aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2011-11-06HTTP auth: fix proxy Negotiate bugRene Bernhardt
If a proxy offers several Authentication schemes where NTLM and Negotiate are offered by the proxy and you tell libcurl not to use the Negotiate scheme then the request never returns when the proxy answers with its HTTP 407 reply. It is reproducible by the following steps: - Use a proxy that offers NTLM and Negotiate ( CURLOPT_PROXY and CURLOPT_PROXYPORT ) - Tell libcurl NOT to use Negotiate CURL_EASY_SETOPT(CURLOPT_PROXYAUTH, CURLAUTH_BASIC | CURLAUTH_DIGEST | CURLAUTH_NTLM ) - Start the request The call to CURL_EASY_PERFORM never returns. If you switch on debug logging you can see that libcurl issues a new request As soon as it received the 407 reply. Instead it should return and set the response code to 407. Bug: http://curl.haxx.se/mail/lib-2011-10/0323.html
2011-11-04ssluse.c: fix calling of OpenSSL's ERR_remove_state(0)Yang Tse
Move calling of ERR_remove_state(0) a.k.a ERR_remove_thread_state(NULL) from Curl_ossl_close_all() to Curl_ossl_cleanup(). In this way ERR_remove_state(0) is now only called in libcurl by curl_global_cleanup(). Previously it would get called by functions curl_easy_cleanup(), curl_multi_cleanup and potentially each time a connection was removed from a connection cache leading to premature destruction of OpenSSL's thread local state hash. Multi-threaded apps using OpenSSL enabled libcurl should still call function ERR_remove_state(0) or ERR_remove_thread_state(NULL) at the very end end of threads that do not call curl_global_cleanup().
2011-11-03url.c and file.c: fix OOM triggered segfaultYang Tse
2011-11-03rename ftp_ssl: the struct field is used for many protocolsDaniel Stenberg
Now called 'use_ssl' instead, which better matches the current CURLOPT name and since the option is used for all pingpong protocols (at least) it makes sense to not use 'ftp' in the name.
2011-11-02gtls_connect_step1: remove use of deprecated functionsDaniel Stenberg
Use gnutls_priority_set_direct() instead of gnutls_protocol_set_priority(). Remove the gnutls_certificate_type_set_priority() use since x509 is the default certificate type anyway. Reported by: Vincent Torri
2011-11-02url.c and transfer.c: nullify connection pointer when free()'edYang Tse
2011-11-01multi.c: OOM handling fixYang Tse
2011-10-31setup.h: fix compiler warningYang Tse
2011-10-29gtls.c: gnutls_transport_set_global_errno() deprecated in version 2.12.3Yang Tse
2011-10-27multi.c: OOM handling fixYang Tse
Fix curl_multi_cleanup() segfault when using weird cleanup sequence.
2011-10-27multi: start ftp state machine when switching to DO_MOREDaniel Stenberg
This extends the fix from commit d7934b8bd491 When the multi state is changed within the multi_runsingle from DOING to DO_MORE, we didn't immediately start the FTP state machine again. That then left the FTP state in FTP_STOP. When curl_multi_fdset() was subsequently called, the ftp_domore_getsock() function would return the wrong fd info. Reported by: Gokhan Sengun
2011-10-24ftp.c: some OOM handling fixesYang Tse
2011-10-21curl_multi_fdset: correct fdset with FTP PORT useDaniel Stenberg
After a PORT has been issued, and the multi handle would switch to the CURLM_STATE_DO_MORE state (which is unique for FTP), libcurl would return the wrong fdset to wait for when curl_multi_fdset() is called. The code would blindly assume that it was waiting for a connect of the second connection, while that isn't true immediately after the PORT command. Also, the function multi.c:domore_getsock() was highly FTP-centric and therefore ugly to keep in protocol-agnostic code. I solved this problem by introducing a new function pointer in the Curl_handler struct called domore_getsock() which is only called during the DOMORE state for protocols that set that pointer. The new ftp.c:ftp_domore_getsock() function now returns fdset info about the control connection's command/response handling while such a state is in use, and goes over to waiting for a writable second connection first once the commands are done. The original problem could be seen by running test 525 and checking the time stamps in the FTP server log. I can verify that this fix at least fixes this problem. Bug: http://curl.haxx.se/mail/lib-2011-10/0250.html Reported by: Gokhan Sengun
2011-10-21file.c: OOM handling fixYang Tse
file_disconnect() free's resources for multi API
2011-10-21multi.c: fix segfaultYang Tse
2011-10-20Fixed compilation when HTTP or cookies are disabledDan Fandrich
2011-10-20Curl_http_input_auth: handle multiple auths in WWW-AuthenticateDaniel Stenberg
The fix is pretty much the one Nick Zitzmann provided, just edited to do the right indent levels and with test case 1204 added to verify the fix. Bug: http://curl.haxx.se/mail/lib-2011-10/0190.html Reported by: Nick Zitzmann
2011-10-20Curl_smtp_escape_eob: first byte is index 0...Daniel Stenberg
Fix a bug with with commit 2621dd42a4d that happened due to my last second pre-commit cleanup of the change without proper testing afterwards!
2011-10-20gtls: only call gnutls_transport_set_lowat with <gnutls-2.12.0Tim Harder
The default lowat level for gnutls-2.12* is set to zero to avoid unnecessary system calls and the gnutls_transport_set_lowat function has been totally removed in >=gnutls-3 which causes build failures. Therefore, the function shouldn't be used except for versions that require it, <gnutls-2.12.0.
2011-10-20Curl_smtp_escape_eob: fix EOB escapingDaniel Stenberg
As the EOB string can come byte by byte over a series of writes we must match byte-wise. Bug: http://curl.haxx.se/mail/lib-2011-10/0172.html
2011-10-17singleipconnect: unstick the ipv6-connection booleanDaniel Stenberg
Previously the bit was set before the connection was found working so if it would first fail to an ipv6 address and then connect fine to a IPv4 address the variable would still be TRUE. Reported by: Thomas L. Shinnick Bug: http://curl.haxx.se/bug/view.cgi?id=3421912
2011-10-17nss: avoid a SIGSEGV with immature version of NSSKamil Dudka
Bug: https://bugzilla.redhat.com/733685
2011-10-17nss: big cleanup in nss_load_cert() and cert_stuff()Kamil Dudka
2011-10-17nss: refactor fmt_nickname() -> dup_nickname()Kamil Dudka
Do not use artificial nicknames for certificates from files.
2011-10-17nss: select client certificates by DERKamil Dudka
... instead of nicknames, which are not unique.
2011-10-16formdata: ack read callback abortDaniel Stenberg
When doing a multipart formpost with a read callback, and that callback returns CURL_READFUNC_ABORT, that return code must be properly propagated back and handled accordingly. Previously it would be handled as a zero byte read which would cause a hang! Added test case 587 to verify. It uses the lib554.c source code with a small ifdef. Reported by: Anton Bychkov Bug: http://curl.haxx.se/mail/lib-2011-10/0097.html
2011-10-15singleipconnect: don't clobber errnoDaniel Stenberg
Save the errno value immediately after a connect() failure so that it won't get reset to something else before we read it. Bug: http://curl.haxx.se/mail/lib-2011-10/0066.html Reported by: Frank Van Uffelen and Fabian Hiernaux
2011-10-14file.c: fix compiler warningYang Tse
2011-10-14url.c: fix endless loop upon transport connection timeoutYang Tse
Jerry Wu detected and provided detailed info about this issue.
2011-10-13curl_gethostname.c: fix signed/unsigned comparison and avoid a double copyYang Tse
both introduced in 42be24af
2011-10-13curl_ntlm_msgs.c: fix variable shadowing declaration introduced in 185ed340Yang Tse
2011-10-13tftp.c: TFTP timeout and unexpected block adjustmentsMarcin Adamski
Set ACK timeout to 5 seconds. If we are waiting for block X and receive block Y that is the expected one, we should send ACK and increase X (which is already implemented). Otherwise drop the packet and don't increase retry counter.
2011-10-13multi.c: OOM handling fixesYang Tse
Prevent modification of easy handle being added with curl_multi_add_handle() unless this function actually suceeds. Run Curl_posttransfer() to allow restoring of SIGPIPE handler when Curl_connect() fails early in multi_runsingle().
2011-10-13url.c: make line shorter than 80 charsYang Tse
2011-10-12OOM handling/cleanup slight adjustmentsYang Tse
2011-10-11OOM handling/cleanup slight adjustmentsYang Tse
2011-10-08telnet.c: fix compiler warningYang Tse
2011-10-07libcurl: some OOM handling fixesYang Tse
2011-10-06multi.c: OOM handling fixes making torture tests 560 580 581 passYang Tse
2011-10-04curl_share_cleanup: avoid compiler warningDaniel Stenberg
Move the variable declaration to within the #ifdef
2011-10-04struct Curl_share: provide sslsession unconditionallyDaniel Stenberg
It makes much nicer and less convuluted code everywhere if this struct member is always present even when libcurl is built without SSL support. This reverts parts of commit 15e3e451702396e
2011-10-04ftp: improved the failed PORT host name resolved error messageDaniel Stenberg
2011-10-03codepolicingDaniel Stenberg
2011-10-03sspi build fixDaniel Stenberg
define away Curl_ntlm_sspi_cleanup() when no windows SSPI build
2011-10-03smtp: Added support for NTLM authenticationSteve Holme
Modified smtp_endofresp() to detect NTLM from the server specified list of supported authentication mechanisms. Modified smtp_authenticate() to start the sending of the NTLM data. Added smtp_auth_ntlm_type1_message() which creates a NTLM type-1 message. This function is used by authenticate() to start the sending of data and by smtp_state_auth_ntlm_resp() when the AUTH command doesn't contain the type-1 message as part of the initial response. This lack of initial response can happen if an OOM error occurs or the type-1 message is longer than 504 characters. As the main AUTH command is limited to 512 character the data has to be transmitted in two parts; one containing the AUTH NTLM and the second containing the type-1 message. Added smtp_state_auth_ntlm_type2msg_resp() which handles the incoming type-2 message and sends an outgoing type-3 message. This type-2 message is sent by the server in response to our type-1 message. Modified smtp_state_auth_resp() to handle the response to: the AUTH NTLM without the initial response and the type-2 response. Modified smtp_disconnect() to cleanup the NTLM SSPI stack.
2011-10-03Curl_ntlm_create_typeX_message: Added the outlen parameterSteve Holme
Added the output message length as a parameter to both Curl_ntlm_create_type1_message() and Curl_ntlm_create_type3_message() for use by future functions that require it. Updated curl_ntlm.c to cater for the extra parameter on these two functions.
2011-10-03smtp: General tidy up ready for adding NTLM supportSteve Holme
Changed the name of variable l, in several functions, which represents the length of strings being sent to the server, to len which is more meaningful and consistent with other code in smtp.c and elsewhere. Reworked smtp_authenticate() to be simpler and easier to follow. Variables and now initialised in their definitions and if no username and password are specified the function sets the state to SMTP_STOP and returns immediately, rather than being part of a huge if statement.
2011-10-03smtp_mail: fixed another memory leakSteve Holme
... introduced in 7f304ab84f560c
2011-10-03share: don't use SSL unless enabledDaniel Stenberg
Don't even declare the struct members for disabled features Introducing the CURLSHE_NOT_BUILT_IN return code for the share interface when trying to set a sharing option that has been disabled (or not enabled) in the library.
2011-10-02multi: progress function abort must close connectionDaniel Stenberg
When the progress function returns to cancel the request, we must mark the connection to get closed and it must do to the DONE state. do_init() must be called as early as possible so that state variables for new connections are reset early. We could otherwise see that the old values were still there when a connection was to be disconnected very early and it would make it behave wrongly. Bug: http://curl.haxx.se/mail/lib-2011-10/0006.html Reported by: Vladimir Grishchenko