Age | Commit message (Collapse) | Author |
|
On second thought, I think CURLE_TLSAUTH_FAILED should be eliminated. It
was only being raised when an internal error occurred while allocating
or setting the GnuTLS SRP client credentials struct. For TLS
authentication failures, the general CURLE_SSL_CONNECT_ERROR seems
appropriate; its error string already includes "passwords" as a possible
cause. Having a separate TLS auth error code might also cause people to
think that a TLS auth failure means the wrong username or password was
entered, when it could also be a sign of a man-in-the-middle attack.
|
|
|
|
When the callback returns an error, this function must make sure to return
CURLE_ABORTED_BY_CALLBACK properly and not CURLE_OK as before to allow the
callback to properly abort the operation.
|
|
Reported by: Ian D Allen
Bug: https://bugs.launchpad.net/ubuntu/+source/curl/+bug/714895
Forwarded to us by:
Reported by: Andreas Olsson
Bug: http://curl.haxx.se/bug/view.cgi?id=3175422
|
|
The main has not been updated from some time and is out of sync with
the code. The code is now tested by several test cases so no need for
a seperate code path.
|
|
The state should not be anonymous so that we can check if the values
are fine. Added 2 unreachables states to the switch as a result of this
change.
|
|
|
|
Document Curl_gmtime() and define away the old functions so that they
won't be used internally again by mistake.
|
|
Instead of polluting many places with #ifdefs, we create a single place
for this function, and also check return code properly so that a NULL
pointer returned won't cause problems.
|
|
The official Mozilla page at http://www.mozilla.org/projects/security/certs/
points out a new place as the "proper" place to get Mozilla's CA certs from
so this script is now updated to use that instead.
Reported by: Daniel Mentz
|
|
The official Mozilla page at
http://www.mozilla.org/projects/security/certs/ points out a new place
as the "proper" place to get Mozilla's CA certs from so this script is
now updated to use that instead.
Reported by: Daniel Mentz
|
|
"SSL: couldn't create a context" really isn't that helpful, now it'll
also extract an explanation from OpenSSL and append to the right.
|
|
The code in the toofast state needs to first recalculate the values
before it uses them again since it may have been a while since it last
did it when it reaches this point.
|
|
|
|
|
|
|
|
|
|
This will be used by file_do() and Curl_readwrite() as a unified method
of checking to see if a remote document meets the supplied
CURLOPT_TIMEVAL and CURLOPT_TIMECONDITION.
Signed-off-by: Dave Reisner <d@falconindy.com>
|
|
"6.7 What are my obligations when using libcurl in my commercial apps?"
got the piece about what exactly "in all copies" mean to a user of the
code.
This interpretation is based on what other MIT-like licenses have made
more explicit.
|
|
The generic copyright year range now includes 2011
|
|
This is a separate makefile for MSVC builds. It is deliberately put in
another dir than src/ and lib/ to allow a different build experience
than the previous - at least during a period. Eventually we should
unify.
|
|
|
|
|
|
The double name resolve trick used with c-ares could leave allocated
memory in 'temp_ai' if the operation was aborted in the middle.
|
|
When this callback is called due to the destruction of the ares handle,
the connection pointer passed in as an argument may no longer pointing
to valid data and this function doesn't need to do anything with it
anyway so we make sure it doesn't.
Bug: http://curl.haxx.se/mail/lib-2011-01/0333.html
Reported by: Vsevolod Novikov
|
|
... in case more than one CA is loaded.
Bug: https://bugzilla.redhat.com/670802
|
|
|
|
|
|
The HTTP parser allocated memory on each received Location: header
without properly freeing old data. Starting now, the code only considers
the first Location: header and will blissfully ignore subsequent ones.
Bug: http://curl.haxx.se/bug/view.cgi?id=3165129
Reported by: Martin Lemke
|
|
|
|
|
|
|
|
|
|
Testing Curl_llist_insert_next
|
|
|
|
... to not make the connection between the tool and the libcurl used
tighter than necessary, the tlsauth options are now always present but
if the used libcurl doesn't have TLSAUTH support it will return failure.
Also, replaced strncmp() with strequal to get case insensitive matching.
|
|
|
|
Test case 1014 failed since TLS-SRP was correctly set to the features
variable so curl-config --features didn't output it.
|
|
|
|
|
|
The default value is 1.
curl _uses_ a default CA bundle, it doesn't install one.
Drop the references to 7.10 as that is now >8 years old!
|
|
Extended the intial HTTP protcol part and added a mention of --trace and
--trace-ascii.
Replaced most URLs in the text to use example.com instead of all the
made up strange names.
Shortened a bunch of lines.
|
|
Extended the descriptions somewhat and made the options get listed next
to each other.
|
|
|
|
|
|
Submitted by Vincent Torri.
|
|
... and update the curl.1 and curl_easy_setopt.3 man pages such that
they do not suggest to use an OpenSSL utility if curl is not built
against OpenSSL.
Bug: https://bugzilla.redhat.com/669702
|
|
|
|
Bug: http://curl.haxx.se/bug/view.cgi?id=3157232
Reported by: John Bradshaw
|
|
|