aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2010-10-12Added section on server-supplied names to security considerationsDan Fandrich
2010-10-12Fixed Watcom makefile.Guenter Knauf
2010-10-12Added build bits for librtmp / libssh2 to Watcom makefiles.Guenter Knauf
2010-10-12Added build bits for librtmp to NetWare makefiles.Guenter Knauf
2010-10-12SFTP: more ignoring negative file sizesDaniel Stenberg
As the change in 5f0ae7a0626cbe709 added a precaution against negative file sizes that for some reason managed to get returned, this change now introduces the same check at the second place in the code where the file size from the libssh2 stat call is used. This check might not be suitable for a 32 bit curl_off_t, but libssh2.h assumes long long to work and to be 64 bit so I believe such a small curl_off_t will be very unlikely to occur in the wild.
2010-10-11SMTP: debug output for no known auth mechanisms supportedDaniel Stenberg
... and some minor source code whitespace edits
2010-10-11test: urlglob error messages have no extra newline anymoreDaniel Stenberg
2010-10-11Added build bits for librtmp to MingW32 makefiles.Guenter Knauf
2010-10-08RELEASE-NOTES: synced with 61f4cdb73ae4Daniel Stenberg
2010-10-08globbing: fix crash on unballanced open braceDaniel Stenberg
Having an open brace without a closing brace caused a segfault. Having a closing brace too many caused a silent error to occur, which caused curl to bail out and return an error code but no error message was shown. It does now! All error message outputs no longer wrongly get _two_ newlines written after the error message. Reported by: Vlad Ureche Bug: http://curl.haxx.se/bug/view.cgi?id=3083942
2010-10-07libcurl.m4: AC_PATH_PROG fixesDan Locks
The invocation of autoconf's AC_PATH_PROG( ) is not quite right for finding curl-config. This fix corrects the negative case (where curl-config is not found).
2010-10-06FAQ: added "How do I submit my patch?"Daniel Stenberg
2010-10-05examples: use example.com in example URLsDaniel Stenberg
2010-10-04TODO-RELEASE: libidn problem not repeatableDaniel Stenberg
"261 - configure and libidn" is removed from the list since Julien Chaffraix tried to repeat it but failed and the reporter did not return to provide further details. Reported by: Lyndon Hill Bug: http://curl.haxx.se/mail/lib-2010-07/0029.html
2010-10-04libcurl.m4: mention argument is PREFIXDaniel Stenberg
The macro provides a --with-libcurl option that expects a PREFIX to be specified and not actually a "directory" in which libcurl will be found. This now spells that out more clearly. Reported by: Dan Locks Bug: http://curl.haxx.se/bug/view.cgi?id=3079891
2010-10-03Some NetWare makefile tweaks.Guenter Knauf
Renamed SDK_* to NDK_*; made NDK_* defines overwriteable from environment; removed now obsolete YACC macro; moved some curl_config.h defines to IPv6 section since they are only needed when IPv6 is enabled - this makes libcurl compile with older NDKs too which were not IPv6-aware.
2010-10-02TODO-RELEASE: 416 error fixedDaniel Stenberg
"3076808 Requests fail silently following a 416 error" done
2010-10-02krb5-gssapi: Removed a memory leak in krb5_auth.Julien Chaffraix
We forgot to release the buffer passed to gss_init_sec_context. The previous logic was difficult to read as we were reusing the same variable (gssbuf) for both input buffer and output buffer. Splitted the logic in 2 variables to better underline who needs to be released. Also made the code break at 80 lines.
2010-10-02krb5-gssapi: Made the function always return a value.Julien Chaffraix
kr5_auth missed a final 'return' statement. This is not an error in gcc but can lead to potential bugs.
2010-10-02krb5-gssapi: Delete the GSS-API context.Julien Chaffraix
This fixes a memory leak related to the GSS-API code. Added a krb5_init and krb5_end functions. Also removed a work-around the lack of proper initialization of the GSS-API context.
2010-10-02HTTP: remove special case for 416Daniel Stenberg
It was pointed out that the special case libcurl did for 416 was incorrect and wrong. 416 is not really different to other errors so the response body must be handled like for other errors/http responses. Reported by: Chris Smowton Bug: http://curl.haxx.se/bug/view.cgi?id=3076808
2010-10-02sws: Added writedelay HTTP server commandDan Fandrich
This delays between write operations, hopefully making it easier to spot problems where libcurl doesn't flush the socket properly before waiting for the next response.
2010-10-01TODO-RELEASE: no bug in ftp_nextconnectDaniel Stenberg
The issue named "266 - Bug in ftp_nextconnect?" was deemed to not be a bug and instead resulted in clarified docs.
2010-10-01curl_easy_setopt.3: CURLOPT_DIRLISTONLY implies dir listDaniel Stenberg
Make it explicit that setting CURLOPT_DIRLISTONLY to 1 will make libcurl to list the directory.
2010-10-01RELEASE-NOTES: synced up to 588402585baeDaniel Stenberg
2010-09-30TODO-RELEASE: move new features to next releaseDaniel Stenberg
2010-09-30README.ares: we know require c-ares 1.6.0Daniel Stenberg
2010-09-30SFTP: avoid downloading negative sizes!Daniel Stenberg
It is still not clarified exactly why this happens, but libssh2 sometimes report a negative file size for the remote SFTP file and that deeply confuses libcurl (or crashes it) so this precaution is added to avoid badness. Reported by: Ernest Beinrohr Bug: http://curl.haxx.se/bug/view.cgi?id=3076430
2010-09-30TODO-RELEASE: drop curl_easy_setoptvDaniel Stenberg
I haven't read any really convincing arguments for adding it
2010-09-30multi & hiper examples: updates and cleanupsDirk Manske
all multi and hiper examples: * don't loop curl_multi_perform calls, that was <7.20.0 style, currently the exported multi functions will not return CURLM_CALL_MULTI_PERFORM all hiper examples: * renamed check_run_count to check_multi_info * don't compare current running handle count with previous value, this was the wrong way to check for finished requests, simply call curl_multi_info_read * it's also safe to call curl_multi_remove_handle inside the curl_multi_info_read loop. ghiper.c: * replaced curl_multi_socket (that function is marked as obsolete) calls with curl_multi_socket_action calls (as in hiperfifo.c and evhiperfifo.c) ghiper.c and evhiperfifo.c: * be smart as hiperfifo.c, don't do uncessary curl_multi_* calls in new_conn and main
2010-09-29TODO-RELEASE: one fixed, one postponed, one addedDaniel Stenberg
As we're already in feature freeze, I pushed the feature onwards.
2010-09-29Renamed test1204 to test1117 to move it into the normal rangeDan Fandrich
2010-09-29Add gopher protocol definition to ILE/RPG binding.Patrick Monnerat
OS400 compile script in test dir updated for chkhostname.
2010-09-28krb5-gssapi: Remove several memory leaks.Julien Chaffraix
Remove a leak seen on Kerberos/MIT (gss_OID is copied internally and we were leaking it). Now we just pass NULL as advised in RFC2744. |tmp| was never set back to buf->data. Cleaned up Curl_sec_end to take into account failure in Curl_sec_login (where conn->mech would be NULL but not conn->app_data or conn->in_buffer->data).
2010-09-28security.c: Remove Curl_sec_fflush_fd.Julien Chaffraix
The current implementation would make us send wrong data on a closed socket. We don't buffer our data so the method can be safely removed.
2010-09-28security.c: We should always register the socket handler.Julien Chaffraix
Following a change in the way socket handler are registered, the custom recv and send method were conditionaly registered. We need to register them everytime to handle the ftp security extensions. Re-added the clear text handling in sec_recv.
2010-09-28security.c: Fix Curl_sec_login after rewrite.Julien Chaffraix
Curl_sec_login was returning the opposite result that the code in ftp.c was expecting. Simplified the return code (using a CURLcode) so to see more clearly what is going on.
2010-09-28security.c: Readd the '\n' to the infof() calls.Julien Chaffraix
They are not automatically added and make the output of the verbose mode a lot more readable.
2010-09-28security.c: Fix typo (PSBZ -> PBSZ)Julien Chaffraix
2010-09-28security.c: Fix ftp_send_command.Julien Chaffraix
My use of va_args was completely wrong. Fixed the usage so that we send the right commands!
2010-09-28curl_easy_escape: don't escape "unreserved" charactersDaniel Stenberg
According to RFC3986 section 2.3 the letters -, ., _ and ~ should not be percent-encoded. Reported by: Miguel Diaz Bug: http://curl.haxx.se/mail/lib-2010-09/0227.html
2010-09-28multi: don't expire timeouts at disonnect or doneDaniel Stenberg
The functions Curl_disconnect() and Curl_done() are both used within the scope of a single request so they cannot be allowed to use Curl_expire(... 0) to kill all timeouts as there are some timeouts that are set before a request that are supposed to remain until the request is done. The timeouts are now instead cleared at curl_easy_cleanup() and when the multi state machine changes a handle to the complete state.
2010-09-27Changed the TPF make file to get source files from Makefile.incDan Fandrich
Patch was fixed and validated by David McCreedy.
2010-09-27Added test case 1204 to test HTTP range failureDan Fandrich
This is an attempt to reproduce bug #3076808
2010-09-27multi_runsingle: set timeout error messagesDirk Manske
With the latest changes to fix the timeout handling with multi interface we lost the timeout error messages. This patch brings them back.
2010-09-27TODO-RELEASE: updated list of issues to work onDaniel Stenberg
2010-09-27parsedate: allow time specified without secondsDaniel Stenberg
The date format in RFC822 allows that the seconds part of HH:MM:SS is left out, but this function didn't allow it. This change also includes a modified test case that makes sure that this now works. Reported by: Matt Ford Bug: http://curl.haxx.se/bug/view.cgi?id=3076529
2010-09-26TFTP: re-indented the source codeDaniel Stenberg
Just made sure that the good old curl indentation style is used all over this file.
2010-09-26TFTP: Work around tftpd-hpa upload bugTim Newsome
tftpd-hpa has a bug where it will send an incorrect ack when the block counter wraps and tftp options have been sent. Work around that by accepting an ack for 65535 when we're expecting one for 0.
2010-09-24Revert "security.c: buffer_read various fixes."Daniel Stenberg
This reverts commit fbb38de415b7bb7d743e53a7b4b887ffb12b3e5b.