aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2012-08-18darwinssl: add TLS 1.1 and 1.2 support, replace deprecated functionsNick Zitzmann
In Mountain Lion, Apple added TLS 1.1 and 1.2, and deprecated a number of SecureTransport functions, some of which we were using. We now check to see if the replacement functions are present, and if so, we use them instead. The old functions are still present for users of older cats. Also fixed a build warning that started to appear under Mountain Lion
2012-08-16ftp: active conn, place calling sockopt callback at the end of functionGokhan Sengun
Commit b91d29a28e170c16d65d956db79f2cd3a82372d2 introduces a bug and breaks Curl_closesocket function. sock_accepted flag for the second socket should be tagged as TRUE before the sockopt callback is called because in case the callback returns an error, Curl_closesocket function is going to call the - fclosesocket - callback for the accept()ed socket
2012-08-16ftp: active conn, allow application to set sockopt after accept() callGokhan Sengun
For active FTP connections, applications may need setting the sockopt after accept() call returns successful. This fix gives a call to the callback registered with CURL_SOCKOPTFUNCTION option. Also a new sock type - CURLSOCKTYPE_ACCEPT - is added. This type is to be passed to application callbacks with - purpose - parameter. Applications may use this parameter to distinguish between socket types.
2012-08-10ssh: use the libssh2 agent API conditionallyDaniel Stenberg
Commit e351972bc89aa4c brought in the ssh agent support but some uses of the libssh2 agent API was done unconditionally which wasn't good enough since that API hasn't always been present.
2012-08-10white space fix: shorten long lineDaniel Stenberg
... to please checksrc.pl
2012-08-09docs: update the links to cipher-suites supported by NSSKamil Dudka
... and make the list of cipher-suites in nss.c readable by humans. Bug: http://curl.haxx.se/mail/archive-2012-08/0016.html
2012-08-09nss: do not print misleading NSS error codesKamil Dudka
2012-08-08SSH: added agent based authenticationArmel Asselin
CURLSSH_AUTH_AGENT is a new auth type for SSH
2012-08-08curl_version: fixed Value stored to 'len' is never readDaniel Stenberg
Fixed this (harmless) clang-analyzer warning. Also fixed the source indentation level.
2012-08-08add_next_timeout: minor restructure of codeDaniel Stenberg
By reading the ->head pointer and using that instead of the ->size number to figure out if there's a list remaining we avoid the (false positive) clang-analyzer warning that we might dereference of a null pointer.
2012-08-08verbose messages: fixed output of hostnames in re-used connectionsDaniel Stenberg
I suspect this is a regression introduced in commit 207cf150, included since 7.24.0. Avoid showing '(nil)' as hostname in verbose output by making sure the hostname fixup function is called early enough to set the pointers that are used for this. The name data is set again for each request even for re-used connections to handle multiple hostnames over the same connection (like with proxy) or that the casing etc of the host name is changed between requests (which has proven to be important at least once in the past). Test1011 was modified to use a redirect with a re-used a connection since it then showed the bug and now lo longer does. There's currently no easy way to have the test suite detect 'nil' texts in verbose ouputs so no tests will detect if this problem gets reintroduced. Bug: http://curl.haxx.se/mail/lib-2012-07/0111.html Reported by: Gisle Vanem
2012-08-07Avoid leak of local device string when reusing connectionMike Crowe
Ensure that the copy of the CURLOPT_INTERFACE string is freed if we decide we can reuse an existing connection.
2012-08-07Curl_socket_check: fix timeout return value for select usersDaniel Stenberg
This is the same fix applied for the conditional code that uses select() that was already done for the poll specific code in commit b61e8b81f5038.
2012-08-07Curl_socket_check: fix return code for timeoutMaxime Larocque
We found a problem with ftp transfer using libcurl (7.23 and 7.25) inside an application which is receiving unix signals (SIGUSR1, SIGUSR2...) almost continuously. (Linux 2.4, PowerPC, HAVE_POLL_FINE defined). Curl_socket_check() uses poll() to wait for the socket, and retries it when a signal is received (EINTR). However, if a signal is received and it also happens that the timeout has been reached, Curl_socket_check() returns -1 instead of 0 (indicating an error instead of a timeout). In our case, the result is an aborted connection even before the ftp banner is received from the server, and a return value of CURLE_OUT_OF_MEMORY from curl_easy_perform() (Curl_pp_multi_statemach(), in pingpong.c, actually returns OOM if Curl_socket_check() fails :-) Funny to debug on a system on which OOM is a possible cause). Bug: http://curl.haxx.se/mail/lib-2012-07/0122.html
2012-08-07WSAPoll: disabled on all windows buildsDaniel Stenberg
Due to WSAPoll bugs, libcurl does not work as intended. When the cURL library is used to setup a connection to an incorrect port, normally the result is CURLE_COULDNT_CONNECT, /* 7 */, but due to the bug in WSAPoll, the result now is CURLE_OPERATION_TIMEDOUT, /* 28 - the timeout time was reached */. On August 1, Jan Koen Annot opened a case for this to Microsoft Premier Online (https://premier.microsoft.com/). The support engineer handling the case wrote that the case description is quite clear. He will try to reproduce the issue and then proceed with troubleshooting it. Reported by: Jan Koen Annot Bug: http://curl.haxx.se/mail/lib-2012-07/0310.html
2012-08-07retry request: only access the HTTP data if in fact HTTPDaniel Stenberg
When figuring out if the data stream needs to be rewound when the request is to be resent, we must not access the HTTP struct unless the protocol used is indeed HTTP... Bug: http://curl.haxx.se/bug/view.cgi?id=3544688
2012-08-07VC build: add define for opensslDaniel Stenberg
This fixes a build failure of lib/ssluse.c. Bug: http://curl.haxx.se/bug/view.cgi?id=3552997
2012-08-06gtls: fix build failure by including nettle-specific headersDaniel Stenberg
Bug: http://curl.haxx.se/bug/view.cgi?id=3554668 Reported by: Anthony G. Basile
2012-08-03Cleanup handshake after clean NTLM failureJoe Mason
2012-08-03Zero out auth structs before transferJoe Mason
2012-07-30file: use fdopen() for uploaded files if availableKamil Dudka
It eliminates noisy events when using inotify and fixes a TOCTOU issue. Bug: https://bugzilla.redhat.com/844385
2012-07-27Fixed compiler warning 'unused parameter'.Guenter Knauf
2012-07-27Added prototypes to kill compiler warning.Guenter Knauf
2012-07-26Changed Windows IDN text to 'WinIDN'.Guenter Knauf
Synced the output to the same short form as we now use for Windows SSL (WinSSL).
2012-07-25darwinssl: fixed freeze involving the multi interfaceNick Zitzmann
Previously the curl_multi interface would freeze if darwinssl was enabled and at least one of the handles tried to connect to a Web site using HTTPS. Removed the "wouldblock" state darwinssl was using because I figured out a solution for our "would block but in which direction?" dilemma.
2012-07-25Added support for tls-srp to MinGW builds.Guenter Knauf
2012-07-22keepalive: multiply value for OS-specific unitsDaniel Stenberg
DragonFly uses milliseconds, while our API and Linux use full seconds. Reported by: John Marino Bug: http://curl.haxx.se/bug/view.cgi?id=3546257
2012-07-22http: print reason phrase from HTTP status line on errorKamil Dudka
Bug: https://bugzilla.redhat.com/676596
2012-07-21Client's "qop" value should not be quoted (RFC2617, section 3.2.2).Anton Yabchinskiy
2012-07-15multi_runsingle: added precaution against easy_conn NULL pointerDaniel Stenberg
In many states the easy_conn pointer is referenced and just assumed to be working. This is an added extra check since analyzing indicates there's a risk we can end up in these states with a NULL pointer there.
2012-07-13parse_proxy: remove dead assignmentDaniel Stenberg
Spotted by clang-analyzer
2012-07-13ftp_do_more: add missing check of return codeDaniel Stenberg
Spotted by clang-analyzer. The return code was never checked, just stored.
2012-07-13getinfo: use va_end and cut off Curl_ from static funcsDaniel Stenberg
va_end() needs to be used after va_start() and we don't normally use Curl_ prefixes for purely static functions.
2012-07-13Split up Curl_getinfoPhilip Craig
This avoids false positives from clang's scan-build.
2012-07-12Minor fixes to MinGW makefiles.Guenter Knauf
2012-07-12HEAD: don't force-close after response-headersDaniel Stenberg
A HEAD response has no body length and gets the headers like the corresponding GET would so it should not get closed after the response based on the same rules. This mistake caused connections that did HEAD to get closed too often without a valid reason. Bug: http://curl.haxx.se/bug/view.cgi?id=3542731 Reported by: Eelco Dolstra
2012-07-11Removed libcurl.imp from Makefile.am.Guenter Knauf
Updated .gitignore for NetWare created files.
2012-07-11Added missing dependency to export list.Guenter Knauf
2012-07-11Fixed export list path.Guenter Knauf
2012-07-11Changed NetWare build to generate export list.Guenter Knauf
2012-07-11Small NetWare makefile tweak.Guenter Knauf
2012-07-11Changed MinGW makefiles to use WINSSL now.Guenter Knauf
2012-07-09Make Curl_schannel_version() return "WinSSL"Yang Tse
Modification based on voting result: http://curl.haxx.se/mail/lib-2012-07/0104.html
2012-07-09cookie: fixed typo in commentDaniel Stenberg
2012-07-09https_getsock: provided for schannel backend as wellChristian Hägele
The function https_getsock was only implemented properly when USE_SSLEAY or USE_GNUTLS is defined, but it is also necessary for USE_SCHANNEL. The problem occurs when Curl_read_plain or Curl_write_plain returns CURLE_AGAIN. In that case CURL_OK is returned to the multi-interface an the used socket is set to state CURL_POLL_REMOVE and the easy-state is set to CURLM_STATE_PROTOCONNECT. This is fine, because later the socket should be set to CURL_POLL_IN or CURL_POLL_OUT via multi_getsock. That's where https_getsock is called and doesn't return any sockets.
2012-07-08darwinssl: don't use arc4random_bufNick Zitzmann
Re-wrote Curl_darwinssl_random() to not use arc4random_buf() because the function is not available prior to iOS 4.3 and OS X 10.7.
2012-07-07darwinssl: output cipher with text, remove SNI warningNick Zitzmann
The code was printing a warning when SNI was set up successfully. Oops. Printing the cipher number in verbose mode was something only TLS/SSL programmers might understand, so I had it print the name of the cipher, just like in the OpenSSL code. That'll be at least a little bit easier to understand. The SecureTransport API doesn't have a method of getting a string from a cipher like OpenSSL does, so I had to generate the strings manually.
2012-07-06code police: narrow source to < 80 columnsDaniel Stenberg
2012-07-05unicode NTLM SSPI: cleanup follow-upYang Tse
2012-07-05unicode NTLM SSPI: cleanupYang Tse
Reduce the number of #ifdef UNICODE directives used in source files.