aboutsummaryrefslogtreecommitdiff
path: root/lib/http.c
AgeCommit message (Collapse)Author
2005-03-28Based on Augustus Saunders' comments and findings, the HTTP output authDaniel Stenberg
function was fixed to use the proper proxy authentication when multiple ones were added as accepted. test 239 and test 243 were added to repeat the problems and verify the fixes.
2005-03-10Christopher R. Palmer made it possible to build libcurl with theDaniel Stenberg
USE_WINDOWS_SSPI on Windows, and then libcurl will be built to use the native way to do NTLM. SSPI also allows libcurl to pass on the current user and its password in the request.
2005-02-18Ralph Mitchell reported a flaw when you used a proxy with auth, and youDaniel Stenberg
requested data from a host and then followed a redirect to another host. libcurl then didn't use the proxy-auth properly in the second request, due to the host-only check for original host name wrongly being extended to the proxy auth as well. Added test case 233 to verify the flaw and that the fix removed the problem.
2005-02-16Christopher R. Palmer reported a problem with HTTP-POSTing using "anyauth"Daniel Stenberg
that picks NTLM. Thanks to David Byron letting me test NTLM against his servers, I could quickly repeat and fix the problem. It turned out to be: When libcurl POSTs without knowing/using an authentication and it gets back a list of types from which it picks NTLM, it needs to either continue sending its data if it keeps the connection alive, or not send the data but close the connection. Then do the first step in the NTLM auth. libcurl didn't send the data nor close the connection but simply read the response-body and then sent the first negotiation step. Which then failed miserably of course. The fixed version forces a connection if there is more than 2000 bytes left to send.
2005-02-11Removed all uses of strftime() since it uses the localised version of theDaniel Stenberg
week day names and month names and servers don't like that.
2005-02-09FTP code turned into state machine. Not completely yet, but a good start.Daniel Stenberg
The tag 'before_ftp_statemachine' was set just before this commit in case of future need.
2005-02-06Preserve previous status in Curl_http_done().Gisle Vanem
2005-01-21FTP third transfer support overhaul. See CHANGES for details.Daniel Stenberg
2004-12-16NULL the fp pointer after it has been fclosed()Daniel Stenberg
2004-12-16Dinar in bug report #1086121, found a file handle leak when a multipartDaniel Stenberg
formpost (including a file upload part) was aborted before the whole file was sent.
2004-12-10don't try the rewind if no http struct is allocated yetDaniel Stenberg
2004-12-05Dan Fandrich added the --disable-cookies option to configure to buildDaniel Stenberg
libcurl without cookie support. This is mainly useful if you want to build a minimalistic libcurl with no cookies support at all. Like for embedded systems or similar.
2004-12-02made the intended one hour default timeout in the CONNECT loop actually workDaniel Stenberg
2004-12-02comment cleanupDaniel Stenberg
2004-12-02prevent an initial "(nil)" to get sent in the initial request when doingDaniel Stenberg
CONNECT to a proxy with digest
2004-11-24HTTP "auth done right". See lib/README.httpauthDaniel Stenberg
2004-11-19David Phillips' FD_SETSIZE fixDaniel Stenberg
2004-11-12Dan Fandrich added the --disable-crypto-auth option to configure to allowDaniel Stenberg
libcurl to build without Digest support. (I figure it should also explicitly disable Negotiate and NTLM.)
2004-11-11Fix behaviour when passing NULL to CURLOPT_POSTFIELDS and CURLOPT_HTTPPOST.Daniel Stenberg
2004-11-05Tim Sneddon's VMS fix for huge HTTP POSTsDaniel Stenberg
2004-11-02Paul Nolan fix to make libcurl build nicely on Windows CEDaniel Stenberg
2004-10-25Tomas Pospisek filed bug report #1053287 that proved -C - and --fail on aDaniel Stenberg
file that was already completely downloaded caused an error, while it doesn't if you don't use --fail! I added test case 194 to verify the fix. Grrr. CURLOPT_FAILONERROR is now added to the list stuff to remove in libcurl v8 due to all the kludges needed to support it.
2004-10-06removed tabs and trailing whitespace from sourceDaniel Stenberg
2004-09-10- Bug report #1025986. When following a Location: with a custom Host: headerDaniel Stenberg
replacement, curl only replaced the Host: header on the initial request and didn't replace it on the following ones. This resulted in requests with two Host: headers. Now, curl checks if the location is on the same host as the initial request and then continues to replace the Host: header. And when it moves to another host, it doesn't replace the Host: header but it also doesn't make the second Host: header get used in the request. This change is verified by the two new test cases 184 and 185.
2004-08-23Roman Koifman pointed out that libcurl send Expect: 100-continue on POSTs andDaniel Stenberg
PUTs even when told to use HTTP 1.0, which is not correct.
2004-08-16allow a custom "Accept-Encoding:" header override the internally set oneDaniel Stenberg
that gets set with CURLOPT_ENCODING
2004-08-16Roland Krikava's cookies over proxy fix.Daniel Stenberg
2004-07-28Fixes Brian Akins' reported problems with duplicate Host: headers on re-usedDaniel Stenberg
connections.
2004-07-01typecast to prevent picky compiler warningDaniel Stenberg
2004-07-01spellfixed commentsDaniel Stenberg
2004-06-24use snprintf() to be on the safe sideDaniel Stenberg
2004-06-19When doing auth negotiations or authprobing, we only consider HTTP codeDaniel Stenberg
<300 to be good.
2004-06-18With David Byron's test server I could repeat his problem and make sure thatDaniel Stenberg
POSTing over HTTPS:// with NTLM works fine now. There was a general problem with multi-pass authentication with non-GET operations with CONNECT.
2004-06-15Fix the auth code to enable us to i.e set DIGEST and then find out that theDaniel Stenberg
server doesn't require any auth at all and then we just continue nicely. We now have an extra bit in the connection struct named 'authprobe' that is TRUE when doing pure "HTTP authentication probing".
2004-06-13moved default: in a switch case to prevent compiler warning that 'request'Daniel Stenberg
might be used uninitialized
2004-06-03updated a commentDaniel Stenberg
2004-06-03Alexander Krasnostavsky's FTP third party transfer (proxy) supportDaniel Stenberg
2004-05-26Added a new 'bit' in the connect struct named 'tunnel_proxy' that is setDaniel Stenberg
if a connection is tunneled through a proxy. A tunnel is done with CONNECT, either when using HTTPS or FTPS, or if explicitly enabled by the app.
2004-05-24Robert D. Young reported that CURLOPT_COOKIEFILE and CURLOPT_COOKIE couldDaniel Stenberg
not be used both in one request. Fixed it and added test case 172 to verify.
2004-05-12Curl_done() and the protocol-specific conn->curl_done() functions now allDaniel Stenberg
take a CURLcode as a second argument, that is non-zero when Curl_done() is called after an error was returned from Curl_do() (or similar).
2004-05-11curl_global_init_mem() allows the memory functions to be replaced.Daniel Stenberg
memory.h is included everywhere for this.
2004-05-10Moved the fetching of the list of matching cookies to make it easier to freeDaniel Stenberg
that list in case something goes wrong in the function and we must bail out. Courtesy of the torture testing.
2004-05-10typoDaniel Stenberg
2004-05-10better detection for when add_buffer() returns failure, and return when thatDaniel Stenberg
happens
2004-05-05initiate variables properly to default to no auth for server and proxyDaniel Stenberg
2004-05-04bail out when an add_buffer() function returns failureDaniel Stenberg
2004-05-04check malloc() return codeDaniel Stenberg
2004-05-04General HTTP authentication cleanup and fixesDaniel Stenberg
2004-04-29fixed the host/proxy name issue when re-using a connection and made IDN namesDaniel Stenberg
work when using proxy by converting the IDN-name to the ACE-encoded version before the request-URL is passed to the proxy.
2004-04-27Made host name and proxy name get stored in a 'struct hostname' and setDaniel Stenberg
all things up to work with encoded host names internally, as well as keeping 'display names' to show in debug messages. IDN resolves work for me now using ipv6, ipv4 and ares resolving. Even cookies on IDN sites seem to do right.