1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-13 13:05:03 -05:00
Commit Graph

1667 Commits

Author SHA1 Message Date
Kamil Dudka
5907777153 curl -T: ignore file size of special files
original bug report at https://bugzilla.redhat.com/622520
2010-08-15 11:26:13 +02:00
Daniel Stenberg
4342a2087a release cycle loop: start over toward 7.21.2 2010-08-11 23:57:44 +02:00
Daniel Stenberg
8249b0522d RELEASE-NOTES: mention the runtests fix as well 2010-08-11 23:35:02 +02:00
Daniel Stenberg
2596eb6d19 RELEASE-NOTES: synced, 3 additional bugfixes 2010-08-10 23:34:03 +02:00
Daniel Stenberg
15201da4ca RELEASE-NOTES: synced with recent changes 2010-08-07 00:24:04 +02:00
Daniel Stenberg
52beeb2c9f RELEASE-NOTES: synced with recent changes 2010-08-03 00:00:01 +02:00
Daniel Stenberg
c8d42b2f1c --retry: access violation with URL part sets continued
When getting multiple URLs, curl didn't properly reset the byte counter
after a successful transfer so if the subsequent transfer failed it
would wrongly use the previous byte counter and behave badly (segfault)
because of that. The code assumes that the byte counter and the 'stream'
pointer is well in synch.

Reported by: Jon Sargeant
Bug: http://curl.haxx.se/bug/view.cgi?id=3028241
2010-07-14 23:50:01 +02:00
Daniel Stenberg
84332b60b9 releasnote: synch up with commit f3b77e5611 2010-07-14 00:40:20 +02:00
Kamil Dudka
f3b77e5611 http_ntlm: add support for NSS
When configured with '--without-ssl --with-nss', NTLM authentication
now uses NSS crypto library for MD5 and DES.  For MD4 we have a local
implementation in that case.  More details are available at
https://bugzilla.redhat.com/603783

In order to get it working, curl_global_init() must be called with
CURL_GLOBAL_SSL or CURL_GLOBAL_ALL.  That's necessary because NSS needs
to be initialized globally and we do so only when the NSS library is
actually required by protocol.  The mentioned call of curl_global_init()
is responsible for creating of the initialization mutex.

There was also slightly changed the NSS initialization scenario, in
particular, loading of the NSS PEM module.  It used to be loaded always
right after the NSS library was initialized.  Now the library is
initialized as soon as any SSL or NTLM is required, while the PEM module
is prevented from being loaded until the SSL is actually required.
2010-06-30 13:12:25 +02:00
Daniel Stenberg
89924a897d glob: backslash escaping bug
curl didn't properly handle escaping characters in a URL with the use of
backslash. It did an attempt, but that failed as reported in bug
3022551. The described example was using the URL
"http://example.com?{AB,C\,D}".

I've now removed the special-handling of letters following the backslash
and I also removed the bad extra check that triggered this particular
bug.

Bug: http://curl.haxx.se/bug/view.cgi?id=3022551
Reported by: Jon Sargeant
2010-06-29 00:22:11 +02:00
Daniel Stenberg
bcefe839c7 release-notes: sync up with recent commits 2010-06-29 00:13:04 +02:00
Daniel Stenberg
7eecfb536a release: start on 7.21.1, bump contributor count 2010-06-16 14:29:16 +02:00
Constantine Sapuntzakis
a0dd9df9ab OpenSSL: fix spurious SSL connection aborts
Was seeing spurious SSL connection aborts using libcurl and
OpenSSL. I tracked it down to uncleared error state on the
OpenSSL error stack - patch attached deals with that.

Rough idea of problem:

Code that uses libcurl calls some library that uses OpenSSL but
don't clear the OpenSSL error stack after an error.

ssluse.c calls SSL_read which eventually gets an EWOULDBLOCK from
the OS. Returns -1 to indicate an error

ssluse.c calls SSL_get_error. First thing, SSL_get_error calls
ERR_get_error to check the OpenSSL error stack, finds an old
error and returns SSL_ERROR_SSL instead of SSL_ERROR_WANT_READ or
SSL_ERROR_WANT_WRITE.

ssluse.c returns an error and aborts the connection

Solution:

Clear the openssl error stack before calling SSL_* operation if
we're going to call SSL_get_error afterwards.

Notes:

This is much more likely to happen with multi because it's easier
to intersperse other calls to the OpenSSL library in the same
thread.
2010-06-05 23:41:58 +02:00
Frank Meier
8098d9417c getinfo: added *_PRIMARY_PORT, *_LOCAL_IP and *_LOCAL_PORT 2010-06-05 00:31:36 +02:00
Daniel Stenberg
605207a3a6 RELEASE-NOTES: add contributors not mentioned 2010-06-04 16:13:05 +02:00
Yang Tse
43d20d81a5 Enable OpenLDAP support for cygwin builds.
Enable OpenLDAP support for cygwin builds. This support was disabled back
in 2008 due to incompatibilities between OpenSSL and OpenLDAP headers.
cygwin's OpenSSL 0.9.8l and OpenLDAP 2.3.43 versions on cygwin 1.5.25
allow building an OpenLDAP enabled libcurl supporting back to Windows 95.

Remove non-functional CURL_LDAP_HYBRID code and references.
2010-06-04 15:14:31 +02:00
Daniel Stenberg
684830cb2a SSH: corrected the inability to respect the timeout
Jason McDonald posted bug report #3006786 when he found that the
SFTP code didn't timeout properly in several places in the code
even if a timeout was set properly.

Based on his suggested patch, I wrote a different implementation
that I think addressed the issue better and also uses the connect
timeout for the initial part of the SSH/SFTP done during the
"protocol connect" phase.

(http://curl.haxx.se/bug/view.cgi?id=3006786)
2010-06-02 23:33:51 +02:00
Daniel Stenberg
2c72732ebf multi_socket: handles timer inaccuracy better for timeouts
Igor Novoseltsev reported a problem with the multi socket API and
using timeouts and timers. It boiled down to a problem with
libcurl's use of GetTickCount() interally to figure out the
current time, while Igor's own application code used another
function call.

It made his app call the socket API timeout function a bit
_before_ libcurl would consider the timeout to trigger, and that
could easily lead to timeouts or stalls in the app. It seems
GetTickCount() in general often has no better resolution than
16ms and switching to the alternative function
QueryPerformanceCounter has its share of problems:
http://www.virtualdub.org/blog/pivot/entry.php?id=106

We address this problem by simply having libcurl treat timers
that already has occured or will occur within 40ms subject for
treatment. I'm confident that there are other implementations and
operating systems with similarly in accurate timer functions so
it makes sense to have applied generically and I don't believe we
sacrifice much by adding a 40ms inaccuracy on these timeouts.
2010-06-01 23:20:16 +02:00
Howard Chu
2e056353b0 LDAP: properly implemented as a curl_handler
makes the LDAP code much cleaner, nicer and in general being a
better libcurl citizen. If a new enough OpenLDAP version is
detect, the new and shiny lib/openldap.c code is then used
instead of the old cruft

Code by Howard, minor cleanups by Daniel.
2010-05-25 00:44:42 +02:00
Daniel Stenberg
0a29e2445c TFTP: block id wrap bug fix
In a normal expression, doing [unsigned short] + 1 will not wrap
at 16 bits so the comparisons and outputs were done wrong. I
added a macro do make sure it gets done right.

Douglas Kilpatrick filed bug report #3004787 about it:
http://curl.haxx.se/bug/view.cgi?id=3004787
2010-05-21 23:04:15 +02:00
Tor Arntsen
5f53c9d94a lib: Fix AIX build failure 2010-05-19 22:09:35 +02:00
Daniel Stenberg
aabd27d9aa TFTP: send timeout option correctly
Eric Mertens posted bug report #3003005 pointing out that the
libcurl TFTP code was not sending the timeout option properly to
the server, and suggested a fix.

(http://curl.haxx.se/bug/view.cgi?id=3003005)
2010-05-18 23:14:00 +02:00
Kamil Dudka
2ffe834bff ftp wildcard: a new option CURLOPT_FNMATCH_DATA 2010-05-16 02:52:33 +02:00
Daniel Stenberg
77cfeadfa6 OpenSSL: multi interface handshake could hang
John-Mark Bell filed bug #3000052 that identified a problem (with
an associated patch) with the OpenSSL handshake state machine
when the multi interface is used:

Performing an https request using a curl multi handle and using
select or epoll to wait for events results in a hang. It appears
that the cause is the fix for bug #2958179, which makes
ossl_connect_common unconditionally return from the step 2 loop
when fetching from a multi handle.

When ossl_connect_step2 has completed, it updates
connssl->connecting_state to ssl_connect_3. ossl_connect_common
will then return to the caller, as a multi handle is in
use. Eventually, the client code will call curl_multi_fdset to
obtain an updated fdset to select or epoll on. For https
requests, curl_multi_fdset will cause https_getsock to be called.
https_getsock will only return a socket handle if the
connecting_state is ssl_connect_2_reading or
ssl_connect_2_writing.  Therefore, the client will never obtain a
valid fdset, and thus not drive the multi handle, resulting in a
hang.

(http://curl.haxx.se/bug/view.cgi?id=3000052)
2010-05-14 22:35:08 +02:00
Daniel Stenberg
7764795c06 follow redirect: ignore response-body on redirect even if compressed
Sebastian V reported bug #3000056 identifying a problem with
redirect following. It showed that when curl followed redirects
it didn't properly ignore the response body of the 30X response
if that response was using compressed Content-Encoding!

(http://curl.haxx.se/bug/view.cgi?id=3000056)
2010-05-14 22:12:07 +02:00
Daniel Stenberg
46b9719bbb changelogs: mention RTMP and the FTP wildcard support 2010-05-13 00:00:55 +02:00
Kamil Dudka
016ce4b1da changelog: fixed CRL support in libcurl-NSS 2010-05-11 14:53:07 +02:00
Daniel Stenberg
adaf87530d multi interface: missed storing connection time
Dirk Manske reported a regression. When connecting with the multi
interface, there were situations where libcurl wouldn't store
connect time correctly as it used to (and is documented to) do.

Using his fine sample program we could repeat it, and I wrote up
test case 573 using that code. The problem does not easily show
itself using the local test suite though.

The fix, also as suggested by Dirk, is a bit on the ugly side as
it adds yet another call to Curl_verboseconnect() and setting the
TIMER_CONNECT time.  That situation is subject for some closer
inspection in the future.
2010-05-07 23:49:29 +02:00
Daniel Stenberg
aca0fff4e1 changelogs: split the I/O handling 2010-05-07 15:53:55 +02:00
Daniel Stenberg
cb6647ce1c changelog: PolarSSL 2010-05-05 22:36:15 +02:00
Daniel Stenberg
16f575ee6c changelog: mention Ben Greear's telnet work 2010-04-29 09:40:48 +02:00
Daniel Stenberg
79dc74e84d new configure option --enable-threaded-resolver 2010-04-25 23:24:05 +02:00
Kamil Dudka
82e9b78a38 nss: fix SSL handshake timeout underflow 2010-04-24 23:23:01 +02:00
Daniel Stenberg
9d6a394c44 RELEASE-NOTES: update top numbers 2010-04-24 12:23:47 +02:00
Daniel Stenberg
d7b82baf97 changelog: added the --proto and -proto-redir options 2010-04-24 12:19:42 +02:00
Daniel Stenberg
71be565cf4 curl: -O crash on windows
The -O option caused curl to crash on windows and DOS due to the
tool writing out of boundary memory.
2010-04-21 23:20:18 +02:00
Ruslan Gazizov
2164b6b463 replaced wsock32.lib usage with ws2_32.lib in MSVC makefiles 2010-04-20 16:30:10 +02:00
Daniel Stenberg
e5b3246d0a changelog: -J/--remote-header-name strips CRLF 2010-04-19 17:08:27 +02:00
Daniel Stenberg
0a4ccce054 changelog: GnuTLS: SSL handshake phase is non-blocking 2010-04-16 22:45:06 +02:00
Daniel Stenberg
0338994c6a changelog: GnuTLS fix, no reverse loopkups and fixed GSS detection 2010-04-16 15:33:10 +02:00
Daniel Stenberg
689b6929c3 changelog: prevent needless reverse name lookups 2010-04-15 13:11:25 +02:00
Daniel Stenberg
72411118ec bumped to start the journey towards 7.20.2 2010-04-14 17:34:26 +02:00
Daniel Stenberg
02892e4fd8 FTP quote commands prefixed with '*' now can fail without aborting
Prefixing the FTP quote commands with an asterisk really only
worked for the postquote actions. This is now fixed and test case
227 has been extended to verify.
2010-04-09 16:54:52 +02:00
Daniel Stenberg
78b284014b updated contributor count 2010-04-02 17:12:58 +02:00
Daniel Stenberg
49f3160d69 fix SFTP download hang
Matt Wixson found and fixed a bug in the SCP/SFTP area where the
code treated a 0 return code from libssh2 to be the same as
EAGAIN while in reality it isn't. The problem caused a hang in
SFTP transfers from a MessageWay server.
2010-04-01 22:39:15 +02:00
Daniel Stenberg
604a2bdac8 Ben's POP3 change 2010-03-28 23:52:37 +02:00
Daniel Stenberg
7784e3309d minor language fix 2010-03-27 23:05:06 +01:00
Ben Greear
0eda142e90 allow user+password in the URL for all protocols
Ben Greear brought a patch that from now on allows all protocols
to specify name and user within the URL, in the same manner HTTP
and FTP have been allowed to in the past - although far from all
of the libcurl supported protocols actually have that feature in
their URL definition spec.
2010-03-27 23:00:51 +01:00
Daniel Stenberg
2b0c2ac49c changelogged: smoother rate limiting 2010-03-26 23:35:24 +01:00
Bob Richmond
05632d5db9 fix: timeout after last data chunk was handled
Bob Richmond: There's an annoying situation where libcurl will
read new HTTP response data from a socket, then check if it's a
timeout if one is set. If the last packet received constitutes
the end of the response body, libcurl still treats it as a
timeout condition and reports a message like:

"Operation timed out after 3000 milliseconds with 876 out of 876
bytes received"

It should only a timeout if the timer lapsed and we DIDN'T
receive the end of the response body yet.
2010-03-24 17:02:17 +01:00
Daniel Stenberg
9828b926ae RTSP GET_PARAMETER fix
Christopher Conroy fixed a problem with RTSP and GET_PARAMETER
reported to us by Massimo Callegari. There's a new test case 572
that verifies this now.
2010-03-24 13:28:02 +01:00
Daniel Stenberg
dd0c31ce38 The 'ares' subtree has been removed from the source repository 2010-03-24 10:47:48 +01:00
Daniel Stenberg
4b351d018e mark connection as connected
Kenny To filed the bug report #2963679 with patch to fix a
problem he experienced with doing multi interface HTTP POST over
a proxy using PROXYTUNNEL. He found a case where it would connect
fine but bits.tcpconnect was not set correct so libcurl didn't
work properly.

(http://curl.haxx.se/bug/view.cgi?id=2963679)
2010-03-23 23:30:39 +01:00
Daniel Stenberg
7fd32ce73d chunked-encoding with Content-Length: header problem
Akos Pasztory filed debian bug report #572276
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572276
mentioning a problem with a resource that returns chunked-encoded
_and_ with a Content-Length and libcurl failed to properly ignore
the latter information.
2010-03-23 15:26:45 +01:00
Daniel Stenberg
2a94293efd delayed easy handle kill caused double Curl_close() call
Hauke Duden provided an example program that made the multi
interface crash.  His example simply used the multi interface and
did first one FTP transfer and after completion it used a second
easy handle and did another FTP transfer on the same FTP server.

This triggered a bug in the "delayed easy handle kill" system
that curl uses: when an FTP connection is left alive it must keep
an easy handle around internally - only for the purpose of having
an easy handle when it later disconnects it. The code assumed
that when the easy handle was removed and an internal reference
was made, that version could be killed later on when a new easy
handle came using the same connection. This was wrong as Hauke's
example showed that the removed handle wasn't killed for real
until later. This caused a double close attempt => segfault.
2010-03-23 13:18:30 +01:00
Daniel Stenberg
d4cd5411a6 Thomas Lopatic fixed the alarm()-based DNS timeout 2010-03-22 22:00:55 +01:00
douglas steinwand
abcea311e3 Fix insufficient initialization in Curl_clone_ssl_config()
which could have caused a double free when reusing curl handle.
2010-03-22 09:25:03 +01:00
Daniel Stenberg
3d3900f032 Ben Greear's two fixes explained 2010-03-21 23:34:29 +01:00
Daniel Stenberg
733f794cb8 - Constantine Sapuntzakis brought a patch:
The problem mentioned on Dec 10 2009
  (http://curl.haxx.se/bug/view.cgi?id=2905220) was only partially fixed.
  Partially because an easy handle can be associated with many connections in
  the cache (e.g. if there is a redirect during the lifetime of the easy
  handle).  The previous patch only cleaned up the first one. The new fix now
  removes the easy handle from all connections, not just the first one.
2010-03-15 22:40:42 +00:00
Daniel Stenberg
e262aaae2b - Ben Greear brought a patch that fixed the rate limiting logic for TFTP when
the easy interface was used.
2010-03-06 18:42:06 +00:00
Daniel Stenberg
f5d8c0befc Daniel Johnson provided fixes for building with the clang compiler 2010-03-05 22:53:30 +00:00
Yang Tse
f4551a9678 Constantine Sapuntzakis detected and fixed a double free in builds done
with threaded resolver enabled (Windows default configuration) that would
get triggered when a curl handle is closed while doing DNS resolution.
2010-03-05 03:15:19 +00:00
Daniel Stenberg
013d5a72d4 - [Daniel Johnson] I've been trying to build libcurl with clang on Darwin and
ran into some issues with the GSSAPI tests in configure.ac. The tests first
  try to determine the include dirs and libs and set CPPFLAGS and LIBS
  accordingly. It then checks for the headers and finally sets LIBS a second
  time, causing the libs to be included twice. The first setting of LIBS seems
  redundant and should be left out, since the first part is otherwise just
  about finding headers.

  My second issue is that 'krb5-config --libs gssapi' on Darwin is less than
  useless and returns junk that, while it happens to work with gcc, causes
  clang to choke. For example, --libs returns $CFLAGS along with the libs,
  which is really retarded. Simply setting 'LIBS="$LIBS -lgssapi_krb5
  -lresolv"' on Darwin is sufficient.
2010-03-02 22:02:56 +00:00
Daniel Stenberg
9b2cce236f - Based on patch provided by Jacob Moshenko, the transfer logic now properly
makes sure that when using sub-second timeouts, there's no final bad 1000ms
  wait. Previously, a sub-second timeout would often make the elapsed time end
  up the time rounded up to the nearest second (e.g. 1s for 200ms timeout)
2010-03-02 21:20:22 +00:00
Daniel Stenberg
6bf071df7e - Andrei Benea filed bug report #2956698 and pointed out that the
CURLOPT_CERTINFO feature leaked memory due to a missing OpenSSL function
  call. He provided the patch to fix it too.

  http://curl.haxx.se/bug/view.cgi?id=2956698
2010-03-02 13:41:18 +00:00
Daniel Stenberg
7c028a8332 - Markus Duft pointed out in bug #2961796 that even though Interix has a
poll() function it doesn't quite work the way we want it so we must disable
  it, and he also provided a patch for it.

  http://curl.haxx.se/bug/view.cgi?id=2961796
2010-03-02 13:34:57 +00:00
Daniel Stenberg
13ac29382f - Made the pingpong timeout code properly deal with the response timeout AND
the global timeout if set. Also, as was reported in the bug report #2956437
  by Ryan Chan, the time stamp to use as basis for the per command timeout was
  not set properly in the DONE phase for FTP (and not for SMTP) so I fixed
  that just now. This was a regression compared to 7.19.7 due to the
  conversion of FTP code over to the generic pingpong concepts.

  http://curl.haxx.se/bug/view.cgi?id=2956437
2010-03-02 13:26:23 +00:00
Daniel Stenberg
53aa6b21fe - Ben Greear provided an update for TFTP that fixes upload. 2010-03-01 22:14:47 +00:00
Daniel Stenberg
7842704ee7 SSL, not SSH, SSL 2010-03-01 22:10:55 +00:00
Daniel Stenberg
496002ea1c - Wesley Miaw reported bug #2958179 which identified a case of looping during
OpenSSL based SSL handshaking even though the multi interface was used and
  there was no good reason for it.

  http://curl.haxx.se/bug/view.cgi?id=2958179
2010-03-01 21:59:07 +00:00
Daniel Stenberg
03a57308b9 - Pat Ray in bug #2958474 pointed out an off-by-one case when receiving a
chunked-encoding trailer.

  http://curl.haxx.se/bug/view.cgi?id=2958474
2010-02-26 22:55:30 +00:00
Yang Tse
6a8aa246ff Fixed bug report #2958074 indicating
(http://curl.haxx.se/bug/view.cgi?id=2958074) that curl on Windows with
option --trace-time did not use local time when timestamping trace lines.
This could also happen on other systems depending on time souurce.
2010-02-25 06:59:04 +00:00
Daniel Stenberg
a4a60afabb - Fixed the SMTP compliance by making sure RCPT TO addresses are specified
properly in angle brackets. Recipients provided with CURLOPT_MAIL_RCPT now
  get angle bracket wrapping automatically by libcurl unless the recipient
  starts with an angle bracket as then the app is assumed to deal with that
  properly on its own.
2010-02-20 22:29:59 +00:00
Daniel Stenberg
a434cb43e8 - I made the SMTP code expect a 250 response back from the server after the
full DATA has been sent, and I modified the test SMTP server to also send
  that response. As usual, the DONE operation that is made after a completed
  transfer is still not doable in a non-blocking way so this waiting for 250
  is unfortunately made blockingly.
2010-02-20 21:56:48 +00:00
Daniel Stenberg
b4ff6d3007 - Martin Hager reported and fixed a problem with a missing quote in libcurl.m4
(http://curl.haxx.se/bug/view.cgi?id=2951319)
2010-02-13 21:30:16 +00:00
Daniel Stenberg
c703d01a23 - Tom Donovan fixed the CURL_FORMAT_* defines when building with cmake. 2010-02-13 17:51:30 +00:00
Daniel Stenberg
975814368a - Jack Zhang reported a problem with SMTP: we wrongly used multiple addresses
in the same RCPT TO line, when they should be sent in separate single
  commands. I updated test case 802 to verify this.

- I also fixed a bad use of my_setopt_str() of CURLOPT_MAIL_RCPT in the curl
  tool which made it try to output it as string for the --libcurl feature
  which could lead to crashes.
2010-02-12 22:23:46 +00:00
Yang Tse
c3b87d1b4f mention last changes 2010-02-11 07:36:34 +00:00
Daniel Stenberg
77066c6e47 start working on 7.20.1 2010-02-09 11:37:10 +00:00
Daniel Stenberg
06ae8ca5a6 - When downloading compressed content over HTTP and the app as asked libcurl
to automatically uncompress it with the CURLOPT_ENCODING option, libcurl
  could wrongly provide the callback with more data than what the maximum
  documented amount. An application could thus get tricked into badness if the
  maximum limit was trusted to be enforced by libcurl itself (as it is
  documented).

  This is further detailed and explained in the libcurl security advisory
  20100209 at

    http://curl.haxx.se/docs/adv_20100209.html
2010-02-09 09:35:48 +00:00
Yang Tse
49ba75af26 - Symbol CURL_FORMAT_OFF_T now obsoleted, will be removed in a future release,
symbol will not be available when building with CURL_NO_OLDIES defined. Use
  of CURL_FORMAT_CURL_OFF_T is preferred since 7.19.0
2010-02-02 12:58:49 +00:00
Daniel Stenberg
55f1e787f3 We introduce a loop in lib/multi.c around all calls to multi_runsingle() and
simply check for CURLM_CALL_MULTI_PERFORM internally. This has the added
benefit that this goes in line with my long-term wishes to get rid of the
CURLM_CALL_MULTI_PERFORM all together from the public API.
2010-02-01 21:42:44 +00:00
Yang Tse
3cb76e5ebb mention asynchronous DNS lookups enhancements 2010-01-27 18:10:35 +00:00
Daniel Stenberg
c82a1f95eb - Mike Crowe made libcurl return CURLE_COULDNT_RESOLVE_PROXY when it is the
proxy that cannot be resolved when using c-ares. This matches the behaviour
  when not using c-ares.
2010-01-26 22:59:43 +00:00
Bjorn Stenberg
94f33457d3 Mention -J change 2010-01-23 20:14:39 +00:00
Daniel Stenberg
bc4582b68a Chris Conroy brought support for RTSP transfers, and with it comes 8(!) new
libcurl options for controlling what to get and how to receive posssibly
interleaved RTP data. Initial commit.
2010-01-21 13:58:30 +00:00
Daniel Stenberg
877dad1e24 - As was pointed out on the http-state mailing list, the order of cookies in a
HTTP Cookie: header _needs_ to be sorted on the path length in the cases
  where two cookies using the same name are set more than once using
  (overlapping) paths. Realizing this, identically named cookies must be
  sorted correctly. But detecting only identically named cookies and take care
  of them individually is harder than just to blindly and unconditionally sort
  all cookies based on their path lengths. All major browsers also already do
  this, so this makes our behavior one step closer to them in the cookie area.

  Test case 8 was the only one that broke due to this change and I updated it
  accordingly.
2010-01-19 23:19:59 +00:00
Daniel Stenberg
a5ca3f1754 - David McCreedy brought a fix and a new test case (129) to make libcurl work
again when downloading files over FTP using ASCII and it turns out that the
  final size of the file is not the same as the initial size the server
  reported. This is very common since servers don't take the newline
  conversions into account.
2010-01-19 21:39:10 +00:00
Daniel Stenberg
1647d64a4b - Gil Weber reported a peculiar flaw with the multi interface when doing SFTP
transfers: curl_multi_fdset() would return -1 and not set and file
  descriptors several times during a transfer of a single file. It turned out
  to be due to two different flaws now fixed. Gil's excellent recipe helped me
  nail this.
2010-01-11 23:15:10 +00:00
Daniel Stenberg
cb348a5b1f progress callback called repeatedly during slow connects 2010-01-11 21:38:35 +00:00
Daniel Stenberg
b90703f594 struct Curl_sh_entry's 'inuse' member was no longer used and is now removed 2010-01-09 00:03:33 +00:00
Daniel Stenberg
552c3de357 - Johan van Selst found and fixed a OpenSSL session ref count leak:
ossl_connect_step3() increments an SSL session handle reference counter on
  each call. When sessions are re-used this reference counter may be
  incremented many times, but it will be decremented only once when done (by
  Curl_ossl_session_free()); and the internal OpenSSL data will not be freed
  if this reference count remains positive. When a session is re-used the
  reference counter should be corrected by explicitly calling
  SSL_SESSION_free() after each consecutive SSL_get1_session() to avoid
  introducing a memory leak.

  (http://curl.haxx.se/bug/view.cgi?id=2926284)
2010-01-08 23:45:23 +00:00
Daniel Stenberg
88944eb13a - Make sure the progress callback is called repeatedly even during very slow
name resolves when c-ares is used for resolving.
2010-01-06 23:04:17 +00:00
Claes Jakobsson
9bd03483ce Julien Chaffraix fixed so that the fragment part in an URL is not sent to the server anymore 2010-01-06 16:01:48 +00:00
Daniel Stenberg
2c93ec5303 - Make curl support --ssl and --ssl-reqd instead of the previous FTP-specific
versions --ftp-ssl and --ftp-ssl-reqd as these options are now used to
  control SSL/TLS for IMAP, POP3 and SMTP as well in addition to FTP. The old
  option names are still working but the new ones are the prefered ones
  (listed and documented).
2010-01-02 22:09:31 +00:00
Daniel Stenberg
605bbfc4c0 - Ingmar Runge enhanced libcurl's FTP engine to support the PRET command. This
command is a special "hack" used by the drftpd server, but even though it is
  a custom extension I've deemed it fine to add to libcurl since this server
  seems to survive and people keep using it and want libcurl to support
  it. The new libcurl option is named CURLOPT_FTP_USE_PRET, and it is also
  usable from the curl tool with --ftp-pret. Using this option on a server
  that doesn't support this command will make libcurl fail.
2010-01-01 14:44:44 +00:00
Yang Tse
05488d63d0 VMS build system enhancements by Steven M. Schweda and Craig A. Berry 2009-12-30 19:37:53 +00:00
Daniel Stenberg
b89789d82f - Renato Botelho and Peter Pentchev brought a patch that makes the libcurl
headers work correctly even on FreeBSD systems before v8.
2009-12-25 23:32:01 +00:00
Daniel Stenberg
240fa29e94 fixed a precaution check in the cookie code, pointed out by Julien Chaffraix 2009-12-19 19:20:26 +00:00
Daniel Stenberg
10a11e3abe - David Byron fixed Curl_ossl_cleanup to actually call ENGINE_cleanup when
available.
2009-12-17 13:29:41 +00:00
Daniel Stenberg
3111701c38 - Jon Nelson found a regression that turned out to be a flaw in how libcurl
detects and uses proxies based on the environment variables. If the proxy
  was given as an explicit option it worked, but due to the setup order
  mistake proxies would not be used fine for a few protocols when picked up
  from '[protocol]_proxy'. Obviously this broke after 7.19.4. I now also added
  test case 1106 that verifies this functionality.

  (http://curl.haxx.se/bug/view.cgi?id=2913886)
2009-12-14 23:16:09 +00:00
Daniel Stenberg
43fefab2a1 IMAP, POP3 and SMTP support 2009-12-12 22:05:11 +00:00
Daniel Stenberg
296ebf382c - Siegfried Gyuricsko found out that the curl manual said --retry would retry
on FTP errors in the transient 5xx range. Transient FTP errors are in the
  4xx range. The code itself only tried on 5xx errors that occured _at login_.
  Now the retry code retries on all FTP transfer failures that ended with a
  4xx response.

  (http://curl.haxx.se/bug/view.cgi?id=2911279)
2009-12-10 21:02:11 +00:00
Daniel Stenberg
315253b367 - Constantine Sapuntzakis figured out a case which would lead to libcurl
accessing alredy freed memory and thus crash when using HTTPS (with
  OpenSSL), multi interface and the CURLOPT_DEBUGFUNCTION and a certain order
  of cleaning things up. I fixed it.

  (http://curl.haxx.se/bug/view.cgi?id=2891591)
2009-12-10 20:20:15 +00:00
Daniel Stenberg
ebe5339003 - Martin Storsjo made libcurl use the Expect: 100-continue header for posts
with unknown size. Previously it was only used for posts with a known size
  larger than 1024 bytes.
2009-12-07 20:25:17 +00:00
Daniel Stenberg
f0826974f2 - If the Expect: 100-continue header has been set by the application through
curl_easy_setopt with CURLOPT_HTTPHEADER, the library should set
  data->state.expect100header accordingly - the current code (in 7.19.7 at
  least) doesn't handle this properly. Martin Storsjo provided the fix!
2009-12-01 12:04:54 +00:00
Daniel Stenberg
8a7231d7ae a binding for Falcon 2009-11-29 19:12:00 +00:00
Daniel Stenberg
448f6684bb 7.20.0 is the planned next version number 2009-11-27 23:53:50 +00:00
Daniel Stenberg
6e38cc9048 - Markus Koetter provided a polished and updated version of Chad Monroe's TFTP
rework patch that now integrates TFTP properly into libcurl so that it can
  be used non-blocking with the multi interface and more. BLKSIZE also works.

  The --tftp-blksize option was added to allow setting the TFTP BLKSIZE from
  the command line.
2009-11-27 23:46:29 +00:00
Yang Tse
405e18571e - David Byron modified Makefile.dist vc8 and vc9 targets in order to allow
finer granularity control when generating src and lib makefiles.
2009-11-23 16:48:31 +00:00
Daniel Stenberg
1fddcb3f88 - Bjorn Augustsson reported a bug which made curl not report any problems even
though it failed to write a very small download to disk (done in a single
  fwrite call). It turned out to be because fwrite() returned success, but
  there was insufficient error-checking for the fclose() call which tricked
  curl to believe things were fine.
2009-11-23 13:56:45 +00:00
Daniel Stenberg
504e6d7ae6 - Constantine Sapuntzakis identified a write after close, as the sockets were
closed by libcurl before the SSL lib were shutdown and they may write to its
  socket. Detected to at least happen with OpenSSL builds.
2009-11-20 19:32:49 +00:00
Daniel Stenberg
a41493b3b0 - Jad Chamcham pointed out a bug with connection re-use. If a connection had
CURLOPT_HTTPPROXYTUNNEL enabled over a proxy, a subsequent request using the
  same proxy with the tunnel option disabled would still wrongly re-use that
  previous connection and the outcome would only be badness.
2009-11-20 13:27:21 +00:00
Daniel Stenberg
b32d1a9a1d - Constantine Sapuntzakis provided another fix for the DNS cache that could
end up with entries that wouldn't time-out:

  1. Set up a first web server that redirects (307) to a http://server:port
     that's down
  2. Have curl connect to the first web server using curl multi

  After the curl_easy_cleanup call, there will be curl dns entries hanging
  around with in_use != 0.

  (http://curl.haxx.se/bug/view.cgi?id=2891591)
2009-11-17 22:53:55 +00:00
Daniel Stenberg
4c8adc8fee - Marc Kleine-Budde fixed: curl saved the LDFLAGS set during configure into
its pkg-config file.  So -Wl stuff ended up in the .pc file, which is really
  bad, and breaks if there are multiple -Wl in our LDFLAGS (which are in
  PTXdist). bug #2893592 (http://curl.haxx.se/bug/view.cgi?id=2893592)
2009-11-17 18:11:06 +00:00
Claes Jakobsson
f7f76e17c3 Added '--configure' option to curl-config to display original configure arguments when curl was built 2009-11-14 19:23:26 +00:00
Daniel Stenberg
eb16c0e1eb - Claes Jakobsson restored the configure functionality to detect NSS when
--with-nss is set but not "yes".

  I think we can still improve that to check for pkg-config in that path etc,
  but at least this patch brings back the same functionality we had before.
2009-11-14 09:13:47 +00:00
Daniel Stenberg
9c49e51f7e - Camille Moncelier added support for the file type SSL_FILETYPE_ENGINE for
the client certificate. It also disable the key name test as some engines
  can select a private key/cert automatically (When there is only one key
  and/or certificate on the hardware device used by the engine)
2009-11-14 07:53:34 +00:00
Yang Tse
90bc6ee8f3 - Constantine Sapuntzakis provided the fix that ensures that an SSL connection
won't be reused unless protection level for peer and host verification match.
2009-11-14 02:30:30 +00:00
Yang Tse
9b7e45e874 Add last change credit 2009-11-11 21:19:49 +00:00
Yang Tse
40c2c3270d - Marco Maggi reported that compilation failed when configured --with-gssapi
and GNU GSS installed due to a missing mutual exclusion of header files in
  the Kerberos 5 code path. He also verified that my patch worked for him.
2009-11-11 21:15:34 +00:00
Daniel Stenberg
fb5f332834 - Constantine Sapuntzakis posted bug #2891595
(http://curl.haxx.se/bug/view.cgi?id=2891595) which identified how an entry
  in the DNS cache would linger too long if the request that added it was in
  use that long. He also provided the patch that now makes libcurl capable of
  still doing a request while the DNS hash entry may get timed out.
2009-11-11 09:31:37 +00:00
Daniel Stenberg
107c4d878a - Christian Schmitz noticed that the progress meter/callback was not properly
used during the FTP connection phase (after the actual TCP connect), while
  it of course should be. I also made the speed check get called correctly so
  that really slow servers will trigger that properly too.
2009-11-11 09:01:43 +00:00
Yang Tse
55e68ba333 I removed leading 'curl' path on the 'curlbuild.h' include statement in
curl.h, adjusting auto-makefiles include path, to enhance portability to
OS's without an orthogonal directory tree structure such as OS/400.
2009-11-05 15:04:03 +00:00
Daniel Stenberg
257f2376d5 - I fixed several problems with the transfer progress meter. It showed the
wrong percentage for small files, most notable for <1000 bytes and could
  easily end up showing more than 100% at the end. It also didn't show any
  percentage, transfer size or estimated transfer times when transferring
  less than 100 bytes.
2009-11-04 23:09:17 +00:00
Daniel Stenberg
99e43046a7 start over towards 7.19.8 2009-11-04 13:11:43 +00:00
Daniel Stenberg
7d74e02519 syntax 2009-11-04 12:13:20 +00:00
Daniel Stenberg
b19dc0eeb0 - As reported independent by both Stan van de Burgt and Didier Brisebourg,
CURLINFO_SIZE_DOWNLOAD (the -w variable size_download) didn't work when
  getting data from ldap!
2009-11-02 18:49:56 +00:00
Daniel Stenberg
223d848104 - Gabriel Kuri reported a problem with CURLINFO_CONTENT_LENGTH_DOWNLOAD if the
download was 0 bytes, as libcurl would then return the size as unknown (-1)
  and not 0. I wrote a fix and test case 566 to verify it.
2009-10-31 18:51:50 +00:00
Daniel Stenberg
a76f4ab7dd - Liza Alenchery mentioned a problem with re-used SCP connection when a bad
auth is used, as it caused a crash. I failed to repeat the issue, but still
  made a change that now forces the TCP connection used for a freed SCP
  session to get closed and not be re-used.
2009-10-30 22:28:56 +00:00
Daniel Stenberg
d68f215f03 - "Tom" posted a bug report that mentioned how libcurl did wrong when doing a
POST using a read callback, with Digest authentication and
  "Transfer-Encoding: chunked" enforced.  I would then cause the first request
  to be wrongly sent and then basically hang until the server closed the
  connection. I fixed the problem and added test case 565 to verify it.
2009-10-30 22:24:48 +00:00
Daniel Stenberg
448d2b5f49 - Dima Barsky made the curl cookie parser accept cookies even with blank or
unparsable expiry dates and then treat them as session cookies - previously
  libcurl would reject cookies with a date format it couldn't parse. Research
  shows that the major browser treat such cookies as session cookies. I
  modified test 8 and 31 to verify this.
2009-10-25 18:15:14 +00:00
Daniel Stenberg
1951cd1eee - Attempt to use pkg-config for finding out libssh2 installation details
during configure.
2009-10-21 14:56:25 +00:00
Daniel Stenberg
777134a07b s/koresh/Johan van Selst/ 2009-10-21 12:36:54 +00:00
Daniel Stenberg
051ab439a9 - A patch in bug report #2883177 (http://curl.haxx.se/bug/view.cgi?id=2883177)
by user 'koresh' introduced the --crlfile option to curl, which makes curl
  tell libcurl about a file with CRL (certificate revocation list) data to
  read.
2009-10-21 12:29:52 +00:00
Daniel Stenberg
6f4a5a4612 - Ray Dassen provided a patch in Debian's bug tracker (bug number #551461)
that now makes curl_getdate(3) actually handles RFC 822 formatted dates that
  use the "single letter military timezones".
  http://www.rfc-ref.org/RFC-TEXTS/822/chapter5.html has the details.
2009-10-18 21:56:19 +00:00
Daniel Stenberg
86cec97b22 - Fixed memory leak in the SCP/SFTP code as it never freed the knownhosts
data!
2009-10-18 01:11:25 +00:00
Daniel Stenberg
e5ee822745 John Dennis filed bug report #2873666
(http://curl.haxx.se/bug/view.cgi?id=2873666) which identified a problem which
made libcurl loop infinitely when given incorrect credentials when using HTTP
GSS negotiate authentication.
2009-10-18 00:18:27 +00:00
Daniel Stenberg
167a92810a - Kevin Baughman found a double close() problem with libcurl-NSS, as when
libcurl called NSS to close the SSL "session" it also closed the actual
  socket.
2009-10-18 00:10:13 +00:00
Yang Tse
e49d928ce4 Fix invalid file name characters handling on Windows 2009-10-17 17:33:19 +00:00
Daniel Stenberg
b233957885 - Tom Mueller correctly reported in bug report #2870221
(http://curl.haxx.se/bug/view.cgi?id=2870221) that libcurl returned an
  incorrect return code from the internal trynextip() function which caused
  him grief. This is a regression that was introduced in 7.19.1 and I find it
  strange it hasn't hit us harder, but I won't persue into figuring out
  exactly why.
2009-10-01 07:59:45 +00:00
Daniel Stenberg
5ed274d0b7 - Constantine Sapuntzakis: The current implementation will always set
SO_SNDBUF to CURL_WRITE_SIZE even if the SO_SNDBUF starts out larger.  The
  patch doesn't do a setsockopt if SO_SNDBUF is already greater than
  CURL_WRITE_SIZE. This should help folks who have set up their computer with
  large send buffers.
2009-10-01 07:05:07 +00:00
Daniel Stenberg
8646cecb78 - I introduced a maximum limit for received HTTP headers. It is controlled by
the define CURL_MAX_HTTP_HEADER which is even exposed in the public header
  file to allow for users to fairly easy rebuild libcurl with a modified
  limit. The rationale for a fixed limit is that libcurl is realloc()ing a
  buffer to be able to put a full header into it, so that it can call the
  header callback with the entire header, but that also risk getting it into
  trouble if a server by mistake or willingly sends a header that is more or
  less without an end. The limit is set to 100K.
2009-09-27 21:34:13 +00:00
Daniel Stenberg
4f47fc4e14 - John P. McCaskey posted a bug report that showed how libcurl did wrong when
saving received cookies with no given path, if the path in the request had a
  query part. That is means a question mark (?) and characters on the right
  side of that. I wrote test case 1105 and fixed this problem.
2009-09-26 20:51:51 +00:00
Daniel Stenberg
e3d623f190 - Chris Mumford filed bug report #2861587
(http://curl.haxx.se/bug/view.cgi?id=2861587) identifying that libcurl used
  the OpenSSL function X509_load_crl_file() wrongly and failed if it would
  load a CRL file with more than one certificate within. This is now fixed.
2009-09-25 18:09:38 +00:00
Daniel Stenberg
f03130a36e revert HPUX change since it already works fine 2009-09-24 03:40:30 +00:00
Daniel Stenberg
a1d18227e5 builds thread-safer on HPUX 2009-09-23 22:16:29 +00:00
Daniel Stenberg
250ba99498 - Sven Anders reported that we introduced a cert verfication flaw for OpenSSL-
powered libcurl in 7.19.6. If there was a X509v3 Subject Alternative Name
  field in the certficate it had to match and so even if non-DNS and non-IP
  entry was present it caused the verification to fail.
2009-09-16 20:44:18 +00:00
Daniel Stenberg
7ff4b4f2b5 - Claes Jakobsson fixed a problem with cookie expiry dates at exctly the epoch
start second "Thu Jan 1 00:00:00 GMT 1970" as the date parser then returns 0
  which internally then is treated as a session cookie. That particular date
  is now made to get the value of 1.
2009-09-10 21:06:50 +00:00
Daniel Stenberg
7a642c8bf1 - Daniel Johnson founded a flaw in the code convering sftp-errors to libcurl
errors.
2009-09-02 21:05:47 +00:00
Daniel Stenberg
7e07da977c - Peter Sylvester made a debug featuer for Curl_resolv() that now will force
libcurl to resolve 'localhost' whatever name you use in the URL *if* you set
  the --interface option to (exactly) "LocalHost". This will enable us to
  write tests for custom hosts names but still use a local host server.
2009-09-01 14:27:01 +00:00
Daniel Stenberg
ceda7e98f8 - configure now tries to use pkg-config for a number of sub-dependencies even
when cross-compiling. The key to success is then you properly setup
  PKG_CONFIG_PATH before invoking configure.

  I also improved how NSS is detected by trying nss-config if pkg-config isn't
  present, and as a last resort just use the lib name and force the user to
  setup the LIBS/LDFLAGS/CFLAGS etc properly. The previous last resort would
  add a range of various libs that would almost never be quite correct.
2009-09-01 06:53:01 +00:00
Daniel Stenberg
4e9d3c26ed - When using the multi interface with FTP and you asked for NOBODY, you did no
QUOTE commands and the request used the same path as the connection had
  already changed to, it would decide that no commands would be necessary for
  the "DO" action and that was not handled properly but libcurl would instead
  hang.
2009-08-31 20:49:30 +00:00
Daniel Stenberg
0cb6f3053f - Marc de Bruin pointed out that configure --with-gnutls=PATH didn't work
properly and provided a fix. http://curl.haxx.se/bug/view.cgi?id=2843008
2009-08-24 11:38:59 +00:00
Daniel Stenberg
95c2b205a4 - Eric Wong introduced support for the new option -T. (dot) that makes curl
read stdin in a non-blocking fashion. This also brings back -T- (minus) to
  the previous blocking behavior since it could break stuff for people at
  times.
2009-08-24 10:57:17 +00:00
Daniel Stenberg
8b5102ca83 - Andre Guibert de Bruet pointed out a missing return code check for a
strdup() that could lead to segfault if it returned NULL. I extended his
  suggest patch to now have Curl_retry_request() return a regular return code
  and better check that.
2009-08-21 12:01:36 +00:00
Daniel Stenberg
1048043963 - Lots of good work by Krister Johansen, mostly related to pipelining:
Fix SIGSEGV on free'd easy_conn when pipe unexpectedly breaks
  Fix data corruption issue with re-connected transfers
  Fix use after free if we're completed but easy_conn not NULL
2009-08-21 07:11:20 +00:00
Daniel Stenberg
5c716247aa mention yesterday's changes 2009-08-13 08:51:45 +00:00
Daniel Stenberg
c6712a0c6c start over fresh again towards 7.19.7 2009-08-12 11:24:52 +00:00
Daniel Stenberg
966cb698e6 - Carsten Lange reported a bug and provided a patch for TFTP upload and the
sending of the TSIZE option. I don't like fixing bugs just hours before
  a release, but since it was broken and the patch fixes this for him I decided
  to get it in anyway.
2009-08-12 08:19:39 +00:00
Daniel Stenberg
e73fe837a8 - Peter Sylvester made the HTTPS test server use specific certificates for
each test, so that the test suite can now be used to actually test the
  verification of cert names etc. This made an error show up in the OpenSSL-
  specific code where it would attempt to match the CN field even if a
  subjectAltName exists that doesn't match. This is now fixed and verified
  in test 311.
2009-08-11 21:48:58 +00:00
Daniel Stenberg
a9caeb1064 credit 2009-08-11 20:57:15 +00:00
Daniel Stenberg
2838362a7b clarified configure detection of GnuTLS 2009-08-02 22:38:15 +00:00
Daniel Stenberg
6d891d2a3b - Curt Bogmine reported a problem with SNI enabled on a particular server. We
should introduce an option to disable SNI, but as we're in feature freeze
  now I've addressed the obvious bug here (pointed out by Peter Sylvester): we
  shouldn't try to enable SNI when SSLv2 or SSLv3 is explicitly selected.
  Code for OpenSSL and GnuTLS was fixed. NSS doesn't seem to have a particular
  option for SNI, or are we simply not using it?
2009-08-01 22:11:58 +00:00
Daniel Stenberg
c0e8bed5bf - Scott Cantor posted the bug report #2829955
(http://curl.haxx.se/bug/view.cgi?id=2829955) mentioning the recent SSL cert
  verification flaw found and exploited by Moxie Marlinspike. The presentation
  he did at Black Hat is available here:
  https://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html#Marlinspike

  Apparently at least one CA allowed a subjectAltName or CN that contain a
  zero byte, and thus clients that assumed they would never have zero bytes
  were exploited to OK a certificate that didn't actually match the site. Like
  if the name in the cert was "example.com\0theatualsite.com", libcurl would
  happily verify that cert for example.com.

  libcurl now better use the length of the extracted name, not assuming it is
  zero terminated.
2009-08-01 21:56:59 +00:00
Daniel Stenberg
0dce2ff8a0 - Tanguy Fautre pointed out that OpenSSL's function RAND_screen() (present
only in some OpenSSL installs - like on Windows) isn't thread-safe and we
  agreed that moving it to the global_init() function is a decent way to deal
  with this situation.
2009-08-01 11:09:02 +00:00
Daniel Stenberg
2642638fca - Alexander Beedie provided the patch for a noproxy problem: If I have set
CURLOPT_NOPROXY to "*", or to a host that should not use a proxy, I actually
  could still end up using a proxy if a proxy environment variable was set.
2009-08-01 11:02:10 +00:00
Daniel Stenberg
0684128209 - All the quote options (CURLOPT_QUOTE, CURLOPT_POSTQUOTE and
CURLOPT_PREQUOTE) now accept a preceeding asterisk before the command to
  send when using FTP, as a sign that libcurl shall simply ignore the response
  from the server instead of treating it as an error. Not treating a 400+ FTP
  response code as an error means that failed commands will not abort the
  chain of commands, nor will they cause the connection to get disconnected.
2009-07-27 18:36:56 +00:00
Daniel Stenberg
b347a7a96e - Bug report #2825989 (http://curl.haxx.se/bug/view.cgi?id=2825989) pointed
out that OpenSSL-powered libcurl didn't support the SHA-2 digest algorithm,
  and provided the solution too: to use OpenSSL_add_all_algorithms() instead
  of the older SSLeay_* alternative. OpenSSL_add_all_algorithms was added in
  OpenSSL 0.9.5
2009-07-26 17:33:36 +00:00
Daniel Stenberg
47c392e135 - Added CURLOPT_SSH_KNOWNHOSTS, CURLOPT_SSH_KEYFUNCTION, CURLOPT_SSH_KEYDATA.
They introduce known_host support for SSH keys to libcurl. See docs for
  details.
2009-07-22 22:49:01 +00:00
Michal Marek
4c207a004c - David Binderman found a memory and fd leak in lib/gtls.c:load_file()
(https://bugzilla.novell.com/523919). When looking at the code, I found
  that also the ptr pointer can leak.
2009-07-22 09:48:32 +00:00
Daniel Stenberg
5cf78472e1 - Constantine Sapuntzakis posted bug report #2813123
(http://curl.haxx.se/bug/view.cgi?id=2813123) and an a patch that fixes the
  problem:

  Url A is accessed using auth. Url A redirects to Url B (on a different
  server0. Url B reuses a persistent connection. Url B has auth, even though
  it's on a different server.

  Note: if Url B does not reuse a persistent connection, auth is not sent.
2009-07-08 07:00:40 +00:00
Daniel Stenberg
18f238dd53 my CURLINFO_CERTINFO fix 2009-06-29 20:46:50 +00:00
Daniel Stenberg
4f551259dd - Markus Koetter made CURLOPT_FTPPORT (and curl's -P/--ftpport) support a port
range if given colon-separated after the host name/address part. Like
  "192.168.0.1:2000-10000"
2009-06-29 20:46:01 +00:00
Daniel Stenberg
a0474685c1 - Reuven Wachtfogel made curl -o - properly produce a binary output on windows
(no newline translations). Use -B/--use-ascii if you rather get the ascii
  approach.
2009-06-16 18:03:28 +00:00
Michal Marek
0b317b72ae - When doing non-anonymous ftp via http proxies and the password is not
provided in the url, add it there (squid needs this).
2009-06-16 13:16:28 +00:00
Daniel Stenberg
4b6d3a2bfd - Eric Wong's patch:
This allows curl(1) to be used as a client-side tunnel for arbitrary stream
  protocols by abusing chunked transfer encoding in both the HTTP request and
  HTTP response.  This requires server support for sending a response while a
  request is still being read, of course.

  If attempting to read from stdin returns EAGAIN, then we pause our sender.
  This leaves curl to attempt to read from the socket while reading from stdin
  (and thus sending) is paused.
2009-06-15 21:13:00 +00:00
Daniel Stenberg
352177090f - Fabian Keil ran clang on the (lib)curl code, found a bunch of warnings and
contributed a range of patches to fix them.
2009-06-10 21:26:11 +00:00
Yang Tse
16ae283fb4 initialize fread callback pointer to avoid compiler warning 2009-06-09 00:49:34 +00:00
Daniel Stenberg
3e0c067e43 - Claes Jakobsson provided a patch for libcurl-NSS that fixed a bad refcount
issue with client certs that caused issues like segfaults.
  http://curl.haxx.se/mail/lib-2009-05/0316.html
2009-06-08 21:25:16 +00:00
Daniel Stenberg
f90551ff41 - Triggered by bug report #2798852 and the patch in there, I fixed configure
to detect gnutls build options with pkg-config only and not libgnutls-config
  anymore since GnuTLS has stopped distributing that tool. If an explicit path
  is given to configure, we will instead guess on how to link and use that
  lib. I did not use the patch from the bug report.
2009-06-08 21:12:59 +00:00
Daniel Stenberg
f45500c612 djgpp build fix 2009-06-08 13:55:18 +00:00
Daniel Stenberg
e08f81c891 Bill Hoffman (6 June 2009)
- Added some cmake docs and fixed socklen_t in the build.
2009-06-07 22:26:44 +00:00
Daniel Stenberg
9324f1c29f - Eric Wong fixed --no-buffer to actually switch off output buffering. Been
broken since 7.19.0
2009-06-07 22:21:22 +00:00
Yang Tse
027cb376f3 mention last changes 2009-06-05 16:32:37 +00:00
Daniel Stenberg
ce1a58414a remove conflict markers 2009-06-05 06:19:29 +00:00
Daniel Stenberg
1012c5705a - Setting the Content-Length: header from your app when you do a POST or PUT
is almost always a VERY BAD IDEA. Yet there are still apps out there doing
  this, and now recently it triggered a bug/side-effect in libcurl as when
  libcurl sends a POST or PUT with NTLM, it sends an empty post first when it
  knows it will just get a 401/407 back. If the app then replaced the
  Content-Length header, it caused the server to wait for input that libcurl
  wouldn't send. Aaron Oneal reported this problem in bug report #2799008
  http://curl.haxx.se/bug/view.cgi?id=2799008) and helped us verify the fix.
2009-06-05 06:18:42 +00:00
Yang Tse
00883822be allow building libcurl for VxWorks 2009-06-04 19:11:11 +00:00
Daniel Stenberg
9dcc1b3370 - Claes Jakobsson fixed the configure script to better find and use NSS
without pkg-config.
2009-06-01 09:40:09 +00:00
Yang Tse
e3c37aac28 credit John E. Malmberg 2009-06-01 09:20:49 +00:00
Daniel Stenberg
0bf9c1e881 - Claes Jakobsson fixed libcurl-NSS to build fine even without the
PK11_CreateGenericObject() function.
2009-05-27 22:01:03 +00:00
Daniel Stenberg
bf07d37737 - Mike Crowe pointed out that setting CURLOPT_USERPWD to NULL used to clear
the auth credentials back in 7.19.0 and earlier while now you have to set ""
  to get the same effect. His patch brings back the ability to use NULL.
2009-05-27 21:45:12 +00:00
Daniel Stenberg
eecb713616 - Andre Guibert de Bruet found a call to a OpenSSL function that didn't check
for a failure properly.
2009-05-27 21:15:38 +00:00
Daniel Stenberg
bf085e2c4b - Frank McGeough provided a small OpenSSL #include fix to make libcurl compile
fine with Nokia 5th edition 1.0 SDK for Symbian.
2009-05-27 21:11:11 +00:00
Daniel Stenberg
1cf6c15ab4 - bug report #2796358 (http://curl.haxx.se/bug/view.cgi?id=2796358) pointed
out that the cookie parser would leak memory when it parses cookies that are
  received with domain, path etc set multiple times in the same header. While
  such a cookie is questionable, they occur in the wild and libcurl no longer
  leaks memory for them. I added such a header to test case 8.
2009-05-25 12:23:22 +00:00
Daniel Stenberg
de7a14003c - Kamil Dudka brought the patch from the Redhat bug entry
https://bugzilla.redhat.com/show_bug.cgi?id=427966 which was libcurl closing
  a bad file descriptor when closing down the FTP data connection.  Caolan
  McNamara seems to be the original author of it.
2009-05-19 20:54:31 +00:00
Daniel Stenberg
89fb7c85bf start climbing to 7.19.6 2009-05-18 07:58:00 +00:00
Daniel Stenberg
3cb06eb2b2 - James Bursa posted a patch to the mailing list that fixed a problem with
no_proxy which made it not skip the proxy if the URL entered contained a
  user name. I added test case 1101 to verify.
2009-05-17 14:47:50 +00:00
Daniel Stenberg
242a17b9e0 - Balint Szilakszi reported a memory leak when libcurl did gzip decompression
of streams that had some parts (legitimately) missing. We now provide and use
  a proper cleanup function for the content encoding submodule.
  http://curl.haxx.se/mail/lib-2009-05/0092.html
2009-05-11 09:55:28 +00:00
Daniel Stenberg
6e1632c606 - Kamil Dudka provided a fix for libcurl-NSS reported by Michael Cronenworth
at https://bugzilla.redhat.com/show_bug.cgi?id=453612#c12

  If an incorrect password is given while loading a private key, libcurl ends
  up in an infinite loop consuming memory. The bug is critical.
2009-05-11 09:13:49 +00:00
Daniel Stenberg
56dab605f1 - I fixed the problem with doing NTLM, POST and then following a 302 redirect,
as reported by Ebenezer Ikonne (on curl-users) and Laurent Rabret (on
  curl-library). The transfer was mistakenly marked to get more data to send
  but since it didn't actually have that, it just hung there...
2009-05-11 08:55:58 +00:00
Daniel Stenberg
c92b996942 Ah, this was committed by mistake as part of my previous commit but it seems
to work so I'll let it remain and here's the comment about it! From Lenaic's
mail posted to curl-library Date: Fri, 1 May 2009 22:46:14 +0200.
2009-05-08 11:05:52 +00:00
Daniel Stenberg
e84c7db049 - Constantine Sapuntzakis fixed bug report #2784055
(http://curl.haxx.se/bug/view.cgi?id=2784055) identifying a problem to
  connect to SOCKS proxies when using the multi interface. It turned out to
  almost not work at all previously. We need to wait for the TCP connect to
  be properly verified before doing the SOCKS magic.

  There's still a flaw in the FTP code for this.
2009-05-08 10:59:40 +00:00
Daniel Stenberg
e93c81196f - Man page *roff problems fixed thanks to input from Colin Watson. Problems
reported in the Debian package.
2009-05-07 09:31:24 +00:00
Daniel Stenberg
7bdd14a994 - Vijay G filed bug report #2723236
(http://curl.haxx.se/bug/view.cgi?id=2723236) identifying a problem with
  libcurl's TFTP code and its lack of dealing with the OACK packet.
2009-05-07 08:30:43 +00:00
Daniel Stenberg
915dfb494e - Inspired by Michael Smith's session id fix for OpenSSL, I did the
corresponding fix in the GnuTLS code: make sure to store the new session id
  in case the re-used one is rejected.
2009-05-04 22:20:09 +00:00
Daniel Stenberg
a16cca7680 - Michael Smith posted bug report #2786255
(http://curl.haxx.se/bug/view.cgi?id=2786255) with a patch, identifying how
  libcurl did not deal with SSL session ids properly if the server rejected a
  re-use of one. Starting now, it will forget the rejected one and remember
  the new. This change was for OpenSSL only, it is likely that other SSL lib
  code needs similar fixes.
2009-05-04 21:57:14 +00:00
Yang Tse
4422f80ae7 David McCreedy's "transfer.c fixes for CURL_DO_LINEEND_CONV and non-ASCII platform HTTP requests" patch 2009-05-04 09:47:02 +00:00
Yang Tse
9137e717b0 Use build-time configured curl_socklen_t instead of socklen_t 2009-05-02 02:37:32 +00:00
Yang Tse
80a61616b1 Mention David McCreedy's patches applied today 2009-05-01 22:55:08 +00:00
Daniel Stenberg
e2c6e00570 - Based on bug report #2723219 (http://curl.haxx.se/bug/view.cgi?id=2723219)
I've now made TFTP "connections" not being kept for re-use within libcurl.
  TFTP is UDP-based so the benefit was really low (if even existing) to begin
  with so instead of tracking down to fix this problem we instead removed the
  re-use. I also enabled test case 1099 that I wrote a few days ago to verify
  that this change fixes the reported problem.
2009-04-29 11:30:03 +00:00
Daniel Stenberg
d068001102 - Constantine Sapuntzakis filed bug report #2783090
(http://curl.haxx.se/bug/view.cgi?id=2783090) pointing out that on windows
  we need to grow the SO_SNDBUF buffer somewhat to get really good upload
  speeds. http://support.microsoft.com/kb/823764 has the details. Friends
  confirmed that simply adding 32 to CURL_MAX_WRITE_SIZE is enough.
2009-04-28 20:27:06 +00:00
Daniel Stenberg
e01b7c1ede - Bug report #2709004 (http://curl.haxx.se/bug/view.cgi?id=2709004) by Tim
Chen pointed out how curl couldn't upload with resume when reading from a
  pipe.

  This ended up with the introduction of a new return code for the
  CURLOPT_SEEKFUNCTION callback that basically says that the seek failed but
  that libcurl may try to resolve the situation anyway. In our case this means
  libcurl will attempt to instead read that much data from the stream instead
  of seeking and that way curl can now upload with resume when data is read
  from a stream!
2009-04-28 11:19:10 +00:00
Daniel Stenberg
14df44dd3f - Bug report #2779733 (http://curl.haxx.se/bug/view.cgi?id=2779733) by Sven
Wegener pointed out that CURLINFO_APPCONNECT_TIME didn't work with the multi
  interface and provided a patch that fixed the problem!
2009-04-26 11:56:22 +00:00
Daniel Stenberg
828a26286d - Kamil Dudka fixed another NSS-related leak when client certs were used. 2009-04-24 21:55:18 +00:00
Daniel Stenberg
ab1e54375f for is docs remarks 2009-04-23 22:08:36 +00:00
Daniel Stenberg
b84876ba69 - Leanic Lefever reported a crash and did some detailed research on why and
how it occurs (http://curl.haxx.se/mail/lib-2009-04/0289.html). The
  conclusion was that if an error is detected and Curl_done() is called for
  the connection, ftp_done() could at times return another error code that
  then would take precedence and that new code confused existing logic that
  works for the first error code (CURLE_SEND_ERROR) only.
2009-04-20 21:41:17 +00:00
Daniel Stenberg
0f1ca2939a - Gisle Vanem noticed that --libtool would produce bogus strings at times for
OBJECTPOINT options. Now we've introduced a new function - my_setopt_str -
  within the app for setting plain string options to avoid the risk of this
  mistake happening.
2009-04-20 17:53:06 +00:00
Daniel Stenberg
f1b820e5fc mention Pramod Sharma and "persistent connections when doing FTP over a HTTP proxy" 2009-04-17 22:36:13 +00:00
Daniel Stenberg
379bfa5a36 - bug report #2727981 (http://curl.haxx.se/bug/view.cgi?id=2727981) by Martin
Storsjo pointed out how setting CURLOPT_NOBODY to 0 could be downright
  confusing as it set the method to either GET or HEAD. The example he showed
  looked like:

   curl_easy_setopt(curl, CURLOPT_PUT, 1);
   curl_easy_setopt(curl, CURLOPT_NOBODY, 0);

  The new way doesn't alter the method until the request is about to start. If
  CURLOPT_NOBODY is then 1 the HTTP request will be HEAD. If CURLOPT_NOBODY is
  0 and the request happens to have been set to HEAD, it will then instead be
  set to GET. I believe this will be less surprising to users, and hopefully
  not hit any existing users badly.
2009-04-13 18:01:02 +00:00
Daniel Stenberg
235c0077b8 - Toshio Kuratomi reported a memory leak problem with libcurl+NSS that turned
out to be leaking cacerts. Kamil Dudka helped me complete the fix. The issue
  is found in Redhat's bug tracker:
  https://bugzilla.redhat.com/show_bug.cgi?id=453612

  There are still memory leaks present, but they seem to have other reasons.
2009-04-13 17:42:10 +00:00
Yang Tse
eed4a13b3b Daniel Johnson improved the MacOSX-Framework shell script to now perform all
the steps required to build a Mac OS X four way fat ppc/i386/ppc64/x86_64
libcurl.framework.  Four way fat framework requires OS X 10.5 SDK or later.
2009-04-10 02:50:21 +00:00
Yang Tse
ece891d6db Sun compilers specific preprocessor block removed from curlbuild.h.dist 2009-04-08 01:25:34 +00:00
Yang Tse
168fb3a8d8 Fix curl_off_t definition for builds done using Sun compilers and a
non-configured libcurl. In this case curl_off_t data type was gated
to the off_t data type which depends on the _FILE_OFFSET_BITS. This
configuration is exactly the unwanted configuration for our curl_off_t
data type which must not depend on such setting. This breaks ABI for
libcurl libraries built with Sun compilers which were built without
having run the configure script with _FILE_OFFSET_BITS different than
64 and using the ILP32 data model.
2009-04-02 18:50:39 +00:00
Dan Fandrich
626f9bd8c2 Added the curl_easy_recv return code fix 2009-04-02 04:41:03 +00:00
Daniel Stenberg
5f19822e37 - Kamil Dudka brought a patch that enables 6 additional crypto algorithms when
NSS is used. These ciphers were added in NSS 3.4 and require to be enabled
  explicitly.
2009-03-18 12:48:51 +00:00
Daniel Stenberg
74ba4d7950 - Use libssh2_version() to present the libssh2 version in case the libssh2
library is found to support it.
2009-03-13 09:58:15 +00:00
Yang Tse
fa96436661 Fix TELNET transfers not being aborted upon write callback failures 2009-03-12 13:18:25 +00:00
Yang Tse
f1db505778 Added TELNET timeout support for Windows builds 2009-03-11 04:15:33 +00:00
Daniel Stenberg
bdec6f2b20 - Frank Hempel found out a bug and provided the fix:
curl_easy_duphandle did not necessarily duplicate the CURLOPT_COOKIEFILE
  option. It only enabled the cookie engine in the destination handle if
  data->cookies is not NULL (where data is the source handle). In case of a
  newly initialized handle which just had the cookie support enabled by a
  curl_easy_setopt(handle, CURL_COOKIEFILE, "")-call, handle->cookies was
  still NULL because the setopt-call only appends the value to
  data->change.cookielist, hence duplicating this handle would not have the
  cookie engine switched on.

  We also concluded that the slist-functionality would be suitable for being
  put in its own module rather than simply hanging out in lib/sendf.c so I
  created lib/slist.[ch] for them.
2009-03-09 12:21:46 +00:00
Daniel Stenberg
c86c294f55 - Andreas Farber made the 'buildconf' script check for the presence of m4
scripts to make it detect a bad checkout earlier. People with older
  checkouts who don't do cvs update with the -d option won't get the new dirs
  and then will get funny outputs that can be a bit hard to understand and
  fix.
2009-03-09 09:24:31 +00:00
Daniel Stenberg
f4e8c406bb - Andre Guibert de Bruet found and fixed a code segment in ssluse.c where the
allocation of the memory BIO was not being properly checked.
2009-03-08 22:56:55 +00:00
Daniel Stenberg
12bfcb501c - Andre Guibert de Bruet fixed the gnutls-using code: There are a few places
in the gnutls code where we were checking for negative values for errors,
  when the man pages state that GNUTLS_E_SUCCESS is returned on success and
  other values indicate error conditions.
2009-03-08 22:52:05 +00:00
Daniel Stenberg
9274d31690 - Bill Egert pointed out (http://curl.haxx.se/bug/view.cgi?id=2671602) that
curl didn't use sprintf() in a way that is documented to work in POSIX but
  since we use our own printf() code (from libcurl) that shouldn't be a
  problem. Nonetheless I modified the code to not rely on such particular
  features and to not cause further raised eyebrowse with no good reason.
2009-03-08 22:42:50 +00:00
Yang Tse
94bb7fe5cb Fix NTLM authentication memory leak on SSPI enabled Windows builds 2009-03-05 01:23:14 +00:00
Daniel Stenberg
ee73fc361b - David James brought a patch that make libcurl close (all) dead connections
whenever you attempt to open a new connection.
2009-03-03 11:01:24 +00:00
Daniel Stenberg
e84dbd28db 15 additional contributor from the 7.19.4 RELEASE-NOTES 2009-03-03 10:41:11 +00:00
Daniel Stenberg
a1f455551f start over on the journey towards 7.19.5 2009-03-02 23:44:42 +00:00
Daniel Stenberg
042cc1f69e - David Kierznowski notified us about a security flaw
(http://curl.haxx.se/docs/adv_20090303.html also known as CVE-2009-0037) in
  which previous libcurl versions (by design) can be tricked to access an
  arbitrary local/different file instead of a remote one when
  CURLOPT_FOLLOWLOCATION is enabled. This flaw is now fixed in this release
  together this the addition of two new setopt options for controlling this
  new behavior:

  o CURLOPT_REDIR_PROTOCOLS controls what protocols libcurl is allowed to
  follow to when CURLOPT_FOLLOWLOCATION is enabled. By default, this option
  excludes the FILE and SCP protocols and thus you nee to explicitly allow
  them in your app if you really want that behavior.

  o CURLOPT_PROTOCOLS controls what protocol(s) libcurl is allowed to fetch
  using the primary URL option. This is useful if you want to allow a user or
  other outsiders control what URL to pass to libcurl and yet not allow all
  protocols libcurl may have been built to support.
2009-03-02 23:05:31 +00:00
Daniel Stenberg
4bc603a0cc the Eiffel binding 2009-03-02 09:03:11 +00:00
Daniel Stenberg
7b7db23633 - Senthil Raja Velu reported a problem when CURLOPT_INTERFACE and
CURLOPT_LOCALPORT were used together (the local port bind failed), and
  Markus Koetter provided the fix!
2009-02-27 12:07:14 +00:00
Daniel Stenberg
d207ea1652 - As Daniel Fandrich figured out, we must do the GnuTLS initing in the
curl_global_init() function to properly maintain the performing functions
  thread-safe. We've previously (28 April 2007) moved the init to a later time
  just to avoid it to fail very early when libgcrypt dislikes the situation,
  but that move was bad and the fix should rather be in libgcrypt or
  elsewhere.
2009-02-25 12:51:17 +00:00
Daniel Stenberg
ea6531cf32 - Brian J. Murrell found out that Negotiate proxy authentication didn't work.
It happened because the code used the struct for server-based auth all the
  time for both proxy and server auth which of course was wrong.
2009-02-24 08:30:09 +00:00
Daniel Stenberg
6c9f37d263 - After a bug reported by James Cheng I've made curl_easy_getinfo() for
CURLINFO_CONTENT_LENGTH_DOWNLOAD and CURLINFO_CONTENT_LENGTH_UPLOAD return
  -1 if the sizes aren't know. Previously these returned 0, make it impossible
  to detect the difference between actually zero and unknown.
2009-02-23 18:45:00 +00:00
Yang Tse
f5548973ab Daniel Johnson provided a shell script that will perform all the steps needed
to build a Mac OS X fat ppc/i386 or ppc64/x86_64 libcurl.framework
2009-02-23 12:39:06 +00:00
Yang Tse
9182a46233 Mark Incley noticed VS2008 compilation halting when building for Windows 2000 2009-02-20 12:10:23 +00:00
Daniel Stenberg
5784a37f91 the FTP multi interface bug 2009-02-20 08:19:19 +00:00
Daniel Stenberg
af91ff0e06 - Linus Nielsen Feltzing reported and helped me repeat and fix a problem with
FTP with the multi interface: when a transfer fails, like when aborted by a
  write callback, the control connection was wrongly closed and thus not
  re-used properly.

  This change is also an attempt to cleanup the code somewhat in this area, as
  now the FTP code attempts to keep (better) track on pending responses
  necessary to get read in ftp_done().
2009-02-20 08:16:03 +00:00
Daniel Stenberg
5af0629ba5 - Patrik Thunstrom reported a problem and helped me repeat it. It turned out
libcurl did a superfluous 1000ms wait when doing SFTP downloads!

  We read data with libssh2 while doing the "DO" operation for SFTP and then
  when we were about to start getting data for the actual file part, the
  "TRANSFER" part, we waited for socket action (in 1000ms) before doing a
  libssh2-read. But in this case libssh2 had already read and buffered the
  data so we ended up always just waiting 1000ms before we get working on the
  data!
2009-02-19 10:36:20 +00:00
Daniel Stenberg
a24fe59ee4 - Kamil Dudka made NSS-powered builds compile and run again! 2009-02-17 12:18:34 +00:00
Daniel Stenberg
8f81fd6be5 - CURLOPT_FTP_CREATE_MISSING_DIRS can now be set to 2 in addition to 1 for
plain FTP connections, and it will then allow MKD to fail once and retry the
  CWD afterwards. This is especially useful if you're doing many simultanoes
  connections against the same server and they all have this option enabled,
  as then CWD may first fail but then another connection does MKD before this
  connection and thus MKD fails but trying CWD works! The numbers can
  (should?) now be set with the convenience enums now called
  CURLFTP_CREATE_DIR and CURLFTP_CREATE_DIR_RETRY.

  Tests has proven that if you're making an application that uploads a set of
  files to an ftp server, you will get a noticable gain in speed if you're
  using multiple connections and this option will be then be very useful.
2009-02-17 09:07:25 +00:00
Daniel Stenberg
d315d41a12 - Andre Guibert de Bruet found and fixed a memory leak in the content encoding
code, which could happen on libz errors.
2009-02-14 09:09:09 +00:00
Dan Fandrich
9a4c887c4a Added support for Digest and NTLM authentication using GnuTLS. 2009-02-12 20:48:40 +00:00
Daniel Stenberg
de41c6ef43 credit Jocelyn Jaubert for his bug report and associated work 2009-02-12 08:05:23 +00:00
Daniel Stenberg
002cf105c6 - CURLINFO_CONDITION_UNMET was added to allow an application to get to know if
the condition in the previous request was unmet. This is typically a time
  condition set with CURLOPT_TIMECONDITION and was previously not possible to
  reliably figure out. From bug report #2565128
  (http://curl.haxx.se/bug/view.cgi?id=2565128)
2009-02-11 21:47:14 +00:00
Daniel Stenberg
fb8fdf9273 Added docs/libcurl/symbols-in-versions 2009-02-10 13:06:25 +00:00
Daniel Stenberg
71f3877f3a - Hidemoto Nakada provided a small fix that makes it possible to get the
CURLINFO_CONTENT_LENGTH_DOWNLOAD size from file:// "transfers" with
  CURLOPT_NOBODY set true.
2009-02-03 22:28:41 +00:00
Daniel Stenberg
d4ac3d53fc - Patrick Scott found a rather large memory leak when using the multi
interface and setting CURLMOPT_MAXCONNECTS to something less than the number
  of handles you add to the multi handle. All the connections that didn't fit
  in the cache would not be properly disconnected nor freed!
2009-02-02 21:36:47 +00:00
Daniel Stenberg
bdd4294e79 - Craig A West brought us: libcurl now defaults to do CONNECT with HTTP
version 1.1 instead of 1.0 like before. This change also introduces the new
  proxy type for libcurl called 'CURLPROXY_HTTP_1_0' that then allows apps to
  switch (back) to CONNECT 1.0 requests. The curl tool also got a --proxy1.0
  option that works exactly like --proxy but sets CURLPROXY_HTTP_1_0.

  I updated all test cases cases that use CONNECT and I tried to do some using
  --proxy1.0 and some updated to do CONNECT 1.1 to get both versions run.
2009-02-02 16:19:23 +00:00
Daniel Stenberg
dcf92bffd2 - When building with c-ares 1.6.1 (not yet released) or later and IPv6 support
enabled, we can now take advantage of its brand new AF_UNSPEC support in
  ares_gethostbyname(). This makes test case 241 finally run fine for me wtih
  this setup since it now parses the "::1 ip6-localhost" line fine in my
  /etc/hosts file!
2009-01-31 20:25:55 +00:00
Daniel Stenberg
8b6805572a - Scott Cantor filed bug report #2550061
(http://curl.haxx.se/bug/view.cgi?id=2550061) mentioning that I failed to
  properly make sure that the VC9 makefiles got included in the latest
  release. I've now fixed the release script and verified it so next release
  will hopefully include them properly!
2009-01-31 18:38:41 +00:00
Daniel Stenberg
de4610a55f - Markus Moeller introduced two new options to libcurl:
CURLOPT_SOCKS5_GSSAPI_SERVICE and CURLOPT_SOCKS5_GSSAPI_NEC to allow libcurl
  to do GSS-style authentication with SOCKS5 proxies. The curl tool got the
  options called --socks5-gssapi-service and --socks5-gssapi-nec to enable
  these.
2009-01-28 21:33:58 +00:00
Daniel Stenberg
0516ce7786 - Chad Monroe provided the new CURLOPT_TFTP_BLKSIZE option that allows an app
to set desired block size to use for TFTP transfers instead of the default
  512 bytes.
2009-01-26 22:43:06 +00:00
Daniel Stenberg
bb86462ed7 wrap line at col 80 2009-01-26 14:37:29 +00:00
Daniel Stenberg
8fa8df95fb - The "-no_ticket" option was introduced in Openssl0.9.8j. It's a flag to
disable "rfc4507bis session ticket support".  rfc4507bis was later turned
  into the proper RFC5077 it seems: http://tools.ietf.org/html/rfc5077

  The enabled extension concerns the session management. I wonder how often
  libcurl stops a connection and then resumes a TLS session. also, sending the
  session data is some overhead. .I suggest that you just use your proposed
  patch (which explicitly disables TICKET).

  If someone writes an application with libcurl and openssl who wants to
  enable the feature, one can do this in the SSL callback.

  Sharad Gupta brought this to my attention. Peter Sylvester helped me decide
  on the proper action.
2009-01-26 14:36:18 +00:00
Daniel Stenberg
82ca52713b - Alexey Borzov filed bug report #2535504
(http://curl.haxx.se/bug/view.cgi?id=2535504) pointing out that realms with
  quoted quotation marks in HTTP Digest headers didn't work. I've now added
  test case 1095 that verifies my fix.
2009-01-26 13:19:03 +00:00
Daniel Stenberg
5aeef9c1c8 - Craig A West brought CURLOPT_NOPROXY and the corresponding --noproxy option.
They basically offer the same thing the NO_PROXY environment variable only
  offered previously: list a set of host names that shall not use the proxy
  even if one is specified.
2009-01-25 23:26:25 +00:00
Dan Fandrich
5591550167 Fixed a couple more locale-dependent toupper conversions, mainly for
clarity.  This does fix one problem that causes ;type=i FTP URLs
to fail in the Turkish locale when CURLOPT_PROXY_TRANSFER_MODE is
used (test case 561)

Added tests 561 and 1092 through 1094 to test various combinations
of ;type= and ;mode= URLs that could potentially fail in the Turkish
locale.
2009-01-21 04:42:47 +00:00
Daniel Stenberg
14a6788535 - Lisa Xu pointed out that the ssh.obj file was missing from the lib/Makefile.vc6
file (and thus from the vc8 and vc9 ones too).
2009-01-20 06:24:25 +00:00
Daniel Stenberg
b914f45e9e 700 friendly contributors after the new ones in 7.19.3 were added 2009-01-19 10:25:47 +00:00
Daniel Stenberg
718004d9b5 start over on our journey towards 7.19.4... 2009-01-19 10:11:25 +00:00
Daniel Stenberg
37c5250e03 - Andrew de los Reyes fixed curlbuild.h for "generic" gcc builds on PPC, both
32 bit and 64 bit.
2009-01-16 08:36:40 +00:00
Daniel Stenberg
5e74c58b73 - Tim Ansell fixed a compiler warning in lib/cookie.c 2009-01-15 08:32:58 +00:00
Daniel Stenberg
1225d36188 Grant Erickson fixed timeouts for TFTP 2009-01-13 23:24:06 +00:00
Daniel Stenberg
a19e02be5e - Michael Wallner fixed a NULL pointer deref when calling
curl_easy_setup(curl, CURLOPT_COOKIELIST, "SESS") on a CURL handle with no
  cookies data.
2009-01-13 22:21:14 +00:00
Daniel Stenberg
0761e60a4a Stefan Teleman's curlbuild.h fix for SunPro compilers 2009-01-13 22:05:48 +00:00
Daniel Stenberg
a1077d0970 changed the wording to possibly make some sense 2009-01-11 23:47:01 +00:00
Daniel Stenberg
b9fdc0c251 - Based on bug report #2498665 (http://curl.haxx.se/bug/view.cgi?id=2498665)
by Daniel Black, I've now added magic to the configure script that makes it
  use pkg-config to detect gnutls details as well if the existing method
  (using libgnutls-config) fails. While doing this, I cleaned up and unified
  the pkg-config usage when detecting openssl and nss as well.
2009-01-11 23:41:50 +00:00
Daniel Stenberg
f471b4836f credit Karl Moerder properly 2009-01-11 22:05:38 +00:00
Daniel Stenberg
f7e3bd28b4 - Karl M brought the patch that creates vc9 Makefiles, and I made 'maketgz'
now use the actual makefile targets to do the VC8 and VC9 makefiles.
2009-01-11 13:34:05 +00:00
Daniel Stenberg
452e52f958 - Emil Romanus fixed:
When using the multi interface over HTTP and the server returns a Location
  header, the running easy handle will get stuck in the CURLM_STATE_PERFORM
  state, leaving the external event loop stuck waiting for data from the
  ingoing socket (when using the curl_multi_socket_action stuff). While this
  bug was pretty hard to find, it seems to require only a one-line fix. The
  break statement on line 1374 in multi.c caused the function to skip the call
  to multistate().

  How to reproduce this bug? Well, that's another question.  evhiperfifo.c in
  the examples directory chokes on this bug only _sometimes_, probably
  depending on how fast the URLs are added. One way of testing the bug out is
  writing to hiper.fifo from more than one source at the same time.
2009-01-10 22:10:57 +00:00
Dan Fandrich
bc93011554 Unified much of the SessionHandle initialization done in Curl_open() and
curl_easy_reset() by creating Curl_init_userdefined(). This had the side effect
of fixing curl_easy_reset() so it now also resets CURLOPT_FTP_FILEMETHOD and
CURLOPT_SSL_SESSIONID_CACHE
2009-01-08 00:31:49 +00:00
Daniel Stenberg
3c2ad4022c - Rob Crittenden did once again provide an NSS update:
I have to jump through a few hoops now with the NSS library initialization
  since another part of an application may have already initialized NSS by the
  time Curl gets invoked. This patch is more careful to only shutdown the NSS
  library if Curl did the initialization.

  It also adds in a bit of code to set the default ciphers if the app that
  call NSS_Init* did not call NSS_SetDomesticPolicy() or set specific
  ciphers. One might argue that this lets other application developers get
  lazy and/or they aren't using the NSS API correctly, and you'd be right.
  But still, this will avoid terribly difficult-to-trace crashes and is
  generally helpful.
2009-01-07 14:10:35 +00:00
Daniel Stenberg
cf4b88fcc4 credit Bas 2008-12-31 20:36:08 +00:00
Daniel Stenberg
83640b2ee5 - Phil Lisiecki filed bug report #2413067
(http://curl.haxx.se/bug/view.cgi?id=2413067) that identified a problem that
  would cause libcurl to mark a DNS cache entry "in use" eternally if the
  subsequence TCP connect failed. It would thus never get pruned and refreshed
  as it should've been.
2008-12-29 22:25:50 +00:00
Daniel Stenberg
59227bf075 - Peter Korsgaard fixed building libcurl with "configure --with-ssl
--disable-verbose".
2008-12-28 22:00:36 +00:00
Daniel Stenberg
3eae7695fc libssh2 0.19 became 1.0 instead 2008-12-27 23:25:31 +00:00
Daniel Stenberg
7ffe62d901 - Given a recent enough libssh2, libcurl can now seek/resume with SFTP even
on file indexes beyond 2 or 4GB.
2008-12-22 13:12:36 +00:00
Daniel Stenberg
d5bfec70af - Anthony Bryan provided a set of patches that cleaned up manual language,
corrected spellings and more.
2008-12-22 13:07:13 +00:00
Daniel Stenberg
216ad2680b - Igor Novoseltsev fixed a bad situation for the multi_socket() API when doing
pipelining, as libcurl could then easily get confused and A) work on the
  handle that was not "first in queue" on a pipeline, or even B) tell the app
  to REMOVE a socket while it was in use by a second handle in a pipeline. Both
  errors caused hanging or stalling applications.
2008-12-20 22:03:22 +00:00
Daniel Stenberg
ffd08df863 - curl_multi_timeout() could return a timeout value of 0 even though nothing
was actually ready to get done, as the internal time resolution is higher
  than the returned millisecond timer. Therefore it could cause applications
  running on fast processors to do short bursts of busy-loops.
  curl_multi_timeout() will now only return 0 if the timeout is actually
  alreay triggered.
2008-12-19 22:58:22 +00:00
Daniel Stenberg
07416b61e3 - Using the libssh2 0.19 function libssh2_session_block_directions(), libcurl
now has an improved ability to do right when the multi interface (both
  "regular" and multi_socket) is used for SCP and SFTP transfers. This should
  result in (much) less busy-loop situations and thus less CPU usage with no
  speed loss.
2008-12-19 21:14:52 +00:00
Daniel Stenberg
03ca98b0df - SCP and SFTP with the multi interface had the same flaw: the 'DONE'
operation didn't complete properly if the EAGAIN equivalent was returned but
  libcurl would simply continue with a half-completed close operation
  performed. This ruined persistent connection re-use and cause some
  SSH-protocol errors in general. The correction is unfortunately adding a
  blocking function - doing it entirely non-blocking should be considered for
  a better fix.
2008-12-17 12:32:41 +00:00
Daniel Stenberg
008b848dcc - libssh2_sftp_last_error() was wrongly used at some places in libcurl which
made libcurl sometimes not properly abort problematic SFTP transfers.
2008-12-15 23:04:51 +00:00
Daniel Stenberg
5f0a3797c9 credit Mark Karpeles for his report and work 2008-12-12 08:36:56 +00:00
Yang Tse
2d2c53d20e Patrick Monnerat fixed a build regression, introduced in 7.19.2, affecting
OS/400 compilations with IPv6 enabled.
2008-12-12 03:24:59 +00:00
Daniel Stenberg
0f5895faee - Bug report #2416182 titled "crash in ConnectionExists when using
duphandle+curl_mutli" (http://curl.haxx.se/bug/view.cgi?id=2416182) showed
  that curl_easy_duphandle() wrongly also copied the pointer to the connection
  cache, which was plain wrong and caused a segfault if the handle would be
  used in a different multi handle than the handle it was duplicated from.
2008-12-11 23:52:56 +00:00
Daniel Stenberg
1b4af1f8d8 - Keshav Krity found out that libcurl failed to deal with dotted IPv6
addresses if they were very long (>39 letters) due to a too strict address
  validity parser. It now accepts addresses up to 45 bytes long.
2008-12-11 22:22:46 +00:00
Daniel Stenberg
6e376532b0 - Internet Explorer had a broken HTTP digest authentication before v7 and
there are servers "out there" that relies on the client doing this broken
  Digest authentication. Apache even comes with an option to work with such
  broken clients.

  The difference is only for URLs that contain a query-part (a '?'-letter and
  text to the right of it).

  libcurl now supports this quirk, and you enable it by setting the
  CURLAUTH_DIGEST_IE bit in the bitmask you pass to the CURLOPT_HTTPAUTH or
  CURLOPT_PROXYAUTH options. They are thus individually controlled to server
  and proxy.
2008-12-10 23:13:31 +00:00
Daniel Stenberg
4b62cd3616 - Ken Hirsch simplified how libcurl does FTPS: now it doesn't assume any
particular state for the control connection like it did before for implicit
  FTPS (libcurl assumed such control connections to be encrypted while some
  FTPS servers such as FileZilla assumes such connections to be clear
  mode). Use the CURLOPT_USE_SSL option to set your desired level.
2008-12-09 15:02:37 +00:00
Daniel Stenberg
18371aaff9 - Fred Machado posted about a weird FTP problem on the curl-users list and when
researching it, it turned out he got a 550 response back from a SIZE command
  and then I fell over the text in RFC3659 that says:

   The presence of the 550 error response to a SIZE command MUST NOT be taken
   by the client as an indication that the file cannot be transferred in the
   current MODE and TYPE.

  In other words: the change I did on September 30th 2008 and that has been
  included in the last two releases were a regression and a bad idea. We MUST
  NOT take a 550 response from SIZE as a hint that the file doesn't exist.
2008-12-08 20:20:51 +00:00
Daniel Stenberg
42365aa7ef - Christian Krause filed bug #2221237
(http://curl.haxx.se/bug/view.cgi?id=2221237) that identified an infinite
  loop during GSS authentication given some specific conditions. With his
  patience and great feedback I managed to narrow down the problem and
  eventually fix it although I can't test any of this myself!
2008-12-08 13:52:20 +00:00
Daniel Stenberg
479ddb1fee - Igor Novoseltsev filed bug #2351645
(http://curl.haxx.se/bug/view.cgi?id=2351645) that identified a problem with
  the multi interface that occured if you removed an easy handle while in
  progress and the handle was used in a HTTP pipeline.
2008-12-03 15:20:27 +00:00
Daniel Stenberg
58ebde9502 - Pawel Kierski pointed out a mistake in the cookie code that could lead to a
bad fclose() after a fatal error had occured.
  (http://curl.haxx.se/bug/view.cgi?id=2382219)
2008-12-03 15:08:09 +00:00
Daniel Stenberg
53a8a6e5a6 - Based on a patch by Vlad Grachov, libcurl now uses a new libssh2 0.19
function when built to support SCP and SFTP that helps the library to know
  in which direction a particular libssh2 operation would return EAGAIN so
  that libcurl knows what socket conditions to wait for before trying the
  function call again. Previously (and still when using libssh2 0.18 or
  earlier), libcurl will busy-loop in this situation when the easy interface
  is used!
2008-11-24 13:59:51 +00:00
Daniel Stenberg
40e8b4e527 - I removed the default use of "Pragma: no-cache" from libcurl when a proxy is
used. It has been used since forever but it was never a good idea to use
  unless explicitly asked for.
2008-11-19 22:00:14 +00:00
Daniel Stenberg
4b3ae5e157 - Christian Krause reported and fixed a memory leak that would occur with HTTP
GSS/kerberos authentication (http://curl.haxx.se/bug/view.cgi?id=2284386)
2008-11-19 14:22:01 +00:00
Daniel Stenberg
797bc8504c - Andreas Wurf and Markus Koetter helped me analyze a problem that Andreas got
when uploading files to a single FTP server using multiple easy handle
  handles with the multi interface. Occasionally a handle would stall in
  mysterious ways.

  The problem turned out to be a side-effect of the ConnectionExists()
  function's eagerness to re-use a handle for HTTP pipelining so it would
  select it even if already being in use, due to an inadequate check for its
  chances of being used for pipelnining.
2008-11-19 10:15:19 +00:00
Daniel Stenberg
c76d939563 Christian Krause fixed a build failure when building with gss support
enabled and FTP disabled.
2008-11-16 12:42:53 +00:00
Daniel Stenberg
dbc6fe3e84 my recent changes 2008-11-15 23:47:01 +00:00
Daniel Stenberg
ae6530ee82 and we are now on the 7.19.3 road 2008-11-13 13:24:00 +00:00
Daniel Stenberg
a6ba9e5ccd 7.19.2 coming up 2008-11-13 12:42:20 +00:00
Daniel Stenberg
4cbc0f6c2e - Rainer Canavan filed bug #2255627
(http://curl.haxx.se/bug/view.cgi?id=2255627) which pointed out that a
  program using libcurl's multi interface to download a HTTPS page with a
  libcurl built powered by OpenSSL, would easily get silly and instead hand
  over SSL details as data instead of the actual HTTP headers and body. This
  happened because libcurl would consider the connection handshake done too
  early. This problem was introduced at September 22nd 2008 with my fix of the
  bug #2107377

  The correct fix is now instead done within the GnuTLS-handling code, as both
  the OpenSSL and the NSS code already deal with this situation in similar
  fashion. I added test case 560 in an attempt to verify this fix, but
  unfortunately it didn't trigger it even before this fix!
2008-11-11 22:19:27 +00:00
Yang Tse
707828b71a Related with bug #2230535 (http://curl.haxx.se/bug/view.cgi?id=2230535)
Daniel Fandrich noticed that curl_addrinfo was also missing in the build
process of other four non-configure platforms. Added now.
2008-11-11 01:12:17 +00:00
Dan Fandrich
6354cbf9d6 The getifaddrs() version of Curl_if2ip() crashed when used on a Linux
system with a TEQL load-balancing device configured, which doesn't
have an address.  Thanks to Adam Sampson for spotting this (bug #2234923).
2008-11-07 18:33:20 +00:00
Yang Tse
fe083a94b9 give credit where credit is due 2008-11-07 01:42:34 +00:00
Yang Tse
6fdcdfa5ea Bug #2230535 (http://curl.haxx.se/bug/view.cgi?id=2230535) pointed out a
problem with MSVC 6 makefile that caused a build failure. It was noted that
the curl_addrinfo.obj reference was missing. I took the opportunity to sort
the list in which this was missing.
2008-11-06 19:11:46 +00:00
Daniel Stenberg
b8092857d9 and we're back on square one working on the next release... 2008-11-05 12:17:30 +00:00
Daniel Stenberg
215677c10b oops, use the correct option name 2008-11-04 22:36:50 +00:00
Daniel Stenberg
5ca2a8318d CURLINFO_FILETIME now works for file:// transfers as well 2008-11-04 09:57:36 +00:00
Yang Tse
e27ec862c3 Sync up with reality 2008-11-03 17:39:40 +00:00
Daniel Stenberg
85ffd33f08 Daniel Johnson reported and fixed ipv4 name resolves when libcurl is built
with ipv6-enabled c-ares
2008-11-01 23:49:54 +00:00
Dan Fandrich
4fef0d4f14 Fixed a bug that caused a few bytes of garbage to be sent after a
curl_easy_pause() during a chunky upload. Reported by Steve Roskowski.
2008-10-29 19:06:48 +00:00
Daniel Stenberg
5a9bbf639a fixed language, added the Solaris _REENTRANT thing 2008-10-22 15:10:56 +00:00
Daniel Stenberg
a9a4300a36 - Igor Novoseltsev added CURLOPT_PROXYUSER and CURLOPT_PROXYPASSWORD that then
make CURLOPT_PROXYUSERPWD sort of deprecated. The primary motive for adding
  these new options is that they have no problems with the colon separator
  that the CURLOPT_PROXYUSERPWD option does.
2008-10-16 20:21:22 +00:00
Daniel Stenberg
a579d67064 - Pascal Terjan filed bug #2154627
(http://curl.haxx.se/bug/view.cgi?id=2154627) which pointed out that libcurl
  uses strcasecmp() in multiple places where it causes failures when the
  Turkish locale is used. This is because 'i' and 'I' isn't the same letter so
  strcasecmp() on those letters are different in Turkish than in English (or
  just about all other languages). I thus introduced a totally new internal
  function in libcurl (called Curl_ascii_equal) for doing case insentive
  comparisons for english-(ascii?) style strings that thus will make "file"
  and "FILE" match even if the Turkish locale is selected.
2008-10-15 21:43:48 +00:00
Daniel Stenberg
1667890172 credit to John Wilkinson 2008-10-15 07:31:31 +00:00
Dan Fandrich
fad3288d20 Fixed the --interface option to work with IPv6 connections on glibc
systems supporting getifaddrs(). Also fixed a problem where an IPv6
address could be chosen instead of an IPv4 one for --interface when it
involved a name lookup.
2008-10-09 19:23:50 +00:00
Daniel Stenberg
830018aa38 - Bug #2152270 (http://curl.haxx.se/bug/view.cgi?id=2152270) identified and
fixed a CURLINFO_REDIRECT_URL memory leak and an additional wrong-doing:

  Any subsequent transfer with a redirect leaks memory, eventually crashing
  the process potentially.

  Any subsequent transfer WITHOUT a redirect causes the most recent redirect
  that DID occur on some previous transfer to still be reported.
2008-10-08 22:01:23 +00:00
Daniel Stenberg
544f2f74df - Igor filed bug #2111613 (http://curl.haxx.se/bug/view.cgi?id=2111613) that
eventually identified a flaw in how the multi_socket interface in some cases
  missed to call the timeout callback when easy interfaces are removed and
  added within the same millisecond.
2008-10-08 21:42:29 +00:00
Daniel Stenberg
08cf6780ba - Igor Novoseltsev brought a patch that introduced two new options to
curl_easy_setopt: CURLOPT_USERNAME and CURLOPT_PASSWORD that sort of
  deprecates the good old CURLOPT_USERPWD since they allow applications to set
  the user name and password independently and perhaps more importantly allow
  both to contain colon(s) which CURLOPT_USERPWD doesn't fully support.
2008-10-08 10:39:43 +00:00
Daniel Stenberg
61cfbecc74 - Fixed CURLINFO_PRIMARY_IP: When libcurl created a connection to host A then
the app re-used the handle to do a connection to host B and then again
  re-used the handle to host A, it would not update the info with host A's IP
  address (due to the connection being re-used) but it would instead report
  the info from host B.
2008-10-07 21:56:56 +00:00
Daniel Stenberg
db8c75f08d oops, counted one of them twice! 2008-10-07 18:14:11 +00:00
Daniel Stenberg
beaada77e6 two more bindings 2008-10-07 18:10:16 +00:00
Daniel Stenberg
038542ea3e - The libcurl FTP code now returns CURLE_REMOTE_FILE_NOT_FOUND error when SIZE
gets a 550 response back for the cases where a download (or NOBODY) is
  wanted. It still allows a 550 as response if the SIZE is used as part of an
  upload process (like if resuming an upload is requested and the file isn't
  there before the upload). I also modified the FTP test server and a few test
  cases accordingly to match this modified behavior.
2008-09-30 09:51:58 +00:00
Daniel Stenberg
f3ab5d5500 - Daniel Egger provided a patch that allows you to disable proxy support in
libcurl to somewhat reduce the size of the binary. Run configure
  --disable-proxy.
2008-09-29 21:46:04 +00:00
Daniel Stenberg
c27d2d4b93 - Ian Lynagh provided a patch that now makes CURLOPT_RANGE work fine for SFTP
downloads!
2008-09-29 13:21:21 +00:00
Daniel Stenberg
09bbca2f61 credit Maxim Ivanov 2008-09-29 12:36:47 +00:00
Daniel Stenberg
0a305eb79f - Bug #2107803 (http://curl.haxx.se/bug/view.cgi?id=2107803) "no
CURLINFO_REDIRECT_URL in multi mode" also contained a patch that fixed the
  problem.
2008-09-29 12:22:10 +00:00
Daniel Stenberg
9e9f70a693 give proper credit! 2008-09-25 22:35:57 +00:00
Daniel Stenberg
1b9d311b5c - Fixed the HTTP Digest auth code to not behave badly when getting a blank realm
with realm="". http://curl.haxx.se/bug/view.cgi?id=2126435
2008-09-25 14:09:22 +00:00
Daniel Stenberg
d369a2b775 - Introducing Jamie Lokier's function for date to epoch conversion used in the
date parser function. This makes our function less dependent on system-
  provided functions and instead we do all the magic ourselves. We also no
  longer depend on the TZ environment variable.
2008-09-23 11:00:01 +00:00
Daniel Stenberg
23e5402bec - Rob Crittenden brought a patch to "add some locking for thread-safety to NSS
implementation".
2008-09-23 10:27:04 +00:00
Daniel Stenberg
391e8afd1f - Made the SOCKS code use the new Curl_read_plain() function to fix the bug
Markus Moeller reported: http://curl.haxx.se/mail/archive-2008-09/0016.html

- recv() errors other than those equal to EAGAIN now cause proper
  CURLE_RECV_ERROR to get returned. This made test case 160 fail so I've now
  disabled it until we can figure out another way to exercise that logic.
2008-09-22 23:12:00 +00:00
Daniel Stenberg
c4a694862c - Michael Goffioul filed bug report #2107377 "Problem with mutli + GnuTLS +
proxy" (http://curl.haxx.se/bug/view.cgi?id=2107377) that showed how a multi
  interface using program didn't work when built with GnuTLS and a CONNECT
  request was done over a proxy (basically test 502 over a proxy to a HTTPS
  site). It turned out the ssl connect function would get called twice which
  caused the second call to fail.
2008-09-22 20:42:13 +00:00
Yang Tse
6abbbaad1b fix regression in configure script which affected OpenSSL builds on MSYS 2008-09-20 12:44:44 +00:00
Dan Fandrich
f7cce15156 Mike Revi discovered some swapped speed switches documented in the curl man
page.
2008-09-09 18:45:52 +00:00
Daniel Stenberg
2816902f0e Dmitry Kurochkin fixed pipelining over proxy using the multi interface 2008-09-08 12:15:09 +00:00
Daniel Stenberg
f72a26d340 - Stefan Krause pointed out that libcurl would wrongly send away cookies to
sites in cases where the cookie clearly has a very old expiry date. The
  condition was simply that libcurl's date parser would fail to convert the
  date and it would then count as a (timed-based) match. Starting now, a
  missed date due to an unsupported date format or date range will now cause
  the cookie to not match.
2008-09-08 11:36:19 +00:00
Dan Fandrich
91ff938035 Improved the logic the decides whether to use HTTP 1.1 features or not in a
request.

Detect cases where an upload must be sent chunked and the server supports
only HTTP 1.0 and return CURLE_UPLOAD_FAILED.
2008-09-05 17:58:53 +00:00
Daniel Stenberg
18110b519c - Martin Drasar provided the CURLOPT_POSTREDIR patch. It renames
CURLOPT_POST301 (but adds a define for backwards compatibility for you who
  don't define CURL_NO_OLDIES). This option allows you to now also change the
  libcurl behavior for a HTTP response 302 after a POST to not use GET in the
  subsequent request (when CURLOPT_FOLLOWLOCATION is enabled). I edited the
  patch somewhat before commit. The curl tool got a matching --post302
  option. Test case 1076 was added to verify this.
2008-09-05 16:13:20 +00:00
Daniel Stenberg
4c9768565e - Introducing CURLOPT_CERTINFO and the corresponding CURLINFO_CERTINFO. By
enabling this feature with CURLOPT_CERTINFO for a request using SSL (HTTPS
  or FTPS), libcurl will gather lots of server certificate info and that info
  can then get extracted by a client after the request has completed with
  curl_easy_getinfo()'s CURLINFO_CERTINFO option. Linus Nielsen Feltzing
  helped me test and smoothen out this feature.

  Unfortunately, this feature currently only works with libcurl built to use
  OpenSSL.

  This feature was sponsored by networking4all.com - thanks!
2008-09-05 14:29:21 +00:00
Daniel Stenberg
873e734c39 - Dmitriy Sergeyev pointed out that curl_easy_pause() didn't unpause properly
during certain conditions. I also changed this code to use realloc() based
  on Daniel Fandrich's suggestion.
2008-09-05 09:37:37 +00:00
Yang Tse
29f7f468ce sync with reality 2008-09-05 00:16:35 +00:00
Daniel Stenberg
bbc002a505 - Keith Mok added supported_protocols and supported_features to the pkg-config
file for libcurl, and while doing that fix he unified with curl-config.in
  how the supported protocols and features are extracted and used, so both those
  tools should now always be synced.
2008-09-02 12:07:08 +00:00
Daniel Stenberg
91d7a6f8a9 an impressive 672 contributors (counter after the 7.19.0 release) 2008-09-01 15:29:24 +00:00
Daniel Stenberg
238db14002 clear the way for 7.19.1 work! 2008-09-01 15:26:28 +00:00
Daniel Stenberg
6ebc2b2561 the web mirror system is dropped 2008-09-01 14:38:40 +00:00
Daniel Stenberg
558f034007 mention the curl_off_t changes first 2008-09-01 14:27:24 +00:00
Daniel Stenberg
c67a99ff27 - When libcurl was doing a HTTP POST and the server would respond with
"Connection: close" and actually close the connection after the
  response-body, libcurl could still have outstanding data to send and it
  would not properly notice this and stop sending. This caused weirdness and
  sad faces. http://curl.haxx.se/bug/view.cgi?id=2080222

  Note that there are still reasons to consider libcurl's behavior when
  getting a >= 400 response code while sending data, as Craig Perras' note
  "http upload: how to stop on error" specifies:
  http://curl.haxx.se/mail/archive-2008-08/0138.html
2008-08-29 10:47:59 +00:00
Daniel Stenberg
099b62f124 - Dengminwen reported that libcurl would lock a (cookie) share twice (without
an unlock in between) for a certain case and that in fact works when using
  regular windows mutexes but not with pthreads'! Locks should of course not
  get locked again so this is now fixed.
  http://curl.haxx.se/mail/lib-2008-08/0422.html
2008-08-28 07:37:29 +00:00
Dan Fandrich
8ce78ca488 Fixed test case 1065 by changing the handling of CURLOPT_UPLOAD to set
the HTTP method to GET (or HEAD) when given a value of 0.
2008-08-28 06:28:07 +00:00
Daniel Stenberg
13dc82b9d4 - Constantine Sapuntzakis fixed a bug when doing proxy CONNECT with the multi
interface, and the proxy would send Connection: close during the
  authentication phase.  http://curl.haxx.se/bug/view.cgi?id=2069047
2008-08-23 12:11:38 +00:00
Dan Fandrich
e3ad6d2bd1 Fixed a problem when --dump-header - was given with more than one URL,
which caused an error when the second header was dumped due to stdout
being closed.  Added test case 1066 to verify.  Also fixed a potential
problem where a closed file descriptor might be used for an upload
when more than one URL is given.
2008-08-22 22:57:25 +00:00
Yang Tse
9bb5da968c Improved curl_m*printf() integral data type size and signedness handling 2008-08-22 11:11:33 +00:00
Daniel Stenberg
0f98ba4729 Jamie Lokier is always helpful and this time around too... 2008-08-22 07:59:42 +00:00
Daniel Stenberg
3743f515cf - Phil Pellouchoud pointed out that the windows version of libcurl had a
memory leak because it never called the OpenSSL function
  CRYPTO_cleanup_all_ex_data() as it was supposed to. This was because of a
  missing define in config-win32.h!
2008-08-20 19:29:00 +00:00
Daniel Stenberg
a2c50a980c on second thought, let's remove this number from here since it doesn't really
belong among the release numbers anyway
2008-08-13 10:57:11 +00:00
Daniel Stenberg
23478b891f dead mirrors removed => http://curl.haxx.se/mail/lib-2008-08/0208.html 2008-08-13 10:55:23 +00:00
Dan Fandrich
389e50ff1e Added a few user-visible bug fixes 2008-08-13 00:43:46 +00:00
Daniel Stenberg
14a5596346 - Andy Tsouladze fixed runtests.pl to not attempt to execute the stunnel
_directory_ if that happened to appear in the path!
2008-08-12 07:21:39 +00:00
Yang Tse
60a3773c50 Added macros for minimum-width signed and unsigned curl_off_t integer
constants CURL_OFF_T_C and CURL_OFF_TU_C. The clever double helper macro
used internally to provide its functionality is thanks to Lars Nilsson.
2008-08-12 03:00:24 +00:00
Daniel Stenberg
f8a3aa91cd - Constantine Sapuntzakis filed bug report #2042430
(http://curl.haxx.se/bug/view.cgi?id=2042430) with a patch. "NTLM Windows
  SSPI code is not thread safe". This was due to libcurl using static
  variables to tell wether to load the necessary SSPI DLL, but now the loading
  has been moved to the more suitable curl_global_init() call.
2008-08-11 20:29:36 +00:00
Daniel Stenberg
019bde82ce - Constantine Sapuntzakis filed bug report #2042440
(http://curl.haxx.se/bug/view.cgi?id=2042440) with a patch. He identified a
  problem when using NTLM over a proxy but the end-point does Basic, and then
  libcurl would do wrong when the host sent "Connection: close" as the proxy's
  NTLM state was erroneously cleared.
2008-08-11 19:26:01 +00:00
Yang Tse
14240e9e10 Initial support of curlbuild.h and curlrules.h which allows
to have a curl_off_t data type no longer gated to off_t.
2008-08-07 00:29:08 +00:00
Daniel Stenberg
ed50e3f1b4 - Yehoshua Hershberg found a problem that would make libcurl re-use a
connection with the multi interface even if a previous use of it caused a
  CURLE_PEER_FAILED_VERIFICATION to get returned. I now make sure that failed
  SSL connections properly close the connections.
2008-08-04 22:07:50 +00:00
Daniel Stenberg
3a499099af - Test cases 1051, 1052 and 1055 were added by Daniel Fandrich on July 30 and
proved how PUT and POST with a redirect could lead to a "hang" due to the
  data stream not being rewound properly when it had to in order to get sent
  properly (again) to the subsequent URL. This is now fixed and these test
  cases are no longer disabled.
2008-08-04 22:00:22 +00:00
Daniel Stenberg
8d012181b0 - Test case 1041 (added by Daniel Fandrich April 14th) proved a bug where PUT
with -C - sent garbage in the Content-Range: header. I fixed this problem by
  making sure libcurl always sets the size of the _entire_ upload if an app
  attemps to do resumed uploads since libcurl simply cannot know the size of
  what is currently at the server end. Test 1041 is no longer disabled.
2008-08-03 22:20:58 +00:00
Daniel Stenberg
d6344d9b5f refer to the new option by its real name 2008-08-03 21:50:56 +00:00
Yang Tse
7c6df7132e No longer test availability of the gdi32 library, nor use it for linking, even
when we have been doing this since revision 1.47 of configure.ac 4 years and
5 months ago when cross-compiling a Windows target. We actually don't use any
function from the Windows GDI (Graphics Device Interface) related with drawing
or graphics-related operations.
2008-08-02 01:44:13 +00:00
Dan Fandrich
42cabc14d4 Added support for --append on SFTP uploads. Unfortunately, OpenSSH doesn't
support this so it goes untested.
2008-08-01 18:41:14 +00:00
Yang Tse
296a6f7749 Sync up with reality 2008-08-01 03:17:38 +00:00
Dan Fandrich
9251dd7b24 User names embedded in proxy URLs without a password were parsed
incorrectly--the host name is treated as part of the user name and the
port number becomes the password.  This can be observed in test 279
(was KNOWN_ISSUE #54).
2008-08-01 02:09:08 +00:00
Dan Fandrich
b4a5ce89c2 Fixed a problem with any FTP URL or any URLs containing an IPv6 address
being mangled when passed to proxies when CURLOPT_PORT is also set
(reported by Pramod Sharma).
2008-07-31 22:46:29 +00:00
Daniel Stenberg
9dfd6eacf4 another option added, bump counter 2008-07-30 21:57:27 +00:00
Daniel Stenberg
5aed78e183 - Phil Blundell added the CURLOPT_SCOPE option, as well as adjusted the URL
parser to allow numerical IPv6-addresses to be specified with the scope
  given, as per RFC4007 - with a percent letter that itself needs to be URL
  escaped. For example, for an address of fe80::1234%1 the HTTP URL is:
  "http://[fe80::1234%251]/"
2008-07-30 21:55:26 +00:00
Daniel Stenberg
ae654266df - PHP's bug report #43158 (http://bugs.php.net/bug.php?id=43158) identifies a
true bug in libcurl built with OpenSSL. It made curl_easy_getinfo() more or
  less always return 0 for CURLINFO_SSL_VERIFYRESULT because the function that
  would set it to something non-zero would return before the assign in almost
  all error cases. The internal variable is now set to non-zero from the start
  of the function only to get cleared later on if things work out fine.
2008-07-30 21:24:59 +00:00
Dan Fandrich
7a8b11d716 Fixed --use-ascii to properly convert text files on Symbian OS, MS-DOS
and OS/2.
2008-07-30 00:09:02 +00:00
Dan Fandrich
b6b03c8ab9 Added feature in runtests.pl to select tests based on key word. 2008-07-27 02:34:27 +00:00
Daniel Stenberg
a96784b98e - David Bau filed bug report #2026240 "CURL_READFUNC_PAUSE leads to buffer
overrun" (http://curl.haxx.se/bug/view.cgi?id=2026240) identifying two
  problems, and providing the fix for them:

  - CURL_READFUNC_PAUSE did in fact not pause the _sending_ of data that it is
    designed for but paused _receiving_ of data!

  - libcurl didn't internally set the read counter to zero when this return
    code was detected, which would potentially lead to junk getting sent to
    the server.
2008-07-26 21:15:47 +00:00
Daniel Stenberg
0d058d2174 - Daniel Fandrich found out we didn't pass on the user-agent properly when
doing "proxy-tunnels" with non-HTTP prototols and that was simply because
  the code assumed the user-agent was only needed for HTTP.
2008-07-11 09:08:27 +00:00
Yang Tse
08ac9866e0 Peter Lamberg filed bug report #2015126: "poll gives WSAEINVAL when POLLPRI
is set in fdset.events" (http://curl.haxx.se/bug/view.cgi?id=2015126) which
exactly pinpointed the problem only triggered on Windows Vista, provided
reference to docs and also a fix. There is much work behind Peter Lamberg's
excellent bug report. Thank You!
2008-07-10 18:01:44 +00:00
Daniel Stenberg
0cd8840dba - Andreas Schuldei improved Phil Blundell's patch for IPv6 using c-ares, and I
edited it slightly. Now you should be able to use IPv6 addresses fine even
  with libcurl built to use c-ares.
2008-07-09 18:39:49 +00:00
Daniel Stenberg
0e5da5b8bc - Scott Barrett provided a test case for a segfault in the FTP code and the
fix for it. It occured when you did a FTP transfer using
  CURLFTPMETHOD_SINGLECWD and then did another one on the same easy handle but
  switched to CURLFTPMETHOD_NOCWD. Due to the "dir depth" variable not being
  cleared properly.  Scott's test case is now known as test 539 and it
  verifies the fix.
2008-07-07 20:37:07 +00:00
Daniel Stenberg
82412f218f Phil Blundell provided a fix for libcurl's treatment of unexpected 1xx
response codes. Previously libcurl would hang on such occurances. I added
test case 1033 to verify.
2008-07-03 08:47:53 +00:00
Daniel Stenberg
7c648782bc Introcuding a new timestamp for curl_easy_getinfo():
CURLINFO_APPCONNECT_TIME. This is set with the "application layer"
handshake/connection is completed (typically SSL, TLS or SSH). By using this
you can figure out the application layer's own connect time. You can extract
the time stamp using curl's -w option and the new variable named
'time_appconnect'. This feature was sponsored by Lenny Rachitsky at NeuStar.
2008-07-03 06:56:03 +00:00
Yang Tse
97333deb3f fallback to gettimeofday when monotonic clock is unavailable at run-time 2008-07-02 03:04:56 +00:00
Daniel Stenberg
400d9d4205 - Rolland Dudemaine provided fixes to get libcurl to build for the INTEGRITY
operating system.
2008-07-01 21:53:47 +00:00
Daniel Stenberg
eb60ba23f5 - Stephen Collyer and Tor Arntsen helped identify a flaw in the range code
which output the range using a signed variable where it should rather use
  unsigned.
2008-06-30 13:07:05 +00:00
Yang Tse
1058e5fdde John Lightsey filed bug report #1999181: "CLOCK_MONOTONIC always fails on
some systems" (http://curl.haxx.se/bug/view.cgi?id=1999181). The problem was
that the configure script did not use the _POSIX_MONOTONIC_CLOCK feature test
macro when checking monotonic clock availability. This is now fixed and the
monotonic clock will not be used unless the feature test macro is defined
with a value greater than zero indicating always supported.
2008-06-29 03:19:20 +00:00
Daniel Stenberg
d92945bb8a - Eduard Bloch filed the debian bug report #487567
(http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487567) pointing out that
  libcurl used Content-Range: instead of Range when doing a range request with
  --head (CURLOPT_NOBODY). This is now fixed and test case 1032 was added to
  verify.
2008-06-22 20:38:16 +00:00
Daniel Stenberg
da97f78ae0 - Phil Pellouchoud found a case where libcurl built with NSS failed to
handshake with a SSLv2 server, and it turned out to be because it didn't
  recognize the cipher named "rc4-md5". In our list that cipher was named
  plainly "rc4". I've now added rc4-md5 to work as an alias as Phil reported
  that it made things work for him again.
2008-06-20 11:15:54 +00:00
Daniel Stenberg
422fd933f5 - Hans-Jurgen May pointed out that trying SCP or SFTP over a SOCKS proxy
crashed libcurl. This is now addressed by making sure we use "plain send"
  internally when doing the socks handshake instead of the Curl_write()
  function which is designed to use the "target" protocol. That's then SCP or
  SFTP in this case. I also took the opportunity and cleaned up some ssh-
  related #ifdefs in the code for readability.
2008-06-20 10:43:32 +00:00
Daniel Stenberg
d09b6ecaa5 - Christopher Palow fixed a curl_multi_socket() issue which previous caused
libcurl to not tell the app properly when a socket was closed (when the name
  resolve done by c-ares is done) and then immediately re-created and put to
  use again (for the actual connection). Since the closure will make the
  "watch status" get lost in several event-based systems libcurl will need to
  tell the app about this close/re-create case.
2008-06-19 21:32:51 +00:00
Daniel Stenberg
fb2e71b9bd - Dengminwen found a bug in the connection re-use function when using the
multi interface with pipelining enabled as it would wrongly check for,
  detect and close "dead connections" even though that connection was already
  in use!
2008-06-19 08:31:22 +00:00
Daniel Stenberg
e547bfa933 - Rob Crittenden brought a fix for the NSS layer that makes libcurl no longer
always fire up a new connection rather than using the existing one when the
  multi interface is used. Original bug report:
  https://bugzilla.redhat.com/show_bug.cgi?id=450140
2008-06-18 22:01:55 +00:00
Dan Fandrich
c1a71ad14f Fixed curl-config --ca which wasn't being exported by configure. 2008-06-13 00:03:12 +00:00
Daniel Stenberg
c6efb82526 the next release is now called 7.19.0 2008-06-08 21:04:46 +00:00
Daniel Stenberg
5abfdc0140 - curl the tool now deals with its command line options somewhat differently!
All boolean options (such as -O, -I, -v etc), both short and long versions,
  now always switch on/enable the option named. Using the same option multiple
  times thus make no difference. To switch off one of those options, you need
  to use the long version of the option and type --no-OPTION. Like to disable
  verbose mode you use --no-verbose!

- Added --remote-name-all to curl, which if used changes the default for all
  given URLs to be dealt with as if -O is used. So if you want to disable that
  for a specific URL after --remote-name-all has been used, you muse use -o -
  or --no-remote-name.
2008-06-08 20:53:49 +00:00
Daniel Stenberg
621c2b9015 - Axel Tillequin and Arnaud Ebalard added support for CURLOPT_ISSUERCERT, for
OpenSSL, NSS and GnuTLS-built libcurls.
2008-06-06 20:52:32 +00:00
Daniel Stenberg
3fe8251dfb - Axel Tillequin and Arnaud Ebalard added support for CURLOPT_CRLFILE, for
OpenSSL, NSS and GnuTLS-built libcurls.
2008-06-06 18:40:21 +00:00
Daniel Stenberg
930a45e7a9 - Added CURLINFO_PRIMARY_IP as a new information retrievable with
curl_easy_getinfo. It returns a pointer to a string with the most recently
  used IP address. Modified test case 500 to also verify this feature. The
  implementing of this feature was sponsored by Lenny Rachitsky at NeuStar.
2008-06-06 17:33:35 +00:00
Daniel Stenberg
230e4547e8 start working on 7.18.3! 2008-06-04 16:05:48 +00:00
Dan Fandrich
6f0a2608b4 Fixed a problem where telnet data would be lost if an EWOULDBLOCK
condition were encountered.
2008-06-03 18:03:11 +00:00
Daniel Stenberg
ec4f6e93c2 - Emil Romanus found a problem and helped me repeat it. It occured when using
the curl_multi_socket() API with HTTP pipelining enabled and could lead to
  the pipeline basically stalling for a very long period of time until it took
  off again.
2008-05-28 20:56:19 +00:00
Daniel Stenberg
b49dcfb52b - Jeff Weber reported memory leaks with aborted SCP and SFTP transfers and
provided excellent repeat recipes. I fixed the cases I managed to reproduce
  but Jeff still got some (SCP) problems even after these fixes:
  http://curl.haxx.se/mail/lib-2008-05/0342.html
2008-05-28 20:31:28 +00:00
Daniel Stenberg
f7815fa93c - Bug report #1973352 (http://curl.haxx.se/bug/view.cgi?id=1973352) identified
how the HTTP redirect following code didn't properly follow to a new URL if
  the new url was but a query string such as "Location: ?moo=foo". Test case
  1031 was added to verify this fix.
2008-05-26 20:39:41 +00:00
Daniel Stenberg
b97606f0b0 Andreas Faerber and Scott McCreary made (lib)curl build for the Haiku OS 2008-05-26 15:09:28 +00:00
Yang Tse
c57e748107 David Rosenstrauch reported that header files spnegohelp.h and
openssl/objects.h were needed to compile SPNEGO support.
2008-05-26 03:10:34 +00:00
Daniel Stenberg
a9a05a32bd Nikolai Kondrashov for his man page update 2008-05-24 11:20:11 +00:00
Daniel Stenberg
b006c31b7b - When trying to repeat a multi interface problem I fell over a few multi
interface problems:

  o with pipelining disabled, the state should never be set to WAITDO but
    rather go straight to DO

  o we had multiple states for which the internal function returned no socket
    at all to wait for, with the effect that libcurl calls the socket callback
    (when curl_multi_socket() is used) with REMOVE prematurely (as it would be
    added again within very shortly)

  o when in DO and DOING states, the HTTP and HTTPS protocol handler functions
    didn't return that the socket should be waited for writing, but instead it
    was treated as if no socket was needing monitoring so again REMOVE was
    called prematurely.
2008-05-19 20:58:12 +00:00
Daniel Stenberg
514592b892 - Introducing curl_easy_send() and curl_easy_recv(). They can be used to send
and receive data over a connection previously setup with curl_easy_perform()
  and its CURLOPT_CONNECT_ONLY option. The sendrecv.c example was added to
  show how they can be used.
2008-05-12 21:43:24 +00:00
Yang Tse
19479ea021 Internal time differences now use monotonic time source if available.
This also implies the removal of the winmm.lib dependency for WIN32.
2008-05-09 16:31:51 +00:00
Daniel Stenberg
0510759bc4 - Stefan Krause reported a busy-looping case when using the multi interface
and doing CONNECT to a proxy. The app would then busy-loop until the proxy
  completed its response.
2008-05-09 12:59:24 +00:00
Daniel Stenberg
e481d679b2 - Liam Healy filed the debian bug report #480044
(http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480044) identifying a
  segfault when using krb5 ftp, but the krb4 code had the same problem.
2008-05-07 21:02:21 +00:00
Yang Tse
eb68aa38e3 Christopher Palow provided the patch (edited by me) that introduces
the use of microsecond resolution keys for internal splay trees.

http://curl.haxx.se/mail/lib-2008-04/0513.html
2008-05-07 15:41:41 +00:00
Daniel Stenberg
4e3d235e04 - Yuriy Sosov pointed out a configure fix for detecting c-ares when that is
built debug-enabled.
2008-05-03 22:04:39 +00:00
Daniel Stenberg
fc9e0d2249 - Ben Van Hof filed bug report #1945240: "libcurl sometimes sends body twice
when using CURL_AUTH_ANY" (http://curl.haxx.se/bug/view.cgi?id=1945240).
  The problem was that when libcurl rewound a stream meant for upload when it
  would prepare for a second request, it could accidentally continue the
  sending of the rewound data on the first request instead of on the second.
  Ben also provided test case 1030 that verifies this fix.
2008-05-03 21:45:12 +00:00
Daniel Stenberg
b84b71f524 - Jean-Francois Bertrand reported a libcurl crash with CURLOPT_TCP_NODELAY
since libcurl used getprotobyname() and that isn't thread-safe. We now
  switched to use IPPROTO_TCP unconditionally, but perhaps the proper fix is
  to detect the thread-safe version of the function and use that.
  http://curl.haxx.se/mail/lib-2008-05/0011.html
2008-05-03 13:43:35 +00:00
Daniel Stenberg
3d29bda9f8 - Bart Whiteley provided a patch that made libcurl work properly when an app
uses the CURLOPT_OPENSOCKETFUNCTION callback to create a unix domain socket
  to a http server.
2008-05-01 21:34:34 +00:00
Daniel Stenberg
852989856d - To make it easier for applications that want lots of magic stuff done on
redirections and thus cannot use CURLOPT_FOLLOWLOCATION easily, we now
  introduce the new CURLINFO_REDIRECT_URL option that lets applications
  extract the URL libcurl would've redirected to if it had been told to. This
  then enables the application to continue to that URL as it thinks is
  suitable, without having to re-implement the magic of creating the new URL
  from the Location: header etc. Test 1029 verifies it.
2008-04-30 21:20:08 +00:00
Daniel Stenberg
7a6cff4b3a - Norbert Frese filed bug report #1951588: "Problem with curlftpfs and
libcurl" (http://curl.haxx.se/bug/view.cgi?id=1951588) which seems to be an
  identical report to what Denis Golovan reported in
  http://curl.haxx.se/mail/lib-2008-02/0108.html The FTP code didn't reset the
  user/password pointers properly even though there might've been a new
  struct/cconnection getting used.
2008-04-28 21:29:17 +00:00
Dan Fandrich
1960eebc2d Added support for running on Symbian OS. 2008-04-22 22:53:53 +00:00
Michal Marek
af41ada7aa allow disabling the typechecker by defining CURL_DISABLE_TYPECHECK, as
discussed in http://curl.haxx.se/mail/lib-2008-04/0291.html
2008-04-14 19:01:41 +00:00
Daniel Stenberg
6a33a4456e - Stefan Krause reported a case where the OpenSSL handshake phase wasn't
properly acknowledging the timeout values, like if you pulled the network
  plug in the midst of it.
2008-04-14 15:26:34 +00:00
Daniel Stenberg
cda1f2be58 mention Sandor as contributor 2008-04-14 15:20:07 +00:00
Daniel Stenberg
ead2618c31 - Brock Noland reported that curl behaved differently depending on which order
you used -i and -I.
2008-04-14 14:42:06 +00:00
Daniel Stenberg
84eb9fee76 - Andre Guibert de Bruet found and fixed a case where malloc() was called but
was not checked for a NULL return, in the Negotiate code.
2008-04-12 11:50:51 +00:00
Michal Marek
d0a4b50e19 - Fix the MIT / Heimdal check for good:
Define HAVE_GSSMIT if <gssapi/{gssapi.h,gssapi_generic.h,gssapi_krb5.h}> are
  available, otherwise define HAVE_GSSHEIMDAL if <gssapi.h> is available.

  Only define GSS_C_NT_HOSTBASED_SERVICE to gss_nt_service_name if
  GSS_C_NT_HOSTBASED_SERVICE isn't declared by the gssapi headers. This should
  avoid breakage in case we wrongly recognize Heimdal as MIT again.
2008-04-07 09:26:30 +00:00
Daniel Stenberg
ebaf06a741 - Alexey Simak fixed curl_easy_reset() to reset the max redirect limit properly 2008-04-05 21:13:44 +00:00
Daniel Stenberg
a9c1ca9fc5 - Setting CURLOPT_NOBODY to FALSE will now switch the HTTP request method to
GET simply because previously when you set CURLOPT_NOBODY to TRUE first and
  then FALSE you'd end up in a broken state where a HTTP request would do a
  HEAD by still act a lot like for a GET and hang waiting for the content etc.
2008-04-03 21:44:49 +00:00
Daniel Stenberg
d051dd8087 Scott Barrett added support for CURLOPT_NOBODY over SFTP 2008-04-03 20:56:59 +00:00
Daniel Stenberg
a2314225e0 - Added CURLFORM_STREAM as a supported option to curl_formadd() to allow an
application to provide data for a multipart with the read callback. Note
  that the size needs to be provided with CURLFORM_CONTENTSLENGTH when the
  stream option is used. This feature is verified by the new test case
  554. This feature was sponsored by Xponaut.
2008-03-31 10:02:23 +00:00
Daniel Stenberg
d219269f1b back to a blank for 7.18.2 2008-03-30 09:22:45 +00:00
Daniel Stenberg
cd2814725a - Stephen Collyer pointed out that configure --with-libssh2 without a given
path didn't work properly but now it does!
2008-03-27 23:13:57 +00:00
Daniel Stenberg
b425e851fb - As found out and reported by Dan Petitt, libcurl didn't show progress/call
the progress callback for the first (potentially huge) piece of body data
  sent together with the POST request headers in the initial send().
2008-03-27 13:07:12 +00:00
Daniel Stenberg
7c6a026230 spell! 2008-03-25 19:23:26 +00:00
Daniel Stenberg
2c9763da3e - Made setting the CURLOPT_SSL_CTX_FUNCTION option return a failure in case
libcurl wasn't built to use OpenSSL as that is a prerequisite for this
  option to function!
2008-03-25 19:19:49 +00:00
Daniel Stenberg
95bd901efe - Fixed the problem with doing a zero byte SCP transfer, verified with test
case 617 (which was added by Daniel Fandrich 5 Mar 2008).
2008-03-22 22:00:21 +00:00
Dan Fandrich
516192e7f2 Jes reported the curl-config bug 2008-03-20 20:16:01 +00:00
Dan Fandrich
c37cdbe2cf Fixed a problem where curl-config --protocols could erroneously show LDAPS
support when curl didn't even have regular LDAP support.  It looks like
this could happen when the --enable-ldaps configure switch is given but
configure couldn't find the LDAP headers or libraries.
2008-03-20 20:08:44 +00:00
Michal Marek
86cbb23282 - Added --with-ca-path=DIRECTORY configure option to use an openSSL CApath by
default instead of a ca bundle. The configure script will also look for a
  ca path if no ca bundle is found and no option given.

- Fixed detection of previously installed curl-ca-bundle.crt
2008-03-20 08:09:23 +00:00
Dan Fandrich
e9a460411f Fixed an infinite loop when given an invalid SFTP quote command. 2008-03-18 22:59:04 +00:00
Michal Marek
6f3166c15b - Added curl_easy_getinfo typechecker.
- Added macros for curl_share_setopt and curl_multi_setopt to check at least
  the correct number of arguments.
2008-03-18 08:14:37 +00:00
Daniel Stenberg
641d5c4111 - Brian Ulm figured out that if you did an SFTP upload with
CURLOPT_FTP_CREATE_MISSING_DIRS to create a directory, and then re-used the
  handle and uploaded another file to another directory that needed to be
  created, the second upload would fail. Another case of a state variable that
  wasn't properly reset between requests.

- I rewrote the 100-continue code to use a single state variable instead of
  the previous two ones. I think it made the logic somewhat clearer.
2008-03-13 21:43:39 +00:00
Daniel Stenberg
b9d66dca51 - Dmitry Popov filed bug report #1911069
(http://curl.haxx.se/bug/view.cgi?id=1911069) that identified a race
  condition in the name resolver code when the DNS cache is shared between
  multiple easy handles, each running in simultaneous threads that could cause
  crashes.
2008-03-11 22:55:23 +00:00
Daniel Stenberg
ecf1c6ca5d - Added a macro for curl_easy_setopt() that accepts three arguments and simply
does nothing with them, just to make sure libcurl users always use three
  arguments to this function. Due to its use of ... for the third argument, it
  is otherwise hard to detect abuse.
2008-03-11 13:14:16 +00:00
Michal Marek
7a8a20416f - Added a type checking macro for curl_easy_setopt(), needs gcc-4.3 and only
works in C mode atm (http://curl.haxx.se/mail/lib-2008-02/0267.html ,
  http://curl.haxx.se/mail/lib-2008-02/0292.html )
2008-03-11 07:37:40 +00:00
Daniel Stenberg
82e095a275 - Brian Ulm reported a crash when doing a second SFTP transfer on a re-used
easy handle if curl_easy_reset() was used between them. I fixed it and Brian
  verified that it cured his problem.

- Brian Ulm reported that if you first tried to download a non-existing SFTP
  file and then fetched an existing one and re-used the handle, libcurl would
  still report the second one as non-existing as well! I fixed it abd Brian
  verified that it cured his problem.
2008-03-09 11:37:48 +00:00
Michal Marek
40e1a016f9 Fix the gssapi configure check to detect newer MIT Kerberos (patch by
Michael Calmer)
2008-03-06 17:22:45 +00:00
Yang Tse
91aeebed26 Regression fix:
select/poll calls will only be retried upon EINTR failures as
it previously was in lib/select.c revision 1.29

In this way Curl_socket_ready() and Curl_poll() will again fail
on any select/poll errors different than EINTR.
2008-03-06 03:48:33 +00:00
Daniel Stenberg
0836893335 Mike Protts brought a patch that makes resumed transfers work with SFTP. 2008-03-04 11:53:15 +00:00
Daniel Stenberg
590f0358d8 - Anatoli Tubman found and fixed a crash with Negotiate authentication used on
a re-used connection where both requests used Negotiate.
2008-03-01 22:32:03 +00:00
Daniel Stenberg
74241e7d85 - Kaspar Brand made GnuTLS-built libcurl properly acknowledge the option that
forces it to prefer SSLv3.
2008-02-25 07:51:39 +00:00
Daniel Stenberg
6982ed4db7 - Sam Listopad provided a patch in feature-request #1900014
http://curl.haxx.se/bug/feature.cgi?id=1900014 that makes libcurl (built to
  use OpenSSL) support a full chain of certificates in a given PKCS12
  certificate.
2008-02-23 12:27:45 +00:00
Daniel Stenberg
9dd3e4d481 - Georg Lippitsch made the src/Makefile.vc6 makefile use the same memory model
options as the lib/Makefile.vc6 already did.
2008-02-22 22:53:01 +00:00
Daniel Stenberg
e9bb7b7712 - Zmey Petroff found a crash when libcurl accessed a NULL pointer, which
happened if you set the connection cache size to 1 and for example failed to
  login to an FTP site. Bug report #1896698
  (http://curl.haxx.se/bug/view.cgi?id=1896698)
2008-02-21 17:52:16 +00:00
Daniel Stenberg
e6170eb20d - Fixed test case 405 to not fail when libcurl is built with GnuTLS 2008-02-20 12:18:08 +00:00
Daniel Stenberg
53a549000c - Based on initial work done by Gautam Kachroo to address a bug, we now keep
better control at the exact state of the connection's SSL status so that we
  know exactly when it has completed the SSL negotiation or not so that there
  won't be accidental re-uses of connections that are wrongly believed to be
  in SSL-completed-negotiate state.
2008-02-20 09:56:26 +00:00
Daniel Stenberg
55700cb01f - We no longer support setting the CURLOPT_URL option from inside a callback
such as the CURLOPT_SSL_CTX_FUNCTION one treat that as if it was a Location:
  following. The patch that introduced this feature was done for 7.11.0, but
  this code and functionality has been broken since about 7.15.4 (March 2006)
  with the introduction of non-blocking OpenSSL "connects".

  It was a hack to begin with and since it doesn't work and hasn't worked
  correctly for a long time and nobody has even noticed, I consider it a very
  suitable subject for plain removal. And so it was done.
2008-02-20 08:28:02 +00:00
Daniel Stenberg
fb23b85770 - We're no longer providing a very old ca-bundle in the curl tarball. You can
get a fresh one downloaded and created with 'make ca-bundle' or you can get
  one from here => http://curl.haxx.se/docs/caextract.html if you want a fresh
  new one extracted from Mozilla's recent list of ca certs.

  The configure option --with-ca-bundle now lets you specify what file to use
  as default ca bundle for your build. If not specified, the configure script
  will check a few known standard places for a global ca cert to use.
2008-02-18 11:35:12 +00:00
Daniel Stenberg
3458ce9ae5 - Jerome Muffat-Meridol helped me fix Curl_done() to close the current
connection by force when it was called before the entire request is
  completed, simply because we can't know if the connection really can be
  re-used safely at that point.
2008-02-17 13:49:58 +00:00
Daniel Stenberg
e78652d850 - Made the gnutls code path not even try to get the server cert if no peer
verification is requested. Previously it would even return failure if gnutls
  failed to get the server cert even though no verification was asked for.

- Fix my Curl_timeleft() leftover mistake in the gnutls code
2008-02-15 22:37:00 +00:00
Daniel Stenberg
d2ad98d8c5 new mirror and mirror recount after cleansing 2008-02-15 09:29:57 +00:00
Daniel Stenberg
d25aab2704 - Pooyan McSporran found and fixed a flaw where you first would do a normal
http request and then you'd reuse the handle and replace the Accept: header,
  as then libcurl would send two Accept: headers!
2008-02-15 08:56:06 +00:00
Yang Tse
736af32b49 Bug report #1888932 (http://curl.haxx.se/bug/view.cgi?id=1888932) points
out and provides test program that demonstrates that libcurl might not set
error description message for error CURLE_COULDNT_RESOLVE_HOST for Windows
threaded name resolver builds. Fixed now.
2008-02-10 04:20:09 +00:00
Daniel Stenberg
4c841a1f0c - Mike Hommey filed and fixed bug report #1889856
(http://curl.haxx.se/bug/view.cgi?id=1889856): When using the gnutls ssl
  layer, cleaning-up and reinitializing curl ends up with https requests
  failing with "ASN1 parser: Element was not found" errors. Obviously a
  regression added in 7.16.3.
2008-02-08 22:02:00 +00:00
Daniel Stenberg
c3a7a757f7 Gnter Knauf added lib/mk-ca-bundle.pl which gets the Firefox ca bundle and
creates a suitable ca-bundle.crt file in PEM format for use with curl. The
recommended way to run it is to use 'make ca-bundle' in the build tree root.
2008-02-08 11:16:44 +00:00
Daniel Stenberg
1b701c746f - Refactored a lot of timeout code into a few functions in an attempt to make
them all use the same (hopefully correct) logic to make it less error-prone
  and easier to introduce library-wide where it should be used.
2008-02-07 22:25:04 +00:00
Yang Tse
20e9fc73e2 Fix problem in strdup replacement when dealing with absolutely huge strings. 2008-02-06 19:01:13 +00:00
Daniel Stenberg
a62e155ca4 - Niklas Angebrand made the cookie support in libcurl properly deal with the
"HttpOnly" feature introduced by Microsoft and apparently also supported by
  Firefox: http://msdn2.microsoft.com/en-us/library/ms533046.aspx . HttpOnly
  is now supported when received from servers in HTTP headers, when written to
  cookie jars and when read from existing cookie jars.
2008-01-31 12:21:57 +00:00
Daniel Stenberg
1bfbd25027 - Dmitry Kurochkin fixed Curl_done() for pipelining, as it could previously
crash!
2008-01-29 12:58:25 +00:00
Daniel Stenberg
ceb5a8ca7b - Michal Marek fixed minor mistake in test case 553 that prevented it from
working on other IP-addresses or port numbers.
2008-01-29 12:31:11 +00:00
Daniel Stenberg
ddc98c6fc9 start over on 7.18.1 2008-01-28 21:19:15 +00:00
Daniel Stenberg
c6df788866 - Kevin Reed filed bug report #1879375
(http://curl.haxx.se/bug/view.cgi?id=1879375) which describes how libcurl
  got lost in this scenario: proxy tunnel (or HTTPS over proxy), ask to do any
  proxy authentication and the proxy replies with an auth (like NTLM) and then
  closes the connection after that initial informational response.

  libcurl would not properly re-initialize the connection to the proxy and
  continue the auth negotiation like supposed. It does now however, as it will
  now detect if one or more authentication methods were available and asked
  for, and will thus retry the connection and continue from there.

- I made the progress callback get called properly during proxy CONNECT.
2008-01-25 23:33:45 +00:00
Daniel Stenberg
fb07259e0d and Igor Franchuk is his name! 2008-01-24 17:17:18 +00:00
Daniel Stenberg
c914e6ea5d "Igor" pointed out that CURLOPT_COOKIELIST set to "ALL" leaked memory, and so
did "SESS". Fixed now.
2008-01-23 22:22:12 +00:00
Daniel Stenberg
ef0ed9b720 Dmitry Kurochkin removed the cancelled state for pipelining, as we agreed
that it is bad anyway. Starting now, removing a handle that is in used in a
pipeline will break the pipeline - it'll be set back up again but still...
2008-01-21 23:48:58 +00:00
Daniel Stenberg
fcf9029179 Judson provided an example, and the added mirror adds the count 2008-01-20 11:29:30 +00:00
Daniel Stenberg
bdd0e3d3f5 http://curl.very-clever.com/ is a new mirror in Nuremberg, Germany 2008-01-20 11:07:43 +00:00
Daniel Stenberg
62df0ff025 Lau Hang Kin found and fixed a problem with the multi interface when doing
CONNECT over a proxy. curl_multi_fdset() didn't report back the socket
properly during that state, due to a missing case in the switch in the
multi_getsock() function.
2008-01-18 21:51:10 +00:00
Daniel Stenberg
bcaadb4284 curl-java 0.2.1 2008-01-17 22:43:29 +00:00
Daniel Stenberg
301ae1ae1b Nathan Coulter's patch that makes runtests.pl respect the PATH when figuring
out what valgrind to run.
2008-01-16 22:08:37 +00:00
Yang Tse
3d55877764 fix handling of out of memory in the command line tool that afected
data url encoded HTTP POSTs when reading it from a file.
2008-01-16 21:01:30 +00:00
Daniel Stenberg
b3de497d83 Dmitry Kurochkin worked a lot on improving the HTTP Pipelining support that
previously had a number of flaws, perhaps most notably when an application
fired up N transfers at once as then they wouldn't pipeline at all that
nicely as anyone would think... Test case 530 was also updated to take the
improved functionality into account.
2008-01-16 12:24:00 +00:00
Daniel Stenberg
ed6466d176 Calls to Curl_failf() are not supposed to provide a trailing newline as the
function itself adds that. Fixed on 50 or something strings!
2008-01-15 23:19:02 +00:00
Daniel Stenberg
53108806af Joe Malicki filed bug report #1871269
(http://curl.haxx.se/bug/view.cgi?id=1871269) and we could fix his hang-
problem that occurred when doing a large HTTP POST request with the
response-body read from a callback.
2008-01-14 22:02:14 +00:00
Daniel Stenberg
4ab8ebb232 I re-arranged the curl --help output. All the options are now sorted on
their long option names and all descriptions are one-liners.
2008-01-12 22:56:12 +00:00
Daniel Stenberg
f866af912d Eric Landes provided the patch (edited by me) that introduces the
--keepalive-time to curl to set the keepalive probe interval. I also took
the opportunity to rename the recently added no-keep-alive option to
no-keepalive to keep a consistent naming and to avoid getting two dashes in
these option names. Eric also provided an update to the man page for the new
option.
2008-01-12 22:10:53 +00:00
Daniel Stenberg
08adf67969 Daniel Egger made CURLOPT_RANGE work on file:// URLs the very same way it
already worked for FTP:// URLs
2008-01-11 14:20:41 +00:00