aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2014-02-07formpost: use semicolon in multipart/mixedDaniel Stenberg
Not comma, which is an inconsistency and a mistake probably inherited from the examples section of RFC1867. This bug has been present since the day curl started to support multipart formposts, back in the 90s. Reported-by: Rob Davies Bug: http://curl.haxx.se/bug/view.cgi?id=1333
2014-02-06ssh: Fixed a NULL pointer dereference on OOM conditionDan Fandrich
2014-02-06nss: Updated copyright year for recent editsSteve Holme
2014-02-06100-continue: fix timeout conditionRemi Gacogne
When using the multi socket interface, libcurl calls the curl_multi_timer_callback asking to be woken up after CURL_TIMEOUT_EXPECT_100 milliseconds. After the timeout has expired, calling curl_multi_socket_action with CURL_SOCKET_TIMEOUT as sockfd leads libcurl to check expired timeouts. When handling the 100-continue one, the following check in Curl_readwrite() fails if exactly CURL_TIMEOUT_EXPECT_100 milliseconds passed since the timeout has been set! It seems logical to consider that having waited for exactly CURL_TIMEOUT_EXPECT_100 ms is enough. Bug: http://curl.haxx.se/bug/view.cgi?id=1334
2014-02-06nss: prefer highest available TLS versionFabian Frank
Offer TLSv1.0 to 1.2 by default, still fall back to SSLv3 if --tlsv1[.N] was not specified on the command line.
2014-02-06http2: spell fixed README and added version requirementDaniel Stenberg
2014-02-05http2: minor update of the READMEDaniel Stenberg
2014-02-05http2: rely on content-encoding headerFabian Frank
A server might respond with a content-encoding header and a response that was encoded accordingly in HTTP-draft-09/2.0 mode, even if the client did not send an accept-encoding header earlier. The server might not send a content-encoding header if the identity encoding was used to encode the response. See: http://tools.ietf.org/html/draft-ietf-httpbis-http2-09#section-9.3
2014-02-04http2: enforce gzip auto-decompressDaniel Stenberg
As this is mandated by the http2 spec draft-09
2014-02-04http2: handle incoming data larger than remaining bufferTatsuhiro Tsujikawa
2014-02-04http2: Check stream ID we are interested inTatsuhiro Tsujikawa
2014-02-04http2: store response header in temporary bufferTatsuhiro Tsujikawa
2014-02-04HTTP2: add layer between existing http and socket(TLS) layerTatsuhiro Tsujikawa
This patch chooses different approach to integrate HTTP2 into HTTP curl stack. The idea is that we insert HTTP2 layer between HTTP code and socket(TLS) layer. When HTTP2 is initialized (either in NPN or Upgrade), we replace the Curl_recv/Curl_send callbacks with HTTP2's, but keep the original callbacks in http_conn struct. When sending serialized data by nghttp2, we use original Curl_send callback. Likewise, when reading data from network, we use original Curl_recv callback. In this way we can treat both TLS and non-TLS connections. With this patch, one can transfer contents from https://twitter.com and from nghttp2 test server in plain HTTP as well. The code still has rough edges. The notable one is I could not figure out how to call nghttp2_session_send() when underlying socket is writable.
2014-02-04gtls: add ALPN supportFabian Frank
Add ALPN support when using GnuTLS >= 3.2.0. This allows libcurl to negotiate HTTP/2.0 for https connections when built with GnuTLS. See: http://www.gnutls.org/manual/gnutls.html#Application-Layer-Protocol-Negotiation-_0028ALPN_0029 http://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-04
2014-02-03openssl: add ALPN supportFabian Frank
Add ALPN support when using OpenSSL. This will offer ALPN and NPN to the server, who can respond with either one or none of the two. OpenSSL >= 1.0.2 is required, which means as of today obtaining a snapshot from ftp://ftp.openssl.org/snapshot/. See: http://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-04 https://github.com/openssl/openssl/blob/ba168244a14bbd056e502d7daa04cae4aabe9d0d/ssl/ssl_lib.c#L1787
2014-01-31winssl: improved default SSL/TLS protocol selectionMarc Hoersken
For some reason Windows 7 SP1 chooses TLS 1.0 instead of TLS 1.2 if it is not explicitly enabled within grbitEnabledProtocols. More information can be found on MSDN: http://msdn.microsoft.com/library/windows/desktop/aa379810.aspx
2014-01-31pipeline: Fixed a NULL pointer dereference on OOMDan Fandrich
2014-01-30ftp: fixed a memory leak on wildcard error pathDan Fandrich
2014-01-30netrc: Fixed a memory leak in an OOM conditionDan Fandrich
2014-01-30ntlm: Fixed a memory leak when using NTLM with a proxy serverSteve Holme
2014-01-30http2: fix size check in on_data_chunk_recvDaniel Stenberg
2014-01-30http2: add CRLF when first data arrivesDaniel Stenberg
2014-01-30http2_recv: Return written length on CURLE_AGAINTatsuhiro Tsujikawa
2014-01-30http2: Use nghttp2_session_mem_recv and nghttp2_session_upgradeTatsuhiro Tsujikawa
2014-01-30http2: basic version of receiving DATADaniel Stenberg
2014-01-30http2: convert HEADER frames to HTTP1-like headersDaniel Stenberg
... and then go through the "normal" HTTP engine.
2014-01-30http2: fix EWOULDBLOCK in recv_callback()Daniel Stenberg
2014-01-30http2: do the POST Upgrade dance properlyDaniel Stenberg
2014-01-30ntlm: Use static client nonce for the test suiteSteve Holme
2014-01-30http2.h: provide empty macros for non-http2 buildsDaniel Stenberg
2014-01-30http2: switch into http2 mode if NPN indicatesFabian Frank
Check the NPN result before preparing an HTTP request and switch into HTTP/2.0 mode if necessary. This is a work in progress, the actual code to prepare and send the request using nghttp2 is still missing from Curl_http2_send_request().
2014-01-30http2: s/Curl_http2_request/Curl_http2_request_upgradeDaniel Stenberg
To better reflect its purpose
2014-01-30http2-openssl: verify that NPN functionality is presentDaniel Stenberg
2014-01-30openssl: set up hooks with to perform NPNFabian Frank
NPN is what is available in the wild today to negotiate SPDY or HTTP/2.0 connections. It is expected to be replaced by ALPN in the future. If HTTP/2.0 is negotiated, this is indicated for the entire connection and http.c is expected to initialize itself for HTTP/2.0 instead of HTTP/1.1. see: http://technotes.googlecode.com/git/nextprotoneg.html http://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-04
2014-01-30http2: added stubs for all nghttp2 callbacksDaniel Stenberg
This makes it easier to trace what's happening.
2014-01-29http2: use FIRSTSOCKET instead of 0 to index the sockets arrayDaniel Stenberg
2014-01-29http2: receive and log the received header framesDaniel Stenberg
2014-01-29http2_recv: log nghttp2 return codes for debugging purposesDaniel Stenberg
2014-01-29HTTP2: reject nghttp2 versions before 0.3.0Daniel Stenberg
2014-01-29http2: adjusted to newer nghttp2_session_callbacks structGisle Vanem
the number of elements in the 'nghttp2_session_callbacks' structure is now reduced by 2 in version 0.3.0 (I'm not sure when the change happened, but checking for ver 0.3.0 work for me).
2014-01-29HTTP2: Wrong NgHTTP2 user-dataGisle Vanem
Something is wrong in 'userp' for the HTTP2 recv_callback(). The session is created using bogus user-data; '&conn' and not 'conn'. I noticed this since the socket-value in Curl_read_plain() was set to a impossible high value.
2014-01-29NTLM: error: conversion to 'int' from 'long int' may alter its valueDaniel Stenberg
Fixed two compiler nits
2014-01-29ntlm: Coding style policing dating back to 2011Steve Holme
2014-01-29ntlm: Use a timestamp of 01/01/1970 for the test suiteSteve Holme
2014-01-29ntlm: Updated Curl_ntlm_core_mk_ntlmv2_resp() to use local variablesSteve Holme
...until the function is successful when it returns them in the out parameters.
2014-01-29ntlm: Added cross platform support for writing NTLMv2 timestamp in bufferSteve Holme
Added conversion functions write32_le() and write64_le() to ensure the NTLMv2 timestamp is always written in little-endian.
2014-01-29ntlm: Added support for NTLMv2Prash Dush
2014-01-29nss: do not use the NSS_ENABLE_ECC defineKamil Dudka
It is not provided by NSS public headers. Bug: https://bugzilla.redhat.com/1058776
2014-01-29nss: do not fail if NSS does not implement a cipherKamil Dudka
... that the user does not ask for
2014-01-29http2: switch recv/send functions to http2 ones after 101Daniel Stenberg