aboutsummaryrefslogtreecommitdiff
path: root/lib/url.c
AgeCommit message (Collapse)Author
2012-02-09CURLOPT_SSL_OPTIONS: addedDaniel Stenberg
Allow an appliction to set libcurl specific SSL options. The first and only options supported right now is CURLSSLOPT_ALLOW_BEAST. It will make libcurl to disable any work-arounds the underlying SSL library may have to address a known security flaw in the SSL3 and TLS1.0 protocol versions. This is a reaction to us unconditionally removing that behavior after this security advisory: http://curl.haxx.se/docs/adv_20120124B.html ... it did however cause a lot of programs to fail because of old servers not liking this work-around. Now programs can opt to decrease the security in order to interoperate with old servers better.
2012-02-09add library support for tuning TCP_KEEPALIVEDave Reisner
This adds three new options to control the behavior of TCP keepalives: - CURLOPT_TCP_KEEPALIVE: enable/disable probes - CURLOPT_TCP_KEEPIDLE: idle time before sending first probe - CURLOPT_TCP_KEEPINTVL: delay between successive probes While not all operating systems support the TCP_KEEPIDLE and TCP_KEEPINTVL knobs, the library will still allow these options to be set by clients, silently ignoring the values.
2012-02-07curl_easy_reset: reset the referer stringDaniel Stenberg
When CURLOPT_REFERER has been used, curl_easy_reset() did not properly clear it. Verified with the new test 598 Bug: http://curl.haxx.se/bug/view.cgi?id=3481551 Reported by: Michael Day
2012-01-20URL parse: user name with ipv6 numerical addressDaniel Stenberg
Using a URL with embedded user name and password didn't work if the host was given as a numerical IPv6 string, like ftp://user:password@[::1]/ Reported by: Brandon Wang Bug: http://curl.haxx.se/mail/archive-2012-01/0047.html
2012-01-18ssl session caching: fix compiler warningsYang Tse
2012-01-16add LF termination to infof() trace stringYang Tse
2011-12-31changed case: use new host name for subsequent HTTP requestsDaniel Stenberg
When a HTTP connection is re-used for a subsequent request without proxy, it would always re-use the Host: header of the first request. As host names are case insensitive it would make curl send another host name case that what the particular request used. Now it will instead always use the most recent host name to always use the desired casing. Added test case 1318 to verify. Bug: http://curl.haxx.se/mail/lib-2011-12/0314.html Reported by: Alex Vinnik
2011-12-24Curl_do_more: fix typo logicDaniel Stenberg
In the recent do_more fix the new logic was mistakenly checking the pointer instead of what it points to. Reported by: Gokhan Sengun Bug: http://curl.haxx.se/mail/lib-2011-12/0250.html
2011-12-23resolve: don't leak pre-populated dns entriesDaniel Stenberg
CURLOPT_RESOLVE populates the DNS cache with entries that are marked as eternally in use. Those entries need to be taken care of when the cache is killed off. Bug: http://curl.haxx.se/bug/view.cgi?id=3463121 Reported by: "tw84452852"
2011-12-20non-blocking active FTP: cleanup multi state usageDaniel Stenberg
Backpedaled out the funny double-change of state in the multi state machine by adding a new argument to the do_more() function to signal completion. This way it can remain in the DO_MORE state properly until done. Long term, the entire DO_MORE logic should be moved into the FTP code and be hidden from the multi code as the logic is only used for FTP.
2011-12-20FTP: perform active connections non-blockingGokhan Sengun
1- Two new error codes are introduced. CURLE_FTP_ACCEPT_FAILED to be set whenever ACCEPTing fails because of FTP server connected. CURLE_FTP_ACCEPT_TIMEOUT to be set whenever ACCEPTing timeouts. Neither of these errors are considered fatal and control connection remains OK because it could just be a firewall blocking server to connect to the client. 2- One new setopt option was introduced. CURLOPT_ACCEPTTIMEOUT_MS It sets the maximum amount of time FTP client is going to wait for a server to connect. Internal default accept timeout is 60 seconds.
2011-12-20timer: restore PRETRANSFER timingDaniel Stenberg
Regression introduced in 7.23.0 with commit 9dd85bce. The function in which the PRETRANSFER time stamp was recorded was moved in time causing it be stored very quickly after the start timestamp. On most systems shorter than 1 millisecond and thus it wouldn't even show with -w "%{time_pretransfer}" using the command line tool. Bug: http://curl.haxx.se/mail/archive-2011-12/0022.html Reported by: Toni Moreno
2011-12-12ConnectionExists: Fix reuse for TLS upgraded connectionsSteve Holme
Fixed the connection reuse detection in ConnectionExists() when comparing a new connection that is non-SSL based against that of a SSL based connection that has become so by being upgraded via TLS.
2011-12-09create_conn: don't switch to HTTP protocol if tunneling is enabledDaniel Stenberg
This is a regression since who knows when. When spotting that a HTTP proxy is used we must not uncondititionally enable the HTTP protocol since if we do tunneling through the proxy we're still using the target protocol. Reported by: Naveen Chandran
2011-11-24query-part: ignore the URI part for given protocolsJonas Schnelli
By setting PROTOPT_NOURLQUERY in the protocol handler struct, the protocol will get the "query part" of the URL cut off before the data is handled by the protocol-specific code. This makes libcurl adhere to RFC3986 section 2.2. Test 1220 is added to verify a file:// URL with query-part.
2011-11-21protocol_connect: show verbose connect and set connect timeDaniel Stenberg
Regression: commit b998d95b (shipped first in release 7.22.0) made the condition always equal false that should reset the TIMER_CONNECT timer and call the Curl_verboseconnect() function. Reported by: "Captain Basil" Bug: http://curl.haxx.se/mail/archive-2011-11/0035.html
2011-11-17CURLOPT_DNS_SERVERS: set name servers if possibleJason Glasgow
2011-11-03url.c and file.c: fix OOM triggered segfaultYang Tse
2011-11-03rename ftp_ssl: the struct field is used for many protocolsDaniel Stenberg
Now called 'use_ssl' instead, which better matches the current CURLOPT name and since the option is used for all pingpong protocols (at least) it makes sense to not use 'ftp' in the name.
2011-11-02url.c and transfer.c: nullify connection pointer when free()'edYang Tse
2011-10-21curl_multi_fdset: correct fdset with FTP PORT useDaniel Stenberg
After a PORT has been issued, and the multi handle would switch to the CURLM_STATE_DO_MORE state (which is unique for FTP), libcurl would return the wrong fdset to wait for when curl_multi_fdset() is called. The code would blindly assume that it was waiting for a connect of the second connection, while that isn't true immediately after the PORT command. Also, the function multi.c:domore_getsock() was highly FTP-centric and therefore ugly to keep in protocol-agnostic code. I solved this problem by introducing a new function pointer in the Curl_handler struct called domore_getsock() which is only called during the DOMORE state for protocols that set that pointer. The new ftp.c:ftp_domore_getsock() function now returns fdset info about the control connection's command/response handling while such a state is in use, and goes over to waiting for a writable second connection first once the commands are done. The original problem could be seen by running test 525 and checking the time stamps in the FTP server log. I can verify that this fix at least fixes this problem. Bug: http://curl.haxx.se/mail/lib-2011-10/0250.html Reported by: Gokhan Sengun
2011-10-20Fixed compilation when HTTP or cookies are disabledDan Fandrich
2011-10-14url.c: fix endless loop upon transport connection timeoutYang Tse
Jerry Wu detected and provided detailed info about this issue.
2011-10-13url.c: make line shorter than 80 charsYang Tse
2011-10-12OOM handling/cleanup slight adjustmentsYang Tse
2011-10-11OOM handling/cleanup slight adjustmentsYang Tse
2011-10-07libcurl: some OOM handling fixesYang Tse
2011-10-02multi: progress function abort must close connectionDaniel Stenberg
When the progress function returns to cancel the request, we must mark the connection to get closed and it must do to the DONE state. do_init() must be called as early as possible so that state variables for new connections are reset early. We could otherwise see that the old values were still there when a connection was to be disconnected very early and it would make it behave wrongly. Bug: http://curl.haxx.se/mail/lib-2011-10/0006.html Reported by: Vladimir Grishchenko
2011-09-28SSL session sharing support addedAlejandro Alvarez
With locking, plus test, plus documentation
2011-09-22NTLM_WB: fix disabling of NTLM_WB when NTLM is disabledYang Tse
2011-09-05fix bool variables checking and assignmentYang Tse
2011-09-04NTLM WB: fix file descriptor leak upon OOM conditionYang Tse
2011-09-02MemoryTracking: fix logging of free() calls done where Curl_safefree is calledYang Tse
Just internal stuff... Curl_safefree is now a macro defined in memdebug.h instead of a function prototyped in url.h and implemented in url.c, so inclusion of url.h is no longer required in order to simply use Curl_safefree. Provide definition of macro WHILE_FALSE in setup_once.h in order to allow other macros such as DEBUGF and DEBUGASSERT, and code using it, to compile without 'conditional expression is constant' warnings. The WHILE_FALSE stuff fixes 150+ MSVC compiler warnings.
2011-08-28NTLM: END of refactoring/splitting/movingYang Tse
First: File curl_ntlm.h renamed curl_ntlm_msgs.h File curl_ntlm.c renamed curl_ntlm_msgs.c Afterwards: File http_ntlm.c renamed curl_ntlm.c File http_ntlm.h renamed curl_ntlm.h
2011-08-27NTLM_WB: final congruency naming adjustmentsYang Tse
Configure script option --enable-wb-ntlm-auth renamed to --enable-ntlm-wb Configure script option --disable-wb-ntlm-auth renamed to --disable-ntlm-wb Preprocessor symbol WINBIND_NTLM_AUTH_ENABLED renamed to NTLM_WB_ENABLED Preprocessor symbol WINBIND_NTLM_AUTH_FILE renamed to NTLM_WB_FILE Test harness env var CURL_NTLM_AUTH renamed to CURL_NTLM_WB_FILE Static function wb_ntlm_close renamed to ntlm_wb_cleanup Static function wb_ntlm_initiate renamed to ntlm_wb_init Static function wb_ntlm_response renamed to ntlm_wb_response
2011-08-27NTLM single-sign on adjustments (XI)Yang Tse
Feature string literal NTLM_SSO renamed to NTLM_WB. Preprocessor symbol USE_NTLM_SSO renamed to WINBIND_NTLM_AUTH_ENABLED. curl's 'long' option 'ntlm-sso' renamed to 'ntlm-wb'. Fix some comments to make clear that this is actually a NTLM delegation.
2011-08-26NTLM single-sign on adjustments (X)Yang Tse
Functions renamed: Curl_output_ntlm_sso -> Curl_output_ntlm_wb sso_ntlm_close -> wb_ntlm_close sso_ntlm_response -> wb_ntlm_response sso_ntlm_initiate -> wb_ntlm_initiate Preprocessor symbols renamed: CURLAUTH_NTLM_SSO -> CURLAUTH_NTLM_WB CURL_VERSION_NTLM_SSO -> CURL_VERSION_NTLM_WB
2011-08-19connect: set TIMER_CONNECTDaniel Stenberg
When connecting, make sure TIMER_CONNECT is set.
2011-08-18FTP: fix proxy connect race conditionDaniel Stenberg
When using the multi interface, a SOCKS proxy, and a connection that wouldn't immediately consider itself connected (which my Linux tests do by default), libcurl would be tricked into doing _two_ connects to the SOCKS proxy when it setup the data connection and then of course the second attempt would fail miserably and cause error. This problem is a regression that was introduced by commit 4a42e5cdaa344755 that was introduced in the 7.21.7 release. Bug: http://curl.haxx.se/mail/lib-2011-08/0199.html Reported by: Fabian Keil
2011-08-09http NTLM: Further tiding up to libcurl standardsYang Tse
2011-08-09http NTLM: Tidied up http_ntlm prior to splitting the ntlm specific codeSteve Holme
2011-08-05create_conn: mark non-HTTP proxies accordinglyDaniel Stenberg
A proxy could be marked 'httpproxy' wrongly before if set with an environment variable or with the CURLOPT_PROXY option with a socks*:// prefix or similar. Added test 710 to verify Bug: http://curl.haxx.se/mail/lib-2011-07/0194.html
2011-08-03curl_gssapi: refine the handling of CURLOPT_GSSAPI_DELEGATIONKamil Dudka
Suggested by Richard Silverman.
2011-08-03Add new CURLOPT_GSSAPI_DELEGATION option.Adam Tkac
Curl_gss_init_sec_context got new parameter - SessionHandle. Signed-off-by: Adam Tkac <atkac@redhat.com>
2011-07-31NTLM single-sign on adjustments (VIII)Yang Tse
Use preprocessor symbols WINBIND_NTLM_AUTH_ENABLED and WINBIND_NTLM_AUTH_FILE for Samba's winbind daemon ntlm_auth helper code implementation and filename. Retain preprocessor symbol USE_NTLM_SSO for NTLM single-sign-on feature availability implementation independent. For test harness, prefix NTLM_AUTH environment vars with CURL_ Refactor and rename configure option --with-ntlm-auth to --enable-wb-ntlm-auth[=FILE]
2011-07-29NTLM single-sign on adjustments (VII)Yang Tse
Initialize variables when connectdata object is created.
2011-07-26stdio.h, stdlib.h, string.h, stdarg.h and ctype.h inclusion done in setup_once.hYang Tse
2011-07-25WIN32 io.h and fcntl.h inclusion done in setup_once.hYang Tse
2011-07-25time.h and sys/time.h inclusion conditionally done in setup_once.hYang Tse
2011-07-24errno.h inclusion conditionally done in setup_once.hYang Tse