aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2013-04-19url: Added bounds checking to parse_login_details()Steve Holme
Added bounds checking when searching for the separator characters within the login string as this string may not be NULL terminated (For example it is the login part of a URL). We do this in preference to allocating a new string to copy the login details into which could then be passed to parse_login_details() for performance reasons.
2013-04-19url: Added size_t cast to pointer based length calculationsSteve Holme
2013-04-19url: Corrected minor typo in commentSteve Holme
2013-04-18url: Fix chksrc longer than 79 columns warningSteve Holme
2013-04-18url: Fix incorrect variable type for result codeSteve Holme
2013-04-18url: Fix compiler warningSteve Holme
signed and unsigned type in conditional expression
2013-04-18url: Moved parsing of login details out of parse_url_login()Steve Holme
Separated the parsing of login details from the processing of them in parse_url_login() ready for use by setstropt_userpwd().
2013-04-18url: Re-factored set_userpass() and parse_url_userpass()Steve Holme
Re-factored these functions to reflect their new behaviour following the addition of login options.
2013-04-18url: Reworked URL parsing to allow overriding by CURLOPT_USERPWDSteve Holme
2013-04-16smtp: Re-factored all perform based functionsSteve Holme
Standardised the naming of all perform based functions to be in the form smtp_perform_something().
2013-04-16smtp: Added description comments to all perform based functionsSteve Holme
2013-04-16smtp: Moved smtp_quit() to be with the other perform functionsSteve Holme
2013-04-16smtp: Moved smtp_rcpt_to() to be with the other perform functionsSteve Holme
2013-04-16smtp: Moved smtp_mail() to be with the other perform functionsSteve Holme
2013-04-15pop3: Added missing comment for pop3_state_apop_resp()Steve Holme
2013-04-15smtp: Updated the coding style of smtp_state_servergreet_resp()Steve Holme
Updated the coding style, in this function, to be consistant with other response functions rather then performing a hard return on failure.
2013-04-15pop3: Updated the coding style of pop3_state_servergreet_resp()Steve Holme
Updated the coding style, in this function, to be consistent with other response functions rather then performing a hard return on failure.
2013-04-14pop3: Re-factored all perform based functionsSteve Holme
Standardised the naming of all perform based functions to be in the form pop3_perform_something() following the changes made to IMAP.
2013-04-14pop3: Added description comments to all perform based functionsSteve Holme
2013-04-14pop3: Moved pop3_quit() to be with the other perform functionsSteve Holme
2013-04-14pop3: Moved pop3_command() to be with the other perform functionsSteve Holme
Started to apply the same tidy up to the POP3 code as applied to the IMAP code in the 7.30.0 release.
2013-04-13smtp: Added support for ;auth=<mech> in the URLSteve Holme
Added support for specifying the preferred authentication mechanism in the URL as per Internet-Draft 'draft-earhart-url-smtp-00'.
2013-04-13pop3: Reworked authentication type constantsSteve Holme
... to use left-shifted values, like those defined in curl.h, rather than 16-bit hexadecimal values.
2013-04-13pop3: Small consistency tidy upSteve Holme
2013-04-13pop3: Added support for ;auth=<mech> in the URLSteve Holme
Added support for specifying the preferred authentication type and SASL mechanism in the URL as per RFC-2384.
2013-04-13imap: Added support for ;auth=<mech> in the URLSteve Holme
Added support for specifying the preferred authentication mechanism in the URL as per RFC-5092.
2013-04-13sasl: Reworked SASL mechanism constantsSteve Holme
... to use left-shifted values, like those defined in curl.h, rather than 16-bit hexadecimal values.
2013-04-13sasl: Added predefined preferred mechanism valuesSteve Holme
In preparation for the upcoming changes to IMAP, POP3 and SMTP added preferred mechanism values.
2013-04-13url: Added support for parsing login options from the URLSteve Holme
As well as parsing the username and password from the URL, added support for parsing the optional options part from the login details, to allow the following supported URL format: schema://username:password;options@example.com/path?q=foobar This will only be used by IMAP, POP3 and SMTP at present but any protocol that may be given login options in the URL will be able to add support for them.
2013-04-13smtp: Fix compiler warningSteve Holme
warning: unused variable 'smtp' introduced in commit 73cbd21b5ee6.
2013-04-12smtp: Moved parsing of url path into separate functionSteve Holme
2013-04-12FTP: handle a 230 welcome responseDaniel Stenberg
...instead of the 220 we otherwise expect. Made the ftpserver.pl support sending a custom "welcome" and then created test 1219 to verify this fix with such a 230 welcome. Bug: http://curl.haxx.se/mail/lib-2013-02/0102.html Reported by: Anders Havn
2013-04-12FTP: access files in root dir correctlyDaniel Stenberg
Accessing a file with an absolute path in the root dir but with no directory specified was not handled correctly. This fix comes with four new test cases that verify it. Bug: http://curl.haxx.se/mail/lib-2013-04/0142.html Reported by: Sam Deane
2013-04-12pop3: Reworked the function description for Curl_pop3_write()Steve Holme
2013-04-12pop3: Added function description to pop3_parse_custom_request()Steve Holme
2013-04-12pop3: Moved utility functions to end of pop3.cSteve Holme
2013-04-12darwinssl: add TLS session resumptionNick Zitzmann
This ought to speed up additional TLS handshakes, at least in theory.
2013-04-12imap: Added function description to imap_parse_custom_request()Steve Holme
2013-04-12imap: Moved utility functions to end of imap.c (Part 3/3)Steve Holme
Moved imap_is_bchar() be with the other utility based functions.
2013-04-12imap: Moved utility functions to end of imap.c (Part 2/3)Steve Holme
Moved imap_parse_url_path() and imap_parse_custom_request() to the end of the file allowing all utility functions to be grouped together.
2013-04-12imap: Moved utility functions to end of imap.c (Part 1/3)Steve Holme
Moved imap_atom() and imap_sendf() to the end of the file allowing all utility functions to be grouped together.
2013-04-12imap: Corrected function description for imap_connect()Steve Holme
2013-04-11cookie: fix tailmatching to prevent cross-domain leakageYAMADA Yasuharu
Cookies set for 'example.com' could accidentaly also be sent by libcurl to the 'bexample.com' (ie with a prefix to the first domain name). This is a security vulnerabilty, CVE-2013-1944. Bug: http://curl.haxx.se/docs/adv_20130412.html
2013-04-11Enabled MinGW sync resolver builds.Guenter Knauf
2013-04-10if2ip.c: fix compiler warningYang Tse
2013-04-10Fixed lost OpenSSL output with "-t" - followup.Guenter Knauf
The previously applied patch didnt work on Windows; we cant rely on shell commands like 'echo' since they act diffently on each platform and each shell. In order to keep this script platform-independent the code must only use pure Perl.
2013-04-09FTP: handle "rubbish" in front of directory name in 257 responsesBill Middlecamp
When doing PWD, there's a 257 response which apparently some servers prefix with a comment before the path instead of after it as is otherwise the norm. Failing to parse this, several otherwise legitimate use cases break. Bug: http://curl.haxx.se/mail/lib-2013-04/0113.html
2013-04-09Fixed ares-enabled builds with static makefiles.Guenter Knauf
2013-04-09Fixed lost OpenSSL output with "-t".Guenter Knauf
The OpenSSL pipe wrote to the final CA bundle file, but the encoded PEM output wrote to a temporary file. Consequently, the OpenSSL output was lost when the temp file was renamed to the final file at script finish (overwriting the final file written earlier by openssl). Patch posted to the list by Richard Michael (rmichael edgeofthenet org).
2013-04-08darwinssl: disable insecure ciphers by defaultNick Zitzmann
I noticed that aria2's SecureTransport code disables insecure ciphers such as NULL, anonymous, IDEA, and weak-key ciphers used by SSLv3 and later. That's a good idea, and now we do the same thing in order to prevent curl from accessing a "secure" site that only negotiates insecure ciphersuites.