aboutsummaryrefslogtreecommitdiff
path: root/CHANGES
AgeCommit message (Collapse)Author
2010-06-05OpenSSL: fix spurious SSL connection abortsConstantine Sapuntzakis
Was seeing spurious SSL connection aborts using libcurl and OpenSSL. I tracked it down to uncleared error state on the OpenSSL error stack - patch attached deals with that. Rough idea of problem: Code that uses libcurl calls some library that uses OpenSSL but don't clear the OpenSSL error stack after an error. ssluse.c calls SSL_read which eventually gets an EWOULDBLOCK from the OS. Returns -1 to indicate an error ssluse.c calls SSL_get_error. First thing, SSL_get_error calls ERR_get_error to check the OpenSSL error stack, finds an old error and returns SSL_ERROR_SSL instead of SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE. ssluse.c returns an error and aborts the connection Solution: Clear the openssl error stack before calling SSL_* operation if we're going to call SSL_get_error afterwards. Notes: This is much more likely to happen with multi because it's easier to intersperse other calls to the OpenSSL library in the same thread.
2010-06-05getinfo: added *_PRIMARY_PORT, *_LOCAL_IP and *_LOCAL_PORTFrank Meier
2010-06-04Enable OpenLDAP support for cygwin builds.Yang Tse
Enable OpenLDAP support for cygwin builds. This support was disabled back in 2008 due to incompatibilities between OpenSSL and OpenLDAP headers. cygwin's OpenSSL 0.9.8l and OpenLDAP 2.3.43 versions on cygwin 1.5.25 allow building an OpenLDAP enabled libcurl supporting back to Windows 95. Remove non-functional CURL_LDAP_HYBRID code and references.
2010-06-02SSH: corrected the inability to respect the timeoutDaniel Stenberg
Jason McDonald posted bug report #3006786 when he found that the SFTP code didn't timeout properly in several places in the code even if a timeout was set properly. Based on his suggested patch, I wrote a different implementation that I think addressed the issue better and also uses the connect timeout for the initial part of the SSH/SFTP done during the "protocol connect" phase. (http://curl.haxx.se/bug/view.cgi?id=3006786)
2010-06-02mention last changesYang Tse
2010-06-01multi_socket: handles timer inaccuracy better for timeoutsDaniel Stenberg
Igor Novoseltsev reported a problem with the multi socket API and using timeouts and timers. It boiled down to a problem with libcurl's use of GetTickCount() interally to figure out the current time, while Igor's own application code used another function call. It made his app call the socket API timeout function a bit _before_ libcurl would consider the timeout to trigger, and that could easily lead to timeouts or stalls in the app. It seems GetTickCount() in general often has no better resolution than 16ms and switching to the alternative function QueryPerformanceCounter has its share of problems: http://www.virtualdub.org/blog/pivot/entry.php?id=106 We address this problem by simply having libcurl treat timers that already has occured or will occur within 40ms subject for treatment. I'm confident that there are other implementations and operating systems with similarly in accurate timer functions so it makes sense to have applied generically and I don't believe we sacrifice much by adding a 40ms inaccuracy on these timeouts.
2010-05-27test313: a new test for CRL supportKamil Dudka
2010-05-27setup_once: use enum type for 'bool' on non-C99 platformsTor Arntsen
An enum will catch non-bool assignments to bool on platforms with a strict compiler, e.g MIPSPro. Signed-off-by: Kamil Dudka <kdudka@redhat.com>
2010-05-26RTMP: Fix compiler warningsJulien Chaffraix
2010-05-26OOM fixes in http_negociate.c and lib/splay.cJulien Chaffraix
Fix 2 OOM errors: a missing NULL-check in lib/http_negociate.c and a potential NULL dereferencing in lib/splay.c
2010-05-25LDAP: properly implemented as a curl_handlerHoward Chu
makes the LDAP code much cleaner, nicer and in general being a better libcurl citizen. If a new enough OpenLDAP version is detect, the new and shiny lib/openldap.c code is then used instead of the old cruft Code by Howard, minor cleanups by Daniel.
2010-05-21TFTP: send legal timeout valueDaniel Stenberg
Eric Mertens posted bug #3003705: when we made TFTP use the correct timeout option when sent to the server (fixed May 18th 2010) it became obvious that libcurl used invalid timeout values (300 by default while the RFC allows nothing above 255). While of course it is obvious that as TFTP has worked thus far without being able to set timeout at all, just removing the setting wouldn't make any difference in behavior. I decided to still keep it (but fix the problem) as it now actually allows for easier (future) customization of the timeout. (http://curl.haxx.se/bug/view.cgi?id=3003705)
2010-05-21TFTP: block id wrap bug fixDaniel Stenberg
In a normal expression, doing [unsigned short] + 1 will not wrap at 16 bits so the comparisons and outputs were done wrong. I added a macro do make sure it gets done right. Douglas Kilpatrick filed bug report #3004787 about it: http://curl.haxx.se/bug/view.cgi?id=3004787
2010-05-20build: allow curl to build with Microsoft VC10Tanguy Fautre
By undefing a bunch of E* defines that VC10 has started to define but that we redefine internally to their WSA* alternatives when building for Windows.
2010-05-18TFTP: send timeout option correctlyDaniel Stenberg
Eric Mertens posted bug report #3003005 pointing out that the libcurl TFTP code was not sending the timeout option properly to the server, and suggested a fix. (http://curl.haxx.se/bug/view.cgi?id=3003005)
2010-05-16ftp wildcard: a new option CURLOPT_FNMATCH_DATAKamil Dudka
2010-05-14OpenSSL: multi interface handshake could hangDaniel Stenberg
John-Mark Bell filed bug #3000052 that identified a problem (with an associated patch) with the OpenSSL handshake state machine when the multi interface is used: Performing an https request using a curl multi handle and using select or epoll to wait for events results in a hang. It appears that the cause is the fix for bug #2958179, which makes ossl_connect_common unconditionally return from the step 2 loop when fetching from a multi handle. When ossl_connect_step2 has completed, it updates connssl->connecting_state to ssl_connect_3. ossl_connect_common will then return to the caller, as a multi handle is in use. Eventually, the client code will call curl_multi_fdset to obtain an updated fdset to select or epoll on. For https requests, curl_multi_fdset will cause https_getsock to be called. https_getsock will only return a socket handle if the connecting_state is ssl_connect_2_reading or ssl_connect_2_writing. Therefore, the client will never obtain a valid fdset, and thus not drive the multi handle, resulting in a hang. (http://curl.haxx.se/bug/view.cgi?id=3000052)
2010-05-14changelog: add link to bug reportDaniel Stenberg
2010-05-14follow redirect: ignore response-body on redirect even if compressedDaniel Stenberg
Sebastian V reported bug #3000056 identifying a problem with redirect following. It showed that when curl followed redirects it didn't properly ignore the response body of the 30X response if that response was using compressed Content-Encoding! (http://curl.haxx.se/bug/view.cgi?id=3000056)
2010-05-13changelogs: mention RTMP and the FTP wildcard supportDaniel Stenberg
2010-05-11changelog: fixed CRL support in libcurl-NSSKamil Dudka
2010-05-07multi interface: missed storing connection timeDaniel Stenberg
Dirk Manske reported a regression. When connecting with the multi interface, there were situations where libcurl wouldn't store connect time correctly as it used to (and is documented to) do. Using his fine sample program we could repeat it, and I wrote up test case 573 using that code. The problem does not easily show itself using the local test suite though. The fix, also as suggested by Dirk, is a bit on the ugly side as it adds yet another call to Curl_verboseconnect() and setting the TIMER_CONNECT time. That situation is subject for some closer inspection in the future.
2010-05-07changelogs: split the I/O handlingDaniel Stenberg
2010-05-05changelog: PolarSSLDaniel Stenberg
2010-04-29changelog: mention Ben Greear's telnet workDaniel Stenberg
2010-04-26SSH: init and cleanup libssh2 in global_init/cleanupDaniel Stenberg
The necessary libssh2 functions require libssh2 1.2.5 or later.
2010-04-25new configure option --enable-threaded-resolverDaniel Stenberg
2010-04-24nss: fix SSL handshake timeout underflowKamil Dudka
2010-04-24changelog: added the --proto and -proto-redir optionsDaniel Stenberg
2010-04-24test536: do not fail with threaded DNS resolverKamil Dudka
Also tweaked comments in certain examples using curl_multi_fdset().
2010-04-21curl: -O crash on windowsDaniel Stenberg
The -O option caused curl to crash on windows and DOS due to the tool writing out of boundary memory.
2010-04-20replaced wsock32.lib usage with ws2_32.lib in MSVC makefilesRuslan Gazizov
2010-04-19changelog: -J/--remote-header-name strips CRLFDaniel Stenberg
2010-04-16changelog: GnuTLS: SSL handshake phase is non-blockingDaniel Stenberg
2010-04-16changelog: GnuTLS fix, no reverse loopkups and fixed GSS detectionDaniel Stenberg
2010-04-15changelog: prevent needless reverse name lookupsDaniel Stenberg
2010-04-147.20.1: 14 April 2010Daniel Stenberg
2010-04-09FTP quote commands prefixed with '*' now can fail without abortingDaniel Stenberg
Prefixing the FTP quote commands with an asterisk really only worked for the postquote actions. This is now fixed and test case 227 has been extended to verify.
2010-04-06nss: handle client certificate related errorsKamil Dudka
2010-04-04refactorize interface of Curl_ssl_recv/Curl_ssl_sendKamil Dudka
2010-04-04eliminate a race condition in Curl_resolv_timeout()Kamil Dudka
2010-04-01fix SFTP download hangDaniel Stenberg
Matt Wixson found and fixed a bug in the SCP/SFTP area where the code treated a 0 return code from libssh2 to be the same as EAGAIN while in reality it isn't. The problem caused a hang in SFTP transfers from a MessageWay server.
2010-03-28Ben's POP3 changeDaniel Stenberg
2010-03-27allow user+password in the URL for all protocolsBen Greear
Ben Greear brought a patch that from now on allows all protocols to specify name and user within the URL, in the same manner HTTP and FTP have been allowed to in the past - although far from all of the libcurl supported protocols actually have that feature in their URL definition spec.
2010-03-26changelogged: smoother rate limitingDaniel Stenberg
2010-03-24fix: timeout after last data chunk was handledBob Richmond
Bob Richmond: There's an annoying situation where libcurl will read new HTTP response data from a socket, then check if it's a timeout if one is set. If the last packet received constitutes the end of the response body, libcurl still treats it as a timeout condition and reports a message like: "Operation timed out after 3000 milliseconds with 876 out of 876 bytes received" It should only a timeout if the timer lapsed and we DIDN'T receive the end of the response body yet.
2010-03-24RTSP GET_PARAMETER fixDaniel Stenberg
Christopher Conroy fixed a problem with RTSP and GET_PARAMETER reported to us by Massimo Callegari. There's a new test case 572 that verifies this now.
2010-03-24The 'ares' subtree has been removed from the source repositoryDaniel Stenberg
2010-03-23mark connection as connectedDaniel Stenberg
Kenny To filed the bug report #2963679 with patch to fix a problem he experienced with doing multi interface HTTP POST over a proxy using PROXYTUNNEL. He found a case where it would connect fine but bits.tcpconnect was not set correct so libcurl didn't work properly. (http://curl.haxx.se/bug/view.cgi?id=2963679)
2010-03-23chunked-encoding with Content-Length: header problemDaniel Stenberg
Akos Pasztory filed debian bug report #572276 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572276 mentioning a problem with a resource that returns chunked-encoded _and_ with a Content-Length and libcurl failed to properly ignore the latter information.