Commit Graph

1141 Commits

Author SHA1 Message Date
Daniel Stenberg ce81cd21d3 I renamed the CURLE_SSL_PEER_CERTIFICATE error code to
CURLE_PEER_FAILED_VERIFICATION (standard CURL_NO_OLDIES style), and made this
return code get used by the previous SSH MD5 fingerprint check in case it
fails.
2007-10-03 08:07:50 +00:00
Daniel Stenberg 51c6a5d43b Based on a patch brought by Johnny Luong, libcurl now offers
CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and the curl tool --hostpubmd5. They both make
the SCP or SFTP connection verify the remote host's md5 checksum of the public
key before doing a connect, to reduce the risk of a man-in-the-middle attack.
2007-10-03 08:00:42 +00:00
Daniel Stenberg 119364741e known bug #46: chunked-encoded CONNECT responses from a http proxy now works.
Added test case 1008 to verify. Note that #47 is still there.
2007-10-02 10:21:36 +00:00
Daniel Stenberg ec08e2f9f2 Alex Fishman reported a curl_easy_escape() problem that was made the
function do wrong on all input bytes that are >= 0x80 (decimal 128) due to a
signed / unsigned mistake in the code. I fixed it and added test case 543 to
verify.
2007-09-30 22:40:24 +00:00
Daniel Stenberg f58ba5ab1c Immanuel Gregoire fixed a problem with persistent transfers over SFTP - the
previous proto struct was kept.
2007-09-29 21:34:34 +00:00
Daniel Stenberg 2c105af910 Adapted the c-ares code to the API change c-ares 1.5.0 brings in the
notifier callback(s).
2007-09-28 21:48:28 +00:00
Dan Fandrich 16b95fc773 Enabled a few more gcc warnings with --enable-debug. Renamed a few
variables to avoid shadowing global declarations.
2007-09-27 01:45:22 +00:00
Daniel Stenberg fd4cf78f36 Philip Langdale provided the new CURLOPT_POST301 option for
curl_easy_setopt() that alters how libcurl functions when following
redirects. It makes libcurl obey the RFC2616 when a 301 response is received
after a non-GET request is made. Default libcurl behaviour is to change
method to GET in the subsequent request (like it does for response code 302
- because that's what many/most browsers do), but with this CURLOPT_POST301
option enabled it will do what the spec says and do the next request using
the same method again. I.e keep POST after 301.

The curl tool got this option as --post301

Test case 1011 and 1012 were added to verify.
2007-09-26 12:44:59 +00:00
Daniel Stenberg a6315359d7 Max Katsev reported that when doing a libcurl FTP request with
CURLOPT_NOBODY enabled but not CURLOPT_HEADER, libcurl wouldn't do TYPE
before it does SIZE which makes it less useful. I walked over the code and
made it do this properly, and added test case 542 to verify it.
2007-09-26 12:00:01 +00:00
Daniel Stenberg 775f86cb5a Immanuel Gregoire fixed KNOWN_BUGS #44: --ftp-method nocwd did not handle
URLs ending with a slash properly (it should list the contents of that
directory). Test case 351 brought back and also test 1010 was added.
2007-09-24 21:47:35 +00:00
Daniel Stenberg 015d5869d7 Mark Davies fixed Negotiate authentication over proxy, and also introduced
the --proxy-negotiate command line option to allow a user to explicitly
select it.
2007-09-21 11:05:31 +00:00
Daniel Stenberg 0885d787ab Immanuel Gregoire is the man 2007-09-20 14:02:34 +00:00
Daniel Stenberg 8c3f40ee32 Rob Crittenden provided an NSS update with the following highlights:
o It looks for the NSS database first in the environment variable SSL_DIR,
  then in /etc/pki/nssdb, then it initializes with no database if neither of
  those exist.

o If the NSS PKCS#11 libnspsem.so driver is available then PEM files may be
  loaded, including the ca-bundle. If it is not available then only
  certificates already in the NSS database are used.

o Tries to detect whether a file or nickname is being passed in so the right
  thing is done

o Added a bit of code to make the output more like the OpenSSL module,
  including displaying the certificate information when connecting in
  verbose mode

o Improved handling of certificate errors (expired, untrusted, etc)

The libnsspem.so PKCS#11 module is currently only available in Fedora
8/rawhide. Work will be done soon to upstream it. The NSS module will work
with or without it, all that changes is the source of the certificates and
keys.
2007-09-18 22:21:54 +00:00
Daniel Stenberg 45fd6685bd Immanuel pointed out that public key SSH auth failed if no public/private
key was specified and there was no HOME environment variable, and then it
didn't continue to try the other auth methods. Now it will instead try to
get the files id_dsa.pub and id_dsa from the current directory if none of
the two conditions were met.
2007-09-18 21:14:28 +00:00
Dan Fandrich 7f496d8c3f Changed some FTP tests to validate the format of the PORT and EPRT commands
sent by curl, if not the addresses themselves.
2007-09-17 21:44:57 +00:00
Daniel Stenberg e04151ed76 Michal Marek made libcurl automatically append ";type=<a|i>" when using HTTP
proxies for FTP urls.
2007-09-15 21:14:12 +00:00
Dan Fandrich 39a416f12a Added LDAPS, SCP and SFTP to curl-config --protocols. Removed and
fixed some AC_SUBST configure entries.
2007-09-14 01:56:08 +00:00
Daniel Stenberg 3bc11344de Version 7.17.0 (13 September 2007) 2007-09-13 20:22:14 +00:00
Daniel Stenberg 9e88343a17 Daniel S (12 September 2007)
- Bug report #1792649 (http://curl.haxx.se/bug/view.cgi?id=1792649) pointed
  out a problem with doing an empty upload over FTP on a re-used connection.
  I added test case 541 to reproduce it and to verify the fix.

- I noticed while writing test 541 that the FTP code wrongly did a CWD on the
  second transfer as it didn't store and remember the "" path from the
  previous transfer so it would instead CWD to the entry path as stored. This
  worked, but did a superfluous command. Thus, test case 541 now also verifies
  this fix.
2007-09-11 22:23:57 +00:00
Dan Fandrich 7350f9851a TFTP now reports the "not defined" TFTP error code 0 as an error,
not success.
2007-09-07 20:35:37 +00:00
Dan Fandrich d030dfa6e2 Added test case 1007 to test permission problem when uploading with TFTP
(to validate bug #1790403).
2007-09-07 20:05:20 +00:00
Daniel Stenberg 73e91ce20c Curl_GetFTPResponse() now checks and properly deals with the fact that the
underlying ftp_readresp() function has a separate "cache" where there might
in fact be leftover data...
2007-09-05 21:41:07 +00:00
Dan Fandrich 8780ff879c Minix doesn't support getsockopt on UDP sockets or send/recv on TCP
sockets.
2007-09-05 17:22:23 +00:00
Dan Fandrich 3fa60164af Renamed the CURLE_FTP_SSL_FAILED error code to CURLE_USE_SSL_FAILED.
Renamed the curl_ftpssl enum to curl_usessl and its enumerated constants,
creating macros for backward compatibility.
2007-08-31 19:36:32 +00:00
Dan Fandrich ac6e0501c6 Made some of the error strings returned by the *strerror functions more
generic, and more consistent with each other.
2007-08-31 17:56:06 +00:00
Dan Fandrich f6251734fc Added more accurate error code returns from SFTP operations. Added test
case 615 to test an SFTP upload failure.
2007-08-30 23:03:59 +00:00
Dan Fandrich 9f44a95522 Renamed several libcurl error codes and options to make them more general
and allow reuse by multiple protocols. Several unused error codes were
removed.  In all cases, macros were added to preserve source (and binary)
compatibility with the old names.  These macros are subject to removal at
a future date, but probably not before 2009.  An application can be
tested to see if it is using any obsolete code by compiling it with the
CURL_NO_OLDIES macro defined.

Documented some newer error codes in libcurl-error(3)
2007-08-30 20:34:57 +00:00
Daniel Stenberg 7cba40b218 Bug report #1779054 (http://curl.haxx.se/bug/view.cgi?id=1779054) pointed
out that libcurl didn't deal with large responses from server commands, when
the single response was consisting of multiple lines but of a total size of
16KB or more. Dan Fandrich improved the ftp test script and provided test
case 1006 to repeat the problem, and I fixed the code to make sure this new
test case runs fine.
2007-08-24 14:00:42 +00:00
Patrick Monnerat 557cc55f6f Porting library to OS/400 2007-08-23 14:30:24 +00:00
Daniel Stenberg 91fd2c3bcd Bug report #1779751 (http://curl.haxx.se/bug/view.cgi?id=1779751) pointed
out that doing first a file:// upload and then an FTP upload crashed libcurl
or at best caused furious valgrind complaints. Fixed now by making sure we
free and clear the file-specific struct properly when done with it.
2007-08-22 22:48:41 +00:00
Daniel Stenberg 381e372939 Bug report #1779054 (http://curl.haxx.se/bug/view.cgi?id=1779054) pointed
out that libcurl didn't deal with very long (>16K) FTP server response lines
properly. Starting now, libcurl will chop them off (thus the client app will
not get the full line) but survive and deal with them fine otherwise. Test
case 1003 was added to verify this.
2007-08-22 14:18:06 +00:00
Daniel Stenberg b132e865b9 Based on a patch by Christian Vogt, the FTP code now sets the upcoming
download transfer size much earlier to be possible to get read with
CURLINFO_CONTENT_LENGTH_DOWNLOAD as soon as possible.
2007-08-20 21:54:00 +00:00
Daniel Stenberg 1aa82decea - Robson Braga Araujo filed bug report #1776232
(http://curl.haxx.se/bug/view.cgi?id=1776232) about libcurl calling
  Curl_client_write(), passing on a const string that the caller may not
  modify and yet it does (on some platforms).
2007-08-17 22:31:51 +00:00
Daniel Stenberg 3217809294 Robson Braga Araujo filed bug report #1776235
(http://curl.haxx.se/bug/view.cgi?id=1776235) about ftp requests with NOBODY
on a directory would do a "SIZE (null)" request. This is now fixed and test
case 1000 was added to verify.
2007-08-17 22:22:43 +00:00
Daniel Stenberg 5a79532aee Song Ma provided a patch that cures a problem libcurl has when doing resume
HTTP PUT using Digest authentication. Test case 5320 and 5322 were also
added to verify the functionality.
2007-08-17 20:21:32 +00:00
Daniel Stenberg 2f8f12e82e Andrew Wansink provided an NTLM bugfix: in the case the server sets the flag
NTLMFLAG_NEGOTIATE_UNICODE, we need to filter it off because libcurl doesn't
unicode encode the strings it packs into the NTLM authenticate packet.
2007-08-14 10:28:21 +00:00
Daniel Stenberg 6d3701318d Allen Pulsifer provided a patch that makes libcurl set the expected download
size earlier when doing HTTP downloads, so that applications and the
progress meter etc know get the info earlier in the flow than before.
2007-08-11 21:05:13 +00:00
Daniel Stenberg d0edb47896 Patrick Monnerat modified the LDAP code and approach in curl. Starting now,
the configure script checks for openldap and friends and we link with those
libs just like we link all other third party libraries, and we no longer
dlopen() those libraries. Our private header file lib/ldap.h was renamed to
lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix)
just before this commit, just in case.
2007-08-11 20:57:54 +00:00
Dan Fandrich 668c204970 Song Ma noted a zlib memory leak in the illegal compressed header
countermeasures code path.
2007-08-08 17:51:40 +00:00
Daniel Stenberg 1926f4573d Patrick Monnerat fixed curl_easy_escape() and curlx_strtoll() to work on
non-ASCII systems.
2007-08-04 20:47:59 +00:00
Daniel Stenberg 5ec786b02e Scott Cantor filed bug report #1766320
(http://curl.haxx.se/bug/view.cgi?id=1766320) pointing out that the libcurl
code accessed two curl_easy_setopt() options (CURLOPT_DNS_CACHE_TIMEOUT and
CURLOPT_DNS_USE_GLOBAL_CACHE) as ints even though they're documented to be
passed in as longs, and that makes a difference on 64 bit architectures.
2007-08-02 20:10:28 +00:00
Daniel Stenberg 6f750f3b57 Dmitriy Sergeyev reported a regression: resumed file:// transfers broke
after 7.16.2. This is much due to the different treatment file:// gets
internally, but now I added test 231 to make it less likely to happen again
without us noticing!
2007-08-02 14:09:08 +00:00
Daniel Stenberg 50c10aa5bf Patrick Monnerat and I modified libcurl so that now it *copies* all strings
passed to it with curl_easy_setopt()! Previously it has always just refered
to the data, forcing the user to keep the data around until libcurl is done
with it. That is now history and libcurl will instead clone the given
strings and keep private copies.
2007-08-01 21:20:01 +00:00
Daniel Stenberg 006878686c Greg Morse reported a problem with POSTing using ANYAUTH to a server requiring
NTLM, and he provided test code and a test server and we worked out a bug
fix. We failed to count sent body data at times, which then caused internal
confusions when libcurl tried to send the rest of the data in order to
maintain the same connection alive.

(and then I did some minor reformatting of code in lib/http.c)
2007-08-01 12:58:04 +00:00
Daniel Stenberg 5b1bbffdff Peter O'Gorman pointed out (and fixed) that the non-blocking check in
configure made libcurl use blocking sockets on AIX 4 and 5, while that
wasn't the intention.
2007-07-30 22:53:18 +00:00
Daniel Stenberg 21d62118dc give credit to Greg Zavertnik 2007-07-30 20:07:43 +00:00
Daniel Stenberg f1fa7b8ba4 Bug report #1759542 (http://curl.haxx.se/bug/view.cgi?id=1759542). A bad use
of a socket after it has been closed, when the FTP-SSL data connection is taken
down.
2007-07-29 12:54:05 +00:00
Daniel Stenberg b3461bab1d Implemented the parts of Patrick Monnerat's OS/400 patch that introduces
support for the OS/400 Secure Sockets Layer library
2007-07-23 21:46:26 +00:00
Dan Fandrich 5ecd56d964 Implemented only the parts of Patrick Monnerat's OS/400 patch that renamed
some few internal identifiers to avoid conflicts, which could be useful on
other platforms.
2007-07-23 18:51:22 +00:00
Daniel Stenberg 9af807a5ce HTTP Digest auth fix on a re-used connection 2007-07-22 10:17:52 +00:00