aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2009-04-02Initial CMake scripts (libcurl only), based on the merge of tetest scripts ↵Benoit Neil
and mine. These are far to be functionnal yet. PS: Hello world :)
2009-04-02Added the curl_easy_recv return code fixDan Fandrich
2009-04-01- Andre Guibert de Bruet fixed a NULL pointer use in an infof() call if aDaniel Stenberg
strdup() call failed.
2009-03-31Properly return an error code in curl_easy_recv (reported by Jim Freeman).Dan Fandrich
2009-03-29some minor Makefile tweaks.Gunter Knauf
2009-03-20Gary Maxwell helped us clarify that CURLOPT_SHARE specificly needs the lockingDaniel Stenberg
functions if the easy handles are used in multiple threads
2009-03-20removed useless commentDaniel Stenberg
2009-03-18Add a link to "Potential Errors Passing CRT Objects Across DLL Boundaries"Yang Tse
2009-03-18- Kamil Dudka brought a patch that enables 6 additional crypto algorithms whenDaniel Stenberg
NSS is used. These ciphers were added in NSS 3.4 and require to be enabled explicitly.
2009-03-18minor fixDaniel Stenberg
2009-03-15If CURL_DISABLE_PROXY is defined, we must allow socks_sspi.c to callGisle Vanem
Curl_blockread_all(). It is needed in code inside USE_WINDOWS_SSPI.
2009-03-13we use libssh2_version() now if availableDaniel Stenberg
2009-03-13- Use libssh2_version() to present the libssh2 version in case the libssh2Daniel Stenberg
library is found to support it.
2009-03-12Fix TELNET transfers not being aborted upon write callback failuresYang Tse
2009-03-12Add Curl_read() return code checkingYang Tse
2009-03-11Oops, make the memory magic debug stuff done before global init too just toDaniel Stenberg
catch them all. The memory debug stuff is not in the public API anyway.
2009-03-11- Kamil Dudka made the curl tool properly call curl_global_init() before anyDaniel Stenberg
other libcurl function.
2009-03-11update the embedded copyright yearDaniel Stenberg
2009-03-11s/u_long/unsigned long/Yang Tse
2009-03-11fix previous commit misplaced break statementYang Tse
2009-03-11Added TELNET timeout support for Windows buildsYang Tse
2009-03-10Moved 7.19.2 and older entries from CHANGES to CHANGES.0 (the latter is notDaniel Stenberg
shipped in release archives but is only in CVS)
2009-03-09- Frank Hempel found out a bug and provided the fix:Daniel Stenberg
curl_easy_duphandle did not necessarily duplicate the CURLOPT_COOKIEFILE option. It only enabled the cookie engine in the destination handle if data->cookies is not NULL (where data is the source handle). In case of a newly initialized handle which just had the cookie support enabled by a curl_easy_setopt(handle, CURL_COOKIEFILE, "")-call, handle->cookies was still NULL because the setopt-call only appends the value to data->change.cookielist, hence duplicating this handle would not have the cookie engine switched on. We also concluded that the slist-functionality would be suitable for being put in its own module rather than simply hanging out in lib/sendf.c so I created lib/slist.[ch] for them.
2009-03-09- Andreas Farber made the 'buildconf' script check for the presence of m4Daniel Stenberg
scripts to make it detect a bad checkout earlier. People with older checkouts who don't do cvs update with the -d option won't get the new dirs and then will get funny outputs that can be a bit hard to understand and fix.
2009-03-09Avoid a compile warning in --disable-proxy caseDan Fandrich
2009-03-08- Andre Guibert de Bruet found and fixed a code segment in ssluse.c where theDaniel Stenberg
allocation of the memory BIO was not being properly checked.
2009-03-08- Andre Guibert de Bruet fixed the gnutls-using code: There are a few placesDaniel Stenberg
in the gnutls code where we were checking for negative values for errors, when the man pages state that GNUTLS_E_SUCCESS is returned on success and other values indicate error conditions.
2009-03-08Andre Guibert de Bruet fixed a typo in the error messageDaniel Stenberg
2009-03-08- Bill Egert pointed out (http://curl.haxx.se/bug/view.cgi?id=2671602) thatDaniel Stenberg
curl didn't use sprintf() in a way that is documented to work in POSIX but since we use our own printf() code (from libcurl) that shouldn't be a problem. Nonetheless I modified the code to not rely on such particular features and to not cause further raised eyebrowse with no good reason.
2009-03-05Expanded the security section of the libcurl-tutorial man page to coverDan Fandrich
more issues for authors to consider when writing robust libcurl-using applications.
2009-03-05Fix NTLM authentication memory leak on SSPI enabled Windows buildsYang Tse
2009-03-04Fixed a problem with m4 quoting in the OpenSSL configure check reportedDan Fandrich
by Daniel Johnson.
2009-03-03Added test 1097 to verify the bug Axel Kuhn epidox posted on March 3 2009Daniel Stenberg
on curl-users, it is also added to DISABLED since I don't have time to work on it further right now.
2009-03-03- David James brought a patch that make libcurl close (all) dead connectionsDaniel Stenberg
whenever you attempt to open a new connection.
2009-03-0315 additional contributor from the 7.19.4 RELEASE-NOTESDaniel Stenberg
2009-03-03Gah! We can't have 'curl' added here since even though it removes the curlDaniel Stenberg
binary it also removes the include/curl subdir!
2009-03-03Options CURLOPT_REDIR_PROTOCOLS and CURLOPT_PROTOCOLS, and associated ↵Patrick Monnerat
definitions added to RPG binding
2009-03-02start over on the journey towards 7.19.5Daniel Stenberg
2009-03-02- David Kierznowski notified us about a security flawDaniel Stenberg
(http://curl.haxx.se/docs/adv_20090303.html also known as CVE-2009-0037) in which previous libcurl versions (by design) can be tricked to access an arbitrary local/different file instead of a remote one when CURLOPT_FOLLOWLOCATION is enabled. This flaw is now fixed in this release together this the addition of two new setopt options for controlling this new behavior: o CURLOPT_REDIR_PROTOCOLS controls what protocols libcurl is allowed to follow to when CURLOPT_FOLLOWLOCATION is enabled. By default, this option excludes the FILE and SCP protocols and thus you nee to explicitly allow them in your app if you really want that behavior. o CURLOPT_PROTOCOLS controls what protocol(s) libcurl is allowed to fetch using the primary URL option. This is useful if you want to allow a user or other outsiders control what URL to pass to libcurl and yet not allow all protocols libcurl may have been built to support.
2009-03-027.19.4 won't get anything elseDaniel Stenberg
2009-03-02the Eiffel bindingDaniel Stenberg
2009-03-01nothing more left for 7.19.4, the issue #216 is moved to 7.19.5 since we'reDaniel Stenberg
too close to release now
2009-02-28for portability reasons: s/inet_pton/Curl_inet_pton/Yang Tse
2009-02-28fix compiler warningYang Tse
2009-02-27mention the '-o -' trickDaniel Stenberg
2009-02-27217 - Dan Fandrich's "GnuTLS initialization thread safety"Daniel Stenberg
218 - Senthil Raja Velu's "CURLOPT_LOCALPORT option broken", patch by Markus Koetter Both are now committed
2009-02-27- Senthil Raja Velu reported a problem when CURLOPT_INTERFACE andDaniel Stenberg
CURLOPT_LOCALPORT were used together (the local port bind failed), and Markus Koetter provided the fix!
2009-02-27Indentation fixes, untabify and related whitespace-cleanup. No code changed.Daniel Stenberg
2009-02-25corrected and clarified the top commentDaniel Stenberg
2009-02-25- As Daniel Fandrich figured out, we must do the GnuTLS initing in theDaniel Stenberg
curl_global_init() function to properly maintain the performing functions thread-safe. We've previously (28 April 2007) moved the init to a later time just to avoid it to fail very early when libgcrypt dislikes the situation, but that move was bad and the fix should rather be in libgcrypt or elsewhere.