aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2012-04-12configure: NATIVE_WINDOWS no longer defined in config filesYang Tse
2012-04-11build adjustments: CURL_HIDDEN_SYMBOLS no longer defined in config filesYang Tse
configure script now provides conditional definitions for Makefile.am that result in CURL_HIDDEN_SYMBOLS being defined by resulting makefiles when appropriate. Additionally, configure script option for symbol hiding control is now named --enable-symbol-hiding --disable-symbol-hiding. While still valid, old option name --enable-hidden-symbols --disable-hidden-symbols will be deprecated in some future release.
2012-04-09configure: Windows cross-compilation fixesYang Tse
BUILDING_LIBCURL and CURL_STATICLIB are no longer defined in curl_config.h, configure will generate appropriate conditionals so that mentioned symbols get defined and used in Makefiles at compilation time
2012-04-07curl tool: use configuration files from lib directory - follow-up IYang Tse
amigaos.[ch] now integrates nicely with any libcurl build
2012-04-06curl tool: use configuration files from lib directoryYang Tse
Configuration files such as curl_config.h and all config-*.h no longer exist nor are generated/copied into 'src' directory, now these only exist in 'lib' directory from where curl tool sources uses them. Additionally old src/setup.h has been refactored into src/tool_setup.h which now pulls lib/setup.h The possibility of a makefile needing an include path adjustment exists.
2012-04-06PolarSSL: correct return code for CRL matchesDaniel Stenberg
When a server certificate matches one in the given CRL file, the code now returns CURLE_SSL_CACERT as test case 313 expects and verifies.
2012-04-06PolarSSL: include version number in version stringDaniel Stenberg
Previously it would say PolarSSL only, now it says PolarSSL/1.1.0 in the same style other libs and components do.
2012-04-05CURLOPT_POSTREDIR: also allow 303 to do POST on the redirected URLAndrei Cipu
As it turns out, some people do want that after all.
2012-04-05PolarSSL: add support for asynchronous connectDag Ekengren
2012-04-04Revert "access the CA source file using HTTPS"Tim Heckman
This reverts commit f7e2ab6. This change caused fetching of the certificates to become unreliable. Bug: http://curl.haxx.se/mail/lib-2012-03/0238.html Reported by: Tim Heckman
2012-04-04IPv6 cookie domain: get rid of the first bracket before the second.Andrei Cipu
Commit 97b66ebe was copying a smaller buffer, thus duplicating the last character.
2012-04-04ftp.c: ftplistparser related OOM handling fixYang Tse
2012-04-04smtp.c: fix compiler warningsYang Tse
2012-04-03connect.c: return changed to CURLE_COULDNT_CONNECT when opensocket failsLijo Antony
Curl_socket returns CURLE_COULDNT_CONNECT when the opensocket callback returns CURL_SOCKET_BAD. Previous return value CURLE_FAILED_INIT conveys incorrect information to the user.
2012-04-02pop3: Reworked the command sending and handlingSteve Holme
Reworked the command sending from two specific LIST and RETR command functions into a single command based function as well as the two associated response handlers into a generic command handler.
2012-04-01smtp.c: Code policing and tidy upSteve Holme
2012-04-01SSH: public key can now be an empty stringArmel Asselin
If an empty string is passed to CURLOPT_SSH_PUBLIC_KEYFILE, libcurl will pass no public key to libssh2 which then tries to compute it from the private key. This is known to work when libssh2 1.4.0+ is linked against OpenSSL.
2012-04-01OpenSSL: Made cert hostname check conform to RFC 6125Tatsuhiro Tsujikawa
This change replaces RFC 2818 based hostname check in OpenSSL build with RFC 6125 [1] based one. The hostname check in RFC 2818 is ambiguous and each project implements it in the their own way and they are slightly different. I check curl, gnutls, Firefox and Chrome and they are all different. I don't think there is a bug in current implementation of hostname check. But it is not as strict as the modern browsers do. Currently, curl allows multiple wildcard character '*' and it matches '.'. (as described in the comment in ssluse.c). Firefox implementation is also based on RFC 2818 but it only allows at most one wildcard character and it must be in the left-most label in the pattern and the wildcard must not be followed by any character in the label.[2] Chromium implementation is based on RFC 6125 as my patch does. Firefox and Chromium both require wildcard in the left-most label in the presented identifier. This patch is more strict than the current implementation, so there may be some cases where old curl works but new one does not. But at the same time I think it is good practice to follow the modern browsers do and follow the newer RFC. [1] http://tools.ietf.org/html/rfc6125#section-6.4.3 [2] https://bugzilla.mozilla.org/show_bug.cgi?id=159483
2012-04-01HTTP: reset expected DL/UL sizes on redirectsDaniel Stenberg
With FOLLOWLOCATION enabled. When a 3xx page is downloaded and the download size was known (like with a Content-Length header), but the subsequent URL (transfered after the 3xx page) was chunked encoded, then the previous "known download size" would linger and cause the progress meter to get incorrect information, ie the former value would remain being sent in. This could easily result in downloads that were WAY larger than "expected" and would cause >100% outputs with the curl command line tool. Test case 599 was created and it was used to repeat the bug and then verify the fix. Bug: http://curl.haxx.se/bug/view.cgi?id=3510057 Reported by: Michael Wallner
2012-03-31smtp: Add support for DIGEST-MD5 authenticationGökhan Şengün
2012-03-31smtp: Cody tidy up of md5 digest lengthGökhan Şengün
Replaced the hard coded md5 digest length (16) with a preprocessor constant
2012-03-31md5: Add support for calculating the md5 sum of buffers incrementallyGökhan Şengün
It is now possible to calculate the md5 sum as the stream of buffers becomes known where as previously it was only possible to calculate the md5 sum of a pre-prepared buffer.
2012-03-31Revert "mk-ca-bundle.pl: use LWP::UserAgent for https"Daniel Stenberg
This reverts commit 9f0e1689f169b83b8fbdae23e0024cc57dcbc770. It turned out that "improvement" instead made the fetching of the certificates unreliable Bug: http://curl.haxx.se/mail/lib-2012-03/0238.html Reported by: Tim Heckman
2012-03-31pop3: Added support for additional pop3 commandsSteve Holme
This feature allows the user to specify and use additional POP3 commands such as UIDL and DELE via libcurl's CURLOPT_CUSTOMREQUEST or curl's -X command line option.
2012-03-25ssh.c: code cleanup, Curl_safefree() already nullifies pointerYang Tse
2012-03-25fix some compiler warningsYang Tse
2012-03-25pop3.c: Corrected problem with state() introduced in 01690ed2bce5Steve Holme
2012-03-25pop.c: Small code tidy upSteve Holme
2012-03-25pop3: Removed the need for the single message LIST command handlerSteve Holme
Simplified the code to remove the need for a separate "LIST <msg id>" command handler and state machine and instead use the LIST command handler for both operations.
2012-03-24pop3.c: Code policing and tidy upSteve Holme
Corrected character and line spacing and re-ordered list and retr functions based on the order of their state machines.
2012-03-24email: Moved server greeting responses into separate functionsSteve Holme
Moved the server greeting response handling code from the statemach_act functions to separate response functions. This makes the code simpler to follow and provides consistency with the other responses that are handled here.
2012-03-24pop3.c: Fixed body data being written when CURLOPT_NOBODY is specifiedSteve Holme
Body data would be forwarded to the client application in both the RETR and LIST commands even if CURLOPT_NOBODY was specified.
2012-03-22http_proxy.h: fix builds with proxy or http disabledYang Tse
2012-03-22parsedate.c: fix a numeric overflowYang Tse
2012-03-22cookies: strip the numerical ipv6 host properlyAndrei Cipu
The commit e650dbde86d4 that stripped off [brackets] from ipv6-only host headers for the sake of cookie parsing wrongly incremented the host pointer which would cause a bad free() call later on.
2012-03-22fix several compiler warningsYang Tse
2012-03-22CONNECT: fix multi interface regressionDaniel Stenberg
The refactoring of HTTP CONNECT handling in commit 41b0237834232 that made it protocol independent broke it for the multi interface. This fix now introduce a better state handling and moved some logic to the http_proxy.c source file. Reported by: Yang Tse Bug: http://curl.haxx.se/mail/lib-2012-03/0162.html
2012-03-20fix several compiler warningsYang Tse
2012-03-17lwip: basic checks and macros for compatiblityDaniel Stenberg
2012-03-16http_proxy.c: fix OOM handlingYang Tse
2012-03-16fix some compiler warningsYang Tse
2012-03-13resolve with c-ares: don't resolve IPv6 when not workingMaxim Prohorov
If the Curl_ipv6works() function says no, there is no reason to try AAAA names even if libcurl was built with IPv6 support enabled. Bug: http://curl.haxx.se/mail/lib-2012-03/0045.html
2012-03-10smtp.c: Changed the curl error code for EHLO and HELO responsesSteve Holme
Changed the returned curl error codes for EHLO and HELO responses from CURLE_LOGIN_DENIED to CURLE_REMOTE_ACCESS_DENIED as a negative response from these commands represents no service as opposed to a login error.
2012-03-10Curl_http: strip off [brackets] from ipv6-only host headersAndrei Cipu
Since the host name is passed in to the cookie engine it will not work correctly if the brackets are left in the name. Bug:http://curl.haxx.se/mail/lib-2012-03/0036.html
2012-03-10mk-ca-bundle.pl: use LWP::UserAgent with proper https verify behavior.John Joseph Bachir
An alternative would be: 1. specify HTTPS_CA_DIR and/or HTTPS_CA_FILE 2. ensure that Net::SSL is being used, and IO::Socket::SSL is NOT being used This question and answer explain: http://stackoverflow.com/questions/74358/
2012-03-10access the CA source file using HTTPSJohn Joseph Bachir
2012-03-09includes: remove inclusion of unused file http_proxy.hDaniel Stenberg
2012-03-08CONNECT: made generically not per-protocolDaniel Stenberg
Curl_protocol_connect() now does the tunneling through the HTTP proxy if requested instead of letting each protocol specific connection function do it.
2012-03-08ssh_connect: tunnel through HTTP proxy if requestedDaniel Stenberg
2012-03-08LWIP: don't consider HAVE_ERRNO_H to be winsockDaniel Stenberg
The check for Winsock definition was a bit too broad Bug: http://curl.haxx.se/mail/lib-2012-03/0046.html