Commit Graph

14527 Commits

Author SHA1 Message Date
Daniel Stenberg
6c4216b2a7 RELEASE-NOTES: synced with 10120e6a
one more bug fix and contributor
2011-11-12 10:09:54 +01:00
Daniel Stenberg
10120e6ab5 progress_cb: avoid buffer overflow
The progress bar output function would blindly use the terminal width
without bounds checking. When using a very wide terminal that caused a
buffer overflow and segfault.

We now limit the max bar with to 255 columns, and I simplified the code
to avoid an extra snprintf and buffer.

Bug: http://curl.haxx.se/bug/view.cgi?id=3435710
Reported by: Alexey Zakhlestin
2011-11-11 19:57:49 +01:00
Yang Tse
082e8a3b03 Active mode FTP test cases with server not establishing data connection
591 -> FTP multi PORT and 425 on upload
592 -> FTP multi PORT and 421 on upload
593 -> FTP multi PORT upload, no data conn and no transient neg. reply
594 -> FTP multi PORT upload, no data conn and no positive prelim. reply

1206 -> FTP PORT and 425 on download
1207 -> FTP PORT and 421 on download
1208 -> FTP PORT download, no data conn and no transient negative reply
1209 -> FTP PORT download, no data conn and no positive preliminary reply
2011-11-11 19:46:44 +01:00
Guenter Knauf
fd765c627f Fix to skip untrusted certs. 2011-11-08 05:46:46 +01:00
Daniel Stenberg
c8ffb4049a RELEASE-NOTES: synced with e3166df1bb
4 new bugfixes, 2 more contributors
2011-11-06 23:42:28 +01:00
Daniel Stenberg
e3166df1bb ftp PORT: don't hang if bind() fails
When the user requests PORT with a specific port or port range, the code
could lock up in an endless loop. There's now an extra conditional that
makes sure to special treat the error and try the local address only
once so a second failure will abort the loop correctly.

Bug: http://curl.haxx.se/bug/view.cgi?id=3433968
Reported by: Gokhan Sengun
2011-11-06 23:02:27 +01:00
Daniel Stenberg
06a83e8050 pingpong: change two comments wrongly referring "FTP"
Just a sign of where the code originally was ripped out from. Now it is
generic "pingpong".
2011-11-06 17:38:36 +01:00
Daniel Stenberg
2c09d21fdf test 590: verify the bug fix in 4851dafcf1
This test is created to verify Rene Bernhardt's patch which makes sure
libcurl properly _not_ deals with Negotiate if not asked to even if the
proxy says it can serve it.
2011-11-06 17:28:28 +01:00
Rene Bernhardt
4851dafcf1 HTTP auth: fix proxy Negotiate bug
If a proxy offers several Authentication schemes where NTLM and
Negotiate are offered by the proxy and you tell libcurl not to use the
Negotiate scheme then the request never returns when the proxy answers
with its HTTP 407 reply.

It is reproducible by the following steps:

- Use a proxy that offers NTLM and Negotiate ( CURLOPT_PROXY and
CURLOPT_PROXYPORT )

- Tell libcurl NOT to use Negotiate CURL_EASY_SETOPT(CURLOPT_PROXYAUTH,
CURLAUTH_BASIC | CURLAUTH_DIGEST | CURLAUTH_NTLM )

- Start the request

The call to CURL_EASY_PERFORM never returns. If you switch on debug
logging you can see that libcurl issues a new request As soon as it
received the 407 reply. Instead it should return and set the response
code to 407.

Bug: http://curl.haxx.se/mail/lib-2011-10/0323.html
2011-11-06 17:19:37 +01:00
Yang Tse
73029dca5a ssluse.c: fix calling of OpenSSL's ERR_remove_state(0)
Move calling of ERR_remove_state(0) a.k.a ERR_remove_thread_state(NULL)
from Curl_ossl_close_all() to Curl_ossl_cleanup().

In this way ERR_remove_state(0) is now only called in libcurl by
curl_global_cleanup(). Previously it would get called by functions
curl_easy_cleanup(), curl_multi_cleanup and potentially each time a
connection was removed from a connection cache leading to premature
destruction of OpenSSL's thread local state hash.

Multi-threaded apps using OpenSSL enabled libcurl should still call
function ERR_remove_state(0) or ERR_remove_thread_state(NULL) at the
very end end of threads that do not call curl_global_cleanup().
2011-11-04 13:08:37 +01:00
Yang Tse
5b57c54416 tool_cb_wrt.c: disambiguate warning message 2011-11-03 23:26:38 +01:00
Yang Tse
7fe9a50ab5 tool_cfgable.c: pending check done 2011-11-03 23:21:01 +01:00
Yang Tse
6fa6567b92 url.c and file.c: fix OOM triggered segfault 2011-11-03 21:56:51 +01:00
Daniel Stenberg
93e57d0628 rename ftp_ssl: the struct field is used for many protocols
Now called 'use_ssl' instead, which better matches the current CURLOPT
name and since the option is used for all pingpong protocols (at least)
it makes sense to not use 'ftp' in the name.
2011-11-03 09:54:12 +01:00
Daniel Stenberg
a873b95c21 gtls_connect_step1: remove use of deprecated functions
Use gnutls_priority_set_direct() instead of gnutls_protocol_set_priority().

Remove the gnutls_certificate_type_set_priority() use since x509 is the
default certificate type anyway.

Reported by: Vincent Torri
2011-11-02 22:44:22 +01:00
Yang Tse
6bdeca967d url.c and transfer.c: nullify connection pointer when free()'ed 2011-11-02 22:34:41 +01:00
Yang Tse
3f5e267b9d FTP test server: NODATACONN commands follow-up
Make NODATACONN425 and NODATACONN421 return a 150 positive preliminary reply
before 425 or 421.

New NODATACONN150 returns 150 without further positive nor negative reply

Now NODATACONN doesn't reply anything at all.
2011-11-02 13:38:31 +01:00
Yang Tse
f7dfe2b87a multi.c: OOM handling fix 2011-11-01 14:38:21 +01:00
Yang Tse
af425efe83 FTP test server: NODATACONN commands follow-up
Make NODATACONN custom commands apply to both active and passive FTP,
and ensure 425 and 421 are not returned unless data channel usage is
attempted.
2011-11-01 14:11:36 +01:00
Yang Tse
9cfc0c73a7 tool_cb_see.h: fix compiler warning 2011-11-01 12:53:23 +01:00
Yang Tse
49e3b2e03a setup.h: fix compiler warning 2011-10-31 22:42:43 +01:00
Yang Tse
8bfc3a800a FTP test server: NODATACONN commands commit c761fcb0 follow-up
Adjustments that make NODATACONN custom commands fully usable.
2011-10-31 07:29:13 +01:00
Dave Reisner
b24c28e6c2 doc/curl.1: fix sentence with ending for -# option
Try to be a little more descriptive about the effect of this flag,
rather than parroting what was said in the paragraph just above.
2011-10-30 19:43:38 +01:00
Yang Tse
0b315c1cf1 FTP test server: fix server unresponsiveness
Some torture tests left FTP test server in an unresponsive state, resulting
in torture tests that actually completed following unexpected code paths.

Changes in this commit solely address this issue and some adjustments for
ftpserver.pl logging relative to data channel establishment and tear down.
Pending NODATACONN relative adjustments reserved for a further commit.
2011-10-30 17:12:20 +01:00
Yang Tse
e2928e1555 runtests.pl: running server checks - commit 4464583a follow-up
Ensure verification takes place with no server commands file.
Ignore verbose setting for running server precheck.
Tweak unresponsive server message, to allow detection by haxx.se scripts.
2011-10-30 16:45:14 +01:00
Yang Tse
f5bb370186 gtls.c: gnutls_transport_set_global_errno() deprecated in version 2.12.3 2011-10-29 14:58:50 +02:00
Yang Tse
bae4e3f035 runtests.pl: running server checks - commit 3676ec96 follow-up
Fix called sub when checking TFTP server, and adjust message.
2011-10-28 15:59:36 +02:00
Yang Tse
3676ec9680 runtests.pl: running server checks - commit 4464583a follow-up
Extended server checks to others in addition to pingpong when torture testing.
2011-10-28 00:05:16 +02:00
Yang Tse
8ccf7bf8d7 lib589.c: add CURLOPT_READDATA missing stuff 2011-10-27 22:00:23 +02:00
Yang Tse
c761fcb055 ftpserver.pl: three new custom FTP server commands to disable data channel
NODATACONN421: applies only to active FTP mode, instructs server to not
establish data connection back to client and reply with FTP 421.

NODATACONN425: applies only to active FTP mode, instructs server to not
establish data connection back to client and reply with FTP 425.

NODATACONN: applies to both active and passive FTP modes, instructs server
to not establish nor accept a data channel and fool client into believing
that the data channel connection is possible.

Some polishing probably required.
2011-10-27 21:59:00 +02:00
Yang Tse
ddeab48245 multi.c: OOM handling fix
Fix curl_multi_cleanup() segfault when using weird cleanup sequence.
2011-10-27 17:08:02 +02:00
Daniel Stenberg
b0d42da26b multi: start ftp state machine when switching to DO_MORE
This extends the fix from commit d7934b8bd4

When the multi state is changed within the multi_runsingle from DOING to
DO_MORE, we didn't immediately start the FTP state machine again. That
then left the FTP state in FTP_STOP. When curl_multi_fdset() was
subsequently called, the ftp_domore_getsock() function would return the
wrong fd info.

Reported by: Gokhan Sengun
2011-10-27 12:46:29 +02:00
Daniel Stenberg
120025b7f8 libcurl-multi.3: update the list of areas still blocking 2011-10-27 09:22:15 +02:00
Yang Tse
692f344118 test 589: active FTP upload using multi timeout and EPRT disabled server 2011-10-26 18:57:14 +02:00
Yang Tse
51e5a2bf3f multi tests: OOM handling fixes - commit 629d2e34 follow-up 2011-10-26 18:57:14 +02:00
Patrick Monnerat
8165e05f29 - Prepare the ILE/RPG binding and OS400 documentation for the upcoming release 2011-10-26 14:48:20 +02:00
Daniel Stenberg
4c88866737 RELEASE-NOTES: synced with 4464583a6e
5 more bug fixes, 4 additional contributors
2011-10-25 23:28:30 +02:00
Yang Tse
4464583a6e runtests.pl: running server checks
When running torture tests, verify before each test case that required
pingpong servers which are supposed to be alive are actually responsive.
If found not responsive then restart them.
2011-10-25 23:19:36 +02:00
Daniel Stenberg
22502c9550 dist: add test 587
I created test 587 in commit 840eff44f2 but forgot to add the file to
the tarball. Added now.
2011-10-24 23:09:59 +02:00
Daniel Stenberg
39c6d18d9c test 588: verify active FTP with multi interface without EPRT
This is using the verbatim 525 test code but it disables EPRT in the
server and this should work just as well anyway.
2011-10-24 23:08:16 +02:00
Daniel Stenberg
f4405d30e0 FTP server: allow EPRT by default
EPRT is now supported by default by the server. To disable it, use the
generic REPLY instruction in the <servercmd> tag. Test 116 now has it
disabled. All other existing active FTP port tests strip out the port
commands from the logs already so the change of the server isn't that
noticable.
2011-10-24 23:07:53 +02:00
Yang Tse
e8d8843a02 ftp.c: some OOM handling fixes 2011-10-24 20:45:13 +02:00
Yang Tse
134e87c53b ftpserver.pl: ensure integral number usage for passive mode string 2011-10-24 20:45:12 +02:00
Daniel Stenberg
515f11e79b large headers: have curl accept >16K headers
As commit 5850cc4808 clarifies, libcurl can deliver header lines that
are longer than CURL_MAX_WRITE_SIZE, only body data is limited to that
size. The curl tool has check (when built debug-enabled) that made the
wrong checks and this new test 1205 verifies that larger headers work.
2011-10-24 17:28:41 +02:00
Daniel Stenberg
5850cc4808 curl_easy_setopt.3: headers can be CURL_MAX_HTTP_HEADER bytes
Mention this maximum header size for the header callback cases
2011-10-24 16:43:53 +02:00
Daniel Stenberg
c295565569 Merge pull request #25 from trtom/master
make sure the static build uses the static build option!
2011-10-24 04:11:43 -07:00
Daniel Stenberg
e771344611 curl_easy_setopt.3: fix typo
shoot, Dan Fandrich already had this pointed out...
2011-10-24 00:13:47 +02:00
Steve Holme
a4471045bb curl_easy_setopt: Added pop3 to CURLOPT_URL.
Added pop3 username and password example as well as an explanation of
how path part of the URL is used under pop3.

Additionally have corrected a couple of typos.
2011-10-24 00:10:58 +02:00
Yang Tse
cc76bbe79b tool_operate.c: OOM handling fix
Move curl_easy_perform source code geneartion out of curl_easy_perform's loop
for proper OOM handling and source code geneartion.
2011-10-22 14:49:02 +02:00
Daniel Stenberg
d7934b8bd4 curl_multi_fdset: correct fdset with FTP PORT use
After a PORT has been issued, and the multi handle would switch to the
CURLM_STATE_DO_MORE state (which is unique for FTP), libcurl would
return the wrong fdset to wait for when curl_multi_fdset() is
called. The code would blindly assume that it was waiting for a connect
of the second connection, while that isn't true immediately after the
PORT command.

Also, the function multi.c:domore_getsock() was highly FTP-centric and
therefore ugly to keep in protocol-agnostic code. I solved this problem
by introducing a new function pointer in the Curl_handler struct called
domore_getsock() which is only called during the DOMORE state for
protocols that set that pointer.

The new ftp.c:ftp_domore_getsock() function now returns fdset info about
the control connection's command/response handling while such a state is
in use, and goes over to waiting for a writable second connection first
once the commands are done.

The original problem could be seen by running test 525 and checking the
time stamps in the FTP server log. I can verify that this fix at least
fixes this problem.

Bug: http://curl.haxx.se/mail/lib-2011-10/0250.html
Reported by: Gokhan Sengun
2011-10-21 23:36:54 +02:00