Age | Commit message (Collapse) | Author |
|
As the OpenSSL and NSS Crypto engines are prefered by the core NTLM
routines, to the Windows Crypt API, don't define USE_WIN32_CRYPT
automatically when either OpenSSL or NSS are in use - doing so would
disable NTLM2Session responses in NTLM type-3 messages.
|
|
If the scratch buffer was allocated in a previous call to
Curl_smtp_escape_eob(), a new buffer not allocated in the subsequent
call and no action taken by that call, then an attempt would be made to
try and free the buffer which, by now, would be part of the data->state
structure.
This bug was introduced in commit 4bd860a001.
|
|
Fixed a problem with the CRLF. detection when multiple buffers were
used to upload an email to libcurl and the line ending character(s)
appeared at the end of each buffer. This meant any lines which started
with . would not be escaped into .. and could be interpreted as the end
of transmission string instead.
This only affected libcurl based applications that used a read function
and wasn't reproducible with the curl command-line tool.
Bug: http://curl.haxx.se/bug/view.cgi?id=1456
Assisted-by: Patrick Monnerat
|
|
|
|
... and I could use a break instead of a goto to end the loop.
Bug: http://curl.haxx.se/mail/lib-2014-12/0089.html
Reported-by: Tor Arntsen
|
|
Added some bug fixes that I had missed in previous synchronisations.
|
|
I suspect this causes compile failures on Solaris:
Bug: http://curl.haxx.se/mail/lib-2014-12/0081.html
|
|
url.c:3078: warning: variable 'credentialsMatch' set but not used
|
|
parsedate.c:548: warning: 'parsed' may be used uninitialized in this
function
As curl_getdate() returns -1 when parsedate() fails we can initialise
parsed to -1.
|
|
Worth exploring
|
|
There might be one or two memory leaks left in the error paths.
|
|
|
|
|
|
This fixes the test 506 torture test. The internal cookie API really
ought to be improved to separate cookie parsing errors (which may be
ignored) with OOM errors (which should be fatal).
|
|
Some websites meanwhile refuse to reply to requests from ancient
browsers like IE6, therefore I've comment out this setting, but
also fixed the string to now fake IE8 if someone enables it.
|
|
|
|
|
|
|
|
Bug: http://curl.haxx.se/bug/view.cgi?id=1462
Reported-by: Tae Hyoung Ahn
|
|
|
|
|
|
|
|
|
|
As Windows based autoconf builds don't yet define USE_WIN32_CRYPTO
either explicitly through --enable-win32-cypto or automatically on
_WIN32 based platforms, subsequent builds broke with the following
error message:
"Can't compile NTLM support without a crypto library."
|
|
|
|
Build SMB/CIFS protocol support when SSPI is enabled.
|
|
Allow the use of the Windows Crypt API for NTLMv1 functions.
|
|
Also, fixed the outdated comments on the cookie API.
|
|
This caused a null-pointer dereference which caused a few dozen
torture tests to fail.
|
|
sws.c:2191 warning: 'rc' may be used uninitialized in this function
|
|
ftp.c:1827 warning: unused parameter 'newhost'
ftp.c:1827 warning: unused parameter 'newport'
|
|
Fixed an issue with the message size calculation where the raw bytes
from the buffer were interpreted as signed values rather than unsigned
values.
Reported-by: Gisle Vanem
Assisted-by: Bill Nagel
|
|
|
|
|
|
|
|
Aligned continuation character and used space as the separator
character as per other makefile files.
|
|
...and minor layout adjustment.
|
|
|
|
|
|
multi.c:2695: warning: declaration of `exp' shadows a global declaration
|
|
|
|
|
|
|
|
As it is often difficult to choose the best description for a single
feature when it spans many commits, updated the descriptions for the
recent SMB/CIFS protocol and GSS-API additions.
|
|
|
|
Don't use a hard coded size of 4 for the security layer and buffer size
in Curl_sasl_create_gssapi_security_message(), instead, use sizeof() as
we have done in the sasl_gssapi module.
|
|
Reduced the amount of free's required for the decoded challenge message
in Curl_sasl_create_gssapi_security_message() as a result of coding it
differently in the sasl_gssapi module.
|
|
|
|
|
|
...they never have a body
|