Commit Graph

511 Commits

Author SHA1 Message Date
Daniel Stenberg
828a26286d - Kamil Dudka fixed another NSS-related leak when client certs were used. 2009-04-24 21:55:18 +00:00
Daniel Stenberg
235c0077b8 - Toshio Kuratomi reported a memory leak problem with libcurl+NSS that turned
out to be leaking cacerts. Kamil Dudka helped me complete the fix. The issue
  is found in Redhat's bug tracker:
  https://bugzilla.redhat.com/show_bug.cgi?id=453612

  There are still memory leaks present, but they seem to have other reasons.
2009-04-13 17:42:10 +00:00
Daniel Stenberg
042cc1f69e - David Kierznowski notified us about a security flaw
(http://curl.haxx.se/docs/adv_20090303.html also known as CVE-2009-0037) in
  which previous libcurl versions (by design) can be tricked to access an
  arbitrary local/different file instead of a remote one when
  CURLOPT_FOLLOWLOCATION is enabled. This flaw is now fixed in this release
  together this the addition of two new setopt options for controlling this
  new behavior:

  o CURLOPT_REDIR_PROTOCOLS controls what protocols libcurl is allowed to
  follow to when CURLOPT_FOLLOWLOCATION is enabled. By default, this option
  excludes the FILE and SCP protocols and thus you nee to explicitly allow
  them in your app if you really want that behavior.

  o CURLOPT_PROTOCOLS controls what protocol(s) libcurl is allowed to fetch
  using the primary URL option. This is useful if you want to allow a user or
  other outsiders control what URL to pass to libcurl and yet not allow all
  protocols libcurl may have been built to support.
2009-03-02 23:05:31 +00:00
Daniel Stenberg
af91ff0e06 - Linus Nielsen Feltzing reported and helped me repeat and fix a problem with
FTP with the multi interface: when a transfer fails, like when aborted by a
  write callback, the control connection was wrongly closed and thus not
  re-used properly.

  This change is also an attempt to cleanup the code somewhat in this area, as
  now the FTP code attempts to keep (better) track on pending responses
  necessary to get read in ftp_done().
2009-02-20 08:16:03 +00:00
Daniel Stenberg
8f81fd6be5 - CURLOPT_FTP_CREATE_MISSING_DIRS can now be set to 2 in addition to 1 for
plain FTP connections, and it will then allow MKD to fail once and retry the
  CWD afterwards. This is especially useful if you're doing many simultanoes
  connections against the same server and they all have this option enabled,
  as then CWD may first fail but then another connection does MKD before this
  connection and thus MKD fails but trying CWD works! The numbers can
  (should?) now be set with the convenience enums now called
  CURLFTP_CREATE_DIR and CURLFTP_CREATE_DIR_RETRY.

  Tests has proven that if you're making an application that uploads a set of
  files to an ftp server, you will get a noticable gain in speed if you're
  using multiple connections and this option will be then be very useful.
2009-02-17 09:07:25 +00:00
Daniel Stenberg
002cf105c6 - CURLINFO_CONDITION_UNMET was added to allow an application to get to know if
the condition in the previous request was unmet. This is typically a time
  condition set with CURLOPT_TIMECONDITION and was previously not possible to
  reliably figure out. From bug report #2565128
  (http://curl.haxx.se/bug/view.cgi?id=2565128)
2009-02-11 21:47:14 +00:00
Yang Tse
e813bf31d7 Introduced curl_sspi.c and curl_sspi.h for the implementation of functions
Curl_sspi_global_init() and Curl_sspi_global_cleanup() which previously were
named Curl_ntlm_global_init() and Curl_ntlm_global_cleanup() in http_ntlm.c
Also adjusted socks_sspi.c to remove the link-time dependency on the Windows
SSPI library using it now in the same way as it was done in http_ntlm.c.
2009-01-29 20:32:27 +00:00
Daniel Stenberg
de4610a55f - Markus Moeller introduced two new options to libcurl:
CURLOPT_SOCKS5_GSSAPI_SERVICE and CURLOPT_SOCKS5_GSSAPI_NEC to allow libcurl
  to do GSS-style authentication with SOCKS5 proxies. The curl tool got the
  options called --socks5-gssapi-service and --socks5-gssapi-nec to enable
  these.
2009-01-28 21:33:58 +00:00
Daniel Stenberg
0516ce7786 - Chad Monroe provided the new CURLOPT_TFTP_BLKSIZE option that allows an app
to set desired block size to use for TFTP transfers instead of the default
  512 bytes.
2009-01-26 22:43:06 +00:00
Daniel Stenberg
5aeef9c1c8 - Craig A West brought CURLOPT_NOPROXY and the corresponding --noproxy option.
They basically offer the same thing the NO_PROXY environment variable only
  offered previously: list a set of host names that shall not use the proxy
  even if one is specified.
2009-01-25 23:26:25 +00:00
Daniel Stenberg
87c71953be spell-checked a bunch of comments 2009-01-13 06:44:03 +00:00
Dan Fandrich
80ffd3581f Created a CURLMIN macro to match CURLMAX 2009-01-07 19:39:35 +00:00
Daniel Stenberg
07416b61e3 - Using the libssh2 0.19 function libssh2_session_block_directions(), libcurl
now has an improved ability to do right when the multi interface (both
  "regular" and multi_socket) is used for SCP and SFTP transfers. This should
  result in (much) less busy-loop situations and thus less CPU usage with no
  speed loss.
2008-12-19 21:14:52 +00:00
Daniel Stenberg
6e376532b0 - Internet Explorer had a broken HTTP digest authentication before v7 and
there are servers "out there" that relies on the client doing this broken
  Digest authentication. Apache even comes with an option to work with such
  broken clients.

  The difference is only for URLs that contain a query-part (a '?'-letter and
  text to the right of it).

  libcurl now supports this quirk, and you enable it by setting the
  CURLAUTH_DIGEST_IE bit in the bitmask you pass to the CURLOPT_HTTPAUTH or
  CURLOPT_PROXYAUTH options. They are thus individually controlled to server
  and proxy.
2008-12-10 23:13:31 +00:00
Daniel Stenberg
42365aa7ef - Christian Krause filed bug #2221237
(http://curl.haxx.se/bug/view.cgi?id=2221237) that identified an infinite
  loop during GSS authentication given some specific conditions. With his
  patience and great feedback I managed to narrow down the problem and
  eventually fix it although I can't test any of this myself!
2008-12-08 13:52:20 +00:00
Daniel Stenberg
f7ea431516 explain the two *channel_inuse fields somewhat better 2008-12-02 23:00:10 +00:00
Daniel Stenberg
d0b8b5a199 - Bug #2218480 (http://curl.haxx.se/bug/view.cgi?id=2218480) pointed out a
problem with my CURLINFO_PRIMARY_IP fix from October 7th that caused a NULL
  pointer read. I also took the opportunity to clean up this logic (storing of
  the connection's IP address) somewhat as we had it stored in two different
  places and ways previously and they are now unified.
2008-11-03 16:24:56 +00:00
Yang Tse
74e9718370 fix length of longest IPv6 address string 2008-11-03 14:58:08 +00:00
Dan Fandrich
e9c94cdd49 Added experimental support for zlib and OpenSSL on Symbian OS. 2008-10-25 05:41:01 +00:00
Yang Tse
98b13037e7 remove some spurious line-endings 2008-10-17 03:59:02 +00:00
Daniel Stenberg
a9a4300a36 - Igor Novoseltsev added CURLOPT_PROXYUSER and CURLOPT_PROXYPASSWORD that then
make CURLOPT_PROXYUSERPWD sort of deprecated. The primary motive for adding
  these new options is that they have no problems with the colon separator
  that the CURLOPT_PROXYUSERPWD option does.
2008-10-16 20:21:22 +00:00
Daniel Stenberg
08cf6780ba - Igor Novoseltsev brought a patch that introduced two new options to
curl_easy_setopt: CURLOPT_USERNAME and CURLOPT_PASSWORD that sort of
  deprecates the good old CURLOPT_USERPWD since they allow applications to set
  the user name and password independently and perhaps more importantly allow
  both to contain colon(s) which CURLOPT_USERPWD doesn't fully support.
2008-10-08 10:39:43 +00:00
Dan Fandrich
91ff938035 Improved the logic the decides whether to use HTTP 1.1 features or not in a
request.

Detect cases where an upload must be sent chunked and the server supports
only HTTP 1.0 and return CURLE_UPLOAD_FAILED.
2008-09-05 17:58:53 +00:00
Daniel Stenberg
18110b519c - Martin Drasar provided the CURLOPT_POSTREDIR patch. It renames
CURLOPT_POST301 (but adds a define for backwards compatibility for you who
  don't define CURL_NO_OLDIES). This option allows you to now also change the
  libcurl behavior for a HTTP response 302 after a POST to not use GET in the
  subsequent request (when CURLOPT_FOLLOWLOCATION is enabled). I edited the
  patch somewhat before commit. The curl tool got a matching --post302
  option. Test case 1076 was added to verify this.
2008-09-05 16:13:20 +00:00
Daniel Stenberg
4c9768565e - Introducing CURLOPT_CERTINFO and the corresponding CURLINFO_CERTINFO. By
enabling this feature with CURLOPT_CERTINFO for a request using SSL (HTTPS
  or FTPS), libcurl will gather lots of server certificate info and that info
  can then get extracted by a client after the request has completed with
  curl_easy_getinfo()'s CURLINFO_CERTINFO option. Linus Nielsen Feltzing
  helped me test and smoothen out this feature.

  Unfortunately, this feature currently only works with libcurl built to use
  OpenSSL.

  This feature was sponsored by networking4all.com - thanks!
2008-09-05 14:29:21 +00:00
Dan Fandrich
bb67388bbe Made some variables const 2008-09-04 19:43:35 +00:00
Yang Tse
3e61c90dbe Adjust usage of conditional definition of USE_OPENSSL 2008-08-17 01:57:10 +00:00
Daniel Stenberg
5aed78e183 - Phil Blundell added the CURLOPT_SCOPE option, as well as adjusted the URL
parser to allow numerical IPv6-addresses to be specified with the scope
  given, as per RFC4007 - with a percent letter that itself needs to be URL
  escaped. For example, for an address of fe80::1234%1 the HTTP URL is:
  "http://[fe80::1234%251]/"
2008-07-30 21:55:26 +00:00
Dan Fandrich
7a8b11d716 Fixed --use-ascii to properly convert text files on Symbian OS, MS-DOS
and OS/2.
2008-07-30 00:09:02 +00:00
Daniel Stenberg
7c648782bc Introcuding a new timestamp for curl_easy_getinfo():
CURLINFO_APPCONNECT_TIME. This is set with the "application layer"
handshake/connection is completed (typically SSL, TLS or SSH). By using this
you can figure out the application layer's own connect time. You can extract
the time stamp using curl's -w option and the new variable named
'time_appconnect'. This feature was sponsored by Lenny Rachitsky at NeuStar.
2008-07-03 06:56:03 +00:00
Daniel Stenberg
621c2b9015 - Axel Tillequin and Arnaud Ebalard added support for CURLOPT_ISSUERCERT, for
OpenSSL, NSS and GnuTLS-built libcurls.
2008-06-06 20:52:32 +00:00
Daniel Stenberg
3fe8251dfb - Axel Tillequin and Arnaud Ebalard added support for CURLOPT_CRLFILE, for
OpenSSL, NSS and GnuTLS-built libcurls.
2008-06-06 18:40:21 +00:00
Daniel Stenberg
930a45e7a9 - Added CURLINFO_PRIMARY_IP as a new information retrievable with
curl_easy_getinfo. It returns a pointer to a string with the most recently
  used IP address. Modified test case 500 to also verify this feature. The
  implementing of this feature was sponsored by Lenny Rachitsky at NeuStar.
2008-06-06 17:33:35 +00:00
Daniel Stenberg
852989856d - To make it easier for applications that want lots of magic stuff done on
redirections and thus cannot use CURLOPT_FOLLOWLOCATION easily, we now
  introduce the new CURLINFO_REDIRECT_URL option that lets applications
  extract the URL libcurl would've redirected to if it had been told to. This
  then enables the application to continue to that URL as it thinks is
  suitable, without having to re-implement the magic of creating the new URL
  from the Location: header etc. Test 1029 verifies it.
2008-04-30 21:20:08 +00:00
Daniel Stenberg
553ed99e3b Change the confusing two variables for the expect 100 continue stuff into
a single state variable to make the code easier to follow and understand.
2008-03-13 20:56:13 +00:00
Daniel Stenberg
53a549000c - Based on initial work done by Gautam Kachroo to address a bug, we now keep
better control at the exact state of the connection's SSL status so that we
  know exactly when it has completed the SSL negotiation or not so that there
  won't be accidental re-uses of connections that are wrongly believed to be
  in SSL-completed-negotiate state.
2008-02-20 09:56:26 +00:00
Daniel Stenberg
55700cb01f - We no longer support setting the CURLOPT_URL option from inside a callback
such as the CURLOPT_SSL_CTX_FUNCTION one treat that as if it was a Location:
  following. The patch that introduced this feature was done for 7.11.0, but
  this code and functionality has been broken since about 7.15.4 (March 2006)
  with the introduction of non-blocking OpenSSL "connects".

  It was a hack to begin with and since it doesn't work and hasn't worked
  correctly for a long time and nobody has even noticed, I consider it a very
  suitable subject for plain removal. And so it was done.
2008-02-20 08:28:02 +00:00
Daniel Stenberg
ffae4f6b48 - Dmitry Kurochkin cleaned up the pipelining code and removed the need for and
use of the "is_in_pipeline" struct field.
2008-02-03 12:31:35 +00:00
Daniel Stenberg
b620e62f0f - Dmitry Kurochkin moved several struct fields from the connectdata struct to
the SingleRequest one to make pipelining better. It is a bit tricky to keep
  them in the right place, to keep things related to the actual request or to
  the actual connection in the right place.
2008-01-31 12:04:33 +00:00
Daniel Stenberg
ef0ed9b720 Dmitry Kurochkin removed the cancelled state for pipelining, as we agreed
that it is bad anyway. Starting now, removing a handle that is in used in a
pipeline will break the pipeline - it'll be set back up again but still...
2008-01-21 23:48:58 +00:00
Daniel Stenberg
b3de497d83 Dmitry Kurochkin worked a lot on improving the HTTP Pipelining support that
previously had a number of flaws, perhaps most notably when an application
fired up N transfers at once as then they wouldn't pipeline at all that
nicely as anyone would think... Test case 530 was also updated to take the
improved functionality into account.
2008-01-16 12:24:00 +00:00
Daniel Stenberg
991505e077 Woops, partly revert my previous commit and do it slightly differently instead.
The signalling of that a global DNS cache is wanted is done by setting the
option but the setting of the internal variable that it is in use must not be
done until it finally actually gets used!

NOTE and WARNING: I noticed that you can't actually switch off the global dns
cache with CURLOPT_DNS_USE_GLOBAL_CACHE but you couldn't do that previously
either and the option is very clearly and loudly documented as DO NOTE USE so
I won't bother to fix this bug now.
2008-01-15 22:44:12 +00:00
Daniel Stenberg
56f17d2c9f I made the torture test on test 530 go through. This was actually due to
silly code left from when we switched to let the multi handle "hold" the dns
cache when using the multi interface... Of course this only triggered when a
certain function call returned error at the correct moment.
2008-01-15 22:15:55 +00:00
Gisle Vanem
bcc3c9279a Trying GnuTLS and OpenSSL together fails to compile in not so
obvious ways. Give an explicit error.
2008-01-14 16:51:32 +00:00
Daniel Stenberg
18faa50940 Georg Lippitsch brought CURLOPT_SEEKFUNCTION and CURLOPT_SEEKDATA to allow
libcurl to seek in a given input stream. This is particularly important when
doing upload resumes when there's already a huge part of the file present
remotely. Before, and still if this callback isn't used, libcurl will read
and through away the entire file up to the point to where the resuming
begins (which of course can be a slow opereration depending on file size,
I/O bandwidth and more). This new function will also be preferred to get
used instead of the CURLOPT_IOCTLFUNCTION for seeking back in a stream when
doing multi-stage HTTP auth with POST/PUT.
2008-01-10 10:30:19 +00:00
Daniel Stenberg
de23b98522 Introducing curl_easy_pause() and new magic return codes for both the read
and the write callbacks that now can make a connection's reading and/or
writing get paused.
2008-01-08 14:52:05 +00:00
Daniel Stenberg
b430576436 Based on further discussion on curl-library, I reverted yesterday's SOCKS5
code to instead introduce support for a new proxy type called
CURLPROXY_SOCKS5_HOSTNAME that is used to send the host name to the proxy
instead of IP address and there's thus no longer any need for a new
curl_easy_setopt() option.

The default SOCKS5 proxy is again back to sending the IP address to the
proxy.  The new curl command line option for enabling sending host name to a
SOCKS5 proxy is now --socks5-hostname.
2008-01-05 22:04:18 +00:00
Daniel Stenberg
2e42b0a252 Based on Maxim Perenesenko's patch, we now do SOCKS5 operations and let the
proxy do the host name resolving and only if --socks5ip (or
CURLOPT_SOCKS5_RESOLVE_LOCAL) is used we resolve the host name locally and
pass on the IP address only to the proxy.
2008-01-04 23:01:00 +00:00
Daniel Stenberg
1c93e75375 Michal Marek introduced CURLOPT_PROXY_TRANSFER_MODE which is used to control
the appending of the "type=" thing on FTP URLs when they are passed to a
HTTP proxy. Some proxies just don't like that appending (which is done
unconditionally in 7.17.1), and some proxies treat binary/ascii transfers
better with the appending done!
2007-12-02 23:38:23 +00:00
Daniel Stenberg
13648f8ccd struct HandleData is now called struct SingleRequest, and is only for data that
is inited at the start of the DO action. I removed the Curl_transfer_keeper
struct completely, and I had to move out a few struct members (that had to
be set before DO or used after DONE) to the UrlState struct. The SingleRequest
struct is accessed with SessionHandle->req.

One of the biggest reasons for doing this was the bunch of duplicate struct
members in HandleData and Curl_transfer_keeper since it was really messy to
keep track of two variables with the same name and basically the same purpose!
2007-11-24 23:16:55 +00:00
Daniel Stenberg
b6575ce0b0 While inspecting the Negotiate code, I noticed how the proxy auth was using
the same state struct as the host auth, so both could never be used at the
same time! I fixed it (without being able to check) to use two separate
structs to allow authentication using Negotiate on host and proxy
simultanouesly.
2007-11-20 23:17:08 +00:00
Daniel Stenberg
f3b85ef79d a bunch of new comments 2007-11-20 22:57:24 +00:00
Daniel Stenberg
50feea3eef Rearranged code and changed Curl_readwrite_init() and Curl_pre_readwrite() into
do_init() and do_complete() which now are called first and last in the DO
function. It simplified the flow in multi.c and the functions got more
sensible names!
2007-11-15 21:45:45 +00:00
Daniel Stenberg
c508d70258 Fixed a remaining problem with doing SFTP directory listings on a re-used
persistent connection. Mentioned by Immanuel Gregoire on the mailing list.
2007-11-12 23:04:44 +00:00
Daniel Stenberg
a29471d0f7 spell! 2007-11-08 10:25:23 +00:00
Daniel Stenberg
ba6f20a244 Bug report #1823487 (http://curl.haxx.se/bug/view.cgi?id=1823487) pointed
out that SFTP requests didn't use persistent connections. Neither did SCP
ones.  I gave the SSH code a good beating and now both SCP and SFTP should
use persistent connections fine. I also did a bunch for indent changes as
well as a bug fix for the "keyboard interactive" auth.
2007-11-08 10:22:49 +00:00
Daniel Stenberg
b9a7f4e502 Move connection-oriented variables from the SessionHandle struct to the
connectdata struct. This will in theory enable us to do persistent connections
with SCP+SFTP, but currently the state machine always (and wrongly) cleanup
everything in the 'done' action instead of in 'disconnect'. Also did a bunch
of indent fixes, if () => if() and a few other source cleanups like added
comments etc.
2007-11-05 09:30:45 +00:00
Daniel Stenberg
a3f958aaaa added clarifying comment 2007-10-24 21:09:59 +00:00
Daniel Stenberg
5b358603bd Michal Marek forwarded the bug report
https://bugzilla.novell.com/show_bug.cgi?id=332917 about a HTTP redirect to
FTP that caused memory havoc. His work together with my efforts created two
fixes:

#1 - FTP::file was moved to struct ftp_conn, because is has to be dealt with
     at connection cleanup, at which time the struct HandleData could be
     used by another connection.
     Also, the unused char *urlpath member is removed from struct FTP.

#2 - provide a Curl_reset_reqproto() function that frees
     data->reqdata.proto.* on connection setup if needed (that is if the
     SessionHandle was used by a different connection).
2007-10-22 15:05:35 +00:00
Patrick Monnerat
a005243908 Fix dynamic CURLOPT_POSTFIELDS bug: back to static.
CURLOPT_COPYPOSTFIELDS option added for dynamic.
Fix some OS400 features.
2007-10-15 18:32:01 +00:00
Patrick Monnerat
07b6e7363d Added per-protocol callback static tables, replacing callback ptr storage
in the connectdata structure by a single handler table ptr.
2007-10-12 13:36:37 +00:00
Daniel Stenberg
67d94514b0 Kim Rinnewitz reported that --local-port didn't work with TFTP transfers.
This happened because the tftp code always uncondionally did a bind()
without caring if one already had been done and then it failed. I wrote a
test case (1009) to verify this, but it is a bit error-prone since it will
have to pick a fixed local port number and since the tests are run on so
many different hosts in different situations I add it in disabled state.
2007-10-04 10:01:41 +00:00
Daniel Stenberg
ce1cfcb7a6 Alexey Pesternikov introduced CURLOPT_OPENSOCKETFUNCTION and
CURLOPT_OPENSOCKETDATA to set a callback that allows an application to replace
the socket() call used by libcurl. It basically allows the app to change
address, protocol or whatever of the socket. (I also did some whitespace
indent/cleanups in lib/url.c which kind of hides some of these changes, sorry
for mixing those in.)
2007-10-03 08:45:00 +00:00
Daniel Stenberg
51c6a5d43b Based on a patch brought by Johnny Luong, libcurl now offers
CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and the curl tool --hostpubmd5. They both make
the SCP or SFTP connection verify the remote host's md5 checksum of the public
key before doing a connect, to reduce the risk of a man-in-the-middle attack.
2007-10-03 08:00:42 +00:00
Daniel Stenberg
119364741e known bug #46: chunked-encoded CONNECT responses from a http proxy now works.
Added test case 1008 to verify. Note that #47 is still there.
2007-10-02 10:21:36 +00:00
Daniel Stenberg
fd4cf78f36 Philip Langdale provided the new CURLOPT_POST301 option for
curl_easy_setopt() that alters how libcurl functions when following
redirects. It makes libcurl obey the RFC2616 when a 301 response is received
after a non-GET request is made. Default libcurl behaviour is to change
method to GET in the subsequent request (like it does for response code 302
- because that's what many/most browsers do), but with this CURLOPT_POST301
option enabled it will do what the spec says and do the next request using
the same method again. I.e keep POST after 301.

The curl tool got this option as --post301

Test case 1011 and 1012 were added to verify.
2007-09-26 12:44:59 +00:00
Daniel Stenberg
a6315359d7 Max Katsev reported that when doing a libcurl FTP request with
CURLOPT_NOBODY enabled but not CURLOPT_HEADER, libcurl wouldn't do TYPE
before it does SIZE which makes it less useful. I walked over the code and
made it do this properly, and added test case 542 to verify it.
2007-09-26 12:00:01 +00:00
Daniel Stenberg
8c3f40ee32 Rob Crittenden provided an NSS update with the following highlights:
o It looks for the NSS database first in the environment variable SSL_DIR,
  then in /etc/pki/nssdb, then it initializes with no database if neither of
  those exist.

o If the NSS PKCS#11 libnspsem.so driver is available then PEM files may be
  loaded, including the ca-bundle. If it is not available then only
  certificates already in the NSS database are used.

o Tries to detect whether a file or nickname is being passed in so the right
  thing is done

o Added a bit of code to make the output more like the OpenSSL module,
  including displaying the certificate information when connecting in
  verbose mode

o Improved handling of certificate errors (expired, untrusted, etc)

The libnsspem.so PKCS#11 module is currently only available in Fedora
8/rawhide. Work will be done soon to upstream it. The NSS module will work
with or without it, all that changes is the source of the certificates and
keys.
2007-09-18 22:21:54 +00:00
Dan Fandrich
3fa60164af Renamed the CURLE_FTP_SSL_FAILED error code to CURLE_USE_SSL_FAILED.
Renamed the curl_ftpssl enum to curl_usessl and its enumerated constants,
creating macros for backward compatibility.
2007-08-31 19:36:32 +00:00
Dan Fandrich
523767660c Fixed some minor mismatched types found by splint. 2007-08-26 05:53:26 +00:00
Gunter Knauf
7f7e42732d added define PORT_LDAPS. 2007-08-15 16:17:32 +00:00
Daniel Stenberg
50c10aa5bf Patrick Monnerat and I modified libcurl so that now it *copies* all strings
passed to it with curl_easy_setopt()! Previously it has always just refered
to the data, forcing the user to keep the data around until libcurl is done
with it. That is now history and libcurl will instead clone the given
strings and keep private copies.
2007-08-01 21:20:01 +00:00
Daniel Stenberg
f1fa7b8ba4 Bug report #1759542 (http://curl.haxx.se/bug/view.cgi?id=1759542). A bad use
of a socket after it has been closed, when the FTP-SSL data connection is taken
down.
2007-07-29 12:54:05 +00:00
Daniel Stenberg
86ff3194fa added missing part for the qsossl support 2007-07-27 08:33:32 +00:00
Dan Fandrich
5ecd56d964 Implemented only the parts of Patrick Monnerat's OS/400 patch that renamed
some few internal identifiers to avoid conflicts, which could be useful on
other platforms.
2007-07-23 18:51:22 +00:00
James Housley
8026d94c07 * Finish moving sftp:// into a state machine so it won't block in multi mode
* Move scp:// into a state machine so it won't block in multi mode
* When available use the full directory entry from the sftp:// server
2007-07-10 22:26:32 +00:00
Daniel Stenberg
54967d2a3a Thomas J. Moore provided a patch that introduces Kerberos5 support in
libcurl. This also makes the options change name to --krb (from --krb4) and
CURLOPT_KRBLEVEL (from CURLOPT_KRB4LEVEL) but the old names are still
2007-07-01 22:01:18 +00:00
James Housley
4cd7f85410 Add two new options for the SFTP/SCP/FILE protocols: CURLOPT_NEW_FILE_PERMS
and CURLOPT_NEW_DIRECTORY_PERMS.  These control the premissions for files
and directories created on the remote server.  CURLOPT_NEW_FILE_PERMS
defaults to 0644 and CURLOPT_NEW_DIRECTORY_PERMS defaults to 0755
2007-06-27 20:15:48 +00:00
James Housley
f0b361ecc1 Change rsa and rsa_pub from static arrays in ssh_conn to be dynamically
allocated when needed
2007-06-19 11:31:33 +00:00
James Housley
ab7e7144ef * Updates for the latest version of libssh2, specifically
libssh2_sftp_shutdown() and libssh2_session_free() can now return
  LIBSSH2_ERROR_EAGAIN.

* Fix the _send() and _recv() return values so non-blocking works
2007-06-12 21:32:45 +00:00
James Housley
99e0597c7b Convert Curl_ssh_connect() to run in a state machine for
LIBSSH2_APINO >= 200706012030.  More to come...
2007-06-12 12:31:10 +00:00
Daniel Stenberg
bc1ae973da Robert Iakobashvili made the 'master_buffer' get allocated first once it is
can/will be used as it then makes the common cases save 16KB of data for each
easy handle that isn't used for pipelining.
2007-04-24 10:18:06 +00:00
Daniel Stenberg
76627b322e - Robert Iakobashvil added curl_multi_socket_action() to libcurl, which is a
function that deprecates the curl_multi_socket() function. Using the new
  function the application tell libcurl what action that was found in the
  socket that it passes in. This gives a significant performance boost as it
  allows libcurl to avoid a call to poll()/select() for every call to
  curl_multi_socket*().
2007-04-16 16:34:08 +00:00
Daniel Stenberg
5daa6b9367 Ravi Pratap provided fixes for HTTP pipelining 2007-04-10 20:46:40 +00:00
Daniel Stenberg
6c6e4710b5 Robert Iakobashvili made curl_multi_remove_handle() a lot faster when many
easy handles are added to a multi handle, by avoiding the looping over all
the handles to find which one to remove.
2007-04-01 08:24:23 +00:00
Daniel Stenberg
b819c72700 - Adam D. Moss made the HTTP CONNECT procedure less blocking when used from
the multi interface. Note that it still does a part of the connection in a
  blocking manner.
2007-02-25 11:38:13 +00:00
Yang Tse
9bf9617ad6 Fix compiler warnings
"case label value exceeds maximum value for type" and
"comparison is always false due to limited range of data type"

Both triggered when using a bool variable as the switch variable
in a switch statement and using enums for the case targets.
2007-02-22 06:19:39 +00:00
Linus Nielsen Feltzing
2f5e99ca02 New FTP CCC functionality - adds passive and active mode to accomodate for different server behaviour 2007-02-20 22:02:11 +00:00
Yang Tse
300cbc2e21 Michal Marek comment fix 2007-02-18 00:54:26 +00:00
Daniel Stenberg
dca8f962e0 maxdownload is actually -1 for unlimited 2007-02-16 15:27:49 +00:00
Daniel Stenberg
4efa0d9f68 ftp@example.com is now the new anonymous FTP password. I opted for 'ftp' on
the left side of @ to make it short(er).
2007-02-13 22:50:16 +00:00
Daniel Stenberg
7f70dbcad5 Rob Crittenden added support for NSS (Network Security Service) for the
SSL/TLS layer. http://www.mozilla.org/projects/security/pki/nss/
2007-02-12 22:32:37 +00:00
Daniel Stenberg
28b932fb4e - Shmulik Regev fixed so that the final CRLF of HTTP response headers are sent
to the debug callback.

- Shmulik Regev added CURLOPT_HTTP_CONTENT_DECODING and
  CURLOPT_HTTP_TRANSFER_DECODING that if set to zero will disable libcurl's
  internal decoding of content or transfer encoded content. This may be
  preferable in cases where you use libcurl for proxy purposes or similar. The
  command line tool got a --raw option to disable both at once.
2007-02-12 21:13:47 +00:00
Daniel Stenberg
91386937ff - Michael Wallner provided a patch that adds support for CURLOPT_TIMEOUT_MS
and CURLOPT_CONNECTTIMEOUT_MS that, as their names should hint, do the
  timeouts with millisecond resolution instead. The only restriction to that
  is the alarm() (sometimes) used to abort name resolves as that uses full
  seconds. I fixed the FTP response timeout part of the patch.

  Internally we now count and keep the timeouts in milliseconds but it also
  means we multiply set timeouts with 1000. The effect of this is that no
  timeout can be set to more than 2^31 milliseconds (on 32 bit systems), which
  equals 24.86 days.  We probably couldn't before either since the code did
  *1000 on the timeout values on several places already.
2007-02-05 22:51:32 +00:00
Daniel Stenberg
138b4f27b4 - Manfred Schwarb reported that socks5 support was broken and help us pinpoint
the problem. The code now tries harder to use httproxy and proxy where
  apppropriate, as not all proxies are HTTP...
2007-02-03 09:33:54 +00:00
Daniel Stenberg
385e612fa5 - Armel Asselin improved libcurl to behave a lot better when an easy handle
doing an FTP transfer is removed from a multi handle before completion. The
  fix also fixed the "alive counter" to be correct on "premature removal" for
  all protocols.
2007-01-16 22:22:10 +00:00
Daniel Stenberg
4750e6f3c5 - Linus Nielsen Feltzing introduced the --ftp-ssl-ccc command line option to
curl that uses the new CURLOPT_FTP_SSL_CCC option in libcurl. If enabled, it
  will make libcurl shutdown SSL/TLS after the authentication is done on a
  FTP-SSL operation.
2007-01-05 23:11:14 +00:00
Daniel Stenberg
bedc61ac45 - Robert Foreman provided a prime example snippet showing how libcurl would
get confused and not acknowledge the 'no_proxy' variable properly once it
  had used the proxy and you re-used the same easy handle. I made sure the
  proxy name is properly stored in the connect struct rather than the
  sessionhandle/easy struct.
2006-12-22 15:04:59 +00:00
Daniel Stenberg
89ab5f4380 Robson Braga Araujo reported bug #1618359
(http://curl.haxx.se/bug/view.cgi?id=1618359) and subsequently provided a
patch for it: when downloading 2 zero byte files in a row, curl 7.16.0
enters an infinite loop, while curl 7.16.1-20061218 does one additional
unnecessary request.

Fix: During the "Major overhaul introducing http pipelining support and
shared connection cache within the multi handle." change, headerbytecount
was moved to live in the Curl_transfer_keeper structure. But that structure
is reset in the Transfer method, losing the information that we had about
the header size. This patch moves it back to the connectdata struct.
2006-12-21 10:15:38 +00:00
Daniel Stenberg
cf99fed17a PROT_CLOSEACTION doesn't have to be its own bit but can just as well just
include the protocol bits of such actions, which currently only means FTP
2006-12-11 09:31:08 +00:00
Daniel Stenberg
840e796aa9 Sebastien Willemijns reported bug #1603712
(http://curl.haxx.se/bug/view.cgi?id=1603712) which is about connections
getting cut off prematurely when --limit-rate is used. While I found no such
problems in my tests nor in my reading of the code, I found that the
--limit-rate code was severly flawed (since it was moved into the lib, since
7.15.5) when used with the easy interface and it didn't work as documented so
I reworked it somewhat and now it works for my tests.
2006-12-06 09:37:40 +00:00
Daniel Stenberg
eb29c5c285 removed the final traces of the closepolicy option 2006-12-05 21:39:24 +00:00
Daniel Stenberg
a634f64400 James Housley did lots of work and introduced SFTP downloads. 2006-11-24 22:14:39 +00:00
Daniel Stenberg
a777eb3d81 Olaf Stueben provided a patch that I edited slightly. It fixes the notorious
KNOWN_BUGS #25, which happens when a proxy closes the connection when
libcurl has sent CONNECT, as part of an authentication negotiation. Starting
now, libcurl will re-connect accordingly and continue the authentication as
it should.
2006-11-03 12:43:55 +00:00
Daniel Stenberg
2147284cad James Housley brought support for SCP transfers 2006-11-02 21:56:40 +00:00
Daniel Stenberg
e1edd41e1b Ravi Pratap provided a major update with pipelining fixes. We also no longer
re-use connections (for pipelining) before the name resolving is done.
2006-10-23 20:34:56 +00:00
Daniel Stenberg
bd5d21aaf2 When a resolve is made on a pipelined connection we need to detect it properly
(when the resoling isn't completede yet) and not confuse it with a simple
connection re-use (non-pipelined).
2006-10-20 12:25:39 +00:00
Daniel Stenberg
5e0d9aea32 Support for FTP third party transfers is now dropped 2006-09-30 20:31:11 +00:00
Daniel Stenberg
ae13c93b7d Reported in #1561470 (http://curl.haxx.se/bug/view.cgi?id=1561470), libcurl
would crash if a bad function sequence was used when shutting down after
using the multi interface (i.e using easy_cleanup after multi_cleanup) so
precautions have been added to make sure it doesn't any more - test case 529
was added to verify.
2006-09-28 21:26:06 +00:00
Daniel Stenberg
2d5fc39d35 Resize the connection cache upwards when adding more handles than what
currently fits in the cache, to make the cache work better especially for
pipelining cases but also for "mere" (persistent) connection re-use.
2006-09-16 21:50:29 +00:00
Daniel Stenberg
29dc39fce1 - Fixed my breakage from earlier today so that doing curl_easy_cleanup() on a
handle that is part of a multi handle first removes the handle from the
  stack.

- Added CURLOPT_SSL_SESSIONID_CACHE and --no-sessionid to disable SSL
  session-ID re-use on demand since there obviously are broken servers out
  there that misbehave with session-IDs used.
2006-09-11 17:18:18 +00:00
Daniel Stenberg
8240cea628 Jeff Pohlmeyer presented a *multi_socket()-using program that exposed a
problem with it (SIGSEGV-style). It clearly showed that the existing
  socket-state and state-difference function wasn't good enough so I rewrote
  it and could then re-run Jeff's program without any crash. The previous
  version clearly could miss to tell the application when a handle changed
  from using one socket to using another.

  While I was at it (as I could use this as a means to track this problem
  down), I've now added a 'magic' number to the easy handle struct that is
  inited at curl_easy_init() time and cleared at curl_easy_cleanup() time that
  we can use internally to detect that an easy handle seems to be fine, or at
  least not closed or freed (freeing in debug builds fill the area with 0x13
  bytes but in normal builds we can of course not assume any particular data
  in the freed areas).
2006-09-10 22:15:32 +00:00
Daniel Stenberg
b7eeb6e67f Major overhaul introducing http pipelining support and shared connection
cache within the multi handle.
2006-09-07 21:49:20 +00:00
Gisle Vanem
e2ff369eba BUFSIZE defined in Metaware's <stdio.h>. Undefine to avoid warning. 2006-08-29 16:27:13 +00:00
Daniel Stenberg
5acadc9cd7 David McCreedy added CURLOPT_SOCKOPTFUNCTION and CURLOPT_SOCKOPTDATA to
allow applications to set their own socket options.
2006-08-29 14:39:33 +00:00
Daniel Stenberg
cfdcae4bc7 Based on a patch by Armel Asselin, the FTP code no longer re-issues the TYPE
command on subsequent requests on a re-used connection unless it has to.
2006-08-19 21:18:36 +00:00
Daniel Stenberg
a4ebf5b507 Fixed a flaw in the "Expect: 100-continue" treatment. If you did two POSTs
on a persistent connection and allowed the first to use that header, you
could not disable it for the second request.
2006-08-08 21:12:49 +00:00
Daniel Stenberg
2527b53019 Dan Nelson added the CURLOPT_FTP_ALTERNATIVE_TO_USER libcurl option and curl
tool option named --ftp-alternative-to-user. It provides a mean to send a
particular command if the normal USER/PASS approach fails.
2006-07-25 22:45:21 +00:00
Daniel Stenberg
ca319f63ad Ingmar Runge provided a source snippet that caused a crash. The reason for
the crash was that libcurl internally was a bit confused about who owned the
DNS cache at all times so if you created an easy handle that uses a shared
DNS cache and added that to a multi handle it would crash. Now we keep more
careful internal track of exactly what kind of DNS cache each easy handle
uses: None, Private (allocated for and used only by this single handle),
Shared (points to a cache held by a shared object), Global (points to the
global cache) or Multi (points to the cache within the multi handle that is
automatically shared between all easy handles that are added with private
caches).
2006-07-07 22:58:06 +00:00
Daniel Stenberg
dfe1884c25 Peter Silva introduced CURLOPT_MAX_SEND_SPEED_LARGE and
CURLOPT_MAX_RECV_SPEED_LARGE that limit tha maximum rate libcurl is allowed
to send or receive data. This kind of adds the the command line tool's
option --limit-rate to the library.

The rate limiting logic in the curl app is now removed and is instead
provided by libcurl itself. Transfer rate limiting will now also work for -d
and -F, which it didn't before.
2006-06-22 21:36:53 +00:00
Daniel Stenberg
482b3ba702 long/int cleanup to silence picky compiler warnings 2006-05-26 11:26:42 +00:00
Daniel Stenberg
b9cd73c76d Fix GnuTLS compile warning. Risking breakage with some older version of GnuTLS? 2006-05-07 18:27:36 +00:00
Daniel Stenberg
def0db30e7 crlf_conversions needs to be a curl_off_t for ASCII transfers > 4GB on 32bit
systems
2006-04-26 13:08:12 +00:00
Daniel Stenberg
95152aec68 David McCreedy brought line end conversions when doing FTP ASCII
transfers. They are done on non-windows systems and translate CRLF to LF.
2006-04-26 07:40:37 +00:00
Daniel Stenberg
686d90745b First curl_multi_socket() commit. Should primarily be considered as an internal
code rearrange to fit the future better.
2006-04-10 15:00:53 +00:00
Daniel Stenberg
5a4b43848a First commit of David McCreedy's EBCDIC and TPF changes. 2006-04-07 21:50:47 +00:00
Daniel Stenberg
4d33cf739d added typedefed function pointers and typecast the NULL assignments in an
attempt to silence picky compilers when assigning data pointers to a function
pointer variable
2006-04-07 11:47:21 +00:00
Daniel Stenberg
be285cde3f Michele Bini modified the NTLM code to work for his "weird IIS case"
(http://curl.haxx.se/mail/lib-2006-02/0154.html) by adding the NTLM hash
function in addition to the LM one and making some other adjustments in the
order the different parts of the data block are sent in the Type-2 reply.
Inspiration for this work was taken from the Firefox NTLM implementation.

I edited the existing 21(!) NTLM test cases to run fine with these news. Due
to the fact that we now properly include the host name in the Type-2 message
the test cases now only compare parts of that chunk.
2006-04-05 12:35:48 +00:00
Daniel Stenberg
598ffeea89 David McCreedy added CURLINFO_FTP_ENTRY_PATH to export the FTP entry path 2006-03-21 22:30:03 +00:00
Daniel Stenberg
83367f67de Xavier Bouchoux made the SSL connection non-blocking for the multi interface
(when using OpenSSL).
2006-03-21 21:54:44 +00:00
Daniel Stenberg
cffebd7fd6 Markus Koetter filed debian bug report #355715 which identified a problem
with the multi interface and multi-part formposts. The fix from February
22nd could make the Curl_done() function get called twice on the same
connection and it was not designed for that and thus tried to call free() on
an already freed memory area!
2006-03-07 23:11:41 +00:00
Daniel Stenberg
87bcb6f377 Karl M added the CURLOPT_CONNECT_ONLY and CURLINFO_LASTSOCKET options that
an app can use to let libcurl only connect to a remote host and then extract
the socket from libcurl. libcurl will then not attempt to do any transfer at
all after the connect is done.
2006-02-11 22:35:16 +00:00
Daniel Stenberg
2fbf94b0f3 Added CURLOPT_LOCALPORT and CURLOPT_LOCALPORTRANGE to libcurl. Set with the
curl tool with --local-port. Plain and simply set the range of ports to bind
the local end of connections to. Implemented on to popular demand.

Not extensively tested. Please let me know how it works.
2006-01-30 08:24:07 +00:00
Daniel Stenberg
fcfd6d9504 Duane Cathey was one of our friends who reported that curl -P [IP]
(CURLOPT_FTPPORT) didn't work for ipv6-enabed curls if the IP wasn't a
"native" IP while it works fine for ipv6-disabled builds!

In the process of fixing this, I removed the support for LPRT since I can't
think of many reasons to keep doing it and asking on the mailing list didn't
reveal anyone else that could either. The code that sends EPRT and PORT is
now also a lot simpler than before (IMHO).
2006-01-19 23:52:03 +00:00
Daniel Stenberg
67a83c1b34 David Shaw finally removed all traces of Gopher and we are now officially
not supporting it. It hasn't been functioning for years anyway, so this is
just finally stating what already was true. And a cleanup at the same time.
2006-01-16 22:14:37 +00:00
Daniel Stenberg
4431338691 When using a bad path over FTP, as in when libcurl couldn't CWD into all
given subdirs, libcurl would still "remember" the full path as if it is the
current directory libcurl is in so that the next curl_easy_perform() would
get really confused if it tried the same path again - as it would not issue
any CWD commands at all, assuming it is already in the "proper" dir.

Starting now, a failed CWD command sets a flag that prevents the path to be
"remembered" after returning.
2006-01-10 23:03:22 +00:00
Daniel Stenberg
0fd282b078 new experimental "ftp method" code 2005-11-28 23:06:00 +00:00
Daniel Stenberg
966fa848a0 Nis Jorgensen filed bug report #1338648
(http://curl.haxx.se/bug/view.cgi?id=1338648) which really is more of a
feature request, but anyway. It pointed out that --max-redirs did not allow
it to be set to 0, which then would return an error code on the first
Location: found. Based on Nis' patch, now libcurl supports CURLOPT_MAXREDIRS
set to 0, or -1 for infinity. Added test case 274 to verify.
2005-10-27 22:05:38 +00:00
Daniel Stenberg
e7093b3ca8 keep 'socktype' in the connectdata struct and make sure we use that for all
protocol sockets even if the resolved address may say otherwise
2005-09-16 21:30:08 +00:00
Daniel Stenberg
7e845e7cfd Added FTP_SKIP_PASV_IP and --ftp-skip-pasv-ip 2005-09-04 05:16:06 +00:00
Daniel Stenberg
56d9624b56 John Kelly added TFTP support to libcurl. A bunch of new error codes was
added. TODO: add them to docs. add TFTP server to test suite. add TFTP to
list of protocols whereever those are mentioned.
2005-09-02 15:11:08 +00:00
Daniel Stenberg
5effe8f336 Simon Josefson brought GNU GSS support 2005-08-29 08:42:45 +00:00
Daniel Stenberg
a4773fcbbb Toby Peterson added CURLOPT_IGNORE_CONTENT_LENGTH to the library, accessible
from the command line tool with --ignore-content-length. This will make it
easier to download files from Apache 1.x (and similar) servers that are
still having problems serving files larger than 2 or 4 GB. When this option
is enabled, curl will simply have to wait for the server to close the
connection to signal end of transfer. I wrote test case 269 that runs a
simple test that this works.
2005-08-24 10:57:28 +00:00
Daniel Stenberg
465e19dbe9 Adrian Schuur added trailer support in the chunked encoding stream. The
trailer is then sent to the normal header callback/stream.
2005-07-12 18:15:34 +00:00
Daniel Stenberg
01165e08e0 Fred New reported a bug where we used Basic auth and user name and password in
.netrc, and when following a Location: the subsequent requests didn't properly
use the auth as found in the netrc file. Added test case 257 to verify my fix.
2005-04-25 21:39:48 +00:00
Daniel Stenberg
fb3c85ab2f fixed the 304 response-with-content-length problem reported by Cory Nelson 2005-04-08 16:59:13 +00:00
Daniel Stenberg
6e61939382 GnuTLS support added. There's now a "generic" SSL layer that we use all over
internally, with code provided by sslgen.c. All SSL-layer-specific code is
then written in ssluse.c (for OpenSSL) and gtls.c (for GnuTLS).

As far as possible, internals should not need to know what SSL layer that is
in use. Building with GnuTLS currently makes two test cases fail.

TODO.gnutls contains a few known outstanding issues for the GnuTLS support.

GnuTLS support is enabled with configure --with-gnutls
2005-04-07 15:27:13 +00:00
Daniel Stenberg
84b4e9ff7c Fixed the FTP response reader function to properly deal with responses split
up in several chunks when read.
2005-03-29 11:35:25 +00:00
Daniel Stenberg
34865ffb4a include security.h with lowercase s to work on cross-compiled mingw 2005-03-14 00:01:30 +00:00
Gisle Vanem
88a4dc2795 Swap <security.h> and <sspi.h> (needed for MingW). 2005-03-12 17:31:15 +00:00