1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 16:18:48 -05:00
Commit Graph

785 Commits

Author SHA1 Message Date
Daniel Stenberg
f49df54a36 7.15.1 with the now to be announced security flaw fixed 2005-12-06 23:05:51 +00:00
Daniel Stenberg
6513303498 Jamie Newton pointed out that libcurl's file:// code would close() a zero
file descriptor if given a non-existing file.
2005-12-01 23:42:03 +00:00
Daniel Stenberg
74e5beab9d Doug Kaufman's set of patches to make curl build fine on DJGPP again using
configure.
2005-11-24 10:22:46 +00:00
Daniel Stenberg
4022a60ea7 I extended a patch from David Shaw to make libcurl _always_ provide an error
string in the given error buffer to address the flaw mention on 21 sep 2005.
2005-11-17 14:29:54 +00:00
Daniel Stenberg
096675824f Applied Albert Chin's patch that makes the libcurl.pc pkgconfig file get
installed on 'make install' time.
2005-11-16 07:20:57 +00:00
Daniel Stenberg
92c0de518e Quagmire reported that he needed to raise a NTLM buffer for SSPI to work
properly for a case, and so we did. We raised it even for non-SSPI builds
but it should not do any harm. http://curl.haxx.se/bug/view.cgi?id=1356715
2005-11-14 22:10:52 +00:00
Daniel Stenberg
d52ed3fff2 Jan Kunder's debian bug report
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338680 identified a weird
error message for when you try to upload a file and the requested directory
doesn't exist on the target server.
2005-11-14 00:18:12 +00:00
Daniel Stenberg
adf462fe05 Debian bug report 338681 by Jan Kunder: make curl better detect and report bad
limit-rate units: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338681 Now
curl will return error if a bad unit is used.
2005-11-13 11:06:48 +00:00
Daniel Stenberg
c2862742ab Thanks to this nice summary of poll() implementations:
http://www.greenend.org.uk/rjk/2001/06/poll.html and further tests by Eugene
Kotlyarov, we now know that cygwin's poll returns only POLLHUP on remote
connection closure so we check for that case (too) and re-enable poll for
cygwin builds.
2005-11-13 09:24:06 +00:00
Daniel Stenberg
8a712eb5af Eugene Kotlyarov found out that cygwin's poll() function isn't doing things
right: http://curl.haxx.se/mail/archive-2005-11/0045.html so we now disable
poll() and use select() on cygwin too (we already do the same choice on Mac OS
X)
2005-11-12 22:49:19 +00:00
Daniel Stenberg
5e3836055f Dima Barsky patched problem #1348930: the GnuTLS code completely ignored
client certificates! (http://curl.haxx.se/bug/view.cgi?id=1348930).
2005-11-11 23:20:07 +00:00
Daniel Stenberg
ae9fbe573e David Lang fixed IPv6 support for TFTP! 2005-11-10 22:25:07 +00:00
Daniel Stenberg
bd8baed138 Introducing range stepping to the curl globbing support. Now you can specify
step counter by adding :[num] within the brackets when specifying a range.
2005-11-10 22:11:01 +00:00
Daniel Stenberg
cab59b4c32 Removed the use of AI_CANONNAME in the IPv6-enabled resolver functions since
we really have no use for reverse lookups of the address.

I truly hope these are the last reverse lookups we had lingering in the
code!
2005-11-08 14:45:58 +00:00
Daniel Stenberg
175335808b Dmitry Bartsevich discovered some issues in compatibilty of SSPI-enabled
version of libcurl with different Windows versions. Current version of
libcurl imports SSPI functions from secur32.dll. However, under Windows NT
4.0 these functions are located in security.dll, under Windows 9x - in
secur32.dll and Windows 2000 and XP contains both these DLLs (security.dll
just forwards calls to secur32.dll).

Dmitry's patch loads proper library dynamically depending on Windows
version. Function InitSecurityInterface() is used to obtain pointers to all
of SSPI function in one structure.
: ----------------------------------------------------------------------
2005-11-08 14:15:34 +00:00
Daniel Stenberg
b91421b107 Vilmos Nebehaj improved libcurl's LDAP abilities:
The LDAP code in libcurl can't handle LDAP servers of LDAPv3 nor binary
attributes in LDAP objects. So, I made a quick patch to address these
problems.

The solution is simple: if we connect to an LDAP server, first try LDAPv3
(which is the preferred protocol as of now) and then fall back to LDAPv2.
In case of binary attributes, we first convert them to base64, just like the
openldap client does. It uses ldap_get_values_len() instead of
ldap_get_values() to be able to retrieve binary attributes correctly. I
defined the necessary LDAP macros in lib/ldap.c to be able to compile
libcurl without the presence of libldap
2005-10-31 08:55:01 +00:00
Daniel Stenberg
966fa848a0 Nis Jorgensen filed bug report #1338648
(http://curl.haxx.se/bug/view.cgi?id=1338648) which really is more of a
feature request, but anyway. It pointed out that --max-redirs did not allow
it to be set to 0, which then would return an error code on the first
Location: found. Based on Nis' patch, now libcurl supports CURLOPT_MAXREDIRS
set to 0, or -1 for infinity. Added test case 274 to verify.
2005-10-27 22:05:38 +00:00
Daniel Stenberg
6f8fe67ace tommink[at]post.pl reported in bug report #1337723
(http://curl.haxx.se/bug/view.cgi?id=1337723) that curl could not upload
binary data from stdin on Windows if the data contained control-Z (hex 1a)
since that is treated as end-of-file when read in text mode. Gisle Vanem
pointed out the fix, and I made both -T and --data-binary take advantage of
it.
2005-10-27 21:02:01 +00:00
Daniel Stenberg
9d152a77fd Jaz Fresh pointed out that if you used "-r [number]" as was wrongly described
in the man page, curl would send an invalid HTTP Range: header. The correct
way would be to use "-r [number]-" or even "-r -[number]". Starting now,
curl will warn if this is discovered, and automatically append a dash to the
range before passing it to libcurl.
2005-10-27 12:05:36 +00:00
Daniel Stenberg
33dc28b905 multi IP socket description leak with multi interface 2005-10-25 14:05:21 +00:00
Daniel Stenberg
c890149c8c Dima Barsky reported a problem with GnuTLS-enabled libcurl in bug report
#1334338 (http://curl.haxx.se/bug/view.cgi?id=1334338). When reading an SSL
  stream from a server and the server requests a "rehandshake", the current
  code simply returns this as an error. I have no good way to test this, but
  I've added a crude attempt of dealing with this situation slightly better -
  it makes a blocking handshake if this happens. Done like this because fixing
  this the "proper" way (that would handshake asynchronously) will require
  quite some work and I really need a good way to test this to do such a
  change.
2005-10-22 21:05:07 +00:00
Daniel Stenberg
1a1ab2e2e8 "Ofer" reported a problem when libcurl re-used a connection and failed to do
it, it could then accidentally actually crash. Presumably, this concerns FTP
connections.  http://curl.haxx.se/bug/view.cgi?id=1330310
2005-10-21 21:00:44 +00:00
Daniel Stenberg
715b706caa Temprimus improved the MSVC makefile so that the static debug SSL libs are
linked to the executable and not to the libcurld.lib
http://curl.haxx.se/bug/view.cgi?id=1326676
2005-10-21 19:32:12 +00:00
Daniel Stenberg
bfa9c42c25 Bradford Bruce made the windows resolver code properly return
CURLE_COULDNT_RESOLVE_PROXY and CURLE_COULDNT_RESOLVE_HOST on resolving
errors (as documented).
2005-10-21 19:21:19 +00:00
Daniel Stenberg
be9c873a6e Dave Dribin made libcurl understand and handle cases when the server
(wrongly) sends *two* WWW-Authenticate headers for Digest. While this should
never happen in a sane world, libcurl previously got into an infinite loop
when this occurred. Dave added test 273 to verify this.
2005-10-20 20:07:32 +00:00
Daniel Stenberg
0c6bb8cb66 Temprimus improved the MSVC makefile: "makes a build option available so if
you set rtlibcfg=static for the make, then it would build with /MT. The
default behaviour is /MD (the original)."
http://curl.haxx.se/bug/view.cgi?id=1326665
2005-10-20 19:07:33 +00:00
Daniel Stenberg
f335bac8a3 Reverted the LIBCURL_VERSION_NUM change from October 6. As Dave Dribin
reported, the define is used by the configure script and is assumed to use
the 0xYYXXZZ format. This made "curl-config --vernum" fail in the 7.15.0
release version.
2005-10-14 21:21:51 +00:00
Daniel Stenberg
96cec4dfd7 7.15.0 time 2005-10-13 08:19:09 +00:00
Daniel Stenberg
934d312f50 mention the recent fixes 2005-10-05 09:15:20 +00:00
Daniel Stenberg
db83a0ebbc Michael Wallner reported that the date parser had wrong offset stored for
the MEST and CEST time zones.
2005-10-04 18:15:33 +00:00
Daniel Stenberg
e19ee2d102 David Yan brought the Content-Range report 2005-09-27 20:22:13 +00:00
Daniel Stenberg
b4c53e2cfd An anonymous submitter filed bug #1299181
(http://curl.haxx.se/bug/view.cgi?id=1299181) that identified a silly problem
with Content-Range: headers with the 'bytes' keyword written in a different
case than all lowercase! It would cause a segfault!
2005-09-27 09:13:39 +00:00
Daniel Stenberg
a2902de67c TJ Saunders of the proftpd project identified and pointed out problems with
the modified FTPS negotiation change of August 19 2005. Thus, we revert the
change back to pre-7.14.1 status.
2005-09-27 08:46:54 +00:00
Daniel Stenberg
a2210d23c3 three debian bug reports addressed 2005-09-21 11:29:03 +00:00
Daniel Stenberg
3fe5311967 Dmitry Bartsevich made the SSPI support work on Windows 9x as well 2005-09-19 21:45:16 +00:00
Daniel Stenberg
d0a4104c0c recent changes 2005-09-16 21:03:26 +00:00
Daniel Stenberg
a1287ec64f added URLs to bug reports 2005-09-16 07:18:25 +00:00
Daniel Stenberg
e8635044b5 Now curl warns if an unknown variable is used in the -w/--writeout argument. 2005-09-06 13:27:18 +00:00
Daniel Stenberg
3e6ae6eeb8 mention the recent improvements 2005-09-04 22:10:03 +00:00
Daniel Stenberg
56d9624b56 John Kelly added TFTP support to libcurl. A bunch of new error codes was
added. TODO: add them to docs. add TFTP server to test suite. add TFTP to
list of protocols whereever those are mentioned.
2005-09-02 15:11:08 +00:00
Daniel Stenberg
6e1a986e0f 7.14.1 coming right up 2005-09-01 20:54:00 +00:00
Daniel Stenberg
32330300a9 Kevin Lussier pointed out a problem with curllib.dsp 2005-08-29 21:04:26 +00:00
Daniel Stenberg
87bbd13899 Igor Polyakov fixed a rather nasty problem with the threaded name resolver
for Windows, that could lead to an Access Violation when the multi interface
was used due to an issue with how the resolver thread was and was not
terminated.
2005-08-29 14:23:53 +00:00
Daniel Stenberg
5effe8f336 Simon Josefson brought GNU GSS support 2005-08-29 08:42:45 +00:00
Daniel Stenberg
a4773fcbbb Toby Peterson added CURLOPT_IGNORE_CONTENT_LENGTH to the library, accessible
from the command line tool with --ignore-content-length. This will make it
easier to download files from Apache 1.x (and similar) servers that are
still having problems serving files larger than 2 or 4 GB. When this option
is enabled, curl will simply have to wait for the server to close the
connection to signal end of transfer. I wrote test case 269 that runs a
simple test that this works.
2005-08-24 10:57:28 +00:00
Daniel Stenberg
1e038c4bc6 valgrind version 3 renames the --logfile command line option to --log-file... 2005-08-24 10:49:57 +00:00
Daniel Stenberg
432dfe2b8f Fixed CA cert verification using GnuTLS with the default bundle, which
previously failed due to GnuTLS not allowing x509 v1 CA certs by default.
2005-08-24 07:40:13 +00:00
Daniel Stenberg
710ee3b0e0 Norbert Novotny had problems with FTPS and he helped me work out a patch
that made curl run fine in his end. The key was to make sure we do the
SSL/TLS negotiation immediately after the TCP connect is done and not after
a few other commands have been sent like we did previously. I don't consider
this change necessary to obey the standards, I think this server is pickier
than what the specs allow it to be, but I can't see how this modified
libcurl code can add any problems to those who are interpreting the
standards more liberally.
2005-08-19 14:41:09 +00:00
Daniel Stenberg
a676c18502 - Jeff Pohlmeyer found out that if you ask libcurl to load a cookiefile (with
CURLOPT_COOKIEFILE), add a cookie (with CURLOPT_COOKIELIST), tell it to
  write the result to a given cookie jar and then never actually call
  curl_easy_perform() - the given file(s) to read was never read but the
  output file was written and thus it caused a "funny" result.

- While doing some tests for the bug above, I noticed that Firefox generates
  large numbers (for the expire time) in the cookies.txt file and libcurl
  didn't treat them properly. Now it does.
2005-08-17 08:55:43 +00:00
Daniel Stenberg
fd704f8de0 recent changes 2005-08-15 21:48:36 +00:00