Commit Graph

218 Commits

Author SHA1 Message Date
Daniel Stenberg
861b5e608b mention buffer overflows fixed 2005-03-03 13:13:21 +00:00
Daniel Stenberg
5ba188ab2d Ralph Mitchell reported a flaw when you used a proxy with auth, and you
requested data from a host and then followed a redirect to another
host. libcurl then didn't use the proxy-auth properly in the second request,
due to the host-only check for original host name wrongly being extended to
the proxy auth as well. Added test case 233 to verify the flaw and that the
fix removed the problem.
2005-02-18 23:53:07 +00:00
Daniel Stenberg
eadfd78c2e socket leak, mingw build 2005-02-18 11:54:52 +00:00
Daniel Stenberg
ac022b2e30 Christopher R. Palmer reported a problem with HTTP-POSTing using "anyauth"
that picks NTLM. Thanks to David Byron letting me test NTLM against his
servers, I could quickly repeat and fix the problem. It turned out to be:

When libcurl POSTs without knowing/using an authentication and it gets back a
list of types from which it picks NTLM, it needs to either continue sending
its data if it keeps the connection alive, or not send the data but close the
connection. Then do the first step in the NTLM auth. libcurl didn't send the
data nor close the connection but simply read the response-body and then sent
the first negotiation step. Which then failed miserably of course. The fixed
version forces a connection if there is more than 2000 bytes left to send.
2005-02-16 14:31:23 +00:00
Daniel Stenberg
e7cefd684b Removed all uses of strftime() since it uses the localised version of the
week day names and month names and servers don't like that.
2005-02-11 00:03:49 +00:00
Daniel Stenberg
d2485e4f20 valgrind stuff for test suite, vms build and more 2005-02-10 08:57:23 +00:00
Daniel Stenberg
0d9301539e and we start over again 2005-02-01 08:46:06 +00:00
Daniel Stenberg
4a9e12542d 7.13 coming up 2005-02-01 07:54:36 +00:00
Daniel Stenberg
064bc3ecbc Stephen More pointed out that CURLOPT_FTPPORT and the -P option didn't work
when built ipv6-enabled. I've now made a fix for it. Writing test cases for
custom port strings turned too tricky so unfortunately there's none.
2005-01-28 08:26:36 +00:00
Daniel Stenberg
177dbc7be0 Ian Ford asked about support for the FTP command ACCT, and I discovered it is
present in RFC959... so now (lib)curl supports it as well. --ftp-account and
CURLOPT_FTP_ACCOUNT set the account string. (The server may ask for an account
string after PASS have been sent away. The client responds with "ACCT [account
string]".) Added test case 228 and 229 to verify the functionality. Updated
the test FTP server to support ACCT somewhat.
2005-01-25 22:13:12 +00:00
Daniel Stenberg
fad6e5a5bc new web mirror 2005-01-25 13:59:48 +00:00
Daniel Stenberg
4f7e958969 two options less 2005-01-23 00:08:56 +00:00
Daniel Stenberg
7e42cb61f7 FTP third transfer support overhaul. See CHANGES for details. 2005-01-21 09:32:32 +00:00
Daniel Stenberg
7472ede32a Philippe Hameau found out that -Q "+[command]" didn't work, although some code
was written for it. I fixed and added test case 227 to verify it.  The curl.1
man page didn't mention the '+' so I added it.
2005-01-20 22:22:12 +00:00
Daniel Stenberg
01205f772c today's proxy fixes 2005-01-19 18:05:56 +00:00
Daniel Stenberg
b1080f7c9a Cody Jones' enhanced version of Samuel Daz Garca's MSVC makefile patch. 2005-01-18 10:17:34 +00:00
Daniel Stenberg
ae03fa7d8e mention the name-prefix protocol guess thing 2005-01-17 14:57:21 +00:00
Daniel Stenberg
0e26355348 Inspired by Martijn Koster's patch and example source at
http://www.greenhills.co.uk/mak/gentoo/curl-eintr-bug.c, I now made the
select() and poll() calls properly loop if they return -1 and errno is
EINTR. glibc docs for this is found here:
http://www.gnu.org/software/libc/manual/html_node/Interrupted-Primitives.html

This last link says BSD doesn't have this "effect". Will there be a problem
if we do this unconditionally?
S: ----------------------------------------------------------------------
2005-01-13 21:51:48 +00:00
Daniel Stenberg
c5b2e85b47 Dan Torop cleaned up a few no longer used variables from David Phillips'
select() overhaul fix.
2005-01-11 20:22:44 +00:00
Daniel Stenberg
29102befa6 Cyrill Osterwalder posted a detailed analysis about a bug that occurs when
using a custom Host: header and curl fails to send a request on a re-used
persistent connection and thus creates a new connection and resends it. It
then sent two Host: headers. Cyrill's analysis was posted here:
http://curl.haxx.se/mail/archive-2005-01/0022.html
2005-01-11 14:00:45 +00:00
Daniel Stenberg
9d1145598a Bruce Mitchener identified (bug report #1099640) the never-ending SOCKS5
problem with the version byte and the check for bad versions. Bruce has lots
of clues on this, and based on his suggestion I've now removed the check of
that byte since it seems to be able to contain 1 or 5.
2005-01-10 23:32:14 +00:00
Daniel Stenberg
3ac00f32af edited wording 2005-01-10 11:27:02 +00:00
Daniel Stenberg
21bb852750 Pavel Orehov reported memory problems with the multi interface in bug report
#1098843. In short, a shared DNS cache was setup for a multi handle and when
the shared cache was deleted before the individual easy handles, the latter
cleanups caused read/writes to already freed memory.
2005-01-10 10:07:07 +00:00
Daniel Stenberg
83bab78bda Hzhijun reported a memory leak in the SSL certificate code, that leaked the
remote certificate name when it didn't match the used host name.
2005-01-10 09:48:39 +00:00
Daniel Stenberg
7b4bf6a22c three recent bug fixes 2005-01-07 21:14:57 +00:00
Daniel Stenberg
8127a34f98 recent events 2005-01-05 14:12:06 +00:00
Daniel Stenberg
b7d92c3e03 --protocols, license, src/config.h.in 2004-12-25 22:30:31 +00:00
Daniel Stenberg
814d176b86 recent changes
and Merry Christmas!
2004-12-23 22:31:39 +00:00
Daniel Stenberg
a142d419d2 and we start all over again 2004-12-20 12:51:14 +00:00
Daniel Stenberg
c6f6e81238 clarified a few changes 2004-12-19 10:11:03 +00:00
Daniel Stenberg
8ad47a13e5 Samuel Listopad added support for PKCS12 formatted certificates. 2004-12-18 10:42:48 +00:00
Daniel Stenberg
26cfb21c00 several windows large-file fixes 2004-12-16 22:22:26 +00:00
Daniel Stenberg
d3b414724b Dinar in bug report #1086121, found a file handle leak when a multipart
formpost (including a file upload part) was aborted before the whole file was
sent.
2004-12-16 09:52:36 +00:00
Daniel Stenberg
8847e61fca yet another mirror! 2004-12-15 14:09:52 +00:00
Daniel Stenberg
d88b3d3d5d fixed how backslashes are treated in glob strings 2004-12-15 09:23:24 +00:00
Daniel Stenberg
0d0d5e7ee3 Harshal Pradhan fixed changing username/password on a persitent HTTP
connection.
2004-12-14 21:22:51 +00:00
Daniel Stenberg
1687a9eb94 large file file:// resumes on windows 2004-12-13 10:58:37 +00:00
Daniel Stenberg
9b3b7ad22e HTTP IPv6 support added to the test suite 2004-12-11 21:41:00 +00:00
Daniel Stenberg
6b7f6369ec username and IPv6 numerical address URL parser fix 2004-12-10 21:42:55 +00:00
Daniel Stenberg
a7488672bf configure and curl-config fixes 2004-12-10 09:46:14 +00:00
Daniel Stenberg
80a324386b Rene Bernhardt found and fixed a buffer overrun in the NTLM code, where
libcurl always and unconditionally overwrote a stack-based array with 3 zero
bytes. I edited the fix to make it less likely to occur again (and added
a comment explaining the reason to the buffer size).
2004-12-07 23:09:41 +00:00
Daniel Stenberg
ac269a8f68 Dan Fandrich added the --disable-cookies option to configure to build
libcurl without cookie support. This is mainly useful if you want to build a
minimalistic libcurl with no cookies support at all. Like for embedded
systems or similar.
2004-12-05 23:59:32 +00:00
Daniel Stenberg
35944744f8 Richard Atterer fixed libcurl's way of dealing with the EPSV
response. Previously, libcurl would re-resolve the host name with the new
port number and attempt to connect to that, while it should use the IP from
the control channel. This bug made it hard to EPSV from an FTP server with
multiple IP addresses!
2004-12-05 23:33:33 +00:00
Daniel Stenberg
b7ff86fa2b credit where credit is due 2004-12-03 11:06:05 +00:00
Daniel Stenberg
2c27e4ee76 Bug report #1078066: when a chunked transfer was pre-maturely closed exactly
at a chunk boundary it was not considered an error and thus went unnoticed.
Added test case 207 to verify.
2004-12-03 09:31:25 +00:00
Daniel Stenberg
6bb215f56c recent changes 2004-11-30 10:21:25 +00:00
Daniel Stenberg
93aa22ea08 --disable-epsv when connecting to an IPv6 ftp server 2004-11-29 21:45:25 +00:00
Daniel Stenberg
4c8fbe9abf spell 2004-11-29 08:47:33 +00:00
Daniel Stenberg
9a0d5c4ed8 progress meter newline 2004-11-26 21:35:14 +00:00
Daniel Stenberg
bf51f05a50 FTP improvements:
If EPSV, EPRT or LPRT is tried and doesn't work, it will not be retried on
the same server again even if a following request is made using a persistent
connection.

If a second request is made to a server, requesting a file from the same
directory as the previous request operated on, libcurl will no longer make
that long series of CWD commands just to end up on the same spot. Note that
this is only for *exactly* the same dir. There is still room for improvements
to optimize the CWD-sending when the dirs are only slightly different.

Added test 210, 211 and 212 to verify these changes. Had to improve the
test script too and added a new primitive to the test file format.
2004-11-25 22:21:49 +00:00