Age | Commit message (Collapse) | Author |
|
Describes our security process from a project and curl developer's
perspective.
|
|
|
|
|
|
|
|
|
|
|
|
"Dan Fandrich" <dan@coneharvesters.com> wrote:
>> But I'm not sure <unistd.h> is needed at all.
>
> It's needed for close(2). But the only reason that's needed is because fstat
> is used instead of stat(2); if you fix that, then you could remove that
> include altogether.
Okay. I've tested the following with MSVC and MingW. htttput.c now
simply uses stat():
|
|
|
|
|
|
... as it was just merged in commit 7d7df
|
|
This patch invokes two socket connect()s nearly simultaneously, and
the socket that is first connected "wins" and is subsequently used for
the connection. The other is terminated.
There is a very slight IPv4 preference, in that if both sockets connect
simultaneously IPv4 is checked first and thus will win.
|
|
Should a client application fail to decode an authentication message
received from a server, or not support any of the parameters given by
the server in the message, then the authentication phrase should be
cancelled gracefully by the client rather than simply terminating the
connection.
The authentication phrase should be cancelled by simply sending a '*'
to the server, in response to erroneous data being received, as per
RFC-3501, RFC-4954 and RFC-5034.
This patch adds the necessary state machine constants and appropriate
response handlers in order to add this functionality for the CRAM-MD5,
DIGEST-MD5 and NTLM authentication mechanisms.
|
|
...in preparation for upcoming modifications.
|
|
warning: 'result' may be used uninitialized in this function
|
|
This is a regression since the switch to always-multi internally
c43127414d89c.
Test 1316 was modified since we now clearly call the Curl_client_write()
function when doing the LIST transfer part and then the
handler->protocol says FTP and ftpc.transfertype is 'A' which implies
text converting even though that the response is initially a HTTP
CONNECT response in this case.
|
|
|
|
|
|
Corrected line endings, RFC references and standardised on user names
and passwords used in the tests.
|
|
...as XOAUTH2 is the extended (or non-standard) SASL identifier and
OAuth 2 is the protocol name (and version).
|
|
This workaround had been previously been implemented for IMAP and POP3
but not SMTP. Some of the recent test case additions implemented this
behaviour to emulate a bad server and the SMTP code didn't cope with it.
|
|
Corrected 80 character line length error and pointer declarations (some
of which were previously incorrect)
|
|
As the URI, which is contained within the DIGEST-MD5 response, is
constructed from the service and realm, the encoded message differs
from that generated under POP3.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
IFS compilation support, SSL GSKit backend by default, TLSv1.[12] support in
GSKit for OS400 >= V7R1, no more tabs in make scripts.
|
|
|
|
|
|
Clarify in the documentation that DNS entries added with CURLOPT_RESOLVE
won't time-out.
Bug: http://curl.haxx.se/mail/lib-2013-10/0062.html
Reported-by: Romulo Ceccon
|
|
|
|
...and fixed up test869 as DIGEST-MD transcript is as follows:
S: Challenge
C: Authentication String
S: Continue Response
C: Empty String
|
|
error: unused variable 'table16'
|
|
|
|
cyassl/ctaocrypt/types.h needs SIZEOF_LONG_LONG
Reported-by: Chris Conlon
|
|
|
|
Plain strings after glob ranges/lists weren't treated correctly but
caused broken URLs to get used.
Reported-by: Javier Barroso
|
|
From wikipedia:
Travis CI is a hosted, distributed continuous integration service used
to build and test projects hosted at GitHub.
Travis CI is configured by adding a file named .travis.yml, which is a
YAML format text file, to the root directory of the GitHub repository.
Travis CI automatically detects when a commit has been made and pushed
to a GitHub repository that is using Travis CI, and each time this
happens, it will try to build the project and run tests. This includes
commits to all branches, not just to the master branch. When that
process has completed, it will notify a developer in the way it has been
configured to do so — for example, by sending an email containing the
test results (showing success or failure), or by posting a message on an
IRC channel. It can be configured to run the tests on a range of
different machines, with different software installed (such as older
versions of a programming language, to test for compatibility).
|
|
... if not already initialized. This fixes a regression introduced by
commit 4ad8e142da463ab208d5b5565e53291c8e5ef038, which caused test619
to intermittently fail on certain machines (namely Fedora build hosts).
|
|
I noted a missing text for exit-code 89 in docs/curl.1
|
|
Patch-by: Oliver Kuckertz
Bug: http://curl.haxx.se/bug/view.cgi?id=1292
|
|
|
|
|
|
...and corrected response when check fails from 500 to -ERR.
|
|
|
|
|
|
|
|
|