aboutsummaryrefslogtreecommitdiff
path: root/lib/http.c
AgeCommit message (Collapse)Author
2006-08-19Based on a patch by Armel Asselin, the FTP code no longer re-issues the TYPEDaniel Stenberg
command on subsequent requests on a re-used connection unless it has to.
2006-08-18Andrew Biggs pointed out a "Expect: 100-continue" flaw where libcurl didn'tDaniel Stenberg
send the whole request at once, even though the Expect: header was disabled by the application. An effect of this change is also that small (< 1024 bytes) POSTs are now always sent without Expect: header since we deem it more costly to bother about that than the risk that we send the data in vain.
2006-08-08Fixed a flaw in the "Expect: 100-continue" treatment. If you did two POSTsDaniel Stenberg
on a persistent connection and allowed the first to use that header, you could not disable it for the second request.
2006-08-02Mark Lentczner fixed how libcurl was not properly doing chunked encodingDaniel Stenberg
if the header "Transfer-Encoding: chunked" was set by the application. http://curl.haxx.se/bug/view.cgi?id=1531838
2006-07-27Yves Lejeune fixed so that replacing Content-Type: when doing multipartDaniel Stenberg
formposts work exactly the way you want it (and the way you'd assume it works)
2006-07-19remove variable declaration shadowing previously declared oneYang Tse
2006-07-19Remove variable declaration shadowing previously declared oneYang Tse
2006-07-04Toshiyuki Maezawa fixed a problem where you couldn't override theDaniel Stenberg
Proxy-Connection: header when using a proxy and not doing CONNECT.
2006-05-05Curl_https_getsock() was OpenSSL-specific and really should not be presentDaniel Stenberg
like this in this source file. The quickfix for now is to provide a simple version for GnuTLS builds. The GnuTLS version of libcurl doesn't yet allow fully non-blocking connects anyway so this function doesn't get used.
2006-05-04Roland Blom filed bug report #1481217Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=1481217), with follow-ups by Michele Bini and David Byron. libcurl previously wrongly used GetLastError() on windows to get error details after socket-related function calls, when it really should use WSAGetLastError() instead. When changing to this, the former function Curl_ourerrno() is now instead called Curl_sockerrno() as it is necessary to only use it to get errno from socket-related functions as otherwise it won't work as intended on Windows.
2006-04-10First curl_multi_socket() commit. Should primarily be considered as an internalDaniel Stenberg
code rearrange to fit the future better.
2006-03-21Xavier Bouchoux made the SSL connection non-blocking for the multi interfaceDaniel Stenberg
(when using OpenSSL).
2006-02-11Karl M added the CURLOPT_CONNECT_ONLY and CURLINFO_LASTSOCKET options thatDaniel Stenberg
an app can use to let libcurl only connect to a remote host and then extract the socket from libcurl. libcurl will then not attempt to do any transfer at all after the connect is done.
2006-01-09Made the copyright year match the latest modification's year.Daniel Stenberg
2006-01-07Mike Jean fixed so that the second CONNECT when doing FTP over a HTTP proxyDaniel Stenberg
actually used a new connection and not sent the second request on the first socket!
2005-10-20Dave Dribin made libcurl understand and handle cases when the serverDaniel Stenberg
(wrongly) sends *two* WWW-Authenticate headers for Digest. While this should never happen in a sane world, libcurl previously got into an infinite loop when this occurred. Dave added test 273 to verify this.
2005-07-05correction for the 407 with response-body caseDaniel Stenberg
2005-07-03Andrew Bushnell provided enough info for me to tell that we badly needed toDaniel Stenberg
fix the CONNECT authentication code with multi-pass auth methods (such as NTLM) as it didn't previously properly ignore response-bodies - in fact it stopped reading after all response headers had been received. This could lead to libcurl sending the next request and reading the body from the first request as response to the second request. (I also renamed the function, which wasn't strictly necessary but...) The best fix would to once and for all make the CONNECT code use the ordinary request sending/receiving code, treating it as any ordinary request instead of the special-purpose function we have now. It should make it better for multi-interface too. And possibly lead to less code... Added test case 265 for this. It doesn't work as a _really_ good test case since the test proxy is too stupid, but the test case helps when running the debugger to verify.
2005-05-11Modified the default HTTP headers used by libcurl:Daniel Stenberg
A) Normal non-proxy HTTP: - no more "Pragma: no-cache" (this only makes sense to proxies) B) Non-CONNECT HTTP request over proxy: - "Pragma: no-cache" is used (like before) - "Proxy-Connection: Keep-alive" (for older style 1.0-proxies) C) CONNECT HTTP request over proxy: - "Host: [name]:[port]" - "Proxy-Connection: Keep-alive"
2005-04-25Fred New reported a bug where we used Basic auth and user name and password inDaniel Stenberg
.netrc, and when following a Location: the subsequent requests didn't properly use the auth as found in the netrc file. Added test case 257 to verify my fix.
2005-04-18Toshiyuki Maezawa reported that when doing a POST with a read callback,Daniel Stenberg
libcurl didn't properly send an Expect: 100-continue header. It does now.
2005-04-07GnuTLS support added. There's now a "generic" SSL layer that we use all overDaniel Stenberg
internally, with code provided by sslgen.c. All SSL-layer-specific code is then written in ssluse.c (for OpenSSL) and gtls.c (for GnuTLS). As far as possible, internals should not need to know what SSL layer that is in use. Building with GnuTLS currently makes two test cases fail. TODO.gnutls contains a few known outstanding issues for the GnuTLS support. GnuTLS support is enabled with configure --with-gnutls
2005-04-03Hardeep Singh reported a problem doing HTTP POST with Digest. (It was actuallyDaniel Stenberg
also affecting NTLM and Negotiate.) It turned out that if the server responded with 100 Continue before the initial 401 response, libcurl didn't take care of the response properly. Test case 245 and 246 added to verify this.
2005-03-29Don't close the connection if we're in a known negotiation mode and we won'tDaniel Stenberg
send any data anyway. Probably the bug Tom Moers noticed.
2005-03-28Based on Augustus Saunders' comments and findings, the HTTP output authDaniel Stenberg
function was fixed to use the proper proxy authentication when multiple ones were added as accepted. test 239 and test 243 were added to repeat the problems and verify the fixes.
2005-03-10Christopher R. Palmer made it possible to build libcurl with theDaniel Stenberg
USE_WINDOWS_SSPI on Windows, and then libcurl will be built to use the native way to do NTLM. SSPI also allows libcurl to pass on the current user and its password in the request.
2005-02-18Ralph Mitchell reported a flaw when you used a proxy with auth, and youDaniel Stenberg
requested data from a host and then followed a redirect to another host. libcurl then didn't use the proxy-auth properly in the second request, due to the host-only check for original host name wrongly being extended to the proxy auth as well. Added test case 233 to verify the flaw and that the fix removed the problem.
2005-02-16Christopher R. Palmer reported a problem with HTTP-POSTing using "anyauth"Daniel Stenberg
that picks NTLM. Thanks to David Byron letting me test NTLM against his servers, I could quickly repeat and fix the problem. It turned out to be: When libcurl POSTs without knowing/using an authentication and it gets back a list of types from which it picks NTLM, it needs to either continue sending its data if it keeps the connection alive, or not send the data but close the connection. Then do the first step in the NTLM auth. libcurl didn't send the data nor close the connection but simply read the response-body and then sent the first negotiation step. Which then failed miserably of course. The fixed version forces a connection if there is more than 2000 bytes left to send.
2005-02-11Removed all uses of strftime() since it uses the localised version of theDaniel Stenberg
week day names and month names and servers don't like that.
2005-02-09FTP code turned into state machine. Not completely yet, but a good start.Daniel Stenberg
The tag 'before_ftp_statemachine' was set just before this commit in case of future need.
2005-02-06Preserve previous status in Curl_http_done().Gisle Vanem
2005-01-21FTP third transfer support overhaul. See CHANGES for details.Daniel Stenberg
2004-12-16NULL the fp pointer after it has been fclosed()Daniel Stenberg
2004-12-16Dinar in bug report #1086121, found a file handle leak when a multipartDaniel Stenberg
formpost (including a file upload part) was aborted before the whole file was sent.
2004-12-10don't try the rewind if no http struct is allocated yetDaniel Stenberg
2004-12-05Dan Fandrich added the --disable-cookies option to configure to buildDaniel Stenberg
libcurl without cookie support. This is mainly useful if you want to build a minimalistic libcurl with no cookies support at all. Like for embedded systems or similar.
2004-12-02made the intended one hour default timeout in the CONNECT loop actually workDaniel Stenberg
2004-12-02comment cleanupDaniel Stenberg
2004-12-02prevent an initial "(nil)" to get sent in the initial request when doingDaniel Stenberg
CONNECT to a proxy with digest
2004-11-24HTTP "auth done right". See lib/README.httpauthDaniel Stenberg
2004-11-19David Phillips' FD_SETSIZE fixDaniel Stenberg
2004-11-12Dan Fandrich added the --disable-crypto-auth option to configure to allowDaniel Stenberg
libcurl to build without Digest support. (I figure it should also explicitly disable Negotiate and NTLM.)
2004-11-11Fix behaviour when passing NULL to CURLOPT_POSTFIELDS and CURLOPT_HTTPPOST.Daniel Stenberg
2004-11-05Tim Sneddon's VMS fix for huge HTTP POSTsDaniel Stenberg
2004-11-02Paul Nolan fix to make libcurl build nicely on Windows CEDaniel Stenberg
2004-10-25Tomas Pospisek filed bug report #1053287 that proved -C - and --fail on aDaniel Stenberg
file that was already completely downloaded caused an error, while it doesn't if you don't use --fail! I added test case 194 to verify the fix. Grrr. CURLOPT_FAILONERROR is now added to the list stuff to remove in libcurl v8 due to all the kludges needed to support it.
2004-10-06removed tabs and trailing whitespace from sourceDaniel Stenberg
2004-09-10- Bug report #1025986. When following a Location: with a custom Host: headerDaniel Stenberg
replacement, curl only replaced the Host: header on the initial request and didn't replace it on the following ones. This resulted in requests with two Host: headers. Now, curl checks if the location is on the same host as the initial request and then continues to replace the Host: header. And when it moves to another host, it doesn't replace the Host: header but it also doesn't make the second Host: header get used in the request. This change is verified by the two new test cases 184 and 185.
2004-08-23Roman Koifman pointed out that libcurl send Expect: 100-continue on POSTs andDaniel Stenberg
PUTs even when told to use HTTP 1.0, which is not correct.
2004-08-16allow a custom "Accept-Encoding:" header override the internally set oneDaniel Stenberg
that gets set with CURLOPT_ENCODING