Age | Commit message (Collapse) | Author | |
---|---|---|---|
2005-02-22 | Thanks for the notification iDEFENCE. We are the "initial vendor" and we sure | Daniel Stenberg | |
got no notification, no mail, no nothing. You didn't even bother to mail us when you went public with this. Cool. NTLM buffer overflow fix, as reported here: http://www.securityfocus.com/archive/1/391042 | |||
2004-12-07 | Rene Bernhardt found and fixed a buffer overrun in the NTLM code, where | Daniel Stenberg | |
libcurl always and unconditionally overwrote a stack-based array with 3 zero bytes. I edited the fix to make it less likely to occur again (and added a comment explaining the reason to the buffer size). | |||
2004-07-04 | explicit typecasts to prevent warnings | Daniel Stenberg | |
2004-06-21 | typecasts to prevent compiler warnings | Daniel Stenberg | |
2004-05-25 | remove trailing whitespace | Daniel Stenberg | |
2004-05-11 | curl_global_init_mem() allows the memory functions to be replaced. | Daniel Stenberg | |
memory.h is included everywhere for this. | |||
2004-05-04 | General HTTP authentication cleanup and fixes | Daniel Stenberg | |
2004-03-30 | 'authdone' was added to the sessionhandle and thus was removed from the | Daniel Stenberg | |
argument to the NTLM function(s) | |||
2004-03-22 | Enabled 'NT responses' in the NTLM type-3 message. | Daniel Stenberg | |
2004-03-08 | don't compare signed/unsigned | Daniel Stenberg | |
2004-03-08 | strlen() returns size_t | Daniel Stenberg | |
2004-02-23 | adjusted to the modified base64 protos | Daniel Stenberg | |
2004-02-23 | The base64 encode function now takes a size_t for size, not an int as | Daniel Stenberg | |
previously. | |||
2004-01-07 | updated year in the copyright string | Daniel Stenberg | |
2003-10-17 | typecasts to prevent warnings | Daniel Stenberg | |
2003-10-17 | make no user or no password just mean blank fields, not aborted operation | Daniel Stenberg | |
2003-10-05 | weird typo removed | Daniel Stenberg | |
2003-09-15 | When we issue a HTTP request, first make sure if the authentication phase | Daniel Stenberg | |
is over or not, as if it isn't we shall not begin any PUT or POST operation. This cures bug report #805853, and test case 88 verifies it! | |||
2003-09-04 | no user or password set, bail out | Daniel Stenberg | |
2003-08-11 | added include "http.h" to prevent a warning | Daniel Stenberg | |
2003-08-11 | Serge Semashko added CURLOPT_PROXYAUTH support, and now NTLM for proxies | Daniel Stenberg | |
work. | |||
2003-07-22 | More support for NTLM on proxies, now proxy state and nonce is stored in | Daniel Stenberg | |
a separate struct properly. | |||
2003-07-21 | adjusted to support NTLM for proxies | Daniel Stenberg | |
2003-07-19 | Access the user and passwd fields from the connectdata struct now instead | Daniel Stenberg | |
of the sessionhandle struct, as that was not good. | |||
2003-07-15 | Moved the NTLM credentials to the connectdata struct instead, as NTLM | Daniel Stenberg | |
authenticates connections and not single requests. This should make it work better when we mix requests from multiple hosts. Problem pointed out by Cris Bailiff. | |||
2003-07-15 | Dan Winship's patch added that makes use of DOMAIN\USER or DOMAIN/USER | Daniel Stenberg | |
for the user field. I changed it slightly to stay with strchr() only instead of strpbrk() for portability reasons. | |||
2003-06-26 | Many fixes, most of them based on comments by Eric Glass | Daniel Stenberg | |
2003-06-13 | Cris Bailiff's patch that should make us do NTLM correctly. When we've | Daniel Stenberg | |
authenticated our connection, we can continue without any Authorization: headers as long as our connection is maintained. | |||
2003-06-13 | Cris Bailiff's bugfix | Daniel Stenberg | |
2003-06-13 | use more curlish strings, these should be able to change... | Daniel Stenberg | |
2003-06-12 | modified | Daniel Stenberg | |
2003-06-12 | make it build with older OpenSSL | Daniel Stenberg | |
2003-06-12 | attempt to make older OpenSSL versions work with the DES stuff | Daniel Stenberg | |
2003-06-11 | fixing details for NTLM | Daniel Stenberg | |
2003-06-11 | more how I envision it _should_ work, but it still doesn't... | Daniel Stenberg | |
2003-06-11 | correct mistakes | Daniel Stenberg | |
2003-06-11 | Initial take at NTLM authentication. It doesn't really work at this point | Daniel Stenberg | |
but the infrastructure is there. |