aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-01-20disable GnuTLS insecure ciphersFabian Frank
Make GnuTLS old and new consistent, specify the desired protocol, cipher and certificate type in always in both modes. Disable insecure ciphers as reported by howsmyssl.com. Honor not only --sslv3, but also the --tlsv1[.N] switches. Related Bug: http://curl.haxx.se/bug/view.cgi?id=1323
2014-01-20curl_getdate.3: edited, removed references to pre 7.12.2 functionalityDaniel Stenberg
2014-01-19gtls: fix compiler warnings on conversions size_t => unsigned intDaniel Stenberg
2014-01-19tool: Fixed incorrect return code if password prompting runs out of memorySteve Holme
Due to the changes in commit 3c929ff9f6ea and lack of subsequent updates, curl could return a CURLE_FTP_ACCEPT_FAILED error if checkpasswd() ran out of memory in versions 7.33.0 and 7.34.0. Updated the function declaration and return code to return CURLE_OUT_OF_MEMORY and CURLE_OK where appropriate.
2014-01-19RELEASE-NOTES: Synced with 2cac75c4e400Steve Holme
2014-01-19http_chunks.c: Fixed compilation warnings under some 32-bit systemsSteve Holme
conversion from 'curl_off_t' to 'size_t', possible loss of data Where curl_off_t is a 64-bit word and size_t is 32-bit - for example with 32-bit Windows builds.
2014-01-19tool: Fixed incorrect return code if command line parser runs out of memorySteve Holme
In the rare instance where getparameter() may return PARAM_NO_MEM whilst parsing a URL, cURL would return this error code, which is equivalent to CURLE_FTP_ACCEPT_FAILED in cURL error codes terms. Instead, return CURLE_FAILED_INIT and output the failure reason as per the other usage of getparameter().
2014-01-18Subject: progress bar: increase update frequency to 10HzTobias Markus
Increasing the update frequency of the progress bar to 10Hz greatly improves the visual appearance of the progress bar (at least in my impression). Signed-off-by: Tobias Markus <tobias@markus-regensburg.de>
2014-01-18progress bar: always update when at 100%Tobias Markus
Currently, the progress bar is updated at 5Hz. Because it is often not updated to 100% when the download is finished and curl exits, the bar is often "stuck" at 90-something, thus irritating the user. This patch fixes this by always updating the progress bar (instead of waiting for 200ms to have elapsed) while the download is finished but curl has not yet exited. This should not greatly affect performance because that moment is rather short. Signed-off-by: Tobias Markus <tobias@markus-regensburg.de>
2014-01-18win32: Added additional preprocessor check for Version Helper APISteve Holme
A follow up patch to commit d2671340a613 as _WIN32_WINNT_WIN2K and _WIN32_WINNT_WIN2K may not be defined on all systems.
2014-01-17win32: Corrected the preprocessor check for Version Helper APISteve Holme
Following some auto build failures after commit c7a76bb056f31e changed the preprocessor check to use _WIN32_WINNT.
2014-01-17cookie: max-age fixesDaniel Stenberg
1 - allow >31 bit max-age values 2 - don't overflow on extremely large max-age values when we add the value to the current time 3 - make sure max-age takes precedence over expires as dictated by RFC6265 Bug: http://curl.haxx.se/mail/lib-2014-01/0130.html Reported-by: Chen Prog
2014-01-17test1417: verify chunked-encoding transfer without CRDaniel Stenberg
As was introduced in 8f6b4be8af04
2014-01-17chunked parsing: relax the CR strictnessDaniel Stenberg
Allow for chunked-encoding data to get parsed with only LF line endings. This is allowed by browsers.
2014-01-17test1416: verify the chunked size overflow detectionDaniel Stenberg
2014-01-17chunked-parser: abort on overflows, allow 64 bit chunksDaniel Stenberg
2014-01-17Fixed some XML syntax issues in the test dataDan Fandrich
Also, make the ftp server return a canned response that doesn't cause XML verification problems. Although the test file format isn't technically XML, it's still handy to be able to use XML tools to verify and manipulate them.
2014-01-16configure: fix gssapi linking on HP-UXMichael Osipov
The issue is with HP-UX that is comes with HP flavor of MIT Kerberos. This means that there is no krb5-config and the lib is called libgss.so Bug: http://curl.haxx.se/bug/view.cgi?id=1321
2014-01-16Curl_cookie_add: remove 'now' from curl_getdate() callDaniel Stenberg
The now argument is unused by curl_getdate()
2014-01-15pop3-dele.c: Added missing CURLOPT_NOBODY following feedbackSteve Holme
2014-01-16connect.c:942:84: warning: Longer than 79 columnsDaniel Stenberg
2014-01-15connect.c: Corrected version compare in commit c7a76bb056f31eSteve Holme
2014-01-15RELEASE-NOTES: Synced with c7a76bb056f31eSteve Holme
2014-01-15win32: Fixed use of deprecated function 'GetVersionInfoEx' for VC12Steve Holme
Starting with Visual Studio 2013 (VC12) and Windows 8.1 the GetVersionInfoEx() function has been marked as deprecated and it's return value atered. Updated connect.c and curl_sspi.c to use VerifyVersionInfo() where possible, which has been available since Windows 2000.
2014-01-14curl_easy_setopt.3: mention how to unset CURLOPT_INFILESIZE*Daniel Stenberg
2014-01-14TODO: Allow SSL (HTTPS) to proxyDaniel Stenberg
2014-01-14TODO: remove FTP proxy and more SSL librariesDaniel Stenberg
2014-01-14TODO: Detect when called from witin callbacksDaniel Stenberg
2014-01-13secureserver.pl: follow up fix for 87ade5fMarc Hoersken
Since /dev/stdout is not always emulated on Windows, just skip the output option on Windows. MinGW/msys support /dev/stdout only from a new login shell.
2014-01-13error message: Sensible message on timeout when transfer size unknownColin Hogben
A transfer timeout could result in an error message such as "Operation timed out after 3000 milliseconds with 19 bytes of -1 received". This patch removes the non-sensical "of -1" when the size of the transfer is unknown, mirroring the logic in lib/transfer.c
2014-01-13secureserver.pl: added full support for tstunnel on WindowsMarc Hoersken
tstunnel on Windows does not support the pid option and is unable to write to an output log that is already being used as a redirection target for stdout. Therefore it does now output all log data to stdout by default and secureserver.pl creates a fake pidfile on Windows.
2014-01-12examples: Fixed compilation errorsSteve Holme
error: 'MULTI_PERFORM_HANG_TIMEOUT' undeclared
2014-01-12imap-multi.c: Corrected typoSteve Holme
2014-01-12smtp-multi.c: Minor coding style tidyup following POP3 and IMAP additionsSteve Holme
2014-01-12examples: Added IMAP multi exampleSteve Holme
2014-01-12pop3-multi.c: Corrected copy/paste typoSteve Holme
2014-01-12examples: Added POP3 multi exampleSteve Holme
2014-01-12examples: Added comments to SMTP multi example based on other MAIL examplesSteve Holme
2014-01-12examples: Removed user information and TLS setup from SMTP multi exampleSteve Holme
Simplified the SMTP multi example as this example should demonstrate the differences the easy and multi interfaces rather than introduce new concepts such as user authentication and TLS which are shown in the TLS and SSL examples.
2014-01-12examples: Updated SMTP MAIL example to return libcurl result codeSteve Holme
2014-01-12examples: Synchronised comments between SMTP MAIL examplesSteve Holme
2014-01-12examples: Updated SMTP MAIL example to use a read function for dataSteve Holme
Updated to read data from a callback rather than from stdio as this is more realistic to most use cases.
2014-01-12OpenSSL: deselect weak ciphers by defaultDaniel Stenberg
By default even recent versions of OpenSSL support and accept both "export strength" ciphers, small-bitsize ciphers as well as downright deprecated ones. This change sets a default cipher set that avoids the worst ciphers, and subsequently makes https://www.howsmyssl.com/a/check no longer grade curl/OpenSSL connects as 'Bad'. Bug: http://curl.haxx.se/bug/view.cgi?id=1323 Reported-by: Jeff Hodges
2014-01-12multi: remove MULTI_TIMEOUT_INACCURACYDaniel Stenberg
With the recently added timeout "reminder" functionality, there's no reason left for us to execute timeout code before the time is ripe. Simplifies the handling too. This will make the *TIMEOUT and *CONNECTTIMEOUT options more accurate again, which probably is most important when the *_MS versions are used. In multi_socket, make sure to update 'now' after having handled activity on a socket.
2014-01-11Makefile.dist: Added support for VC7Steve Holme
Currently VC7 and VC7.1 builds have to be ran with the VC variable set to vc6 which is not only inconsistent with the nmake winbuild system but also with newer versions of Visual Studio supported by this file. Note: This doesn't break the build for anyone still running with the VC variable set to vc6 or not set (which defaults to vc6).
2014-01-10RELEASE-NOTES: Synced with 980659a2caa285Steve Holme
2014-01-10multi_socket: remind app if timeout didn't runDaniel Stenberg
BACKGROUND: We have learned that on some systems timeout timers are inaccurate and might occasionally fire off too early. To make the multi_socket API work with this, we made libcurl execute timeout actions a bit early too if they are within our MULTI_TIMEOUT_INACCURACY. (added in commit 2c72732ebf, present since 7.21.0) Switching everything to the multi API made this inaccuracy problem slightly more notable as now everyone can be affected. Recently (commit 21091549c02) we tweaked that inaccuracy value to make timeouts more accurate and made it platform specific. We also figured out that we have code at places that check for fixed timeout values so they MUST NOT run too early as then they will not trigger at all (see commit be28223f35 and a691e044705) - so there are definitately problems with running timeouts before they're supposed to run. (We've handled that so far by adding the inaccuracy margin to those specific timeouts.) The libcurl multi_socket API tells the application with a callback that a timeout expires in N milliseconds (and it explicitly will not tell it again for the same timeout), and the application is then supposed to call libcurl when that timeout expires. When libcurl subsequently gets called with curl_multi_socket_action(...CURL_SOCKET_TIMEOUT...), it knows that the application thinks the timeout expired - and alas, if it is within the inaccuracy level libcurl will run code handling that handle. If the application says CURL_SOCKET_TIMEOUT to libcurl and _isn't_ within the inaccuracy level, libcurl will not consider the timeout expired and it will not tell the application again since the timeout value is still the same. NOW: This change introduces a modified behavior here. If the application says CURL_SOCKET_TIMEOUT and libcurl finds no timeout code to run, it will inform the application about the timeout value - *again* even if it is the same timeout that it already told about before (although libcurl will of course tell it the updated time so that it'll still get the correct remaining time). This way, we will not risk that the application believes it has done its job and libcurl thinks the time hasn't come yet to run any code and both just sit waiting. This also allows us to decrease the MULTI_TIMEOUT_INACCURACY margin, but that will be handled in a separate commit. A repeated timeout update to the application risk that the timeout will then fire again immediately and we have what basically is a busy-loop until the time is fine even for libcurl. If that becomes a problem, we need to address it.
2014-01-10threaded-resolver: never use NULL hints with getaddrinfoDaniel Stenberg
The net effect of this bug as it appeared to users, would be that libcurl would timeout in the connect phase. When disabling IPv6 use but still using getaddrinfo, libcurl would wrongly not init the "hints" struct field in init_thread_sync() which would subsequently lead to a getaddrinfo() invoke with a zeroed hints with ai_socktype set to 0 instead of SOCK_STREAM. This would lead to different behaviors on different platforms but basically incorrect output. This code was introduced in 483ff1ca75cbea, released in curl 7.20.0. This bug became a problem now due to the happy eyeballs code and how libcurl now traverses the getaddrinfo() results differently. Bug: http://curl.haxx.se/mail/lib-2014-01/0061.html Reported-by: Fabian Frank Debugged-by: Fabian Frank
2014-01-09darwinssl: un-break Leopard build after PKCS#12 changeNick Zitzmann
It turns out errSecDecode wasn't defined in Leopard's headers. So we use the enum's value instead. Bug: http://curl.haxx.se/mail/lib-2013-12/0150.html Reported by: Abram Pousada
2014-01-08Curl_updateconninfo: don't do anything for UDP "connections"Daniel Stenberg
getpeername() doesn't work for UDP sockets since they're not connected Reported-by: Priyanka Shah Bug: http://curl.haxx.se/mail/archive-2014-01/0016.html