1285 Commits

Author SHA1 Message Date
Daniel Stenberg
95bd901efe - Fixed the problem with doing a zero byte SCP transfer, verified with test
case 617 (which was added by Daniel Fandrich 5 Mar 2008).
2008-03-22 22:00:21 +00:00
Dan Fandrich
c37cdbe2cf Fixed a problem where curl-config --protocols could erroneously show LDAPS
support when curl didn't even have regular LDAP support.  It looks like
this could happen when the --enable-ldaps configure switch is given but
configure couldn't find the LDAP headers or libraries.
2008-03-20 20:08:44 +00:00
Michal Marek
86cbb23282 - Added --with-ca-path=DIRECTORY configure option to use an openSSL CApath by
default instead of a ca bundle. The configure script will also look for a
  ca path if no ca bundle is found and no option given.

- Fixed detection of previously installed curl-ca-bundle.crt
2008-03-20 08:09:23 +00:00
Dan Fandrich
e9a460411f Fixed an infinite loop when given an invalid SFTP quote command. 2008-03-18 22:59:04 +00:00
Dan Fandrich
a57098ea9b Added test 626 to reproduce an infinite loop when given an invalid
SFTP quote command reported by Vincent Le Normand, but left it disabled.
2008-03-18 17:05:29 +00:00
Michal Marek
6f3166c15b - Added curl_easy_getinfo typechecker.
- Added macros for curl_share_setopt and curl_multi_setopt to check at least
  the correct number of arguments.
2008-03-18 08:14:37 +00:00
Dan Fandrich
040a4443a1 Added tests 622-625 to test SFTP/SCP uploads. Test 625 was an attempt to
reproduce the --ftp-create-dirs problem reported by Brian Ulm, but that
seems to need a call curl_easy_reset() which this test case doesn't do.
2008-03-13 22:51:39 +00:00
Daniel Stenberg
641d5c4111 - Brian Ulm figured out that if you did an SFTP upload with
CURLOPT_FTP_CREATE_MISSING_DIRS to create a directory, and then re-used the
  handle and uploaded another file to another directory that needed to be
  created, the second upload would fail. Another case of a state variable that
  wasn't properly reset between requests.

- I rewrote the 100-continue code to use a single state variable instead of
  the previous two ones. I think it made the logic somewhat clearer.
2008-03-13 21:43:39 +00:00
Daniel Stenberg
b9d66dca51 - Dmitry Popov filed bug report #1911069
(http://curl.haxx.se/bug/view.cgi?id=1911069) that identified a race
  condition in the name resolver code when the DNS cache is shared between
  multiple easy handles, each running in simultaneous threads that could cause
  crashes.
2008-03-11 22:55:23 +00:00
Daniel Stenberg
ecf1c6ca5d - Added a macro for curl_easy_setopt() that accepts three arguments and simply
does nothing with them, just to make sure libcurl users always use three
  arguments to this function. Due to its use of ... for the third argument, it
  is otherwise hard to detect abuse.
2008-03-11 13:14:16 +00:00
Michal Marek
7a8a20416f - Added a type checking macro for curl_easy_setopt(), needs gcc-4.3 and only
works in C mode atm (http://curl.haxx.se/mail/lib-2008-02/0267.html ,
  http://curl.haxx.se/mail/lib-2008-02/0292.html )
2008-03-11 07:37:40 +00:00
Dan Fandrich
458925ae0b Added tests 618-621 to test SFTP/SCP transfers of more than one file
(test 620 tests the just-fixed problem reported by Brian Ulm).
2008-03-10 19:40:27 +00:00
Daniel Stenberg
82e095a275 - Brian Ulm reported a crash when doing a second SFTP transfer on a re-used
easy handle if curl_easy_reset() was used between them. I fixed it and Brian
  verified that it cured his problem.

- Brian Ulm reported that if you first tried to download a non-existing SFTP
  file and then fetched an existing one and re-used the handle, libcurl would
  still report the second one as non-existing as well! I fixed it abd Brian
  verified that it cured his problem.
2008-03-09 11:37:48 +00:00
Michal Marek
40e1a016f9 Fix the gssapi configure check to detect newer MIT Kerberos (patch by
Michael Calmer)
2008-03-06 17:22:45 +00:00
Yang Tse
91aeebed26 Regression fix:
select/poll calls will only be retried upon EINTR failures as
it previously was in lib/select.c revision 1.29

In this way Curl_socket_ready() and Curl_poll() will again fail
on any select/poll errors different than EINTR.
2008-03-06 03:48:33 +00:00
Dan Fandrich
b16ea66cec Added tests 616 and 617 to see how SFTP and SCP cope with zero-length
files, as questioned by Mike Protts. SFTP does for me but SCP doesn't
so test 617 is disabled for now.
2008-03-06 01:15:28 +00:00
Daniel Stenberg
0836893335 Mike Protts brought a patch that makes resumed transfers work with SFTP. 2008-03-04 11:53:15 +00:00
Daniel Stenberg
590f0358d8 - Anatoli Tubman found and fixed a crash with Negotiate authentication used on
a re-used connection where both requests used Negotiate.
2008-03-01 22:32:03 +00:00
Gunter Knauf
9682c2037e Added support for server name indication (RFC 4366).
Patch submitted by Kaspar Brand.
2008-02-26 10:30:13 +00:00
Daniel Stenberg
74241e7d85 - Kaspar Brand made GnuTLS-built libcurl properly acknowledge the option that
forces it to prefer SSLv3.
2008-02-25 07:51:39 +00:00
Daniel Stenberg
6982ed4db7 - Sam Listopad provided a patch in feature-request #1900014
http://curl.haxx.se/bug/feature.cgi?id=1900014 that makes libcurl (built to
  use OpenSSL) support a full chain of certificates in a given PKCS12
  certificate.
2008-02-23 12:27:45 +00:00
Daniel Stenberg
9dd3e4d481 - Georg Lippitsch made the src/Makefile.vc6 makefile use the same memory model
options as the lib/Makefile.vc6 already did.
2008-02-22 22:53:01 +00:00
Daniel Stenberg
e9bb7b7712 - Zmey Petroff found a crash when libcurl accessed a NULL pointer, which
happened if you set the connection cache size to 1 and for example failed to
  login to an FTP site. Bug report #1896698
  (http://curl.haxx.se/bug/view.cgi?id=1896698)
2008-02-21 17:52:16 +00:00
Daniel Stenberg
e6170eb20d - Fixed test case 405 to not fail when libcurl is built with GnuTLS 2008-02-20 12:18:08 +00:00
Gunter Knauf
b60dbfa9e9 mention removal of SSLv2 by default. 2008-02-20 11:58:20 +00:00
Daniel Stenberg
53a549000c - Based on initial work done by Gautam Kachroo to address a bug, we now keep
better control at the exact state of the connection's SSL status so that we
  know exactly when it has completed the SSL negotiation or not so that there
  won't be accidental re-uses of connections that are wrongly believed to be
  in SSL-completed-negotiate state.
2008-02-20 09:56:26 +00:00
Daniel Stenberg
55700cb01f - We no longer support setting the CURLOPT_URL option from inside a callback
such as the CURLOPT_SSL_CTX_FUNCTION one treat that as if it was a Location:
  following. The patch that introduced this feature was done for 7.11.0, but
  this code and functionality has been broken since about 7.15.4 (March 2006)
  with the introduction of non-blocking OpenSSL "connects".

  It was a hack to begin with and since it doesn't work and hasn't worked
  correctly for a long time and nobody has even noticed, I consider it a very
  suitable subject for plain removal. And so it was done.
2008-02-20 08:28:02 +00:00
Dan Fandrich
0cae201044 Added test309 to test HTTP redirect to HTTPS URL 2008-02-19 21:57:41 +00:00
Daniel Stenberg
fb23b85770 - We're no longer providing a very old ca-bundle in the curl tarball. You can
get a fresh one downloaded and created with 'make ca-bundle' or you can get
  one from here => http://curl.haxx.se/docs/caextract.html if you want a fresh
  new one extracted from Mozilla's recent list of ca certs.

  The configure option --with-ca-bundle now lets you specify what file to use
  as default ca bundle for your build. If not specified, the configure script
  will check a few known standard places for a global ca cert to use.
2008-02-18 11:35:12 +00:00
Daniel Stenberg
3458ce9ae5 - Jerome Muffat-Meridol helped me fix Curl_done() to close the current
connection by force when it was called before the entire request is
  completed, simply because we can't know if the connection really can be
  re-used safely at that point.
2008-02-17 13:49:58 +00:00
Daniel Stenberg
e78652d850 - Made the gnutls code path not even try to get the server cert if no peer
verification is requested. Previously it would even return failure if gnutls
  failed to get the server cert even though no verification was asked for.

- Fix my Curl_timeleft() leftover mistake in the gnutls code
2008-02-15 22:37:00 +00:00
Daniel Stenberg
d25aab2704 - Pooyan McSporran found and fixed a flaw where you first would do a normal
http request and then you'd reuse the handle and replace the Accept: header,
  as then libcurl would send two Accept: headers!
2008-02-15 08:56:06 +00:00
Daniel Stenberg
fcc320ee40 Yang Tse pointed out a few remaining quirks from my timeout refactoring from
Feb 7 that didn't abort properly on timeouts. These are actually old
problems but now they should be fixed.
2008-02-11 22:03:31 +00:00
Yang Tse
736af32b49 Bug report #1888932 (http://curl.haxx.se/bug/view.cgi?id=1888932) points
out and provides test program that demonstrates that libcurl might not set
error description message for error CURLE_COULDNT_RESOLVE_HOST for Windows
threaded name resolver builds. Fixed now.
2008-02-10 04:20:09 +00:00
Dan Fandrich
fc1443dcfc Added key words to all SSL-using tests so they can be skipped if necessary.
Removed a few unnecessary requires SSL statements.
2008-02-09 02:08:34 +00:00
Daniel Stenberg
4c841a1f0c - Mike Hommey filed and fixed bug report #1889856
(http://curl.haxx.se/bug/view.cgi?id=1889856): When using the gnutls ssl
  layer, cleaning-up and reinitializing curl ends up with https requests
  failing with "ASN1 parser: Element was not found" errors. Obviously a
  regression added in 7.16.3.
2008-02-08 22:02:00 +00:00
Yang Tse
1a340de0e5 To verify that the sftp server is actually running, responsive and that
all curl's tests generated configuration and key files are fine, a real
connection is established to the test harness sftp server authenticating
and running a simple sftp remote pwd command.

The verification is done using OpenSSH's or SunSSH's sftp client tool with
a configuration file with the same options as the test harness socks server
with the exception that dynamic forwarding is not used for sftp.
2008-02-08 13:54:02 +00:00
Daniel Stenberg
c3a7a757f7 Günter Knauf added lib/mk-ca-bundle.pl which gets the Firefox ca bundle and
creates a suitable ca-bundle.crt file in PEM format for use with curl. The
recommended way to run it is to use 'make ca-bundle' in the build tree root.
2008-02-08 11:16:44 +00:00
Dan Fandrich
ce1649564c Added tests 1022 and 1023 to validate output of curl-config --version and
--vernum
2008-02-08 01:21:03 +00:00
Daniel Stenberg
1b701c746f - Refactored a lot of timeout code into a few functions in an attempt to make
them all use the same (hopefully correct) logic to make it less error-prone
  and easier to introduce library-wide where it should be used.
2008-02-07 22:25:04 +00:00
Yang Tse
20e9fc73e2 Fix problem in strdup replacement when dealing with absolutely huge strings. 2008-02-06 19:01:13 +00:00
Daniel Stenberg
ffae4f6b48 - Dmitry Kurochkin cleaned up the pipelining code and removed the need for and
use of the "is_in_pipeline" struct field.
2008-02-03 12:31:35 +00:00
Daniel Stenberg
a62e155ca4 - Niklas Angebrand made the cookie support in libcurl properly deal with the
"HttpOnly" feature introduced by Microsoft and apparently also supported by
  Firefox: http://msdn2.microsoft.com/en-us/library/ms533046.aspx . HttpOnly
  is now supported when received from servers in HTTP headers, when written to
  cookie jars and when read from existing cookie jars.
2008-01-31 12:21:57 +00:00
Daniel Stenberg
b620e62f0f - Dmitry Kurochkin moved several struct fields from the connectdata struct to
the SingleRequest one to make pipelining better. It is a bit tricky to keep
  them in the right place, to keep things related to the actual request or to
  the actual connection in the right place.
2008-01-31 12:04:33 +00:00
Daniel Stenberg
1bfbd25027 - Dmitry Kurochkin fixed Curl_done() for pipelining, as it could previously
crash!
2008-01-29 12:58:25 +00:00
Daniel Stenberg
ceb5a8ca7b - Michal Marek fixed minor mistake in test case 553 that prevented it from
working on other IP-addresses or port numbers.
2008-01-29 12:31:11 +00:00
Daniel Stenberg
a7b98f5f6b 7.18.0 2008-01-28 17:28:21 +00:00
Daniel Stenberg
87fdfe770d Dmitry Kurochkin: In "real world" testing I found more bugs in
pipelining. Broken connection is not restored and we get into infinite
loop. It happens because of wrong is_in_pipeline values.
2008-01-27 22:53:09 +00:00
Daniel Stenberg
c6df788866 - Kevin Reed filed bug report #1879375
(http://curl.haxx.se/bug/view.cgi?id=1879375) which describes how libcurl
  got lost in this scenario: proxy tunnel (or HTTPS over proxy), ask to do any
  proxy authentication and the proxy replies with an auth (like NTLM) and then
  closes the connection after that initial informational response.

  libcurl would not properly re-initialize the connection to the proxy and
  continue the auth negotiation like supposed. It does now however, as it will
  now detect if one or more authentication methods were available and asked
  for, and will thus retry the connection and continue from there.

- I made the progress callback get called properly during proxy CONNECT.
2008-01-25 23:33:45 +00:00
Daniel Stenberg
fb07259e0d and Igor Franchuk is his name! 2008-01-24 17:17:18 +00:00