aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2012-04-04Revert "access the CA source file using HTTPS"Tim Heckman
This reverts commit f7e2ab6. This change caused fetching of the certificates to become unreliable. Bug: http://curl.haxx.se/mail/lib-2012-03/0238.html Reported by: Tim Heckman
2012-04-04IPv6 cookie domain: get rid of the first bracket before the second.Andrei Cipu
Commit 97b66ebe was copying a smaller buffer, thus duplicating the last character.
2012-04-04ftp.c: ftplistparser related OOM handling fixYang Tse
2012-04-04smtp.c: fix compiler warningsYang Tse
2012-04-03connect.c: return changed to CURLE_COULDNT_CONNECT when opensocket failsLijo Antony
Curl_socket returns CURLE_COULDNT_CONNECT when the opensocket callback returns CURL_SOCKET_BAD. Previous return value CURLE_FAILED_INIT conveys incorrect information to the user.
2012-04-02pop3: Reworked the command sending and handlingSteve Holme
Reworked the command sending from two specific LIST and RETR command functions into a single command based function as well as the two associated response handlers into a generic command handler.
2012-04-01smtp.c: Code policing and tidy upSteve Holme
2012-04-01SSH: public key can now be an empty stringArmel Asselin
If an empty string is passed to CURLOPT_SSH_PUBLIC_KEYFILE, libcurl will pass no public key to libssh2 which then tries to compute it from the private key. This is known to work when libssh2 1.4.0+ is linked against OpenSSL.
2012-04-01OpenSSL: Made cert hostname check conform to RFC 6125Tatsuhiro Tsujikawa
This change replaces RFC 2818 based hostname check in OpenSSL build with RFC 6125 [1] based one. The hostname check in RFC 2818 is ambiguous and each project implements it in the their own way and they are slightly different. I check curl, gnutls, Firefox and Chrome and they are all different. I don't think there is a bug in current implementation of hostname check. But it is not as strict as the modern browsers do. Currently, curl allows multiple wildcard character '*' and it matches '.'. (as described in the comment in ssluse.c). Firefox implementation is also based on RFC 2818 but it only allows at most one wildcard character and it must be in the left-most label in the pattern and the wildcard must not be followed by any character in the label.[2] Chromium implementation is based on RFC 6125 as my patch does. Firefox and Chromium both require wildcard in the left-most label in the presented identifier. This patch is more strict than the current implementation, so there may be some cases where old curl works but new one does not. But at the same time I think it is good practice to follow the modern browsers do and follow the newer RFC. [1] http://tools.ietf.org/html/rfc6125#section-6.4.3 [2] https://bugzilla.mozilla.org/show_bug.cgi?id=159483
2012-04-01HTTP: reset expected DL/UL sizes on redirectsDaniel Stenberg
With FOLLOWLOCATION enabled. When a 3xx page is downloaded and the download size was known (like with a Content-Length header), but the subsequent URL (transfered after the 3xx page) was chunked encoded, then the previous "known download size" would linger and cause the progress meter to get incorrect information, ie the former value would remain being sent in. This could easily result in downloads that were WAY larger than "expected" and would cause >100% outputs with the curl command line tool. Test case 599 was created and it was used to repeat the bug and then verify the fix. Bug: http://curl.haxx.se/bug/view.cgi?id=3510057 Reported by: Michael Wallner
2012-03-31smtp: Add support for DIGEST-MD5 authenticationGökhan Şengün
2012-03-31smtp: Cody tidy up of md5 digest lengthGökhan Şengün
Replaced the hard coded md5 digest length (16) with a preprocessor constant
2012-03-31md5: Add support for calculating the md5 sum of buffers incrementallyGökhan Şengün
It is now possible to calculate the md5 sum as the stream of buffers becomes known where as previously it was only possible to calculate the md5 sum of a pre-prepared buffer.
2012-03-31Revert "mk-ca-bundle.pl: use LWP::UserAgent for https"Daniel Stenberg
This reverts commit 9f0e1689f169b83b8fbdae23e0024cc57dcbc770. It turned out that "improvement" instead made the fetching of the certificates unreliable Bug: http://curl.haxx.se/mail/lib-2012-03/0238.html Reported by: Tim Heckman
2012-03-31pop3: Added support for additional pop3 commandsSteve Holme
This feature allows the user to specify and use additional POP3 commands such as UIDL and DELE via libcurl's CURLOPT_CUSTOMREQUEST or curl's -X command line option.
2012-03-25ssh.c: code cleanup, Curl_safefree() already nullifies pointerYang Tse
2012-03-25fix some compiler warningsYang Tse
2012-03-25pop3.c: Corrected problem with state() introduced in 01690ed2bce5Steve Holme
2012-03-25pop.c: Small code tidy upSteve Holme
2012-03-25pop3: Removed the need for the single message LIST command handlerSteve Holme
Simplified the code to remove the need for a separate "LIST <msg id>" command handler and state machine and instead use the LIST command handler for both operations.
2012-03-24pop3.c: Code policing and tidy upSteve Holme
Corrected character and line spacing and re-ordered list and retr functions based on the order of their state machines.
2012-03-24email: Moved server greeting responses into separate functionsSteve Holme
Moved the server greeting response handling code from the statemach_act functions to separate response functions. This makes the code simpler to follow and provides consistency with the other responses that are handled here.
2012-03-24pop3.c: Fixed body data being written when CURLOPT_NOBODY is specifiedSteve Holme
Body data would be forwarded to the client application in both the RETR and LIST commands even if CURLOPT_NOBODY was specified.
2012-03-22http_proxy.h: fix builds with proxy or http disabledYang Tse
2012-03-22parsedate.c: fix a numeric overflowYang Tse
2012-03-22cookies: strip the numerical ipv6 host properlyAndrei Cipu
The commit e650dbde86d4 that stripped off [brackets] from ipv6-only host headers for the sake of cookie parsing wrongly incremented the host pointer which would cause a bad free() call later on.
2012-03-22fix several compiler warningsYang Tse
2012-03-22CONNECT: fix multi interface regressionDaniel Stenberg
The refactoring of HTTP CONNECT handling in commit 41b0237834232 that made it protocol independent broke it for the multi interface. This fix now introduce a better state handling and moved some logic to the http_proxy.c source file. Reported by: Yang Tse Bug: http://curl.haxx.se/mail/lib-2012-03/0162.html
2012-03-20fix several compiler warningsYang Tse
2012-03-17lwip: basic checks and macros for compatiblityDaniel Stenberg
2012-03-16http_proxy.c: fix OOM handlingYang Tse
2012-03-16fix some compiler warningsYang Tse
2012-03-13resolve with c-ares: don't resolve IPv6 when not workingMaxim Prohorov
If the Curl_ipv6works() function says no, there is no reason to try AAAA names even if libcurl was built with IPv6 support enabled. Bug: http://curl.haxx.se/mail/lib-2012-03/0045.html
2012-03-10smtp.c: Changed the curl error code for EHLO and HELO responsesSteve Holme
Changed the returned curl error codes for EHLO and HELO responses from CURLE_LOGIN_DENIED to CURLE_REMOTE_ACCESS_DENIED as a negative response from these commands represents no service as opposed to a login error.
2012-03-10Curl_http: strip off [brackets] from ipv6-only host headersAndrei Cipu
Since the host name is passed in to the cookie engine it will not work correctly if the brackets are left in the name. Bug:http://curl.haxx.se/mail/lib-2012-03/0036.html
2012-03-10mk-ca-bundle.pl: use LWP::UserAgent with proper https verify behavior.John Joseph Bachir
An alternative would be: 1. specify HTTPS_CA_DIR and/or HTTPS_CA_FILE 2. ensure that Net::SSL is being used, and IO::Socket::SSL is NOT being used This question and answer explain: http://stackoverflow.com/questions/74358/
2012-03-10access the CA source file using HTTPSJohn Joseph Bachir
2012-03-09includes: remove inclusion of unused file http_proxy.hDaniel Stenberg
2012-03-08CONNECT: made generically not per-protocolDaniel Stenberg
Curl_protocol_connect() now does the tunneling through the HTTP proxy if requested instead of letting each protocol specific connection function do it.
2012-03-08ssh_connect: tunnel through HTTP proxy if requestedDaniel Stenberg
2012-03-08LWIP: don't consider HAVE_ERRNO_H to be winsockDaniel Stenberg
The check for Winsock definition was a bit too broad Bug: http://curl.haxx.se/mail/lib-2012-03/0046.html
2012-02-24CONNECT: fix ipv6 address in the Request-LineDaniel Stenberg
Commit 466150bc64d fixed the Host: header with CONNECT, but I then forgot the preceeding request-line. Now this too uses [brackets] properly if a ipv6 numerical address was given. Bug: http://curl.haxx.se/bug/view.cgi?id=3493129 Reported by: "Blacat"
2012-02-23SMTP: Added support for returning SMTP response codesSteve Holme
Set the conn->data->info.httpcode variable in smtp_statemach_act() to allow Curl_getinfo() to return the SMTP response code via the CURLINFO_RESPONSE_CODE action.
2012-02-21smtp.c: Fixed an issue with writing postdataSteve Holme
Fixed a problem in smtp_done() when writing out the postdata as Curl_write() would periodically return zero bytes written.
2012-02-19pop3.c: Fixed drop of final CRLF in EOB checkingSteve Holme
Curl_pop3_write() would drop the final CRLF of a message as it was considered part of the EOB as opposed to part of the message. Whilst the EOB sequence needs to be searched for by the function only the final 3 characters should be removed as per RFC-1939 section 3. Reported by: Rich Gray Bug: http://curl.haxx.se/mail/lib-2012-02/0051.html
2012-02-17smtp.c: Fixed an issue with the EOB checkingSteve Holme
Curl_smtp_escape_eob() would leave off final CRLFs from emails ending in multiple blank lines additionally leaving the smtpc->eob variable with the character count in, which would cause problems for additional emails when sent through multiple calls to curl_easy_perform() after a CURLOPT_CONNECT_ONLY.
2012-02-16SMTP: Code policing and tidy upSteve Holme
2012-02-15smtp.c: Fixed use of angled brackets in AUTH parameter.Steve Holme
Fixed the use of angled brackets "<>" in the optional AUTH parameter as per RFC-2554 section 5. The address should not include them but an empty address should be replaced by them.
2012-02-14smtp_mail: Added support to MAIL FROM for the optional AUTH parameterSteve Holme
Added a new CURLOPT_MAIL_AUTH option that allows the calling program to set the optional AUTH parameter in the MAIL FROM command. When this option is specified and an authentication mechanism is used to communicate with the mail server then the AUTH parameter will be included in the MAIL FROM command. This is particularly useful when the calling program is acting as a relay in a trusted environment and performing server to server communication, as it allows the relaying server to specify the address of the mailbox that was used to authenticate and send the original email.
2012-02-14cyassl: update to CyaSSL 2.0.x APItoddouska
Modify configure.ac to test for new CyaSSL Init function and remove default install path to system. Change to CyaSSL OpenSSL header and proper Init in code as well. Note that this no longer detects or works with CyaSSL before v2