Commit Graph

15224 Commits

Author SHA1 Message Date
Mark Salisbury
72a5813192 schannel SSL: changes in schannel_connect_step2
Process extra data buffer before returning from schannel_connect_step2.
Without this change I've seen WinCE hang when schannel_connect_step2
returns and calls Curl_socket_ready.

If the encrypted handshake does not fit in the intial buffer (seen with
large certificate chain), increasing the encrypted data buffer is necessary.

Fixed warning in curl_schannel.c line 1215.
2012-06-20 00:51:03 +02:00
Mark Salisbury
99b13f2741 config-win32ce.h: WinCE config adjustment
process.h is not present on WinCE
2012-06-20 00:49:49 +02:00
Mark Salisbury
a15378e073 schannel SSL: Made send method handle unexpected cases better
Implemented timeout loop in schannel_send while sending data.  This
is as close as I think we can get to write buffering; I put a big
comment in to explain my thinking.

With some committer adjustments
2012-06-20 00:16:40 +02:00
Marc Hoersken
7d2abe27dd curl_schannel.c: Avoid unnecessary realloc calls to reduce buffer size 2012-06-19 22:54:58 +02:00
Mark Salisbury
64962b0218 schannel SSL: Use standard Curl read/write methods
Replaced calls to swrite with Curl_write_plain and calls to sread
with Curl_read_plain.

With some committer adjustments
2012-06-19 20:32:35 +02:00
Yang Tse
75dd191bdf schannel SSL: make wording of some trace messages better reflect reality 2012-06-19 20:32:19 +02:00
Marc Hoersken
e93e3bcb82 curl_schannel.h: Use BUFSIZE as the initial buffer size if available
Make the Schannel implementation use libcurl's default buffer size
for the initial received encrypted and decrypted data cache buffers.
The implementation still needs to handle more data since more data
might have already been received or decrypted during the handshake
or a read operation which needs to be cached for the next read.
2012-06-19 14:41:43 +02:00
Guenter Knauf
feaf8f9590 Fixed NetWare makefile broken from last commit. 2012-06-19 11:55:06 +02:00
Mark Salisbury
8a8829499d schannel SSL: Implemented SSL shutdown
curl_schannel.c - implemented graceful SSL shutdown.  If we fail to
shutdown the connection gracefully, I've seen schannel try to use a
session ID for future connects and the server aborts the connection
during the handshake.
2012-06-19 04:39:46 +02:00
Mark Salisbury
1e4c57fa64 schannel SSL: certificate validation on WinCE
curl_schannel.c - auto certificate validation doesn't seem to work
right on CE.  I added a method to perform the certificate validation
which uses CertGetCertificateChain and manually handles the result.
2012-06-19 04:39:45 +02:00
Mark Salisbury
29dd7192e6 schannel SSL: Added helper methods to simplify code
Added helper methods InitSecBuffer() and InitSecBufferDesc() to make it
easier to set up SecBuffer & SecBufferDesc structs.
2012-06-19 04:39:44 +02:00
Guenter Knauf
705330c750 Some more NetWare makefile tweaks for metalink. 2012-06-18 23:19:35 +02:00
Yang Tse
599a2c1f1a tool_cb_see.c: WinCE build adjustment 2012-06-18 18:52:29 +02:00
Mark Salisbury
5a8649863c setup.h: WinCE build adjustment 2012-06-18 18:52:28 +02:00
Mark Salisbury
05f6f2497a ftplistparser.c: do not compile if FTP protocol is not enabled 2012-06-18 18:51:30 +02:00
Yang Tse
d56e8bcc8a Win32: downplay MS bazillion type synonyms game
Avoid usage of some MS type synonyms to allow compilation with
compiler headers that don't define these, using simpler synonyms.
2012-06-16 19:20:50 +02:00
Daniel Stenberg
220776de6b Curl_rtsp_parseheader: avoid useless malloc/free
Coverity actually pointed out flawed logic in the previous call to
Curl_strntoupper() where the code used sizeof() of a pointer to pass in
a size argument. That code still worked since it only needed to
uppercase 4 letters. Still, the entire malloc/uppercase/free sequence
was pointless since the code has already matched the string once in the
condition that starts the block of code.
2012-06-15 22:51:45 +02:00
Daniel Stenberg
3da2c0f6d2 curl_share_setopt: use va_end()
As spotted by Coverity, va_end() was not used previously. To make it
used I took away a bunch of return statements and made them into
assignments instead.
2012-06-15 22:37:19 +02:00
Yang Tse
ac3e356c95 SSPI related code: Unicode support for WinCE - kill compiler warnings 2012-06-15 21:50:57 +02:00
Mark Salisbury
a96fa00f38 SSPI related code: Unicode support for WinCE - commit 46480bb9 follow-up 2012-06-15 19:39:18 +02:00
Yang Tse
a5e0583cd3 build: add curl_multibyte files to build systems 2012-06-15 18:41:50 +02:00
Mark Salisbury
46480bb9a1 SSPI related code: Unicode support for WinCE
SSPI related code now compiles with ANSI and WCHAR versions of security
methods (WinCE requires WCHAR versions of methods).

Pulled UTF8 to WCHAR conversion methods out of idn_win32.c into their own file.

curl_sasl.c - include curl_memory.h to use correct memory functions.

getenv.c and telnet.c - WinCE compatibility fix

With some committer adjustments
2012-06-15 18:41:49 +02:00
Guenter Knauf
16c725dbc7 Fixed typo. 2012-06-15 02:25:09 +02:00
Yang Tse
0fd5dda99d winbuild/MakefileBuild.vc: convert line endings to DOS style
As per request on mailing list: http://curl.haxx.se/mail/lib-2012-06/0222.html
2012-06-14 19:19:18 +02:00
Marc Hoersken
9d8375c29b winbuild: Allow SSPI build with or without Schannel
The changes introduced in commit 2bfa57bc32 are not enough
to make it actually possible to use the USE_WINSSL option.
Makefile.vc was not updated and the configuration name which is
used in the build path did not match between both build files.

This patch fixes those issues and introduces the following changes:

- Replaced the -schannel name with -winssl in order to be consistent
with the other options
- Added ENABLE_WINSSL option to winbuild/Makefile.vc (default yes)
- Changed winbuild/MakefileBuild.vc to set USE_WINSSL to true if
USE_SSL is false and USE_WINSSL was not specified as a parameter
- Separated WINSSL handling from SSPI handling to be consistent with
the other options and their corresponding code path
2012-06-14 18:16:47 +02:00
Yang Tse
508dbb99aa curl.1: 7.27.0 seems next release 2012-06-14 18:10:29 +02:00
Yang Tse
42f0588ea8 schannel: fix printf-style format strings 2012-06-14 16:55:26 +02:00
Yang Tse
6085ca2aed Fix bad failf() and info() usage
Calls to failf() are not supposed to provide trailing newline.
Calls to infof() must provide trailing newline.

Fixed 30 or so strings.
2012-06-14 13:32:05 +02:00
Yang Tse
a8259945c4 schannel: fix unused parameter warnings 2012-06-14 12:12:54 +02:00
Yang Tse
3af5023a20 schannel: fix comparisons between signed and unsigned 2012-06-14 12:10:51 +02:00
Yang Tse
2bac074f08 schannel: fix discarding qualifier from pointer type 2012-06-14 12:05:48 +02:00
Yang Tse
d098cfd8c0 schannel: fix shadowing of global declarations 2012-06-14 11:53:46 +02:00
Yang Tse
b4b7f6828c schannel: fix Curl_schannel_init() and Curl_schannel_cleanup() declarations 2012-06-14 11:34:12 +02:00
Gisle Vanem
0d0893f2b9 urldata.h: fix cyassl/openssl/ssl.h build clash with wincrypt.h
Building with CyaSSL failed compilation. Reason being that OCSP_REQUEST and
OCSP_RESPONSE are enum values in CyaSSL and defines in <wincrypt.h> included
via <winldap.h> in ldap.c.

http://curl.haxx.se/mail/lib-2012-06/0196.html
2012-06-14 01:51:51 +02:00
Yang Tse
2bfa57bc32 MakefileBuild.vc: Allow building without SSL
In order to use Windows native SSL support define 'USE_WINSSL'
2012-06-13 21:15:41 +02:00
Yang Tse
b276ac7691 configure: new option --with-winssl
This option may be used to build curl/libcurl using SSL/TLS support provided
by MS windows system libraries. Option is mutually exclusive with any other
SSL library. Default value is --without-winssl.

--with-winssl option implies --with-sspi option.

Option meaningful only for Windows builds.
2012-06-13 20:54:42 +02:00
Guenter Knauf
32ce7f19b2 Changed Schannel string to SSL-Windows-native.
This is more descriptive for the user who might
not even know what schannnel is at all.
2012-06-13 19:29:45 +02:00
Yang Tse
819afe46ee schannel: remove version number and identify its use with 'schannel' literal
Version number is removed in order to make this info consistent with
how we do it with other MS and Linux system libraries for which we don't
provide this info.

Identifier changed from 'WinSSPI' to 'schannel' given that this is the
actual provider of the SSL/TLS support. libcurl can still be built with
SSPI and without SCHANNEL support.
2012-06-13 16:42:48 +02:00
Daniel Stenberg
c13af84372 singlesocket: remove dead code
No need to check if 'entry' is non-NULL in a spot where it is already checked
and guaranteed to be non-NULL.

(Spotted by a Coverity scan)
2012-06-12 23:04:04 +02:00
Daniel Stenberg
47c1bf9e43 netrc: remove dead code
Remove two states from the enum and the corresponding code for them as
these states were never reached or used.

(Spotted by a Coverity scan)
2012-06-12 22:46:14 +02:00
Yang Tse
d95b8e0627 Revert "connect.c/ftp.c: Fixed dereferencing pointer breakin strict-aliasing"
This reverts commit 9c94236e6c.

It didn't server its purpose, so lets go back to long-time working code.
2012-06-12 13:12:09 +02:00
Yang Tse
1e8e6057ea socks_sspi.c: further cleanup 2012-06-12 12:34:52 +02:00
Marc Hoersken
38f05cea46 socks_sspi.c: Clean up and removal of obsolete minor status
Removed obsolete minor status variable and parameter of status function
which was never used or set at all. Also Curl_sspi_strerror does support
only one status and there is no need for a second sub status.
2012-06-12 11:52:42 +02:00
Guenter Knauf
7bf910482e Removed trailing whitespaces. 2012-06-12 05:36:08 +02:00
Yang Tse
b8edf5bbe9 strerror.c: make Curl_sspi_strerror() always return code for errors 2012-06-12 03:57:15 +02:00
Yang Tse
5e7a0fe73b curl_sspi.h: provide sspi status definitions missing in old headers 2012-06-12 03:56:24 +02:00
Yang Tse
746b80a210 sspi: make Curl_sspi_strerror() libcurl's sspi status code string function 2012-06-12 01:11:10 +02:00
Yang Tse
764a5e4a50 sspi: make Curl_sspi_strerror() libcurl's sspi status code string function 2012-06-12 01:06:48 +02:00
Daniel Stenberg
af0888aaf6 Revert: 634f7cfee4 partially
Make sure CURL_VERSION_SSPI is present and works as in previous releases
for ABI and API compatibility reasons.
2012-06-11 22:58:39 +02:00
Daniel Stenberg
9c18bb3702 checksrc: shorten a few lines to comply 2012-06-11 19:08:46 +02:00