:41 +02:00
Dan Fandrich
bd6a695545 Fixed an OOM memory leak in the FTP wildcard code 2010-06-17 10:56:25 -07:00
Krister Johansen
43edcc4a2e multi: unmark handle as used when no longer head of pipeline 2010-06-17 15:46:27 +02:00
Daniel Stenberg
01c2b397aa multi: call the progress function only once and allow abort
1) no need to call the progress function twice when in the
CURLM_STATE_TOOFAST state.

2) Make sure that the progress callback's return code is
acknowledged when used
2010-06-17 15:19:30 +02:00
Daniel Stenberg
51a757c11b multi: call the progress callback in all states
As long as no error is reported, the progress function can get
called. This may be a little TOO often so we should keep an eye
on this and possibly make this conditional somehow.
2010-06-17 15:10:08 +02:00
Yang Tse
88af6fbf98 remove unused 'tmpdata' and 'backup' ftp_parselist_data struct members 2010-06-10 04:46:30 +02:00
Yang Tse
6b6fe2a4d5 replace isprint() with ISPRINT() 2010-06-10 02:33:45 +02:00
Yang Tse
54aca3c5ec ensure that Curl_wildcard_dtor() leaves WildcardData struct zero initialized 2010-06-10 02:30:23 +02:00
Yang Tse
343c4c7072 code simplification 2010-06-09 16:48:19 +02:00
Yang Tse
6a0d3233ff add Curl_ prefix to conform with cURL naming standards 2010-06-09 15:45:46 +02:00
Yang Tse
d3714b016d Merge branch 'master' of git@github.com:bagder/curl 2010-06-09 01:57:37 +02:00
Yang Tse
da6e992e1d fix compiler warning using curl_socket_t to store socket descriptor 2010-06-09 01:51:46 +02:00
Daniel Stenberg
bb60fe0c1a inet_pton: warnings: use size_t to store pointer deltas 2010-06-08 23:09:42 +02:00
Yang Tse
feecf63a96 avoid redundant work when reusing same connection 2010-06-08 19:29:20 +02:00
Yang Tse
cbdd1cbcde fix function result checking 2010-06-08 16:16:34 +02:00
Daniel Stenberg
b3d7161642 transfer: warning: implicit conversion
There is an implicit conversion from "unsigned long" to "long";
rounding, sign extension, or loss of accuracy may result.

Fixed by an added typecast.
2010-06-08 10:36:06 +02:00
Daniel Stenberg
3b47d231ac TFTP: fix compiler warning
Curl_fillreadbuffer()'s second argument takes an int, so
typecasting to another is a bad idea.
2010-06-08 10:35:06 +02:00
Daniel Stenberg
7977bc3dfa TFTP: fix warning for sendto() usage on non-POSIX systems
Older unixes want an 'int' instead of 'size_t' as the 3rd
argumment so before this change it would cause warnings such as:

There is an implicit conversion from "unsigned long" to "int";
rounding, sign extension, or loss of accuracy may result.
2010-06-08 10:19:39 +02:00
Dan Fandrich
00fdafb0a1 Include Makefile.inc to get the list of source files for Amiga
Signed-off-by: Diego Casorran <dcasorran@gmail.com>
2010-06-07 14:00:16 -07:00
Yang Tse
f737e94164 Curl_updateconninfo() error handling fix 2010-06-07 16:53:31 +02:00
Constantine Sapuntzakis
a0dd9df9ab OpenSSL: fix spurious SSL connection aborts
Was seeing spurious SSL connection aborts using libcurl and
OpenSSL. I tracked it down to uncleared error state on the
OpenSSL error stack - patch attached deals with that.

Rough idea of problem:

Code that uses libcurl calls some library that uses OpenSSL but
don't clear the OpenSSL error stack after an error.

ssluse.c calls SSL_read which eventually gets an EWOULDBLOCK from
the OS. Returns -1 to indicate an error

ssluse.c calls SSL_get_error. First thing, SSL_get_error calls
ERR_get_error to check the OpenSSL error stack, finds an old
error and returns SSL_ERROR_SSL instead of SSL_ERROR_WANT_READ or
SSL_ERROR_WANT_WRITE.

ssluse.c returns an error and aborts the connection

Solution:

Clear the openssl error stack before calling SSL_* operation if
we're going to call SSL_get_error afterwards.

Notes:

This is much more likely to happen with multi because it's easier
to intersperse other calls to the OpenSSL library in the same
thread.
2010-06-05 23:41:58 +02:00
Yang Tse
4724b9d966 replace socklen_t with curl_socklen_t 2010-06-05 15:08:26 +02:00
Frank Meier
8098d9417c getinfo: added *_PRIMARY_PORT, *_LOCAL_IP and *_LOCAL_PORT 2010-06-05 00:31:36 +02:00
Yang Tse
43d20d81a5 Enable OpenLDAP support for cygwin builds.
Enable OpenLDAP support for cygwin builds. This support was disabled back
in 2008 due to incompatibilities between OpenSSL and OpenLDAP headers.
cygwin's OpenSSL 0.9.8l and OpenLDAP 2.3.43 versions on cygwin 1.5.25
allow building an OpenLDAP enabled libcurl supporting back to Windows 95.

Remove non-functional CURL_LDAP_HYBRID code and references.
2010-06-04 15:14:31 +02:00
Kamil Dudka
bc0f3dd15e ftplistparser.c: oops, fix typo in the last commit 2010-06-02 23:55:45 +02:00
Kamil Dudka
475c19c42b ftplistparser.c: avoid some invalid dereferences 2010-06-02 23:50:38 +02:00
Kamil Dudka
c072bd4609 lib: eliminate some dead code 2010-06-02 23:50:38 +02:00
Daniel Stenberg
684830cb2a SSH: corrected the inability to respect the timeout
Jason McDonald posted bug report #3006786 when he found that the
SFTP code didn't timeout properly in several places in the code
even if a timeout was set properly.

Based on his suggested patch, I wrote a different implementation
that I think addressed the issue better and also uses the connect
timeout for the initial part of the SSH/SFTP done during the
"protocol connect" phase.

(http://curl.haxx.se/bug/view.cgi?id=3006786)
2010-06-02 23:33:51 +02:00
Yang Tse
3b24076c3b add missing new files to non-configure target build files 2010-06-02 15:09:39 +02:00
Yang Tse
077125e4a2 include libcurl standard internal headers 2010-06-02 14:13:02 +02:00
Yang Tse
d939e0f410 make setup.h first included file 2010-06-02 13:19:04 +02:00
Yang Tse
69d07feb14 fix spnego memory leak 2010-06-02 12:44:46 +02:00
Yang Tse
1c4538610b openldap header inclusions fix 2010-06-02 11:23:30 +02:00
Daniel Stenberg
2c72732ebf multi_socket: handles timer inaccuracy better for timeouts
Igor Novoseltsev reported a problem with the multi socket API and
using timeouts and timers. It boiled down to a problem with
libcurl's use of GetTickCount() interally to figure out the
current time, while Igor's own application code used another
function call.

It made his app call the socket API timeout function a bit
_before_ libcurl would consider the timeout to trigger, and that
could easily lead to timeouts or stalls in the app. It seems
GetTickCount() in general often has no better resolution than
16ms and switching to the alternative function
QueryPerformanceCounter has its share of problems:
http://www.virtualdub.org/blog/pivot/entry.php?id=106

We address this problem by simply having libcurl treat timers
that already has occured or will occur within 40ms subject for
treatment. I'm confident that there are other implementations and
operating systems with similarly in accurate timer functions so
it makes sense to have applied generically and I don't believe we
sacrifice much by adding a 40ms inaccuracy on these timeouts.
2010-06-01 23:20:16 +02:00
Yang Tse
89da532445 fix ldap related compilation issues 2010-06-01 17:25:03 +02:00
Yang Tse
b38189c7b4 fix compiler warning: enumerated type mixed with another type 2010-06-01 12:25:14 +02:00
Yang Tse
1bb04927f3 fix compiler warning: enumerated type mixed with another type 2010-05-31 19:55:22 +02:00
Patrick Monnerat
3fd01be648 smtp_authenticate: avoid compiler warnings 2010-05-31 17:37:00 +02:00
Yang Tse
0546d448ce fix compiler warning: enumerated type mixed with another type 2010-05-31 17:22:43 +02:00
Yang Tse
b4fa27ae4b fix compiler warning: enumerated type mixed with another type 2010-05-31 17:11:51 +02:00
Yang Tse
a9483b1f4a fix compiler warning: enumerated type mixed with another type 2010-05-31 16:36:05 +02:00
Yang Tse
40f8aaedb7 fix compiler warning: external declaration in primary source file 2010-05-31 16:24:01 +02:00
Yang Tse
374f48675b update year in copyright notice 2010-05-31 13:51:29 +02:00
Kamil Dudka
20ae9d4f71 strtoofft: rename CURL_LLONG_MIN -> CURL_OFF_T_MIN
... and CURL_LLONG_MAX -> CURL_OFF_T_MAX
2010-05-29 21:28:16 +02:00
Kamil Dudka
35955179c6 CURL_LLONG_MAX: avoid constant overflow
... when (CURL_SIZEOF_CURL_OFF_T == 4)
2010-05-29 21:23:18 +02:00
Howard Chu
b1c1b9bb76 LDAPS: list availability depending on SSL's presence 2010-05-28 12:23:28 +02:00
Howard Chu
123f80ae54 LDAP: make it build without SSL if no such support is available
of course it also goes for the case where SSL is explicitly
disabled
2010-05-28 12:22:35 +02:00
Kamil Dudka
233ec511db lib: eliminate 'statement not reached' warnings 2010-05-28 09:45:17 +02:00
Howard Chu
c03cbb38ad openldap: fix compiler warnings 2010-05-27 22:37:38 +02:00
Daniel Stenberg
63661d8e83 indent: some whitespace edits 2010-05-27 22:37:38 +02:00
Kamil Dudka
4a0493f789 wildcard.c: add missing include of "setup.h" 2010-05-27 20:56:01 +02:00
Pavel Raiskup
9190e2876e wildcard.c: add missing include of "curl_memory.h" 2010-05-27 18:41:29 +02:00
Tor Arntsen
b4f0e1291f setup_once: use enum type for 'bool' on non-C99 platforms
An enum will catch non-bool assignments to bool on platforms with
a strict compiler, e.g MIPSPro.

Signed-off-by: Kamil Dudka <kdudka@redhat.com>
2010-05-27 18:15:17 +02:00
Kamil Dudka
dd8568739c url.c: avoid implied cast to bool 2010-05-27 16:35:31 +02:00
Tor Arntsen
97b497a75f curl_fnmatch: remove use of register keyword
Using the 'register' keyword rarely improves anything with modern
compilers and architectures.
2010-05-27 16:34:57 +02:00
Julien Chaffraix
d3c813e726 RTMP: Fix compiler warnings 2010-05-26 00:41:45 +02:00
Julien Chaffraix
9e480973eb OOM fixes in http_negociate.c and lib/splay.c
Fix 2 OOM errors: a missing NULL-check in lib/http_negociate.c
and a potential NULL dereferencing in lib/splay.c
2010-05-26 00:40:26 +02:00
Howard Chu
2e056353b0 LDAP: properly implemented as a curl_handler
makes the LDAP code much cleaner, nicer and in general being a
better libcurl citizen. If a new enough OpenLDAP version is
detect, the new and shiny lib/openldap.c code is then used
instead of the old cruft

Code by Howard, minor cleanups by Daniel.
2010-05-25 00:44:42 +02:00
Tor Arntsen
606b933a4f curl_fnmatch: Use int not bool when function returns int
bool in curl internals is unsigned char and should not be used
to receive return value from functions returning int - this fails
when using IBM VisualAge and Tru64 compilers.
2010-05-21 23:42:55 +02:00
Daniel Stenberg
d17709da31 TFTP: send legal timeout value
Eric Mertens posted bug #3003705: when we made TFTP use the
correct timeout option when sent to the server (fixed May 18th
2010) it became obvious that libcurl used invalid timeout values
(300 by default while the RFC allows nothing above 255). While of
course it is obvious that as TFTP has worked thus far without
being able to set timeout at all, just removing the setting
wouldn't make any difference in behavior. I decided to still keep
it (but fix the problem) as it now actually allows for easier
(future) customization of the timeout.

(http://curl.haxx.se/bug/view.cgi?id=3003705)
2010-05-21 23:29:52 +02:00
Daniel Stenberg
0bb6deda72 TFTP: don't ack if wrong block num is received
If an unexpected block number was received, break out of the
switch loop.
2010-05-21 23:07:59 +02:00
Daniel Stenberg
0a29e2445c TFTP: block id wrap bug fix
In a normal expression, doing [unsigned short] + 1 will not wrap
at 16 bits so the comparisons and outputs were done wrong. I
added a macro do make sure it gets done right.

Douglas Kilpatrick filed bug report #3004787 about it:
http://curl.haxx.se/bug/view.cgi?id=3004787
2010-05-21 23:04:15 +02:00
Ben Greear
700335103e Fix build warnings.
Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-05-20 23:16:46 +02:00
Ben Greear
368fd5d27b setopt: Fix setting of set.is_fwrite_set
Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-05-20 23:15:34 +02:00
Tanguy Fautre
81239edb89 build: allow curl to build with Microsoft VC10
By undefing a bunch of E* defines that VC10 has started to define
but that we redefine internally to their WSA* alternatives when
building for Windows.
2010-05-20 22:40:48 +02:00
Tor Arntsen
5f53c9d94a lib: Fix AIX build failure 2010-05-19 22:09:35 +02:00
Dan Fandrich
04cfef24a1 Fixed some memory leaks in the POP3 torture tests 2010-05-19 12:18:06 -07:00
Dan Fandrich
1d26151d5f Fixed a memory leak in the SMTP torture tests 2010-05-18 14:44:19 -07:00
Daniel Stenberg
aabd27d9aa TFTP: send timeout option correctly
Eric Mertens posted bug report #3003005 pointing out that the
libcurl TFTP code was not sending the timeout option properly to
the server, and suggested a fix.

(http://curl.haxx.se/bug/view.cgi?id=3003005)
2010-05-18 23:14:00 +02:00
Tor Arntsen
dcc061543a lib: Change some CRLF line endings to LF
An update had added a couple of lines with DOS line endings,
and some compilers will choke on that (e.g. the Tru64 compiler).
2010-05-16 22:34:02 +02:00
Kamil Dudka
2ffe834bff ftp wildcard: a new option CURLOPT_FNMATCH_DATA 2010-05-16 02:52:33 +02:00
Howard Chu
027ceb37a1 RMTP: the version code is now rtmp aware 2010-05-15 22:13:17 +02:00
Howard Chu
510836f80b RTMP: fix wrong #ifdef 2010-05-15 22:02:44 +02:00
Pavel Raiskup
e4af5d6efc ftp wildcard: fix int32_t and size/group mixups 2010-05-15 21:58:50 +02:00
Daniel Stenberg
77cfeadfa6 OpenSSL: multi interface handshake could hang
John-Mark Bell filed bug #3000052 that identified a problem (with
an associated patch) with the OpenSSL handshake state machine
when the multi interface is used:

Performing an https request using a curl multi handle and using
select or epoll to wait for events results in a hang. It appears
that the cause is the fix for bug #2958179, which makes
ossl_connect_common unconditionally return from the step 2 loop
when fetching from a multi handle.

When ossl_connect_step2 has completed, it updates
connssl->connecting_state to ssl_connect_3. ossl_connect_common
will then return to the caller, as a multi handle is in
use. Eventually, the client code will call curl_multi_fdset to
obtain an updated fdset to select or epoll on. For https
requests, curl_multi_fdset will cause https_getsock to be called.
https_getsock will only return a socket handle if the
connecting_state is ssl_connect_2_reading or
ssl_connect_2_writing.  Therefore, the client will never obtain a
valid fdset, and thus not drive the multi handle, resulting in a
hang.

(http://curl.haxx.se/bug/view.cgi?id=3000052)
2010-05-14 22:35:08 +02:00
Daniel Stenberg
7764795c06 follow redirect: ignore response-body on redirect even if compressed
Sebastian V reported bug #3000056 identifying a problem with
redirect following. It showed that when curl followed redirects
it didn't properly ignore the response body of the 30X response
if that response was using compressed Content-Encoding!

(http://curl.haxx.se/bug/view.cgi?id=3000056)
2010-05-14 22:12:07 +02:00
Hoi-Ho Chan
83305cbf9f Remove support for BSD version of PolarSSL
"The BSD version of PolarSSL was made for migratory purposes only and is not
maintained. The GPL version of PolarSSL is actually the only actively
developed version, so I would be very reluctant to use the BSD version." /
Paul Bakker, PolarSSL hacker.

Signed-off-by: Hoi-Ho Chan <hoiho.chan@gmail.com>
2010-05-13 21:50:52 +02:00
Dan Fandrich
76255cfdc9 Added Polar SSL and RTMP files to the non-autoconf build files
I didn't bother with a few that have little hope of running the required
dependent libraries.
2010-05-12 19:05:58 -07:00
Dan Fandrich
ad6bc4d82e Added the new ftp source files to the non-autoconf build files 2010-05-12 17:32:10 -07:00
Daniel Stenberg
a799162bc7 style: minor whitespace change 2010-05-12 23:32:42 +02:00
Pavel Raiskup
0825cd80a6 FTP: WILDCARDMATCH/CHUNKING/FNMATCH added 2010-05-12 23:17:51 +02:00
Howard Chu
04cb15ae9d RTMP: initial support added, powered by librtmp
librtmp is found at http://rtmpdump.mplayerhq.hu/
2010-05-12 23:07:20 +02:00
Howard Chu
bc8fc9803f sendrecv: make them two pairs of send/recv to properly deal with FTPS
FTP(S) use two connections that can be set to different recv and
send functions independently, so by introducing recv+send pairs
in the same manner we already have sockets/connections we can
work with FTPS fine.

This commit fixes the FTPS regression introduced in change d64bd82.
2010-05-11 22:48:38 +02:00
Kamil Dudka
3e759f4fb6 nss: make it possible to read ASCII and DER CRL 2010-05-11 14:39:08 +02:00
Kamil Dudka
2e8b21833a nss: add CRL to cache instead of read-only NSS db 2010-05-11 14:37:43 +02:00
Hacki
d2621445f1 moved vars into conditional since seems that winsock implementation doesnt use them. 2010-05-08 05:38:42 +02:00
Daniel Stenberg
adaf87530d multi interface: missed storing connection time
Dirk Manske reported a regression. When connecting with the multi
interface, there were situations where libcurl wouldn't store
connect time correctly as it used to (and is documented to) do.

Using his fine sample program we could repeat it, and I wrote up
test case 573 using that code. The problem does not easily show
itself using the local test suite though.

The fix, also as suggested by Dirk, is a bit on the ugly side as
it adds yet another call to Curl_verboseconnect() and setting the
TIMER_CONNECT time.  That situation is subject for some closer
inspection in the future.
2010-05-07 23:49:29 +02:00
Daniel Stenberg
8914857092 verboseconnect: so the verbose checking within the function
As the function is used more than once and libcurl can be built
without it, do the conditional check within the verboseconnect()
function itself.
2010-05-07 23:24:47 +02:00
Howard Chu
d64bd82bdc sendrecv: split the I/O handling into private handler
Howard Chu brought the bulk work of this patch that properly
moves out the sending and recving of data to the parts of the
code that are properly responsible for the various ways of doing
so.

Daniel Stenberg assisted with polishing a few bits and fixed some
minor flaws in the original patch.

Another upside of this patch is that we now abuse CURLcodes less
with the "magic" -1 return codes and instead use CURLE_AGAIN more
consistently.
2010-05-07 15:05:34 +02:00
Hoi-Ho Chan
51427e1947 PolarSSL: initial support added
This is Hoi-Ho Chan's patch with some minor fixes by me. There
are some potential issues in this, but none worse than we can
sort out on the list and over time.
2010-05-05 22:30:46 +02:00
Ben Greear
38d2afcefb telnet: Allow programatic use of telnet.
The main change is to allow input from user-specified methods,
when they are specified with CURLOPT_READFUNCTION.
All calls to fflush(stdout) in telnet.c were removed, which makes
using 'curl telnet://foo.com' painful since prompts and other data
are not always returned to the user promptly.  Use
'curl --no-buffer telnet://foo.com' instead.  In general,
the user should have their CURLOPT_WRITEFUNCTION do a fflush
for interactive use.

Also fix assumption that reading from stdin never returns < 0.
Old code could crash in that case.

Call progress functions in telnet main loop.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-04-29 08:55:11 +02:00
Daniel Stenberg
107146676e SSH: init and cleanup libssh2 in global_init/cleanup
The necessary libssh2 functions require libssh2 1.2.5 or later.
2010-04-26 00:36:25 +02:00
Kamil Dudka
82e9b78a38 nss: fix SSL handshake timeout underflow 2010-04-24 23:23:01 +02:00
Guenter Knauf
07f45946b5 encourage users to take latest lib dependencies. 2010-04-24 17:48:09 +02:00
Daniel Stenberg
7fb7f24131 socks5: please static code analyzer
Make sure we don't call memcpy() if the argument is NULL even
though we also passed a zero length then, as the clang analyzer
whined and we want to limit warnings (even false positives) when
they're this easy to fix.

The change of (char) to (unsigned char) will fix long user names
and passwords on systems that have the char type signed by
default.
2010-04-24 12:40:00 +02:00
Daniel Stenberg
5b40c11c2f gzip: Value stored to 'data' is never read 2010-04-24 12:37:11 +02:00
Yang Tse
81512cc02b hmac.c related compilation adjustment 2010-04-20 21:35:31 +02:00
Yang Tse
32236dad5e hmac.c related compilation adjustment 2010-04-20 21:23:53 +02:00
monnerat
b30ce34d84 Add compilation directives for hmac in Watcom,riscos and vc6 platform-specific makefiles. 2010-04-20 19:23:48 +02:00
Ruslan Gazizov
2164b6b463 replaced wsock32.lib usage with ws2_32.lib in MSVC makefiles 2010-04-20 16:30:10 +02:00
monnerat
7af5e3c39e Merge branch 'master' of github.com:bagder/curl 2010-04-19 17:37:51 +02:00
monnerat
42930155ab Remove null-effect leftover code. 2010-04-19 17:30:20 +02:00
Daniel Stenberg
a5b7e3205d Curl_HMAC_MD5: fix the array init to not warn with picky compilers 2010-04-19 16:19:36 +02:00
monnerat
dfce37da23 Fix GnuTLS compilation problem in md5.c 2010-04-19 14:09:45 +02:00
monnerat
14bfcb96f5 Fix compilation problem: declare Curl_HMAC_MD5 as extern in include file. 2010-04-19 12:44:17 +02:00
monnerat
87fbcb4494 Merge branch 'master' of github.com:bagder/curl 2010-04-19 11:17:46 +02:00
monnerat
4bfe07640c Implement SMTP authentication 2010-04-19 11:16:30 +02:00
Daniel Stenberg
b7848e4a72 parsedate: Value stored to 'found' is never read 2010-04-17 18:57:39 +02:00
Daniel Stenberg
99ec359b4d check_gzip_header: Value stored to 'data' is never read 2010-04-17 18:55:52 +02:00
Daniel Stenberg
dfad8a6dad dprintf_formatf: Value stored to 'left' is never read 2010-04-16 23:50:39 +02:00
Daniel Stenberg
d841ab82b8 curl_version: remove superfluous assignments 2010-04-16 23:49:03 +02:00
Daniel Stenberg
d6be52d80e FTP PORT: Value stored to 'rc' is never read 2010-04-16 23:45:05 +02:00
Daniel Stenberg
c0111460b0 Curl_setup_transfer: no longer returns anything
This function could only return CURLE_OK and by changing it to
a void instead, we can simplify code all over.
2010-04-16 23:43:04 +02:00
Daniel Stenberg
93981bb9b5 PASV response: Value stored to 'rc' is never read 2010-04-16 23:28:20 +02:00
Daniel Stenberg
8f136288c5 Curl_perform: Value stored to 'res2' is never read 2010-04-16 23:27:35 +02:00
Daniel Stenberg
9799dbebd6 sftp range: remove unnecessary check for NULL pointer 2010-04-16 23:20:50 +02:00
Daniel Stenberg
b025ac16a6 ftp_range: remove unnecessary check for NULL pointer 2010-04-16 23:20:07 +02:00
Daniel Stenberg
5d43c75c66 file_range: remove unnecessary check for NULL pointer 2010-04-16 23:18:43 +02:00
Daniel Stenberg
15fa5dcfe6 SOCKS4: Value stored to 'rc' is never read 2010-04-16 23:03:55 +02:00
Daniel Stenberg
516dfd1705 FTP PASV: Value stored to 'rc' is never read 2010-04-16 23:02:15 +02:00
Daniel Stenberg
743bd81e64 ftp_range: Value stored to 'totalsize' is never read
Simplified the code by removing a local variable completely.
2010-04-16 23:00:21 +02:00
Daniel Stenberg
520cee3fb7 SOCKS5: when name resolves fail return immediately
This makes the code flow more obvious and reacts on the return
code properly, even if the code acted the same way before.
2010-04-16 22:58:04 +02:00
Daniel Stenberg
fa7341143a POP3: when USER command fails, don't even try PASS 2010-04-16 22:56:13 +02:00
Daniel Stenberg
313a5b05c2 tftp_rx: Value stored to 'sbytes' is never read 2010-04-16 22:55:07 +02:00
Daniel Stenberg
01fc53e027 file_range: Value stored to 'totalsize' is never read 2010-04-16 22:52:49 +02:00
Jerome Vouillon
c2888604d7 GnuTLS: make the connection phase non-blocking
When multi interface is used, the SSL handshake is no longer
blocking when GnuTLS is used.
2010-04-16 22:43:01 +02:00
Daniel Stenberg
6632d957e7 krb5_auth: fix my previous change to compile 2010-04-16 20:22:46 +02:00
Daniel Stenberg
2056ca9fea SSL_RECV: EOF is not an error here
The recent overhaul of the SSL recv function made this treat a
zero returned from gnutls_record_recv() as an error, and this
caused our HTTPS test cases to fail. We leave it to upper layer
code to detect if an EOF is a problem or not.
2010-04-16 15:29:25 +02:00
Daniel Stenberg
f3d4b17a9c resolvers: no more using AI_CANONNAME
No resolver anymore needs to use AI_CANONNAME and do reverse
lookups.  We should work hard to avoid having code that relies on
it.
2010-04-16 15:03:52 +02:00
Daniel Stenberg
5bd38b70dd KRB5: use given host name instead of reverse lookup'ed name
This code would previously use dns_entry->addr->ai_canonname
instead of the given host name, which caused us grief and
problems since not all our resolver options do the reverse lookup
and I would also guess that it caused problems with KRB5/GSS with
virtual name-based hosts. Now the host name from the URL is used.
2010-04-16 15:02:08 +02:00
Dan Fandrich
44f1bef668 Remove redundant conditional 2010-04-15 10:51:03 -07:00
Daniel Stenberg
68aae7f579 Curl_ipv4_resolve_r: only set AI_CANONNAME when needed
As reported in bug report #2987196, the code for ipv6 already did
the setting of this bit correctly so we copied that logic into
the Curl_ipv4_resolve_r() function as well. KRB code is the only
code we know that might need the cannonical name so only resolve
it for such requests!
2010-04-15 13:04:01 +02:00
Daniel Stenberg
5a814f6f2c ignore files generated by 'maketgz' 2010-04-14 17:12:34 +02:00
Yang Tse
6432fafa1a fix compiler warning: variable might be clobbered by longjmp or vfork 2010-04-13 16:34:13 +02:00
Guenter Knauf
32edba1999 added a cast to silent compiler warning with 64bit systems. 2010-04-12 16:47:48 +02:00
Daniel Stenberg
f9db721c1c update the section on timeouts
The section that describes how to work with timeouts was
misleading and could easily trick users to use the wrong API.
2010-04-12 11:09:55 +02:00
Daniel Stenberg
cf9145973b update URL and cut out wrong info on ipv6
c-ares has had its own URL for a while and we should point
people to that. It also works with IPv6 since a long time.
2010-04-12 11:09:08 +02:00
Daniel Stenberg
02892e4fd8 FTP quote commands prefixed with '*' now can fail without aborting
Prefixing the FTP quote commands with an asterisk really only
worked for the postquote actions. This is now fixed and test case
227 has been extended to verify.
2010-04-09 16:54:52 +02:00
Kamil Dudka
10977f57de qssl: reflect recent code changes in SSL interface
Reported by Guenter Knauf.
2010-04-07 10:47:19 +02:00
Kamil Dudka
ef1ac363ee nss: handle client certificate related errors 2010-04-06 13:42:11 +02:00
Ben Greear
e6858e267b ssl: Fix build when SSL isn't enabled
Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-04-06 01:44:28 +02:00
Kamil Dudka
ff8711135e refactorize interface of Curl_ssl_recv/Curl_ssl_send 2010-04-04 23:37:18 +02:00
Kamil Dudka
7425db3fab simplify code of Curl_resolv_timeout() 2010-04-04 23:35:21 +02:00
Kamil Dudka
64ac64e783 eliminate a race condition in Curl_resolv_timeout() 2010-04-04 23:34:24 +02:00
Ben Greear
e7e37a246a fixed compiler warnings 2010-04-02 21:02:35 +02:00
Daniel Stenberg
49f3160d69 fix SFTP download hang
Matt Wixson found and fixed a bug in the SCP/SFTP area where the
code treated a 0 return code from libssh2 to be the same as
EAGAIN while in reality it isn't. The problem caused a hang in
SFTP transfers from a MessageWay server.
2010-04-01 22:39:15 +02:00
Daniel Stenberg
1d265692b7 removed README.cmake due to the improved situation 2010-03-31 23:05:16 +02:00
Guenter Knauf
7b913444ec fix compiler warning with a cast. 2010-03-31 02:09:49 +02:00
Guenter Knauf
909fdc07bf make folks use latest available dependent libraries. 2010-03-31 01:10:09 +02:00
Daniel Stenberg
d1837ad90a use (s)size_t for string lengths to fix compiler warns 2010-03-29 16:30:35 +02:00
Ben Greear
7e22d6332b Fix compile warnings in ssh.c
strlen() returns size_t, but ssh libraries are wanting 'unsigned int'.  Add
explicit casts and use _ex versions of the ssh library calls.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-03-29 16:09:09 +02:00
Ben Greear
3ec7543007 fix smtp compile warning
Use ssize_t instead of int for the Curl_smtp_escape_eob nread
argument.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-03-29 16:03:38 +02:00
Ben Greear
69ccc9f861 pop3: Get message listing if no mailbox in URL
If you pass a URL to pop3 that does not contain a message ID as
part of the URL, it will currently ask for 'INBOX' which just
causes the pop3 server to return an error.

The change makes libcurl treat en empty message ID as a request
for LIST (list of pop3 message IDs).  User's code could then
parse this and download individual messages as desired.
2010-03-28 23:49:00 +02:00
Ben Greear
0eda142e90 allow user+password in the URL for all protocols
Ben Greear brought a patch that from now on allows all protocols
to specify name and user within the URL, in the same manner HTTP
and FTP have been allowed to in the past - although far from all
of the libcurl supported protocols actually have that feature in
their URL definition spec.
2010-03-27 23:00:51 +01:00
Ben Greear
7de44e0a42 Make rate-limitation logic smoother
This gives a smoother rate limitation performance by using
sub-second pauses and also taking the buffer sizes into
account.
2010-03-26 23:33:02 +01:00
Daniel Stenberg
05de2cf180 remove all .cvsignore files 2010-03-25 23:22:03 +01:00
Daniel Stenberg
93e6b1cb7c PROT_CLOSEACTION should not include TFTP
TFTP is not a protocol that uses close actions so it should
not be set in that bitmask!
2010-03-25 19:56:50 +01:00
Daniel Stenberg
675330b8df use CURL_SIZEOF_LONG instead of SIZEOF_LONG
That's the symbol we have or generate in include/curl/curlbuild.h
2010-03-25 11:39:13 +01:00
Bill Hoffman
481c61d060 Merge branch 'master' of github.com:bagder/curl 2010-03-24 14:19:50 -04:00
Bob Richmond
05632d5db9 fix: timeout after last data chunk was handled
Bob Richmond: There's an annoying situation where libcurl will
read new HTTP response data from a socket, then check if it's a
timeout if one is set. If the last packet received constitutes
the end of the response body, libcurl still treats it as a
timeout condition and reports a message like:

"Operation timed out after 3000 milliseconds with 876 out of 876
bytes received"

It should only a timeout if the timer lapsed and we DIDN'T
receive the end of the response body yet.
2010-03-24 17:02:17 +01:00
Daniel Stenberg
c245a8f92e avoid compiler warning without USE_ALARM_TIMEOUT 2010-03-24 17:00:20 +01:00
Bill Hoffman
d42f9329dc Fix curl CMake build.
This commit fixes the cmake build of curl, and cleans up the
cmake code a little.  It removes some commented out code and
some trailing whitespace.  To get curl to build the binary
tree include/curl directory needed to be added to the include
path. Also, SIZEOF_SHORT needed to be added.  A check for the
lack of defines of SIZEOF_* for warnless.c was added.
2010-03-24 10:57:54 -04:00
Chris Conroy
1ac168e576 Fix RTSP GET_PARAMETER empty and non-empty operation.
Test coverage included. Thanks to Massimo Callegari for the bug report
2010-03-24 13:21:14 +01:00
Daniel Stenberg
be28825b2d restore executable bits on some files 2010-03-24 11:07:35 +01:00
Daniel Stenberg
2309b4e330 remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
Daniel Stenberg
3f96b7827b update to current state 2010-03-24 10:44:25 +01:00
Daniel Stenberg
4b351d018e mark connection as connected
Kenny To filed the bug report #2963679 with patch to fix a
problem he experienced with doing multi interface HTTP POST over
a proxy using PROXYTUNNEL. He found a case where it would connect
fine but bits.tcpconnect was not set correct so libcurl didn't
work properly.

(http://curl.haxx.se/bug/view.cgi?id=2963679)
2010-03-23 23:30:39 +01:00
Daniel Stenberg
7fd32ce73d chunked-encoding with Content-Length: header problem
Akos Pasztory filed debian bug report #572276
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572276
mentioning a problem with a resource that returns chunked-encoded
_and_ with a Content-Length and libcurl failed to properly ignore
the latter information.
2010-03-23 15:26:45 +01:00
Daniel Stenberg
2a94293efd delayed easy handle kill caused double Curl_close() call
Hauke Duden provided an example program that made the multi
interface crash.  His example simply used the multi interface and
did first one FTP transfer and after completion it used a second
easy handle and did another FTP transfer on the same FTP server.

This triggered a bug in the "delayed easy handle kill" system
that curl uses: when an FTP connection is left alive it must keep
an easy handle around internally - only for the purpose of having
an easy handle when it later disconnects it. The code assumed
that when the easy handle was removed and an internal reference
was made, that version could be killed later on when a new easy
handle came using the same connection. This was wrong as Hauke's
example showed that the removed handle wasn't killed for real
until later. This caused a double close attempt => segfault.
2010-03-23 13:18:30 +01:00
Thomas Lopatic
6657f12fff fix the alarm()-based DNS timeout
Looking at the code of Curl_resolv_timeout() in hostip.c, I think
that in case of a timeout, the signal handler for SIGALRM never
gets removed. I think that in my case it gets executed at some
point later on when execution has long left Curl_resolv_timeout()
or even the cURL library.

The code that is jumped to with siglongjmp() simply sets the
error message to "name lookup timed out" and then returns with
CURLRESOLV_ERROR. I guess that instead of simply returning
without cleaning up, the code should have a goto that jumps to
the spot right after the call to Curl_resolv().
2010-03-22 21:57:48 +01:00
douglas steinwand
abcea311e3 Fix insufficient initialization in Curl_clone_ssl_config()
which could have caused a double free when reusing curl handle.
2010-03-22 09:25:03 +01:00
Ben Greear
ad76d58e7f Fix tftp return codes and tsize upload handling
Error codes were not properly returned to the main curl code (and on to apps
using libcurl).

tftp was crapping out when tsize == 0 on upload, but I see no reason to fail
to upload just because the remote file is zero-length.  Ignore tsize option on
upload.
2010-03-21 23:24:36 +01:00
Daniel Stenberg
930742776a more files to ignore 2010-03-21 00:21:34 +01:00
Daniel Stenberg
b40acd8009 provide an initial set of .gitignore files 2010-03-20 23:35:45 +01:00
Kamil Dudka
19ca0c0fbe - Improved Curl_read() to not ignore the error returned from Curl_ssl_recv(). 2010-03-19 15:43:11 +00:00
Daniel Stenberg
6728334edb fix warning about conversions between curl_off_t and long 2010-03-18 21:52:31 +00:00
Yang Tse
749fd2f9e9 another shot at the ftp_init() icc 9.1 optimizer issue 2010-03-18 17:37:00 +00:00
Daniel Stenberg
733f794cb8 - Constantine Sapuntzakis brought a patch:
The problem mentioned on Dec 10 2009
  (http://curl.haxx.se/bug/view.cgi?id=2905220) was only partially fixed.
  Partially because an easy handle can be associated with many connections in
  the cache (e.g. if there is a redirect during the lifetime of the easy
  handle).  The previous patch only cleaned up the first one. The new fix now
  removes the easy handle from all connections, not just the first one.
2010-03-15 22:40:42 +00:00
Yang Tse
52cd332b95 fix compiler warning 2010-03-11 18:53:42 +00:00
Dan Fandrich
c7e647b88a Allow compilation even when OpenSSL has been configured without MD4 support. 2010-03-11 06:57:33 +00:00
Daniel Stenberg
e262aaae2b - Ben Greear brought a patch that fixed the rate limiting logic for TFTP when
the easy interface was used.
2010-03-06 18:42:06 +00:00
Daniel Stenberg
a0c3edcc37 indent fix by Ben Greear, I removed some braces for single-line conditional
expressions
2010-03-06 18:39:45 +00:00
Yang Tse
f4551a9678 Constantine Sapuntzakis detected and fixed a double free in builds done
with threaded resolver enabled (Windows default configuration) that would
get triggered when a curl handle is closed while doing DNS resolution.
2010-03-05 03:15:19 +00:00
Daniel Stenberg
9b2cce236f - Based on patch provided by Jacob Moshenko, the transfer logic now properly
makes sure that when using sub-second timeouts, there's no final bad 1000ms
  wait. Previously, a sub-second timeout would often make the elapsed time end
  up the time rounded up to the nearest second (e.g. 1s for 200ms timeout)
2010-03-02 21:20:22 +00:00
Daniel Stenberg
6bf071df7e - Andrei Benea filed bug report #2956698 and pointed out that the
CURLOPT_CERTINFO feature leaked memory due to a missing OpenSSL function
  call. He provided the patch to fix it too.

  http://curl.haxx.se/bug/view.cgi?id=2956698
2010-03-02 13:41:18 +00:00
Daniel Stenberg
13ac29382f - Made the pingpong timeout code properly deal with the response timeout AND
the global timeout if set. Also, as was reported in the bug report #2956437
  by Ryan Chan, the time stamp to use as basis for the per command timeout was
  not set properly in the DONE phase for FTP (and not for SMTP) so I fixed
  that just now. This was a regression compared to 7.19.7 due to the
  conversion of FTP code over to the generic pingpong concepts.

  http://curl.haxx.se/bug/view.cgi?id=2956437
2010-03-02 13:26:23 +00:00
Daniel Stenberg
8719398d05 remove assignment never used 2010-03-02 13:05:02 +00:00
Daniel Stenberg
53aa6b21fe - Ben Greear provided an update for TFTP that fixes upload. 2010-03-01 22:14:47 +00:00
Daniel Stenberg
496002ea1c - Wesley Miaw reported bug #2958179 which identified a case of looping during
OpenSSL based SSL handshaking even though the multi interface was used and
  there was no good reason for it.

  http://curl.haxx.se/bug/view.cgi?id=2958179
2010-03-01 21:59:07 +00:00
Daniel Stenberg
03a57308b9 - Pat Ray in bug #2958474 pointed out an off-by-one case when receiving a
chunked-encoding trailer.

  http://curl.haxx.se/bug/view.cgi?id=2958474
2010-02-26 22:55:30 +00:00
Dan Fandrich
507d58435a Fixed a couple of out of memory leaks and a segfault in the IMAP code. 2010-02-26 21:24:44 +00:00
Yang Tse
cef95aadeb Added SIZEOF_INT and SIZEOF_SHORT definitions for non-configure systems 2010-02-26 18:32:46 +00:00
Yang Tse
bcd1c7c2e9 fix compiler warning 2010-02-26 16:42:33 +00:00
Yang Tse
87428e07ca fix compiler warning 2010-02-26 01:47:21 +00:00
Yang Tse
01fb0d8497 fix compiler warning 2010-02-25 08:09:05 +00:00
Dan Fandrich
cce81a7f45 Fixed a couple of out of memory leaks and a segfault in the SMTP code. 2010-02-25 08:07:06 +00:00
Yang Tse
5695c4db86 fix compiler warning 2010-02-24 00:03:06 +00:00
Yang Tse
4186b5b41f fix compiler warning 2010-02-23 16:07:54 +00:00
Yang Tse
5b778a7ca4 fix socket data type and logging format in debug tracking socket functions 2010-02-22 23:28:56 +00:00
Yang Tse
439f62bfa8 convert Curl_ultous() and Curl_ultouc() functions to curlx_ultous() and
curlx_ultouc(), exposing them through curlx.h to allow proper code reuse
later in our test harness.
2010-02-22 18:56:29 +00:00
Patrick Monnerat
e1625ba727 _ Adjusted RFC821 HELO fallback and enabled test804 2010-02-22 13:57:57 +00:00
Patrick Monnerat
338553eda3 - Proper handling of STARTTLS on SMTP, taking CURLUSESSL_TRY into account.
- SMTP falls back to RFC821 HELO when EHLO fails (and SSL is not required).
- Use of true local host name (i.e.: via gethostname()) when available, as default argument to SMTP HELO/EHLO.
- Test case 804 for HELO fallback.
2010-02-22 12:41:02 +00:00
Yang Tse
2abcd132f8 add header inclusion 2010-02-22 03:41:02 +00:00
Yang Tse
dc9f0a9758 fix compiler warning 2010-02-22 02:37:13 +00:00
Yang Tse
10affed097 fix compiler warning 2010-02-21 19:59:09 +00:00
Daniel Stenberg
a4a60afabb - Fixed the SMTP compliance by making sure RCPT TO addresses are specified
properly in angle brackets. Recipients provided with CURLOPT_MAIL_RCPT now
  get angle bracket wrapping automatically by libcurl unless the recipient
  starts with an angle bracket as then the app is assumed to deal with that
  properly on its own.
2010-02-20 22:29:59 +00:00
Daniel Stenberg
a434cb43e8 - I made the SMTP code expect a 250 response back from the server after the
full DATA has been sent, and I modified the test SMTP server to also send
  that response. As usual, the DONE operation that is made after a completed
  transfer is still not doable in a non-blocking way so this waiting for 250
  is unfortunately made blockingly.
2010-02-20 21:56:48 +00:00
Daniel Stenberg
846b926a3f corected a comment and wrapped a few longish lines 2010-02-20 21:41:25 +00:00
Yang Tse
f0d3930346 fix compiler warning 2010-02-20 19:51:02 +00:00
Yang Tse
a6fb6b70c7 fix compiler warning 2010-02-20 11:58:26 +00:00
Yang Tse
2179ef9fa9 fix compiler warning 2010-02-20 01:15:10 +00:00
Yang Tse
048438345a fix compiler warning 2010-02-19 18:02:38 +00:00
Daniel Stenberg
23bab783d4 use curl standard indentation and line lengths 2010-02-17 12:13:55 +00:00
Yang Tse
46b112bcd4 replaced tabs with spaces 2010-02-16 13:32:45 +00:00
Yang Tse
4b43d18c4a fix compiler warning: conversion from "long" to "size_t" may lose sign 2010-02-15 16:18:52 +00:00
Yang Tse
a07bc79117 removed trailing whitespace 2010-02-14 19:40:18 +00:00
Gunter Knauf
68b73bcfba used allways #ifdef / #ifndef;
moved gethostbyname_thread() to #else case to avoid 'not used' compiler warning.
2010-02-13 18:39:47 +00:00
Gunter Knauf
ac04add596 replaced tabs by spaces, removed trailing tabs/spaces. 2010-02-13 18:29:59 +00:00
Daniel Stenberg
975814368a - Jack Zhang reported a problem with SMTP: we wrongly used multiple addresses
in the same RCPT TO line, when they should be sent in separate single
  commands. I updated test case 802 to verify this.

- I also fixed a bad use of my_setopt_str() of CURLOPT_MAIL_RCPT in the curl
  tool which made it try to output it as string for the --libcurl feature
  which could lead to crashes.
2010-02-12 22:23:46 +00:00
Patrick Monnerat
4258e943a1 _ Make it compilable again on OS400.
_ Upgrade OS400 EBCDIC wrappers for new options.
_ Upgrade ILE/RPG bindings to current state.
2010-02-11 18:49:06 +00:00
Daniel Stenberg
06ae8ca5a6 - When downloading compressed content over HTTP and the app as asked libcurl
to automatically uncompress it with the CURLOPT_ENCODING option, libcurl
  could wrongly provide the callback with more data than what the maximum
  documented amount. An application could thus get tricked into badness if the
  maximum limit was trusted to be enforced by libcurl itself (as it is
  documented).

  This is further detailed and explained in the libcurl security advisory
  20100209 at

    http://curl.haxx.se/docs/adv_20100209.html
2010-02-09 09:35:48 +00:00
Daniel Stenberg
d33da42334 set VERSIONINFO accordingly for the 7.20.0 release 2010-02-09 09:35:07 +00:00
Yang Tse
71593dfe57 OOM handling fix 2010-02-06 17:30:06 +00:00
Yang Tse
0f4a91afde OOM handling fix 2010-02-06 13:21:45 +00:00
Yang Tse
12d01bc5f7 - avoid OpenSSL 0.9.8 ENGINE_by_id memory leak
- cleanup parenthesis usage in return statements
2010-02-05 09:33:36 +00:00
Yang Tse
bc7615ae2d - attempt to workaround icc 9.1 optimizer issue 2010-02-05 09:32:11 +00:00
Yang Tse
7aef172a34 fix printf-style format strings 2010-02-04 19:44:31 +00:00
Yang Tse
15efa262bb Fix compiler warning: unused variable 2010-02-04 10:08:39 +00:00
Dan Fandrich
680434f313 Changed the Watcom makefiles to make them easier to keep in sync with
Makefile.inc since that can't be included directly.
2010-02-03 23:07:11 +00:00
Yang Tse
b77d0db59e Fix OOM handling 2010-02-03 13:28:47 +00:00
Yang Tse
381a4d6efe Fix portability issue related with unaligned memory access 2010-02-03 06:49:27 +00:00
Yang Tse
f6d288a397 Fix compiler warnings: conversion from 'const int ' to 'unsigned char ', possible loss of data 2010-02-03 06:44:18 +00:00
Yang Tse
d1717e7c90 Fix compiler warning: conditional expression is constant 2010-02-02 16:25:07 +00:00
Yang Tse
e569ff959f Fix compiler warning: local variable may be used without having been initialized. 2010-02-02 16:23:42 +00:00
Yang Tse
839b61c32a Fix compiler warnings: conversion from 'const int ' to 'unsigned char ', possible loss of data 2010-02-02 16:23:01 +00:00
Yang Tse
46de140aca Fix compiler warning: variable was set but never used
Simplify preprocessor symbol checking
2010-02-02 09:15:52 +00:00
Daniel Stenberg
17a2c32ca9 Julien Chaffraix pointed out a comment mistake, and I re-indented the code
slightly while editing
2010-02-02 08:48:58 +00:00
Yang Tse
35e220606d Conroy's fix to make the code match with the RTP documentation regarding
writing out the whole header. The docs say it writes the whole header,
but the code (before this patch) did not write out the leading $.
2010-02-01 22:13:55 +00:00
Daniel Stenberg
55f1e787f3 We introduce a loop in lib/multi.c around all calls to multi_runsingle() and
simply check for CURLM_CALL_MULTI_PERFORM internally. This has the added
benefit that this goes in line with my long-term wishes to get rid of the
CURLM_CALL_MULTI_PERFORM all together from the public API.
2010-02-01 21:42:44 +00:00
Yang Tse
715e3a806f Make Curl_pop3_write() additionally truncate trailing POP3_EOB from received
string buffer, otherwise Curl_client_write() call with zero size would write
to the end of string buffer including matched POP3_EOB.
2010-01-30 05:22:30 +00:00
Yang Tse
6ebd71d186 WIN32 fix, _beginthreadex() may return either 0 or -1L upon failure 2010-01-29 17:47:54 +00:00
Yang Tse
4ee4e66c4f fix errno usage for WIN32 builds 2010-01-29 16:38:43 +00:00
Yang Tse
fce02e1cab RTSP followup fix. Both the pipelined and non-pipelined case need to
check for (excess > 0 && !k->ignorebody).
2010-01-29 01:16:23 +00:00
Yang Tse
d65cf7889b fix printf-style format strings 2010-01-28 15:34:18 +00:00
Yang Tse
3e21f1e971 fix printf-style format strings 2010-01-28 07:52:12 +00:00
Yang Tse
2f3bce1193 Chris Conroy's RTSP followup fixes 2010-01-28 01:39:16 +00:00
Yang Tse
bbefdf88fd fix compiler warning 2010-01-27 03:43:34 +00:00
Daniel Stenberg
c82a1f95eb - Mike Crowe made libcurl return CURLE_COULDNT_RESOLVE_PROXY when it is the
proxy that cannot be resolved when using c-ares. This matches the behaviour
  when not using c-ares.
2010-01-26 22:59:43 +00:00
Daniel Stenberg
9bc897f380 Andre Guibert de Bruet improved the libssh2 error code translation 2010-01-26 12:25:03 +00:00
Yang Tse
9b0e57b0f7 resolver selection for non-configure Windows builds, default is threaded DNS 2010-01-26 12:13:39 +00:00
Yang Tse
1d86ebfc88 add curl_threads.c to non-configure target build files 2010-01-26 09:20:09 +00:00
Yang Tse
a9b860765d onstantine Sapuntzakis threaded resolver enhancements 2010-01-26 08:43:21 +00:00
Yang Tse
483ff1ca75 Constantine Sapuntzakis threaded resolver enhancements 2010-01-25 23:50:13 +00:00
Yang Tse
c054b8bfa7 Constantine Sapuntzakis provided initial thread abstraction layer 2010-01-25 23:46:27 +00:00
Yang Tse
340ab2f87f make Curl_handler_*_proxy definition static 2010-01-25 23:41:02 +00:00
Yang Tse
4bb80cfd75 fix compiler warning 2010-01-25 04:36:13 +00:00
Daniel Stenberg
de2cc11a73 Julien Chaffraix corrected bad #elif lines to silence warnings 2010-01-24 22:44:10 +00:00
Yang Tse
c656098ee0 HAVE_GETADDRINFO_THREADSAFE definition for non-configure win32 builds 2010-01-24 01:13:47 +00:00
Yang Tse
0abd928d3d add inclusion of curl_memory.h 2010-01-23 17:31:54 +00:00
Yang Tse
597ad5a2ce adjust preprocessor symbol definition check relative to resolver specialty 2010-01-23 13:53:33 +00:00
Dan Fandrich
ec4647c0f9 Include "curl_memory.h" to get the strdup replacement when necessary 2010-01-23 10:04:04 +00:00
Daniel Stenberg
33ce0ec1f1 wrap long lines and do some indent policing 2010-01-22 23:21:39 +00:00
Yang Tse
1435864030 Definitions of resolver specialty compile-time defines CURLRES_* moved
from hostip.h to setup.h in order to allow proper inclusion in any file.

This represents no functional change at all in which resolver is used,
everything still works as usual, internally and externally there is no
difference in behavior.
2010-01-22 20:27:48 +00:00
Yang Tse
6636fbf238 deal with the possibility that CURL_DISABLE_RTSP may already be defined 2010-01-22 15:15:08 +00:00
Yang Tse
c94d44505f fix compiler warning: statement is unreachable 2010-01-22 14:21:28 +00:00
Yang Tse
0032ce762e fix compilation when http is disabled 2010-01-22 14:20:56 +00:00
Yang Tse
bdb338b3c7 disabling of rtsp when http isn't enabled required here for non-configure systems 2010-01-22 14:20:08 +00:00
Daniel Stenberg
099eed7bf1 wrap long lines, remove (very old) attribution from code 2010-01-22 13:52:35 +00:00
Daniel Stenberg
a771fb0d41 alphabetically sort the list of supported protocols 2010-01-22 13:06:50 +00:00
Daniel Stenberg
844c19cc5b s/RTPFUNCTION/INTERLEAVEFUNCTION/
s/RTPDATA/INTERLEAVEDATA/
2010-01-22 12:17:03 +00:00
Yang Tse
bfc4c33985 Constantine Sapuntzakis refactoring of async callbacks, allowing
removal of Curl_addrinfo_copy(), Curl_addrinfo6_callback(), and
Curl_addrinfo4_callback()
2010-01-22 06:36:52 +00:00
Dan Fandrich
5af20c70e4 Added rtsp.c to the non-configure target build files 2010-01-21 22:03:26 +00:00
Yang Tse
bd7430c1ee fix compiler warning 2010-01-21 19:27:32 +00:00
Yang Tse
6e5acc2fc1 make tftp_translate_code() static, it is only used from within tftp.c 2010-01-21 14:44:28 +00:00
Daniel Stenberg
bc4582b68a Chris Conroy brought support for RTSP transfers, and with it comes 8(!) new
libcurl options for controlling what to get and how to receive posssibly
interleaved RTP data. Initial commit.
2010-01-21 13:58:30 +00:00
Daniel Stenberg
877dad1e24 - As was pointed out on the http-state mailing list, the order of cookies in a
HTTP Cookie: header _needs_ to be sorted on the path length in the cases
  where two cookies using the same name are set more than once using
  (overlapping) paths. Realizing this, identically named cookies must be
  sorted correctly. But detecting only identically named cookies and take care
  of them individually is harder than just to blindly and unconditionally sort
  all cookies based on their path lengths. All major browsers also already do
  this, so this makes our behavior one step closer to them in the cookie area.

  Test case 8 was the only one that broke due to this change and I updated it
  accordingly.
2010-01-19 23:19:59 +00:00
Daniel Stenberg
a5ca3f1754 - David McCreedy brought a fix and a new test case (129) to make libcurl work
again when downloading files over FTP using ASCII and it turns out that the
  final size of the file is not the same as the initial size the server
  reported. This is very common since servers don't take the newline
  conversions into account.
2010-01-19 21:39:10 +00:00
Yang Tse
afdc3d81e9 update copyright year notice 2010-01-19 01:30:07 +00:00
Yang Tse
ccfe279117 Constantine Sapuntzakis enhancements to make memory tracking log file writing
of messages atomic, on systems where an fwrite of a memory buffer is atomic.
2010-01-18 20:22:04 +00:00
Yang Tse
b992928f3d Store now this file in CVS with unix line endings.
maketgz already converts this file to DOS style with an awk filter.
2010-01-15 20:23:35 +00:00
Dan Fandrich
a644af129e Added the new protocol source files to the non-autoconf build files 2010-01-15 06:33:46 +00:00
Daniel Stenberg
d17416190b ssh_statemach_act() is now modified to loop over the switch() to perform as
much as possible in one go, as long as it doesn't block and hasn't reached the
end of the state machine.
This avoids spurious -1 returns from curl_multi_fdset() simply because
previously it would return from this function without anything in EWOUDLBLOCK
and thus basically it wasn't actually waiting for anything!!
2010-01-11 23:10:53 +00:00
Daniel Stenberg
2158e234aa After the TCP connect is confirmed in CURLM_STATE_WAITCONNECT and it changes
state, we return CURLM_CALL_MULTI_PERFORM unconditionally then so that we
can act faster like in the case the protocol-specific connect doesn't block
on anything and we can just persue on the next action immediately. It also
then avoids a case where curl_multi_fdset() would return -1.
2010-01-11 23:05:35 +00:00
Daniel Stenberg
377b2db05b - Made sure that the progress callback is repeatedly called at a regular
interval even during very slow connects.
2010-01-11 21:38:13 +00:00
Daniel Stenberg
b90703f594 struct Curl_sh_entry's 'inuse' member was no longer used and is now removed 2010-01-09 00:03:33 +00:00
Daniel Stenberg
552c3de357 - Johan van Selst found and fixed a OpenSSL session ref count leak:
ossl_connect_step3() increments an SSL session handle reference counter on
  each call. When sessions are re-used this reference counter may be
  incremented many times, but it will be decremented only once when done (by
  Curl_ossl_session_free()); and the internal OpenSSL data will not be freed
  if this reference count remains positive. When a session is re-used the
  reference counter should be corrected by explicitly calling
  SSL_SESSION_free() after each consecutive SSL_get1_session() to avoid
  introducing a memory leak.

  (http://curl.haxx.se/bug/view.cgi?id=2926284)
2010-01-08 23:45:23 +00:00
Daniel Stenberg
8524c04ca9 removed a parameter from the Curl_http_readwrite_headers() prototype to remove
the need for the struct forward declaration from http.h which caused problems
with gcc 2.96 and quite frankly the parameter wasn't necessary anyway
2010-01-07 22:48:28 +00:00
Daniel Stenberg
d37a9c4f87 removed Curl_http_header_append() prototype as it isn't used anymore, the
function was moved to http.c and was made static and renamed
2010-01-07 14:02:05 +00:00
Daniel Stenberg
88944eb13a - Make sure the progress callback is called repeatedly even during very slow
name resolves when c-ares is used for resolving.
2010-01-06 23:04:17 +00:00
Claes Jakobsson
9bd03483ce Julien Chaffraix fixed so that the fragment part in an URL is not sent to the server anymore 2010-01-06 16:01:48 +00:00
Kamil Dudka
fd903eb6be - Julien Chaffraix eliminated a duplicated initialization in singlesocket(). 2010-01-03 13:46:37 +00:00
Daniel Stenberg
a62f32d3c2 update copyright year since we are in 2010 now 2010-01-01 14:52:50 +00:00
Daniel Stenberg
605bbfc4c0 - Ingmar Runge enhanced libcurl's FTP engine to support the PRET command. This
command is a special "hack" used by the drftpd server, but even though it is
  a custom extension I've deemed it fine to add to libcurl since this server
  seems to survive and people keep using it and want libcurl to support
  it. The new libcurl option is named CURLOPT_FTP_USE_PRET, and it is also
  usable from the curl tool with --ftp-pret. Using this option on a server
  that doesn't support this command will make libcurl fail.
2010-01-01 14:44:44 +00:00
Daniel Stenberg
3f3f6be825 turned CURLOPT_MAIL_RCPT into a curl_slist list instead to support multiple
receivers, and made the command line tool thus support the option specified
many times
2009-12-31 21:52:01 +00:00
Daniel Stenberg
6c6dc3f879 modified to get the EHLO domain from the path part of the URL instead of the
user name
2009-12-30 22:50:42 +00:00
Daniel Stenberg
a1311e5a24 moved the SMTP payload escape function into Curl_smtp_escape_eob and put
it in smtp.c
2009-12-30 22:09:43 +00:00
Daniel Stenberg
5e6ffe353a (SMTP) support DATA better in the server and make sure to "escape" CRLF.CRLF
sequences in uploaded data. The test server doesn't "decode" escaped dot-lines
but instead test cases must be written to take them into account. Added test
case 803 to verify dot-escaping.
2009-12-30 21:52:27 +00:00
Yang Tse
d7cd761047 Oops, should have removed 'not' in previous commit. 2009-12-30 19:43:12 +00:00
Yang Tse
3184a91ec8 VMS specific preprocessor symbol checking adjustments 2009-12-30 17:59:56 +00:00
Yang Tse
a487c80535 Replaced stricmp() usage with our portable strequal() 2009-12-30 15:47:23 +00:00
Daniel Stenberg
1e9a946e6d move HTTP-specific functions to http.c where they belong 2009-12-29 21:45:02 +00:00
Daniel Stenberg
a218235964 first shot at actually doing the SMTP upload as well, not doing the proper
end-of-body treatment
2009-12-25 22:50:11 +00:00
Daniel Stenberg
d911e22d8f remove some unused code 2009-12-20 22:11:16 +00:00
Daniel Stenberg
6add5baa3a free the allocated mailbox name at disconnect 2009-12-20 11:10:08 +00:00
Daniel Stenberg
240fa29e94 fixed a precaution check in the cookie code, pointed out by Julien Chaffraix 2009-12-19 19:20:26 +00:00
Yang Tse
4d0b0cae9e Fix compilation failure 2009-12-17 20:01:24 +00:00
Daniel Stenberg
a75d9d9169 uh, assign the bool it points to properly 2009-12-17 16:07:02 +00:00
Daniel Stenberg
54c60d0067 Stop overloading the conn->protocol field with the PROT_MISSING bit. It
really didn't belong there and had no real point.
2009-12-17 16:03:39 +00:00
Daniel Stenberg
91d05903b4 Remove pointless storing of the protocol as a string within the connectdata
struct, and instead use the already stored string in the handler struct.
2009-12-17 15:45:04 +00:00
Daniel Stenberg
10a11e3abe - David Byron fixed Curl_ossl_cleanup to actually call ENGINE_cleanup when
available.
2009-12-17 13:29:41 +00:00
Daniel Stenberg
7603a29fc3 Follow-up fix for the proxy fix I did for Jon Nelson's bug. It turned out I
was a bit too quick and broke test case 1101 with that change. The order of
some of the setups is sensitive. I now changed it slightly again.
2009-12-16 23:11:47 +00:00
Daniel Stenberg
3111701c38 - Jon Nelson found a regression that turned out to be a flaw in how libcurl
detects and uses proxies based on the environment variables. If the proxy
  was given as an explicit option it worked, but due to the setup order
  mistake proxies would not be used fine for a few protocols when picked up
  from '[protocol]_proxy'. Obviously this broke after 7.19.4. I now also added
  test case 1106 that verifies this functionality.

  (http://curl.haxx.se/bug/view.cgi?id=2913886)
2009-12-14 23:16:09 +00:00
Yang Tse
2c9644b812 Fix compiler warning 2009-12-14 16:05:57 +00:00
Yang Tse
b0f548fb56 Fix compiler warnings 2009-12-14 14:02:43 +00:00
Daniel Stenberg
83a6b34803 split out more protocol-specific structs from urldata.h into their own
protocol-specific header files
2009-12-12 22:17:51 +00:00
Daniel Stenberg
ec3bb8f727 introducing IMAP, POP3 and SMTP support (still lots of polish left to do) 2009-12-12 21:54:01 +00:00
Yang Tse
463d2d395c Prevent rewinding unless pipelining.
See http://curl.haxx.se/mail/lib-2009-12/0107.html
2009-12-11 18:41:29 +00:00
Yang Tse
2fc1752d6e Removed function prototype without implementation 2009-12-11 02:14:11 +00:00
Daniel Stenberg
315253b367 - Constantine Sapuntzakis figured out a case which would lead to libcurl
accessing alredy freed memory and thus crash when using HTTPS (with
  OpenSSL), multi interface and the CURLOPT_DEBUGFUNCTION and a certain order
  of cleaning things up. I fixed it.

  (http://curl.haxx.se/bug/view.cgi?id=2891591)
2009-12-10 20:20:15 +00:00
Daniel Stenberg
3b1de97eaa minor indent change 2009-12-10 20:19:56 +00:00
Daniel Stenberg
ebe5339003 - Martin Storsjo made libcurl use the Expect: 100-continue header for posts
with unknown size. Previously it was only used for posts with a known size
  larger than 1024 bytes.
2009-12-07 20:25:17 +00:00
Kamil Dudka
fb2425b147 lib/nss.c: avoid use of uninitialized value 2009-12-02 17:24:38 +00:00
Daniel Stenberg
f0826974f2 - If the Expect: 100-continue header has been set by the application through
curl_easy_setopt with CURLOPT_HTTPHEADER, the library should set
  data->state.expect100header accordingly - the current code (in 7.19.7 at
  least) doesn't handle this properly. Martin Storsjo provided the fix!
2009-12-01 12:04:54 +00:00
Yang Tse
230dc699e2 s/socklen_t/curl_socklen_t/g 2009-11-28 04:34:46 +00:00
Yang Tse
3f6854272f Fix compiler warning: unused variable `data' 2009-11-28 03:00:32 +00:00
Daniel Stenberg
6e38cc9048 - Markus Koetter provided a polished and updated version of Chad Monroe's TFTP
rework patch that now integrates TFTP properly into libcurl so that it can
  be used non-blocking with the multi interface and more. BLKSIZE also works.

  The --tftp-blksize option was added to allow setting the TFTP BLKSIZE from
  the command line.
2009-11-27 23:46:29 +00:00
Daniel Stenberg
c7d2e4c1e1 - Extended and fixed the change I did on Dec 11 for the the progress
meter/callback during FTP command/response sequences. It turned out it was
   really lame before and now the progress meter SHOULD get called at least
   once per second.
2009-11-26 19:07:54 +00:00
Daniel Stenberg
88fe6557e9 refreshed 2009-11-24 07:40:43 +00:00
Daniel Stenberg
504e6d7ae6 - Constantine Sapuntzakis identified a write after close, as the sockets were
closed by libcurl before the SSL lib were shutdown and they may write to its
  socket. Detected to at least happen with OpenSSL builds.
2009-11-20 19:32:49 +00:00
Daniel Stenberg
a41493b3b0 - Jad Chamcham pointed out a bug with connection re-use. If a connection had
CURLOPT_HTTPPROXYTUNNEL enabled over a proxy, a subsequent request using the
  same proxy with the tunnel option disabled would still wrongly re-use that
  previous connection and the outcome would only be badness.
2009-11-20 13:27:21 +00:00
Yang Tse
5129442ee7 Explicit initialization of all FTP struct members in ftp_init() 2009-11-19 17:21:56 +00:00
Yang Tse
e8fd5d8062 Fix compiler warning: ISO C90 forbids mixed declarations and code 2009-11-18 11:53:31 +00:00
Yang Tse
2f6dcaa644 Make memory tracking system intolerant with zero sized malloc(),
calloc() and realloc() function calls.
2009-11-18 11:21:58 +00:00
Yang Tse
59939313f8 Make usage of calloc()'s arguments consistent with rest of code base 2009-11-18 10:33:54 +00:00
Daniel Stenberg
b32d1a9a1d - Constantine Sapuntzakis provided another fix for the DNS cache that could
end up with entries that wouldn't time-out:

  1. Set up a first web server that redirects (307) to a http://server:port
     that's down
  2. Have curl connect to the first web server using curl multi

  After the curl_easy_cleanup call, there will be curl dns entries hanging
  around with in_use != 0.

  (http://curl.haxx.se/bug/view.cgi?id=2891591)
2009-11-17 22:53:55 +00:00
Yang Tse
3b8d7fddf7 Client certificate ENG file type requires OpenSSL 0.9.7 or newer 2009-11-15 12:58:50 +00:00
Yang Tse
581ce03345 Remove enable-thread / disable-thread configure option. These were only placebo
options. The library is always built as thread safe as possible on every system.
2009-11-15 02:45:23 +00:00
Yang Tse
1cbc93fb54 Refactor how preprocessor symbol _THREAD_SAFE definition is done. 2009-11-14 18:51:37 +00:00
Yang Tse
a8ddd6ce31 OpenSSL 0.9.7 or newer required for ENGINE_CTRL_GET_CMD_FROM_NAME definition 2009-11-14 11:33:49 +00:00
Daniel Stenberg
9c49e51f7e - Camille Moncelier added support for the file type SSL_FILETYPE_ENGINE for
the client certificate. It also disable the key name test as some engines
  can select a private key/cert automatically (When there is only one key
  and/or certificate on the hardware device used by the engine)
2009-11-14 07:53:34 +00:00
Yang Tse
90bc6ee8f3 - Constantine Sapuntzakis provided the fix that ensures that an SSL connection
won't be reused unless protection level for peer and host verification match.
2009-11-14 02:30:30 +00:00
Yang Tse
05a4abea04 Constantine Sapuntzakis patch for hostip.c
No need for a separate variable ndns.

The memory leak detection will detect code that fails to release a dns reference.

The DEBUGASSERT will detect code that releases too many references.
2009-11-12 19:28:43 +00:00
Yang Tse
011a2818db Add missing variable initialization 2009-11-12 14:36:34 +00:00
Kamil Dudka
571309dc3e - libcurl-NSS now tries to reconnect with TLS disabled in case it detects
a broken TLS server. However it does not happen if SSL version is selected
  manually. The approach was originally taken from PSM. Kaspar Brand helped me
  to complete the patch. Original bug reports:
  https://bugzilla.redhat.com/525496
  https://bugzilla.redhat.com/527771
2009-11-12 11:16:31 +00:00
Kamil Dudka
d547d00f2c - Kevin Baughman provided a fix preventing libcurl-NSS from crash on doubly
closed NSPR descriptor. The issue was hard to find, reported several times
  before and always closed unresolved. More info at the RH bug:
  https://bugzilla.redhat.com/534176
2009-11-12 10:54:10 +00:00
Yang Tse
668dc0ad87 Make hostip.c compile again 2009-11-12 04:32:08 +00:00
Yang Tse
40c2c3270d - Marco Maggi reported that compilation failed when configured --with-gssapi
and GNU GSS installed due to a missing mutual exclusion of header files in
  the Kerberos 5 code path. He also verified that my patch worked for him.
2009-11-11 21:15:34 +00:00
Daniel Stenberg
fb5f332834 - Constantine Sapuntzakis posted bug #2891595
(http://curl.haxx.se/bug/view.cgi?id=2891595) which identified how an entry
  in the DNS cache would linger too long if the request that added it was in
  use that long. He also provided the patch that now makes libcurl capable of
  still doing a request while the DNS hash entry may get timed out.
2009-11-11 09:31:37 +00:00
Daniel Stenberg
107c4d878a - Christian Schmitz noticed that the progress meter/callback was not properly
used during the FTP connection phase (after the actual TCP connect), while
  it of course should be. I also made the speed check get called correctly so
  that really slow servers will trigger that properly too.
2009-11-11 09:01:43 +00:00
Kamil Dudka
676e0c28e7 - Dropped misleading timeouts in libcurl-NSS and made sure the SSL socket works
in non-blocking mode.
2009-11-05 15:41:31 +00:00
Yang Tse
55e68ba333 I removed leading 'curl' path on the 'curlbuild.h' include statement in
curl.h, adjusting auto-makefiles include path, to enhance portability to
OS's without an orthogonal directory tree structure such as OS/400.
2009-11-05 15:04:03 +00:00
Yang Tse
3f56d12830 avoid division by zero 2009-11-05 15:00:28 +00:00
Daniel Stenberg
257f2376d5 - I fixed several problems with the transfer progress meter. It showed the
wrong percentage for small files, most notable for <1000 bytes and could
  easily end up showing more than 100% at the end. It also didn't show any
  percentage, transfer size or estimated transfer times when transferring
  less than 100 bytes.
2009-11-04 23:09:17 +00:00
Yang Tse
c8da2980ed include progress.h for Curl_pgrsSetDownloadCounter function prototype 2009-11-02 20:04:18 +00:00
Daniel Stenberg
b19dc0eeb0 - As reported independent by both Stan van de Burgt and Didier Brisebourg,
CURLINFO_SIZE_DOWNLOAD (the -w variable size_download) didn't work when
  getting data from ldap!
2009-11-02 18:49:56 +00:00
Daniel Stenberg
41de897b6b describe the cmake situation 2009-11-02 16:24:11 +00:00
Daniel Stenberg
223d848104 - Gabriel Kuri reported a problem with CURLINFO_CONTENT_LENGTH_DOWNLOAD if the
download was 0 bytes, as libcurl would then return the size as unknown (-1)
  and not 0. I wrote a fix and test case 566 to verify it.
2009-10-31 18:51:50 +00:00
Daniel Stenberg
a76f4ab7dd - Liza Alenchery mentioned a problem with re-used SCP connection when a bad
auth is used, as it caused a crash. I failed to repeat the issue, but still
  made a change that now forces the TCP connection used for a freed SCP
  session to get closed and not be re-used.
2009-10-30 22:28:56 +00:00
Daniel Stenberg
d68f215f03 - "Tom" posted a bug report that mentioned how libcurl did wrong when doing a
POST using a read callback, with Digest authentication and
  "Transfer-Encoding: chunked" enforced.  I would then cause the first request
  to be wrongly sent and then basically hang until the server closed the
  connection. I fixed the problem and added test case 565 to verify it.
2009-10-30 22:24:48 +00:00
Yang Tse
308497ffc6 Fix compiler warning: control reaches end of non-void function 2009-10-29 04:02:21 +00:00
Yang Tse
b205525d34 Take in account c-ares 1.6.1 will use __declspec function decoration
for Win32 and Symbian unless CARES_STATICLIB is defined to use static
library linkage.
2009-10-29 03:48:00 +00:00
Daniel Stenberg
6a79b0e859 Since the NSS lib closes the socket the memory tracking system wrongly gets a
false positive on a leaked socket, so this introduces a way to tell the system
that the socket is indeed closed without explicitly closing it!
2009-10-28 20:30:23 +00:00
Yang Tse
21af9bf1cd Fix spelling 2009-10-27 16:56:20 +00:00
Yang Tse
b2f4308980 Fix Pelles C Win32 target compilation issues 2009-10-27 16:38:42 +00:00
Daniel Stenberg
448d2b5f49 - Dima Barsky made the curl cookie parser accept cookies even with blank or
unparsable expiry dates and then treat them as session cookies - previously
  libcurl would reject cookies with a date format it couldn't parse. Research
  shows that the major browser treat such cookies as session cookies. I
  modified test 8 and 31 to verify this.
2009-10-25 18:15:14 +00:00
Yang Tse
3f8d3e9c50 Update memory tracking/debugging reference 2009-10-21 18:01:11 +00:00
Daniel Stenberg
12e60c6d4e spelling corrections 2009-10-21 07:40:33 +00:00
Yang Tse
ff3223259f Detect when msvc 6.0 is in use without PSDK installed, intentionally
fail to build when this happens, and show an appropriate error.

The brave of heart can circumvect this. Defining ALLOW_MSVC6_WITHOUT_PSDK
in lib/config-win32.h, although absolutely discouraged and unsupported,
this will allow the die hard MSVC hacker to build in such a discouraged
environment.

The actually supported 'fix' is to install 'February 2003 Platform SDK'
a.k.a. 'Windows Server 2003 PSDK' which can be freely downloaded from
http://www.microsoft.com/msdownload/platformsdk/sdkupdate/psdk-full.htm
2009-10-21 02:30:56 +00:00
Gunter Knauf
3da1ade4e5 added cast macros to silent compiler warnings with 64-bit systems. 2009-10-19 18:10:47 +00:00
Daniel Stenberg
6f4a5a4612 - Ray Dassen provided a patch in Debian's bug tracker (bug number #551461)
that now makes curl_getdate(3) actually handles RFC 822 formatted dates that
  use the "single letter military timezones".
  http://www.rfc-ref.org/RFC-TEXTS/822/chapter5.html has the details.
2009-10-18 21:56:19 +00:00
Yang Tse
6d4e6cc813 Check for basename() is now done the same as other function checks 2009-10-18 03:37:39 +00:00
Daniel Stenberg
86cec97b22 - Fixed memory leak in the SCP/SFTP code as it never freed the knownhosts
data!
2009-10-18 01:11:25 +00:00
Daniel Stenberg
e5ee822745 John Dennis filed bug report #2873666
(http://curl.haxx.se/bug/view.cgi?id=2873666) which identified a problem which
made libcurl loop infinitely when given incorrect credentials when using HTTP
GSS negotiate authentication.
2009-10-18 00:18:27 +00:00
Daniel Stenberg
167a92810a - Kevin Baughman found a double close() problem with libcurl-NSS, as when
libcurl called NSS to close the SSL "session" it also closed the actual
  socket.
2009-10-18 00:10:13 +00:00
Daniel Stenberg
21105ab344 README.NSS is gone 2009-10-17 18:31:57 +00:00
Gunter Knauf
6daede08cb we only need to call ASN1_STRING_length() if ASN1_STRING_type() detects UTF-8,
else ASN1_STRING_to_UTF8() returns the string length.
2009-10-14 02:32:27 +00:00
Yang Tse
3669ff3c1e Update LDAP URL format reference 2009-10-13 14:48:35 +00:00
Yang Tse
0077a6d51b Attempt to silence bogus compiler warning: "Potential null pointer dereference" 2009-10-08 12:44:25 +00:00
Yang Tse
4798f4e652 Fix compiler warning: addition result could be truncated before cast to bigger sized type 2009-10-08 00:02:32 +00:00
Kamil Dudka
b38e28b6bc fix gcc warnings in lib/nss.c 2009-10-07 20:34:08 +00:00
Gunter Knauf
2eeafcf9a6 removed NSS README since the mentioned problems are now solved. 2009-10-07 12:25:32 +00:00
Yang Tse
e593715d72 Fix comment 2009-10-06 14:00:03 +00:00
Yang Tse
cf367a62ce more files to ignore 2009-10-05 02:47:34 +00:00
Daniel Stenberg
b233957885 - Tom Mueller correctly reported in bug report #2870221
(http://curl.haxx.se/bug/view.cgi?id=2870221) that libcurl returned an
  incorrect return code from the internal trynextip() function which caused
  him grief. This is a regression that was introduced in 7.19.1 and I find it
  strange it hasn't hit us harder, but I won't persue into figuring out
  exactly why.
2009-10-01 07:59:45 +00:00
Daniel Stenberg
5ed274d0b7 - Constantine Sapuntzakis: The current implementation will always set
SO_SNDBUF to CURL_WRITE_SIZE even if the SO_SNDBUF starts out larger.  The
  patch doesn't do a setsockopt if SO_SNDBUF is already greater than
  CURL_WRITE_SIZE. This should help folks who have set up their computer with
  large send buffers.
2009-10-01 07:05:07 +00:00
Dan Fandrich
78d07cb0f9 Removed some extraneous carriage return characters 2009-09-28 18:13:35 +00:00
Yang Tse
5b11e3883c fix compiler warning: conversion from "long" to "size_t" may lose sign 2009-09-28 17:01:23 +00:00
Yang Tse
7d22ce5573 libcurl private function Curl_memrchr() now in curl_memrchr.c and curl_memrchr.h 2009-09-28 16:05:20 +00:00
Daniel Stenberg
0ea6abe7df tiny indent fix 2009-09-27 21:37:24 +00:00
Daniel Stenberg
8646cecb78 - I introduced a maximum limit for received HTTP headers. It is controlled by
the define CURL_MAX_HTTP_HEADER which is even exposed in the public header
  file to allow for users to fairly easy rebuild libcurl with a modified
  limit. The rationale for a fixed limit is that libcurl is realloc()ing a
  buffer to be able to put a full header into it, so that it can call the
  header callback with the entire header, but that also risk getting it into
  trouble if a server by mistake or willingly sends a header that is more or
  less without an end. The limit is set to 100K.
2009-09-27 21:34:13 +00:00
Daniel Stenberg
867a0de670 unify two very similar code sections into one single function, header_append() 2009-09-27 21:14:15 +00:00
Daniel Stenberg
4f47fc4e14 - John P. McCaskey posted a bug report that showed how libcurl did wrong when
saving received cookies with no given path, if the path in the request had a
  query part. That is means a question mark (?) and characters on the right
  side of that. I wrote test case 1105 and fixed this problem.
2009-09-26 20:51:51 +00:00
Kamil Dudka
66fcebdc9e - Implemented a protocol independent way to specify blocking direction, used by
transfer.c for blocking. It is currently used only by SCP and SFTP protocols.
  This enhancement resolves an issue with 100% CPU usage during SFTP upload,
  reported by Vourhey.
2009-09-26 08:31:48 +00:00
Daniel Stenberg
af9ce990f0 minor whitespace edit 2009-09-25 20:26:44 +00:00
Daniel Stenberg
e3d623f190 - Chris Mumford filed bug report #2861587
(http://curl.haxx.se/bug/view.cgi?id=2861587) identifying that libcurl used
  the OpenSSL function X509_load_crl_file() wrongly and failed if it would
  load a CRL file with more than one certificate within. This is now fixed.
2009-09-25 18:09:38 +00:00
Yang Tse
c7c84e7420 fix compiler warning: end-of-loop code not reached 2009-09-25 13:05:36 +00:00
Yang Tse
37489a855f fix compiler warning: variable "sni" was set but never used 2009-09-24 13:24:08 +00:00
Gunter Knauf
9448659fc6 added support for new SQLite cert database format: added a runtime check for version 3.12.0, and depending on the result add 'sql:' prefix to cert database directory so that newer SQLIte database format works. 2009-09-21 22:52:59 +00:00
Gunter Knauf
4002714825 added aditional check for the directory specified with SSL_DIR, and fall back to hardcoded directory if not a valid directory. 2009-09-21 22:46:38 +00:00
Yang Tse
61ea058d9f fix compiler warning: comparison between signed and unsigned 2009-09-18 14:48:16 +00:00
Yang Tse
0c90cb7b83 fix compiler warning: enumerated type mixed with another type 2009-09-17 16:11:54 +00:00
Yang Tse
d006efebc0 fix compiler warning: conversion to 'size_t' from 'curl_off_t' may alter its value 2009-09-17 15:06:34 +00:00
Yang Tse
f2f45339dc Moved Curl_rand() and Curl_srand() code from formdata.c and formdata.h
into curl_rand.c and curl_rand.h
2009-09-17 14:23:27 +00:00
Yang Tse
31e106ced2 Attempt to silence bogus compiler warning: "Potential null pointer dereference" 2009-09-17 11:45:27 +00:00
Daniel Stenberg
250ba99498 - Sven Anders reported that we introduced a cert verfication flaw for OpenSSL-
powered libcurl in 7.19.6. If there was a X509v3 Subject Alternative Name
  field in the certficate it had to match and so even if non-DNS and non-IP
  entry was present it caused the verification to fail.
2009-09-16 20:44:18 +00:00
Yang Tse
f7690db37d Some systems poll function sets POLLHUP in revents without setting
POLLIN, and sets POLLERR without setting POLLIN and POLLOUT. In some
libcurl code execution paths this could trigger busy wait loops with
high CPU usage until a timeout condition aborted the loop.

This fix for Curl_poll adresses the above in a libcurl-wide mode.
2009-09-15 00:07:56 +00:00
Yang Tse
7e0b0763fc Revert Joshua Kwan's patch committed 11 Sep 2009.
Some systems poll function sets POLLHUP in revents without setting
POLLIN, and sets POLLERR without setting POLLIN and POLLOUT. In some
libcurl code execution paths this could trigger busy wait loops with
high CPU usage until a timeout condition aborted the loop.

The reverted patch addressed the above issue for a very specific case,
when awaiting c-ares to resolve. A libcurl-wide fix superceeds this one.

http://cool.haxx.se/cvs.cgi/curl/lib/select.c.diff?r1=1.52&r2=1.53
2009-09-15 00:07:25 +00:00
Gunter Knauf
4002fbe1f5 Joshua Kwan provided a patch to pass POLLERR / POLLHUP back to c-ares.
This fixes a loop problem with high CPU usage.
2009-09-11 02:33:04 +00:00
Daniel Stenberg
7ff4b4f2b5 - Claes Jakobsson fixed a problem with cookie expiry dates at exctly the epoch
start second "Thu Jan 1 00:00:00 GMT 1970" as the date parser then returns 0
  which internally then is treated as a session cookie. That particular date
  is now made to get the value of 1.
2009-09-10 21:06:50 +00:00
Gunter Knauf
5d4a1e245b added debug output for NSS certpath. 2009-09-08 01:13:49 +00:00
Gunter Knauf
3c199daa95 changed NetWare makefiles to rely on SHELL rather than OSTYPE since we can have a sh-like shell also on Windows (MSYS, Cygwin). 2009-09-07 19:34:03 +00:00
Gunter Knauf
5e3796349a added casts to silent compiler warning on 64bit systems. 2009-09-06 20:16:59 +00:00
Gunter Knauf
56a161e09a use our define struct_stat to be compatible with largefile support. 2009-09-06 19:45:08 +00:00
Gunter Knauf
2786ecaeef added base64.h include to silent warnings about missing prototype for ATOB_ConvertAsciiToItem. 2009-09-06 17:59:46 +00:00
Daniel Stenberg
183c9ce1cf fix copyright year 2009-09-03 08:30:28 +00:00
Daniel Stenberg
777168cb77 provide and export Curl_parsedate() as a library-wide internal function
for a better API to date parsing than the external API is
2009-09-03 08:13:32 +00:00
Daniel Stenberg
7a642c8bf1 - Daniel Johnson founded a flaw in the code convering sftp-errors to libcurl
errors.
2009-09-02 21:05:47 +00:00
Daniel Stenberg
7e07da977c - Peter Sylvester made a debug featuer for Curl_resolv() that now will force
libcurl to resolve 'localhost' whatever name you use in the URL *if* you set
  the --interface option to (exactly) "LocalHost". This will enable us to
  write tests for custom hosts names but still use a local host server.
2009-09-01 14:27:01 +00:00
Daniel Stenberg
4e9d3c26ed - When using the multi interface with FTP and you asked for NOBODY, you did no
QUOTE commands and the request used the same path as the connection had
  already changed to, it would decide that no commands would be necessary for
  the "DO" action and that was not handled properly but libcurl would instead
  hang.
2009-08-31 20:49:30 +00:00
Gunter Knauf
e7f81d59b0 add casts to silent compiler warnings with 64bit systems. 2009-08-30 01:36:01 +00:00
Gunter Knauf
68f7d5b8d3 add cast to silent compiler warning with 64bit systems. 2009-08-29 04:34:44 +00:00
Gunter Knauf
e8baa332d7 fix shadow definition of outp. 2009-08-29 04:26:02 +00:00
Gunter Knauf
39704bec3c add cast to silent compiler warning with 64bit systems. 2009-08-29 04:12:51 +00:00
Gunter Knauf
fad14bca01 removed obsolete casts. 2009-08-29 03:57:28 +00:00
Gunter Knauf
9e8eec4816 add casts to silent compiler warnings with 64bit systems. 2009-08-29 03:53:09 +00:00
Gunter Knauf
fa2ea23c96 add cast to silient compiler warning with 64bit systems. 2009-08-29 03:42:13 +00:00
Kamil Dudka
1a255e0e28 - Improved error message for not matching certificate subject name in
libcurl-NSS. Originally reported at:
  https://bugzilla.redhat.com/show_bug.cgi?id=516056#c9
2009-08-28 12:06:51 +00:00
Patrick Monnerat
b0b2824b58 - Introduced a SYST-based test to properly set-up name format when dealing with the OS/400 FTP server.
- Fixed an ftp_readresp() bug preventing detection of failing control socket  and causing FTP client to loop forever.
2009-08-24 12:57:25 +00:00
Daniel Stenberg
6ede4ce79d clarify the code by initing newurl to NULL 2009-08-24 08:41:17 +00:00
Michal Marek
10f2fa9c72 With CURLOPT_PROXY_TRANSFER_MODE, avoid sending invalid URLs like
ftp://example.com;type=i if the user specified ftp://example.com without the
slash.
2009-08-21 12:15:35 +00:00
Daniel Stenberg
8b5102ca83 - Andre Guibert de Bruet pointed out a missing return code check for a
strdup() that could lead to segfault if it returned NULL. I extended his
  suggest patch to now have Curl_retry_request() return a regular return code
  and better check that.
2009-08-21 12:01:36 +00:00
Daniel Stenberg
1048043963 - Lots of good work by Krister Johansen, mostly related to pipelining:
Fix SIGSEGV on free'd easy_conn when pipe unexpectedly breaks
  Fix data corruption issue with re-connected transfers
  Fix use after free if we're completed but easy_conn not NULL
2009-08-21 07:11:20 +00:00
Gunter Knauf
9075195ec4 added missing curl_easy_pause to export list. 2009-08-16 15:03:58 +00:00
Kamil Dudka
6293fe98a0 - Changed NSS code to not ignore the value of ssl.verifyhost and produce more
verbose error messages. Originally reported at:
  https://bugzilla.redhat.com/show_bug.cgi?id=516056
2009-08-13 16:04:51 +00:00
Daniel Stenberg
daf688eba6 add missing file, as pointed out by Karl M 2009-08-12 17:25:16 +00:00
Daniel Stenberg
966cb698e6 - Carsten Lange reported a bug and provided a patch for TFTP upload and the
sending of the TSIZE option. I don't like fixing bugs just hours before
  a release, but since it was broken and the patch fixes this for him I decided
  to get it in anyway.
2009-08-12 08:19:39 +00:00
Daniel Stenberg
e73fe837a8 - Peter Sylvester made the HTTPS test server use specific certificates for
each test, so that the test suite can now be used to actually test the
  verification of cert names etc. This made an error show up in the OpenSSL-
  specific code where it would attempt to match the CN field even if a
  subjectAltName exists that doesn't match. This is now fixed and verified
  in test 311.
2009-08-11 21:48:58 +00:00
Daniel Stenberg
171eef68c3 - Benbuck Nason posted the bug report #2835196
(http://curl.haxx.se/bug/view.cgi?id=2835196), fixing a few compiler
  warnings when mixing ints and bools.
2009-08-11 20:43:12 +00:00
Dan Fandrich
0dec3e5e6a Fixed a memory leak in the FTP code and an off-by-one heap buffer overflow. 2009-08-11 02:30:53 +00:00
Gunter Knauf
1cb921b7f3 fix cast for some systems which are broken due to absense of socklen_t, therefore now use curl_socklen_t. 2009-08-07 23:32:38 +00:00
Gunter Knauf
97c8bc9757 fixed cast added with last commit. 2009-08-06 12:02:00 +00:00
Gunter Knauf
2cad095425 cast to fix 64bit build warnings. From manpage:
POSIX.1-2001. Note that RFC 2553 defines a prototype where the last parameter cnt is of type size_t.
Many systems follow RFC 2553. Glibc 2.0 and 2.1 have size_t, but 2.2 has socklen_t.
2009-08-06 11:10:30 +00:00
Daniel Stenberg
35eb9fc6ad avoid possible NULL dereference caused by my previous fix 2009-08-03 14:07:57 +00:00
Daniel Stenberg
3a9c03bef3 indentation fixes only 2009-08-03 11:32:55 +00:00
Daniel Stenberg
781b82baf5 Reverted the zero-byte-in-name check to instead rely on the fact that strlen
and the name length differ in those cases and thus leave the matching function
unmodified from before, as the matching functions never have to bother with
the zero bytes in legitimate cases. Peter Sylvester helped me realize that
this fix is slightly better as it leaves more code unmodified and makes the
detection a bit more obvious in the code.
2009-08-03 08:45:19 +00:00
Daniel Stenberg
0b66efac9c Extended my embedded-zero-in-cert-name fix based on a comment from Scott
Cantor. My previous attempt was half-baked and didn't cover the normal CN
case.
2009-08-02 22:34:00 +00:00
Daniel Stenberg
6d891d2a3b - Curt Bogmine reported a problem with SNI enabled on a particular server. We
should introduce an option to disable SNI, but as we're in feature freeze
  now I've addressed the obvious bug here (pointed out by Peter Sylvester): we
  shouldn't try to enable SNI when SSLv2 or SSLv3 is explicitly selected.
  Code for OpenSSL and GnuTLS was fixed. NSS doesn't seem to have a particular
  option for SNI, or are we simply not using it?
2009-08-01 22:11:58 +00:00
Daniel Stenberg
c0e8bed5bf - Scott Cantor posted the bug report #2829955
(http://curl.haxx.se/bug/view.cgi?id=2829955) mentioning the recent SSL cert
  verification flaw found and exploited by Moxie Marlinspike. The presentation
  he did at Black Hat is available here:
  https://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html#Marlinspike

  Apparently at least one CA allowed a subjectAltName or CN that contain a
  zero byte, and thus clients that assumed they would never have zero bytes
  were exploited to OK a certificate that didn't actually match the site. Like
  if the name in the cert was "example.com\0theatualsite.com", libcurl would
  happily verify that cert for example.com.

  libcurl now better use the length of the extracted name, not assuming it is
  zero terminated.
2009-08-01 21:56:59 +00:00
Daniel Stenberg
0dce2ff8a0 - Tanguy Fautre pointed out that OpenSSL's function RAND_screen() (present
only in some OpenSSL installs - like on Windows) isn't thread-safe and we
  agreed that moving it to the global_init() function is a decent way to deal
  with this situation.
2009-08-01 11:09:02 +00:00
Daniel Stenberg
2642638fca - Alexander Beedie provided the patch for a noproxy problem: If I have set
CURLOPT_NOPROXY to "*", or to a host that should not use a proxy, I actually
  could still end up using a proxy if a proxy environment variable was set.
2009-08-01 11:02:10 +00:00
Daniel Stenberg
0684128209 - All the quote options (CURLOPT_QUOTE, CURLOPT_POSTQUOTE and
CURLOPT_PREQUOTE) now accept a preceeding asterisk before the command to
  send when using FTP, as a sign that libcurl shall simply ignore the response
  from the server instead of treating it as an error. Not treating a 400+ FTP
  response code as an error means that failed commands will not abort the
  chain of commands, nor will they cause the connection to get disconnected.
2009-07-27 18:36:56 +00:00
Daniel Stenberg
9b5c00a664 From: Johan van Selst
"you replaced the old SSLeay_add_ssl_algorithms() call
with OpenSSL_add_all_algorithms(), however unlike the name suggests,
the second function is not a superset of the first. When using SSL
both these functions will need to be called in order to offer complete
functionality"
2009-07-27 18:31:48 +00:00
Daniel Stenberg
b347a7a96e - Bug report #2825989 (http://curl.haxx.se/bug/view.cgi?id=2825989) pointed
out that OpenSSL-powered libcurl didn't support the SHA-2 digest algorithm,
  and provided the solution too: to use OpenSSL_add_all_algorithms() instead
  of the older SSLeay_* alternative. OpenSSL_add_all_algorithms was added in
  OpenSSL 0.9.5
2009-07-26 17:33:36 +00:00
Gunter Knauf
8570883412 changes to silent compiler warnings with 64bit systems. 2009-07-24 22:20:22 +00:00
Gunter Knauf
1d5627b181 changes to silent compiler warnings with 64bit systems. 2009-07-24 22:06:19 +00:00
Gunter Knauf
038fff6c9f changes to silent compiler warnings with 64bit systems. 2009-07-23 04:53:08 +00:00
Gunter Knauf
21dd9a8021 fixed brace error. 2009-07-23 03:54:01 +00:00
Gunter Knauf
59934c1176 changes to silent compiler warnings with 64bit systems. 2009-07-23 02:48:05 +00:00
Gunter Knauf
2f6ff57d96 blocked sshkeycallback() with HAVE_LIBSSH2_KNOWNHOST_API to avoid compiler warnings. 2009-07-23 02:15:00 +00:00
Daniel Stenberg
47c392e135 - Added CURLOPT_SSH_KNOWNHOSTS, CURLOPT_SSH_KEYFUNCTION, CURLOPT_SSH_KEYDATA.
They introduce known_host support for SSH keys to libcurl. See docs for
  details.
2009-07-22 22:49:01 +00:00
Michal Marek
4c207a004c - David Binderman found a memory and fd leak in lib/gtls.c:load_file()
(https://bugzilla.novell.com/523919). When looking at the code, I found
  that also the ptr pointer can leak.
2009-07-22 09:48:32 +00:00
Kamil Dudka
5f0cae8037 - Claes Jakobsson improved the support for client certificates handling
in NSS-powered libcurl. Now the client certificates can be selected
  automatically by a NSS built-in hook. Additionally pre-login to all PKCS11
  slots is no more performed. It used to cause problems with HW tokens.

- Fixed reference counting for NSS client certificates. Now the PEM reader
  module should be always properly unloaded on Curl_nss_cleanup(). If the unload
  fails though, libcurl will try to reuse the already loaded instance.
2009-07-20 21:50:21 +00:00
Gunter Knauf
d7f33b7e4e added a cast to silent compiler warning with 64bit systems. 2009-07-16 17:39:14 +00:00
Dan Fandrich
b74b5e0602 Added nonblock.c to the non-automake makefiles (note that the dependencies
in the Watcom makefiles aren't quite correct).
2009-07-15 21:49:47 +00:00
Gunter Knauf
b476530755 fixed typo. 2009-07-15 01:10:18 +00:00
Bill Hoffman
a8ea1e9ef4 ENH: add optional support for c-ares 2009-07-14 19:03:31 +00:00
Bill Hoffman
340e3b952f ENH: move config.h.cmake to curl_config.h.cmake so it builds again 2009-07-14 13:46:45 +00:00
Bill Hoffman
f5f9354093 ENH: add nonblock.c to build for CMake 2009-07-14 13:35:10 +00:00
Gunter Knauf
f671d0513c renamed generated config.h to curl_config.h in order to avoid clashes when libcurl is used with other projects which also have a config.h. 2009-07-14 13:25:14 +00:00
Daniel Stenberg
4e75c70874 silence a compiler warning 2009-07-11 09:57:54 +00:00
Daniel Stenberg
bdbfe1f8a9 add these new files to CVS as well 2009-07-09 21:55:26 +00:00
Daniel Stenberg
d709cb2ae3 - Eric Wong introduced curlx_nonblock() that the curl tool now (re-)uses for
setting a file descriptor non-blocking. Used by the functionality Eric
  himself brough on June 15th.
2009-07-09 21:47:24 +00:00