Commit Graph

5037 Commits

Author SHA1 Message Date
Daniel Stenberg
504e6d7ae6 - Constantine Sapuntzakis identified a write after close, as the sockets were
closed by libcurl before the SSL lib were shutdown and they may write to its
  socket. Detected to at least happen with OpenSSL builds.
2009-11-20 19:32:49 +00:00
Daniel Stenberg
a41493b3b0 - Jad Chamcham pointed out a bug with connection re-use. If a connection had
CURLOPT_HTTPPROXYTUNNEL enabled over a proxy, a subsequent request using the
  same proxy with the tunnel option disabled would still wrongly re-use that
  previous connection and the outcome would only be badness.
2009-11-20 13:27:21 +00:00
Yang Tse
5129442ee7 Explicit initialization of all FTP struct members in ftp_init() 2009-11-19 17:21:56 +00:00
Yang Tse
e8fd5d8062 Fix compiler warning: ISO C90 forbids mixed declarations and code 2009-11-18 11:53:31 +00:00
Yang Tse
2f6dcaa644 Make memory tracking system intolerant with zero sized malloc(),
calloc() and realloc() function calls.
2009-11-18 11:21:58 +00:00
Yang Tse
59939313f8 Make usage of calloc()'s arguments consistent with rest of code base 2009-11-18 10:33:54 +00:00
Daniel Stenberg
b32d1a9a1d - Constantine Sapuntzakis provided another fix for the DNS cache that could
end up with entries that wouldn't time-out:

  1. Set up a first web server that redirects (307) to a http://server:port
     that's down
  2. Have curl connect to the first web server using curl multi

  After the curl_easy_cleanup call, there will be curl dns entries hanging
  around with in_use != 0.

  (http://curl.haxx.se/bug/view.cgi?id=2891591)
2009-11-17 22:53:55 +00:00
Yang Tse
3b8d7fddf7 Client certificate ENG file type requires OpenSSL 0.9.7 or newer 2009-11-15 12:58:50 +00:00
Yang Tse
581ce03345 Remove enable-thread / disable-thread configure option. These were only placebo
options. The library is always built as thread safe as possible on every system.
2009-11-15 02:45:23 +00:00
Yang Tse
1cbc93fb54 Refactor how preprocessor symbol _THREAD_SAFE definition is done. 2009-11-14 18:51:37 +00:00
Yang Tse
a8ddd6ce31 OpenSSL 0.9.7 or newer required for ENGINE_CTRL_GET_CMD_FROM_NAME definition 2009-11-14 11:33:49 +00:00
Daniel Stenberg
9c49e51f7e - Camille Moncelier added support for the file type SSL_FILETYPE_ENGINE for
the client certificate. It also disable the key name test as some engines
  can select a private key/cert automatically (When there is only one key
  and/or certificate on the hardware device used by the engine)
2009-11-14 07:53:34 +00:00
Yang Tse
90bc6ee8f3 - Constantine Sapuntzakis provided the fix that ensures that an SSL connection
won't be reused unless protection level for peer and host verification match.
2009-11-14 02:30:30 +00:00
Yang Tse
05a4abea04 Constantine Sapuntzakis patch for hostip.c
No need for a separate variable ndns.

The memory leak detection will detect code that fails to release a dns reference.

The DEBUGASSERT will detect code that releases too many references.
2009-11-12 19:28:43 +00:00
Yang Tse
011a2818db Add missing variable initialization 2009-11-12 14:36:34 +00:00
Kamil Dudka
571309dc3e - libcurl-NSS now tries to reconnect with TLS disabled in case it detects
a broken TLS server. However it does not happen if SSL version is selected
  manually. The approach was originally taken from PSM. Kaspar Brand helped me
  to complete the patch. Original bug reports:
  https://bugzilla.redhat.com/525496
  https://bugzilla.redhat.com/527771
2009-11-12 11:16:31 +00:00
Kamil Dudka
d547d00f2c - Kevin Baughman provided a fix preventing libcurl-NSS from crash on doubly
closed NSPR descriptor. The issue was hard to find, reported several times
  before and always closed unresolved. More info at the RH bug:
  https://bugzilla.redhat.com/534176
2009-11-12 10:54:10 +00:00
Yang Tse
668dc0ad87 Make hostip.c compile again 2009-11-12 04:32:08 +00:00
Yang Tse
40c2c3270d - Marco Maggi reported that compilation failed when configured --with-gssapi
and GNU GSS installed due to a missing mutual exclusion of header files in
  the Kerberos 5 code path. He also verified that my patch worked for him.
2009-11-11 21:15:34 +00:00
Daniel Stenberg
fb5f332834 - Constantine Sapuntzakis posted bug #2891595
(http://curl.haxx.se/bug/view.cgi?id=2891595) which identified how an entry
  in the DNS cache would linger too long if the request that added it was in
  use that long. He also provided the patch that now makes libcurl capable of
  still doing a request while the DNS hash entry may get timed out.
2009-11-11 09:31:37 +00:00
Daniel Stenberg
107c4d878a - Christian Schmitz noticed that the progress meter/callback was not properly
used during the FTP connection phase (after the actual TCP connect), while
  it of course should be. I also made the speed check get called correctly so
  that really slow servers will trigger that properly too.
2009-11-11 09:01:43 +00:00
Kamil Dudka
676e0c28e7 - Dropped misleading timeouts in libcurl-NSS and made sure the SSL socket works
in non-blocking mode.
2009-11-05 15:41:31 +00:00
Yang Tse
55e68ba333 I removed leading 'curl' path on the 'curlbuild.h' include statement in
curl.h, adjusting auto-makefiles include path, to enhance portability to
OS's without an orthogonal directory tree structure such as OS/400.
2009-11-05 15:04:03 +00:00
Yang Tse
3f56d12830 avoid division by zero 2009-11-05 15:00:28 +00:00
Daniel Stenberg
257f2376d5 - I fixed several problems with the transfer progress meter. It showed the
wrong percentage for small files, most notable for <1000 bytes and could
  easily end up showing more than 100% at the end. It also didn't show any
  percentage, transfer size or estimated transfer times when transferring
  less than 100 bytes.
2009-11-04 23:09:17 +00:00
Yang Tse
c8da2980ed include progress.h for Curl_pgrsSetDownloadCounter function prototype 2009-11-02 20:04:18 +00:00
Daniel Stenberg
b19dc0eeb0 - As reported independent by both Stan van de Burgt and Didier Brisebourg,
CURLINFO_SIZE_DOWNLOAD (the -w variable size_download) didn't work when
  getting data from ldap!
2009-11-02 18:49:56 +00:00
Daniel Stenberg
41de897b6b describe the cmake situation 2009-11-02 16:24:11 +00:00
Daniel Stenberg
223d848104 - Gabriel Kuri reported a problem with CURLINFO_CONTENT_LENGTH_DOWNLOAD if the
download was 0 bytes, as libcurl would then return the size as unknown (-1)
  and not 0. I wrote a fix and test case 566 to verify it.
2009-10-31 18:51:50 +00:00
Daniel Stenberg
a76f4ab7dd - Liza Alenchery mentioned a problem with re-used SCP connection when a bad
auth is used, as it caused a crash. I failed to repeat the issue, but still
  made a change that now forces the TCP connection used for a freed SCP
  session to get closed and not be re-used.
2009-10-30 22:28:56 +00:00
Daniel Stenberg
d68f215f03 - "Tom" posted a bug report that mentioned how libcurl did wrong when doing a
POST using a read callback, with Digest authentication and
  "Transfer-Encoding: chunked" enforced.  I would then cause the first request
  to be wrongly sent and then basically hang until the server closed the
  connection. I fixed the problem and added test case 565 to verify it.
2009-10-30 22:24:48 +00:00
Yang Tse
308497ffc6 Fix compiler warning: control reaches end of non-void function 2009-10-29 04:02:21 +00:00
Yang Tse
b205525d34 Take in account c-ares 1.6.1 will use __declspec function decoration
for Win32 and Symbian unless CARES_STATICLIB is defined to use static
library linkage.
2009-10-29 03:48:00 +00:00
Daniel Stenberg
6a79b0e859 Since the NSS lib closes the socket the memory tracking system wrongly gets a
false positive on a leaked socket, so this introduces a way to tell the system
that the socket is indeed closed without explicitly closing it!
2009-10-28 20:30:23 +00:00
Yang Tse
21af9bf1cd Fix spelling 2009-10-27 16:56:20 +00:00
Yang Tse
b2f4308980 Fix Pelles C Win32 target compilation issues 2009-10-27 16:38:42 +00:00
Daniel Stenberg
448d2b5f49 - Dima Barsky made the curl cookie parser accept cookies even with blank or
unparsable expiry dates and then treat them as session cookies - previously
  libcurl would reject cookies with a date format it couldn't parse. Research
  shows that the major browser treat such cookies as session cookies. I
  modified test 8 and 31 to verify this.
2009-10-25 18:15:14 +00:00
Yang Tse
3f8d3e9c50 Update memory tracking/debugging reference 2009-10-21 18:01:11 +00:00
Daniel Stenberg
12e60c6d4e spelling corrections 2009-10-21 07:40:33 +00:00
Yang Tse
ff3223259f Detect when msvc 6.0 is in use without PSDK installed, intentionally
fail to build when this happens, and show an appropriate error.

The brave of heart can circumvect this. Defining ALLOW_MSVC6_WITHOUT_PSDK
in lib/config-win32.h, although absolutely discouraged and unsupported,
this will allow the die hard MSVC hacker to build in such a discouraged
environment.

The actually supported 'fix' is to install 'February 2003 Platform SDK'
a.k.a. 'Windows Server 2003 PSDK' which can be freely downloaded from
http://www.microsoft.com/msdownload/platformsdk/sdkupdate/psdk-full.htm
2009-10-21 02:30:56 +00:00
Gunter Knauf
3da1ade4e5 added cast macros to silent compiler warnings with 64-bit systems. 2009-10-19 18:10:47 +00:00
Daniel Stenberg
6f4a5a4612 - Ray Dassen provided a patch in Debian's bug tracker (bug number #551461)
that now makes curl_getdate(3) actually handles RFC 822 formatted dates that
  use the "single letter military timezones".
  http://www.rfc-ref.org/RFC-TEXTS/822/chapter5.html has the details.
2009-10-18 21:56:19 +00:00
Yang Tse
6d4e6cc813 Check for basename() is now done the same as other function checks 2009-10-18 03:37:39 +00:00
Daniel Stenberg
86cec97b22 - Fixed memory leak in the SCP/SFTP code as it never freed the knownhosts
data!
2009-10-18 01:11:25 +00:00
Daniel Stenberg
e5ee822745 John Dennis filed bug report #2873666
(http://curl.haxx.se/bug/view.cgi?id=2873666) which identified a problem which
made libcurl loop infinitely when given incorrect credentials when using HTTP
GSS negotiate authentication.
2009-10-18 00:18:27 +00:00
Daniel Stenberg
167a92810a - Kevin Baughman found a double close() problem with libcurl-NSS, as when
libcurl called NSS to close the SSL "session" it also closed the actual
  socket.
2009-10-18 00:10:13 +00:00
Daniel Stenberg
21105ab344 README.NSS is gone 2009-10-17 18:31:57 +00:00
Gunter Knauf
6daede08cb we only need to call ASN1_STRING_length() if ASN1_STRING_type() detects UTF-8,
else ASN1_STRING_to_UTF8() returns the string length.
2009-10-14 02:32:27 +00:00
Yang Tse
3669ff3c1e Update LDAP URL format reference 2009-10-13 14:48:35 +00:00
Yang Tse
0077a6d51b Attempt to silence bogus compiler warning: "Potential null pointer dereference" 2009-10-08 12:44:25 +00:00
Yang Tse
4798f4e652 Fix compiler warning: addition result could be truncated before cast to bigger sized type 2009-10-08 00:02:32 +00:00
Kamil Dudka
b38e28b6bc fix gcc warnings in lib/nss.c 2009-10-07 20:34:08 +00:00
Gunter Knauf
2eeafcf9a6 removed NSS README since the mentioned problems are now solved. 2009-10-07 12:25:32 +00:00
Yang Tse
e593715d72 Fix comment 2009-10-06 14:00:03 +00:00
Yang Tse
cf367a62ce more files to ignore 2009-10-05 02:47:34 +00:00
Daniel Stenberg
b233957885 - Tom Mueller correctly reported in bug report #2870221
(http://curl.haxx.se/bug/view.cgi?id=2870221) that libcurl returned an
  incorrect return code from the internal trynextip() function which caused
  him grief. This is a regression that was introduced in 7.19.1 and I find it
  strange it hasn't hit us harder, but I won't persue into figuring out
  exactly why.
2009-10-01 07:59:45 +00:00
Daniel Stenberg
5ed274d0b7 - Constantine Sapuntzakis: The current implementation will always set
SO_SNDBUF to CURL_WRITE_SIZE even if the SO_SNDBUF starts out larger.  The
  patch doesn't do a setsockopt if SO_SNDBUF is already greater than
  CURL_WRITE_SIZE. This should help folks who have set up their computer with
  large send buffers.
2009-10-01 07:05:07 +00:00
Dan Fandrich
78d07cb0f9 Removed some extraneous carriage return characters 2009-09-28 18:13:35 +00:00
Yang Tse
5b11e3883c fix compiler warning: conversion from "long" to "size_t" may lose sign 2009-09-28 17:01:23 +00:00
Yang Tse
7d22ce5573 libcurl private function Curl_memrchr() now in curl_memrchr.c and curl_memrchr.h 2009-09-28 16:05:20 +00:00
Daniel Stenberg
0ea6abe7df tiny indent fix 2009-09-27 21:37:24 +00:00
Daniel Stenberg
8646cecb78 - I introduced a maximum limit for received HTTP headers. It is controlled by
the define CURL_MAX_HTTP_HEADER which is even exposed in the public header
  file to allow for users to fairly easy rebuild libcurl with a modified
  limit. The rationale for a fixed limit is that libcurl is realloc()ing a
  buffer to be able to put a full header into it, so that it can call the
  header callback with the entire header, but that also risk getting it into
  trouble if a server by mistake or willingly sends a header that is more or
  less without an end. The limit is set to 100K.
2009-09-27 21:34:13 +00:00
Daniel Stenberg
867a0de670 unify two very similar code sections into one single function, header_append() 2009-09-27 21:14:15 +00:00
Daniel Stenberg
4f47fc4e14 - John P. McCaskey posted a bug report that showed how libcurl did wrong when
saving received cookies with no given path, if the path in the request had a
  query part. That is means a question mark (?) and characters on the right
  side of that. I wrote test case 1105 and fixed this problem.
2009-09-26 20:51:51 +00:00
Kamil Dudka
66fcebdc9e - Implemented a protocol independent way to specify blocking direction, used by
transfer.c for blocking. It is currently used only by SCP and SFTP protocols.
  This enhancement resolves an issue with 100% CPU usage during SFTP upload,
  reported by Vourhey.
2009-09-26 08:31:48 +00:00
Daniel Stenberg
af9ce990f0 minor whitespace edit 2009-09-25 20:26:44 +00:00
Daniel Stenberg
e3d623f190 - Chris Mumford filed bug report #2861587
(http://curl.haxx.se/bug/view.cgi?id=2861587) identifying that libcurl used
  the OpenSSL function X509_load_crl_file() wrongly and failed if it would
  load a CRL file with more than one certificate within. This is now fixed.
2009-09-25 18:09:38 +00:00
Yang Tse
c7c84e7420 fix compiler warning: end-of-loop code not reached 2009-09-25 13:05:36 +00:00
Yang Tse
37489a855f fix compiler warning: variable "sni" was set but never used 2009-09-24 13:24:08 +00:00
Gunter Knauf
9448659fc6 added support for new SQLite cert database format: added a runtime check for version 3.12.0, and depending on the result add 'sql:' prefix to cert database directory so that newer SQLIte database format works. 2009-09-21 22:52:59 +00:00
Gunter Knauf
4002714825 added aditional check for the directory specified with SSL_DIR, and fall back to hardcoded directory if not a valid directory. 2009-09-21 22:46:38 +00:00
Yang Tse
61ea058d9f fix compiler warning: comparison between signed and unsigned 2009-09-18 14:48:16 +00:00
Yang Tse
0c90cb7b83 fix compiler warning: enumerated type mixed with another type 2009-09-17 16:11:54 +00:00
Yang Tse
d006efebc0 fix compiler warning: conversion to 'size_t' from 'curl_off_t' may alter its value 2009-09-17 15:06:34 +00:00
Yang Tse
f2f45339dc Moved Curl_rand() and Curl_srand() code from formdata.c and formdata.h
into curl_rand.c and curl_rand.h
2009-09-17 14:23:27 +00:00
Yang Tse
31e106ced2 Attempt to silence bogus compiler warning: "Potential null pointer dereference" 2009-09-17 11:45:27 +00:00
Daniel Stenberg
250ba99498 - Sven Anders reported that we introduced a cert verfication flaw for OpenSSL-
powered libcurl in 7.19.6. If there was a X509v3 Subject Alternative Name
  field in the certficate it had to match and so even if non-DNS and non-IP
  entry was present it caused the verification to fail.
2009-09-16 20:44:18 +00:00
Yang Tse
f7690db37d Some systems poll function sets POLLHUP in revents without setting
POLLIN, and sets POLLERR without setting POLLIN and POLLOUT. In some
libcurl code execution paths this could trigger busy wait loops with
high CPU usage until a timeout condition aborted the loop.

This fix for Curl_poll adresses the above in a libcurl-wide mode.
2009-09-15 00:07:56 +00:00
Yang Tse
7e0b0763fc Revert Joshua Kwan's patch committed 11 Sep 2009.
Some systems poll function sets POLLHUP in revents without setting
POLLIN, and sets POLLERR without setting POLLIN and POLLOUT. In some
libcurl code execution paths this could trigger busy wait loops with
high CPU usage until a timeout condition aborted the loop.

The reverted patch addressed the above issue for a very specific case,
when awaiting c-ares to resolve. A libcurl-wide fix superceeds this one.

http://cool.haxx.se/cvs.cgi/curl/lib/select.c.diff?r1=1.52&r2=1.53
2009-09-15 00:07:25 +00:00
Gunter Knauf
4002fbe1f5 Joshua Kwan provided a patch to pass POLLERR / POLLHUP back to c-ares.
This fixes a loop problem with high CPU usage.
2009-09-11 02:33:04 +00:00
Daniel Stenberg
7ff4b4f2b5 - Claes Jakobsson fixed a problem with cookie expiry dates at exctly the epoch
start second "Thu Jan 1 00:00:00 GMT 1970" as the date parser then returns 0
  which internally then is treated as a session cookie. That particular date
  is now made to get the value of 1.
2009-09-10 21:06:50 +00:00
Gunter Knauf
5d4a1e245b added debug output for NSS certpath. 2009-09-08 01:13:49 +00:00
Gunter Knauf
3c199daa95 changed NetWare makefiles to rely on SHELL rather than OSTYPE since we can have a sh-like shell also on Windows (MSYS, Cygwin). 2009-09-07 19:34:03 +00:00
Gunter Knauf
5e3796349a added casts to silent compiler warning on 64bit systems. 2009-09-06 20:16:59 +00:00
Gunter Knauf
56a161e09a use our define struct_stat to be compatible with largefile support. 2009-09-06 19:45:08 +00:00
Gunter Knauf
2786ecaeef added base64.h include to silent warnings about missing prototype for ATOB_ConvertAsciiToItem. 2009-09-06 17:59:46 +00:00
Daniel Stenberg
183c9ce1cf fix copyright year 2009-09-03 08:30:28 +00:00
Daniel Stenberg
777168cb77 provide and export Curl_parsedate() as a library-wide internal function
for a better API to date parsing than the external API is
2009-09-03 08:13:32 +00:00
Daniel Stenberg
7a642c8bf1 - Daniel Johnson founded a flaw in the code convering sftp-errors to libcurl
errors.
2009-09-02 21:05:47 +00:00
Daniel Stenberg
7e07da977c - Peter Sylvester made a debug featuer for Curl_resolv() that now will force
libcurl to resolve 'localhost' whatever name you use in the URL *if* you set
  the --interface option to (exactly) "LocalHost". This will enable us to
  write tests for custom hosts names but still use a local host server.
2009-09-01 14:27:01 +00:00
Daniel Stenberg
4e9d3c26ed - When using the multi interface with FTP and you asked for NOBODY, you did no
QUOTE commands and the request used the same path as the connection had
  already changed to, it would decide that no commands would be necessary for
  the "DO" action and that was not handled properly but libcurl would instead
  hang.
2009-08-31 20:49:30 +00:00
Gunter Knauf
e7f81d59b0 add casts to silent compiler warnings with 64bit systems. 2009-08-30 01:36:01 +00:00
Gunter Knauf
68f7d5b8d3 add cast to silent compiler warning with 64bit systems. 2009-08-29 04:34:44 +00:00
Gunter Knauf
e8baa332d7 fix shadow definition of outp. 2009-08-29 04:26:02 +00:00
Gunter Knauf
39704bec3c add cast to silent compiler warning with 64bit systems. 2009-08-29 04:12:51 +00:00
Gunter Knauf
fad14bca01 removed obsolete casts. 2009-08-29 03:57:28 +00:00
Gunter Knauf
9e8eec4816 add casts to silent compiler warnings with 64bit systems. 2009-08-29 03:53:09 +00:00
Gunter Knauf
fa2ea23c96 add cast to silient compiler warning with 64bit systems. 2009-08-29 03:42:13 +00:00
Kamil Dudka
1a255e0e28 - Improved error message for not matching certificate subject name in
libcurl-NSS. Originally reported at:
  https://bugzilla.redhat.com/show_bug.cgi?id=516056#c9
2009-08-28 12:06:51 +00:00
Patrick Monnerat
b0b2824b58 - Introduced a SYST-based test to properly set-up name format when dealing with the OS/400 FTP server.
- Fixed an ftp_readresp() bug preventing detection of failing control socket  and causing FTP client to loop forever.
2009-08-24 12:57:25 +00:00
Daniel Stenberg
6ede4ce79d clarify the code by initing newurl to NULL 2009-08-24 08:41:17 +00:00
Michal Marek
10f2fa9c72 With CURLOPT_PROXY_TRANSFER_MODE, avoid sending invalid URLs like
ftp://example.com;type=i if the user specified ftp://example.com without the
slash.
2009-08-21 12:15:35 +00:00
Daniel Stenberg
8b5102ca83 - Andre Guibert de Bruet pointed out a missing return code check for a
strdup() that could lead to segfault if it returned NULL. I extended his
  suggest patch to now have Curl_retry_request() return a regular return code
  and better check that.
2009-08-21 12:01:36 +00:00
Daniel Stenberg
1048043963 - Lots of good work by Krister Johansen, mostly related to pipelining:
Fix SIGSEGV on free'd easy_conn when pipe unexpectedly breaks
  Fix data corruption issue with re-connected transfers
  Fix use after free if we're completed but easy_conn not NULL
2009-08-21 07:11:20 +00:00
Gunter Knauf
9075195ec4 added missing curl_easy_pause to export list. 2009-08-16 15:03:58 +00:00
Kamil Dudka
6293fe98a0 - Changed NSS code to not ignore the value of ssl.verifyhost and produce more
verbose error messages. Originally reported at:
  https://bugzilla.redhat.com/show_bug.cgi?id=516056
2009-08-13 16:04:51 +00:00
Daniel Stenberg
daf688eba6 add missing file, as pointed out by Karl M 2009-08-12 17:25:16 +00:00
Daniel Stenberg
966cb698e6 - Carsten Lange reported a bug and provided a patch for TFTP upload and the
sending of the TSIZE option. I don't like fixing bugs just hours before
  a release, but since it was broken and the patch fixes this for him I decided
  to get it in anyway.
2009-08-12 08:19:39 +00:00
Daniel Stenberg
e73fe837a8 - Peter Sylvester made the HTTPS test server use specific certificates for
each test, so that the test suite can now be used to actually test the
  verification of cert names etc. This made an error show up in the OpenSSL-
  specific code where it would attempt to match the CN field even if a
  subjectAltName exists that doesn't match. This is now fixed and verified
  in test 311.
2009-08-11 21:48:58 +00:00
Daniel Stenberg
171eef68c3 - Benbuck Nason posted the bug report #2835196
(http://curl.haxx.se/bug/view.cgi?id=2835196), fixing a few compiler
  warnings when mixing ints and bools.
2009-08-11 20:43:12 +00:00
Dan Fandrich
0dec3e5e6a Fixed a memory leak in the FTP code and an off-by-one heap buffer overflow. 2009-08-11 02:30:53 +00:00
Gunter Knauf
1cb921b7f3 fix cast for some systems which are broken due to absense of socklen_t, therefore now use curl_socklen_t. 2009-08-07 23:32:38 +00:00
Gunter Knauf
97c8bc9757 fixed cast added with last commit. 2009-08-06 12:02:00 +00:00
Gunter Knauf
2cad095425 cast to fix 64bit build warnings. From manpage:
POSIX.1-2001. Note that RFC 2553 defines a prototype where the last parameter cnt is of type size_t.
Many systems follow RFC 2553. Glibc 2.0 and 2.1 have size_t, but 2.2 has socklen_t.
2009-08-06 11:10:30 +00:00
Daniel Stenberg
35eb9fc6ad avoid possible NULL dereference caused by my previous fix 2009-08-03 14:07:57 +00:00
Daniel Stenberg
3a9c03bef3 indentation fixes only 2009-08-03 11:32:55 +00:00
Daniel Stenberg
781b82baf5 Reverted the zero-byte-in-name check to instead rely on the fact that strlen
and the name length differ in those cases and thus leave the matching function
unmodified from before, as the matching functions never have to bother with
the zero bytes in legitimate cases. Peter Sylvester helped me realize that
this fix is slightly better as it leaves more code unmodified and makes the
detection a bit more obvious in the code.
2009-08-03 08:45:19 +00:00
Daniel Stenberg
0b66efac9c Extended my embedded-zero-in-cert-name fix based on a comment from Scott
Cantor. My previous attempt was half-baked and didn't cover the normal CN
case.
2009-08-02 22:34:00 +00:00
Daniel Stenberg
6d891d2a3b - Curt Bogmine reported a problem with SNI enabled on a particular server. We
should introduce an option to disable SNI, but as we're in feature freeze
  now I've addressed the obvious bug here (pointed out by Peter Sylvester): we
  shouldn't try to enable SNI when SSLv2 or SSLv3 is explicitly selected.
  Code for OpenSSL and GnuTLS was fixed. NSS doesn't seem to have a particular
  option for SNI, or are we simply not using it?
2009-08-01 22:11:58 +00:00
Daniel Stenberg
c0e8bed5bf - Scott Cantor posted the bug report #2829955
(http://curl.haxx.se/bug/view.cgi?id=2829955) mentioning the recent SSL cert
  verification flaw found and exploited by Moxie Marlinspike. The presentation
  he did at Black Hat is available here:
  https://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html#Marlinspike

  Apparently at least one CA allowed a subjectAltName or CN that contain a
  zero byte, and thus clients that assumed they would never have zero bytes
  were exploited to OK a certificate that didn't actually match the site. Like
  if the name in the cert was "example.com\0theatualsite.com", libcurl would
  happily verify that cert for example.com.

  libcurl now better use the length of the extracted name, not assuming it is
  zero terminated.
2009-08-01 21:56:59 +00:00
Daniel Stenberg
0dce2ff8a0 - Tanguy Fautre pointed out that OpenSSL's function RAND_screen() (present
only in some OpenSSL installs - like on Windows) isn't thread-safe and we
  agreed that moving it to the global_init() function is a decent way to deal
  with this situation.
2009-08-01 11:09:02 +00:00
Daniel Stenberg
2642638fca - Alexander Beedie provided the patch for a noproxy problem: If I have set
CURLOPT_NOPROXY to "*", or to a host that should not use a proxy, I actually
  could still end up using a proxy if a proxy environment variable was set.
2009-08-01 11:02:10 +00:00
Daniel Stenberg
0684128209 - All the quote options (CURLOPT_QUOTE, CURLOPT_POSTQUOTE and
CURLOPT_PREQUOTE) now accept a preceeding asterisk before the command to
  send when using FTP, as a sign that libcurl shall simply ignore the response
  from the server instead of treating it as an error. Not treating a 400+ FTP
  response code as an error means that failed commands will not abort the
  chain of commands, nor will they cause the connection to get disconnected.
2009-07-27 18:36:56 +00:00
Daniel Stenberg
9b5c00a664 From: Johan van Selst
"you replaced the old SSLeay_add_ssl_algorithms() call
with OpenSSL_add_all_algorithms(), however unlike the name suggests,
the second function is not a superset of the first. When using SSL
both these functions will need to be called in order to offer complete
functionality"
2009-07-27 18:31:48 +00:00
Daniel Stenberg
b347a7a96e - Bug report #2825989 (http://curl.haxx.se/bug/view.cgi?id=2825989) pointed
out that OpenSSL-powered libcurl didn't support the SHA-2 digest algorithm,
  and provided the solution too: to use OpenSSL_add_all_algorithms() instead
  of the older SSLeay_* alternative. OpenSSL_add_all_algorithms was added in
  OpenSSL 0.9.5
2009-07-26 17:33:36 +00:00
Gunter Knauf
8570883412 changes to silent compiler warnings with 64bit systems. 2009-07-24 22:20:22 +00:00
Gunter Knauf
1d5627b181 changes to silent compiler warnings with 64bit systems. 2009-07-24 22:06:19 +00:00
Gunter Knauf
038fff6c9f changes to silent compiler warnings with 64bit systems. 2009-07-23 04:53:08 +00:00
Gunter Knauf
21dd9a8021 fixed brace error. 2009-07-23 03:54:01 +00:00
Gunter Knauf
59934c1176 changes to silent compiler warnings with 64bit systems. 2009-07-23 02:48:05 +00:00
Gunter Knauf
2f6ff57d96 blocked sshkeycallback() with HAVE_LIBSSH2_KNOWNHOST_API to avoid compiler warnings. 2009-07-23 02:15:00 +00:00
Daniel Stenberg
47c392e135 - Added CURLOPT_SSH_KNOWNHOSTS, CURLOPT_SSH_KEYFUNCTION, CURLOPT_SSH_KEYDATA.
They introduce known_host support for SSH keys to libcurl. See docs for
  details.
2009-07-22 22:49:01 +00:00
Michal Marek
4c207a004c - David Binderman found a memory and fd leak in lib/gtls.c:load_file()
(https://bugzilla.novell.com/523919). When looking at the code, I found
  that also the ptr pointer can leak.
2009-07-22 09:48:32 +00:00
Kamil Dudka
5f0cae8037 - Claes Jakobsson improved the support for client certificates handling
in NSS-powered libcurl. Now the client certificates can be selected
  automatically by a NSS built-in hook. Additionally pre-login to all PKCS11
  slots is no more performed. It used to cause problems with HW tokens.

- Fixed reference counting for NSS client certificates. Now the PEM reader
  module should be always properly unloaded on Curl_nss_cleanup(). If the unload
  fails though, libcurl will try to reuse the already loaded instance.
2009-07-20 21:50:21 +00:00
Gunter Knauf
d7f33b7e4e added a cast to silent compiler warning with 64bit systems. 2009-07-16 17:39:14 +00:00
Dan Fandrich
b74b5e0602 Added nonblock.c to the non-automake makefiles (note that the dependencies
in the Watcom makefiles aren't quite correct).
2009-07-15 21:49:47 +00:00
Gunter Knauf
b476530755 fixed typo. 2009-07-15 01:10:18 +00:00
Bill Hoffman
a8ea1e9ef4 ENH: add optional support for c-ares 2009-07-14 19:03:31 +00:00
Bill Hoffman
340e3b952f ENH: move config.h.cmake to curl_config.h.cmake so it builds again 2009-07-14 13:46:45 +00:00
Bill Hoffman
f5f9354093 ENH: add nonblock.c to build for CMake 2009-07-14 13:35:10 +00:00
Gunter Knauf
f671d0513c renamed generated config.h to curl_config.h in order to avoid clashes when libcurl is used with other projects which also have a config.h. 2009-07-14 13:25:14 +00:00
Daniel Stenberg
4e75c70874 silence a compiler warning 2009-07-11 09:57:54 +00:00
Daniel Stenberg
bdbfe1f8a9 add these new files to CVS as well 2009-07-09 21:55:26 +00:00
Daniel Stenberg
d709cb2ae3 - Eric Wong introduced curlx_nonblock() that the curl tool now (re-)uses for
setting a file descriptor non-blocking. Used by the functionality Eric
  himself brough on June 15th.
2009-07-09 21:47:24 +00:00
Daniel Stenberg
5cf78472e1 - Constantine Sapuntzakis posted bug report #2813123
(http://curl.haxx.se/bug/view.cgi?id=2813123) and an a patch that fixes the
  problem:

  Url A is accessed using auth. Url A redirects to Url B (on a different
  server0. Url B reuses a persistent connection. Url B has auth, even though
  it's on a different server.

  Note: if Url B does not reuse a persistent connection, auth is not sent.
2009-07-08 07:00:40 +00:00
Gunter Knauf
2aaff16a87 added INET_ADDRSTRLEN define in case system headers dont provide. 2009-07-04 11:27:42 +00:00
Gunter Knauf
6236198d43 removed NIFLAGS which is no longer used; added NI_MAXHOST since its missing with some platforms. 2009-07-04 11:06:00 +00:00
Gunter Knauf
83fb285d40 Markus Koetter provided a patch to avoid getnameinfo() usage which broke a couple of both IPv4 and IPv6 autobuilds. 2009-07-04 01:04:23 +00:00
Daniel Stenberg
175fc5096d Tor Arntsen pointed out a missing #ifdef for IPv6, and I changed another one
to use the "standard" ENABLE_IPV6 one. Also, if port number cannot be figured
out to connect to after a name resolve (due to it not being IPv4 or IPv6),
that particular address will now simply be skipped.
2009-06-30 21:30:39 +00:00
Daniel Stenberg
4f551259dd - Markus Koetter made CURLOPT_FTPPORT (and curl's -P/--ftpport) support a port
range if given colon-separated after the host name/address part. Like
  "192.168.0.1:2000-10000"
2009-06-29 20:46:01 +00:00
Daniel Stenberg
9cb68c6e32 - Modified the separators used for CURLOPT_CERTINFO in multi-part outputs. I
don't know how they got wrong in the first place, but using this output
  format makes it possible to quite easily separate the string into an array
  of multiple items.
2009-06-29 20:45:42 +00:00
Dan Fandrich
a9a89c604a Fixed a compiler warning. 2009-06-27 06:05:08 +00:00
Michal Marek
ad1bfc5468 fix indentation. 2009-06-19 10:20:28 +00:00
Yang Tse
2c0c05e96d sclose() function-like macro definition used to close a socket,
now solely based on HAVE_CLOSESOCKET and HAVE_CLOSESOCKET_CAMEL
config file preprocessor definitions.
2009-06-19 00:41:03 +00:00
Michal Marek
0b317b72ae - When doing non-anonymous ftp via http proxies and the password is not
provided in the url, add it there (squid needs this).
2009-06-16 13:16:28 +00:00
Patrick Monnerat
c32cf33a16 Replaced use of standard C library rand()/srand() by our own pseudo-random number generator. 2009-06-15 10:15:28 +00:00
Yang Tse
7eb59de7df DEBUGBUILD / CURLDEBUG decoupling follow-up 2009-06-15 02:30:22 +00:00
Yang Tse
5931cf77f4 DEBUGBUILD / CURLDEBUG decoupling follow-up 2009-06-15 02:29:49 +00:00
Yang Tse
169e94d68b improve usability with UNIX-like shells or a DOS command interpreters 2009-06-13 18:11:17 +00:00
Yang Tse
47e403640b include <limits.h> for INT_MAX definition 2009-06-12 02:47:35 +00:00
Yang Tse
4ea513cc38 fix compiler warning 2009-06-12 02:41:16 +00:00
Yang Tse
2c93f889fd DOS adjustments 2009-06-11 16:43:47 +00:00
Daniel Stenberg
352177090f - Fabian Keil ran clang on the (lib)curl code, found a bunch of warnings and
contributed a range of patches to fix them.
2009-06-10 21:26:11 +00:00
Yang Tse
2c16681225 Adjusted to take in account that...
With the curl memory tracking feature decoupled from the debug build feature,
CURLDEBUG and DEBUGBUILD preprocessor symbol definitions are used as follows:

CURLDEBUG used for curl debug memory tracking specific code (--enable-curldebug)

DEBUGBUILD used for debug enabled specific code (--enable-debug)
2009-06-10 02:49:42 +00:00
Bill Hoffman
744dceaffe ENH: lower case cmake functions and remove tabs and re-indent cmake code 2009-06-09 17:29:16 +00:00
Yang Tse
16ae283fb4 initialize fread callback pointer to avoid compiler warning 2009-06-09 00:49:34 +00:00
Daniel Stenberg
3e0c067e43 - Claes Jakobsson provided a patch for libcurl-NSS that fixed a bad refcount
issue with client certs that caused issues like segfaults.
  http://curl.haxx.se/mail/lib-2009-05/0316.html
2009-06-08 21:25:16 +00:00
Yang Tse
01b74950b7 Igor Novoseltsev adjusted Makefile.vxworks to get sources and headers
included from Makefile.inc
2009-06-08 15:49:02 +00:00
Daniel Stenberg
6f3e817372 ../include/curl/curlbuild.h.dist is not present in release archives so
the makefile cannot depend on it
2009-06-08 13:53:23 +00:00
Yang Tse
8d581f7fe4 Revert delegating c-ares linking magic on libtool and auto-makefiles when using
the uninstalled c-ares libtool archive built from the CVS embedded tree.

This embedded c-ares linking is again handled from the configure script.
2009-06-06 13:20:39 +00:00
Daniel Stenberg
1012c5705a - Setting the Content-Length: header from your app when you do a POST or PUT
is almost always a VERY BAD IDEA. Yet there are still apps out there doing
  this, and now recently it triggered a bug/side-effect in libcurl as when
  libcurl sends a POST or PUT with NTLM, it sends an empty post first when it
  knows it will just get a 401/407 back. If the app then replaced the
  Content-Length header, it caused the server to wait for input that libcurl
  wouldn't send. Aaron Oneal reported this problem in bug report #2799008
  http://curl.haxx.se/bug/view.cgi?id=2799008) and helped us verify the fix.
2009-06-05 06:18:42 +00:00
Yang Tse
1c2947581b fix shadowing of a global declaration 2009-06-04 23:55:56 +00:00
Yang Tse
00883822be allow building libcurl for VxWorks 2009-06-04 19:11:11 +00:00
Yang Tse
13fdb9d8a5 c-ares embbeded builds header include paths fully defined in makefiles 2009-06-04 04:13:39 +00:00
Yang Tse
cd5e6743f7 Delegate c-ares linking magic on libtool and auto-makefiles when using
the uninstalled c-ares libtool archive built from the CVS embedded tree.
2009-05-30 15:56:42 +00:00
Daniel Stenberg
c9188e2260 corrected comments 2009-05-29 07:43:43 +00:00
Dan Fandrich
15eaf27bc7 Fixed a few comment typos (from the FreeBSD ports) 2009-05-28 21:32:31 +00:00
Yang Tse
348ffbc47e fix compiler warning: variable was set but never used 2009-05-28 16:19:03 +00:00
Yang Tse
f13cbcf175 fix compiler warning: unused parameter 2009-05-28 16:18:25 +00:00
Daniel Stenberg
0bf9c1e881 - Claes Jakobsson fixed libcurl-NSS to build fine even without the
PK11_CreateGenericObject() function.
2009-05-27 22:01:03 +00:00
Daniel Stenberg
bf07d37737 - Mike Crowe pointed out that setting CURLOPT_USERPWD to NULL used to clear
the auth credentials back in 7.19.0 and earlier while now you have to set ""
  to get the same effect. His patch brings back the ability to use NULL.
2009-05-27 21:45:12 +00:00
Daniel Stenberg
eecb713616 - Andre Guibert de Bruet found a call to a OpenSSL function that didn't check
for a failure properly.
2009-05-27 21:15:38 +00:00
Daniel Stenberg
bf085e2c4b - Frank McGeough provided a small OpenSSL #include fix to make libcurl compile
fine with Nokia 5th edition 1.0 SDK for Symbian.
2009-05-27 21:11:11 +00:00
Daniel Stenberg
1cf6c15ab4 - bug report #2796358 (http://curl.haxx.se/bug/view.cgi?id=2796358) pointed
out that the cookie parser would leak memory when it parses cookies that are
  received with domain, path etc set multiple times in the same header. While
  such a cookie is questionable, they occur in the wild and libcurl no longer
  leaks memory for them. I added such a header to test case 8.
2009-05-25 12:23:22 +00:00
Dan Fandrich
8519682564 Removed some obsolete digest code that caused a valgrind error in test 551. 2009-05-22 17:26:49 +00:00
Gunter Knauf
1bb68cbcfa changed ssh.c to use HAVE_LIBSSH2_SESSION_BLOCK_DIRECTION define provided by libssh2.h; removed related define block from ssh.h. 2009-05-19 23:21:25 +00:00
Daniel Stenberg
de7a14003c - Kamil Dudka brought the patch from the Redhat bug entry
https://bugzilla.redhat.com/show_bug.cgi?id=427966 which was libcurl closing
  a bad file descriptor when closing down the FTP data connection.  Caolan
  McNamara seems to be the original author of it.
2009-05-19 20:54:31 +00:00
Yang Tse
4677778f85 Remove empty line used to force CVS to update the $Id date string format 2009-05-19 12:12:22 +00:00
Yang Tse
0427b783e2 Add empty line, to force CVS to update the $Id date string format 2009-05-18 12:33:51 +00:00
Yang Tse
4650732f4a Update copyright year, to force CVS to update the $Id date string format 2009-05-18 12:25:45 +00:00
Yang Tse
0cf8d4f8e8 Simplify c-ares function capability check 2009-05-18 00:25:48 +00:00
Gunter Knauf
4c9c9f0b89 fixed case. 2009-05-17 18:22:39 +00:00
Yang Tse
13db2916de Take in account c-ares 1.6.1 introduces ares_library_init() and ares_library_cleanup() 2009-05-17 17:40:30 +00:00
Daniel Stenberg
3cb06eb2b2 - James Bursa posted a patch to the mailing list that fixed a problem with
no_proxy which made it not skip the proxy if the URL entered contained a
  user name. I added test case 1101 to verify.
2009-05-17 14:47:50 +00:00
Daniel Stenberg
80d2df7789 Reverted my change to use Curl_connected_proxy() here. Clearly I wasn't
thinking straight.
2009-05-12 18:56:33 +00:00
Daniel Stenberg
611b3584d6 make no proxy set return OK from Curl_connected_proxy() since it will be called
unconditionally
2009-05-12 07:38:31 +00:00
Daniel Stenberg
bcdbba05d3 moved variables more locally to get rid of one set of #ifdefs 2009-05-11 12:13:41 +00:00
Daniel Stenberg
51d1f309cd Use Curl_connected_proxy() here instead of duplicating code. Spell out the
badness in the code flow even for the socks case.
2009-05-11 11:49:39 +00:00
Daniel Stenberg
f04720afb8 fix the Curl_connected_proxy function for when libcurl actually connects fine
to it in the actual connect call and not asynchronously.
2009-05-11 11:45:56 +00:00
Daniel Stenberg
242a17b9e0 - Balint Szilakszi reported a memory leak when libcurl did gzip decompression
of streams that had some parts (legitimately) missing. We now provide and use
  a proper cleanup function for the content encoding submodule.
  http://curl.haxx.se/mail/lib-2009-05/0092.html
2009-05-11 09:55:28 +00:00
Daniel Stenberg
6e1632c606 - Kamil Dudka provided a fix for libcurl-NSS reported by Michael Cronenworth
at https://bugzilla.redhat.com/show_bug.cgi?id=453612#c12

  If an incorrect password is given while loading a private key, libcurl ends
  up in an infinite loop consuming memory. The bug is critical.
2009-05-11 09:13:49 +00:00
Daniel Stenberg
56dab605f1 - I fixed the problem with doing NTLM, POST and then following a 302 redirect,
as reported by Ebenezer Ikonne (on curl-users) and Laurent Rabret (on
  curl-library). The transfer was mistakenly marked to get more data to send
  but since it didn't actually have that, it just hung there...
2009-05-11 08:55:58 +00:00
Daniel Stenberg
3aa3d7e629 Internal cleanup: KEEP_WRITE and KEEP_READ are now called KEEP_SEND and
KEEP_RECV to better match the general terminology: receive and send is what we
do from the (remote) servers. We read and write from and to the local fs.
2009-05-11 07:53:38 +00:00
Daniel Stenberg
effbd99384 - Andre Guibert de Bruet correctly pointed out an over-alloc with one wasted
byte in the digest code.
2009-05-10 21:33:55 +00:00
Yang Tse
b8c438f22d Fix function call pointed data size argument mismatch on 64Bit systems 2009-05-10 10:25:23 +00:00
Yang Tse
a85271ce0a Fix type cast 2009-05-10 10:24:53 +00:00
Daniel Stenberg
fd5e69f769 ConnectPlease() fixed for the new proxy connect functionality to make sure
'connected' truly is false when the socks connect fails.

Curl_done() fixed for the check-conn->bits.done-before-Curl_getoff_all_pipelines case
2009-05-09 21:34:48 +00:00
Yang Tse
ddb0b8d8b8 Fix libssh2 preprocessor symbol definition check 2009-05-09 15:32:59 +00:00
Yang Tse
f77f2709a9 Ignore more files for cvs 2009-05-09 10:09:33 +00:00
Yang Tse
9314e9e853 Fix CR 2009-05-08 19:09:36 +00:00
Yang Tse
838ddf8f55 Renamed vc6 workspace and project files to avoid filename clash when used for conversion to later VS versions. 2009-05-08 18:55:42 +00:00
Yang Tse
619869c639 Renamed vc6 workspace and project files to avoid filename clash when used for conversion to later VS versions. 2009-05-08 17:51:44 +00:00
Daniel Stenberg
e84c7db049 - Constantine Sapuntzakis fixed bug report #2784055
(http://curl.haxx.se/bug/view.cgi?id=2784055) identifying a problem to
  connect to SOCKS proxies when using the multi interface. It turned out to
  almost not work at all previously. We need to wait for the TCP connect to
  be properly verified before doing the SOCKS magic.

  There's still a flaw in the FTP code for this.
2009-05-08 10:59:40 +00:00
Daniel Stenberg
6ca321ca75 Curl_sndbufset is (at times) defined in the header, no need to do it again here 2009-05-07 20:02:51 +00:00
Daniel Stenberg
9c788a529b - Made the SO_SNDBUF setting for the data connection socket for ftp uploads as
well. See change 28 Apr 2009.
2009-05-07 20:00:44 +00:00
Yang Tse
ac9d92587e Fix an issue, affecting FTP transfers, introduced with the transfer.c patch committed May 4.
Additionally some identation fixes.
2009-05-07 18:03:49 +00:00
Daniel Stenberg
7bdd14a994 - Vijay G filed bug report #2723236
(http://curl.haxx.se/bug/view.cgi?id=2723236) identifying a problem with
  libcurl's TFTP code and its lack of dealing with the OACK packet.
2009-05-07 08:30:43 +00:00
Yang Tse
a1708730c3 fix compiler warning 2009-05-05 13:04:33 +00:00
Daniel Stenberg
b40b989523 I simplified the SSL session id re-use code now to *always* ditch the previous
one and store the current one, as it makes the code less complex and I'm not
even sure I can check for the same session id using memcmp() like that.
2009-05-05 08:33:29 +00:00
Daniel Stenberg
915dfb494e - Inspired by Michael Smith's session id fix for OpenSSL, I did the
corresponding fix in the GnuTLS code: make sure to store the new session id
  in case the re-used one is rejected.
2009-05-04 22:20:09 +00:00
Daniel Stenberg
a16cca7680 - Michael Smith posted bug report #2786255
(http://curl.haxx.se/bug/view.cgi?id=2786255) with a patch, identifying how
  libcurl did not deal with SSL session ids properly if the server rejected a
  re-use of one. Starting now, it will forget the rejected one and remember
  the new. This change was for OpenSSL only, it is likely that other SSL lib
  code needs similar fixes.
2009-05-04 21:57:14 +00:00
Yang Tse
4422f80ae7 David McCreedy's "transfer.c fixes for CURL_DO_LINEEND_CONV and non-ASCII platform HTTP requests" patch 2009-05-04 09:47:02 +00:00
Yang Tse
9137e717b0 Use build-time configured curl_socklen_t instead of socklen_t 2009-05-02 02:37:32 +00:00
Yang Tse
0569c9c1be David McCreedy's "http.c fix to Curl_proxyCONNECT for non-ASCII platforms" patch 2009-05-01 13:00:38 +00:00
Yang Tse
5a91746b80 David McCreedy's "TPF-platform specific changes to various files" patch 2009-05-01 12:39:40 +00:00
Yang Tse
c174b13f8b fix compiler warning: unused parameter 2009-04-30 09:32:02 +00:00
Yang Tse
dd50e5bdf2 Use 'unsigned int' instead of size_t attempting to avoid header inclusion 2009-04-30 01:34:04 +00:00
Yang Tse
504ecd5f7a NetWare LibC's getpeername() third argument data type is size_t 2009-04-30 00:11:20 +00:00
Yang Tse
01dabb774a curl_socklen_t NetWare follow-up 2009-04-29 17:07:19 +00:00
Daniel Stenberg
e2c6e00570 - Based on bug report #2723219 (http://curl.haxx.se/bug/view.cgi?id=2723219)
I've now made TFTP "connections" not being kept for re-use within libcurl.
  TFTP is UDP-based so the benefit was really low (if even existing) to begin
  with so instead of tracking down to fix this problem we instead removed the
  re-use. I also enabled test case 1099 that I wrote a few days ago to verify
  that this change fixes the reported problem.
2009-04-29 11:30:03 +00:00
Daniel Stenberg
d068001102 - Constantine Sapuntzakis filed bug report #2783090
(http://curl.haxx.se/bug/view.cgi?id=2783090) pointing out that on windows
  we need to grow the SO_SNDBUF buffer somewhat to get really good upload
  speeds. http://support.microsoft.com/kb/823764 has the details. Friends
  confirmed that simply adding 32 to CURL_MAX_WRITE_SIZE is enough.
2009-04-28 20:27:06 +00:00
Yang Tse
d576be58dc allow usage of in-tree c-ares when building from outside of the cvs tree 2009-04-28 19:29:50 +00:00
Daniel Stenberg
e01b7c1ede - Bug report #2709004 (http://curl.haxx.se/bug/view.cgi?id=2709004) by Tim
Chen pointed out how curl couldn't upload with resume when reading from a
  pipe.

  This ended up with the introduction of a new return code for the
  CURLOPT_SEEKFUNCTION callback that basically says that the seek failed but
  that libcurl may try to resolve the situation anyway. In our case this means
  libcurl will attempt to instead read that much data from the stream instead
  of seeking and that way curl can now upload with resume when data is read
  from a stream!
2009-04-28 11:19:10 +00:00
Daniel Stenberg
d27519c0ca Add missing cmake files to the tarball (thanks to Richard Atterer's report) 2009-04-27 12:26:41 +00:00
Daniel Stenberg
14df44dd3f - Bug report #2779733 (http://curl.haxx.se/bug/view.cgi?id=2779733) by Sven
Wegener pointed out that CURLINFO_APPCONNECT_TIME didn't work with the multi
  interface and provided a patch that fixed the problem!
2009-04-26 11:56:22 +00:00
Yang Tse
c0d929bed9 Further narrow the use of the icc 9.1 optimizer workaround.
Previous workaround proved useful, and finally did not trigger any warning!
2009-04-25 10:24:11 +00:00
Daniel Stenberg
828a26286d - Kamil Dudka fixed another NSS-related leak when client certs were used. 2009-04-24 21:55:18 +00:00
Yang Tse
651b4b9efa Try a simpler variation of the 'volatile' variables icc 9.1 on unix IA32 workaround.
Previous workaround proved useful, but triggered the following warning:

warning #556: a value of type "volatile Curl_addrinfo *" cannot be assigned to an entity of type "Curl_addrinfo *"
2009-04-24 10:38:12 +00:00
Yang Tse
2236a247d9 Try another variation of the 'volatile' variables icc 9.1 on unix IA32 workaround.
The #pragma optimize("", off) attempt did not fix the problem and SIGSEGV's in Curl_freeaddrinfo() were back.
2009-04-23 11:09:20 +00:00
Dan Fandrich
7291f50e8d Added new libcurl source files to Amiga, RiscOS and VC6 build files. 2009-04-23 04:12:04 +00:00
Yang Tse
bc5677a47b Disable optimizations when compiling function Curl_freeaddrinfo() with icc 9.1 on unix IA32.
Previous 'volatile' variables workaround proved useful, but it triggered the following warning:

warning #167: argument of type "volatile Curl_addrinfo *" is incompatible with parameter of type "void *"
2009-04-22 15:03:05 +00:00
Yang Tse
33a3753c3f libcurl's memory.h renamed to curl_memory.h 2009-04-21 11:46:16 +00:00
Yang Tse
9770899a4b Moved potential inclusion of system's malloc.h and memory.h header files to
setup_once.h.  Inclusion of each header file is based on the definition of
NEED_MALLOC_H and NEED_MEMORY_H respectively.
2009-04-21 10:26:58 +00:00
Yang Tse
fe8eeb5641 remove unnecessary typecast 2009-04-21 09:03:15 +00:00
Daniel Stenberg
b84876ba69 - Leanic Lefever reported a crash and did some detailed research on why and
how it occurs (http://curl.haxx.se/mail/lib-2009-04/0289.html). The
  conclusion was that if an error is detected and Curl_done() is called for
  the connection, ftp_done() could at times return another error code that
  then would take precedence and that new code confused existing logic that
  works for the first error code (CURLE_SEND_ERROR) only.
2009-04-20 21:41:17 +00:00
Yang Tse
4882078469 attempt to workaround icc 9.1 optimizer induced problem 2009-04-19 05:20:04 +00:00
Gisle Vanem
53b2ff4b04 Added 'slist.obj'. 2009-04-18 16:54:15 +00:00
Gisle Vanem
0c89d71aee Added HAVE_LIMITS_H. 2009-04-18 16:50:09 +00:00
Daniel Stenberg
30f7a2ff20 - Pramod Sharma reported and tracked down a bug when doing FTP over a HTTP
proxy. libcurl would then wrongly close the connection after each
  request. In his case it had the weird side-effect that it killed NTLM auth
  for the proxy causing an inifinite loop!

  I added test case 1098 to verify this fix. The test case does however not
  properly verify that the transfers are done persistently - as I couldn't
  think of a clever way to achieve it right now - but you need to read the
  stderr output after a test run to see that it truly did the right thing.
2009-04-17 12:48:24 +00:00
Yang Tse
ce7b565595 further narrow the use of the icc 9.1 optimizer workaround 2009-04-17 07:30:25 +00:00
Yang Tse
41fd08bb0d attempt to workaround icc 9.1 optimizer induced problem 2009-04-16 08:31:09 +00:00
Gunter Knauf
f7400212fc moved HAVE_LIMITS_H to common defines (no idea why I didnt this initially already) 2009-04-15 04:11:33 +00:00
Yang Tse
6434b42481 HAVE_LIMITS_H definition for NetWare CLIB 2009-04-14 23:51:12 +00:00
Daniel Stenberg
dd0b38b32f first take at bundling cmake-related files in the tarball 2009-04-14 22:00:37 +00:00
Yang Tse
9cc6ab3922 use HAVE_LIMITS_H symbol to protect limits.h inclusion 2009-04-14 13:50:32 +00:00
Yang Tse
2c27e24bb4 include <limits.h> for INT_MAX definition 2009-04-14 13:26:06 +00:00
Yang Tse
c382c550e7 fix compiler warning: implicit conversion shortens 64-bit value into a 32-bit value 2009-04-14 12:53:53 +00:00
Daniel Stenberg
97f27ea585 Kamil Dudka's follow-up fix 2009-04-14 09:40:53 +00:00
Daniel Stenberg
379bfa5a36 - bug report #2727981 (http://curl.haxx.se/bug/view.cgi?id=2727981) by Martin
Storsjo pointed out how setting CURLOPT_NOBODY to 0 could be downright
  confusing as it set the method to either GET or HEAD. The example he showed
  looked like:

   curl_easy_setopt(curl, CURLOPT_PUT, 1);
   curl_easy_setopt(curl, CURLOPT_NOBODY, 0);

  The new way doesn't alter the method until the request is about to start. If
  CURLOPT_NOBODY is then 1 the HTTP request will be HEAD. If CURLOPT_NOBODY is
  0 and the request happens to have been set to HEAD, it will then instead be
  set to GET. I believe this will be less surprising to users, and hopefully
  not hit any existing users badly.
2009-04-13 18:01:02 +00:00
Daniel Stenberg
235c0077b8 - Toshio Kuratomi reported a memory leak problem with libcurl+NSS that turned
out to be leaking cacerts. Kamil Dudka helped me complete the fix. The issue
  is found in Redhat's bug tracker:
  https://bugzilla.redhat.com/show_bug.cgi?id=453612

  There are still memory leaks present, but they seem to have other reasons.
2009-04-13 17:42:10 +00:00
Yang Tse
c621546bd6 fix compiler warning: implicit conversion shortens 64-bit value into a 32-bit value 2009-04-13 07:18:39 +00:00
Dan Fandrich
e43606eb4d Added new libcurl source files to Symbian OS build files.
Improved Symbian support for SSL.
2009-04-11 07:06:34 +00:00
Yang Tse
6a378a28b4 Use 'curl_socket_t' instead of 'int' for socket.
Avoid unnecessary'if-else' nesting.
2009-04-11 06:36:47 +00:00
Yang Tse
95368d9cb4 fix compiler warning: enumerated type mixed with another type 2009-04-11 02:11:02 +00:00
Benoit Neil
4d396169c8 Cleaned up the custom definition I added (replaced by CURL_STATICLIB) 2009-04-09 19:59:38 +00:00
Gunter Knauf
4cd950900b some minor Makefile tweaks for latest libssh2. 2009-04-09 02:50:09 +00:00
Benoit Neil
0e98f938c4 Fixed missing HAVE_PROCESS_H (caused a warning) 2009-04-08 20:54:36 +00:00
Benoit Neil
25f626cc52 Fixed compile defines in CMake scripts 2009-04-08 11:42:45 +00:00
Benoit Neil
8cb8371011 Made the CMake scripts read Makefile.inc. Needs testing I guess. 2009-04-06 22:45:17 +00:00
Benoit Neil
b85154f13f Added tests (exes) targets, refactor a few things.
PS: Once again, sorry if the added files have executable perms on Linux.
2009-04-06 21:05:44 +00:00
Benoit Neil
06047d9103 Added curl (exe) target, fixed static/dynamic linking errors.
PS: Sorry if the added file has executable perms on Linux, I didn't found anything related to it...
2009-04-06 20:44:01 +00:00
Benoit Neil
2362637e90 Removed the "lib" prefix under linux ("was "liblibcurl") and fixed import library name under Win32 (Added "_imp" for dynamically linked). 2009-04-06 19:43:52 +00:00
Yang Tse
0211e420ed fix compiler warning: passing arg 1 of `sk_num' from incompatible pointer type 2009-04-03 12:08:32 +00:00
Benoit Neil
9a184e0bb1 Added basic OpenSSL support in CMake scripts (Thanks to Bill Hoffman) 2009-04-02 23:12:22 +00:00
Benoit Neil
4c5307b456 Initial CMake scripts (libcurl only), based on the merge of tetest scripts and mine. These are far to be functionnal yet.
PS: Hello world :)
2009-04-02 13:14:53 +00:00
Daniel Stenberg
a06b36dee0 - Andre Guibert de Bruet fixed a NULL pointer use in an infof() call if a
strdup() call failed.
2009-04-01 12:15:37 +00:00
Dan Fandrich
18e1bee8d5 Properly return an error code in curl_easy_recv (reported by Jim Freeman). 2009-03-31 14:49:25 +00:00
Gunter Knauf
41f76801eb some minor Makefile tweaks. 2009-03-29 19:40:00 +00:00
Daniel Stenberg
5f19822e37 - Kamil Dudka brought a patch that enables 6 additional crypto algorithms when
NSS is used. These ciphers were added in NSS 3.4 and require to be enabled
  explicitly.
2009-03-18 12:48:51 +00:00
Gisle Vanem
0ac8e1d80b If CURL_DISABLE_PROXY is defined, we must allow socks_sspi.c to call
Curl_blockread_all(). It is needed in code inside USE_WINDOWS_SSPI.
2009-03-15 13:43:47 +00:00
Daniel Stenberg
74ba4d7950 - Use libssh2_version() to present the libssh2 version in case the libssh2
library is found to support it.
2009-03-13 09:58:15 +00:00
Yang Tse
fa96436661 Fix TELNET transfers not being aborted upon write callback failures 2009-03-12 13:18:25 +00:00
Yang Tse
d15b8273d6 Add Curl_read() return code checking 2009-03-12 02:12:05 +00:00
Yang Tse
dd53b356ff fix previous commit misplaced break statement 2009-03-11 04:45:18 +00:00
Yang Tse
f1db505778 Added TELNET timeout support for Windows builds 2009-03-11 04:15:33 +00:00
Daniel Stenberg
bdec6f2b20 - Frank Hempel found out a bug and provided the fix:
curl_easy_duphandle did not necessarily duplicate the CURLOPT_COOKIEFILE
  option. It only enabled the cookie engine in the destination handle if
  data->cookies is not NULL (where data is the source handle). In case of a
  newly initialized handle which just had the cookie support enabled by a
  curl_easy_setopt(handle, CURL_COOKIEFILE, "")-call, handle->cookies was
  still NULL because the setopt-call only appends the value to
  data->change.cookielist, hence duplicating this handle would not have the
  cookie engine switched on.

  We also concluded that the slist-functionality would be suitable for being
  put in its own module rather than simply hanging out in lib/sendf.c so I
  created lib/slist.[ch] for them.
2009-03-09 12:21:46 +00:00
Dan Fandrich
a9a03b9708 Avoid a compile warning in --disable-proxy case 2009-03-09 04:32:51 +00:00
Daniel Stenberg
f4e8c406bb - Andre Guibert de Bruet found and fixed a code segment in ssluse.c where the
allocation of the memory BIO was not being properly checked.
2009-03-08 22:56:55 +00:00
Daniel Stenberg
12bfcb501c - Andre Guibert de Bruet fixed the gnutls-using code: There are a few places
in the gnutls code where we were checking for negative values for errors,
  when the man pages state that GNUTLS_E_SUCCESS is returned on success and
  other values indicate error conditions.
2009-03-08 22:52:05 +00:00
Daniel Stenberg
0fc1782dd4 Andre Guibert de Bruet fixed a typo in the error message 2009-03-08 22:45:59 +00:00
Yang Tse
94bb7fe5cb Fix NTLM authentication memory leak on SSPI enabled Windows builds 2009-03-05 01:23:14 +00:00
Daniel Stenberg
ee73fc361b - David James brought a patch that make libcurl close (all) dead connections
whenever you attempt to open a new connection.
2009-03-03 11:01:24 +00:00
Daniel Stenberg
042cc1f69e - David Kierznowski notified us about a security flaw
(http://curl.haxx.se/docs/adv_20090303.html also known as CVE-2009-0037) in
  which previous libcurl versions (by design) can be tricked to access an
  arbitrary local/different file instead of a remote one when
  CURLOPT_FOLLOWLOCATION is enabled. This flaw is now fixed in this release
  together this the addition of two new setopt options for controlling this
  new behavior:

  o CURLOPT_REDIR_PROTOCOLS controls what protocols libcurl is allowed to
  follow to when CURLOPT_FOLLOWLOCATION is enabled. By default, this option
  excludes the FILE and SCP protocols and thus you nee to explicitly allow
  them in your app if you really want that behavior.

  o CURLOPT_PROTOCOLS controls what protocol(s) libcurl is allowed to fetch
  using the primary URL option. This is useful if you want to allow a user or
  other outsiders control what URL to pass to libcurl and yet not allow all
  protocols libcurl may have been built to support.
2009-03-02 23:05:31 +00:00
Yang Tse
8d78a33e60 for portability reasons: s/inet_pton/Curl_inet_pton/ 2009-02-28 01:35:53 +00:00
Yang Tse
df07537ccf fix compiler warning 2009-02-28 01:11:57 +00:00
Daniel Stenberg
7b7db23633 - Senthil Raja Velu reported a problem when CURLOPT_INTERFACE and
CURLOPT_LOCALPORT were used together (the local port bind failed), and
  Markus Koetter provided the fix!
2009-02-27 12:07:14 +00:00
Daniel Stenberg
794b4da840 Indentation fixes, untabify and related whitespace-cleanup. No code changed. 2009-02-27 08:53:10 +00:00
Daniel Stenberg
e9ea3ba4a2 corrected and clarified the top comment 2009-02-25 12:51:39 +00:00
Daniel Stenberg
d207ea1652 - As Daniel Fandrich figured out, we must do the GnuTLS initing in the
curl_global_init() function to properly maintain the performing functions
  thread-safe. We've previously (28 April 2007) moved the init to a later time
  just to avoid it to fail very early when libgcrypt dislikes the situation,
  but that move was bad and the fix should rather be in libgcrypt or
  elsewhere.
2009-02-25 12:51:17 +00:00
Daniel Stenberg
ea6531cf32 - Brian J. Murrell found out that Negotiate proxy authentication didn't work.
It happened because the code used the struct for server-based auth all the
  time for both proxy and server auth which of course was wrong.
2009-02-24 08:30:09 +00:00