aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2011-12-06OpenSSL: check for the SSLv2 function in configureDaniel Stenberg
If no SSLv2 was detected in OpenSSL by configure, then we enforce the OPENSSL_NO_SSL2 define as it seems some people report it not being defined properly in the OpenSSL headers.
2011-12-05SSH: fix CURLOPT_SSH_HOST_PUBLIC_KEY_MD5Daniel Stenberg
When a 32 digit hex key is given as a hostkey md5 checksum, the code would still run it against the knownhost check and not properly acknowledge that the md5 should then be the sole guide for. The verbose output now includes the evaluated MD5 hostkey checksum. Some related source code comments were also updated. Bug: http://curl.haxx.se/bug/view.cgi?id=3451592 Reported by: Reza Arbab
2011-12-05Curl_resolver_is_resolved: differentiate between host/proxy errorsDaniel Stenberg
As there are different return codes for host vs proxy errors, this function now properly returns the code properly depending on what was attempted to get resolved. Bug: http://curl.haxx.se/mail/archive-2011-12/0010.html Reported by: Jason Liu
2011-12-05c-ares: return proxy failure for all proxy typesDaniel Stenberg
When making a distinction which return code to return, the code previously only regarded HTTP proxies to be proxies and thus return host-related errors for failures on other proxy types than HTTP. Now all proxy types will be considered proxies...
2011-12-05FTP: close callback fixDaniel Stenberg
Keep track of which sockets that are the result of accept() calls and refuse to call the closesocket callback for those sockets. Test case 596 now verifies that the open socket callback is called the same number of times as the closed socket callback for active FTP connections. Bug: http://curl.haxx.se/mail/lib-2011-12/0018.html Reported by: Gokhan Sengun
2011-12-05FTP: call opensocket callback properlyDaniel Stenberg
When the new socket is created for an active connection, it is now done using the open socket callback. Test case 596 was modified to run fine, although it hides the fact that the close callback is still called too many times, as it also gets called for closing sockets that were created with accept().
2011-12-05Curl_socket: internal replacement for socket()Daniel Stenberg
Moved out into a separate function to work as a "generic" socket() replacement.
2011-12-02CURLOPT_DNS_SERVERS: set name servers if possible (fix)Jason Glasgow
Ensure that CURLE_OK is returned if setting the name servers is successfull.
2011-12-02multi interface: only use non-NULL function pointer!Daniel Stenberg
If the socket callback function pointer hasn't been set, we must not attempt to use it. Commit adc88ca20 made it more likely to occur.
2011-12-02multi: handle timeouts on DNS servers by checking for new socketsJason Glasgow
If the first name server is not available, the multi interface does not invoke the socket_cb when the DNS request to the first name server timesout. Ensure that the list of sockets are always updated after calling Curl_resolver_is_resolved. This bug can be reproduced if Curl is complied with --enable_ares and your code uses the multi socket interfaces and the CURLMOPT_SOCKETFUNCTION option. To test try: iptables -I INPUT \ -s $(sed -n -e '/name/{s/.* //p;q}' /etc/resolv.conf)/32 \ -j REJECT and then run a program which uses the multi-interface.
2011-12-01POP3: fixed escaped dot not being striped outSteve Holme
Changed the eob detection to work across the whole of the buffer so that lines that begin with a dot (which the server will have escaped) are passed to the client application correctly.
2011-11-29pop3.c: fix compiler warningYang Tse
2011-11-29POP3: detect when LIST returns no mailsDaniel Stenberg
By making sure the function can detect an "end of body" sequence immediately on the first line, test 811 is now enabled.
2011-11-29POP3: fix end of body detectionDaniel Stenberg
Curl_pop3_write() now has a state machine that scans for the end of a POP3 body so that the CR LF '.' CR LF sequence can come in everything from one up to five subsequent packets. Test case 810 is modified to use SLOWDOWN which makes the server pause between each single byte and thus makes the POP3 body get sent to curl basically one byte at a time.
2011-11-25CyaSSL 2.0+ library initialization adjustmentYang Tse
2011-11-25rectify commentJonas Schnelli
2011-11-25SSLSESSION_SHARED: new macro to check if session is sharedDaniel Stenberg
Added convenience macro to use to check if a handle is using a shared SSL session, and fixed so that Curl_ssl_close_all() doesn't lock when the session isn't shared.
2011-11-25telnet.c: fix MSVC compiler warningYang Tse
2011-11-25tvdiff_secs(): sub-zero time difference adjustmentYang Tse
Skip a floating point addition operation when integral part of time difference is zero. This avoids potential floating point addition rounding problems while preserving decimal part value.
2011-11-25telnet: fix macros to allow proper semicolon useDaniel Stenberg
Macros that look like function calls need to be made so that we can use semicolons properly for indentation and for reducing the risk for mistakes when using them.
2011-11-25TELNET: improved treatment of optionsLaurent Rabret
1) enables the Window Size option 2) allows the server to enable the echo mode 3) allows an app using libcurl to disable the default binary mode Signed-off-by: Laurent Rabret
2011-11-24query-part: ignore the URI part for given protocolsJonas Schnelli
By setting PROTOPT_NOURLQUERY in the protocol handler struct, the protocol will get the "query part" of the URL cut off before the data is handled by the protocol-specific code. This makes libcurl adhere to RFC3986 section 2.2. Test 1220 is added to verify a file:// URL with query-part.
2011-11-24getinfo.c: reset app connect time when clearing session-info time variablesYang Tse
2011-11-24Fix unreleased regression when using windows gnutls versions older than 2.8Yang Tse
2011-11-23gnutls: only translate winsock errors for old versionsMark Brand
Bugfix: https handshake fails using gnutls 3 on windows http://sourceforge.net/tracker/index.php?func=detail&aid=3441084&group_id=976&atid=100976 New gnutls versions have an error handler that knows about Winsock errors, which is why gnutls_transport_set_global_errno() was deprecated and then removed. This is a correction of commit f5bb370 (blame me) which meant to reimplement gnutls_transport_set_global_errno(), which is not necessary.
2011-11-21protocol_connect: show verbose connect and set connect timeDaniel Stenberg
Regression: commit b998d95b (shipped first in release 7.22.0) made the condition always equal false that should reset the TIMER_CONNECT timer and call the Curl_verboseconnect() function. Reported by: "Captain Basil" Bug: http://curl.haxx.se/mail/archive-2011-11/0035.html
2011-11-19Add support for using nettle instead of gcrypt as gnutls backendMartin Storsjo
2011-11-18SFTP: support '*' prefix for quote operationsJonas Schnelli
prefixing a command with '*' means it is allowed to fail without aborting the chain actions
2011-11-17getsessionid: don't ever return while lockedDaniel Stenberg
Also, check for the session sharing bit instead of comparing pointers
2011-11-17Curl_ssl_getsessionid: increase the value, not the pointerDaniel Stenberg
2011-11-17SSL session share: move the age counter to the share objectAlejandro Alvarez Ayllon
Previously the age counter would be counted individually in each easy handle that shared SSL sessions!
2011-11-17CURLOPT_DNS_SERVERS: set name servers if possibleJason Glasgow
2011-11-08Fix to skip untrusted certs.Guenter Knauf
2011-11-06ftp PORT: don't hang if bind() failsDaniel Stenberg
When the user requests PORT with a specific port or port range, the code could lock up in an endless loop. There's now an extra conditional that makes sure to special treat the error and try the local address only once so a second failure will abort the loop correctly. Bug: http://curl.haxx.se/bug/view.cgi?id=3433968 Reported by: Gokhan Sengun
2011-11-06pingpong: change two comments wrongly referring "FTP"Daniel Stenberg
Just a sign of where the code originally was ripped out from. Now it is generic "pingpong".
2011-11-06HTTP auth: fix proxy Negotiate bugRene Bernhardt
If a proxy offers several Authentication schemes where NTLM and Negotiate are offered by the proxy and you tell libcurl not to use the Negotiate scheme then the request never returns when the proxy answers with its HTTP 407 reply. It is reproducible by the following steps: - Use a proxy that offers NTLM and Negotiate ( CURLOPT_PROXY and CURLOPT_PROXYPORT ) - Tell libcurl NOT to use Negotiate CURL_EASY_SETOPT(CURLOPT_PROXYAUTH, CURLAUTH_BASIC | CURLAUTH_DIGEST | CURLAUTH_NTLM ) - Start the request The call to CURL_EASY_PERFORM never returns. If you switch on debug logging you can see that libcurl issues a new request As soon as it received the 407 reply. Instead it should return and set the response code to 407. Bug: http://curl.haxx.se/mail/lib-2011-10/0323.html
2011-11-04ssluse.c: fix calling of OpenSSL's ERR_remove_state(0)Yang Tse
Move calling of ERR_remove_state(0) a.k.a ERR_remove_thread_state(NULL) from Curl_ossl_close_all() to Curl_ossl_cleanup(). In this way ERR_remove_state(0) is now only called in libcurl by curl_global_cleanup(). Previously it would get called by functions curl_easy_cleanup(), curl_multi_cleanup and potentially each time a connection was removed from a connection cache leading to premature destruction of OpenSSL's thread local state hash. Multi-threaded apps using OpenSSL enabled libcurl should still call function ERR_remove_state(0) or ERR_remove_thread_state(NULL) at the very end end of threads that do not call curl_global_cleanup().
2011-11-03url.c and file.c: fix OOM triggered segfaultYang Tse
2011-11-03rename ftp_ssl: the struct field is used for many protocolsDaniel Stenberg
Now called 'use_ssl' instead, which better matches the current CURLOPT name and since the option is used for all pingpong protocols (at least) it makes sense to not use 'ftp' in the name.
2011-11-02gtls_connect_step1: remove use of deprecated functionsDaniel Stenberg
Use gnutls_priority_set_direct() instead of gnutls_protocol_set_priority(). Remove the gnutls_certificate_type_set_priority() use since x509 is the default certificate type anyway. Reported by: Vincent Torri
2011-11-02url.c and transfer.c: nullify connection pointer when free()'edYang Tse
2011-11-01multi.c: OOM handling fixYang Tse
2011-10-31setup.h: fix compiler warningYang Tse
2011-10-29gtls.c: gnutls_transport_set_global_errno() deprecated in version 2.12.3Yang Tse
2011-10-27multi.c: OOM handling fixYang Tse
Fix curl_multi_cleanup() segfault when using weird cleanup sequence.
2011-10-27multi: start ftp state machine when switching to DO_MOREDaniel Stenberg
This extends the fix from commit d7934b8bd491 When the multi state is changed within the multi_runsingle from DOING to DO_MORE, we didn't immediately start the FTP state machine again. That then left the FTP state in FTP_STOP. When curl_multi_fdset() was subsequently called, the ftp_domore_getsock() function would return the wrong fd info. Reported by: Gokhan Sengun
2011-10-24ftp.c: some OOM handling fixesYang Tse
2011-10-21curl_multi_fdset: correct fdset with FTP PORT useDaniel Stenberg
After a PORT has been issued, and the multi handle would switch to the CURLM_STATE_DO_MORE state (which is unique for FTP), libcurl would return the wrong fdset to wait for when curl_multi_fdset() is called. The code would blindly assume that it was waiting for a connect of the second connection, while that isn't true immediately after the PORT command. Also, the function multi.c:domore_getsock() was highly FTP-centric and therefore ugly to keep in protocol-agnostic code. I solved this problem by introducing a new function pointer in the Curl_handler struct called domore_getsock() which is only called during the DOMORE state for protocols that set that pointer. The new ftp.c:ftp_domore_getsock() function now returns fdset info about the control connection's command/response handling while such a state is in use, and goes over to waiting for a writable second connection first once the commands are done. The original problem could be seen by running test 525 and checking the time stamps in the FTP server log. I can verify that this fix at least fixes this problem. Bug: http://curl.haxx.se/mail/lib-2011-10/0250.html Reported by: Gokhan Sengun
2011-10-21file.c: OOM handling fixYang Tse
file_disconnect() free's resources for multi API
2011-10-21multi.c: fix segfaultYang Tse