1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-16 06:25:03 -05:00
Commit Graph

1901 Commits

Author SHA1 Message Date
Daniel Stenberg
3963adca3d RELEASE-NOTES: fix the required nghttp2 version typo 2014-09-08 00:12:18 +02:00
Steve Holme
e40197315d RELEASE-NOTES: Synced with fd1ce3856a 2014-09-06 21:48:40 +01:00
Steve Holme
c6ee182bd4 RELEASE-NOTES: Clarify email Kerberos support is currently via Windows SSPI 2014-09-04 22:04:50 +01:00
Daniel Stenberg
4901ec2324 RELEASE-NOTES: synced with e608324f9f 2014-09-01 22:54:52 +02:00
Daniel Stenberg
11bb05ba48 RELEASE-NOTES: synced with 0072422576
... and bumped the contributor amount after recount
2014-08-26 00:02:52 +02:00
Daniel Stenberg
2603618831 RELEASE-NOTES: added two missing HTTP/2 bug fixes
And renamed all http2 references to HTTP/2 in this file
2014-08-25 12:59:28 +02:00
Daniel Stenberg
b17b4b4a4a RELEASE-NOTES: synced with f646e9075f 2014-08-25 12:53:08 +02:00
Daniel Stenberg
9eba83c156 RELEASE-NOTES: synced with 0187c9e11d 2014-08-15 12:19:20 +02:00
Steve Holme
4c4a188a22 RELEASE-NOTES: Synced with cd6ecf6a89 2014-08-10 17:00:57 +01:00
Steve Holme
5908ce5115 RELEASE-NOTES: Synced with 159c3aafd8 2014-08-08 07:39:09 +01:00
Daniel Stenberg
524833e155 RELEASE-NOTES: synced with 5b37db44a3 2014-08-05 09:38:04 +02:00
Daniel Stenberg
05e81222d4 RELEASE-NOTES: synced with 7bb4c8cadb 2014-07-31 23:24:17 +02:00
Daniel Stenberg
05a887ebfa RELEASE-NOTES: synced with 81cd24adb8 2014-07-23 09:52:06 +02:00
Alessandro Ghedini
c6e7cbb94e build: link curl to NSS libraries when NSS support is enabled
This fixes a build failure on Debian caused by commit
24c3cdce88.

Bug: http://curl.haxx.se/mail/lib-2014-07/0209.html
2014-07-18 14:20:42 +02:00
Daniel Stenberg
1abc42b26c RELEASE-NOTES: cleared, working towards next release 2014-07-16 17:26:08 +02:00
Daniel Stenberg
df5169fa35 RELEASE-NOTES: synced with 4cb2521595 2014-07-16 16:29:02 +02:00
Daniel Stenberg
eb3e383390 RELEASE-NOTES: next one is called 7.37.1 2014-07-14 19:30:50 +02:00
Dan Fandrich
763c51780c netrc: fixed thread safety problem by using getpwuid_r if available
The old way using getpwuid could cause problems in programs that enable
reading from netrc files simultaneously in multiple threads.

Reported-by: David Woodhouse
2014-07-13 00:27:22 +02:00
Dan Fandrich
6c6ba59e6b RELEASE-NOTES: add the reporter of the previous bug fix 2014-07-12 23:40:07 +02:00
Dan Fandrich
135c2dc14f netrc: treat failure to find home dir same as missing netrc file
This previously caused a fatal error (with a confusing error code, at
that).

Reported by: Glen A Johnson Jr.
2014-07-12 20:22:09 +02:00
Steve Holme
4a67b3e650 RELEASE-NOTES: Synced with aaaf9e50ec 2014-07-12 15:23:39 +01:00
Dan Fandrich
3d2e1724cb gnutls: fixed compilation against versions < 2.12.0
The AES-GCM ciphers were added to GnuTLS as late as ver. 3.0.1 but
the code path in which they're referenced here is only ever used for
somewhat older GnuTLS versions. This caused undeclared identifier errors
when compiling against those.
2014-07-12 00:33:16 +02:00
Dan Fandrich
447c31ce9d gnutls: explicitly added SRP to the priority string
This seems to have become necessary for SRP support to work starting
with GnuTLS ver. 2.99.0. Since support for SRP was added to GnuTLS
before the function that takes this priority string, there should be no
issue with backward compatibility.
2014-07-12 00:11:44 +02:00
Dan Fandrich
baf8b57b1d gnutls: ignore invalid certificate dates with VERIFYPEER disabled
This makes the behaviour consistent with what happens if a date can
be extracted from the certificate but is expired.
2014-07-11 23:21:31 +02:00
Kamil Dudka
52cd5ac21c nss: fix a memory leak when CURLOPT_CRLFILE is used 2014-07-04 08:25:05 +02:00
Kamil Dudka
24c3cdce88 tool: call PR_Cleanup() on exit if NSPR is used
This prevents valgrind from reporting possibly lost memory that NSPR
uses for file descriptor cache and other globally allocated internal
data structures.
2014-07-02 18:11:05 +02:00
Kamil Dudka
7581dee10a nss: make the fallback to SSLv3 work again
This feature was unintentionally disabled by commit ff92fcfb.
2014-07-02 18:11:05 +02:00
Kamil Dudka
7c21558503 nss: do not abort on connection failure
... due to calling SSL_VersionRangeGet() with NULL file descriptor

reported-by: upstream tests 305 and 404
2014-07-02 17:59:03 +02:00
Steve Holme
1b478d6ac3 RELEASE-NOTES: Synced with 3aa1329e0a 2014-06-11 22:59:14 +01:00
Steve Holme
2b2e8e0e4b RELEASE-NOTES: Synced with 99303bcde5 2014-06-05 23:56:56 +01:00
Daniel Stenberg
1b59ef6990 RELEASE-NOTES: synced with d603ed6753 2014-06-02 11:41:41 +02:00
Steve Holme
bcbaed8165 RELEASE-NOTES: Synced with 2a615a2b64 2014-05-28 23:27:45 +01:00
Steve Holme
415c982afb RELEASE-NOTES: Synced with f634355868 2014-05-22 20:31:34 +01:00
Steve Holme
ddf4719694 bump: Start working on the next release 2014-05-21 23:05:45 +01:00
Daniel Stenberg
ae931b9998 RELEASE-NOTES: synced with 85f4075bdb
Possibly the final update before release...
2014-05-20 23:10:58 +02:00
Daniel Stenberg
751971b2c3 RELEASE-NOTES: synced with 831f6dd1d9 2014-05-17 23:00:09 +02:00
Daniel Stenberg
a481f5b308 RELEASE-NOTES: synced with 53a5b95c21 2014-05-15 22:15:39 +02:00
Steve Holme
4167498f74 RELEASE-NOTES: Synced with 52d16c84d2 2014-05-12 23:09:46 +01:00
Steve Holme
d041b8d33e RELEASE-NOTES: Synced with 0ab2c444b5 2014-05-09 21:24:47 +01:00
Kamil Dudka
ec5fde24de http: avoid auth failure on a duplicated header
... 'WWW-Authenticate: Negotiate' received from server

Reported by: David Woodhouse
Bug: https://bugzilla.redhat.com/1093348
2014-05-09 13:44:04 +02:00
Dan Fandrich
ba06278e97 RELEASE-NOTES: Added contributor 2014-05-07 22:46:06 +02:00
Dan Fandrich
34cdc77076 RELEASE-NOTES: changed encoding to UTF-8 2014-05-06 14:08:13 +02:00
Daniel Stenberg
55a8d40fa0 RELEASE-NOTES: synced with 5de8d84098 2014-05-06 10:39:31 +02:00
Steve Holme
312f36d453 RELEASE-NOTES: Synced with 4febbedc5a 2014-05-04 20:44:08 +01:00
Steve Holme
f4ec8ffee2 RELEASE-NOTES: Synced with 386ed2d590 2014-04-22 22:57:40 +01:00
Kamil Dudka
8868a226cd nss: implement non-blocking SSL handshake 2014-04-22 22:56:14 +02:00
Steve Holme
0115ec2f13 RELEASE-NOTES: Synced with 33e0cba8f1 2014-04-18 20:35:01 +01:00
Steve Holme
28d005cc9b RELEASE-NOTES: Synced with 5cdb61abb2 2014-04-06 16:57:37 +01:00
Steve Holme
c524ca35f5 RELEASE-NOTES: Synced with dd07e79023 2014-03-31 21:23:14 +01:00
Daniel Stenberg
5a327f39d5 bump: start the 7.37.0 race 2014-03-26 08:29:29 +01:00
Daniel Stenberg
4f041c9d6e RELEASE-NOTES: 7.36.0 2014-03-26 00:29:43 +01:00
Daniel Stenberg
b877494a27 RELEASE-NOTES: synced with 3ebfaf6a03 2014-03-25 14:54:11 +01:00
Dan Fandrich
715125e790 RELEASE-NOTES: fixed typo 2014-03-19 23:10:56 +01:00
Daniel Stenberg
ec0079a99d RELEASE-NOTES: synced with 47f8e99e78 2014-03-19 16:18:21 +01:00
Steve Holme
ac7118319e RELEASE-NOTES: Synced with 8ddda0e999 2014-03-09 19:44:12 +00:00
Steve Holme
d8073db304 RELEASE-NOTES: Synced with 7fef4016de 2014-03-02 10:48:40 +00:00
Marc Hoersken
87683d4b76 RELEASE-NOTES: Updated for 63fc8ee7 2014-02-24 22:29:25 +01:00
Steve Holme
3674f2021d RELEASE-NOTES: Synced with 8c80840d01 2014-02-23 11:24:46 +00:00
Marc Hoersken
e08d0662b7 RELEASE-NOTES: added note about impact of changes to WinSSL defaults 2014-02-22 16:57:29 +01:00
Daniel Stenberg
e9dfdef411 RELEASE-NOTES: synced with 854aca5420 2014-02-17 11:16:41 +01:00
Daniel Stenberg
db981b7b30 RELEASE-NOTES: synced with 378af08c99 2014-02-13 23:35:32 +01:00
Daniel Stenberg
87e873c6d0 version: next release will become 7.36.0 2014-02-11 11:30:15 +01:00
Steve Holme
cc0da321de RELEASE-NOTES: Synced with 8e62f7a650 2014-02-09 13:15:56 +00:00
Steve Holme
a738bb1c9f RELEASE-NOTES: Synced with 0f213fdca1 2014-01-31 00:48:22 +00:00
Kamil Dudka
665c160f0a nss: do not use the NSS_ENABLE_ECC define
It is not provided by NSS public headers.

Bug: https://bugzilla.redhat.com/1058776
2014-01-29 13:57:21 +01:00
Daniel Stenberg
5e7fe58698 bump: start working on 7.35.1 2014-01-29 08:35:58 +01:00
Daniel Stenberg
2bf90d0710 RELEASE-NOTES: done for 7.35.0 2014-01-29 07:59:01 +01:00
Dan Fandrich
2070a140fd RELEASE-NOTES: changed encoding to UTF-8 like previous releases 2014-01-28 22:23:31 +01:00
Steve Holme
f2e42dd056 RELEASE-NOTES: Synced with 5a47062cad 2014-01-28 13:52:06 +00:00
Steve Holme
4013a2aa64 RELEASE-NOTES: added another missing bug ref 2014-01-21 21:35:36 +00:00
Daniel Stenberg
0b5b52ff2d RELEASE-NOTES: added missing bug ref 2014-01-21 15:44:04 +01:00
Daniel Stenberg
82de54dd38 RELEASE-NOTES: synced with 12ecd56da7 2014-01-20 17:08:46 +01:00
Steve Holme
de966b403a RELEASE-NOTES: Synced with 2cac75c4e4 2014-01-19 13:57:03 +00:00
Steve Holme
ce82a1be0d RELEASE-NOTES: Synced with c7a76bb056 2014-01-15 21:44:34 +00:00
Steve Holme
7cd45b297e Makefile.dist: Added support for VC7
Currently VC7 and VC7.1 builds have to be ran with the VC variable set
to vc6 which is not only inconsistent with the nmake winbuild system
but also with newer versions of Visual Studio supported by this file.

Note: This doesn't break the build for anyone still running with the
VC variable set to vc6 or not set (which defaults to vc6).
2014-01-11 14:33:42 +00:00
Steve Holme
9362603f05 RELEASE-NOTES: Synced with 980659a2ca 2014-01-10 20:04:27 +00:00
Steve Holme
e96b67a70f RELEASE-NOTES: Synced with 8ae35102c4 2014-01-07 22:12:57 +00:00
Steve Holme
c16e5dfbc8 RELEASE-NOTES: Synced with 7de2e03258 2013-12-31 16:40:10 +00:00
Steve Holme
2dd9bfc5d9 RELEASE-NOTES: Synced with 0ff0a994ad 2013-12-25 00:09:33 +00:00
Steve Holme
08e57f916c RELEASE-NOTES: Corrected copy/paste typo 2013-12-24 16:53:15 +00:00
Steve Holme
6f2d5f0562 pop3: Fixed APOP being determined by CAPA response rather than by timestamp
This commit replaces that of 9f260b5d66 because according to RFC-2449,
section 6, there is no APOP capability "...even though APOP is an
optional command in [POP3].  Clients discover server support of APOP by
the presence in the greeting banner of an initial challenge enclosed in
angle brackets."
2013-12-24 16:34:55 +00:00
Steve Holme
3917d73b36 RELEASE-NOTES: Synced with 812c5ace75 2013-12-20 20:27:21 +00:00
Daniel Stenberg
13c696f37f bump: start working on the next release 2013-12-17 16:38:51 +01:00
Daniel Stenberg
0966b324d9 RELEASE-NOTES: synced with c0ef05e67
... for the pending 7.34.0 release

Upped the contributor count
2013-12-16 22:54:00 +01:00
Daniel Stenberg
8e2d73bbde RELEASE-NOTES: synced with dd4d9ea542 2013-12-14 23:22:52 +01:00
Daniel Stenberg
aadca7f418 RELEASE-NOTES: recount contributors and libcurl options 2013-12-09 11:56:01 +01:00
Daniel Stenberg
3905bd637d RELEASE-NOTES: synced with c4f46e97ca 2013-12-07 22:52:31 +01:00
Kamil Dudka
7fc9325a52 nss: allow to use TLS > 1.0 if built against recent NSS
Bug: http://curl.haxx.se/mail/lib-2013-11/0162.html
2013-12-02 15:00:13 +01:00
Steve Holme
fe7fc61c6e RELEASE-NOTES: Synced with ad3836448e 2013-12-01 16:51:32 +00:00
Steve Holme
edce855943 RELEASE-NOTES: Synced with 35e476a3f6 2013-11-24 18:05:54 +00:00
Steve Holme
925df53580 RELEASE-NOTES: Synced with 8191800a0c 2013-11-17 16:55:56 +00:00
Steve Holme
c5d73167a6 RELEASE-NOTES: Synced with bde901ad89 2013-11-13 10:12:01 +00:00
Daniel Stenberg
f833f54979 bump: next release will be 7.34.0
Due to all the news and changes.
2013-11-11 08:46:27 +01:00
Steve Holme
5bd999d0c5 RELEASE-NOTES: Synced with 0f81fbe5da 2013-11-10 18:16:21 +00:00
Steve Holme
f0831f7931 RELEASE-NOTES: Synced with 7fc3b2ce38 2013-11-05 07:17:24 +00:00
Steve Holme
43400b4086 email: Post graceful SASL authentication cancellation tidy up 2013-10-30 20:58:24 +00:00
Daniel Stenberg
7d1eb66cd7 RELEASE-NOTES: synced with 255826c40f 2013-10-29 23:06:04 +01:00
Steve Holme
1cb5150dba RELEASE-NOTES: Synced with d24b7953c2 2013-10-25 20:01:25 +01:00
Steve Holme
e179d0eb12 RELEASE-NOTES: Synced with ce61510127 2013-10-18 19:54:30 +01:00
Kamil Dudka
86c64f3daf curl_sasl: initialize NSS before using crypto 2013-10-18 15:37:18 +02:00
Daniel Stenberg
1dcc433661 bump: start working on 7.33.1 2013-10-14 23:11:20 +02:00
Daniel Stenberg
f77e89c5d2 RELEASE-NOTES: synced with 92cf6141ed 2013-10-13 23:24:21 +02:00
Kamil Dudka
d015f4ccac ssh: improve the logic for detecting blocking direction
This fixes a regression introduced by commit 0feeab78 limiting the speed
of SCP upload to 16384 B/s on a fast connection (such as localhost).
2013-10-12 23:03:28 +02:00
Daniel Stenberg
b46491900d RELEASE-NOTES: add twos refs to bug reports 2013-10-07 00:10:59 +02:00
Daniel Stenberg
725288bf2f RELEASE-NOTES: synced with 173160c0d0 2013-10-06 23:36:21 +02:00
Daniel Stenberg
77dc4ba877 RELEASE-NOTES: added recent contributors missing 2013-09-23 23:23:51 +02:00
Steve Holme
59c1743c78 RELEASE-NOTES: Corrected missed addition
Somehow commit 60a2046162 missed the last item in the sync list
even though I'm sure I added it during editing.
2013-09-21 22:28:07 +01:00
Steve Holme
60a2046162 RELEASE-NOTES: Synced with 6dd8bd8d2f 2013-09-21 22:20:40 +01:00
Steve Holme
18db743851 pop3: Added basic SASL XOAUTH2 support
Added the ability to use an XOAUTH2 bearer token [RFC6750] with POP3 for
authentication using RFC6749 "OAuth 2.0 Authorization Framework".

The bearer token is expected to be valid for the user specified in
conn->user. If CURLOPT_XOAUTH2_BEARER is defined and the connection has
an advertised auth mechanism of "XOAUTH2", the user and access token are
formatted as a base64 encoded string and sent to the server as
"AUTH XOAUTH2 <bearer token>".
2013-09-20 21:56:30 +01:00
Steve Holme
fbcefc0ce0 imap: Fixed response check for NOOP command 2013-09-14 10:44:28 +01:00
Steve Holme
f3c9749a40 imap: Fixed response check for LSUB and UID commands 2013-09-11 20:15:21 +01:00
Jiri Hruska
5c14a7f068 imap/pop3/smtp: Speed up SSL connection initialization
Don't wait for the next callback call (usually 1 second) before
continuing with protocol specific connection initialization.
2013-09-10 19:47:54 +01:00
Steve Holme
d89eb55906 RELEASE-NOTES: Corrected duplicate in bfefe2400a 2013-09-10 15:35:20 +01:00
Steve Holme
4a85e60cfe RELEASE-NOTES: Corrected typo from bfefe2400a 2013-09-10 14:06:50 +01:00
Steve Holme
bfefe2400a RELEASE-NOTES: synced with 25c6890375 2013-09-10 13:12:56 +01:00
Kamil Dudka
c639d725a3 url: handle abortion by read/write callbacks, too
Otherwise, the FTP protocol would unnecessarily hang 60 seconds if
aborted in the CURLOPT_HEADERFUNCTION callback.

Reported by: Tomas Mlcoch
Bug: https://bugzilla.redhat.com/1005686
2013-09-09 13:23:04 +02:00
Daniel Stenberg
2eabb7d590 curl: add --http1.1 and --http2.0 options 2013-09-04 22:29:38 +02:00
Steve Holme
f3849a7b84 imap: Fixed response check for EXPUNGE command 2013-08-31 10:49:49 +01:00
Daniel Stenberg
c3b513e75c bump: next release is 7.33.0 due to added features 2013-08-28 09:32:48 +02:00
Steve Holme
9d957294cb RELEASE-NOTES: synced with acf59be7f0 2013-08-26 23:27:07 +01:00
Daniel Stenberg
bb55293313 FTP: remove krb4 support
We've announced this pending removal for a long time and we've
repeatedly asked if anyone would care or if anyone objects. Nobody has
objected. It has probably not even been working for a good while since
nobody has tested/used this code recently.

The stuff in krb4.h that was generic enough to be used by other sources
is now present in security.h
2013-08-25 19:16:36 +02:00
Daniel Stenberg
ea464d72e9 RELEASE-NOTES: synced with 22adb46a32 2013-08-23 15:39:03 +02:00
Daniel Stenberg
e3ee73b70c version number: bump to 7.32.1 for now
Start working on the next version and up some counters.
2013-08-12 13:16:44 +02:00
Daniel Stenberg
4c40fe64b8 RELEASE-NOTES: synced with d20def2046 2013-08-08 16:37:17 +02:00
Daniel Stenberg
55ea83d622 RELEASE-NOTES: synced with b5478a0e03 2013-07-29 14:51:09 +02:00
Daniel Stenberg
6ed2bcc5f5 RELEASE-NOTES: synced with d529f3882b 2013-07-19 23:38:43 +02:00
Kamil Dudka
abca89aaa0 url: restore the functionality of 'curl -u :'
This commit fixes a regression introduced in
fddb7b44a7.

Reported by: Markus Moeller
Bug: http://curl.haxx.se/mail/archive-2013-06/0052.html
2013-06-30 20:13:14 +02:00
Daniel Stenberg
aff7562922 RELEASE-NOTES: synced with 365c5ba395
The 10 first bug fixes for the pending release...
2013-06-25 10:35:21 +02:00
Daniel Stenberg
ec248b590d bump: start working towards what most likely will become 7.32.0 2013-06-22 14:13:28 +02:00
Daniel Stenberg
85c710e11e RELEASE-NOTES: synced with 0de7249bb3 - 7.31.0 2013-06-22 11:30:31 +02:00
Daniel Stenberg
a9f5ad0e2a RELEASE-NOTES: synced with e305f5ec71 2013-06-20 22:27:33 +02:00
Daniel Stenberg
1826c768ab RELEASE-NOTES: synced with 9c3e098259
Mention 7 recent bug fixes and their associated contributors
2013-06-13 23:01:32 +02:00
Daniel Stenberg
dc19e656b5 RELEASE-NOTES: synced with 87cf677eca
Added 11 bugs and 7 contributors
2013-06-07 10:39:21 +02:00
Daniel Stenberg
01eede2662 RELEASE-NOTES: synced with ae26ee3489 2013-05-12 14:36:04 +02:00
Jared Jennings
865d4138a0 curl -E: allow to escape ':' in cert nickname 2013-05-06 14:32:26 +02:00
Steve Holme
7632bc911b RELEASE-NOTES: synced with 92ef5f19c8 2013-05-04 10:13:43 +01:00
Steve Holme
b52cf5d2cd smtp: Fixed unknown percentage complete in progress bar
The curl command line utility would display the the completed progress
bar with a percentage of zero as the progress routines didn't know the
size of the transfer.
2013-04-29 22:34:26 +01:00
Nick Zitzmann
a5c0e20939 darwinssl: add TLS crypto authentication
Users using the Secure Transport (darwinssl) back-end can now use a
certificate and private key to authenticate with a site using TLS. Because
Apple's security system is based around the keychain and does not have any
non-public function to create a SecIdentityRef data structure from data
loaded outside of the Keychain, the certificate and private key have to be
loaded into the Keychain first (using the certtool command line tool or
the Security framework's C API) before we can find it and use it.
2013-04-27 23:15:07 -06:00
Daniel Stenberg
219358b93d bump version
Since we're adding new stuff, the next release will bump the minor
version and we're looking forward to 7.31.0
2013-04-27 23:15:35 +02:00
Steve Holme
f133719f73 RELEASE-NOTES: synced with f4e6e201b1 2013-04-27 20:43:55 +01:00
Zdenek Pavlas
b37b5233ca url: initialize speed-check data for file:// protocol
... in order to prevent an artificial timeout event based on stale
speed-check data from a previous network transfer.  This commit fixes
a regression caused by 9dd85bced5.

Bug: https://bugzilla.redhat.com/906031
2013-04-26 15:38:22 +02:00
Steve Holme
c0d502785f RELEASE-NOTES: synced with a8c92cb608 2013-04-24 19:40:06 +01:00
Steve Holme
5821d5f111 RELEASE-NOTES: synced with d535c4a2e1 2013-04-20 09:56:16 +01:00
Steve Holme
95ba6cdd54 RELEASE-NOTES: Removed erroneous spaces 2013-04-13 18:35:16 +01:00
Steve Holme
7ce6cb9ab4 RELEASE-NOTES: synced with 8723cade21 2013-04-13 16:43:30 +01:00
Daniel Stenberg
e0cff02061 bump: start working towards next release 2013-04-12 11:30:32 +02:00
Daniel Stenberg
80d241046e RELEASE-NOTES: cleaned up for 7.30 (synced with 5c5e1a1cd2)
Most notable the security advisory:
http://curl.haxx.se/docs/adv_20130412.html
2013-04-12 00:05:39 +02:00
Daniel Stenberg
4594ee5e14 RELEASe-NOTES: synced with 29fdb2700f
added "tcpkeepalive on Mac OS X"
2013-04-09 14:49:27 +02:00
Nick Zitzmann
d7f4c3772e darwinssl: disable insecure ciphers by default
I noticed that aria2's SecureTransport code disables insecure ciphers such
as NULL, anonymous, IDEA, and weak-key ciphers used by SSLv3 and later.
That's a good idea, and now we do the same thing in order to prevent curl
from accessing a "secure" site that only negotiates insecure ciphersuites.
2013-04-08 17:07:20 -06:00
Steve Holme
4990f46856 RELEASE-NOTES: Corrected duplicate NTLM memory leaks 2013-04-08 20:59:50 +01:00
Steve Holme
5e24db0cba RELEASE-NOTES: Removed trailing full stop 2013-04-08 20:34:29 +01:00
Daniel Stenberg
9141c75bfb RELEASE-NOTES: sync with 704a5dfca9 2013-04-08 08:43:18 +02:00
Daniel Stenberg
bf7a270e0b RELEASE-NOTES: synced with 5e722b2d09
3 more bug fixes, 6 more contributors
2013-04-05 23:31:00 +02:00
Daniel Stenberg
c7e56db050 RELEASE-NOTES: synced with 0614b90213 2013-04-01 00:36:50 +02:00
Steve Holme
048726a5a2 RELEASE-NOTES: Corrected typo 2013-03-27 20:35:28 +00:00
Daniel Stenberg
b8c195974c RELEASE-NOTES: add two references 2013-03-27 15:36:15 +01:00
Daniel Stenberg
11219b3c93 RELEASE-NOTES: synced with bc6037ed3e
More changes, bugfixes and contributors!
2013-03-23 23:29:40 +01:00
Nick Zitzmann
6f1f7e5de8 darwinssl: disable ECC ciphers under Mountain Lion by default
I found out that ECC doesn't work as of OS X 10.8.3, so those ciphers are
turned off until the next point release of OS X.
2013-03-19 15:21:34 -06:00
Zdenek Pavlas
57ccdfa8d2 curl_global_init: accept the CURL_GLOBAL_ACK_EINTR flag
The flag can be used in pycurl-based applications where using the multi
interface would not be acceptable because of the performance lost caused
by implementing the select() loop in python.

Bug: http://curl.haxx.se/bug/view.cgi?id=1168
Downstream Bug: https://bugzilla.redhat.com/919127
2013-03-12 10:58:20 +01:00
Kamil Dudka
491e026ccd easy: do not ignore poll() failures other than EINTR 2013-03-12 10:58:19 +01:00
Daniel Stenberg
cb07bca689 RELEASE-NOTES: synced with ca3c0ed3a9
8 more bugfixes, one change and a bunch of contributors
2013-03-09 16:32:23 +01:00
Daniel Stenberg
6d8d306905 RELEASE-NOTES: mention that krb4 is up for consideration 2013-03-08 22:33:27 +01:00
Daniel Stenberg
442084cdb5 version bump: the next release will be 7.30.0 2013-03-07 11:14:16 +01:00
Steve Holme
9ceee69ff7 RELEASE-NOTES: Added missing imap fixes and additions
With all the recent imap changes it wasn't clear what new features and
fixes should be included in the release notes.
2013-03-07 10:03:28 +00:00
Nick Zitzmann
a9cc5ee0c6 RELEASE-NOTES: brought this up-to-date with the latest changes 2013-03-06 20:03:18 -07:00
Kamil Dudka
9d0af3018c nss: fix misplaced code enabling non-blocking socket mode
The option needs to be set on the SSL socket.  Setting it on the model
takes no effect.  Note that the non-blocking mode is still not enabled
for the handshake because the code is not yet ready for that.
2013-03-06 13:34:10 +01:00
Daniel Stenberg
d4703fa428 Guile-curl: a new libcurl binding 2013-02-16 14:26:28 +01:00
Steve Holme
ff8c5a329e RELEASE-NOTES: Updated following the recent imap/pop3/smtp changes 2013-02-10 22:32:47 +00:00
Steve Holme
8170d1f828 RELEASE-NOTES: synced with 92f7606f29 2013-02-10 11:41:42 +00:00
Steve Holme
ce4b554e5d RELEASE-NOTES: Added new imap features 2013-02-07 21:20:11 +00:00
Daniel Stenberg
2488a01337 7.29.1: onwards! 2013-02-06 14:50:39 +01:00
Daniel Stenberg
0f1deac71e RELEASE-NOTES: mention the SASL buffer overflow 2013-02-06 11:06:33 +01:00
Daniel Stenberg
25d13822ae RELEASE-NOTES: synced with 25f351424b
8 more bug fixes mentioned
2013-02-05 23:19:19 +01:00
Steve Holme
03577a355e RELEASE-NOTES: Updated following recent changes to the email protocols
Added recent additions and fixes following the changes to imap, pop3
and smtp. Additionally added another contributor that helped to test
the imap sasl changes.
2013-02-05 00:11:24 +00:00
Daniel Stenberg
38ec16d671 RELEASE-NOTES: only list Nick once
Even though he's a fine dude, once is enough for this time!
2013-01-28 22:32:11 +01:00
Daniel Stenberg
446afec71a RELEASE-NOTES: add references to several bugfixes+changes 2013-01-18 15:57:11 +01:00
Steve Holme
e2bfae239f RELEASE-NOTES: Added missing imap fix
Added missing imap fix as per commit 709b3506cd.
2013-01-18 12:15:37 +00:00
Daniel Stenberg
0e1855d9d3 RELEASE-NOTES: synced with c43127414d 2013-01-18 00:12:18 +01:00
Kamil Dudka
26613d7817 nss: fix error messages for CURLE_SSL_{CACERT,CRL}_BADFILE
Do not use the error messages from NSS for errors not occurring in NSS.
2013-01-15 13:20:56 +01:00
Kamil Dudka
b36f1d26f8 nss: clear session cache if a client cert from file is used
This commit fixes a regression introduced in 052a08ff.

NSS caches certs/keys returned by the SSL_GetClientAuthDataHook callback
and if we connect second time to the same server, the cached cert/key
pair is used.  If we use multiple client certificates for different
paths on the same server, we need to clear the session cache to force
NSS to call the hook again.  The commit 052a08ff prevented the session
cache from being cleared if a client certificate from file was used.

The condition is now fixed to cover both cases: consssl->client_nickname
is not NULL if a client certificate from the NSS database is used and
connssl->obj_clicert is not NULL if a client certificate from file is
used.

Review by: Kai Engert
2013-01-11 10:59:11 +01:00
Daniel Stenberg
431ead1c9a RELEASE-NOTES: synced with e3ed2b82e6 2012-12-27 20:15:07 +01:00
Kamil Dudka
68d2830ee9 nss: prevent NSS from crashing on client auth hook failure
Although it is not explicitly stated in the documentation, NSS uses
*pRetCert and *pRetKey even if the client authentication hook returns
a failure.  Namely, if we destroy *pRetCert without clearing *pRetCert
afterwards, NSS destroys the certificate once again, which causes a
double free.

Reported by: Bob Relyea
2012-12-03 13:34:36 +01:00
Daniel Stenberg
ba476bb6d8 bump: start working on 7.28.2 2012-11-20 10:27:36 +01:00
Daniel Stenberg
b9fdb721f2 RELEASE-NOTES: synced with 52af6e69f0 / 7.28.1 2012-11-20 08:05:42 +01:00
Anthony Bryan
c830115c48 RELEASE-NOTES: NSS can be used for metalink hashing 2012-11-20 00:14:31 +01:00
Kamil Dudka
32be348af2 test2032: spurious failure caused by premature termination
Bug: http://curl.haxx.se/mail/lib-2012-11/0095.html
2012-11-19 13:36:10 +01:00
Daniel Stenberg
dd75cba3ef RELEASE-NOTES: synced with ee588fe088
4 more bug fixes and 4 more contributors
2012-11-17 14:23:41 +01:00
Daniel Stenberg
53c83ee3ed RELEASE-NOTES: synced with fa1ae0abcd 2012-11-14 22:32:19 +01:00
Daniel Stenberg
6a4bdb027b RELEASE-NOTES: synced with 7c0cbcf2f6 2012-11-13 13:03:38 +01:00
Kamil Dudka
49c37e6c1c tool_metalink: allow to use hash algorithms provided by NSS
Fixes bug #3578163:
http://sourceforge.net/tracker/?func=detail&atid=100976&aid=3578163&group_id=976
2012-11-09 10:42:54 +01:00
Daniel Stenberg
9096f4f451 RELEASE-NOTES: synced with 487538e87a
6 new bugfixes and 3 more contributors...
2012-11-07 23:21:55 +01:00
Daniel Stenberg
0da6c113ce RELEASE-NOTES: synced with fa6d78829f 2012-11-06 12:03:29 +01:00
Daniel Stenberg
ff32546d81 version-bump: towards 7.28.1! 2012-10-10 22:35:08 +02:00
Daniel Stenberg
33c02d4771 RELEASE-NOTES: synced with 8373ca3641
One bug, one contributor. Getting ready for release.
2012-10-10 21:58:16 +02:00
Daniel Stenberg
6b18f18b4c RELEASE-NOTES: synced with 971f5bcedd
9 new bug fixes, 5 changes, 6 more contributors
2012-10-02 10:39:51 +02:00
Kamil Dudka
f05e51362f ssh: do not crash if MD5 fingerprint is not provided by libssh2
The MD5 fingerprint cannot be computed when running in FIPS mode.
2012-09-12 16:49:10 +02:00
Daniel Stenberg
a492632022 RELEASE-NOTES: synced with 6c6f1f64c2
6 bug fixes to mention, 5 contributors
2012-09-09 14:55:52 +02:00
Daniel Stenberg
cb2feb9def RELEASE-NOTES: synced with abb0da9193 2012-09-03 23:20:33 +02:00
Kamil Dudka
52b6eda4f2 nss: do not print misleading NSS error codes 2012-08-09 13:33:49 +02:00
Daniel Stenberg
73342f0ee0 RELEASE-NOTES: synced with 0774386b23
5 more bug fixes, one change, 6 contributors
2012-08-08 23:19:05 +02:00
Daniel Stenberg
4dd44d9c20 RELEASE-NOTES: added missing link 2012-08-08 23:01:14 +02:00
Daniel Stenberg
77f72aa6c3 RELEASE-NOTES: synced with b4a558041f 2012-08-07 23:20:06 +02:00
Daniel Stenberg
dd4699c111 version bump: start towards next release
Let's call it 7.27.1 for now, but it it probably going to become 7.28.0
when released.
2012-07-27 23:57:27 +02:00
Daniel Stenberg
7f9f94a1df RELEASE-NOTES: remove mentioned of bug never in a release
The --silent bug came with 7561a0fc83 which was never in a release.
Pointed out by Kamil Dudka
2012-07-27 00:31:15 +02:00
Daniel Stenberg
3b4d430cd8 RELEASE-NOTES: synced with 33b815e894
4 more bugfixes, 3 more contributors
2012-07-27 00:15:17 +02:00
Kamil Dudka
d317ca50ae http: print reason phrase from HTTP status line on error
Bug: https://bugzilla.redhat.com/676596
2012-07-22 02:12:43 +02:00
Dan Fandrich
cb787b70bf Fixed some typos in documentation 2012-07-20 21:02:58 +02:00
Daniel Stenberg
8276791749 RELEASE-NOTES: synced with 9d11716933
Fixed 6 bugs, added 3 contributors
2012-07-15 22:39:06 +02:00
Daniel Stenberg
e5843470e8 docs: switch to proper UTF-8 for text file encoding 2012-07-09 19:28:51 +02:00
Daniel Stenberg
329be28d69 RELEASE-NOTES: added a URL reference to cookie docs 2012-07-09 13:11:44 +02:00
Daniel Stenberg
68e6b56a2a RELEASE-NOTES: synced with 5a99bce07d 2012-07-07 14:47:46 +02:00
Daniel Stenberg
07e3ea7f26 RELEASE-NOTES: link to more metalink info 2012-06-25 23:03:52 +02:00
Daniel Stenberg
4afc33db8d RELEASE-NOTES: synced with d025af9bb5 2012-06-25 23:02:32 +02:00
Yang Tse
819afe46ee schannel: remove version number and identify its use with 'schannel' literal
Version number is removed in order to make this info consistent with
how we do it with other MS and Linux system libraries for which we don't
provide this info.

Identifier changed from 'WinSSPI' to 'schannel' given that this is the
actual provider of the SSL/TLS support. libcurl can still be built with
SSPI and without SCHANNEL support.
2012-06-13 16:42:48 +02:00
Marc Hoersken
0c86ccc647 sspi: Updated RELEASE-NOTES, FEATURES and THANKS 2012-06-11 19:00:37 +02:00
Steve Holme
c09c621af7 pop3: Added support for apop authentication 2012-06-09 13:49:37 +01:00
Kamil Dudka
68857e40d6 ssl: fix duplicated SSL handshake with multi interface and proxy
Bug: https://bugzilla.redhat.com/788526
Reported by: Enrico Scholz
2012-06-08 23:27:11 +02:00
Steve Holme
7759d10f36 pop3: Added support for sasl digest-md5 authentication 2012-06-04 21:50:16 +01:00
Steve Holme
79c2af3082 RELEASE-NOTES: Added missing addition of sasl login support 2012-06-03 19:28:08 +01:00
Steve Holme
8c0bfd3e0c pop3: Added support for sasl cram-md5 authentication 2012-06-03 19:13:16 +01:00
Daniel Stenberg
4cff10af69 RELEASE-NOTES: synced with c4e3578e4b
Also bumped the contributor number and next release is to become 7.27.0
2012-06-03 13:51:54 +02:00
Steve Holme
69ba0da827 pop3: Fixed the issue of having to supply the user name for all requests
Previously it wasn't possible to connect to POP3 and not specify the
user name as a CURLE_ACCESS_DENIED error would be returned. This error
occurred because USER would be sent to the server with a blank user name
if no mailbox user was specified as the server would reply with -ERR.

This wasn't a problem prior to the 7.26.0 release but with the
introduction of custom commands the user and/or application developer
might want to issue a CAPA command without having to log in as a
specific mailbox user.

Additionally this fix won't send the newly introduced AUTH command if no
user name is specified.
2012-06-02 22:11:37 +01:00
Kamil Dudka
72f4b534c4 nss: use human-readable error messages provided by NSS
Bug: http://lists.baseurl.org/pipermail/yum-devel/2012-January/009002.html
2012-05-28 11:24:24 +02:00
Daniel Stenberg
244e966138 bump to 7.26.1: start working towards next release 2012-05-24 18:32:34 +02:00
Daniel Stenberg
c262c35676 RELEASE-NOTES: synced with ef60fdbd73
Just before 7.26.0 is about to ship
2012-05-24 18:04:41 +02:00
Daniel Stenberg
cc36756aa2 RELEASE-NOTES: synced with 8ae1e657e8
And mention that this will become 7.26.0
2012-05-22 10:54:55 +02:00
Daniel Stenberg
6f998400d9 REALEASE-NOTES: synced with 64f48e884e 2012-04-29 23:10:37 +02:00
Kamil Dudka
a60edcc6d4 nss: provide human-readable names for NSS errors 2012-04-13 12:19:36 +02:00
Kamil Dudka
20cb12db8d nss: use NSS_InitContext() to initialize NSS if available
NSS_InitContext() was introduced in NSS 3.12.5 and helps to prevent
collisions on NSS initialization/shutdown with other libraries.

Bug: https://bugzilla.redhat.com/738456
2012-04-13 12:19:36 +02:00
Kamil Dudka
42aa796150 nss: unconditionally require PK11_CreateGenericObject()
This bumps the minimal supported version of NSS to 3.12.x.
2012-04-13 12:19:36 +02:00
Yang Tse
682f0840e7 version: start working on 7.25.1-DEV 2012-03-23 16:59:03 +01:00
Daniel Stenberg
c1babfad8a RELEASE-NOTES: synced with b8b2cf612b 2012-03-22 19:40:25 +01:00
Daniel Stenberg
47236d89c0 RELEASE-NOTES: synced with ad77420ac7
3 more bugs, 1 more contributor
2012-03-18 00:26:56 +01:00
Daniel Stenberg
79afcbefb4 RELEASE-NOTES: synced with e650dbde86
New: 12 bugs, 3 changes, 6 contributors and updated counters at the top
2012-03-10 22:29:30 +01:00
Daniel Stenberg
35e965c9a0 RELEASE-NOTES: synced with 2b26eb985
9 bug fixes, 4 changes and numerous contributors

Bumped release version and option counters
2012-02-13 23:26:48 +01:00
Yang Tse
93e344bbf4 version: start working on 7.24.1-DEV 2012-01-25 11:27:39 +01:00
Daniel Stenberg
a8e063b087 RELEASE-NOTES: synced with 70f71bb99f
Synced and prepared for 7.24.0 release. Two security problems, one bug fix,
two more contributors.
2012-01-24 09:24:37 +01:00
Daniel Stenberg
ee57e9dea6 RELEASE-NOTES: synced with 6e2fd2c9ea
3 more bugfixes, 3 more contributors
2012-01-22 23:44:51 +01:00
Daniel Stenberg
4b9af77d54 RELEASE-NOTES: synced with 5d70a61b94
5 more bug fixes, 1 more contributor
2012-01-18 22:33:45 +01:00
Daniel Stenberg
54dede4166 RELEASE-NOTES: synced with 9f20379fe4
5 bug fixes, 3 more contributors
2012-01-12 23:30:19 +01:00
Daniel Stenberg
a4202be655 RELEASE-NOTES: synced with 2f4a487a68
Two bugfixes, two more contributors
2012-01-03 23:33:52 +01:00
Daniel Stenberg
f4949e56eb RELEASE-NOTES: synced with 81ebdd9e28
6 more bugfixes, 3 more contributors
2011-12-31 11:22:26 +01:00
Kamil Dudka
9f7f6a62ff transfer: avoid unnecessary timeout event when waiting for 100-continue
The commit 9dd85bc unintentionally changed the way we compute the time
spent waiting for 100-continue.  In particular, when using a SSL client
certificate, the time spent by SSL handshake was included and could
cause the CURL_TIMEOUT_EXPECT_100 timeout to be mistakenly fired up.

Bug: https://bugzilla.redhat.com/767490
Reported by: Mamoru Tasaka
2011-12-25 22:37:24 +01:00
Daniel Stenberg
4bb140bfc9 RELEASE-NOTES: added two references 2011-12-20 23:57:39 +01:00
Daniel Stenberg
3d6e2ec925 RELEASE-NOTES: synced with 380bade777
5 new bugfixes, 2 new changes and 4 new contributors
2011-12-20 23:27:41 +01:00
Daniel Stenberg
1fc5cd6a1a RELEASE-NOTES: synced with af9bc1604c
One new feature, one bug fix. Introduced references in this file for
mentioned issues after this discussion:
http://curl.haxx.se/mail/lib-2011-12/0187.html

The plan is to let the references get moved over to the changes.html
file at release-time
2011-12-19 20:08:59 +01:00
Daniel Stenberg
ba057c2e19 RELEASE-NOTES: synced with 1259ccf747
5 more bugfixes, 5 more contributors
2011-12-12 20:06:50 +01:00
Daniel Stenberg
3bbe219be2 RELEASE-NOTES: synced with 347f951c39
8 more bugs, 5 more contributors
2011-12-05 22:58:30 +01:00
Daniel Stenberg
bd94807003 RELEASE-NOTES: synced with 1038d0aa1
5 bugfixes and 1 new contributor
2011-11-30 16:38:58 +01:00
Daniel Stenberg
f712ace9d7 RELEASE-NOTES: synced with 2c905fd1f8 2011-11-25 00:09:43 +01:00
Daniel Stenberg
967b2f87a8 RELEASE-NOTES: correct the release and contributor numbers 2011-11-17 18:29:15 +01:00
Daniel Stenberg
5e0aa3aac9 7.24.0: start the work 2011-11-15 20:44:49 +01:00
Daniel Stenberg
6c4216b2a7 RELEASE-NOTES: synced with 10120e6a
one more bug fix and contributor
2011-11-12 10:09:54 +01:00
Daniel Stenberg
c8ffb4049a RELEASE-NOTES: synced with e3166df1bb
4 new bugfixes, 2 more contributors
2011-11-06 23:42:28 +01:00
Daniel Stenberg
4c88866737 RELEASE-NOTES: synced with 4464583a6e
5 more bug fixes, 4 additional contributors
2011-10-25 23:28:30 +02:00
Daniel Stenberg
2c8c46619b RELEASE-NOTES: synced with ecbb08cea3 2011-10-18 22:34:32 +02:00
Kamil Dudka
f6980bbf24 nss: select client certificates by DER
... instead of nicknames, which are not unique.
2011-10-17 12:11:38 +02:00
Dan Fandrich
acaf466401 RELEASE-NOTES: Fixed a couple of typos 2011-10-08 23:12:07 -07:00
Daniel Stenberg
db060304de RELEASE-NOTES: synced with 5898a6a09b
Bumped next release version to become 7.23.0 for the changes
2011-09-29 08:51:52 +02:00
Daniel Stenberg
bc28a35dbc RELEASE-NOTES: synced with d2a47021c0 2011-09-25 23:20:46 +02:00
warp kawada
aff70e2e95 Curl_add_custom_headers: support headers with no data
A custom HTTP header ending in a semicolon instead of a colon
will be treated as a header to be added without any data
portion.
2011-09-13 16:17:21 -07:00
Daniel Stenberg
2411adb40b 7.22.1: start working 2011-09-13 20:04:03 +02:00
Daniel Stenberg
64c613c27a RELEASE-NOTES: ready for 7.22.0 2011-09-13 18:53:00 +02:00
Yang Tse
50c3c20416 Mention that BSD-style lwIP TCP/IP stack support on Windows is experimental. 2011-09-12 16:01:07 +02:00
Yang Tse
a7d8894291 ssh.c: revert needless commit 7b7c45879e 2011-09-10 00:52:13 +02:00
Daniel Stenberg
08a5a9b68d RELEASE-NOTES: synced with 303c90074d
Five more bugfixes, one more contributor
2011-09-09 15:38:30 +02:00
Daniel Stenberg
e495f82f86 RELEASE-NOTES: synced with 3445fa2e3f 2011-08-29 15:37:06 +02:00
Yang Tse
b4f6319cf7 NTLM single-sign on adjustments (XI)
Feature string literal NTLM_SSO renamed to NTLM_WB.
Preprocessor symbol USE_NTLM_SSO renamed to WINBIND_NTLM_AUTH_ENABLED.
curl's 'long' option 'ntlm-sso' renamed to 'ntlm-wb'.
Fix some comments to make clear that this is actually a NTLM delegation.
2011-08-27 01:33:35 +02:00
Kamil Dudka
d6f319fb64 nss: start with no database if the selected database is broken
Bug: https://bugzilla.redhat.com/728562
2011-08-15 14:44:49 +02:00
Daniel Stenberg
e209f3f176 RELEASE-NOTES: synced with a30ede868a
Three more bugs fixed, three more contributors mentioned
2011-08-13 23:03:43 +02:00
Daniel Stenberg
8bd877d179 docs: --delegation 2011-08-12 23:51:41 +02:00
Daniel Stenberg
43d2c66454 RELEASE-NOTES: recounted and updated some numbers 2011-08-09 09:32:53 +02:00
Daniel Stenberg
9f10dabc43 RELEASE-NOTES: synced with 45d883d88d
Mention 5 bugixes and 1 change more
2011-08-08 19:40:45 +02:00
Daniel Stenberg
56a0635216 version bump: next release is 7.22.0 2011-08-08 09:27:53 +02:00
Yang Tse
817b863466 BSD-style lwIP TCP/IP stack support - docs/INSTALL blurb 2011-08-05 16:32:20 +02:00
Daniel Stenberg
e1f3536bac RELEASE-NOTES: synced with afe88d85f4 2011-08-05 01:12:24 +02:00
Adam Tkac
ebf42c4be7 Add new CURLOPT_GSSAPI_DELEGATION option.
Curl_gss_init_sec_context got new parameter - SessionHandle.

Signed-off-by: Adam Tkac <atkac@redhat.com>
2011-08-03 10:23:34 +02:00
Daniel Stenberg
dcc8481a13 RELEASE-NOTES: HTTP error handling on request body send 2011-07-20 00:08:41 +02:00
Daniel Stenberg
67f28662e1 bump release: start working towards 7.21.8 2011-06-23 13:51:53 +02:00
Daniel Stenberg
42c6b7577f RELEASE-NOTES: mention security issue 20110623
libcurl inappropriate GSSAPI delegation. Full details at
http://curl.haxx.se/docs/adv_20110623.html
2011-06-22 23:12:39 +02:00
Daniel Stenberg
e5010ec3ff RELEASE-NOTES: synced with 9016958aa8 2011-06-22 23:04:26 +02:00
Daniel Stenberg
8fc4be9e7b RELEASE-NOTES: add more contributors for this release 2011-06-14 19:17:41 +02:00
Daniel Stenberg
70eee054f2 RELEASE-NOTES: synced with 0aedccc18a 2011-06-14 14:45:44 +02:00
Kamil Dudka
f551aa5c16 disconnect: wipe out the keeps_speed time stamp
When closing a connection, the speedchecker's timestamp is now deleted
so that it cannot accidentally be used by a fresh connection on the same
handle when examining the transfer speed.

Bug: https://bugzilla.redhat.com/679709
2011-06-08 00:23:41 +02:00
Daniel Stenberg
6aff805942 RELEASE-NOTES: synced with b772f3a321 2011-06-07 13:15:50 +02:00
Daniel Stenberg
b996b202c4 RELEASE-NOTES: synced with 32001ac414 2011-05-06 11:26:37 +02:00
Daniel Stenberg
f83c36934f RELEASE-NOTES: synced with c4bc1d473f 2011-04-28 22:23:11 +02:00
Daniel Stenberg
c985a8df51 bump version: work towards 7.21.7 2011-04-22 22:02:55 +02:00
Daniel Stenberg
2a05025510 RELEASE-NOTES: two more contributors 2011-04-22 19:17:26 +02:00
Daniel Stenberg
37b9fe104a RELEASE-NOTES: synced with 3242abd87a 2011-04-20 23:59:36 +02:00
Daniel Stenberg
a5db4a46ac RELEASE-NOTES: synced with 5aae3c13e2 2011-04-19 16:40:24 +02:00
Daniel Stenberg
84f809e7a8 RELEASE-NOTES: updated contributor amount 2011-04-17 23:48:50 +02:00
Daniel Stenberg
909acfbbba 7.21.6: next planned release number 2011-04-17 23:44:24 +02:00
Daniel Stenberg
714215f283 RELEASE-NOTES: synced with c246f63a71 2011-04-16 00:16:25 +02:00
Daniel Stenberg
6710970bce RELEASE-NOTES: synced with f01df19798 2011-04-11 22:38:07 +02:00
Kamil Dudka
1a6e7da13d nss: allow to use multiple client certificates for a single host
In case a client certificate is used, invalidate SSL session cache
at the end of a session.  This forces NSS to ask for a new client
certificate when connecting second time to the same host.

Bug: https://bugzilla.redhat.com/689031
2011-04-08 13:35:26 +02:00
Daniel Stenberg
8e9e19b0d5 RELEASE-NOTES: synced with db59b6202d 2011-04-05 13:42:39 +02:00
Daniel Stenberg
40256ec4d3 RELEASE-NOTES: synced with 11c2db2aa2 2011-03-25 21:56:50 +01:00
Daniel Stenberg
92774ac1f3 RELEASE-NOTES: synced with 0c05ee3a33 2011-03-18 09:30:53 +01:00
Kamil Dudka
806dbb022b nss: do not ignore value of CURLOPT_SSL_VERIFYPEER
When NSS-powered libcurl connected to a SSL server with
CURLOPT_SSL_VERIFYPEER equal to zero, NSS remembered that the peer
certificate was accepted by libcurl and did not ask the second time when
connecting to the same server with CURLOPT_SSL_VERIFYPEER equal to one.

This patch turns off the SSL session cache for the particular SSL socket
if peer verification is disabled.  In order to avoid any performance
impact, the peer verification is completely skipped in that case, which
makes it even faster than before.

Bug: https://bugzilla.redhat.com/678580
2011-03-15 15:48:24 +01:00
Daniel Stenberg
176092d760 RELEASE-NOTES: synced with e649a7baae 2011-03-13 01:06:23 +01:00
Daniel Stenberg
386afdf607 RELEASE-NOTES: synced with 2345c1dd66 2011-02-23 12:59:06 +01:00
Kamil Dudka
7aa2d10e0d nss: do not ignore failure of SSL handshake
Flaw introduced in fc77790 and present in curl-7.21.4.
Bug: https://bugzilla.redhat.com/669702#c16
2011-02-22 13:19:57 +01:00
Daniel Stenberg
1c3c0162c6 SOCKOPTFUNCTION: callback can say already-connected
Introducing a few CURL_SOCKOPT* defines for conveniance. The new
CURL_SOCKOPT_ALREADY_CONNECTED signals to libcurl that the socket is to
be treated as already connected and thus it will skip the connect()
call.
2011-02-17 22:32:01 +01:00
Kamil Dudka
a40f58d2ef nss: avoid memory leak on SSL connection failure 2011-02-17 17:57:16 +01:00
Daniel Stenberg
66582c04b1 RELEASE-NOTES: fresh start towards 7.21.5 2011-02-17 14:00:25 +01:00
Daniel Stenberg
b66eeb8bf8 RELEASE-NOTES: credits since 7.21.3
I went through all the names mentioned as authors and in commit messages
since 7.21.3, and this list inserted now is sorted on first name.
2011-02-17 10:14:55 +01:00
Daniel Stenberg
96ea650ec7 RELEASE-NOTES: synced with 3bb1291fbd 2011-02-10 22:33:12 +01:00
Daniel Stenberg
ce24fdaa2c RELEASE-NOTES: mention contributors 2011-01-18 23:41:57 +01:00
Daniel Stenberg
02c99899a2 RELEASE-NOTES: synced with 7fcbdd68b9 2011-01-18 23:40:48 +01:00
Kamil Dudka
fc77790bcd nss: fix a bug in handling of CURLOPT_CAPATH
... and update the curl.1 and curl_easy_setopt.3 man pages such that
they do not suggest to use an OpenSSL utility if curl is not built
against OpenSSL.

Bug: https://bugzilla.redhat.com/669702
2011-01-18 14:30:49 +01:00
Kamil Dudka
d8f6d1c334 nss: avoid CURLE_OUT_OF_MEMORY given a file name without any slash
Bug: https://bugzilla.redhat.com/623663
2011-01-04 17:20:43 +01:00
Daniel Stenberg
6cf35852ad RELEASE-NOTES: synced with 83e9fb21aa 2011-01-04 00:07:30 +01:00
Daniel Stenberg
5e37689a1a 7.21.4: version bump 2010-12-15 16:05:17 +01:00
Daniel Stenberg
6d7d0eba6d RELEASE-NOTES: synced with a865bd9fba 2010-12-15 15:06:12 +01:00
Daniel Stenberg
573a2900cd RELEASE-NOTES: synced with c28443c551 2010-12-09 11:23:33 +01:00
Matthias Bolte
a83870ef9d Detect socket errors in GnuTLS on Windows
On Windows, translate WSAGetLastError() to errno values as GNU
TLS does it internally, too. This is necessary because send() and
recv() on Windows don't set errno when they fail but GNU TLS
expects a proper errno value.

Bug: http://curl.haxx.se/bug/view.cgi?id=3110991
2010-11-19 13:34:07 -08:00
Daniel Stenberg
4d6c0bdf74 RELEASE-NOTES: synced with cbf4961bf3 2010-11-15 00:07:55 +01:00
Kamil Dudka
12b2412c52 ftp: treat server's response 421 as CURLE_OPERATION_TIMEDOUT
Bug: https://bugzilla.redhat.com/650255
Reported by: Simon H.
2010-11-09 18:13:20 +01:00
Daniel Stenberg
f96a2641fc RELEASE-NOTES: synced with fc6c4c10f9
I also recounted and updated the command line and libcurl options.
2010-11-08 11:20:39 +01:00
Daniel Stenberg
68a485b00a RELEASE-NOTES: synced with 7b823badbc 2010-11-04 22:55:45 +01:00
Daniel Stenberg
295496fa34 RELEASE-NOTES: sync with 09a2d93a0f 2010-10-17 18:55:36 +02:00
Daniel Stenberg
e3df610ada RELEASE-NOTES: start over towards 7.21.3 2010-10-13 00:21:00 +02:00
Daniel Stenberg
d371458348 RELEASE-NOTES: synced with ecd624b8e7 2010-10-12 23:30:35 +02:00
Daniel Stenberg
1998de9993 RELEASE-NOTES: synced with 61f4cdb73a 2010-10-08 23:20:26 +02:00
Daniel Stenberg
488f9545a2 RELEASE-NOTES: synced up to 588402585b 2010-10-01 00:03:17 +02:00
Dan Fandrich
7e1a45e224 Changed the TPF make file to get source files from Makefile.inc
Patch was fixed and validated by David McCreedy.
2010-09-27 17:47:20 -07:00
Daniel Stenberg
e991a3536d RELEASE-NOTES: sync with 8665d4e5 and c-ares >= 1.6.0 note 2010-09-21 22:29:21 +02:00
Daniel Stenberg
0e36bb71f2 RELEASE-NOTES: in sync with 19f45eaa79 2010-09-21 16:53:30 +02:00
Daniel Stenberg
95e230c591 RELEASE-NOTES: synced with 5fcc4332d6
Removed the duplicate entry of Kamil in the credits.
2010-09-21 00:02:10 +02:00
Daniel Stenberg
c47148f142 RELEASE-NOTES: sync from d2a7fd2fe6 to HEAD 2010-09-18 23:16:07 +02:00
Dan Fandrich
8e2f16e66f Link curl and the test apps with -lrt explicitly when necessary
When curl calls a function from that library then it needs to
explicitly link to the library instead of piggybacking on
libcurl's own dependency.  Without this, GNU ld with the
--no-add-needed flag fails when linking (which Fedora now does
by default).

Reported by: Quanah Gibson-Mount
Bug: http://curl.haxx.se/mail/lib-2010-09/0085.html
2010-09-11 17:08:23 -07:00
Daniel Stenberg
d2a7fd2fe6 RELEASE-NOTES: sync from b980c9a02 to HEAD 2010-08-25 17:17:12 +02:00
Daniel Stenberg
b980c9a027 multi: two fixes done 2010-08-15 13:56:00 +02:00
Kamil Dudka
5907777153 curl -T: ignore file size of special files
original bug report at https://bugzilla.redhat.com/622520
2010-08-15 11:26:13 +02:00
Daniel Stenberg
4342a2087a release cycle loop: start over toward 7.21.2 2010-08-11 23:57:44 +02:00
Daniel Stenberg
8249b0522d RELEASE-NOTES: mention the runtests fix as well 2010-08-11 23:35:02 +02:00
Daniel Stenberg
2596eb6d19 RELEASE-NOTES: synced, 3 additional bugfixes 2010-08-10 23:34:03 +02:00
Daniel Stenberg
15201da4ca RELEASE-NOTES: synced with recent changes 2010-08-07 00:24:04 +02:00
Daniel Stenberg
52beeb2c9f RELEASE-NOTES: synced with recent changes 2010-08-03 00:00:01 +02:00
Daniel Stenberg
c8d42b2f1c --retry: access violation with URL part sets continued
When getting multiple URLs, curl didn't properly reset the byte counter
after a successful transfer so if the subsequent transfer failed it
would wrongly use the previous byte counter and behave badly (segfault)
because of that. The code assumes that the byte counter and the 'stream'
pointer is well in synch.

Reported by: Jon Sargeant
Bug: http://curl.haxx.se/bug/view.cgi?id=3028241
2010-07-14 23:50:01 +02:00
Daniel Stenberg
84332b60b9 releasnote: synch up with commit f3b77e5611 2010-07-14 00:40:20 +02:00
Kamil Dudka
f3b77e5611 http_ntlm: add support for NSS
When configured with '--without-ssl --with-nss', NTLM authentication
now uses NSS crypto library for MD5 and DES.  For MD4 we have a local
implementation in that case.  More details are available at
https://bugzilla.redhat.com/603783

In order to get it working, curl_global_init() must be called with
CURL_GLOBAL_SSL or CURL_GLOBAL_ALL.  That's necessary because NSS needs
to be initialized globally and we do so only when the NSS library is
actually required by protocol.  The mentioned call of curl_global_init()
is responsible for creating of the initialization mutex.

There was also slightly changed the NSS initialization scenario, in
particular, loading of the NSS PEM module.  It used to be loaded always
right after the NSS library was initialized.  Now the library is
initialized as soon as any SSL or NTLM is required, while the PEM module
is prevented from being loaded until the SSL is actually required.
2010-06-30 13:12:25 +02:00
Daniel Stenberg
89924a897d glob: backslash escaping bug
curl didn't properly handle escaping characters in a URL with the use of
backslash. It did an attempt, but that failed as reported in bug
3022551. The described example was using the URL
"http://example.com?{AB,C\,D}".

I've now removed the special-handling of letters following the backslash
and I also removed the bad extra check that triggered this particular
bug.

Bug: http://curl.haxx.se/bug/view.cgi?id=3022551
Reported by: Jon Sargeant
2010-06-29 00:22:11 +02:00
Daniel Stenberg
bcefe839c7 release-notes: sync up with recent commits 2010-06-29 00:13:04 +02:00
Daniel Stenberg
7eecfb536a release: start on 7.21.1, bump contributor count 2010-06-16 14:29:16 +02:00
Constantine Sapuntzakis
a0dd9df9ab OpenSSL: fix spurious SSL connection aborts
Was seeing spurious SSL connection aborts using libcurl and
OpenSSL. I tracked it down to uncleared error state on the
OpenSSL error stack - patch attached deals with that.

Rough idea of problem:

Code that uses libcurl calls some library that uses OpenSSL but
don't clear the OpenSSL error stack after an error.

ssluse.c calls SSL_read which eventually gets an EWOULDBLOCK from
the OS. Returns -1 to indicate an error

ssluse.c calls SSL_get_error. First thing, SSL_get_error calls
ERR_get_error to check the OpenSSL error stack, finds an old
error and returns SSL_ERROR_SSL instead of SSL_ERROR_WANT_READ or
SSL_ERROR_WANT_WRITE.

ssluse.c returns an error and aborts the connection

Solution:

Clear the openssl error stack before calling SSL_* operation if
we're going to call SSL_get_error afterwards.

Notes:

This is much more likely to happen with multi because it's easier
to intersperse other calls to the OpenSSL library in the same
thread.
2010-06-05 23:41:58 +02:00
Frank Meier
8098d9417c getinfo: added *_PRIMARY_PORT, *_LOCAL_IP and *_LOCAL_PORT 2010-06-05 00:31:36 +02:00
Daniel Stenberg
605207a3a6 RELEASE-NOTES: add contributors not mentioned 2010-06-04 16:13:05 +02:00
Yang Tse
43d20d81a5 Enable OpenLDAP support for cygwin builds.
Enable OpenLDAP support for cygwin builds. This support was disabled back
in 2008 due to incompatibilities between OpenSSL and OpenLDAP headers.
cygwin's OpenSSL 0.9.8l and OpenLDAP 2.3.43 versions on cygwin 1.5.25
allow building an OpenLDAP enabled libcurl supporting back to Windows 95.

Remove non-functional CURL_LDAP_HYBRID code and references.
2010-06-04 15:14:31 +02:00
Daniel Stenberg
684830cb2a SSH: corrected the inability to respect the timeout
Jason McDonald posted bug report #3006786 when he found that the
SFTP code didn't timeout properly in several places in the code
even if a timeout was set properly.

Based on his suggested patch, I wrote a different implementation
that I think addressed the issue better and also uses the connect
timeout for the initial part of the SSH/SFTP done during the
"protocol connect" phase.

(http://curl.haxx.se/bug/view.cgi?id=3006786)
2010-06-02 23:33:51 +02:00
Daniel Stenberg
2c72732ebf multi_socket: handles timer inaccuracy better for timeouts
Igor Novoseltsev reported a problem with the multi socket API and
using timeouts and timers. It boiled down to a problem with
libcurl's use of GetTickCount() interally to figure out the
current time, while Igor's own application code used another
function call.

It made his app call the socket API timeout function a bit
_before_ libcurl would consider the timeout to trigger, and that
could easily lead to timeouts or stalls in the app. It seems
GetTickCount() in general often has no better resolution than
16ms and switching to the alternative function
QueryPerformanceCounter has its share of problems:
http://www.virtualdub.org/blog/pivot/entry.php?id=106

We address this problem by simply having libcurl treat timers
that already has occured or will occur within 40ms subject for
treatment. I'm confident that there are other implementations and
operating systems with similarly in accurate timer functions so
it makes sense to have applied generically and I don't believe we
sacrifice much by adding a 40ms inaccuracy on these timeouts.
2010-06-01 23:20:16 +02:00
Howard Chu
2e056353b0 LDAP: properly implemented as a curl_handler
makes the LDAP code much cleaner, nicer and in general being a
better libcurl citizen. If a new enough OpenLDAP version is
detect, the new and shiny lib/openldap.c code is then used
instead of the old cruft

Code by Howard, minor cleanups by Daniel.
2010-05-25 00:44:42 +02:00
Daniel Stenberg
0a29e2445c TFTP: block id wrap bug fix
In a normal expression, doing [unsigned short] + 1 will not wrap
at 16 bits so the comparisons and outputs were done wrong. I
added a macro do make sure it gets done right.

Douglas Kilpatrick filed bug report #3004787 about it:
http://curl.haxx.se/bug/view.cgi?id=3004787
2010-05-21 23:04:15 +02:00
Tor Arntsen
5f53c9d94a lib: Fix AIX build failure 2010-05-19 22:09:35 +02:00
Daniel Stenberg
aabd27d9aa TFTP: send timeout option correctly
Eric Mertens posted bug report #3003005 pointing out that the
libcurl TFTP code was not sending the timeout option properly to
the server, and suggested a fix.

(http://curl.haxx.se/bug/view.cgi?id=3003005)
2010-05-18 23:14:00 +02:00
Kamil Dudka
2ffe834bff ftp wildcard: a new option CURLOPT_FNMATCH_DATA 2010-05-16 02:52:33 +02:00
Daniel Stenberg
77cfeadfa6 OpenSSL: multi interface handshake could hang
John-Mark Bell filed bug #3000052 that identified a problem (with
an associated patch) with the OpenSSL handshake state machine
when the multi interface is used:

Performing an https request using a curl multi handle and using
select or epoll to wait for events results in a hang. It appears
that the cause is the fix for bug #2958179, which makes
ossl_connect_common unconditionally return from the step 2 loop
when fetching from a multi handle.

When ossl_connect_step2 has completed, it updates
connssl->connecting_state to ssl_connect_3. ossl_connect_common
will then return to the caller, as a multi handle is in
use. Eventually, the client code will call curl_multi_fdset to
obtain an updated fdset to select or epoll on. For https
requests, curl_multi_fdset will cause https_getsock to be called.
https_getsock will only return a socket handle if the
connecting_state is ssl_connect_2_reading or
ssl_connect_2_writing.  Therefore, the client will never obtain a
valid fdset, and thus not drive the multi handle, resulting in a
hang.

(http://curl.haxx.se/bug/view.cgi?id=3000052)
2010-05-14 22:35:08 +02:00
Daniel Stenberg
7764795c06 follow redirect: ignore response-body on redirect even if compressed
Sebastian V reported bug #3000056 identifying a problem with
redirect following. It showed that when curl followed redirects
it didn't properly ignore the response body of the 30X response
if that response was using compressed Content-Encoding!

(http://curl.haxx.se/bug/view.cgi?id=3000056)
2010-05-14 22:12:07 +02:00
Daniel Stenberg
46b9719bbb changelogs: mention RTMP and the FTP wildcard support 2010-05-13 00:00:55 +02:00
Kamil Dudka
016ce4b1da changelog: fixed CRL support in libcurl-NSS 2010-05-11 14:53:07 +02:00
Daniel Stenberg
adaf87530d multi interface: missed storing connection time
Dirk Manske reported a regression. When connecting with the multi
interface, there were situations where libcurl wouldn't store
connect time correctly as it used to (and is documented to) do.

Using his fine sample program we could repeat it, and I wrote up
test case 573 using that code. The problem does not easily show
itself using the local test suite though.

The fix, also as suggested by Dirk, is a bit on the ugly side as
it adds yet another call to Curl_verboseconnect() and setting the
TIMER_CONNECT time.  That situation is subject for some closer
inspection in the future.
2010-05-07 23:49:29 +02:00
Daniel Stenberg
aca0fff4e1 changelogs: split the I/O handling 2010-05-07 15:53:55 +02:00
Daniel Stenberg
cb6647ce1c changelog: PolarSSL 2010-05-05 22:36:15 +02:00
Daniel Stenberg
16f575ee6c changelog: mention Ben Greear's telnet work 2010-04-29 09:40:48 +02:00
Daniel Stenberg
79dc74e84d new configure option --enable-threaded-resolver 2010-04-25 23:24:05 +02:00
Kamil Dudka
82e9b78a38 nss: fix SSL handshake timeout underflow 2010-04-24 23:23:01 +02:00
Daniel Stenberg
9d6a394c44 RELEASE-NOTES: update top numbers 2010-04-24 12:23:47 +02:00
Daniel Stenberg
d7b82baf97 changelog: added the --proto and -proto-redir options 2010-04-24 12:19:42 +02:00
Daniel Stenberg
71be565cf4 curl: -O crash on windows
The -O option caused curl to crash on windows and DOS due to the
tool writing out of boundary memory.
2010-04-21 23:20:18 +02:00
Ruslan Gazizov
2164b6b463 replaced wsock32.lib usage with ws2_32.lib in MSVC makefiles 2010-04-20 16:30:10 +02:00
Daniel Stenberg
e5b3246d0a changelog: -J/--remote-header-name strips CRLF 2010-04-19 17:08:27 +02:00
Daniel Stenberg
0a4ccce054 changelog: GnuTLS: SSL handshake phase is non-blocking 2010-04-16 22:45:06 +02:00
Daniel Stenberg
0338994c6a changelog: GnuTLS fix, no reverse loopkups and fixed GSS detection 2010-04-16 15:33:10 +02:00
Daniel Stenberg
689b6929c3 changelog: prevent needless reverse name lookups 2010-04-15 13:11:25 +02:00
Daniel Stenberg
72411118ec bumped to start the journey towards 7.20.2 2010-04-14 17:34:26 +02:00
Daniel Stenberg
02892e4fd8 FTP quote commands prefixed with '*' now can fail without aborting
Prefixing the FTP quote commands with an asterisk really only
worked for the postquote actions. This is now fixed and test case
227 has been extended to verify.
2010-04-09 16:54:52 +02:00
Daniel Stenberg
78b284014b updated contributor count 2010-04-02 17:12:58 +02:00
Daniel Stenberg
49f3160d69 fix SFTP download hang
Matt Wixson found and fixed a bug in the SCP/SFTP area where the
code treated a 0 return code from libssh2 to be the same as
EAGAIN while in reality it isn't. The problem caused a hang in
SFTP transfers from a MessageWay server.
2010-04-01 22:39:15 +02:00
Daniel Stenberg
604a2bdac8 Ben's POP3 change 2010-03-28 23:52:37 +02:00
Daniel Stenberg
7784e3309d minor language fix 2010-03-27 23:05:06 +01:00
Ben Greear
0eda142e90 allow user+password in the URL for all protocols
Ben Greear brought a patch that from now on allows all protocols
to specify name and user within the URL, in the same manner HTTP
and FTP have been allowed to in the past - although far from all
of the libcurl supported protocols actually have that feature in
their URL definition spec.
2010-03-27 23:00:51 +01:00
Daniel Stenberg
2b0c2ac49c changelogged: smoother rate limiting 2010-03-26 23:35:24 +01:00
Bob Richmond
05632d5db9 fix: timeout after last data chunk was handled
Bob Richmond: There's an annoying situation where libcurl will
read new HTTP response data from a socket, then check if it's a
timeout if one is set. If the last packet received constitutes
the end of the response body, libcurl still treats it as a
timeout condition and reports a message like:

"Operation timed out after 3000 milliseconds with 876 out of 876
bytes received"

It should only a timeout if the timer lapsed and we DIDN'T
receive the end of the response body yet.
2010-03-24 17:02:17 +01:00
Daniel Stenberg
9828b926ae RTSP GET_PARAMETER fix
Christopher Conroy fixed a problem with RTSP and GET_PARAMETER
reported to us by Massimo Callegari. There's a new test case 572
that verifies this now.
2010-03-24 13:28:02 +01:00
Daniel Stenberg
dd0c31ce38 The 'ares' subtree has been removed from the source repository 2010-03-24 10:47:48 +01:00
Daniel Stenberg
4b351d018e mark connection as connected
Kenny To filed the bug report #2963679 with patch to fix a
problem he experienced with doing multi interface HTTP POST over
a proxy using PROXYTUNNEL. He found a case where it would connect
fine but bits.tcpconnect was not set correct so libcurl didn't
work properly.

(http://curl.haxx.se/bug/view.cgi?id=2963679)
2010-03-23 23:30:39 +01:00
Daniel Stenberg
7fd32ce73d chunked-encoding with Content-Length: header problem
Akos Pasztory filed debian bug report #572276
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572276
mentioning a problem with a resource that returns chunked-encoded
_and_ with a Content-Length and libcurl failed to properly ignore
the latter information.
2010-03-23 15:26:45 +01:00
Daniel Stenberg
2a94293efd delayed easy handle kill caused double Curl_close() call
Hauke Duden provided an example program that made the multi
interface crash.  His example simply used the multi interface and
did first one FTP transfer and after completion it used a second
easy handle and did another FTP transfer on the same FTP server.

This triggered a bug in the "delayed easy handle kill" system
that curl uses: when an FTP connection is left alive it must keep
an easy handle around internally - only for the purpose of having
an easy handle when it later disconnects it. The code assumed
that when the easy handle was removed and an internal reference
was made, that version could be killed later on when a new easy
handle came using the same connection. This was wrong as Hauke's
example showed that the removed handle wasn't killed for real
until later. This caused a double close attempt => segfault.
2010-03-23 13:18:30 +01:00
Daniel Stenberg
d4cd5411a6 Thomas Lopatic fixed the alarm()-based DNS timeout 2010-03-22 22:00:55 +01:00
douglas steinwand
abcea311e3 Fix insufficient initialization in Curl_clone_ssl_config()
which could have caused a double free when reusing curl handle.
2010-03-22 09:25:03 +01:00
Daniel Stenberg
3d3900f032 Ben Greear's two fixes explained 2010-03-21 23:34:29 +01:00
Daniel Stenberg
733f794cb8 - Constantine Sapuntzakis brought a patch:
The problem mentioned on Dec 10 2009
  (http://curl.haxx.se/bug/view.cgi?id=2905220) was only partially fixed.
  Partially because an easy handle can be associated with many connections in
  the cache (e.g. if there is a redirect during the lifetime of the easy
  handle).  The previous patch only cleaned up the first one. The new fix now
  removes the easy handle from all connections, not just the first one.
2010-03-15 22:40:42 +00:00
Daniel Stenberg
e262aaae2b - Ben Greear brought a patch that fixed the rate limiting logic for TFTP when
the easy interface was used.
2010-03-06 18:42:06 +00:00
Daniel Stenberg
f5d8c0befc Daniel Johnson provided fixes for building with the clang compiler 2010-03-05 22:53:30 +00:00
Yang Tse
f4551a9678 Constantine Sapuntzakis detected and fixed a double free in builds done
with threaded resolver enabled (Windows default configuration) that would
get triggered when a curl handle is closed while doing DNS resolution.
2010-03-05 03:15:19 +00:00
Daniel Stenberg
013d5a72d4 - [Daniel Johnson] I've been trying to build libcurl with clang on Darwin and
ran into some issues with the GSSAPI tests in configure.ac. The tests first
  try to determine the include dirs and libs and set CPPFLAGS and LIBS
  accordingly. It then checks for the headers and finally sets LIBS a second
  time, causing the libs to be included twice. The first setting of LIBS seems
  redundant and should be left out, since the first part is otherwise just
  about finding headers.

  My second issue is that 'krb5-config --libs gssapi' on Darwin is less than
  useless and returns junk that, while it happens to work with gcc, causes
  clang to choke. For example, --libs returns $CFLAGS along with the libs,
  which is really retarded. Simply setting 'LIBS="$LIBS -lgssapi_krb5
  -lresolv"' on Darwin is sufficient.
2010-03-02 22:02:56 +00:00
Daniel Stenberg
9b2cce236f - Based on patch provided by Jacob Moshenko, the transfer logic now properly
makes sure that when using sub-second timeouts, there's no final bad 1000ms
  wait. Previously, a sub-second timeout would often make the elapsed time end
  up the time rounded up to the nearest second (e.g. 1s for 200ms timeout)
2010-03-02 21:20:22 +00:00
Daniel Stenberg
6bf071df7e - Andrei Benea filed bug report #2956698 and pointed out that the
CURLOPT_CERTINFO feature leaked memory due to a missing OpenSSL function
  call. He provided the patch to fix it too.

  http://curl.haxx.se/bug/view.cgi?id=2956698
2010-03-02 13:41:18 +00:00
Daniel Stenberg
7c028a8332 - Markus Duft pointed out in bug #2961796 that even though Interix has a
poll() function it doesn't quite work the way we want it so we must disable
  it, and he also provided a patch for it.

  http://curl.haxx.se/bug/view.cgi?id=2961796
2010-03-02 13:34:57 +00:00