aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2009-09-27- I introduced a maximum limit for received HTTP headers. It is controlled byDaniel Stenberg
the define CURL_MAX_HTTP_HEADER which is even exposed in the public header file to allow for users to fairly easy rebuild libcurl with a modified limit. The rationale for a fixed limit is that libcurl is realloc()ing a buffer to be able to put a full header into it, so that it can call the header callback with the entire header, but that also risk getting it into trouble if a server by mistake or willingly sends a header that is more or less without an end. The limit is set to 100K.
2009-09-27unify two very similar code sections into one single function, header_append()Daniel Stenberg
2009-09-26- John P. McCaskey posted a bug report that showed how libcurl did wrong whenDaniel Stenberg
saving received cookies with no given path, if the path in the request had a query part. That is means a question mark (?) and characters on the right side of that. I wrote test case 1105 and fixed this problem.
2009-09-26- Implemented a protocol independent way to specify blocking direction, used byKamil Dudka
transfer.c for blocking. It is currently used only by SCP and SFTP protocols. This enhancement resolves an issue with 100% CPU usage during SFTP upload, reported by Vourhey.
2009-09-25minor whitespace editDaniel Stenberg
2009-09-25- Chris Mumford filed bug report #2861587Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=2861587) identifying that libcurl used the OpenSSL function X509_load_crl_file() wrongly and failed if it would load a CRL file with more than one certificate within. This is now fixed.
2009-09-25fix compiler warning: end-of-loop code not reachedYang Tse
2009-09-24fix compiler warning: variable "sni" was set but never usedYang Tse
2009-09-21added support for new SQLite cert database format: added a runtime check for ↵Gunter Knauf
version 3.12.0, and depending on the result add 'sql:' prefix to cert database directory so that newer SQLIte database format works.
2009-09-21added aditional check for the directory specified with SSL_DIR, and fall ↵Gunter Knauf
back to hardcoded directory if not a valid directory.
2009-09-18fix compiler warning: comparison between signed and unsignedYang Tse
2009-09-17fix compiler warning: enumerated type mixed with another typeYang Tse
2009-09-17fix compiler warning: conversion to 'size_t' from 'curl_off_t' may alter its ↵Yang Tse
value
2009-09-17Moved Curl_rand() and Curl_srand() code from formdata.c and formdata.hYang Tse
into curl_rand.c and curl_rand.h
2009-09-17Attempt to silence bogus compiler warning: "Potential null pointer dereference"Yang Tse
2009-09-16- Sven Anders reported that we introduced a cert verfication flaw for OpenSSL-Daniel Stenberg
powered libcurl in 7.19.6. If there was a X509v3 Subject Alternative Name field in the certficate it had to match and so even if non-DNS and non-IP entry was present it caused the verification to fail.
2009-09-15Some systems poll function sets POLLHUP in revents without settingYang Tse
POLLIN, and sets POLLERR without setting POLLIN and POLLOUT. In some libcurl code execution paths this could trigger busy wait loops with high CPU usage until a timeout condition aborted the loop. This fix for Curl_poll adresses the above in a libcurl-wide mode.
2009-09-15Revert Joshua Kwan's patch committed 11 Sep 2009.Yang Tse
Some systems poll function sets POLLHUP in revents without setting POLLIN, and sets POLLERR without setting POLLIN and POLLOUT. In some libcurl code execution paths this could trigger busy wait loops with high CPU usage until a timeout condition aborted the loop. The reverted patch addressed the above issue for a very specific case, when awaiting c-ares to resolve. A libcurl-wide fix superceeds this one. http://cool.haxx.se/cvs.cgi/curl/lib/select.c.diff?r1=1.52&r2=1.53
2009-09-11 Joshua Kwan provided a patch to pass POLLERR / POLLHUP back to c-ares.Gunter Knauf
This fixes a loop problem with high CPU usage.
2009-09-10- Claes Jakobsson fixed a problem with cookie expiry dates at exctly the epochDaniel Stenberg
start second "Thu Jan 1 00:00:00 GMT 1970" as the date parser then returns 0 which internally then is treated as a session cookie. That particular date is now made to get the value of 1.
2009-09-08added debug output for NSS certpath.Gunter Knauf
2009-09-07changed NetWare makefiles to rely on SHELL rather than OSTYPE since we can ↵Gunter Knauf
have a sh-like shell also on Windows (MSYS, Cygwin).
2009-09-06added casts to silent compiler warning on 64bit systems.Gunter Knauf
2009-09-06use our define struct_stat to be compatible with largefile support.Gunter Knauf
2009-09-06added base64.h include to silent warnings about missing prototype for ↵Gunter Knauf
ATOB_ConvertAsciiToItem.
2009-09-03fix copyright yearDaniel Stenberg
2009-09-03provide and export Curl_parsedate() as a library-wide internal functionDaniel Stenberg
for a better API to date parsing than the external API is
2009-09-02- Daniel Johnson founded a flaw in the code convering sftp-errors to libcurlDaniel Stenberg
errors.
2009-09-01- Peter Sylvester made a debug featuer for Curl_resolv() that now will forceDaniel Stenberg
libcurl to resolve 'localhost' whatever name you use in the URL *if* you set the --interface option to (exactly) "LocalHost". This will enable us to write tests for custom hosts names but still use a local host server.
2009-08-31- When using the multi interface with FTP and you asked for NOBODY, you did noDaniel Stenberg
QUOTE commands and the request used the same path as the connection had already changed to, it would decide that no commands would be necessary for the "DO" action and that was not handled properly but libcurl would instead hang.
2009-08-30add casts to silent compiler warnings with 64bit systems.Gunter Knauf
2009-08-29add cast to silent compiler warning with 64bit systems.Gunter Knauf
2009-08-29fix shadow definition of outp.Gunter Knauf
2009-08-29add cast to silent compiler warning with 64bit systems.Gunter Knauf
2009-08-29removed obsolete casts.Gunter Knauf
2009-08-29add casts to silent compiler warnings with 64bit systems.Gunter Knauf
2009-08-29add cast to silient compiler warning with 64bit systems.Gunter Knauf
2009-08-28- Improved error message for not matching certificate subject name inKamil Dudka
libcurl-NSS. Originally reported at: https://bugzilla.redhat.com/show_bug.cgi?id=516056#c9
2009-08-24- Introduced a SYST-based test to properly set-up name format when dealing ↵Patrick Monnerat
with the OS/400 FTP server. - Fixed an ftp_readresp() bug preventing detection of failing control socket and causing FTP client to loop forever.
2009-08-24clarify the code by initing newurl to NULLDaniel Stenberg
2009-08-21With CURLOPT_PROXY_TRANSFER_MODE, avoid sending invalid URLs likeMichal Marek
ftp://example.com;type=i if the user specified ftp://example.com without the slash.
2009-08-21- Andre Guibert de Bruet pointed out a missing return code check for aDaniel Stenberg
strdup() that could lead to segfault if it returned NULL. I extended his suggest patch to now have Curl_retry_request() return a regular return code and better check that.
2009-08-21- Lots of good work by Krister Johansen, mostly related to pipelining:Daniel Stenberg
Fix SIGSEGV on free'd easy_conn when pipe unexpectedly breaks Fix data corruption issue with re-connected transfers Fix use after free if we're completed but easy_conn not NULL
2009-08-16added missing curl_easy_pause to export list.Gunter Knauf
2009-08-13- Changed NSS code to not ignore the value of ssl.verifyhost and produce moreKamil Dudka
verbose error messages. Originally reported at: https://bugzilla.redhat.com/show_bug.cgi?id=516056
2009-08-12add missing file, as pointed out by Karl MDaniel Stenberg
2009-08-12- Carsten Lange reported a bug and provided a patch for TFTP upload and theDaniel Stenberg
sending of the TSIZE option. I don't like fixing bugs just hours before a release, but since it was broken and the patch fixes this for him I decided to get it in anyway.
2009-08-11- Peter Sylvester made the HTTPS test server use specific certificates forDaniel Stenberg
each test, so that the test suite can now be used to actually test the verification of cert names etc. This made an error show up in the OpenSSL- specific code where it would attempt to match the CN field even if a subjectAltName exists that doesn't match. This is now fixed and verified in test 311.
2009-08-11- Benbuck Nason posted the bug report #2835196Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=2835196), fixing a few compiler warnings when mixing ints and bools.
2009-08-11Fixed a memory leak in the FTP code and an off-by-one heap buffer overflow.Dan Fandrich