Daniel Stenberg
b9c190ba77
http2: move lots of verbose output to be debug-only
2015-02-25 11:45:46 +01:00
Kamil Dudka
4909f7c795
nss: do not skip Curl_nss_seed() if data is NULL
...
In that case, we only skip writing the error message for failed NSS
initialization (while still returning the correct error code).
2015-02-25 10:23:07 +01:00
Kamil Dudka
7a1538d9cc
nss: improve error handling in Curl_nss_random()
...
The vtls layer now checks the return value, so it is no longer necessary
to abort if a random number cannot be provided by NSS. This also fixes
the following Coverity report:
Error: FORWARD_NULL (CWE-476):
lib/vtls/nss.c:1918: var_compare_op: Comparing "data" to null implies that "data" might be null.
lib/vtls/nss.c:1923: var_deref_model: Passing null pointer "data" to "Curl_failf", which dereferences it.
lib/sendf.c:154:3: deref_parm: Directly dereferencing parameter "data".
2015-02-25 10:23:06 +01:00
Marc Hoersken
ffc2aeec6e
Revert "telnet.c: fix handling of 0 being returned from custom read function"
...
This reverts commit 03fa576833
.
2015-02-25 00:16:10 +01:00
Marc Hoersken
b3bcdaf01a
telnet.c: fix invalid use of custom read function if not being set
...
obj_count can be 1 if the custom read function is set or the stdin
handle is a reference to a pipe. Since the pipe should be handled
using the PeekNamedPipe-check below, the custom read function should
only be used if it is actually enabled.
2015-02-25 00:01:14 +01:00
Marc Hoersken
03fa576833
telnet.c: fix handling of 0 being returned from custom read function
...
According to [1]: "Returning 0 will signal end-of-file to the library
and cause it to stop the current transfer."
This change makes the Windows telnet code handle this case accordingly.
[1] http://curl.haxx.se/libcurl/c/CURLOPT_READFUNCTION.html
2015-02-24 23:59:06 +01:00
Kamil Dudka
e08a12dab1
connect: wait for IPv4 connection attempts
...
... even if the last IPv6 connection attempt has failed.
Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1187531#c4
2015-02-23 13:32:28 +01:00
Kamil Dudka
92835ca5d8
connect: avoid skipping an IPv4 address
...
... in case the protocol versions are mixed in a DNS response
(IPv6 -> IPv4 -> IPv6).
Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1187531#c3
2015-02-23 13:31:01 +01:00
Julian Ospald
90314100e0
configure: allow both --with-ca-bundle and --with-ca-path
...
SSL_CTX_load_verify_locations by default (and if given non-Null
parameters) searches the CAfile first and falls back to CApath. This
allows for CAfile to be a basis (e.g. installed by the package manager)
and CApath to be a user configured directory.
This wasn't reflected by the previous configure constraint which this
patch fixes.
Bug: https://github.com/bagder/curl/pull/139
2015-02-20 16:30:04 +01:00
Ben Boeckel
20112ed846
cmake: install the dll file to the correct directory
2015-02-20 14:17:32 +01:00
Alessandro Ghedini
63b4b8c7bd
nss: fix NPN/ALPN protocol negotiation
...
Correctly check for memcmp() return value (it returns 0 if the strings match).
This is not really important, since curl is going to use http/1.1 anyway, but
it's still a bug I guess.
2015-02-19 23:09:12 +01:00
Alessandro Ghedini
633b3895d7
polarssl: fix ALPN protocol negotiation
...
Correctly check for strncmp() return value (it returns 0 if the strings
match).
2015-02-19 23:07:40 +01:00
Alessandro Ghedini
676ac46ff5
gtls: fix build with HTTP2
2015-02-19 19:00:51 +01:00
Steve Holme
31c8f8ac11
Makefile.vc6: Corrected typos in rename of darwinssl.obj
2015-02-16 00:35:16 +00:00
Nick Zitzmann
b1c7fc050b
By request, change the name of "curl_darwinssl.[ch]" to "darwinssl.[ch]"
2015-02-15 17:11:01 -06:00
Kamil Dudka
aba2c4dca2
openssl: fix a compile-time warning
...
lib/vtls/openssl.c:1450:7: warning: extra tokens at end of #endif directive
2015-02-12 08:39:19 +01:00
Steve Holme
c1878e8f52
openssl: Use OPENSSL_IS_BORINGSSL for BoringSSL detection
...
For consistency with other conditionally compiled code in openssl.c,
use OPENSSL_IS_BORINGSSL rather than HAVE_BORINGSSL and try to use
HAVE_BORINGSSL outside of openssl.c when the OpenSSL header files are
not included.
2015-02-11 21:03:23 +00:00
Patrick Monnerat
ab85ac5eda
ftp: accept all 2xx responses to the PORT command
2015-02-11 19:51:57 +01:00
Steve Holme
d771b44e53
openssl: Disable OCSP in old versions of OpenSSL
...
Versions of OpenSSL prior to v0.9.8h do not support the necessary
functions for OCSP stapling.
2015-02-09 21:01:39 +00:00
Tatsuhiro Tsujikawa
7eebf9a3fb
http2: Fix bug that associated stream canceled on PUSH_PROMISE
...
Previously we don't ignore PUSH_PROMISE header fields in on_header
callback. It makes header values mixed with following HEADERS,
resulting protocol error.
2015-02-09 15:52:56 +01:00
Jay Satiro
20c727ec4c
polarssl: Fix exclusive SSL protocol version options
...
Prior to this change the options for exclusive SSL protocol versions did
not actually set the protocol exclusive.
http://curl.haxx.se/mail/lib-2015-01/0002.html
Reported-by: Dan Fandrich
2015-02-09 10:39:17 +01:00
Jay Satiro
9956ef2d33
gskit: Fix exclusive SSLv3 option
2015-02-09 10:38:46 +01:00
Steve Holme
761d5166af
schannel: Removed curl_ prefix from source files
...
Removed the curl_ prefix from the schannel source files as discussed
with Marc and Daniel at FOSDEM.
2015-02-07 21:34:33 +00:00
Daniel Stenberg
05792d6936
md5: use axTLS's own MD5 functions when available
2015-02-06 14:36:25 +01:00
Daniel Stenberg
2a15e594ef
MD(4|5): make the MD4_* and MD5_* functions static
2015-02-06 14:26:32 +01:00
Daniel Stenberg
d557da5d79
axtls: fix conversion from size_t to int warning
2015-02-06 14:26:32 +01:00
Steve Holme
600ccb2237
ftp: Use 'CURLcode result' for curl result codes
2015-02-05 20:31:12 +00:00
Daniel Stenberg
45b9b62de4
openssl: SSL_SESSION->ssl_version no longer exist
...
The struct went private in 1.0.2 so we cannot read the version number
from there anymore. Use SSL_version() instead!
Reported-by: Gisle Vanem
Bug: http://curl.haxx.se/mail/lib-2015-02/0034.html
2015-02-05 11:57:33 +01:00
Daniel Stenberg
0d41c3e46b
MD5: fix compiler warnings and code style nits
2015-02-04 08:09:06 +01:00
Daniel Stenberg
57d6d253a1
MD5: replace implementation
...
The previous one was "encumbered" by RSA Inc - to avoid the licensing
restrictions it has being replaced. This is the initial import,
inserting the md5.c and md5.h files from
http://openwall.info/wiki/people/solar/software/public-domain-source-code/md5
Code-by: Alexander Peslyak
2015-02-04 08:09:06 +01:00
Daniel Stenberg
7f1d76f7ee
MD4: fix compiler warnings and code style nits
2015-02-04 08:09:06 +01:00
Daniel Stenberg
211d5329f4
MD4: replace implementation
...
The previous one was "encumbered" by RSA Inc - to avoid the licensing
restrictions it has being replaced. This is the initial import,
inserting the md4.c and md4.h files from
http://openwall.info/wiki/people/solar/software/public-domain-source-code/md4
Code-by: Alexander Peslyak
2015-02-04 08:09:05 +01:00
Steve Holme
cfc6d460cb
telnet: Prefer 'CURLcode result' for curl result codes
2015-02-04 00:09:31 +00:00
Steve Holme
0ebe2c15d1
hostasyn: Prefer 'CURLcode result' for curl result codes
2015-02-04 00:07:39 +00:00
Steve Holme
28c9e1edf4
schannel: Prefer 'CURLcode result' for curl result codes
2015-02-04 00:07:16 +00:00
Daniel Stenberg
b3cbf4500d
unit1601: MD5 unit tests
2015-02-03 23:05:55 +01:00
Daniel Stenberg
83bb07027d
unit1600: unit test for Curl_ntlm_core_mk_nt_hash
2015-02-03 21:03:11 +01:00
Steve Holme
0a7182f6ad
curl_sasl.c: More code policing
...
Better use of 80 character line limit, comment corrections and line
spacing preferences.
2015-02-02 16:50:39 +00:00
Marc Hoersken
4161624e94
TODO: moved WinSSL/SChannel todo items into docs
2015-01-31 12:30:11 +01:00
Steve Holme
8ca3b05624
curl_sasl.c: Fixed compilation warning when cryptography is disabled
...
curl_sasl.c:1506: warning: unused variable 'chlg'
2015-01-29 11:48:11 +00:00
Steve Holme
6fdc8651bd
curl_sasl.c: Fixed compilation warning when verbose debug output disabled
...
curl_sasl.c:1317: warning: unused parameter 'conn'
2015-01-28 22:48:01 +00:00
Steve Holme
8cc70db2db
ntlm_core: Use own odd parity function when crypto engine doesn't have one
2015-01-28 22:34:53 +00:00
Steve Holme
c469369b86
ntlm_core: Prefer sizeof(key) rather than hard coded sizes
2015-01-28 22:34:52 +00:00
Steve Holme
58e39b4da5
ntlm_core: Added consistent comments to DES functions
2015-01-28 22:34:51 +00:00
Steve Holme
300876a7a6
des: Added Curl_des_set_odd_parity()
...
Added Curl_des_set_odd_parity() for use when cryptography engines
don't include this functionality.
2015-01-28 22:34:49 +00:00
Steve Holme
595a66ce0f
sasl: Minor code policing and grammar corrections
2015-01-28 19:23:37 +00:00
Gisle Vanem
3cc9e9383b
ldap: build with BoringSSL
2015-01-28 14:22:11 +01:00
Daniel Stenberg
9d964e5477
security: avoid compiler warning
...
Possible access to uninitialised memory '&nread' at line 140 of
lib/security.c in function 'ftp_send_command'.
Reported-by: Rich Burridge
2015-01-28 10:10:59 +01:00
Patrick Monnerat
7b2012f262
sasl: remove XOAUTH2 from default enabled authentication mechanism.
2015-01-27 18:08:18 +01:00
Patrick Monnerat
fe79f20957
imap: remove automatic password setting: it breaks external sasl authentication
2015-01-27 17:34:40 +01:00