Age | Commit message (Collapse) | Author | |
---|---|---|---|
2005-04-03 | Hardeep Singh reported a problem doing HTTP POST with Digest. (It was actually | Daniel Stenberg | |
also affecting NTLM and Negotiate.) It turned out that if the server responded with 100 Continue before the initial 401 response, libcurl didn't take care of the response properly. Test case 245 and 246 added to verify this. | |||
2005-03-29 | Don't close the connection if we're in a known negotiation mode and we won't | Daniel Stenberg | |
send any data anyway. Probably the bug Tom Moers noticed. | |||
2005-03-28 | Based on Augustus Saunders' comments and findings, the HTTP output auth | Daniel Stenberg | |
function was fixed to use the proper proxy authentication when multiple ones were added as accepted. test 239 and test 243 were added to repeat the problems and verify the fixes. | |||
2005-03-10 | Christopher R. Palmer made it possible to build libcurl with the | Daniel Stenberg | |
USE_WINDOWS_SSPI on Windows, and then libcurl will be built to use the native way to do NTLM. SSPI also allows libcurl to pass on the current user and its password in the request. | |||
2005-02-18 | Ralph Mitchell reported a flaw when you used a proxy with auth, and you | Daniel Stenberg | |
requested data from a host and then followed a redirect to another host. libcurl then didn't use the proxy-auth properly in the second request, due to the host-only check for original host name wrongly being extended to the proxy auth as well. Added test case 233 to verify the flaw and that the fix removed the problem. | |||
2005-02-16 | Christopher R. Palmer reported a problem with HTTP-POSTing using "anyauth" | Daniel Stenberg | |
that picks NTLM. Thanks to David Byron letting me test NTLM against his servers, I could quickly repeat and fix the problem. It turned out to be: When libcurl POSTs without knowing/using an authentication and it gets back a list of types from which it picks NTLM, it needs to either continue sending its data if it keeps the connection alive, or not send the data but close the connection. Then do the first step in the NTLM auth. libcurl didn't send the data nor close the connection but simply read the response-body and then sent the first negotiation step. Which then failed miserably of course. The fixed version forces a connection if there is more than 2000 bytes left to send. | |||
2005-02-11 | Removed all uses of strftime() since it uses the localised version of the | Daniel Stenberg | |
week day names and month names and servers don't like that. | |||
2005-02-09 | FTP code turned into state machine. Not completely yet, but a good start. | Daniel Stenberg | |
The tag 'before_ftp_statemachine' was set just before this commit in case of future need. | |||
2005-02-06 | Preserve previous status in Curl_http_done(). | Gisle Vanem | |
2005-01-21 | FTP third transfer support overhaul. See CHANGES for details. | Daniel Stenberg | |
2004-12-16 | NULL the fp pointer after it has been fclosed() | Daniel Stenberg | |
2004-12-16 | Dinar in bug report #1086121, found a file handle leak when a multipart | Daniel Stenberg | |
formpost (including a file upload part) was aborted before the whole file was sent. | |||
2004-12-10 | don't try the rewind if no http struct is allocated yet | Daniel Stenberg | |
2004-12-05 | Dan Fandrich added the --disable-cookies option to configure to build | Daniel Stenberg | |
libcurl without cookie support. This is mainly useful if you want to build a minimalistic libcurl with no cookies support at all. Like for embedded systems or similar. | |||
2004-12-02 | made the intended one hour default timeout in the CONNECT loop actually work | Daniel Stenberg | |
2004-12-02 | comment cleanup | Daniel Stenberg | |
2004-12-02 | prevent an initial "(nil)" to get sent in the initial request when doing | Daniel Stenberg | |
CONNECT to a proxy with digest | |||
2004-11-24 | HTTP "auth done right". See lib/README.httpauth | Daniel Stenberg | |
2004-11-19 | David Phillips' FD_SETSIZE fix | Daniel Stenberg | |
2004-11-12 | Dan Fandrich added the --disable-crypto-auth option to configure to allow | Daniel Stenberg | |
libcurl to build without Digest support. (I figure it should also explicitly disable Negotiate and NTLM.) | |||
2004-11-11 | Fix behaviour when passing NULL to CURLOPT_POSTFIELDS and CURLOPT_HTTPPOST. | Daniel Stenberg | |
2004-11-05 | Tim Sneddon's VMS fix for huge HTTP POSTs | Daniel Stenberg | |
2004-11-02 | Paul Nolan fix to make libcurl build nicely on Windows CE | Daniel Stenberg | |
2004-10-25 | Tomas Pospisek filed bug report #1053287 that proved -C - and --fail on a | Daniel Stenberg | |
file that was already completely downloaded caused an error, while it doesn't if you don't use --fail! I added test case 194 to verify the fix. Grrr. CURLOPT_FAILONERROR is now added to the list stuff to remove in libcurl v8 due to all the kludges needed to support it. | |||
2004-10-06 | removed tabs and trailing whitespace from source | Daniel Stenberg | |
2004-09-10 | - Bug report #1025986. When following a Location: with a custom Host: header | Daniel Stenberg | |
replacement, curl only replaced the Host: header on the initial request and didn't replace it on the following ones. This resulted in requests with two Host: headers. Now, curl checks if the location is on the same host as the initial request and then continues to replace the Host: header. And when it moves to another host, it doesn't replace the Host: header but it also doesn't make the second Host: header get used in the request. This change is verified by the two new test cases 184 and 185. | |||
2004-08-23 | Roman Koifman pointed out that libcurl send Expect: 100-continue on POSTs and | Daniel Stenberg | |
PUTs even when told to use HTTP 1.0, which is not correct. | |||
2004-08-16 | allow a custom "Accept-Encoding:" header override the internally set one | Daniel Stenberg | |
that gets set with CURLOPT_ENCODING | |||
2004-08-16 | Roland Krikava's cookies over proxy fix. | Daniel Stenberg | |
2004-07-28 | Fixes Brian Akins' reported problems with duplicate Host: headers on re-used | Daniel Stenberg | |
connections. | |||
2004-07-01 | typecast to prevent picky compiler warning | Daniel Stenberg | |
2004-07-01 | spellfixed comments | Daniel Stenberg | |
2004-06-24 | use snprintf() to be on the safe side | Daniel Stenberg | |
2004-06-19 | When doing auth negotiations or authprobing, we only consider HTTP code | Daniel Stenberg | |
<300 to be good. | |||
2004-06-18 | With David Byron's test server I could repeat his problem and make sure that | Daniel Stenberg | |
POSTing over HTTPS:// with NTLM works fine now. There was a general problem with multi-pass authentication with non-GET operations with CONNECT. | |||
2004-06-15 | Fix the auth code to enable us to i.e set DIGEST and then find out that the | Daniel Stenberg | |
server doesn't require any auth at all and then we just continue nicely. We now have an extra bit in the connection struct named 'authprobe' that is TRUE when doing pure "HTTP authentication probing". | |||
2004-06-13 | moved default: in a switch case to prevent compiler warning that 'request' | Daniel Stenberg | |
might be used uninitialized | |||
2004-06-03 | updated a comment | Daniel Stenberg | |
2004-06-03 | Alexander Krasnostavsky's FTP third party transfer (proxy) support | Daniel Stenberg | |
2004-05-26 | Added a new 'bit' in the connect struct named 'tunnel_proxy' that is set | Daniel Stenberg | |
if a connection is tunneled through a proxy. A tunnel is done with CONNECT, either when using HTTPS or FTPS, or if explicitly enabled by the app. | |||
2004-05-24 | Robert D. Young reported that CURLOPT_COOKIEFILE and CURLOPT_COOKIE could | Daniel Stenberg | |
not be used both in one request. Fixed it and added test case 172 to verify. | |||
2004-05-12 | Curl_done() and the protocol-specific conn->curl_done() functions now all | Daniel Stenberg | |
take a CURLcode as a second argument, that is non-zero when Curl_done() is called after an error was returned from Curl_do() (or similar). | |||
2004-05-11 | curl_global_init_mem() allows the memory functions to be replaced. | Daniel Stenberg | |
memory.h is included everywhere for this. | |||
2004-05-10 | Moved the fetching of the list of matching cookies to make it easier to free | Daniel Stenberg | |
that list in case something goes wrong in the function and we must bail out. Courtesy of the torture testing. | |||
2004-05-10 | typo | Daniel Stenberg | |
2004-05-10 | better detection for when add_buffer() returns failure, and return when that | Daniel Stenberg | |
happens | |||
2004-05-05 | initiate variables properly to default to no auth for server and proxy | Daniel Stenberg | |
2004-05-04 | bail out when an add_buffer() function returns failure | Daniel Stenberg | |
2004-05-04 | check malloc() return code | Daniel Stenberg | |
2004-05-04 | General HTTP authentication cleanup and fixes | Daniel Stenberg | |