| Age | Commit message (Collapse) | Author |
|---|
|
76 private header files renamed to use our standard naming scheme.
This change affects 322 files in libcurl's source tree.
|
|
|
|
|
|
include the prototype header
|
|
Previous interfaces for these libcurl internal functions did not allow to tell
apart a legitimate zero size result from an error condition. These functions
now return a CURLcode indicating function success or otherwise specific error.
Output size is returned using a pointer argument.
All usage of these two functions, and others closely related, has been adapted
to the new interfaces. Relative error and OOM handling adapted or added where
missing. Unit test 1302 also adapted.
|
|
Curl_gss_init_sec_context got new parameter - SessionHandle.
Signed-off-by: Adam Tkac <atkac@redhat.com>
|
|
Defining NCOMPAT eliminates the backwards-compatibility macros
that are the source of the problem and which we don't need,
anyway.
|
|
|
|
gssapi.h is used as a header name by Heimdal-style GSSAPI so it would
conflict with a private header using that name, and while renaming the
header I figured we should name the .c file accordingly as well.
Bug: http://curl.haxx.se/mail/lib-2011-07/0071.html
Reported by: Ben Greear
|
|
Removed the parameters that were common to all our invocation.
|
|
This function wraps our calls to gss_init_sec_context so that we
have a unified way to talk to GSSAPI.
|
|
This change makes this callsite match the rest of the code.
|
|
This is a security flaw. See curl advisory 20110623 for details.
Reported by: Richard Silverman
|
|
"if(a)" is our style, not "if( a )"
|
|
By the use of a the new lib/checksrc.pl script that checks that our
basic source style rules are followed.
|
|
Found with codespell.
|
|
There's an error in http_negotiation.c where a mistake is using only
userpwd even for proxy requests. Ludek provided a patch, but I decided
to write the fix slightly different using his patch as inspiration.
Reported by: Ludek Finstrle
Bug: http://curl.haxx.se/bug/view.cgi?id=3046066
|
|
|
|
Fix 2 OOM errors: a missing NULL-check in lib/http_negociate.c
and a potential NULL dereferencing in lib/splay.c
|
|
|
|
|
|
32-bit value
|
|
inclusion by the curl tool without colliding with the curl_strequal functions.
|
|
|
|
|
|
|
|
openssl/objects.h were needed to compile SPNEGO support.
|
|
return code in the Negotiate code.
|
|
was not checked for a NULL return, in the Negotiate code.
|
|
Define HAVE_GSSMIT if <gssapi/{gssapi.h,gssapi_generic.h,gssapi_krb5.h}> are
available, otherwise define HAVE_GSSHEIMDAL if <gssapi.h> is available.
Only define GSS_C_NT_HOSTBASED_SERVICE to gss_nt_service_name if
GSS_C_NT_HOSTBASED_SERVICE isn't declared by the gssapi headers. This should
avoid breakage in case we wrongly recognize Heimdal as MIT again.
|
|
a re-used connection where both requests used Negotiate.
|
|
the same state struct as the host auth, so both could never be used at the
same time! I fixed it (without being able to check) to use two separate
structs to allow authentication using Negotiate on host and proxy
simultanouesly.
|
|
|
|
consistency
|
|
the --proxy-negotiate command line option to allow a user to explicitly
select it.
|
|
|
|
|
|
non-ASCII platforms.
|
|
could very well cause a negate number get passed in and thus cause reading
outside of the array usually used for this purpose.
We avoid this by using the uppercase macro versions introduced just now that
does some extra crazy typecasts to avoid byte codes > 127 to cause negative
int values.
|
|
(http://curl.haxx.se/bug/view.cgi?id=1481217), with follow-ups by Michele Bini
and David Byron. libcurl previously wrongly used GetLastError() on windows to
get error details after socket-related function calls, when it really should
use WSAGetLastError() instead.
When changing to this, the former function Curl_ourerrno() is now instead
called Curl_sockerrno() as it is necessary to only use it to get errno from
socket-related functions as otherwise it won't work as intended on Windows.
|
|
code. It should however not be the cause of any troubles. He also fixed a
few similar problems in the HTTP test server code.
|
|
|
|
server.
|
|
|
|
report #1004105
|
|
precaution to prevent mistakes to lead to buffer overflows.
|
|
memory.h is included everywhere for this.
|
|
all things up to work with encoded host names internally, as well as keeping
'display names' to show in debug messages. IDN resolves work for me now using
ipv6, ipv4 and ares resolving. Even cookies on IDN sites seem to do right.
|
|
|
|
|
