1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-17 06:55:02 -05:00
Commit Graph

4797 Commits

Author SHA1 Message Date
Daniel Stenberg
315253b367 - Constantine Sapuntzakis figured out a case which would lead to libcurl
accessing alredy freed memory and thus crash when using HTTPS (with
  OpenSSL), multi interface and the CURLOPT_DEBUGFUNCTION and a certain order
  of cleaning things up. I fixed it.

  (http://curl.haxx.se/bug/view.cgi?id=2891591)
2009-12-10 20:20:15 +00:00
Daniel Stenberg
3b1de97eaa minor indent change 2009-12-10 20:19:56 +00:00
Daniel Stenberg
ebe5339003 - Martin Storsjo made libcurl use the Expect: 100-continue header for posts
with unknown size. Previously it was only used for posts with a known size
  larger than 1024 bytes.
2009-12-07 20:25:17 +00:00
Kamil Dudka
fb2425b147 lib/nss.c: avoid use of uninitialized value 2009-12-02 17:24:38 +00:00
Daniel Stenberg
f0826974f2 - If the Expect: 100-continue header has been set by the application through
curl_easy_setopt with CURLOPT_HTTPHEADER, the library should set
  data->state.expect100header accordingly - the current code (in 7.19.7 at
  least) doesn't handle this properly. Martin Storsjo provided the fix!
2009-12-01 12:04:54 +00:00
Yang Tse
230dc699e2 s/socklen_t/curl_socklen_t/g 2009-11-28 04:34:46 +00:00
Yang Tse
3f6854272f Fix compiler warning: unused variable `data' 2009-11-28 03:00:32 +00:00
Daniel Stenberg
6e38cc9048 - Markus Koetter provided a polished and updated version of Chad Monroe's TFTP
rework patch that now integrates TFTP properly into libcurl so that it can
  be used non-blocking with the multi interface and more. BLKSIZE also works.

  The --tftp-blksize option was added to allow setting the TFTP BLKSIZE from
  the command line.
2009-11-27 23:46:29 +00:00
Daniel Stenberg
c7d2e4c1e1 - Extended and fixed the change I did on Dec 11 for the the progress
meter/callback during FTP command/response sequences. It turned out it was
   really lame before and now the progress meter SHOULD get called at least
   once per second.
2009-11-26 19:07:54 +00:00
Daniel Stenberg
88fe6557e9 refreshed 2009-11-24 07:40:43 +00:00
Daniel Stenberg
504e6d7ae6 - Constantine Sapuntzakis identified a write after close, as the sockets were
closed by libcurl before the SSL lib were shutdown and they may write to its
  socket. Detected to at least happen with OpenSSL builds.
2009-11-20 19:32:49 +00:00
Daniel Stenberg
a41493b3b0 - Jad Chamcham pointed out a bug with connection re-use. If a connection had
CURLOPT_HTTPPROXYTUNNEL enabled over a proxy, a subsequent request using the
  same proxy with the tunnel option disabled would still wrongly re-use that
  previous connection and the outcome would only be badness.
2009-11-20 13:27:21 +00:00
Yang Tse
5129442ee7 Explicit initialization of all FTP struct members in ftp_init() 2009-11-19 17:21:56 +00:00
Yang Tse
e8fd5d8062 Fix compiler warning: ISO C90 forbids mixed declarations and code 2009-11-18 11:53:31 +00:00
Yang Tse
2f6dcaa644 Make memory tracking system intolerant with zero sized malloc(),
calloc() and realloc() function calls.
2009-11-18 11:21:58 +00:00
Yang Tse
59939313f8 Make usage of calloc()'s arguments consistent with rest of code base 2009-11-18 10:33:54 +00:00
Daniel Stenberg
b32d1a9a1d - Constantine Sapuntzakis provided another fix for the DNS cache that could
end up with entries that wouldn't time-out:

  1. Set up a first web server that redirects (307) to a http://server:port
     that's down
  2. Have curl connect to the first web server using curl multi

  After the curl_easy_cleanup call, there will be curl dns entries hanging
  around with in_use != 0.

  (http://curl.haxx.se/bug/view.cgi?id=2891591)
2009-11-17 22:53:55 +00:00
Yang Tse
3b8d7fddf7 Client certificate ENG file type requires OpenSSL 0.9.7 or newer 2009-11-15 12:58:50 +00:00
Yang Tse
581ce03345 Remove enable-thread / disable-thread configure option. These were only placebo
options. The library is always built as thread safe as possible on every system.
2009-11-15 02:45:23 +00:00
Yang Tse
1cbc93fb54 Refactor how preprocessor symbol _THREAD_SAFE definition is done. 2009-11-14 18:51:37 +00:00
Yang Tse
a8ddd6ce31 OpenSSL 0.9.7 or newer required for ENGINE_CTRL_GET_CMD_FROM_NAME definition 2009-11-14 11:33:49 +00:00
Daniel Stenberg
9c49e51f7e - Camille Moncelier added support for the file type SSL_FILETYPE_ENGINE for
the client certificate. It also disable the key name test as some engines
  can select a private key/cert automatically (When there is only one key
  and/or certificate on the hardware device used by the engine)
2009-11-14 07:53:34 +00:00
Yang Tse
90bc6ee8f3 - Constantine Sapuntzakis provided the fix that ensures that an SSL connection
won't be reused unless protection level for peer and host verification match.
2009-11-14 02:30:30 +00:00
Yang Tse
05a4abea04 Constantine Sapuntzakis patch for hostip.c
No need for a separate variable ndns.

The memory leak detection will detect code that fails to release a dns reference.

The DEBUGASSERT will detect code that releases too many references.
2009-11-12 19:28:43 +00:00
Yang Tse
011a2818db Add missing variable initialization 2009-11-12 14:36:34 +00:00
Kamil Dudka
571309dc3e - libcurl-NSS now tries to reconnect with TLS disabled in case it detects
a broken TLS server. However it does not happen if SSL version is selected
  manually. The approach was originally taken from PSM. Kaspar Brand helped me
  to complete the patch. Original bug reports:
  https://bugzilla.redhat.com/525496
  https://bugzilla.redhat.com/527771
2009-11-12 11:16:31 +00:00
Kamil Dudka
d547d00f2c - Kevin Baughman provided a fix preventing libcurl-NSS from crash on doubly
closed NSPR descriptor. The issue was hard to find, reported several times
  before and always closed unresolved. More info at the RH bug:
  https://bugzilla.redhat.com/534176
2009-11-12 10:54:10 +00:00
Yang Tse
668dc0ad87 Make hostip.c compile again 2009-11-12 04:32:08 +00:00
Yang Tse
40c2c3270d - Marco Maggi reported that compilation failed when configured --with-gssapi
and GNU GSS installed due to a missing mutual exclusion of header files in
  the Kerberos 5 code path. He also verified that my patch worked for him.
2009-11-11 21:15:34 +00:00
Daniel Stenberg
fb5f332834 - Constantine Sapuntzakis posted bug #2891595
(http://curl.haxx.se/bug/view.cgi?id=2891595) which identified how an entry
  in the DNS cache would linger too long if the request that added it was in
  use that long. He also provided the patch that now makes libcurl capable of
  still doing a request while the DNS hash entry may get timed out.
2009-11-11 09:31:37 +00:00
Daniel Stenberg
107c4d878a - Christian Schmitz noticed that the progress meter/callback was not properly
used during the FTP connection phase (after the actual TCP connect), while
  it of course should be. I also made the speed check get called correctly so
  that really slow servers will trigger that properly too.
2009-11-11 09:01:43 +00:00
Kamil Dudka
676e0c28e7 - Dropped misleading timeouts in libcurl-NSS and made sure the SSL socket works
in non-blocking mode.
2009-11-05 15:41:31 +00:00
Yang Tse
55e68ba333 I removed leading 'curl' path on the 'curlbuild.h' include statement in
curl.h, adjusting auto-makefiles include path, to enhance portability to
OS's without an orthogonal directory tree structure such as OS/400.
2009-11-05 15:04:03 +00:00
Yang Tse
3f56d12830 avoid division by zero 2009-11-05 15:00:28 +00:00
Daniel Stenberg
257f2376d5 - I fixed several problems with the transfer progress meter. It showed the
wrong percentage for small files, most notable for <1000 bytes and could
  easily end up showing more than 100% at the end. It also didn't show any
  percentage, transfer size or estimated transfer times when transferring
  less than 100 bytes.
2009-11-04 23:09:17 +00:00
Yang Tse
c8da2980ed include progress.h for Curl_pgrsSetDownloadCounter function prototype 2009-11-02 20:04:18 +00:00
Daniel Stenberg
b19dc0eeb0 - As reported independent by both Stan van de Burgt and Didier Brisebourg,
CURLINFO_SIZE_DOWNLOAD (the -w variable size_download) didn't work when
  getting data from ldap!
2009-11-02 18:49:56 +00:00
Daniel Stenberg
41de897b6b describe the cmake situation 2009-11-02 16:24:11 +00:00
Daniel Stenberg
223d848104 - Gabriel Kuri reported a problem with CURLINFO_CONTENT_LENGTH_DOWNLOAD if the
download was 0 bytes, as libcurl would then return the size as unknown (-1)
  and not 0. I wrote a fix and test case 566 to verify it.
2009-10-31 18:51:50 +00:00
Daniel Stenberg
a76f4ab7dd - Liza Alenchery mentioned a problem with re-used SCP connection when a bad
auth is used, as it caused a crash. I failed to repeat the issue, but still
  made a change that now forces the TCP connection used for a freed SCP
  session to get closed and not be re-used.
2009-10-30 22:28:56 +00:00
Daniel Stenberg
d68f215f03 - "Tom" posted a bug report that mentioned how libcurl did wrong when doing a
POST using a read callback, with Digest authentication and
  "Transfer-Encoding: chunked" enforced.  I would then cause the first request
  to be wrongly sent and then basically hang until the server closed the
  connection. I fixed the problem and added test case 565 to verify it.
2009-10-30 22:24:48 +00:00
Yang Tse
308497ffc6 Fix compiler warning: control reaches end of non-void function 2009-10-29 04:02:21 +00:00
Yang Tse
b205525d34 Take in account c-ares 1.6.1 will use __declspec function decoration
for Win32 and Symbian unless CARES_STATICLIB is defined to use static
library linkage.
2009-10-29 03:48:00 +00:00
Daniel Stenberg
6a79b0e859 Since the NSS lib closes the socket the memory tracking system wrongly gets a
false positive on a leaked socket, so this introduces a way to tell the system
that the socket is indeed closed without explicitly closing it!
2009-10-28 20:30:23 +00:00
Yang Tse
21af9bf1cd Fix spelling 2009-10-27 16:56:20 +00:00
Yang Tse
b2f4308980 Fix Pelles C Win32 target compilation issues 2009-10-27 16:38:42 +00:00
Daniel Stenberg
448d2b5f49 - Dima Barsky made the curl cookie parser accept cookies even with blank or
unparsable expiry dates and then treat them as session cookies - previously
  libcurl would reject cookies with a date format it couldn't parse. Research
  shows that the major browser treat such cookies as session cookies. I
  modified test 8 and 31 to verify this.
2009-10-25 18:15:14 +00:00
Yang Tse
3f8d3e9c50 Update memory tracking/debugging reference 2009-10-21 18:01:11 +00:00
Daniel Stenberg
12e60c6d4e spelling corrections 2009-10-21 07:40:33 +00:00
Yang Tse
ff3223259f Detect when msvc 6.0 is in use without PSDK installed, intentionally
fail to build when this happens, and show an appropriate error.

The brave of heart can circumvect this. Defining ALLOW_MSVC6_WITHOUT_PSDK
in lib/config-win32.h, although absolutely discouraged and unsupported,
this will allow the die hard MSVC hacker to build in such a discouraged
environment.

The actually supported 'fix' is to install 'February 2003 Platform SDK'
a.k.a. 'Windows Server 2003 PSDK' which can be freely downloaded from
http://www.microsoft.com/msdownload/platformsdk/sdkupdate/psdk-full.htm
2009-10-21 02:30:56 +00:00