| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2011-07-12 | http_negociate: Be consistent in gss_init_sec_context attributes. | Julien Chaffraix | |
| This change makes this callsite match the rest of the code. | |||
| 2011-06-22 | Curl_input_negotiate: do not delegate GSSAPI credentials | Daniel Stenberg | |
| This is a security flaw. See curl advisory 20110623 for details. Reported by: Richard Silverman | |||
| 2011-04-27 | whitespace cleanup: no space first in conditionals | Daniel Stenberg | |
| "if(a)" is our style, not "if( a )" | |||
| 2011-04-27 | source cleanup: unify look, style and indent levels | Daniel Stenberg | |
| By the use of a the new lib/checksrc.pl script that checks that our basic source style rules are followed. | |||
| 2011-04-21 | Fix a couple of spelling errors in lib/ | Fabian Keil | |
| Found with codespell. | |||
| 2010-08-16 | negotiation: Wrong proxy authorization | Daniel Stenberg | |
| There's an error in http_negotiation.c where a mistake is using only userpwd even for proxy requests. Ludek provided a patch, but I decided to write the fix slightly different using his patch as inspiration. Reported by: Ludek Finstrle Bug: http://curl.haxx.se/bug/view.cgi?id=3046066 | |||
| 2010-06-02 | fix spnego memory leak | Yang Tse | |
| 2010-05-26 | OOM fixes in http_negociate.c and lib/splay.c | Julien Chaffraix | |
| Fix 2 OOM errors: a missing NULL-check in lib/http_negociate.c and a potential NULL dereferencing in lib/splay.c | |||
| 2010-03-24 | remove the CVSish $Id$ lines | Daniel Stenberg | |
| 2009-04-21 | libcurl's memory.h renamed to curl_memory.h | Yang Tse | |
| 2009-04-13 | fix compiler warning: implicit conversion shortens 64-bit value into a ↵ | Yang Tse | |
| 32-bit value | |||
| 2008-10-23 | moved the Curl_raw_ functions into the new lib/rawstr.c file for easier curlx_ | Daniel Stenberg | |
| inclusion by the curl tool without colliding with the curl_strequal functions. | |||
| 2008-09-02 | Made some variables const which eliminated some casts | Dan Fandrich | |
| 2008-08-17 | libcurl internal base64.h header file renamed to curl_base64.h | Yang Tse | |
| 2008-08-16 | Fix Use of conditional definition of USE_OPENSSL | Yang Tse | |
| 2008-05-26 | David Rosenstrauch reported that header files spnegohelp.h and | Yang Tse | |
| openssl/objects.h were needed to compile SPNEGO support. | |||
| 2008-04-14 | - Andre Guibert de Bruet fixed a second case of not checking the malloc() | Daniel Stenberg | |
| return code in the Negotiate code. | |||
| 2008-04-12 | - Andre Guibert de Bruet found and fixed a case where malloc() was called but | Daniel Stenberg | |
| was not checked for a NULL return, in the Negotiate code. | |||
| 2008-04-07 | - Fix the MIT / Heimdal check for good: | Michal Marek | |
| Define HAVE_GSSMIT if <gssapi/{gssapi.h,gssapi_generic.h,gssapi_krb5.h}> are available, otherwise define HAVE_GSSHEIMDAL if <gssapi.h> is available. Only define GSS_C_NT_HOSTBASED_SERVICE to gss_nt_service_name if GSS_C_NT_HOSTBASED_SERVICE isn't declared by the gssapi headers. This should avoid breakage in case we wrongly recognize Heimdal as MIT again. | |||
| 2008-03-01 | - Anatoli Tubman found and fixed a crash with Negotiate authentication used on | Daniel Stenberg | |
| a re-used connection where both requests used Negotiate. | |||
| 2007-11-20 | While inspecting the Negotiate code, I noticed how the proxy auth was using | Daniel Stenberg | |
| the same state struct as the host auth, so both could never be used at the same time! I fixed it (without being able to check) to use two separate structs to allow authentication using Negotiate on host and proxy simultanouesly. | |||
| 2007-11-20 | white space changes only to clean up indent and source width | Daniel Stenberg | |
| 2007-11-05 | removed space after if and while before the parenthesis for better source code | Daniel Stenberg | |
| consistency | |||
| 2007-09-21 | Mark Davies fixed Negotiate authentication over proxy, and also introduced | Daniel Stenberg | |
| the --proxy-negotiate command line option to allow a user to explicitly select it. | |||
| 2007-08-27 | Fixed some minor type mismatches and missing consts mainly found by splint. | Dan Fandrich | |
| 2007-04-04 | Fixes some more out of memory handling bugs. | Dan Fandrich | |
| 2007-01-03 | - David McCreedy made changes to allow base64 encoding/decoding to work on | Daniel Stenberg | |
| non-ASCII platforms. | |||
| 2006-10-17 | Avoid typecasting a signed char to an int when using is*() functions, as that | Daniel Stenberg | |
| could very well cause a negate number get passed in and thus cause reading outside of the array usually used for this purpose. We avoid this by using the uppercase macro versions introduced just now that does some extra crazy typecasts to avoid byte codes > 127 to cause negative int values. | |||
| 2006-05-04 | Roland Blom filed bug report #1481217 | Daniel Stenberg | |
| (http://curl.haxx.se/bug/view.cgi?id=1481217), with follow-ups by Michele Bini and David Byron. libcurl previously wrongly used GetLastError() on windows to get error details after socket-related function calls, when it really should use WSAGetLastError() instead. When changing to this, the former function Curl_ourerrno() is now instead called Curl_sockerrno() as it is necessary to only use it to get errno from socket-related functions as otherwise it won't work as intended on Windows. | |||
| 2006-02-18 | Ulf Härnhammar fixed a format string (printf style) problem in the Negotiate | Daniel Stenberg | |
| code. It should however not be the cause of any troubles. He also fixed a few similar problems in the HTTP test server code. | |||
| 2005-03-31 | Updated the copyright year since changes have been this year. | Daniel Stenberg | |
| 2005-02-24 | Fixed some compiler warnings. Fixed a low incidence memory leak in the test ↵ | Dan Fandrich | |
| server. | |||
| 2005-02-22 | Curl_base64_decode() now returns an allocated buffer | Daniel Stenberg | |
| 2004-08-05 | Enrico Scholz fixed the service name to be uppercase as reported in bug | Daniel Stenberg | |
| report #1004105 | |||
| 2004-06-24 | Replaced all uses of sprintf() with the safer snprintf(). It is just a | Daniel Stenberg | |
| precaution to prevent mistakes to lead to buffer overflows. | |||
| 2004-05-11 | curl_global_init_mem() allows the memory functions to be replaced. | Daniel Stenberg | |
| memory.h is included everywhere for this. | |||
| 2004-04-27 | Made host name and proxy name get stored in a 'struct hostname' and set | Daniel Stenberg | |
| all things up to work with encoded host names internally, as well as keeping 'display names' to show in debug messages. IDN resolves work for me now using ipv6, ipv4 and ares resolving. Even cookies on IDN sites seem to do right. | |||
| 2004-01-07 | updated year in the copyright string | Daniel Stenberg | |
| 2003-11-27 | Markus Moeller's change to check for HAVE_SPNEGO instead of the previous | Daniel Stenberg | |
| 2003-09-19 | Markus Moeller's SPNEGO patch applied, with my edits, additions and minor | Daniel Stenberg | |
| cleanups. | |||
| 2003-09-11 | Tim Bartley's patch that makes the GSSNEGOTIATE option work for Microsoft's | Daniel Stenberg | |
| "Negotiate" authentication as well. | |||
| 2003-07-23 | Daniel Kouril's fix to make the GSS-Negotiate work fine. | Daniel Stenberg | |
| 2003-06-26 | kill warnings | Daniel Stenberg | |
| 2003-06-10 | Daniel Kouril's patch that adds HTTP negotiation support to libcurl was | Daniel Stenberg | |
| added. | |||
 |
index : curl | |
| cURL mirror with patches applied | Ben |
| aboutsummaryrefslogtreecommitdiff |