aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2016-04-11http2: Ensure that http2_handle_stream_close is calledTatsuhiro Tsujikawa
This commit ensures that streams which was closed in on_stream_close callback gets passed to http2_handle_stream_close. Previously, this might not happen. To achieve this, we increment drain property to forcibly call recv function for that stream. To more accurately check that we have no pending event before shutting down HTTP/2 session, we sum up drain property into http_conn.drain_total. We only shutdown session if that value is 0. With this commit, when stream was closed before reading response header fields, error code CURLE_HTTP2_STREAM is returned even if HTTP/2 level error is NO_ERROR. This signals the upper layer that stream was closed by error just like TCP connection close in HTTP/1. Ref: https://github.com/curl/curl/issues/659 Ref: https://github.com/curl/curl/pull/663
2016-04-11http2: Process paused data first before tear down http2 sessionTatsuhiro Tsujikawa
This commit ensures that data from network are processed before HTTP/2 session is terminated. This is achieved by pausing nghttp2 whenever different stream than current easy handle receives data. This commit also fixes the bug that sometimes processing hangs when multiple HTTP/2 streams are multiplexed. Ref: https://github.com/curl/curl/issues/659 Ref: https://github.com/curl/curl/pull/663
2016-04-11http2: Check session closure early in http2_recvTatsuhiro Tsujikawa
Ref: https://github.com/curl/curl/issues/659 Ref: https://github.com/curl/curl/pull/663
2016-04-11http2: Add handling stream level errorTatsuhiro Tsujikawa
Previously, when a stream was closed with other than NGHTTP2_NO_ERROR by RST_STREAM, underlying TCP connection was dropped. This is undesirable since there may be other streams multiplexed and they are very much fine. This change introduce new error code CURLE_HTTP2_STREAM, which indicates stream error that only affects the relevant stream, and connection should be kept open. The existing CURLE_HTTP2 means connection error in general. Ref: https://github.com/curl/curl/issues/659 Ref: https://github.com/curl/curl/pull/663
2016-04-11http2: drain the socket better...Daniel Stenberg
... but ignore EAGAIN if the stream has ended so that we don't end up in a loop. This is a follow-up to c8ab613 in order to avoid the problem d261652 was made to fix. Reported-by: Jay Satiro Clues-provided-by: Tatsuhiro Tsujikawa Discussed in #750
2016-04-09CURLOPT_SOCKS5_GSSAPI_SERVICE: Merged with CURLOPT_PROXY_SERVICE_NAMESteve Holme
As these two options provide identical functionality, the former for SOCK5 proxies and the latter for HTTP proxies, merged the two options together. As such CURLOPT_SOCKS5_GSSAPI_SERVICE is marked as deprecated as of 7.49.0.
2016-04-09urldata: Use bool for socks5_gssapi_nec as it is a flagSteve Holme
This value is set to TRUE or FALSE so should be a bool and not a long.
2016-04-09url: Ternary operator code style changesSteve Holme
2016-04-09sasl: Fixed compilation errors from commit 9d89a0387Steve Holme
...when GSS-API or Windows SSPI are not used.
2016-04-09url: Corrected comments following 9d89a0387Steve Holme
2016-04-08Makefile: Fixed echo of checksrc checkSteve Holme
2016-04-08checksrc: Fix issue with the autobuilds not picking up the whitelistSteve Holme
2016-04-08checksrc: Added missing vauth and vtls directoriesSteve Holme
2016-04-08ftp/imap/pop3/smtp: Allow the service name to be overriddenSteve Holme
Allow the service name to be overridden for DIGIST-MD5 and Kerberos 5 authentication in FTP, IMAP, POP3 and SMTP.
2016-04-08http_negotiate: Calculate service name and proxy service name locallySteve Holme
Calculate the service name and proxy service names locally, rather than in url.c which will allow for us to support overriding the service name for other protocols such as FTP, IMAP, POP3 and SMTP.
2016-04-07mbedtls: fix MBEDTLS_DEBUG buildsDamien Vielpeau
2016-04-07mbedtls: implement and provide *_data_pending()Daniel Stenberg
... as otherwise we might get stuck thinking there's no more data to handle. Reported-by: Damien Vielpeau Fixes #737
2016-04-07mbedtls: follow-up for the previous commitDaniel Stenberg
2016-04-07mbedtls.c: name space pollution fix, Use 'Curl_'Daniel Stenberg
2016-04-07mbedtls.c: changed private prefix to mbed_Daniel Stenberg
mbedtls_ is the prefix used by the mbedTLS library itself so we should avoid using that for our private functions.
2016-04-07mbedtls.h: fix compiler warningsDaniel Stenberg
2016-04-06HTTP2: Add a space character after the status codeMichael Kaufmann
The space character after the status code is mandatory, even if the reason phrase is empty (see RFC 7230 section 3.1.2) Closes #755
2016-04-06URLs: change http to https in many placesViktor Szakats
Closes #754
2016-04-06vauth: Corrected a number of typos in commentsSteve Holme
Reported-by: Michael Osipov
2016-04-05http2: fix connection reuse when PING comes after last DATADaniel Stenberg
It turns out the google GFE HTTP/2 servers send a PING frame immediately after a stream ends and its last DATA has been received by curl. So if we don't drain that from the socket, it makes the socket readable in subsequent checks and libcurl then (wrongly) assumes the connection is dead when trying to reuse the connection. Reported-by: Joonas Kuorilehto Discussed in #750
2016-04-05multi: remove trailing space in debug outputDaniel Stenberg
2016-04-03lib/src: fix the checksrc invokeDaniel Stenberg
... now works correctly when invoke from the root makefile
2016-04-03nw: please the stricter checksrcDaniel Stenberg
2016-04-03code: style updatesDaniel Stenberg
2016-04-03checksrc: check for more malplaced spacesDaniel Stenberg
2016-04-03checksrc: remove debug crapDaniel Stenberg
2016-04-03checksrc: allow ignore of specific warnings within a file (section)Daniel Stenberg
2016-04-03checksrc: add warning names, explain on help outputDaniel Stenberg
2016-04-03vauth: Removed the need for a separate GSS-API based SPN functionSteve Holme
2016-04-03curl_sasl: Fixed potential null pointer utilisationSteve Holme
Although this should never happen due to the relationship between the 'mech' and 'resp' variables, and the way they are allocated together, it does cause problems for code analysis tools: V595 The 'mech' pointer was utilized before it was verified against nullptr. Check lines: 376, 381. curl_sasl.c 376 Bug: https://github.com/curl/curl/issues/745 Reported-by: Alexis La Goutte
2016-04-03spnego: Small code tidy upSteve Holme
* Prefer dereference of string pointer rather than strlen() * Free challenge pointer in one place * Additional comments
2016-04-03krb5: Small code tidy upSteve Holme
* Prefer dereference of string pointer rather than strlen() * Free challenge pointer in one place * Additional comments
2016-04-03krb5_gssapi: Only process challenge when presentSteve Holme
This wouldn't cause a problem because of the way the function is called, but prior to this change, we were processing the challenge message when the credentials were NULL rather than when the challenge message was populated. This also brings this part of the Kerberos 5 code in line with the Negotiate code.
2016-04-03krb5: Fixed missing client response when mutual authentication enabledSteve Holme
Although mutual authentication is currently turned off and can only be enabled by changing libcurl source code, authentication using Kerberos 5 has been broken since commit 79543caf90 in this use case.
2016-04-03krb5_sspi: Only process challenge when presentSteve Holme
This wouldn't cause a problem because of the way the function is called, but prior to this change, we were processing the challenge message when the credentials were NULL rather than when the challenge message was populated. This also brings this part of the Kerberos 5 code in line with the Negotiate code.
2016-04-03krb5_sspi: Only generate the output token when its not allocatedSteve Holme
Prior to this change, we were generating the output token when the credentials were NULL rather than when the output token was NULL. This also brings this part of the Kerberos 5 code in line with the Negotiate code.
2016-04-03krb5: Only generate a SPN when its not knownSteve Holme
Prior to this change, we were generating the SPN in the SSPI code when the credentials were NULL and in the GSS-API code when the context was empty. It is better to decouple the SPN generation from these checks and only generate it when the SPN itself is NULL. This also brings this part of the Kerberos 5 code in line with the Negotiate code.
2016-04-03checksrc.whitelist: remove fopen() usesDaniel Stenberg
2016-04-03formdata: use appropriate fopen() macrosDaniel Stenberg
2016-04-03checksrc: improve the fopen() parser somewhatDaniel Stenberg
The quote scanner was too fragile, now look for a comma instead to find the mode argument.
2016-04-02http2: make use of the nghttp2 error callbackDaniel Stenberg
It offers extra info from nghttp2 in certain error cases. Like for example when trying prior-knowledge http2 on a server that doesn't speak http2 at all. The error message is passed on as a verbose message to libcurl. Discussed in #722 The error callback was added in nghttp2 1.9.0
2016-04-02spnego: Renamed the context's SPN variableSteve Holme
To be consistent with the Kerberos 5 context and other authentication code.
2016-04-02krb5_gssapi: Renamed the status variablesSteve Holme
For consistency with the spnego code.
2016-04-02krb5: Moved host from Curl_auth_create_gssapi_user_message() to be argumentSteve Holme
For consistency with the spnego and oauth2 code moved the setting of the host name outside of the Curl_auth_create_gssapi_user_messag() function. This will allow us to more easily override it in the future.
2016-04-01http_negotiate: Corrected host and proxy host name being wrong way roundSteve Holme
I had accidentally used the proxy server name for the host and the host server name for the proxy in commit ad5e9bfd5d and 6d6f9ca1d9. Whilst Windows SSPI was quite happy with this, GSS-API wasn't. Thanks-to: Michael Osipov