Age | Commit message (Collapse) | Author |
|
Added 255 octet limit check as per Section 4. Paragraph 8 of RFC-5034.
|
|
|
|
Users using the Secure Transport (darwinssl) back-end can now use a
certificate and private key to authenticate with a site using TLS. Because
Apple's security system is based around the keychain and does not have any
non-public function to create a SecIdentityRef data structure from data
loaded outside of the Keychain, the certificate and private key have to be
loaded into the Keychain first (using the certtool command line tool or
the Security framework's C API) before we can find it and use it.
|
|
|
|
Since we're adding new stuff, the next release will bump the minor
version and we're looking forward to 7.31.0
|
|
|
|
Documented the the option in curl_easy_setopt() and added it to
symbols-in-versions.
|
|
|
|
|
|
Updated test903 and test904 following the addition of CURLOPT_SASL_IR
as the default behaviour of SMTP AUTH responses is now to not include
the initial response. New tests with --sasl-ir support to follow.
|
|
In addition to checking for the SASL-IR capability the user can override
the sending of the client's initial response in the AUTHENTICATION
command with the use of CURLOPT_SASL_IR should the server erroneously
not report SASL-IR when it does support it.
|
|
Updated the default behaviour of sending the client's initial response in the AUTH
command to not send it and added support for CURLOPT_SASL_IR to allow the user to
specify including the response.
Related Bug: http://curl.haxx.se/mail/lib-2012-03/0114.html
Reported-by: Gokhan Sengun
|
|
Allowed the user to specify whether to send the client's intial response
in the AUTH command via CURLOPT_SASL_IR.
|
|
|
|
|
|
By introducing an internal alternative to curl_multi_init() that accepts
parameters to set the hash sizes, easy handles will now use tiny socket
and connection hash tables since it will only ever add a single easy
handle to that multi handle.
This decreased the number mallocs in test 40 (which is a rather simple
and typical easy interface use case) from 1142 to 138. The maximum
amount of memory allocated used went down from 118969 to 78805.
|
|
An IMAP server should response with the BYE continuation response before
confirming the LOGOUT command was successful.
|
|
When connecting back to an FTP server after having sent PASV/EPSV,
libcurl sometimes didn't use the proxy properly even though the proxy
was used for the initial connect.
The function wrongly checked for the CURLOPT_PROXY variable to be set,
which made it act wrongly if the proxy information was set with an
environment variable.
Added test case 711 to verify (based on 707 which uses --socks5). Also
added test712 to verify another variation of setting the proxy: with
--proxy socks5://
Bug: http://curl.haxx.se/bug/view.cgi?id=1218
Reported-by: Zekun Ni
|
|
... in order to prevent an artificial timeout event based on stale
speed-check data from a previous network transfer. This commit fixes
a regression caused by 9dd85bced56f6951107f69e581c872c1e7e3e58e.
Bug: https://bugzilla.redhat.com/906031
|
|
|
|
I couldn't figure out why the host key logic isn't working, but having
it set to yes prevents my SSH-based test cases to run. I also don't see
a strong need to use strict host key checking on this test server.
So I disabled it.
|
|
... to aid tracking down failures
|
|
|
|
|
|
|
|
|
|
|
|
...when mentioning login options. Additional minor clarification of
"Windows builds" to be "Windows builds with SSPI"as a way of enabling
NTLM as Windows builds may be built with OpenSSL to enable NTLM or
without NTLM support altogether.
|
|
|
|
|
|
|
|
Thanks to archive.org's wayback machine I updated this document with
some facts from the early httpget/urlget web page:
http://web.archive.org/web/19980216125115/http://www.inf.ufrgs.br/~sagula/urlget.html
|
|
Verifies the timecond fix in commit c49ed0b6c0f
|
|
Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705783
Reported-by: Ludovico Cavedon <cavedon@debian.org>
|
|
|
|
|
|
Commit 11332577b3cb removed the length check that was performed by the
old scanf() code.
|
|
Fixed an issue in parse_proxy(), introduced in commit 11332577b3cb,
where an empty username or password (For example: http://:@example.com)
would cause a crash.
|
|
|
|
|
|
Updated the naming convention of the login parameters to match those of
other functions.
|
|
Tidy up of variable names and comments in setstropt_userpwd() and
parse_login_details().
|
|
There is no need to perform separate clearing of data if a NULL option
pointer is passed in. Instead this operation can be performed by simply
not calling parse_login_details() and letting the rest of the code do
the work.
|
|
|
|
setstropt_userpwd() was calling setstropt() in commit fddb7b44a79d to
set each of the login details which would duplicate the strings and
subsequently cause a memory leak.
|
|
|
|
|
|
Fix to prevent the options from being displayed when curl requests the
user's password if the following command line is specified:
--user username;options
|
|
In addition to parsing the optional login options from the URL, added
support for parsing them from CURLOPT_USERPWD, to allow the following
supported command line:
--user username:password;options
|
|
Added bounds checking when searching for the separator characters within
the login string as this string may not be NULL terminated (For example
it is the login part of a URL). We do this in preference to allocating a
new string to copy the login details into which could then be passed to
parse_login_details() for performance reasons.
|