| Age | Commit message (Collapse) | Author |
|---|
|
ossl_connect_common() now checks whether or not 'struct
connectdata->state' is equal 'ssl_connection_complete' and if so, will
return CURLE_OK with 'done' set to 'TRUE'. This check prevents
ossl_connect_common() from creating a new ssl connection on an existing
ssl session which causes openssl to fail when it tries to parse an
encrypted TLS packet since the cipher data was effectively thrown away
when the new ssl connection was created.
Bug: http://curl.haxx.se/mail/lib-2010-11/0169.html
|
|
It helps to prevent a hangup with some FTP servers in case idle session
timeout has exceeded. But it may be useful also for other protocols
that send any quit message on disconnect. Currently used by FTP, POP3,
IMAP and SMTP.
|
|
|
|
When looping in this function and checking for the timeout being
expired, it was not updating the reference time when calculating the
timediff since previous round which made it think each subsequent loop
to have taken longer than it actually did.
I also modified the function to use the generic Curl_timeleft() function
instead of the custom logic.
Bug: http://curl.haxx.se/bug/view.cgi?id=3112579
|
|
When send() and recv() fail, we now store the errno value to allow the
app to access it.
Bug: http://curl.haxx.se/bug/view.cgi?id=3128121
Reported by: Yuri
|
|
|
|
|
|
|
|
- Show address string from proper buffer in case of connection failure.
- Try next address when inet_ntop() fails.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Reinstate IPV6 build variable that got removed.
|
|
Failed to commit this file changes along with the others.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
warning C4146: unary minus operator applied to unsigned type, result still unsigned
|
|
|
|
Ensure that spurious results from system's getaddrinfo() ares not propagated
by Curl_getaddrinfo_ex() into the library.
Also ensure that the ai_addrlen member of Curl_getaddrinfo_ex()'s output linked
list of Curl_addrinfo structures has appropriate family-specific address size.
|
|
... not the proxy port. It makes no difference unless a proxy is used.
|
|
Winsock builds clobber some errno.h defines in setup_once.
|
|
On Windows, translate WSAGetLastError() to errno values as GNU
TLS does it internally, too. This is necessary because send() and
recv() on Windows don't set errno when they fail but GNU TLS
expects a proper errno value.
Bug: http://curl.haxx.se/bug/view.cgi?id=3110991
|
|
When no timeout is set, we call the socket_ready function with a timeout
value of 0 during handshake, which makes it loop too much/fast in this
function. It also made this function return CURLE_OPERATION_TIMEDOUT
wrongly on a slow handshake.
However, the particular bug report that highlighted this problem is not
solved by this fix, as this fix only makes the more proper error get
reported instead.
Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594150
Reported by: Johannes Ernst
|
|
This makes it easier to spot the enum values from the variables.
Removed some unneeded DEBUGASSERT added in the previous commit.
|
|
While changing Curl_sec_read_msg to accept an enum protection_level
instead of an int, I went ahead and fixed the usage of the associated
fields.
Some code was assuming that prot_clear == 0. Fixed those to use the
proper value. Added assertions prior to any code that would set the
protection level.
|
|
This is the advised way of checking for errors in the GSS-API RFC.
Also added some '\n' to the error message so that they are not mixed
with other outputs.
|
|
init is expecting app_data. Passing it the struct connecdata would make
us crash later.
|
|
The IP version choice was previously only in the UserDefined struct
within the SessionHandle, but since we sometimes alter that option
during a request we need to have it on a per-connection basis.
I also moved more "init conn" code into the allocate_conn() function
which is designed for that purpose more or less.
|
|
I found a bug in tftp_tx() in tftp.c. If a data resend is done after
reception of an ACK/OACK, the call to sendto is wrong.
|
|
Bug: https://bugzilla.redhat.com/650255
Reported by: Simon H.
|
|
... and do not send ABOR unless really necessary.
Bug: https://bugzilla.redhat.com/649347
Reported by: Simon H.
|
|
CURLOPT_RESOLVE is a new option that sends along a curl_slist with
name:port:address sets that will populate the DNS cache with entries so
that request can be "fooled" to use another host than what otherwise
would've been used. Previously we've encouraged the use of Host: for
that when dealing with HTTP, but this new feature has the added bonus
that it allows the name from the URL to be used for TLS SNI and server
certificate name checks as well.
This is a first change. Surely more will follow to make it decent.
|
|
|
|
If the query result has a binary attribute, the binary attribute is
base64 encoded. But all following non binary attributes are also base64
encoded which is wrong.
This is a test (LDAP server is public).
curl
ldap://x500.bund.de:389/o=Bund,c=DE?userCertificate,certificateSerialNumber?sub
?cn=*Woehleke*
|
|
This reverts commit b0fd03f5b8d4520dd232a9d13567d16bd0ad8951,
4b2fbe1e97891f, afecd1aa13b4f, 68cde058f66b3
|
