aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2005-03-10Christopher R. Palmer made it possible to build libcurl with theDaniel Stenberg
USE_WINDOWS_SSPI on Windows, and then libcurl will be built to use the native way to do NTLM. SSPI also allows libcurl to pass on the current user and its password in the request.
2005-03-09configure, socks, debug, getdateDaniel Stenberg
2005-03-09As reported by 'nodak sodak' we should check for a NULL pointer beforeDaniel Stenberg
referencing the proxy name pointer.
2005-03-09Stopped linking to the SSL libs if a full installation isn't found.Dan Fandrich
Removed a redundant library check.
2005-03-09skip the test of "2094 Nov 6" for now, since the 64bit time_t systems returnDaniel Stenberg
different values for it...
2005-03-08remove old printf() debug leftoverDaniel Stenberg
2005-03-08mktime() returns a time_t. time_t is often 32 bits, even on many architecturesDaniel Stenberg
that feature 64 bit 'long'. Some systems have 64 bit time_t and deal with years beyond 2038. However, even some of the systems with 64 bit time_t returns -1 for dates beyond 03:14:07 UTC, January 19, 2038. (Such as AIX 5100-06)
2005-03-08days are englishDaniel Stenberg
2005-03-08Dominick Meglio reported that using CURLOPT_FILETIME when transferring a FTPDaniel Stenberg
file got a Last-Modified: header written to the data stream, corrupting the actual data. This was because some conditions from the previous FTP code was not properly brought into the new FTP code. I fixed and I added test case 520 to verify. (This bug was introduced in 7.13.1)
2005-03-08Fixed the --with-zlib configure option so that it always adds the specifiedDan Fandrich
path to the compiler flags. Before, a zlib installation in the default path was always used in preference to the one in the desired location.
2005-03-07fseek() with SEEK_SET is broken on large file capable 32-bit systems, soDan Fandrich
revert to the SEEK_END method of repositioning the stream after a ftruncate() and only use SEEK_SET if ftruncate() isn't available.
2005-03-07test 236: FTP resume upload but denied access to remote fileDaniel Stenberg
2005-03-07valgrind.pm fixedDaniel Stenberg
2005-03-06added valgrind.pm to the distDaniel Stenberg
2005-03-05Better cope with a failed or unavailable ftruncate().Dan Fandrich
Added HAVE_FTRUNCATE to all the static config-*.h files on the assumption that all those systems provide it.
2005-03-05Samuel Díaz García's correctionDaniel Stenberg
2005-03-04Added test case 235 that makes a resumed upload of a file that isn't presentDaniel Stenberg
on the remote side. This then converts the operation to an ordinary STOR upload. This was requested/pointed out by Ignacio Vazquez-Abrams. It also proved (and I fixed) a bug in the newly rewritten ftp code (and present in the 7.13.1 release) when trying to resume an upload and the servers returns an error to the SIZE command. libcurl then loops and sends SIZE commands infinitely.
2005-03-04Reduced the length of data read from the random entropy file.Dan Fandrich
2005-03-04Don't try to read the whole of the random file because when /dev/urandom isDan Fandrich
used, it slows initialization too much reading an infinitely long file!
2005-03-047.13.2-CVSDaniel Stenberg
2005-03-04starting overDaniel Stenberg
2005-03-04stand clear for release timeDaniel Stenberg
2005-03-04Dave Dribin made it possible to set CURLOPT_COOKIEFILE to "" to activateDaniel Stenberg
the cookie "engine" without having to provide an empty or non-existing file.
2005-03-04killed trailing whitespaceDaniel Stenberg
2005-03-04killed trailing whitespaceDaniel Stenberg
2005-03-04Rene Rebe fixed a -# crash when more data than expected was retrieved.Daniel Stenberg
2005-03-03new VB bindingDaniel Stenberg
2005-03-03VB binding, updated the .NET infoDaniel Stenberg
2005-03-03mention buffer overflows fixedDaniel Stenberg
2005-03-03fix the distribution filesDaniel Stenberg
2005-02-28Fix for a base64 decode heap buffer overflow vulnerability.Dan Fandrich
2005-02-24Fixed some compiler warnings. Fixed a low incidence memory leak in the test ↵Dan Fandrich
server.
2005-02-22Updated as suggested by Samuel Díaz GarcíaDaniel Stenberg
2005-02-22krb4 fixedDaniel Stenberg
2005-02-22Curl_base64_decode() now returns an allocated bufferDaniel Stenberg
2005-02-22Thanks for the notification iDEFENCE. We are the "initial vendor" and we sureDaniel Stenberg
got no notification, no mail, no nothing. You didn't even bother to mail us when you went public with this. Cool. NTLM buffer overflow fix, as reported here: http://www.securityfocus.com/archive/1/391042
2005-02-19added test case 234 which is like 233 but uses --location-trusted instead soDaniel Stenberg
thus the second request to the new host will use authentication fine
2005-02-18Ralph Mitchell reported a flaw when you used a proxy with auth, and youDaniel Stenberg
requested data from a host and then followed a redirect to another host. libcurl then didn't use the proxy-auth properly in the second request, due to the host-only check for original host name wrongly being extended to the proxy auth as well. Added test case 233 to verify the flaw and that the fix removed the problem.
2005-02-18socket leak, mingw buildDaniel Stenberg
2005-02-18Based on Mike Dobbs' report, BUILDING_LIBCURL is now defined in here if itDaniel Stenberg
runs to build with mingw.
2005-02-17close the socket properly when returning error due to failing localbindDaniel Stenberg
Bug report #1124588 by David
2005-02-17mention filename= for the -FDaniel Stenberg
2005-02-16Christopher R. Palmer reported a problem with HTTP-POSTing using "anyauth"Daniel Stenberg
that picks NTLM. Thanks to David Byron letting me test NTLM against his servers, I could quickly repeat and fix the problem. It turned out to be: When libcurl POSTs without knowing/using an authentication and it gets back a list of types from which it picks NTLM, it needs to either continue sending its data if it keeps the connection alive, or not send the data but close the connection. Then do the first step in the NTLM auth. libcurl didn't send the data nor close the connection but simply read the response-body and then sent the first negotiation step. Which then failed miserably of course. The fixed version forces a connection if there is more than 2000 bytes left to send.
2005-02-14check for ENGINE_load_builtin_engines() as well if engine is aroundDaniel Stenberg
2005-02-14changed config-vms infoMarty Kuhrt
2005-02-14changed curlmsg.* entries to see if CVS would ignore it nowMarty Kuhrt
2005-02-14Rename Curl_pretransfersec() to *_second_connect() since it does not justDaniel Stenberg
do pretransfer stuff like Curl_pretransfer().
2005-02-11Fixed bad krb4 code. It always tried to use krb4 if built enabled.Daniel Stenberg
2005-02-11rename amigaos.c and nwlib.c if they exist before buildingMarty Kuhrt
2005-02-11Removed per Marty's request: The .h_* files aren't needed anymore, IDaniel Stenberg
consolidated them into one file called config-vms.h. The curlmsg.h and .sdl files are generated from the curlmsg.msg file and, thus, shouldn't be in the dist.