aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-12-24tests: Removed APOP timestamp from default server greetingSteve Holme
2013-12-23test936: Corrected login details from commit 7246255416617aSteve Holme
2013-12-23ftpserver.pl: Updated custom full text REPLY regexSteve Holme
SASL downgrade tests: 833, 835, 879, 881, 935 and 937 would fail as they contained a minus sign in their authentication mechanism and this would be missed by the custom reply parser.
2013-12-23tests: Corrected syntax error from commit 7246255416617aSteve Holme
2013-12-23tests: Added SMTP SASL downgrade testsSteve Holme
2013-12-23tests: Added POP3 SASL downgrade testsSteve Holme
2013-12-23tests: Added IMAP SASL downgrade testsSteve Holme
2013-12-22docs: mention CURLOPT_MAX_RECV/SEND_SPEED_LARGE don't work for FILE://Daniel Stenberg
2013-12-22FILE: don't wait due to CURLOPT_MAX_RECV_SPEED_LARGEDaniel Stenberg
The FILE:// code doesn't support this option - and it doesn't make sense to support it as long as it works as it does since then it'd only block even longer. But: setting CURLOPT_MAX_RECV_SPEED_LARGE would make the transfer first get done and then libcurl would wait until the average speed would get low enough. This happened because the transfer happens completely in the DO state for FILE:// but then it would still unconditionally continue in to the PERFORM state where the speed check is made. Starting now, the code will skip from DO_DONE to DONE immediately if no socket is set to be recv()ed or send()ed to. Bug: http://curl.haxx.se/bug/view.cgi?id=1312 Reported-by: Mohammad AlSaleh
2013-12-22ftpserver.pl: Fixed runtime warning from commit 7da9c95bcf1fe6Steve Holme
Use of uninitialized value $FTPARG in concatenation (.) or string at line 3255.
2013-12-22ftpserver.pl: Added the ability to send custom full text repliesSteve Holme
2013-12-22ftpserver.pl: Added the ability to specify custom full text repliesSteve Holme
2013-12-22ftpserver.pl: Renamed commandreply variable from customreplySteve Holme
2013-12-22tests: Added SASL cancellation keywordsSteve Holme
Added SASL CANCELLATION keywords to differentiate these tests from the upcoming SASL downgrade tests.
2013-12-22email: Fixed segfault introduced in commit 195b63f99c2fe3Steve Holme
2013-12-22code police: fix indent level to silence checksrc complaintsDaniel Stenberg
2013-12-21email: Extended the login options to support multiple auth mechanismsSteve Holme
2013-12-22Curl_pp_readresp: replace stupid loop with memcpyDaniel Stenberg
2013-12-22Curl_pp_readresp: zero terminate lineDaniel Stenberg
The comment in the code mentions the zero terminating after having copied data, but it mistakingly zero terminated the source data and not the destination! This caused the test 864 problem discussed on the list: http://curl.haxx.se/mail/lib-2013-12/0113.html Signed-off-by: Daniel Stenberg <daniel@haxx.se>
2013-12-21Revert "pop3: Added debug information to assist with test864 failure"Steve Holme
This reverts commit 727d798d680f29c8b3cb7d7f03d6b6a3eb4356da.
2013-12-21pop3: Added debug information to assist with test864 failureSteve Holme
2013-12-20RELEASE-NOTES: Synced with 812c5ace759d04Steve Holme
2013-12-20pop3: Fixed APOP timestamp detection from commit 1cfb436a2f1795Steve Holme
2013-12-20Makefile.inc: use standard source headerDaniel Stenberg
2013-12-20Makefile.inc: specify the vtls sources+headers separatelyDaniel Stenberg
2013-12-20vtls: renamed sslgen.[ch] to vtls.[ch]Daniel Stenberg
2013-12-20openssl: renamed backend files to openssl.[ch]Daniel Stenberg
2013-12-20vtls: moved all TLS/SSL source and header files into subdirDaniel Stenberg
2013-12-20vtls: created subdir, moved sslgen.[ch] there, updated all include linesDaniel Stenberg
2013-12-20pop3: Fixed selection of APOP when server replies with an invalid timestampSteve Holme
Although highlighted by a bug in commit 1cfb436a2f1795, APOP authentication could be chosen if the server was to reply with an empty or missing timestamp in the server greeting and APOP was given in the capability list by the server.
2013-12-20pop3: Fixed processing of more than one response when sent in same packetSteve Holme
Added a loop to pop3_statemach_act() in which Curl_pp_readresp() is called until the cache is drained. Without this multiple responses received in a single packet could result in a hang or delay.
2013-12-19pop3: Moved CAPA response handling to pop3_state_capa_resp()Steve Holme
Similar to the processing of untagged CAPABILITY responses in IMAP and multi-line EHLO responses in SMTP, moved the processing of multi-line CAPA responses to pop3_state_capa_resp().
2013-12-19pop3: Moved APOP detection into pop3_state_servergreet_resp()Steve Holme
In an effort to reduce what pop3_endofresp() does and bring the POP3 source back inline with the IMAP and SMTP protocols, moved the APOP detection into pop3_state_servergreet_resp().
2013-12-19curl_easy_setopt: Fixed OAuth 2.0 Bearer option nameSteve Holme
Bug: http://curl.haxx.se/bug/view.cgi?id=1313 Reported-by: Viktor Szakáts
2013-12-18curl.1: remove URL encoding phrase from --data descriptionDaniel Stenberg
... it could be misleading a reader into thinking it _has_ to be encoded.
2013-12-18imap/pop3/smtp: Added support for SASL authentication downgradesSteve Holme
Added support for downgrading the SASL authentication mechanism when the decoding of CRAM-MD5, DIGEST-MD5 and NTLM messages fails. This enhances the previously added support for graceful cancellation by allowing the client to retry a lesser SASL mechanism such as LOGIN or PLAIN, or even APOP / clear text (in the case of POP3 and IMAP) when supported by the server.
2013-12-18RELEASE-PROCEDURE: new documentDaniel Stenberg
2013-12-18gitignore: ignore .dirstamp filesDaniel Stenberg
2013-12-18smtp: fix compiler warningDaniel Stenberg
smtp.c:478:21: error: unused variable 'smtpc' [-Werror=unused-variable]
2013-12-18smtp: Moved the calculation of SASL login details into a separate functionSteve Holme
2013-12-18pop3: Moved the calculation of SASL login details into a separate functionSteve Holme
2013-12-18imap: Moved the calculation of SASL login details into a separate functionSteve Holme
2013-12-18smtp: Moved the sending of the AUTH command into a separate functionSteve Holme
2013-12-18pop3: Moved the sending of the AUTH command into a separate functionSteve Holme
2013-12-18imap: Moved the sending of the AUTHENICATE command into a separate functionSteve Holme
2013-12-17email: Renamed *_perform_authenticate() functionsSteve Holme
In preparation for the upcoming SASL downgrade feature renamed the imap__perform_authenticate(), pop3__perform_authenticate() and smtp__perform_authenticate() functions.
2013-12-17bump: start working on the next releaseDaniel Stenberg
2013-12-16RELEASE-NOTES: synced with c0ef05e67Daniel Stenberg
... for the pending 7.34.0 release Upped the contributor count
2013-12-16THANKS: add contributors from 7.34.0 releaseDaniel Stenberg
24 new great friends
2013-12-16gtls: respect *VERIFYHOST independently of *VERIFYPEERDaniel Stenberg
Security flaw CVE-2013-6422 This is conceptually the same problem and fix that 3c3622b6 brought to the OpenSSL backend and that resulted in CVE-2013-4545. This version of the problem was independently introduced to the GnuTLS backend with commit 59cf93cc, present in the code since the libcurl 7.21.4 release. Advisory: http://curl.haxx.se/docs/adv_20131217.html Bug: http://curl.haxx.se/mail/lib-2013-11/0214.html Reported-by: Marc Deslauriers