aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2010-09-24Revert "security.c: buffer_read various fixes."Daniel Stenberg
This reverts commit fbb38de415b7bb7d743e53a7b4b887ffb12b3e5b.
2010-09-22security.c: removed superfluous parenthesesDaniel Stenberg
And also removed the FIXME where memory was zeroed just before freed, and some other minor whitespace changes.
2010-09-22security.c: Update the #include statements after the rewrite.Julien Chaffraix
2010-09-22security.c: sec_write tweaksJulien Chaffraix
- |fd| is now a curl_socket_t and |len| a size_t to avoid conversions. - Added 2 FIXMEs about the 2 unsigned -> signed conversions. - Included 2 minor changes to Curl_sec_end.
2010-09-22security.c: _sec_send tweaksJulien Chaffraix
- Renamed the method to sec_send now that we renamed sec_send to do_sec_send. - Some more variable renaming.
2010-09-22security.c: sec_read tweaksJulien Chaffraix
- Renamed the function to sec_recv. - Renamed the parameters and variable to match the rest of the code.
2010-09-22security.c: Curl_sec_fflush_fd tweaksJulien Chaffraix
- Use an early return as it makes the code more readable. - Added a FIXME about a conversion.
2010-09-22security.c: sec_send tweaksJulien Chaffraix
- Renamed it to do_sec_send as it is the function doing the actual transfer. - Do not return any values as no one was checking it and it never reported a failure (added a FIXME about checking for errors). - Renamed the variables to make their use more specific. - Removed some casts (int -> curl_socket_t, ...) - Avoid doing the htnl <-> nthl twice by caching the 2 results.
2010-09-22security.c: Curl_sec_read_msg tweaksJulien Chaffraix
- Renamed the variables name to better match their intend. - Unified the |decoded_len| checks. - Added some FIXMEs to flag some improvement that did not go in this change.
2010-09-22security.c: Curl_sec_set_protection_level tweakingJulien Chaffraix
- Removed sec_prot_internal as it is now inlined in the function (this removed a redundant check). - Changed the prototype to return an error code. - Updated the method to use the new ftp_send_command function. - Added a level_to_char helper method to avoid relying on the compiler's bound checks. This default to the maximum security we have in case of a wrong input.
2010-09-22security.c: factored the logic from Curl_sec_login into a dedicated method ↵Julien Chaffraix
that better reflect its intent. Introduced a helper method ftp_send_command that synchronously send an FTP query.
2010-09-22security.c: Remove out_buffer as it was never written into.Julien Chaffraix
2010-09-22security.c: buffer_read various fixes.Julien Chaffraix
Tighten the type of the |data| parameter to avoid a cast. Also made it const as we should not modify it. Added a DEBUGASSERT on the size to be written while changing it.
2010-09-22security.c: Made block_write return a CURLcode.Julien Chaffraix
While doing so, renamed it to socket_write to better match its function.
2010-09-22security.c: Made block_read and sec_get_data return CURLcode.Julien Chaffraix
To do so, made block_read call Curl_read_plain instead of read. While changing them renamed block_read to socket_read and sec_get_data to read_data to better match their function. Also fixed a potential memory leak in block_read.
2010-09-22Security.c: Fix headers guard to match the rest of the code.Julien Chaffraix
2010-09-22configure: Fix the LDAPS disable messageJulien Chaffraix
... for example when LDAP is not compiled. Fixed the logic to match the rest of the options' message that is we update the default message only if the option is not disabled after the different checks. Reported by: Guenter Knauf
2010-09-21RELEASE-NOTES: sync with 8665d4e5 and c-ares >= 1.6.0 noteDaniel Stenberg
2010-09-21parse_remote_port: ignore colons without port numberDaniel Stenberg
Obviously, browsers ignore a colon without a following port number. Both Firefox and Chrome just removes the colon for such URLs. This change does not remove the colon for URLs sent over a HTTP proxy, so we should consider doing that change as well. Reported by: github user 'kreshano'
2010-09-21RELEASE-NOTES: in sync with 19f45eaa799Daniel Stenberg
2010-09-21duphandle: use ares_dup()Daniel Stenberg
curl_easy_duphandle() was not properly duping the ares channel. The ares_dup() function was introduced in c-ares 1.6.0 so by starting to use this function we also raise the bar and require c-ares >= 1.6.0 (released Dec 9, 2008) for such builds. Reported by: Ning Dong Bug: http://curl.haxx.se/mail/lib-2010-08/0318.html
2010-09-21MacOSX-Framework: updates for SnowleopardHendrik Visage
1) PPC64 appears to be an 10.5 only supported architecture, so I forced 10.5 for 64bit if there is a need for PPC64, else 64bit only does x86_64 2) proper "make clean" after every ./configure. fixes a bug where subsequent runs the 32bit do not get compiled 3) Added a version numbering curl-$VERSION} rather than the "stock standard" A
2010-09-21RELEASE-NOTES: synced with 5fcc4332d62feDaniel Stenberg
Removed the duplicate entry of Kamil in the credits.
2010-09-20configure: don't enable RTMP if the lib detect failsDaniel Stenberg
librtmp is often statically linked and using sub dependencies like OpenSSL, so we need to make sure we can actually link with it properly before enabling it. Otherwise we easily end up trying to link with a RTMP lib that fails.
2010-09-20TODO: added 8.4 non-gcrypt under GnuTLSDaniel Stenberg
We must not assume gcrypt just because of GnuTLS
2010-09-20configure: check for gcrypt if using GnuTLSDaniel Stenberg
1 - libcurl assumes that there are gcrypt functions available when GnuTLS is. 2 - GnuTLS can be built to use libnettle instead as crypto library, which breaks assumption (1) This change makes configure make sure that if GnuTLS is requested and detected, it also makes sure that gcrypt is present or it errors out. This is mostly a way to make the user more aware of this flaw, the correct fix would be to detect which crypto layer that is in use and adapt our code to use that instead of blindly assuming gcrypt. Reported by: Michal Gorny Bug: http://curl.haxx.se/bug/view.cgi?id=3071038
2010-09-18RELEASE-NOTES: sync from d2a7fd2fe65b to HEADDaniel Stenberg
2010-09-18FTP: fix bad check of Curl_timeleft() return codeDaniel Stenberg
When it returns 0 it means no timeout. Only a negative value means that we're out of time.
2010-09-18LDAP: moved variable declaration to avoid compiler warnDaniel Stenberg
If built without HTTP or proxy support it would cause a compiler warning due to the unused variable. I moved the declaration of it into the only scope it is used.
2010-09-18LDAP: Use FALSE instead of bool_false when setting bits.closeTor Arntsen
bool_false is the internal name used in the setup_once.h definition we fall back to for non-C99 non-stdbool systems, it's not the actual name to use in assignments (we use bool_false, bool_true there to avoid global namespace problems, see comment in setup_once.h). The correct C99 value to use is 'false', but let's use FALSE as used elsewhere when assigning to bits.close. FALSE is set equal to 'false' in setup_once.h when possible. This fixes a build problem on C99 targets.
2010-09-18LDAP: Add missing declaration for 'result'Tor Arntsen
2010-09-18LDAP: Support for tunnelling queries through HTTP proxyMauro Iorio
As of curl-7.21.1 tunnelling ldap queries through HTTP Proxies is not supported. Actually if --proxytunnel command-line option (or equivalent CURLOPT_HTTPPROXYTUNNEL) is used for ldap queries like ldap://ldap.my.server.com/... You are unable to successfully execute the query. In facts ldap_*_bind is executed directly against the ldap server and proxy is totally ignored. This is true for both openLDAP and Microsoft LDAP API. Step to reproduce the error: Just launch "curl --proxytunnel --proxy 192.168.1.1:8080 ldap://ldap.my.server.com/dc=... " This fix adds an invocation to Curl_proxyCONNECT against the provided proxy address and on successful "CONNECT" it tunnels ldap query to the final ldap server through the HTTP proxy. As far as I know Microsoft LDAP APIs don't permit tunnelling in any way so the patch provided is for OpenLDAP only. The patch has been developed against OpenLDAP 2.4.23 and has been tested with Microsoft ISA Server 2006 and works properly with basic, digest and NTLM authentication.
2010-09-17timeout: use the correct start value as offsetDaniel Stenberg
Rodric provide an awesome recipe that proved libcurl didn't timeout at the requested time - it instead often timed out at [connect time] + [timeout time] instead of the documented and intended [timeout time] only. This bug was due to the code using the wrong base offset when comparing against "now". I could also take the oppurtinity to simplify the code by properly using of the generic help function for this: Curl_timeleft. Reported by: Rodric Glaser Bug: http://curl.haxx.se/bug/view.cgi?id=3061535
2010-09-17Curl_timeleft: avoid returning "no timeout" by mistakeDaniel Stenberg
As this function uses return code 0 to mean that there is no timeout, it needs to check that it doesn't return a time left value that is exactly zero. It could lead to libcurl doing an extra 1000 ms select() call and thus not timing out as accurately as it should. I fell over this bug when working on the bug 3061535 but this fix does not correct that problem alone, although this is a problem that needs to be fixed. Reported by: Rodric Glaser Bug: http://curl.haxx.se/bug/view.cgi?id=3061535
2010-09-16whitespace: unified sourceDaniel Stenberg
if ( => if( while ( => while( and some other changes in the similar spirit, trying to make the whole file use the same style
2010-09-16remote-header-name: don't output filename when NULLDaniel Stenberg
2010-09-15TheArtOfHttpScripting: use long optionsJames Bursa
2010-09-14getinmemory: make the example easier to followJames Bursa
1. Remove the comment warning that it's "not been verified to work". It works with no problems in my testing. 2. Remove 2 unnecessary includes. 3. Remove the myrealloc(). Initialize chunk.memory with malloc() instead of NULL. The comments for these two parts contradicted each other. 4. Handle out of memory from realloc() instead of continuing. 5. Print a brief status message at the end.
2010-09-14multi: don't do extra expire calls for the connectionDaniel Stenberg
The timeout is set for the connect phase already at the start of the request so we should not add a new one, and we MUST not set expire to 0 as that will remove any other potentially existing timeouts.
2010-09-12Fix a bashism: test a = b is more portable than ==.Peter Pentchev
2010-09-12glob_word: remove a check that is always falseDaniel Stenberg
2010-09-12inflate_stream: remove redundant check that is always trueDaniel Stenberg
2010-09-12digest: make it clear the condition is always trueDaniel Stenberg
2010-09-12ssluse: removed redundant check that is always trueDaniel Stenberg
2010-09-11Link curl and the test apps with -lrt explicitly when necessaryDan Fandrich
When curl calls a function from that library then it needs to explicitly link to the library instead of piggybacking on libcurl's own dependency. Without this, GNU ld with the --no-add-needed flag fails when linking (which Fedora now does by default). Reported by: Quanah Gibson-Mount Bug: http://curl.haxx.se/mail/lib-2010-09/0085.html
2010-09-09Mention the Debian Popularity ContestDan Fandrich
2010-09-09test565: Don't hardcode IP:PORTTor Arntsen
Use %HOSTIP:%HTTPPORT instead of 127.0.0.1:8990 so that verification works if the baseport change option is used when executing runtests.pl.
2010-09-09curl.1: updated protocols and polished languageDaniel Stenberg
2010-09-08FAQ: CURL_STATICLIB for visual studio usersDaniel Stenberg
Clarified as it isn't used with a -D option for them. Reported by: Artfunkel Bug: http://curl.haxx.se/bug/view.cgi?id=3060381
2010-09-07FAQ: updated and added host with custom IP questionDaniel Stenberg
Added "3.19 How do I get HTTP from a host using a specific IP address?" and updated some stuff about certs etc.