aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2012-01-18OpenSSL: fix PKCS#12 certificate parsing related memory leakJohannes Bauer
Leak triggered when CURLOPT_SSLCERTTYPE and CURLOPT_SSLKEYTYPE set to P12 and both CURLOPT_SSLCERT and CURLOPT_SSLKEY point to the same PKCS#12 file.
2012-01-18OpenSSL: SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option is no longer enabledYang Tse
SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option enabling allowed successfull interoperability with web server Netscape Enterprise Server 2.0.1 released back in 1996 more than 15 years ago. Due to CVE-2010-4180, option SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG has become ineffective as of OpenSSL 0.9.8q and 1.0.0c. In order to mitigate CVE-2010-4180 when using previous OpenSSL versions we no longer enable this option regardless of OpenSSL version and SSL_OP_ALL definition.
2012-01-17tests: enable time tracing on tests 500, 573 and 585Yang Tse
2012-01-17tests: testtrace.[ch] provides debug callback for libtest usageYang Tse
Allows tests from the libtest subdir to generate log traces similar to those of curl with --tracetime and --trace-ascii options but with output going to stderr.
2012-01-17sws.c: fix proxy mode secondary connection monitoring conditionYang Tse
2012-01-16add LF termination to infof() trace stringYang Tse
2012-01-16sws.c: improve proxy mode torture testing support - followup to 18c6c8a5Yang Tse
2012-01-16url2file: new simple exampleDaniel Stenberg
Just showing how to download the contents of a given URL into a local file. Based on a suggestion and example code by Georg Potthast
2012-01-16imap.c: a dead simple imap exampleDaniel Stenberg
Just to show that IMAP is used just like other protocols
2012-01-16sws.c: improve proxy mode torture testing support - followup to c731fc58Yang Tse
2012-01-15sws.c: improve proxy mode torture testing support - followup to d4bf87dcYang Tse
2012-01-15Curl_proxyCONNECT() trace known bug #39Yang Tse
2012-01-14test: verify HTTP response code 308Daniel Stenberg
This newly speced HTTP status code already works as intended in the new spec: http://greenbytes.de/tech/webdav/draft-reschke-http-status-308-02.html Test 1325 is added to verify that the method is kept after the redirect
2012-01-13http_negotiate_sspi.c: fix compiler warningYang Tse
2012-01-13ssh.c: fix compiler warningYang Tse
2012-01-13sws.c: improve proxy mode torture testing supportYang Tse
2012-01-12RELEASE-NOTES: synced with 9f20379fe4Daniel Stenberg
5 bug fixes, 3 more contributors
2012-01-12hostip: avoid getaddrinfo when c-ares is usedDaniel Stenberg
Some functions using getaddrinfo and gethostbyname were still mistakingly being used/linked even if c-ares was selected as resolver backend. Reported by: Arthur Murray Bug: http://curl.haxx.se/mail/lib-2012-01/0160.html
2012-01-09sws.c: replace sleep() usage with wait_ms()Yang Tse
2012-01-09FTP: CURLE_PARTIAL_FILE should not cause control connection to be closedgsengun
Test 161 updated accordingly
2012-01-08sws.c: some compiler warning fixesYang Tse
2012-01-08lib/setup.h: portable symbolic names for Winsock shutdown() mode flagsYang Tse
2012-01-06sws.c: 812fa73057 follow-upYang Tse
2012-01-05sws.c: some IPv6 proxy mode peparatory adjustmentsYang Tse
2012-01-05curl.h: provide backwards compatible symbolsDaniel Stenberg
In commit c834213ad52 we re-used some obsolete error codes, and here are two defines that makes sure existing source codes that happen to use any of these deprecated ones will still compile. As usual, define CURL_NO_OLDIES to avoid getting these "precaution defines".
2012-01-04win32-threaded-resolver: stop using a dummy socketDaniel Stenberg
Previously the code would create a dummy socket while resolving just to have curl_multi_fdset() return something but the non-win32 version doesn't do it this way and the creation and use of a socket that isn't made with the common create-socket callback can be confusing to apps using the multi_socket API etc. This change removes the dummy socket and thus will cause curl_multi_fdset() to return with maxfd == -1 more often.
2012-01-04OpenSSL: remove reference to openssl internal structPeter Sylvester
With this change, curl compiles with the new OPENSSL_NO_SSL_INTERN cflag. This flag might become the default in some distant future.
2012-01-04test1320 test1321: avoid User-Agent comparisonYang Tse
2012-01-04httpserver.pl: reorder sws command line optionsYang Tse
make 'pidfile' and 'logfile' options appear first on command line in order to ensure that processing of other options which write to logfile do this to intended file and not the default one.
2012-01-04sws.c: fix proxy mode segfaultYang Tse
2012-01-04tool_formparse.c: fix compiler warning: enumerated type mixed with another typeYang Tse
2012-01-04krb5.c: fix compiler warning: variable set but not usedYang Tse
2012-01-04KNOWN_BUGS: #77 CURLOPT_FORBID_REUSE kills NTLMDaniel Stenberg
2012-01-04Fixed use of CURLUSESSL_TRY for POP3 and IMAP based connections.Steve Holme
Fixed a problem in POP3 and IMAP where a connection would fail when CURLUSESSL_TRY was specified for a server that didn't support SSL/TLS connections rather than continuing.
2012-01-04Fixed incorrect error code being returned in STARTTLSSteve Holme
The STARTTLS response code in SMTP, POP3 and IMAP would return CURLE_LOGIN_DENIED rather than CURLE_USE_SSL_FAILED when SSL/TLS was not available on the server. Reported by: Gokhan Sengun Bug: http://curl.haxx.se/mail/lib-2012-01/0018.html
2012-01-03curl_easy_setopt: refer to the most recent URI RFCDaniel Stenberg
2012-01-03RELEASE-NOTES: synced with 2f4a487a68Daniel Stenberg
Two bugfixes, two more contributors
2012-01-03tests: test IMAP, POP3 and SMTP over HTTP proxy tunnelDaniel Stenberg
2012-01-03test proxy supports CONNECTDaniel Stenberg
There's a new 'http-proxy' server for tests that runs on a separate port and lets clients do HTTP CONNECT to other ports on the same host to allow us to test HTTP "tunneling" properly. Test cases now have a <proxy> section in <verify> to check that the proxy protocol part matches correctly. Test case 80, 83, 95, 275, 503 and 1078 have been converted. Test 1316 was added.
2012-01-02curl_easy_strerror.3: minor synopsis edit of the lookDaniel Stenberg
2012-01-02hostip.c: fix potential write past the end of string bufferYang Tse
2012-01-02hostip.c: fix Curl_loadhostpairs() OOM handlingYang Tse
2012-01-02runtests.pl: on test failure, don't show trace log files of other testsYang Tse
2012-01-01Curl_input_negotiate: use the correct buffer for inputDaniel Stenberg
Unfortunately we have no test cases for this and I have no SSPI build or server to verify this with. The change seems simple enough though. Bug: http://curl.haxx.se/bug/view.cgi?id=3466497 Reported by: Patrice Guerin
2012-01-01runtests: put trace outputs in log/trace[num] for all testsDaniel Stenberg
2011-12-31just a stupid typoDaniel Stenberg
2011-12-31SFTP dir: increase buffer size counterDaniel Stenberg
When the buffer gets realloced to hold the file name in the SSH_SFTP_READDIR_LINK state, the counter was not bumped accordingly. Reported by: Armel Asselin Patch by: Armel Asselin Bug: http://curl.haxx.se/mail/lib-2011-12/0249.html
2011-12-31RELEASE-NOTES: synced with 81ebdd9e287Daniel Stenberg
6 more bugfixes, 3 more contributors
2011-12-31create_hostcache_id: use the key lower casedDaniel Stenberg
... to make sure the DNS cache is properly case insensitive
2011-12-31changed case: use new host name for subsequent HTTP requestsDaniel Stenberg
When a HTTP connection is re-used for a subsequent request without proxy, it would always re-use the Host: header of the first request. As host names are case insensitive it would make curl send another host name case that what the particular request used. Now it will instead always use the most recent host name to always use the desired casing. Added test case 1318 to verify. Bug: http://curl.haxx.se/mail/lib-2011-12/0314.html Reported by: Alex Vinnik