1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-23 00:28:48 -05:00
Commit Graph

5830 Commits

Author SHA1 Message Date
Yang Tse
fdf157abdf ftp.c: fix some leaks torture tests detected 2011-08-30 - follow-up
follow-up for commit d20408e8
2011-09-01 15:38:30 +02:00
Yang Tse
5ea65fbc79 ssh.c: fix realloc() OOM handling 2011-08-31 18:15:29 +02:00
Yang Tse
0b018a0a05 ftp.c: fix some leaks torture tests detected 2011-08-30 - follow-up
follow-up for commit c06de200
2011-08-31 18:14:38 +02:00
Yang Tse
d20408e816 fix some leaks torture tests detected 2011-08-30 2011-08-31 03:50:07 +02:00
Yang Tse
c06de20025 fix some leaks torture tests detected 2011-08-30 2011-08-31 01:58:06 +02:00
Yang Tse
5a45dc4a29 pingpong.c: fix Curl_pp_vsendf() arbitrary restrictions on command length
This removes command length restrictions on calling functions.
2011-08-29 14:27:06 +02:00
Yang Tse
78199b6030 NTLM: header inclusion cleanup follow-up 2011-08-28 11:29:09 +02:00
Yang Tse
05ef245170 NTLM: header inclusion cleanup 2011-08-28 07:15:46 +02:00
Yang Tse
662c1d87f3 NTLM: END of refactoring/splitting/moving
First:

File curl_ntlm.h renamed curl_ntlm_msgs.h
File curl_ntlm.c renamed curl_ntlm_msgs.c

Afterwards:

File http_ntlm.c renamed curl_ntlm.c
File http_ntlm.h renamed curl_ntlm.h
2011-08-28 02:00:02 +02:00
Yang Tse
135f694058 NTLM: move NTLM core specifics into curl_ntlm_core.[ch] 2011-08-28 01:19:08 +02:00
Yang Tse
260ee6b7bf NTLM_WB: move NTLM_WB specifics into curl_ntlm_wb.[ch] 2011-08-27 19:16:10 +02:00
Yang Tse
b976d108f1 NTLM_WB: final congruency naming adjustments
Configure script option --enable-wb-ntlm-auth renamed to --enable-ntlm-wb
Configure script option --disable-wb-ntlm-auth renamed to --disable-ntlm-wb

Preprocessor symbol WINBIND_NTLM_AUTH_ENABLED renamed to NTLM_WB_ENABLED
Preprocessor symbol WINBIND_NTLM_AUTH_FILE renamed to NTLM_WB_FILE

Test harness env var CURL_NTLM_AUTH renamed to CURL_NTLM_WB_FILE

Static function wb_ntlm_close renamed to ntlm_wb_cleanup
Static function wb_ntlm_initiate renamed to ntlm_wb_init
Static function wb_ntlm_response renamed to ntlm_wb_response
2011-08-27 06:31:18 +02:00
Yang Tse
b4f6319cf7 NTLM single-sign on adjustments (XI)
Feature string literal NTLM_SSO renamed to NTLM_WB.
Preprocessor symbol USE_NTLM_SSO renamed to WINBIND_NTLM_AUTH_ENABLED.
curl's 'long' option 'ntlm-sso' renamed to 'ntlm-wb'.
Fix some comments to make clear that this is actually a NTLM delegation.
2011-08-27 01:33:35 +02:00
Daniel Stenberg
0fd2bf3726 Curl_read_plain: indent code 2011-08-26 23:20:27 +02:00
Yang Tse
407e08baad NTLM single-sign on adjustments (X)
Functions renamed:

Curl_output_ntlm_sso -> Curl_output_ntlm_wb
sso_ntlm_close -> wb_ntlm_close
sso_ntlm_response -> wb_ntlm_response
sso_ntlm_initiate -> wb_ntlm_initiate

Preprocessor symbols renamed:

CURLAUTH_NTLM_SSO -> CURLAUTH_NTLM_WB
CURL_VERSION_NTLM_SSO -> CURL_VERSION_NTLM_WB
2011-08-26 18:57:50 +02:00
Steve Holme
d535cff775 http NTLM: refactoring followup
Output of Curl_ntlm_create_type1_message() and Curl_ntlm_create_type3_message()
functions is now already base64 encoded.
2011-08-25 15:13:13 +02:00
Yang Tse
e83421baf4 include limits.h for INT_MAX 2011-08-24 14:00:42 +02:00
Yang Tse
aa5c72af15 add missing semicolons 2011-08-24 13:58:37 +02:00
Daniel Stenberg
b9c63b9a73 add missing semicolons 2011-08-24 11:56:23 +02:00
Daniel Stenberg
cb5e72bf62 safefree use: fix compiler warning
include the prototype header
2011-08-24 11:55:49 +02:00
Steve Holme
e882416e75 SMTP authentication: fix ordering of preferred authentication method
Fixed the order of the preferred SMTP authentication method to:
AUTH CRAM-MD5, AUTH LOGIN then AUTH PLAIN.

AUTH PLAIN should be the last as it slightly more insecure than AUTH LOGIN
as the username and password are sent together - there is no handshaking
between the client and server like there is with AUTH LOGIN.
2011-08-24 08:55:25 +02:00
Yang Tse
fd00b382b2 base64: fix Curl_base64_encode and Curl_base64_decode interfaces
Previous interfaces for these libcurl internal functions did not allow to tell
apart a legitimate zero size result from an error condition. These functions
now return a CURLcode indicating function success or otherwise specific error.
Output size is returned using a pointer argument.

All usage of these two functions, and others closely related, has been adapted
to the new interfaces. Relative error and OOM handling adapted or added where
missing. Unit test 1302 also adapted.
2011-08-24 08:10:30 +02:00
Steve Holme
006b011cdf http NTLM: remaining bits from 0001-Moved-ntlm-[...]-curl_ntlm-mod_3.patch
* Added function comments:
    - Curl_ntlm_decode_type2_message
    - Curl_ntlm_create_type1_message
    - Curl_ntlm_create_type3_message

* Modification of ntlm processing state to NTLMSTATE_TYPE2 is now done
  only when Curl_ntlm_decode_type2_message() has fully succeeded.
2011-08-22 16:42:59 +02:00
Yang Tse
1c400b4e5e zlib: ensure user provided memory functions are used by zlib, when given
As a bonus, this lets our MemoryTracking subsystem track zlib operations.
And also fixes a shortcut some zlib 1.2.x versions took using malloc()
instead of calloc(), which would trigger memory debuggers warnings on
memory being used without having been initialized.
2011-08-21 13:24:46 +02:00
Yang Tse
aaab5fa299 MemoryTracking: adjust initialization calling
Calling of curl_memdebug() was still done with a pending free()
2011-08-20 17:26:42 +02:00
Daniel Stenberg
2d7c79af76 tcpconnect: follow-up commit after b998d95b
As I modified conn->bits.tcpconnect to become an array that holds one
bool for each potential connection all uses of that struct field must
index it correctly.
2011-08-19 23:39:56 +02:00
Yang Tse
38c5e81a67 ssh.c: add PATH_MAX definition for WIN32 2011-08-19 21:25:39 +02:00
Daniel Stenberg
3af9ba166c connect: set TIMER_CONNECT
When connecting, make sure TIMER_CONNECT is set.
2011-08-19 00:16:01 +02:00
Daniel Stenberg
b998d95b4d FTP: fix proxy connect race condition
When using the multi interface, a SOCKS proxy, and a connection that
wouldn't immediately consider itself connected (which my Linux tests do
by default), libcurl would be tricked into doing _two_ connects to the
SOCKS proxy when it setup the data connection and then of course the
second attempt would fail miserably and cause error.

This problem is a regression that was introduced by commit
4a42e5cdaa that was introduced in the 7.21.7 release.

Bug: http://curl.haxx.se/mail/lib-2011-08/0199.html
Reported by: Fabian Keil
2011-08-18 23:35:15 +02:00
Daniel Stenberg
d44896508c Curl_SOCKS4: minor code compression 2011-08-18 23:28:50 +02:00
Yang Tse
9afb343368 zlib: enforce full initialization of our data space z_stream structs 2011-08-18 20:10:51 +02:00
Daniel Stenberg
1833984664 VC makefiles: fixed variable name mistake 2011-08-17 23:51:37 +02:00
Yang Tse
31a1af5ebb MemoryTracking: adjust curl_domalloc() and curl_dofree() memory filling
Until 2011-08-17 libcurl's Memory Tracking feature also performed
automatic malloc and free filling operations using 0xA5 and 0x13
values. Our own preinitialization of dynamically allocated memory
might be useful when not using third party memory debuggers, but
on the other hand this would fool memory debuggers into thinking
that all dynamically allocated memory is properly initialized.

As a default setting, libcurl's Memory Tracking feature no longer
performs preinitialization of dynamically allocated memory on its
own. If you know what you are doing, and really want to retain old
behavior, you can achieve this compiling with preprocessor symbols
CURL_MT_MALLOC_FILL and CURL_MT_FREE_FILL defined with appropriate
values.
2011-08-17 19:02:42 +02:00
Yang Tse
9710f387c4 MemoryTracking: make curl_docalloc() call calloc() avoiding our zero fill 2011-08-16 22:24:23 +02:00
Daniel Stenberg
4ed7abb537 MSVC makefiles: provide SSH build targets
"release-ssl-ssh2-zlib" and "debug-ssl-ssh2-zlib" are two new makefile
targets that build libcurl with MSVC and link with libssh2

Bug: http://curl.haxx.se/bug/view.cgi?id=3388920
Reported by: "kdekker"
2011-08-15 23:22:06 +02:00
Daniel Stenberg
93ba8b9560 Curl_pgrsStartNow: clear all flags but HIDE
As bug 3385258 pointed out but I missed up the fix for. This is another
take at a fix.

Bug: http://curl.haxx.se/bug/view.cgi?id=3392101
Reported by: Wu Yongzheng
2011-08-15 22:13:18 +02:00
Kamil Dudka
d6f319fb64 nss: start with no database if the selected database is broken
Bug: https://bugzilla.redhat.com/728562
2011-08-15 14:44:49 +02:00
Yang Tse
b9d5e72adc http NTLM: reinstate "nssg.h" "curl_sspi.h" header inclusions 2011-08-15 01:34:34 +02:00
Daniel Stenberg
44b44a751d telnet: allow programatic use on Windows
Summary of the issue can be found at:
http://curl.haxx.se/mail/lib-2010-04/0367.html

That patch only updated the unix sockets code - the winsock code was not
updated and no longer works the same was as the unix code. This change
updates the windows code accordingly.

Bug: http://curl.haxx.se/bug/view.cgi?id=3163118
2011-08-14 23:30:15 +02:00
Yang Tse
e575cbc815 http NTLM: reinstate "memdebug.h" header inclusion
Inclusion of header "memdebug.h" in http_ntlm.c got lost in commit 98fb0ef7.
2011-08-14 21:19:22 +02:00
Daniel Stenberg
f0c59c6c2c RTSP: GET_PARAMETER requests have a body
Bug: http://curl.haxx.se/bug/view.cgi?id=3383692
2011-08-14 19:07:54 +02:00
Daniel Stenberg
dfb18da5dc Curl_output_ntlm: remove unused variable 2011-08-14 18:54:21 +02:00
Yang Tse
dc4f9d185d http NTLM: fix 8 compiler warnings
Strict splitting of http_ntlm.[ch] may trigger 8 compiler warnings when
building with some compilers and strict compiler warnings enabled, depending
on other specific configuration options some could get triggered or not.

Seven are related with 'unused function parameters' and another one with
'var may be used before its value is set'.
2011-08-14 16:36:47 +02:00
Yang Tse
98fb0ef73e http NTLM: split http_ntlm.[ch] between http_ntlm.[ch] and curl_ntlm.[ch]
For modularity purposes, huge chunks of NTLM existing code is transformed into
functions to allow future internal code reuse.

Resulting three new libcurl private functions:

 - Curl_ntlm_create_type1_message()
 - Curl_ntlm_create_type3_message()
 - Curl_ntlm_decode_type2_message()

Changing static ntlm_sspi_cleanup() into non-static Curl_ntlm_sspi_cleanup()

This 'refactoring' has been prepared by previous commits to allow that this
specific one does not introduce any change to existing code. All existing
goodness and badness previous to this commit should remain the same once it is
applied, the only difference should be that existing code is moved into
functions.

Given the quite big portions of code being moved around, and the importance of
change traceability, this commit has been done in such a way that it is
possible to perform a three-way diff from initial http_ntlm.[ch] to resulting
http_ntlm.[ch] and curl_ntlm.[ch] to actually verify that no functional change
is introduced here.

Notice that Steve Holme has provided several patches, but these included this
refactoring along with 'extra' fixes. I really wanted this 'clean' refactoring
done first, in order to allow discussion or committing of 'extra' fixes on a
case by case basis, so, I had to bite the bullet ;-)

Comments, line adjustments, compiler warning fixes, whatever, may follow
afterwards.
2011-08-14 15:45:19 +02:00
Yang Tse
08b05efd20 http_negotiate_sspi.c: fix compiler warning
warning C4706: assignment within conditional expression
2011-08-14 00:05:05 +02:00
Yang Tse
b4d6db83de http NTLM: change return type of Curl_input_ntlm() to CURLcode
Remove CURLntlm enum, no longer required.
2011-08-13 23:59:29 +02:00
Daniel Stenberg
a30ede868a VC6 makefiles: added embedded documentation
Just a note about the fact that all VC[6/8/9/10] makefiles are generated
from the VC6 one as source.
2011-08-13 22:30:56 +02:00
Daniel Stenberg
e40c663d36 Curl_retry_request: check return code!
Curl_readrewind() was called without checking its return code, which
could lead to badness.

Bug: http://curl.haxx.se/bug/view.cgi?id=3349227
2011-08-13 00:51:16 +02:00
Yang Tse
1e4187f8bf http NTLM: update NTLM type-* message structure descriptions - followup 2011-08-13 00:20:51 +02:00
Yang Tse
a472ceb174 http NTLM: fix inclusion of curl_ntlm.h 2011-08-12 22:01:27 +02:00
Yang Tse
092189c664 http NTLM: update NTLM message structure notes 2011-08-12 21:13:01 +02:00
Steve Holme
301e907aed http NTLM: move portions of http_ntlm.h into new curl_ntlm.h 2011-08-12 20:02:01 +02:00
Yang Tse
3293150da2 http NTLM: more adjustments in preparation of code refactoring
Use preprocessor symbol NTLM_BUFSIZE to define private NTLM buffer fixed size.

Use a SessionHandle 'data' pointer variable to ease refactoring.

Update NTLM type-* message structure descriptions.

Fix some more spacing and typos (Steve Holme).
2011-08-12 19:51:50 +02:00
Yang Tse
448f982d54 http NTLM: fix compiler warning 2011-08-11 09:06:06 +02:00
Steve Holme
f396d94736 http NTLM: Tidied up more inconsistent spacing.
Moved NTLMSSP_SIGNATURE, HOSTNAME_MAX, SHORTPAIR and LONGQUARTET definitions in ready for move to curl_ntlm.c.

Used separate variables for Windows SSPI and native code to ease moving of code to curl_ntlm.c.

Fixed typographical erros where SPPI should be SSPI.

Fixed compilation warnings on 64-bit builds when calling Windows SSPI functions.
2011-08-11 02:18:16 +02:00
Yang Tse
c7fb556f26 http NTLM: Further tiding up to libcurl standards 2011-08-09 22:57:22 +02:00
Steve Holme
5ed17de326 http NTLM: Tidied up http_ntlm prior to splitting the ntlm specific code 2011-08-09 22:57:22 +02:00
Daniel Stenberg
7c21c1c4f9 cookie parser: handle 'secure='
There are two keywords in cookie headers that don't follow the regular
name=value style: secure and httponly. Still we must support that they
are written like 'secure=' and then treat them as if they were written
'secure'. Test case 31 was much extended by Rob Ward to test this.

Bug: http://curl.haxx.se/bug/view.cgi?id=3349227
Reported by: "gnombat"
2011-08-09 14:02:05 +02:00
Daniel Stenberg
45d883d88d CURLFORM_BUFFER: insert filename as documented
A regression where CURLFORM_BUFFER stopped to properly insert the file
name part in the formpart. Bug introduced in commit f851f76857.

Added CURLFORM_BUFFER use to test 554 to verify this.

Bug: http://curl.haxx.se/mail/lib-2011-07/0176.html
Reported by: Henry Ludemann
2011-08-08 18:45:03 +02:00
Daniel Stenberg
3dcc0df5cc SOCKS: fix the connect timeout
The connect timeout logic when using SOCKS was done wrong

Bug: http://curl.haxx.se/mail/lib-2011-07/0177.html
Reported by: "Spoon Man"
2011-08-08 11:23:31 +02:00
Daniel Stenberg
da3ae20da5 ftp_doing: bail out on error properly
When a failure has been detected we must abort immdiately.

Bug: http://curl.haxx.se/mail/lib-2011-07/0177.html
Reported by: "Spoon Man"
2011-08-08 10:43:09 +02:00
Cristian Rodríguez
3d919440c8 OpenSSL: Use SSL_MODE_RELEASE_BUFFERS if available, reduces memory use
See also :
http://www.openssl.org/docs/ssl/SSL_CTX_set_mode.html
http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html

Signed-off-by: Cristian Rodríguez <crrodriguez@opensuse.org>
2011-08-07 22:58:31 +02:00
Daniel Stenberg
15379f0614 Curl_pgrsStartNow: clear all bits except HIDE
Bug: http://curl.haxx.se/bug/view.cgi?id=3385258
Reported by: Ben Winslow
2011-08-07 22:26:57 +02:00
Daniel Stenberg
f2a6373629 readwrite_data: improved C-E decoding error message 2011-08-07 19:55:23 +02:00
Yang Tse
2ccffbb37e BSD-style lwIP TCP/IP stack support - followup
lwIP library initialization.
2011-08-07 08:45:57 +02:00
Yang Tse
1db023d3cb NTLM single-sign on adjustments (IX)
Use swrite/sread instead of write/read to avoid SIGPIPE
2011-08-07 03:05:04 +02:00
Yang Tse
91ad42412f config-win32.h: comments adjustments 2011-08-06 19:18:43 +02:00
Christian Hägele
704dc18440 asyn-thread: check for dotted addresses before thread starts 2011-08-06 15:21:42 +02:00
Yang Tse
40e1d03c5d checksrc.pl: add quotes to var 2011-08-05 21:24:59 +02:00
Yang Tse
c95fec5e5b keep a single copy of config-win32.h in version control repository - followup
Allow configure builds to generate src/config-win32.h

Skip checksrc on src/config-win32.h contents already checked at lib/config-win32.h

Allow multiple -W in checksrc.pl
2011-08-05 21:01:39 +02:00
Yang Tse
f6272dd9b8 BSD-style lwIP TCP/IP stack support - followup 2011-08-05 15:53:00 +02:00
Yang Tse
f0fae85acd keep a single copy of config-win32.h in version control repository.
maketgz and buildconf.bat updated to reflect this.
2011-08-05 13:20:22 +02:00
Daniel Stenberg
17f343290c create_conn: mark non-HTTP proxies accordingly
A proxy could be marked 'httpproxy' wrongly before if set with an
environment variable or with the CURLOPT_PROXY option with a socks*://
prefix or similar.

Added test 710 to verify

Bug: http://curl.haxx.se/mail/lib-2011-07/0194.html
2011-08-05 00:44:40 +02:00
Yang Tse
a6ed2b8426 BSD-style lwIP TCP/IP stack support:
Allow compilation of libcurl and curl using BSD-style lwIP on Win32.

In order to compile libcurl and curl with this support it is necessary
to edit files lib/config-win32.h and src/config-win32.h and uncomment
a line to make definition of preprocessor symbol USE_LWIPSOCK visible.

Afterwards you can compile as usual.

In order to use compiled library with BSD-style lwIP TCP/IP stack in
your program it is mandatory that you include lwIP header file <lwip/opt.h>
before including <curl/curl.h> or <curl/multi.h>

Compilation has been verified with lwIP 1.4.0 and contrib-1.4.0 from:

http://download.savannah.gnu.org/releases/lwip/lwip-1.4.0.zip
http://download.savannah.gnu.org/releases/lwip/contrib-1.4.0.zip

Have fun!
2011-08-04 21:27:29 +02:00
Kamil Dudka
ddf0b30ffd curl_gssapi: add a missing include of sendf.h
... to avoid build failure when GSS_C_DELEG_POLICY_FLAG is not defined.

Reported by: Paul Howarth
2011-08-03 18:07:07 +02:00
Kamil Dudka
a7864c41db curl_gssapi: refine the handling of CURLOPT_GSSAPI_DELEGATION
Suggested by Richard Silverman.
2011-08-03 10:56:41 +02:00
Adam Tkac
ebf42c4be7 Add new CURLOPT_GSSAPI_DELEGATION option.
Curl_gss_init_sec_context got new parameter - SessionHandle.

Signed-off-by: Adam Tkac <atkac@redhat.com>
2011-08-03 10:23:34 +02:00
Yang Tse
10a0bed485 NTLM single-sign on adjustments (VIII)
Use preprocessor symbols WINBIND_NTLM_AUTH_ENABLED and WINBIND_NTLM_AUTH_FILE
for Samba's winbind daemon ntlm_auth helper code implementation and filename.

Retain preprocessor symbol USE_NTLM_SSO for NTLM single-sign-on feature
availability implementation independent.

For test harness, prefix NTLM_AUTH environment vars with CURL_

Refactor and rename configure option --with-ntlm-auth to --enable-wb-ntlm-auth[=FILE]
2011-07-31 20:44:41 +02:00
Yang Tse
ad8193fbb9 NTLM single-sign on adjustments (VII)
Initialize variables when connectdata object is created.
2011-07-29 16:27:15 +02:00
Yang Tse
bcbac913d6 socketpair() usage tracking to allow fd leak detection 2011-07-29 13:27:10 +02:00
Dan Fandrich
c01c000b16 Avoid a "shadows global declaration" warning on old MIT Kerberos
Defining NCOMPAT eliminates the backwards-compatibility macros
that are the source of the problem and which we don't need,
anyway.
2011-07-28 14:04:13 -07:00
Dan Fandrich
9779553221 Give the NTLM SSO helper a moment to cleanly shut down if needed 2011-07-28 12:42:39 -07:00
Dan Fandrich
435e2bc757 Removed an extraneous \n that violated the SSO daemon protocol
This caused fake_ntlm to abort due to an invalid command
causing sporadic test 2005 failures.
2011-07-28 12:41:44 -07:00
Dan Fandrich
02e59579ef Fixed a couple of memory leaks in NTLM SSO support 2011-07-27 18:08:10 -07:00
Yang Tse
dddf9aa610 NTLM single-sign on adjustments (IV)
Fix compiler warning
2011-07-27 20:10:02 +02:00
Yang Tse
4eb08ac1c0 NTLM single-sign on adjustments (III)
Provide some error tracing and fix execl() calling.
2011-07-27 19:12:06 +02:00
Yang Tse
41c6c78a08 fix compiler warning 2011-07-26 21:36:35 +02:00
Yang Tse
78bbd0eecf fix compiler warning 2011-07-26 19:42:16 +02:00
Yang Tse
f1586cb477 stdio.h, stdlib.h, string.h, stdarg.h and ctype.h inclusion done in setup_once.h 2011-07-26 17:23:27 +02:00
Yang Tse
983f3d70f9 WIN32 io.h and fcntl.h inclusion done in setup_once.h 2011-07-25 05:30:14 +02:00
Yang Tse
0337b87197 time.h and sys/time.h inclusion conditionally done in setup_once.h 2011-07-25 04:08:08 +02:00
Yang Tse
0a26b0e3e7 errno.h inclusion conditionally done in setup_once.h - followup 2011-07-25 03:10:24 +02:00
Yang Tse
ef2176109f errno.h inclusion conditionally done in setup_once.h 2011-07-24 04:39:43 +02:00
Ben Winslow
27b8814017 progress: reset flags at transfer start
When an easy handle is used to download an URI which has no
Content-Length header (or equivalent) after downloading an URI which
does, the value from the previous transfer is reused and returned by
CURLINFO_CONTENT_LENGTH_DOWNLOAD. This is because the progress flags
(used to determine whether such a header was received) are not reset
between transfers.

Bug: http://curl.haxx.se/bug/view.cgi?id=3370895
2011-07-22 22:50:58 +02:00
Daniel Stenberg
3f9b4afdfd http error response: stop sending when error is received
When libcurl has said to the server that there's a POST or PUT coming
(with a content-length and all) it has to either deliver that amount of
data or it needs to close the connection before trying a second request.

Adds test case 1129, 1130 and 1131

The bug report is about when used with 100-continue, but the change is
more generic.

Bug: http://curl.haxx.se/mail/lib-2011-06/0191.html
Reported by: Steven Parkes
2011-07-20 00:08:41 +02:00
Michael Mueller
d007c3ca76 sso_ntlm_initiate: unassigned variable
Bug: http://curl.haxx.se/mail/lib-2011-07/0109.html
2011-07-19 23:54:21 +02:00
Mandy Wu
a6d4807d02 NTLM single-sign on supported
With the use of the 'ntlm_auth' tool from the Samba project
2011-07-18 23:36:36 +02:00
Julien Chaffraix
6e3285d5b1 curl_gssapi: Guard files with HAVE_GSSAPI.
Bug: http://curl.haxx.se/mail/lib-2011-07/0074.html
Reported and fix suggested by: Ben Greear
2011-07-13 21:16:03 -07:00
Daniel Stenberg
44b5847237 gssapi: rename our files to avoid conflicts
gssapi.h is used as a header name by Heimdal-style GSSAPI so it would
conflict with a private header using that name, and while renaming the
header I figured we should name the .c file accordingly as well.

Bug: http://curl.haxx.se/mail/lib-2011-07/0071.html
Reported by: Ben Greear
2011-07-13 22:54:54 +02:00
Daniel Stenberg
ee4ed46128 silence picky compilers: mark unused parameters
Modern gcc versions (4.6.X) get more picky by default and have started
to warn for unused parameters, but luckily gcc also allows us to mark
them as unused so that we can avoid the warnings.
2011-07-12 23:24:52 +02:00
Julien Chaffraix
2af0287856 gssapi.c: Simplified the function.
Removed the parameters that were common to all our invocation.
2011-07-12 07:06:26 -07:00
Julien Chaffraix
20485a4885 Added Curl_gss_init_sec_context.
This function wraps our calls to gss_init_sec_context so that we
have a unified way to talk to GSSAPI.
2011-07-12 07:06:25 -07:00
Julien Chaffraix
6488e03f44 http_negociate: Be consistent in gss_init_sec_context attributes.
This change makes this callsite match the rest of the code.
2011-07-12 07:06:25 -07:00
Daniel Stenberg
b680fd180b code style: space between close paren and open brace 2011-07-04 22:10:32 +02:00
Daniel Stenberg
dc97475ded checksrc: detect open brace without space
We use "if(condition) {" with a space between the close paren and the
open brace.
2011-07-04 22:08:14 +02:00
Daniel Stenberg
c6e3081090 polarssl.h: remove CVS leftover 2011-07-04 22:04:04 +02:00
Daniel Stenberg
bcf50283fc Curl_http_readwrite_headers: minor indent fix 2011-07-01 22:57:28 +02:00
Daniel Stenberg
2e2e5f247a get_gss_name: proxy auth without proxy set equals error
Previously it would access a NULL pointer and die.

Bug: http://curl.haxx.se/mail/lib-2011-06/0170.html
Reported by: Christian Hagele
2011-06-29 12:27:37 +02:00
Daniel Stenberg
57d51be60c parsedate: detect more invalid dates better 2011-06-23 13:49:29 +02:00
Daniel Stenberg
5c314c6bb4 Curl_input_negotiate: do not delegate GSSAPI credentials
This is a security flaw. See curl advisory 20110623 for details.

Reported by: Richard Silverman
2011-06-22 23:04:26 +02:00
Josue Andrade Gomes
9016958aa8 windows build: use correct MS CRT 2011-06-21 20:05:06 +02:00
Ori Avtalion
af6dcc92d5 [pop3] remove extra space in LIST command
Some servers, e.g. mail.bezeqint.net:110, consider it a syntax error
2011-06-21 18:12:05 +03:00
Yang Tse
57064e4a0d http: fix compiler warning
compiler warning: conditional expression is constant
2011-06-21 16:28:15 +02:00
Yang Tse
d9e71809cb asyn-thread: fix compiler warning
compiler warning: variable is initialized but not referenced
2011-06-21 16:06:56 +02:00
Yang Tse
a7cc54a5a8 cmake: remove spurious definition 2011-06-21 15:28:03 +02:00
Amr Shahin
c9f16e67ef unitteset: Curl_llist_move
adding unit test for Curl_llist_move, documenting unit-tested functions
in llist.c, changing unit-test to unittest, replacing assert calls with
abort_unless calls
2011-06-19 22:22:49 +02:00
Daniel Stenberg
f851f76857 CURLFORM_STREAM: acknowledge CURLFORM_FILENAME
The CURLFORM_STREAM is documented to only insert a file name (and thus
look like a file upload) in the part if CURLFORM_FILENAME is set, but in
reality it always inserted a filename="" and if CURLFORM_FILENAME wasn't
set, it would insert insert rubbish (or possibly crash).

This is now fixed to work as documented, and test 554 has been extended
to verify this.

Reported by: Sascha Swiercy
Bug: http://curl.haxx.se/mail/lib-2011-06/0070.html
2011-06-17 22:23:42 +02:00
Daniel Stenberg
0aedccc18a curl_formget: fix FILE * leak
Properly deal with the fact that the last fread() call most probably is
a short read, and when using callbacks in fact all calls can be short
reads. No longer consider a file read done until it returns a 0 from the
read function.

Reported by: Aaron Orenstein
Bug: http://curl.haxx.se/mail/lib-2011-06/0048.html
2011-06-13 22:32:00 +02:00
Daniel Stenberg
85881f9f35 curl_formget: treat CURLFORM_STREAM better
If a piece is set to use a callback to get the data, it should not be
treated as data. It unfortunately also requires that curl_easy_perform()
or similar has been used as otherwise the callback function hasn't been
figured out and curl_formget won't know how to get the content.
2011-06-13 22:05:13 +02:00
Daniel Stenberg
ee015947d4 long/int mess
Typecast when converting to int from long to avoid some compiler warnings
2011-06-11 22:56:45 +02:00
Daniel Stenberg
c4dd8df081 splay: add unit tests
The test code that was #ifdef'ed in the code was converted into unit
tests in test case 1309. I also removed the #if 0'ed code from splay.c
2011-06-10 20:19:35 +02:00
Daniel Stenberg
0f7bea7c3a unittest: mark all unit tested functions
With "@unittest: [num]" in the header comment for each tested function.
Shows we have a log way to go still...
2011-06-10 14:40:46 +02:00
Kamil Dudka
f551aa5c16 disconnect: wipe out the keeps_speed time stamp
When closing a connection, the speedchecker's timestamp is now deleted
so that it cannot accidentally be used by a fresh connection on the same
handle when examining the transfer speed.

Bug: https://bugzilla.redhat.com/679709
2011-06-08 00:23:41 +02:00
Yang Tse
377f88364e urldata: use uniform inclusion style for OpenSSL headers 2011-06-07 18:35:42 +02:00
Daniel Stenberg
c0b9dd27b5 HTTP time condition: force closure for 200 OK
When a time condition isn't met, so that no body is delivered to the
application even though a 2xx response is being read from the server, we
must close the connection to avoid a re-use of the connection to be
completely tricked.

Added test 1128 to verify.
2011-06-07 13:40:11 +02:00
Daniel Stenberg
7559b77727 wait_ms: takes an int argument
Typecasts added since I changed more code to use long for timeouts
2011-06-05 12:06:50 +02:00
Daniel Stenberg
4f170ee8f9 Curl_socket_ready: make timeout a 'long'
It was mostly typecasted to int all over the code so switching to long
instead all over should be a net gain.
2011-06-04 21:19:14 +02:00
Daniel Stenberg
9776f3445d cookie_output: made private 2011-06-03 20:02:07 +02:00
Daniel Stenberg
adeac15d8e digest_cleanup_one: made private 2011-06-03 19:54:17 +02:00
Daniel Stenberg
5d4e5593d5 privatise: make private functions static 2011-06-03 19:51:08 +02:00
Daniel Stenberg
c2eb8c932d Curl_fileinfo_dup: removed, not used 2011-06-03 19:33:23 +02:00
Daniel Stenberg
a6f14e17b7 parsedate: turn private and static
I removed the prefix as well accordingly.
2011-06-03 19:31:32 +02:00
Yang Tse
65a9fa59dc Remove unnecessary typecast 2011-06-02 19:42:24 +02:00
Yang Tse
9eea43dce2 compiler warning: fix
Fix compiler warning: cast increases required alignment
2011-06-02 19:19:36 +02:00
Yang Tse
970117ef2d OpenSSL enabled: require OPENSSL_VERSION_NUMBER definition before usage. 2011-06-02 12:52:52 +02:00
Yang Tse
aa76dec33a unit tests: more build adjustments 2011-06-01 21:40:09 +02:00
Yang Tse
685359d4c3 makefile: avoid preprocessor definition usage when linking 2011-06-01 14:43:25 +02:00
Yang Tse
a689072f33 warnless: icc 9.1 workaround 2011-06-01 12:13:42 +02:00
Yang Tse
ecfe0b5b18 Makefile.am: fix spurious CFLAGS duplication 2011-05-30 22:34:06 +02:00
Yang Tse
7dd449d843 warnless: header inclusion fix 2011-05-27 06:56:56 +02:00
Yang Tse
f461c6e61d Make checksrc.pl work on more out-of-tree builds
Source files given with relative paths do not have the
-D directory specifier prepended.
2011-05-26 19:17:10 +02:00
Yang Tse
3c9ff41a1f compiler warning: fix
Fix compiler warning: conversion may lose significant bits
2011-05-26 15:44:53 +02:00
Yang Tse
c8c8816a97 socks: fix unaligned memory access 2011-05-26 14:53:13 +02:00
Daniel Stenberg
017ee34bba create_conn: only switch protocol handler if necessary
When switching to HTTP because a HTTP proxy is being used, the existing
handler is now checked if it already is "compatible". This allows the https
handler remain while other non-http handlers will be redirected.

Bug: http://curl.haxx.se/mail/lib-2011-05/0214.html
Reported by: Jerome Robert
2011-05-25 15:57:38 +02:00
Yang Tse
a947a9ac62 compiler warning: fix followup
Fix compiler warning: variable was set but never used

Fix compiler warning: clobber ignored
2011-05-25 09:56:57 +02:00
Yang Tse
b735717606 compiler warning: fix
Fix compiler warning: variable was set but never used

Fix compiler warning: clobber ignored
2011-05-24 20:39:58 +02:00
Yang Tse
a41c7f9736 build: inclusion guard
Enclose header file in an inclusion guard
2011-05-24 15:42:02 +02:00
Yang Tse
512b2f7740 compiler warning: fix
Fix compiler warning: expression has no effect
2011-05-24 15:18:26 +02:00
Yang Tse
8bdc48eddb compiler warning: fix
Fix compiler warning: `keycheck' might be used uninitialized in this function.
Fix compiler warning: `keybit' might be used uninitialized in this function.
2011-05-23 19:37:41 +02:00
Yang Tse
328600e02b compiler warning: fix
Fix variable declaration placement
2011-05-23 19:04:49 +02:00