1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-16 22:45:03 -05:00
Commit Graph

6589 Commits

Author SHA1 Message Date
Daniel Stenberg
0d1b754376 curl_easy_perform: Value stored to 'mcode' is never read
pointed out by clang-analyzer
2013-02-05 14:09:18 +01:00
Daniel Stenberg
4cd027f17e singleipconnect: remove dead assignment
pointed out by clang-analyzer
2013-02-05 14:07:39 +01:00
Linus Nielsen Feltzing
bd1f170a5a CURLMOPT_MAXCONNECTS: restore functionality
When a connection is no longer used, it is kept in the cache. If the
cache is full, the oldest idle connection is closed. If no connection is
idle, the current one is closed instead.
2013-02-05 09:17:52 +01:00
Steve Holme
022e67294e email: Provided extra comments following recent pop3/imap fixes
Provided additional clarification about the logic of the authenticate()
functions following commit 6b6bdc83bd and b4270a9af1.
2013-02-04 23:51:36 +00:00
Steve Holme
e1cd753e4d pop3.c: Updated variable names to use shorter / more readable variant
Tidied up code from commit 6b6bdc83bdUpdated where a few instances of
the pop3c struct variable used the longer conndata struct rather than
matching what other code in pop3_authenticate() used.
2013-02-04 20:33:30 +00:00
Steve Holme
b4270a9af1 imap: Fixed no known authentication mechanism when fallback is required
Fixed an issue where (lib)curl is compiled without support for a
supported challenge-response based SASL authentication mechanism, such
as CRAM-MD5 or NTLM, the server doesn't support the LOGIN or PLAIN
mechanisms and (lib)curl doesn't fallback to Clear Text authentication.

Note: In order to fallback to Clear Text authentication properly this
fix adds support for the LOGINDISABLED server capability.
imap: Fixed no known authentication mechanism when fallback is required

Fixed an issue where (lib)curl is compiled without support for a
supported challenge-response based SASL authentication mechanism, such
as CRAM-MD5 or NTLM, the server doesn't support the LOGIN or PLAIN
mechanisms and (lib)curl doesn't fallback to Clear Text authentication.

Note: In order to fallback to Clear Text authentication properly this
fix adds support for the LOGINDISABLED server capability.

Related bug: http://curl.haxx.se/mail/lib-2013-02/0004.html
Reported by: Stanislav Ivochkin
2013-02-03 23:58:03 +00:00
Steve Holme
6b6bdc83bd pop3: Fixed no known authentication mechanism when fallback is required
Fixed an issue where (lib)curl is compiled without support for a
supported challenge-response based SASL authentication mechanism, such
as CRAM-MD5 or NTLM, the server doesn't support the LOGIN or PLAIN
mechanisms and (lib)curl doesn't fallback to APOP or Clear Text
authentication.

Bug: http://curl.haxx.se/mail/lib-2013-02/0004.html
Reported by: Stanislav Ivochkin
2013-02-03 21:43:08 +00:00
Daniel Stenberg
56b7c87c74 singleipconnect: simplify and clean up
Remove timeout argument that's never used.

Make the actual connection get detected on a single spot to reduce code
duplication.

Store the IPv6 state already when the connection is attempted.
2013-02-01 08:16:08 +01:00
Daniel Stenberg
32e8467a66 Curl_perfom: removed
Curl_perfom is no longer used anywhere since the always-multi commit
c43127414d, and some related functions were used only from within
Curl_perfom.
2013-02-01 08:14:46 +01:00
Nick Zitzmann
163a1dca5f darwinssl: Fix bug where packets were sometimes transmitted twice
There was a bug where, if SSLWrite() returned errSSLWouldBlock but did
succeed in transmitting at least something, then we'd incorrectly
resend the packet. Now we never take errSSLWouldBlock as a sign that
nothing was transferred to/from the server.

Bug: http://curl.haxx.se/mail/lib-2013-01/0295.html
Reported by: Bruno de Carvalho
2013-01-29 09:05:59 +01:00
Guenter Knauf
0494da830b Updated dependency libs. 2013-01-28 01:25:39 +01:00
Steve Holme
0e5e720c19 smtp.c: Fixed unnecessary state change if starttls fails
The state machine should only be changed to SMTP_STARTTLS when the
STARTTLS command has been successfully sent to the server.
2013-01-27 10:44:21 +00:00
Steve Holme
3dbf11d0a1 pop3.c: Fixed unnecessary state change if starttls fails
The state machine should only be changed to POP3_STARTTLS when the
STLS command has been successfully sent to the server.
2013-01-27 10:42:32 +00:00
Steve Holme
499e30c4bb imap.c: Fixed unnecessary state change if starttls fails
The state machine should only be changed to IMAP_STARTTLS when the
STARTTLS command has been successfully sent to the server.
2013-01-27 10:41:10 +00:00
Steve Holme
73fae58132 email: Updated comment regarding ssldone usage
Updated the ssldone comment as multi mode is always used internally now.
2013-01-26 15:06:44 +00:00
Steve Holme
d9c3505e83 smtp.c: Added comments to smtp_endofresp()
Minor code tidy up to add comments similar to those used in the pop3
and imap end of resp functions, in order to assist anyone reading the
code and highlight the similarities between each of these protocols.
2013-01-25 22:14:21 +00:00
Steve Holme
fda0f14f73 smtp.c: Corrected RFC references
The most recent version of the SMTP RFC is RFC5321 and not RFC2821 as
previously documented.

Added RFC1870 and re-ordered list numerically.
2013-01-24 23:41:57 +00:00
Steve Holme
f8ba1273af smtp.c: Fixed failure detection during TLS upgrade
smtp_state_upgrade_tls() would attempt to incorrectly complete the
upgrade to smtps and start the EHLO command if
Curl_ssl_connect_nonblocking() returned a failure code and if ssldone
was set to TRUE. This would only happen when a non-blocking API hadn't
been provided by the SSL implementation and curlssl_connect() was
called underneath.
2013-01-24 20:27:43 +00:00
Steve Holme
8b275718e2 pop3.c: Fixed failure detection during TLS upgrade
pop3_state_upgrade_tls() would attempt to incorrectly complete the
upgrade to pop3s and start the CAPA command if
Curl_ssl_connect_nonblocking() returned a failure code and if ssldone
was set to TRUE. This would only happen when a non-blocking API hadn't
been provided by the SSL implementation and curlssl_connect() was
called underneath.
2013-01-24 20:24:39 +00:00
Steve Holme
379d63ecc7 imap.c: Fixed failure detection during TLS upgrade
imap_state_upgrade_tls() would attempt to incorrectly complete the
upgrade to imaps and start the CAPABILITY command if
Curl_ssl_connect_nonblocking() returned a failure code and if ssldone
was set to TRUE. This would only happen when a non-blocking API hadn't
been provided by the SSL implementation and curlssl_connect() was
called underneath.
2013-01-24 20:22:20 +00:00
Steve Holme
6a55f25f67 email: Removed unnecessary return statements
Small tidy up to remove unnecessary return statements prior to the next
fix.
2013-01-23 21:59:56 +00:00
Steve Holme
de991037e4 curl_sasl.c: Corrected references to RFC
The most recent version of the RFC is RFC4422 and not RFC2222 as
previously documented.
2013-01-22 22:02:30 +00:00
Steve Holme
56d4de468c email: Corrected references to SASL RFC
The most recent version of the SASL RFC is RFC4422 and not RFC2222 as
previously documented.
2013-01-22 18:37:12 +00:00
Ulion
2698520aef formpost: support quotes, commas and semicolon in file names
- document the double-quote and backslash need be escaped if quoting.
- libcurl formdata escape double-quote in filename by backslash.
- curl formparse can parse filename both contains '"' and ',' or ';'.
- curl now can uploading file with ',' or ';' in filename.

Bug: http://curl.haxx.se/bug/view.cgi?id=1171
2013-01-22 15:43:29 +01:00
Steve Holme
e5ea45ec2e pop3.c: Fixed conditional compilation of the apop response function
Extended the fix from commit 8b15c84ea9 to additionally exclude
pop3_state_apop_resp() if the CURL_DISABLE_CRYPTO_AUTH flag is
defined.
2013-01-20 11:09:53 +00:00
Daniel Stenberg
f4cc54cb47 formadd: reject trying to read a directory where a file is expected
Bug: http://curl.haxx.se/mail/archive-2013-01/0017.html
Reported by: Ulrich Doehner
2013-01-19 23:08:12 +01:00
Steve Holme
ece8681a60 email: General code tidy up
Corrected some function argument definitions to maximize the 80
character line length limit and be in keeping with the curl
coding style.
2013-01-19 09:49:17 +00:00
Steve Holme
7b5be79908 pop3.c: Fixed a problem with pop3s connections not connecting properly
Fixed an issue where Curl_ssl_connect_nonblocking() wouldn't complete
correctly and the ssldone flag wouldn't be set to true for pop3s based
connections.

Bug introduced in commit: 4ffb8a6398.
2013-01-18 21:55:19 +00:00
Daniel Stenberg
c43127414d always-multi: always use non-blocking internals
Remove internal separated behavior of the easy vs multi intercace.
curl_easy_perform() is now using the multi interface itself.

Several minor multi interface quirks and bugs have been fixed in the
process.

Much help with debugging this has been provided by: Yang Tse
2013-01-17 19:40:35 +01:00
Yang Tse
9fd88abb70 url.c: fix HTTP CONNECT tunnel establishment upon delayed response
Fixes initial proxy response being processed by the tunneled protocol
handler instead of the HTTP wrapper handler. This issue would trigger
upon delayed CONNECT response from the proxy.

Additionally fixes a multi interface code-path in which connections
would not time out properly.

This does not fix known bug #39.

URL: http://curl.haxx.se/mail/lib-2013-01/0191.html
2013-01-17 17:07:19 +01:00
Daniel Stenberg
533c31b785 FTP: reject illegal port numbers in EPSV 229 responses 2013-01-15 22:35:48 +01:00
Kamil Dudka
26613d7817 nss: fix error messages for CURLE_SSL_{CACERT,CRL}_BADFILE
Do not use the error messages from NSS for errors not occurring in NSS.
2013-01-15 13:20:56 +01:00
Daniel Stenberg
600cbaca6f Curl_resolver_getsock: fix the function description comment
It referred to it by the wrong name and said it returned the wrong value.

Reported by: Gisle Vanem
2013-01-12 22:33:38 +01:00
Kamil Dudka
b36f1d26f8 nss: clear session cache if a client cert from file is used
This commit fixes a regression introduced in 052a08ff.

NSS caches certs/keys returned by the SSL_GetClientAuthDataHook callback
and if we connect second time to the same server, the cached cert/key
pair is used.  If we use multiple client certificates for different
paths on the same server, we need to clear the session cache to force
NSS to call the hook again.  The commit 052a08ff prevented the session
cache from being cleared if a client certificate from file was used.

The condition is now fixed to cover both cases: consssl->client_nickname
is not NULL if a client certificate from the NSS database is used and
connssl->obj_clicert is not NULL if a client certificate from file is
used.

Review by: Kai Engert
2013-01-11 10:59:11 +01:00
Yang Tse
a9ca5e61e5 sockfilt.c: fix some W64 compiler warnings 2013-01-09 22:23:49 +01:00
Yang Tse
5a053ffe80 build: fix circular header inclusion with other packages
This commit renames lib/setup.h to lib/curl_setup.h and
renames lib/setup_once.h to lib/curl_setup_once.h.

Removes the need and usage of a header inclusion guard foreign
to libcurl. [1]

Removes the need and presence of an alarming notice we carried
in old setup_once.h [2]

----------------------------------------

1 - lib/setup_once.h used __SETUP_ONCE_H macro as header inclusion guard
    up to commit ec691ca3 which changed this to HEADER_CURL_SETUP_ONCE_H,
    this single inclusion guard is enough to ensure that inclusion of
    lib/setup_once.h done from lib/setup.h is only done once.

    Additionally lib/setup.h has always used __SETUP_ONCE_H macro to
    protect inclusion of setup_once.h even after commit ec691ca3, this
    was to avoid a circular header inclusion triggered when building a
    c-ares enabled version with c-ares sources available which also has
    a setup_once.h header. Commit ec691ca3 exposes the real nature of
    __SETUP_ONCE_H usage in lib/setup.h, it is a header inclusion guard
    foreign to libcurl belonging to c-ares's setup_once.h

    The renaming this commit does, fixes the circular header inclusion,
    and as such removes the need and usage of a header inclusion guard
    foreign to libcurl. Macro __SETUP_ONCE_H no longer used in libcurl.

2 - Due to the circular interdependency of old lib/setup_once.h and the
    c-ares setup_once.h header, old file lib/setup_once.h has carried
    back from 2006 up to now days an alarming and prominent notice about
    the need of keeping libcurl's and c-ares's setup_once.h in sync.

    Given that this commit fixes the circular interdependency, the need
    and presence of mentioned notice is removed.

    All mentioned interdependencies come back from now old days when
    the c-ares project lived inside a curl subdirectory. This commit
    removes last traces of such fact.
2013-01-09 00:49:50 +01:00
Steve Holme
4ffb8a6398 pop3: Added support for non-blocking SSL upgrade
Added support for asynchronous SSL upgrade when using the
multi-interface.
2013-01-08 11:31:48 +00:00
Steve Holme
905d0be509 imap.c: Small tidy up to add missing comment 2013-01-07 18:07:04 +00:00
Steve Holme
fd3efca164 imap: Added support for sasl digest-md5 authentication 2013-01-07 11:01:05 +00:00
Steve Holme
825677ad09 imap: Added support for sasl cram-md5 authentication 2013-01-07 07:35:49 +00:00
Steve Holme
f6e33cf669 imap: Added support for sasl ntlm authentication 2013-01-07 02:47:12 +00:00
Steve Holme
4e6265ea5a imap: Added support for sasl login authentication 2013-01-06 23:14:18 +00:00
Steve Holme
494b8664da pop3.c: Fixed default authentication detection
Fixed an issue where a server may positively respond to the CAPA command
but not list clear text as a valid authentication type.
2013-01-06 23:06:29 +00:00
Steve Holme
d6bebd56f7 curl_sasl.c: Small code tidy up following imap changes 2013-01-06 22:32:33 +00:00
Steve Holme
70dcde78d0 smtp.c: Small code tidy up following imap changes 2013-01-06 22:32:05 +00:00
Steve Holme
89a3086231 pop3.c: Small code tidy up following imap changes 2013-01-06 22:31:21 +00:00
Steve Holme
cfb6f03224 imap: Added support for sasl plain text authentication 2013-01-06 22:25:14 +00:00
Steve Holme
dd561c3834 imap: Introduced the continue response in imap_endofresp() 2013-01-06 20:29:19 +00:00
Steve Holme
db20517796 imap: Added support for SASL based authentication mechanism detection
Added support for detecting the supported SASL authentication mechanisms
via the CAPABILITY command.
2013-01-06 19:13:58 +00:00
Yang Tse
4a5aa6682d Revert changes relative to lib/*.[ch] recent renaming
This reverts renaming and usage of lib/*.h header files done
28-12-2012, reverting 2 commits:

  f871de0... build: make use of 76 lib/*.h renamed files
  ffd8e12... build: rename 76 lib/*.h files

This also reverts removal of redundant include guard (redundant thanks
to changes in above commits) done 2-12-2013, reverting 1 commit:

  c087374... curl_setup.h: remove redundant include guard

This also reverts renaming and usage of lib/*.c source files done
3-12-2013, reverting 3 commits:

  13606bb... build: make use of 93 lib/*.c renamed files
  5b6e792... build: rename 93 lib/*.c files
  7d83dff... build: commit 13606bbfde follow-up 1

Start of related discussion thread:

  http://curl.haxx.se/mail/lib-2013-01/0012.html

Asking for confirmation on pushing this revertion commit:

  http://curl.haxx.se/mail/lib-2013-01/0048.html

Confirmation summary:

  http://curl.haxx.se/mail/lib-2013-01/0079.html

NOTICE: The list of 2 files that have been modified by other
intermixed commits, while renamed, and also by at least one
of the 6 commits this one reverts follows below. These 2 files
will exhibit a hole in history unless git's '--follow' option
is used when viewing logs.

  lib/curl_imap.h
  lib/curl_smtp.h
2013-01-06 18:20:27 +01:00
Daniel Stenberg
cc4ac82bb6 mk-ca-bundle: add -f, support passing to stdout and more
1. When the downloaded data file from Mozilla is current, but the output
bundle does not exist: continue processing to create the bundle.  The
goal is to have the output file - not just download the latest input.

2. added -f option to force re-processing the file.  Useful for
debugging/testing the process.

3. added support for output to '-' (stdout), allowing the output to be
piped.

4. All progress and error messages go to STDERR rather than STDOUT (3)

5. The script opened and closed the output file many times
unnecessarily.  It now opens it once, does the output and closes it.

6. Backup of the input files happens after successful processing, not
before.

7. The output is written to a temporary file, and renamed to the
requested name after backup - this greatly reduces the window where the
file can be seen partially written.

8. all die calls have a \n at the end to suppress perl's traceback - the
traceback isn't useful to end users.

Patch: http://curl.haxx.se/mail/lib-2013-01/0045.html
2013-01-05 23:51:12 +01:00
Yang Tse
0b3180b4f5 test 1222: 8 chars object name generation && test 1221: adjustments 2013-01-03 19:24:00 +01:00
Yang Tse
7d83dfff9c build: commit 13606bbfde follow-up 1 2013-01-03 10:54:18 +01:00
Yang Tse
5b6e7927c6 build: rename 93 lib/*.c files
93 lib/*.c source files renamed to use our standard naming scheme.

This commit only does the file renaming.

----------------------------------------

  renamed:    lib/amigaos.c -> lib/curl_amigaos.c
  renamed:    lib/asyn-ares.c -> lib/curl_asyn_ares.c
  renamed:    lib/asyn-thread.c -> lib/curl_asyn_thread.c
  renamed:    lib/axtls.c -> lib/curl_axtls.c
  renamed:    lib/base64.c -> lib/curl_base64.c
  renamed:    lib/bundles.c -> lib/curl_bundles.c
  renamed:    lib/conncache.c -> lib/curl_conncache.c
  renamed:    lib/connect.c -> lib/curl_connect.c
  renamed:    lib/content_encoding.c -> lib/curl_content_encoding.c
  renamed:    lib/cookie.c -> lib/curl_cookie.c
  renamed:    lib/cyassl.c -> lib/curl_cyassl.c
  renamed:    lib/dict.c -> lib/curl_dict.c
  renamed:    lib/easy.c -> lib/curl_easy.c
  renamed:    lib/escape.c -> lib/curl_escape.c
  renamed:    lib/file.c -> lib/curl_file.c
  renamed:    lib/fileinfo.c -> lib/curl_fileinfo.c
  renamed:    lib/formdata.c -> lib/curl_formdata.c
  renamed:    lib/ftp.c -> lib/curl_ftp.c
  renamed:    lib/ftplistparser.c -> lib/curl_ftplistparser.c
  renamed:    lib/getenv.c -> lib/curl_getenv.c
  renamed:    lib/getinfo.c -> lib/curl_getinfo.c
  renamed:    lib/gopher.c -> lib/curl_gopher.c
  renamed:    lib/gtls.c -> lib/curl_gtls.c
  renamed:    lib/hash.c -> lib/curl_hash.c
  renamed:    lib/hmac.c -> lib/curl_hmac.c
  renamed:    lib/hostasyn.c -> lib/curl_hostasyn.c
  renamed:    lib/hostcheck.c -> lib/curl_hostcheck.c
  renamed:    lib/hostip.c -> lib/curl_hostip.c
  renamed:    lib/hostip4.c -> lib/curl_hostip4.c
  renamed:    lib/hostip6.c -> lib/curl_hostip6.c
  renamed:    lib/hostsyn.c -> lib/curl_hostsyn.c
  renamed:    lib/http.c -> lib/curl_http.c
  renamed:    lib/http_chunks.c -> lib/curl_http_chunks.c
  renamed:    lib/http_digest.c -> lib/curl_http_digest.c
  renamed:    lib/http_negotiate.c -> lib/curl_http_negotiate.c
  renamed:    lib/http_negotiate_sspi.c -> lib/curl_http_negotiate_sspi.c
  renamed:    lib/http_proxy.c -> lib/curl_http_proxy.c
  renamed:    lib/idn_win32.c -> lib/curl_idn_win32.c
  renamed:    lib/if2ip.c -> lib/curl_if2ip.c
  renamed:    lib/imap.c -> lib/curl_imap.c
  renamed:    lib/inet_ntop.c -> lib/curl_inet_ntop.c
  renamed:    lib/inet_pton.c -> lib/curl_inet_pton.c
  renamed:    lib/krb4.c -> lib/curl_krb4.c
  renamed:    lib/krb5.c -> lib/curl_krb5.c
  renamed:    lib/ldap.c -> lib/curl_ldap.c
  renamed:    lib/llist.c -> lib/curl_llist.c
  renamed:    lib/md4.c -> lib/curl_md4.c
  renamed:    lib/md5.c -> lib/curl_md5.c
  renamed:    lib/memdebug.c -> lib/curl_memdebug.c
  renamed:    lib/mprintf.c -> lib/curl_mprintf.c
  renamed:    lib/multi.c -> lib/curl_multi.c
  renamed:    lib/netrc.c -> lib/curl_netrc.c
  renamed:    lib/non-ascii.c -> lib/curl_non_ascii.c
  renamed:    lib/curl_non-ascii.h -> lib/curl_non_ascii.h
  renamed:    lib/nonblock.c -> lib/curl_nonblock.c
  renamed:    lib/nss.c -> lib/curl_nss.c
  renamed:    lib/nwlib.c -> lib/curl_nwlib.c
  renamed:    lib/nwos.c -> lib/curl_nwos.c
  renamed:    lib/openldap.c -> lib/curl_openldap.c
  renamed:    lib/parsedate.c -> lib/curl_parsedate.c
  renamed:    lib/pingpong.c -> lib/curl_pingpong.c
  renamed:    lib/polarssl.c -> lib/curl_polarssl.c
  renamed:    lib/pop3.c -> lib/curl_pop3.c
  renamed:    lib/progress.c -> lib/curl_progress.c
  renamed:    lib/qssl.c -> lib/curl_qssl.c
  renamed:    lib/rawstr.c -> lib/curl_rawstr.c
  renamed:    lib/rtsp.c -> lib/curl_rtsp.c
  renamed:    lib/security.c -> lib/curl_security.c
  renamed:    lib/select.c -> lib/curl_select.c
  renamed:    lib/sendf.c -> lib/curl_sendf.c
  renamed:    lib/share.c -> lib/curl_share.c
  renamed:    lib/slist.c -> lib/curl_slist.c
  renamed:    lib/smtp.c -> lib/curl_smtp.c
  renamed:    lib/socks.c -> lib/curl_socks.c
  renamed:    lib/socks_gssapi.c -> lib/curl_socks_gssapi.c
  renamed:    lib/socks_sspi.c -> lib/curl_socks_sspi.c
  renamed:    lib/speedcheck.c -> lib/curl_speedcheck.c
  renamed:    lib/splay.c -> lib/curl_splay.c
  renamed:    lib/ssh.c -> lib/curl_ssh.c
  renamed:    lib/sslgen.c -> lib/curl_sslgen.c
  renamed:    lib/ssluse.c -> lib/curl_ssluse.c
  renamed:    lib/strdup.c -> lib/curl_strdup.c
  renamed:    lib/strequal.c -> lib/curl_strequal.c
  renamed:    lib/strerror.c -> lib/curl_strerror.c
  renamed:    lib/strtok.c -> lib/curl_strtok.c
  renamed:    lib/strtoofft.c -> lib/curl_strtoofft.c
  renamed:    lib/telnet.c -> lib/curl_telnet.c
  renamed:    lib/tftp.c -> lib/curl_tftp.c
  renamed:    lib/timeval.c -> lib/curl_timeval.c
  renamed:    lib/transfer.c -> lib/curl_transfer.c
  renamed:    lib/url.c -> lib/curl_url.c
  renamed:    lib/version.c -> lib/curl_version.c
  renamed:    lib/warnless.c -> lib/curl_warnless.c
  renamed:    lib/wildcard.c -> lib/curl_wildcard.c

----------------------------------------
2013-01-03 06:13:18 +01:00
Yang Tse
13606bbfde build: make use of 93 lib/*.c renamed files
93 *.c source files renamed to use our standard naming scheme.

This change affects 77 files in libcurl's source tree.
2013-01-03 05:50:26 +01:00
Yang Tse
c087374c64 curl_setup.h: remove redundant include guard 2013-01-02 22:27:36 +01:00
Yang Tse
dfe4769157 build and tests: curl_10char_object_name() shell function
lib/objnames.inc provides definition of curl_10char_object_name() shell
function. The intended purpose of this function is to transliterate a
(*.c) source file name that may be longer than 10 characters, or not,
into a string with at most 10 characters which may be used as an OS/400
object name.

Test case 1221 does unit testng of this function and also verifies
that it is possible to generate distinct short object names for all
curl and libcurl *.c source file names.

lib/objnames-test.sh is the shell script used for test case 1221.

tests/runtests.pl modified to accept shell script test cases.

More details inside lib/objnames.inc and lib/objnames-test.sh
2013-01-02 20:15:50 +01:00
Steve Holme
d86503ea82 imap.c: Minor follow up tidy up 2012-12-30 12:46:45 +00:00
Steve Holme
bd8ae68006 imap: Code tidy up prior to adding support for the CAPABILITY command
* Changing the order of the state machine to represent the order in
  which commands are sent to the server.

* Reworking the imap_endofresp() function as the FETCH response doesn't
  include the command id and shouldn't be part of the length comparison
  that takes into account the id string.
2012-12-30 12:44:09 +00:00
Steve Holme
c02449ca53 pop3_doing: Applied debug info message when function fails
Applied the same debug message as used in smtp_doing() and imap_doing()
when pop3_multi_statemach() fails.
2012-12-29 23:26:17 +00:00
Steve Holme
1576548428 imap_doing: don't call imap_dophase_done() if already failed
Applied the POP3 fix from commit 2897ce7dc2 so imap_dophase_done()
isn't called if imap_multi_statemach() fails.
2012-12-29 23:15:05 +00:00
Steve Holme
36837c10b2 smtp_doing: don't call smtp_dophase_done() if already failed
Applied the POP3 fix from commit 2897ce7dc2 so smtp_dophase_done()
isn't called if smtp_multi_statemach() fails.
2012-12-29 23:06:25 +00:00
Steve Holme
2424b7ab1b pop3.c: Removed unnecessary POP3_STOP state changes
Removed unnecessary state changes in pop3_state_starttls_resp()
following previous fix in IMAP module.
2012-12-29 19:39:06 +00:00
Steve Holme
c43af566fa smtp.c: Added extra comments around SMTP_STOP state change
Provided extra comments in the SMTP module following previous IMAP fix.
2012-12-29 19:28:32 +00:00
Steve Holme
488245f99c imap.c: Fixed bad state error when logging in with invalid credentials
Fixed a problem with the state machine when attempting to log in with
invalid credentials. The server would report login failure but libcurl
would not read the response due to inappropriate IMAP_STOP states being
set after the login was sent.
2012-12-29 19:23:10 +00:00
Yang Tse
27f90c0962 imap.c: remove trailing whitespace 2012-12-29 00:59:11 +01:00
Steve Holme
ffa62e5bab imap.c: Code tidy up - Part 2 2012-12-28 21:41:28 +00:00
Steve Holme
2255ac52f7 imap.c: Code tidy up - Part 1
Applied some of the comment and layout changes that had already been
applied to the pop3 and smtp code over the last 6 to 9 months.

This is in preparation of adding SASL based authentication.
2012-12-28 21:24:36 +00:00
Steve Holme
b3204e6d60 pop3.c: Minor code tidy up
Minor tidy up of comments and layout prior to next part of imap work.
2012-12-28 20:30:04 +00:00
Steve Holme
f6f6f278e2 smtp: Minor code tidy up
Minor tidy up of comments and layout prior to next part of imap work.
2012-12-28 20:22:33 +00:00
Steve Holme
167717b806 curl_imap.h: Tidy up of comments to be more readable 2012-12-28 19:59:14 +00:00
Steve Holme
8177bc262f imap.c: Code tidy up renaming imapsendf() to imap_sendf()
Renamed imapsendf() to imap_sendf() to be more in keeping with the
other imap functions as well as Curl_pp_sendf() that it replaces.
2012-12-28 19:48:00 +00:00
Yang Tse
ffd8e127e7 build: rename 76 lib/*.h files
76 private header files renamed to use our standard naming scheme.

This commit only does the file renaming.

----------------------------------------

  renamed:    amigaos.h -> curl_amigaos.h
  renamed:    arpa_telnet.h -> curl_arpa_telnet.h
  renamed:    asyn.h -> curl_asyn.h
  renamed:    axtls.h -> curl_axtls.h
  renamed:    bundles.h -> curl_bundles.h
  renamed:    conncache.h -> curl_conncache.h
  renamed:    connect.h -> curl_connect.h
  renamed:    content_encoding.h -> curl_content_encoding.h
  renamed:    cookie.h -> curl_cookie.h
  renamed:    cyassl.h -> curl_cyassl.h
  renamed:    dict.h -> curl_dict.h
  renamed:    easyif.h -> curl_easyif.h
  renamed:    escape.h -> curl_escape.h
  renamed:    file.h -> curl_file.h
  renamed:    fileinfo.h -> curl_fileinfo.h
  renamed:    formdata.h -> curl_formdata.h
  renamed:    ftp.h -> curl_ftp.h
  renamed:    ftplistparser.h -> curl_ftplistparser.h
  renamed:    getinfo.h -> curl_getinfo.h
  renamed:    gopher.h -> curl_gopher.h
  renamed:    gtls.h -> curl_gtls.h
  renamed:    hash.h -> curl_hash.h
  renamed:    hostcheck.h -> curl_hostcheck.h
  renamed:    hostip.h -> curl_hostip.h
  renamed:    http.h -> curl_http.h
  renamed:    http_chunks.h -> curl_http_chunks.h
  renamed:    http_digest.h -> curl_http_digest.h
  renamed:    http_negotiate.h -> curl_http_negotiate.h
  renamed:    http_proxy.h -> curl_http_proxy.h
  renamed:    if2ip.h -> curl_if2ip.h
  renamed:    imap.h -> curl_imap.h
  renamed:    inet_ntop.h -> curl_inet_ntop.h
  renamed:    inet_pton.h -> curl_inet_pton.h
  renamed:    krb4.h -> curl_krb4.h
  renamed:    llist.h -> curl_llist.h
  renamed:    memdebug.h -> curl_memdebug.h
  renamed:    multiif.h -> curl_multiif.h
  renamed:    netrc.h -> curl_netrc.h
  renamed:    non-ascii.h -> curl_non-ascii.h
  renamed:    nonblock.h -> curl_nonblock.h
  renamed:    nssg.h -> curl_nssg.h
  renamed:    parsedate.h -> curl_parsedate.h
  renamed:    pingpong.h -> curl_pingpong.h
  renamed:    polarssl.h -> curl_polarssl.h
  renamed:    pop3.h -> curl_pop3.h
  renamed:    progress.h -> curl_progress.h
  renamed:    qssl.h -> curl_qssl.h
  renamed:    rawstr.h -> curl_rawstr.h
  renamed:    rtsp.h -> curl_rtsp.h
  renamed:    select.h -> curl_select.h
  renamed:    sendf.h -> curl_sendf.h
  renamed:    setup.h -> curl_setup.h
  renamed:    setup_once.h -> curl_setup_once.h
  renamed:    share.h -> curl_share.h
  renamed:    slist.h -> curl_slist.h
  renamed:    smtp.h -> curl_smtp.h
  renamed:    sockaddr.h -> curl_sockaddr.h
  renamed:    socks.h -> curl_socks.h
  renamed:    speedcheck.h -> curl_speedcheck.h
  renamed:    splay.h -> curl_splay.h
  renamed:    ssh.h -> curl_ssh.h
  renamed:    sslgen.h -> curl_sslgen.h
  renamed:    ssluse.h -> curl_ssluse.h
  renamed:    strdup.h -> curl_strdup.h
  renamed:    strequal.h -> curl_strequal.h
  renamed:    strerror.h -> curl_strerror.h
  renamed:    strtok.h -> curl_strtok.h
  renamed:    strtoofft.h -> curl_strtoofft.h
  renamed:    telnet.h -> curl_telnet.h
  renamed:    tftp.h -> curl_tftp.h
  renamed:    timeval.h -> curl_timeval.h
  renamed:    transfer.h -> curl_transfer.h
  renamed:    url.h -> curl_url.h
  renamed:    urldata.h -> curl_urldata.h
  renamed:    warnless.h -> curl_warnless.h
  renamed:    wildcard.h -> curl_wildcard.h

----------------------------------------
2012-12-28 20:21:56 +01:00
Yang Tse
f871de0064 build: make use of 76 lib/*.h renamed files
76 private header files renamed to use our standard naming scheme.

This change affects 322 files in libcurl's source tree.
2012-12-28 19:37:11 +01:00
Yang Tse
ec691ca34b lib/*.h: use our standard naming scheme for header inclusion guards 2012-12-28 18:21:40 +01:00
Steve Holme
709b3506cd imsp.c: Fixed usernames and passwords that contain escape characters
Fixed a problem with sending usernames and passwords that contain
backslash, quotation mark and space characters.
2012-12-28 14:49:30 +00:00
Nick Zitzmann
e3ed2b82e6 darwinssl: Fixed inability to disable peer verification
... on Snow Leopard and Lion

Snow Leopard introduced the SSLSetSessionOption() function, but it
doesn't disable peer verification as expected on Snow Leopard or
Lion (it works as expected in Mountain Lion). So we now use sysctl()
to detect whether or not the user is using Snow Leopard or Lion,
and if that's the case, then we now use the deprecated
SSLSetEnableCertVerify() function instead to disable peer verification.
2012-12-27 19:09:25 +01:00
Yang Tse
219fe7b29c curl_multi_remove_handle: commit 0aabfd9963 follow-up 2012-12-26 06:01:54 +01:00
Yang Tse
0aabfd9963 curl_multi_remove_handle: fix memory leak triggered with CURLOPT_RESOLVE 2012-12-25 13:34:45 +01:00
Yang Tse
14b77db1b9 Curl_hash_clean: OOM handling fix 2012-12-25 13:34:44 +01:00
Daniel Stenberg
1649e680f6 Curl_conncache_foreach: allow callback to break loop
... and have it take a proper 'struct connectdata *' as first argument
2012-12-24 23:51:02 +01:00
Daniel Stenberg
2897ce7dc2 pop3_doing: don't call pop3_dophase_done() if already failed
... it also clobbered the 'result' return value so that it wouldn't
return the error back to the parent function properly, which broke test
809 when run with 'multi-always'.
2012-12-24 23:43:42 +01:00
Yang Tse
7a09907146 curl_multi_wait: OOM handling fix 2012-12-23 21:50:39 +01:00
Daniel Stenberg
a1fc9b80c8 curl_multi_wait: avoid an unnecessary memory allocation 2012-12-23 21:50:14 +01:00
Yang Tse
b3d91a147f multi.c: OOM handling fix 2012-12-21 19:48:07 +01:00
Daniel Stenberg
c30c557e4d SCP: relative path didn't work
When prefixing a path with /~/ it is supposed to be used relative to the
user's home directory but it didn't work. Now we cut off the entire
three byte sequenct "/~/" which seems to be how OpenSSH does it.

Bug: http://curl.haxx.se/bug/view.cgi?id=1173
Reported by: Balaji Parasuram
2012-12-21 14:41:54 +01:00
Yang Tse
eafccdb315 bundles connection caching: some out of memory handling fixes 2012-12-19 19:53:17 +01:00
Yang Tse
7d49d774fd VC6 IDE: link with advapi32.lib when using WIN32 crypto API (md5.c) 2012-12-18 13:29:45 +01:00
Yang Tse
b8dde1cf19 setup_once.h: HP-UX specific 'bool', 'false' and 'true' definitions.
Also reverts commit f254c59dc7
2012-12-17 02:07:10 +01:00
Yang Tse
f6af9d9886 warnless.c: fix compiler warnings 2012-12-15 20:31:42 +01:00
Nick Zitzmann
bbb4bbc0f1 darwinssl: Fix implicit conversion compiler warnings
The Clang compiler found a few implicit conversion problems that have
now been fixed.
2012-12-14 23:33:10 +01:00
Yang Tse
0e8e340cba setup_once.h: HP-UX <sys/socket.h> issue workaround
Issue: When building a 32bit target with large file support HP-UX
<sys/socket.h> header file may simultaneously provide two different
sets of declarations for sendfile and sendpath functions, one with
static and another with external linkage. Given that we do not use
mentioned functions we really don't care which linkage is the
appropriate one, but on the other hand, the double declaration emmits
warnings when using the HP-UX compiler and errors when using modern
gcc versions resulting in fatal compilation errors.

Mentioned issue is now fixed as long as we don't use sendfile nor
sendpath functions.
2012-12-14 19:39:22 +01:00
Yang Tse
a0b207164c setup_once.h: refactor inclusion of <unistd.h> and <sys/socket.h>
Inclusion of top two most included header files now done in setup_once.h
2012-12-14 17:38:18 +01:00
Yang Tse
f254c59dc7 setup_once.h: HP-UX specific TRUE and FALSE definitions
Some HP-UX system headers require TRUE defined to 1 and FALSE to 0.
2012-12-12 16:14:24 +01:00
Daniel Stenberg
568befb6aa gopher: #include cleanup
Remove all system file includes from this file as they're not needed

Reported by: Dan Fandrich
2012-12-12 11:08:01 +01:00
Yang Tse
aee540b831 build: add bundles and conncache files to other build systems 2012-12-10 17:32:35 +01:00
Yang Tse
4710d3d969 conncache: fix enumerated type mixed with another type 2012-12-10 17:04:13 +01:00
Linus Nielsen Feltzing
d021f2e8a0 Introducing a new persistent connection caching system using "bundles".
A bundle is a list of all persistent connections to the same host.
The connection cache consists of a hash of bundles, with the
hostname as the key.
The benefits may not be obvious, but they are two:

1) Faster search for connections to reuse, since the hash
   lookup only finds connections to the host in question.
2) It lays out the groundworks for an upcoming patch,
   which will introduce multiple HTTP pipelines.

This patch also removes the awkward list of "closure handles",
which were needed to send QUIT commands to the FTP server
when closing a connection.
Now we allocate a separate closure handle and use that
one to close all connections.

This has been tested in a live system for a few weeks, and of
course passes the test suite.
2012-12-07 10:08:33 +01:00
Stanislav Ivochkin
8b15c84ea9 build: fix compilation with CURL_DISABLE_CRYPTO_AUTH flag 2012-12-05 22:32:49 +04:00
Yang Tse
b908376bef build: explain current role of LIBS in our Makefile.am files
BLANK_AT_MAKETIME may be used in our Makefile.am files to blank
LIBS variable used in generated makefile at makefile processing
time. Doing this functionally prevents LIBS from being used for
all link targets in given makefile.
2012-12-04 23:32:05 +01:00
Daniel Stenberg
8b02afd9a9 multi: fix re-sending request on early connection close
This handling already works with the easy-interface code. When a request
is sent on a re-used connection that gets closed by the server at the
same time as the request is sent, the situation may occur so that we can
send the request and we discover the broken connection as a RECV_ERROR
in the PERFORM state and then the request needs to be retried on a fresh
connection. Test 64 broke with 'multi-always-internally'.
2012-12-04 22:14:23 +01:00
Yang Tse
068f7ae264 build: prevent global LIBS from influencing src and lib build targets
Currently, LIBS is already used through other macros.
2012-12-03 22:41:18 +01:00
Kamil Dudka
68d2830ee9 nss: prevent NSS from crashing on client auth hook failure
Although it is not explicitly stated in the documentation, NSS uses
*pRetCert and *pRetKey even if the client authentication hook returns
a failure.  Namely, if we destroy *pRetCert without clearing *pRetCert
afterwards, NSS destroys the certificate once again, which causes a
double free.

Reported by: Bob Relyea
2012-12-03 13:34:36 +01:00
Yang Tse
79954a1b07 avoid mixing of enumerated type with another type 2012-11-26 16:23:48 +01:00
Yang Tse
b33074d893 multi.c: disambiguate precedence of bitwise and relational operation 2012-11-26 16:23:47 +01:00
Fabian Keil
0683adbf50 Remove stray CRLF in chunk-encoded content-free request bodies
.. that are sent when auth-negotiating before a chunked
upload or when setting the 'Transfer-Encoding: chunked'
header and intentionally sending no content.

Adjust test565 and test1333 accordingly.
2012-11-26 15:28:53 +01:00
Daniel Stenberg
67f053b672 VC Makefiles: add missing hostcheck
the newly introduced hostcheck.h/c is missing in the Visual Studio
Makefiles as obj file.

Bug: http://curl.haxx.se/mail/lib-2012-11/0176.html
2012-11-21 16:18:57 +01:00
Daniel Stenberg
cfb67752fe compiler warning fixes
The conversions from ssize_t to int need to be typecasted.
2012-11-20 20:57:18 +01:00
Daniel Stenberg
409f2a041f fixed memory leak: CURLOPT_RESOLVE with multi interface
DNS cache entries populated with CURLOPT_RESOLVE were not properly freed
again when done using the multi interface.

Test case 1502 added to verify.

Bug: http://curl.haxx.se/bug/view.cgi?id=3575448
Reported by: Alex Gruz
2012-11-18 16:39:31 +01:00
Daniel Stenberg
ee588fe088 mem-include-scan: verify memory #includes
If we use memory functions (malloc, free, strdup etc) in C sources in
libcurl and we fail to include curl_memory.h or memdebug.h we either
fail to properly support user-provided memory callbacks or the memory
leak system of the test suite fails.

After Ajit's report of a failure in the first category in http_proxy.c,
I spotted a few in the second category as well. These problems are now
tested for by test 1132 which runs a perl program that scans for and
attempts to check that we use the correct include files if a memory
related function is used in the source code.

Reported by: Ajit Dhumale
Bug: http://curl.haxx.se/mail/lib-2012-11/0125.html
2012-11-17 13:56:38 +01:00
Daniel Stenberg
db4215f14a tftp_rx: code style cleanup
Fixed checksrc warnings
2012-11-16 22:00:17 +01:00
Christian Vogt
0ac827848d tftp_rx: handle resends
Re-send ACK for block X in case we receive block X data again while
waiting for block X+1.

Based on an earlier patch by Marcin Adamski.
2012-11-16 15:30:52 +01:00
Cristian Rodríguez
fa1ae0abcd OpenSSL: Disable SSL/TLS compression
It either causes increased memory usage or exposes users
to the "CRIME attack" (CVE-2012-4929)
2012-11-13 23:01:28 +01:00
Sebastian Rasmussen
38ed72cd37 FILE: Make upload-writes unbuffered by not using FILE streams 2012-11-13 22:02:18 +01:00
Anton Malov
076e1fa348 ftp: EPSV-disable fix over SOCKS
Bug: http://curl.haxx.se/bug/view.cgi?id=3586338
2012-11-12 23:00:27 +01:00
Gabriel Sjoberg
e237402c47 Digst: Add microseconds into nounce calculation
When using only 1 second precision, curl doesn't create new cnonce
values quickly enough for all uses.

For example, issuing the following command multiple times to a recent
Tomcat causes authentication failures:

curl --digest -utest:test http://tomcat.test.com:8080/manager/list

This is because curl uses the same cnonce for several seconds, but
doesn't increment the nonce counter.  Tomcat correctly interprets
this as a replay attack and rejects the request.

When microsecond-precision is available, this commit causes curl to
change cnonce values much more frequently.

With microsecond resolution, increasing the nounce length used in the
headers to 32 was made to further reduce the risk of duplication.
2012-11-12 11:46:27 +01:00
Daniel Stenberg
1c23d2b392 SCP/SFTP: improve error code used for send failures
Instead of relying on the generic CURLE error for SCP or SFTP send
failures, try passing back a more suitable error if possible.
2012-11-12 10:04:44 +01:00
Daniel Stenberg
7ecd874bce Curl_write: remove unneeded typecast 2012-11-12 10:04:31 +01:00
Daniel Stenberg
0af1a9d270 hostcheck: only build for the actual users
and make local function static
2012-11-08 22:37:53 +01:00
Oscar Koeroo
1394cad30f SSL: Several SSL-backend related fixes
axTLS:

This will make the axTLS backend perform the RFC2818 checks, honoring
the VERIFYHOST setting similar to the OpenSSL backend.

Generic for OpenSSL and axTLS:

Move the hostcheck and cert_hostcheck functions from the lib/ssluse.c
files to make them genericly available for both the OpenSSL, axTLS and
other SSL backends. They are now in the new lib/hostcheck.c file.

CyaSSL:

CyaSSL now also has the RFC2818 checks enabled by default. There is a
limitation that the verifyhost can not be enabled exclusively on the
Subject CN field comparison. This SSL backend will thus behave like the
NSS and the GnuTLS (meaning: RFC2818 ok, or bust). In other words:
setting verifyhost to 0 or 1 will disable the Subject Alt Names checks
too.

Schannel:

Updated the schannel information messages: Split the IP address usage
message from the verifyhost setting and changed the message about
disabling SNI (Server Name Indication, used in HTTP virtual hosting)
into a message stating that the Subject Alternative Names checks are
being disabled when verifyhost is set to 0 or 1. As a side effect of
switching off the RFC2818 related servername checks with
SCH_CRED_NO_SERVERNAME_CHECK
(http://msdn.microsoft.com/en-us/library/aa923430.aspx) the SNI feature
is being disabled. This effect is not documented in MSDN, but Wireshark
output clearly shows the effect (details on the libcurl maillist).

PolarSSL:

Fix the prototype change in PolarSSL of ssl_set_session() and the move
of the peer_cert from the ssl_context to the ssl_session. Found this
change in the PolarSSL SVN between r1316 and r1317 where the
POLARSSL_VERSION_NUMBER was at 0x01010100. But to accommodate the Ubuntu
PolarSSL version 1.1.4 the check is to discriminate between lower then
PolarSSL version 1.2.0 and 1.2.0 and higher. Note: The PolarSSL SVN
trunk jumped from version 1.1.1 to 1.2.0.

Generic:

All the SSL backends are fixed and checked to work with the
ssl.verifyhost as a boolean, which is an internal API change.
2012-11-08 22:23:12 +01:00
Daniel Stenberg
18c0e9bd71 libcurl: VERSIONINFO update
Since we added the curl_multi_wait function, the VERSIONINFO needed
updating.

Reported by: Patrick Monnerat
2012-11-08 20:26:19 +01:00
Guenter Knauf
c70c1a22d2 Added .def file to output.
Requested by Johnny Luong on the libcurl list.
2012-11-08 18:50:48 +01:00
Daniel Stenberg
7840c4c70c Curl_readwrite: remove debug output
The text "additional stuff not fine" text was added for debug purposes a
while ago, but it isn't really helping anyone and for some reason some
Linux distributions provide their libcurls built with debug info still
present and thus (far too many) users get to read this info.
2012-11-08 10:47:11 +01:00
Daniel Stenberg
487538e87a http_perhapsrewind: consider NTLM over proxy too
The logic previously checked for a started NTLM negotiation only for
host and not also with proxy, leading to problems doing POSTs over a
proxy NTLM that are larger than 2000 bytes. Now it includes proxy in the
check.

Bug: http://curl.haxx.se/bug/view.cgi?id=3582321
Reported by: John Suprock
2012-11-07 23:08:29 +01:00
Lars Buitinck
e1fa945e7e Curl_connecthost: friendlier "couldn't connect" message 2012-11-07 22:55:33 +01:00
Daniel Stenberg
473003fbdf URL parser: cut off '#' fragments from URLs (better)
The existing logic only cut off the fragment from the separate 'path'
buffer which is used when sending HTTP to hosts. The buffer that held
the full URL used for proxies were not dealt with. It is now.

Test case 5 was updated to use a fragment on a URL over a proxy.

Bug: http://curl.haxx.se/bug/view.cgi?id=3579813
2012-11-06 23:17:57 +01:00
Daniel Stenberg
3f20303702 OpenSSL/servercert: use correct buffer size, not size of pointer
Bug: http://curl.haxx.se/bug/view.cgi?id=3579286
2012-11-06 22:55:22 +01:00
Daniel Stenberg
13ce9031cc Curl_pretransfer: clear out unwanted auth methods
As a handle can be re-used after having done HTTP auth in a previous
request, it must make sure to clear out the HTTP types that aren't
wanted in this new request.
2012-11-06 22:23:56 +01:00
Daniel Stenberg
8e329bb759 Revert "Zero out auth structs before transfer"
This reverts commit ce8311c7e4.

The commit made test 2024 work but caused a regression with repeated
Digest authentication. We need to fix this differently.
2012-11-06 22:23:56 +01:00
Daniel Stenberg
da82f59b69 CURLOPT_SSL_VERIFYHOST: stop supporting the 1 value
After a research team wrote a document[1] that found several live source
codes out there in the wild that misused the CURLOPT_SSL_VERIFYHOST
option thinking it was a boolean, this change now bans 1 as a value and
will make libcurl return error for it.

1 was never a sensible value to use in production but was introduced
back in the days to help debugging. It was always documented clearly
this way.

1 was never supported by all SSL backends in libcurl, so this cleanup
makes the treatment of it unified.

The report's list of mistakes for this option were all PHP code and
while there's a binding layer between libcurl and PHP, the PHP team has
decided that they have an as thin layer as possible on top of libcurl so
they will not alter or specifically filter a 'TRUE' value for this
particular option. I sympathize with that position.

[1] = http://daniel.haxx.se/blog/2012/10/25/libcurl-claimed-to-be-dangerous/
2012-11-06 19:46:53 +01:00
Daniel Stenberg
ab1f80200a gnutls: fix compiler warnings 2012-11-06 19:46:17 +01:00
Alessandro Ghedini
41eec4efa2 gnutls: print alerts during handshake 2012-11-06 19:42:38 +01:00
Alessandro Ghedini
2045d83dd3 gnutls: fix the error_is_fatal logic 2012-11-06 19:42:37 +01:00
Dave Reisner
550e403f00 uniformly use AM_CPPFLAGS, avoid deprecated INCLUDES
Since automake 1.12.4, the warnings are issued on running automake:

  warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')

Avoid INCLUDES and roll these flags into AM_CPPFLAGS.

Compile tested on:
  Ubuntu 10.04 (automake 1:1.11.1-1)
  Ubuntu 12.04 (automake 1:1.11.3-1ubuntu2)
  Arch Linux (automake 1.12.4)
2012-11-06 00:32:21 +01:00
Daniel Stenberg
09a491378a ftp_readresp: fix build without krb4 support
Oops, my previous commit broke builds with krb support.
2012-11-05 13:01:48 +01:00
Daniel Stenberg
b2954e66e8 FTP: prevent the multi interface from blocking
As pointed out in Bug report #3579064, curl_multi_perform() would
wrongly use a blocking mechanism internally for some commands which
could lead to for example a very long block if the LIST response never
showed.

The solution was to make sure to properly continue to use the multi
interface non-blocking state machine.

The new test 1501 verifies the fix.

Bug: http://curl.haxx.se/bug/view.cgi?id=3579064
Reported by: Guido Berhoerster
2012-11-04 19:05:39 +01:00
Daniel Stenberg
74fe1b95fb tlsauthtype: deal with the string case insensitively
When given a string as 'srp' it didn't work, but required 'SRP'.
Starting now, the check disregards casing.

Bug: http://curl.haxx.se/bug/view.cgi?id=3578418
Reported by: Jeff Connelly
2012-10-23 23:12:58 +02:00
Daniel Stenberg
d1c769877a asyn-ares: restore working with c-ares < 1.6.1
Back in those days the public ares.h header didn't include the
ares_version.h header so it needs to be included here.

Bug: http://curl.haxx.se/bug/view.cgi?id=3577710
2012-10-23 23:06:38 +02:00
Nick Zitzmann
94891ff296 metalink/md5: Use CommonCrypto on Apple operating systems
Previously the Metalink code used Apple's CommonCrypto library only if
curl was built using the --with-darwinssl option. Now we use CommonCrypto
on all Apple operating systems including Tiger or later, or iOS 5 or
later, so you don't need to build --with-darwinssl anymore. Also rolled
out this change to libcurl's md5 code.
2012-10-22 23:32:59 +02:00
Nick Zitzmann
f1d2e18508 darwinssl: un-broke iOS build, fix error on server disconnect
The iOS build was broken by a reference to a function that only existed
under OS X; fixed. Also fixed a hard-to-reproduce problem where, if the
server disconnected before libcurl got the chance to hang up first and
SecureTransport was in use, then we'd raise an error instead of failing
gracefully.
2012-10-16 19:55:03 +02:00
Alessandro Ghedini
1a02e84589 gnutls: put reset code into else block
Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690551
2012-10-16 00:18:44 +02:00
Daniel Stenberg
8373ca3641 curl_multi_wait: no wait if no descriptors to wait for
This is a minor change in behavior after having been pointed out by Mark
Tully and discussed on the list. Initially this case would internally
call poll() with no sockets and a timeout which would equal a sleep for
that specified time.

Bug: http://curl.haxx.se/mail/lib-2012-10/0076.html
Reported by: Mark Tully
2012-10-09 22:19:49 +02:00
Marc Hoersken
9547be37c2 ssluse.c: md5.h is required for Curl_ossl_md5sum 2012-10-08 18:48:54 +02:00
Marc Hoersken
a5b6f91e8d curl_schannel.c: Fixed caching more data than required
Do not fill the decrypted data buffer with more data unless
required in order to return the requested amount of data.
2012-10-06 15:47:14 +02:00
Marc Hoersken
fbf3560886 curl_schannel: Removed buffer limit and optimized buffer strategy
Since there are servers that seem to return very big encrypted
data packages, we need to be able to handle those without having
an internal size limit. To avoid the buffer growing to fast to
early the initial size was decreased and the minimum free space
in the buffer was decreased as well.
2012-10-06 13:59:28 +02:00
Marc Hoersken
07593b2422 lib/socks.c: Merged two size variables into one 2012-10-04 21:27:46 +02:00
Marc Hoersken
cd423348d9 lib/socks.c: Avoid type conversions where possible
Streamlined variable names and types to avoid type conversions that
may result in data being lost on non 32-bit systems.
2012-10-04 20:17:49 +02:00
Marc Hoersken
90821c6202 lib/curl_schannel.c: Hide size_t conversion warning 2012-10-04 19:55:17 +02:00
Marc Hoersken
dee2ef8083 krb5/curl_rtmp.c: Hide size_t to int type conversion warning 2012-10-04 19:17:00 +02:00
Marc Hoersken
50a7d32af0 security.c: Aligned internal type to return type
Use ssize_t instead of int to avoid conversion problems on 64-bit
systems. Also added curlx_sztosi where necessary.
2012-10-04 19:16:59 +02:00
Marc Hoersken
a5c6ecba8d lib/curl_schannel: Increased maximum buffer size to factor 128 2012-10-03 18:15:41 +02:00
Daniel Stenberg
971f5bcedd multi_runsingle: CURLOPT_LOW_SPEED_* fix for rate limitation
During the periods of rate limitation, the speedcheck function wasn't
called and thus the values weren't updated accordingly and it would then
easily trigger wrongly once data got transferred again.

Also, the progress callback's return code was not acknowledged in this
state so it could make an "abort" return code to get ignored and not
have the documented effect of aborting an ongoing transfer.

Bug: http://curl.haxx.se/mail/lib-2012-09/0081.html
Reported by: Jie He
2012-10-02 00:16:20 +02:00
Daniel Stenberg
628c4e7af1 Curl_reconnect_request: clear pointer on failure
The Curl_reconnect_request() function could end up returning a pointer
to a free()d struct when Curl_done() failed inside. Clearing the pointer
unconditionally after Curl_done() avoids this risk.

Reported by: Ho-chi Chen
Bug: http://curl.haxx.se/mail/lib-2012-09/0188.html
2012-09-28 13:57:41 +02:00
Marc Hoersken
0c8ccf7207 Makefile.vc6: Added missing default library advapi32.lib 2012-09-23 10:18:47 +02:00
Daniel Stenberg
39dff07a27 HTTP_ONLY: disable more protocols 2012-09-19 11:03:34 +02:00
Sergei Nikulov
889038f668 setup.h: fixed for MS VC10 build
Bug: http://curl.haxx.se/bug/view.cgi?id=3568327
2012-09-17 23:21:31 +02:00
Sara Golemon
b78944146a curl_multi_wait: Add parameter to return number of active sockets
Minor change to recently introduced function.  BC breaking, but since
curl_multi_wait() doesn't exist in any releases that should be fine.
2012-09-16 19:58:02 +02:00
Marc Hoersken
9b25b00fa3 socks.c: Fixed warning: conversion to 'int' from 'long unsigned int' 2012-09-14 16:01:19 +02:00
Marc Hoersken
ba41ecfa17 http_negotiate.c: Fxied warning: unused variable 'rc' 2012-09-14 15:50:24 +02:00
Marc Hoersken
1ab6c35363 ssh.c: Fixed warning: implicit conversion from enumeration type 2012-09-14 14:48:55 +02:00
Marc Hoersken
5162cb8ad6 socks.c: Check that IPv6 is enabled before using it's features 2012-09-14 08:12:07 +02:00
Marc Hoersken
8a2be299f4 checksrc: Fixed line length and comment indentation 2012-09-14 00:44:16 +02:00
Marc Hoersken
f73a27cadc socks.c: Updated error messages to handle hostname and IPv6 2012-09-14 00:14:46 +02:00
Marc Hoersken
f332f14102 socks.c: Added support for IPv6 connections through SOCKSv5 proxy 2012-09-14 00:14:38 +02:00
Daniel Stenberg
775cc1be66 parse_proxy: treat "socks://x" as a socks4 proxy
Selected socks proxy in Google's Chrome browser. Resulting in the
following environment variables:

NO_PROXY=localhost,127.0.0.0/8
ALL_PROXY=socks://localhost:1080/
all_proxy=socks://localhost:1080/
no_proxy=localhost,127.0.0.0/8

... and libcurl didn't treat 'socks://' as socks but instead picked HTTP
proxy.

Reported by: Scott Bailey

Bug: http://curl.haxx.se/bug/view.cgi?id=3566860
2012-09-13 22:57:38 +02:00
Kamil Dudka
f05e51362f ssh: do not crash if MD5 fingerprint is not provided by libssh2
The MD5 fingerprint cannot be computed when running in FIPS mode.
2012-09-12 16:49:10 +02:00
Kamil Dudka
ce515e993f ssh: move the fingerprint checking code to a separate fnc 2012-09-12 16:49:09 +02:00
Marc Hoersken
7f7e2ea72f wincrypt: Fixed cross-compilation issues caused by include name
For some reason WinCrypt.h is named wincrypt.h under MinGW.
2012-09-11 14:35:18 +02:00
Marc Hoersken
4d384a8714 md5.c: Added support for Microsoft Windows CryptoAPI 2012-09-11 14:12:41 +02:00
Marc Hoersken
e6ba048701 nss.c: Fixed warning: 'err' may be used uninitialized in this function 2012-09-11 09:49:23 +02:00
Marc Hoersken
160312d945 curl_schannel.c: Reference count the credential/session handle
Reference counting the credential handle should avoid that such a
handle is freed while it is still required for connection shutdown
2012-09-09 12:36:54 +02:00
Nick Zitzmann
badb81769a darwinssl: fixed for older Mac OS X versions
SSL didn't work on older cats if built on a newer cat with weak-linking
turned on to support the older cat
2012-09-08 22:35:14 +02:00
Daniel Stenberg
2e7d2c8f74 SOCKS: truly disable it if CURL_DISABLE_PROXY is defined
Bug: http://curl.haxx.se/bug/view.cgi?id=3561305

Patch by: Marcel Raad
2012-09-06 20:51:30 +02:00
Daniel Stenberg
3a0b64489f mk-ca-bundle: detect start of trust section better
Each certificate section of the input certdata.txt file has a trust
section following it with details.

This script failed to detect the start of the trust for at least one
cert[*], which made the script continue pass that section into the next
one where it found an 'untrusted' marker and as a result that certficate
was not included in the output.

[*] = "Hellenic Academic and Research Institutions RootCA 2011"

Bug: http://curl.haxx.se/mail/lib-2012-09/0019.html
2012-09-04 23:21:15 +02:00
Alessandro Ghedini
ee3551e45e gnutls: do not fail on non-fatal handshake errors
Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685402
2012-09-04 22:11:58 +02:00
František Kučera
0a0f3c63a6 SMTP: only send SIZE if supported
SMTP client will send SIZE parameter in MAIL FROM command only if server
supports it. Without this patch server might say "504 Command parameter
not implemented" and reject the message.

Bug: http://curl.haxx.se/bug/view.cgi?id=3564114
2012-09-04 16:54:41 +02:00
Sara Golemon
de24d7bd4c multi: add curl_multi_wait()
/*
 * Name:     curl_multi_wait()
 *
 * Desc:     Poll on all fds within a CURLM set as well as any
 *           additional fds passed to the function.
 *
 * Returns:  CURLMcode type, general multi error code.
 */
CURL_EXTERN CURLMcode curl_multi_wait(CURLM *multi_handle,
                                      struct curl_waitfd extra_fds[],
                                      unsigned int extra_nfds,
                                      int timeout_ms);
2012-09-01 23:10:53 +02:00
Nick Zitzmann
2f6e1a8cc3 darwinssl: Bugfix for previous commit for older cats
I accidentally broke functionality for versions of OS X prior to Mountain
Lion in the previous commit. This commit fixes the problems.
2012-09-01 20:24:05 +02:00
Joe Mason
5ede86ae51 NTLM: re-use existing connection better
If we need an NTLM connection and one already exists, always choose that
one.
2012-08-31 22:54:23 +02:00
Nick Zitzmann
d792e75f2c darwinssl: add TLS 1.1 and 1.2 support, replace deprecated functions
In Mountain Lion, Apple added TLS 1.1 and 1.2, and deprecated a number
of SecureTransport functions, some of which we were using. We now check
to see if the replacement functions are present, and if so, we use them
instead.  The old functions are still present for users of older
cats. Also fixed a build warning that started to appear under Mountain
Lion
2012-08-18 20:36:45 +02:00
Gokhan Sengun
82b0aebef3 ftp: active conn, place calling sockopt callback at the end of function
Commit b91d29a28e170c16d65d956db79f2cd3a82372d2 introduces a bug and breaks Curl_closesocket function. sock_accepted flag for the second socket should be tagged as TRUE before the sockopt callback is called because in case the callback returns an error, Curl_closesocket function is going to call the - fclosesocket - callback for the accept()ed socket
2012-08-16 23:20:12 +02:00
Gokhan Sengun
23ef5e4ba2 ftp: active conn, allow application to set sockopt after accept() call
For active FTP connections, applications may need setting the sockopt after accept() call returns successful. This fix gives a call to the callback registered with CURL_SOCKOPTFUNCTION option. Also a new sock type - CURLSOCKTYPE_ACCEPT - is added. This type is to be passed to application callbacks with - purpose - parameter. Applications may use this parameter to distinguish between socket types.
2012-08-16 23:20:08 +02:00
Daniel Stenberg
99f0e45b61 ssh: use the libssh2 agent API conditionally
Commit e351972bc8 brought in the ssh agent support but some uses of
the libssh2 agent API was done unconditionally which wasn't good enough
since that API hasn't always been present.
2012-08-10 08:59:36 +02:00
Daniel Stenberg
7520f9f1c3 white space fix: shorten long line
... to please checksrc.pl
2012-08-10 08:59:36 +02:00
Kamil Dudka
f208bf5a2d docs: update the links to cipher-suites supported by NSS
... and make the list of cipher-suites in nss.c readable by humans.

Bug: http://curl.haxx.se/mail/archive-2012-08/0016.html
2012-08-09 16:24:53 +02:00
Kamil Dudka
52b6eda4f2 nss: do not print misleading NSS error codes 2012-08-09 13:33:49 +02:00
Armel Asselin
e351972bc8 SSH: added agent based authentication
CURLSSH_AUTH_AGENT is a new auth type for SSH
2012-08-08 23:03:10 +02:00
Daniel Stenberg
31f39120b7 curl_version: fixed Value stored to 'len' is never read
Fixed this (harmless) clang-analyzer warning. Also fixed the source
indentation level.
2012-08-08 14:58:09 +02:00
Daniel Stenberg
14afbf361a add_next_timeout: minor restructure of code
By reading the ->head pointer and using that instead of the ->size
number to figure out if there's a list remaining we avoid the (false
positive) clang-analyzer warning that we might dereference of a null
pointer.
2012-08-08 14:50:32 +02:00
Daniel Stenberg
bf6dc61967 verbose messages: fixed output of hostnames in re-used connections
I suspect this is a regression introduced in commit 207cf150, included
since 7.24.0.

Avoid showing '(nil)' as hostname in verbose output by making sure the
hostname fixup function is called early enough to set the pointers that
are used for this. The name data is set again for each request even for
re-used connections to handle multiple hostnames over the same
connection (like with proxy) or that the casing etc of the host name is
changed between requests (which has proven to be important at least once
in the past).

Test1011 was modified to use a redirect with a re-used a connection
since it then showed the bug and now lo longer does. There's currently
no easy way to have the test suite detect 'nil' texts in verbose ouputs
so no tests will detect if this problem gets reintroduced.

Bug: http://curl.haxx.se/mail/lib-2012-07/0111.html
Reported by: Gisle Vanem
2012-08-08 13:57:56 +02:00
Mike Crowe
15108d6308 Avoid leak of local device string when reusing connection
Ensure that the copy of the CURLOPT_INTERFACE string is freed if we
decide we can reuse an existing connection.
2012-08-07 23:35:35 +02:00
Daniel Stenberg
c771968ab6 Curl_socket_check: fix timeout return value for select users
This is the same fix applied for the conditional code that uses select()
that was already done for the poll specific code in commit
b61e8b81f5.
2012-08-07 23:30:05 +02:00
Maxime Larocque
b61e8b81f5 Curl_socket_check: fix return code for timeout
We found a problem with ftp transfer using libcurl (7.23 and 7.25)
inside an application which is receiving unix signals (SIGUSR1,
SIGUSR2...) almost continuously. (Linux 2.4, PowerPC, HAVE_POLL_FINE
defined).

Curl_socket_check() uses poll() to wait for the socket, and retries it
when a signal is received (EINTR). However, if a signal is received and
it also happens that the timeout has been reached, Curl_socket_check()
returns -1 instead of 0 (indicating an error instead of a timeout).

In our case, the result is an aborted connection even before the ftp
banner is received from the server, and a return value of
CURLE_OUT_OF_MEMORY from curl_easy_perform() (Curl_pp_multi_statemach(),
in pingpong.c, actually returns OOM if Curl_socket_check() fails :-)
Funny to debug on a system on which OOM is a possible cause).

Bug: http://curl.haxx.se/mail/lib-2012-07/0122.html
2012-08-07 23:24:13 +02:00
Daniel Stenberg
8bad5f2a61 WSAPoll: disabled on all windows builds
Due to WSAPoll bugs, libcurl does not work as intended. When the cURL
library is used to setup a connection to an incorrect port, normally the
result is CURLE_COULDNT_CONNECT, /* 7 */, but due to the bug in WSAPoll,
the result now is CURLE_OPERATION_TIMEDOUT, /* 28 - the timeout time was
reached */.

On August 1, Jan Koen Annot opened a case for this to Microsoft Premier
Online (https://premier.microsoft.com/).  The support engineer handling
the case wrote that the case description is quite clear.  He will try to
reproduce the issue and then proceed with troubleshooting it.

Reported by: Jan Koen Annot
Bug: http://curl.haxx.se/mail/lib-2012-07/0310.html
2012-08-07 20:47:31 +02:00
Daniel Stenberg
f0d611df9e retry request: only access the HTTP data if in fact HTTP
When figuring out if the data stream needs to be rewound when the
request is to be resent, we must not access the HTTP struct unless the
protocol used is indeed HTTP...

Bug: http://curl.haxx.se/bug/view.cgi?id=3544688
2012-08-07 14:55:19 +02:00
Daniel Stenberg
0b08491f83 VC build: add define for openssl
This fixes a build failure of lib/ssluse.c.

Bug: http://curl.haxx.se/bug/view.cgi?id=3552997
2012-08-07 13:57:13 +02:00
Daniel Stenberg
986c7949c0 gtls: fix build failure by including nettle-specific headers
Bug: http://curl.haxx.se/bug/view.cgi?id=3554668
Reported by: Anthony G. Basile
2012-08-06 15:04:25 +02:00
Joe Mason
50b87c4e68 Cleanup handshake after clean NTLM failure 2012-08-03 17:01:54 -04:00
Joe Mason
ce8311c7e4 Zero out auth structs before transfer 2012-08-03 17:01:02 -04:00
Kamil Dudka
1f8518c5d9 file: use fdopen() for uploaded files if available
It eliminates noisy events when using inotify and fixes a TOCTOU issue.

Bug: https://bugzilla.redhat.com/844385
2012-07-30 15:04:38 +02:00