Age | Commit message (Collapse) | Author | |
---|---|---|---|
2003-08-02 | When proxy authentication is used in a CONNECT request (as used for all SSL | Daniel Stenberg | |
connects and otherwise enforced tunnel-thru-proxy requests), the same authentication header is also wrongly sent to the remote host. The name and password can then be captured by an evil host and possibly get used for malicious purposes. | |||
2003-07-30 | Jörg Müller-Tolk updated this to build fine with 7.10.6 | Daniel Stenberg | |
2003-07-30 | Daniel Noguerol made the ftp code output "Accept-Ranges: bytes" in similar | Daniel Stenberg | |
style like other faked HTTP headers when NOBODY and HEADER are used. | |||
2003-07-30 | Reverted the 'filetime' struct field back to a 'long' as time_t is sometimes | Daniel Stenberg | |
unsigned and we want this to be able to hold -1 for illegal/unset values. | |||
2003-07-28 | clear http->send_buffer when we have freed the memory it pointed to | Daniel Stenberg | |
2003-07-28 | François Pons brought a patch that once again made curl deal with ftp and | Daniel Stenberg | |
"double slash" as indicating the root directory. In the RFC1738-fix of April 30, that ability was removed (since it is not the "right" way). | |||
2003-07-25 | having it in CVS causes us problems *grrr* | Daniel Stenberg | |
2003-07-25 | Andrés García updated with the added files etc | Daniel Stenberg | |
2003-07-25 | With an unknown CA path, we undef the variable. To build properly without | Daniel Stenberg | |
SSL/CA. | |||
2003-07-25 | Removed #include <sys/resource.h>, as pointed out by Henry Bland we don't | Daniel Stenberg | |
need it. | |||
2003-07-23 | When we re-use an existing connection we must make sure that we don't | Daniel Stenberg | |
accidentally re-use the connect_addr field, as that might no longer be around. Fix verified by Tracy Boehrer who basicly debugged and tracked down this problem. | |||
2003-07-23 | minor code style fix | Daniel Stenberg | |
2003-07-23 | Daniel Kouril's fix to make the GSS-Negotiate work fine. | Daniel Stenberg | |
2003-07-23 | Juan F. Codagnone's fixes to build properly on Windows again | Daniel Stenberg | |
2003-07-23 | Plain default version of this file, to allow users to build easier from | Daniel Stenberg | |
CVS. This will be updated by the configure script, and a default is placed here by the maketgz script. | |||
2003-07-22 | reversed the check for GSSAPI when request that auth | Daniel Stenberg | |
2003-07-22 | CURLDEBUG, not MALLOCDEBUG | Daniel Stenberg | |
2003-07-22 | More support for NTLM on proxies, now proxy state and nonce is stored in | Daniel Stenberg | |
a separate struct properly. | |||
2003-07-22 | The NTLM functions now take a 'proxy' argument as well. | Daniel Stenberg | |
2003-07-22 | Added a separate struct for the proxyntlm data, as it will/can be different | Daniel Stenberg | |
than the remote server's. That is, both the server and the proxy can in fact require NTLM auth. | |||
2003-07-21 | moved the proxyuser and proxypasswd fields from the sessionhandle to the | Daniel Stenberg | |
connectdata to work as expected | |||
2003-07-21 | adjusted to support NTLM for proxies | Daniel Stenberg | |
2003-07-21 | krb4-fixes for the moved user+password fields within the structs | Daniel Stenberg | |
2003-07-20 | David Gardner pointed out in bug report 770755 that using the FTP command CWD | Daniel Stenberg | |
with a blank argument is a bad idea. Now skip blanks. | |||
2003-07-20 | If NTLM is requested, only re-use connections that have the exact same | Daniel Stenberg | |
credentials. | |||
2003-07-19 | Access the user and passwd fields from the connectdata struct now instead | Daniel Stenberg | |
of the sessionhandle struct, as that was not good. | |||
2003-07-19 | No longer stores user+password in the sessionhandle, now doing that in the | Daniel Stenberg | |
connectdata struct instead. Each being an allocated pointer. The passwdgiven field was turned into a local variable in the only function it was being used. | |||
2003-07-15 | Moved the NTLM credentials to the connectdata struct instead, as NTLM | Daniel Stenberg | |
authenticates connections and not single requests. This should make it work better when we mix requests from multiple hosts. Problem pointed out by Cris Bailiff. | |||
2003-07-15 | Fix to the endless loop of bad Basic authentication as reported in Cris | Daniel Stenberg | |
Bailiff's bug report 768275. | |||
2003-07-15 | Dan Winship's patch added that makes use of DOMAIN\USER or DOMAIN/USER | Daniel Stenberg | |
for the user field. I changed it slightly to stay with strchr() only instead of strpbrk() for portability reasons. | |||
2003-07-15 | Dan Winship's fix to make the new auth stuff such as NTLM to work with | Daniel Stenberg | |
the multi interface | |||
2003-07-05 | re-use existing variable instead of declaring a new local one | Daniel Stenberg | |
2003-07-05 | Some of Doug Kaufman's changes for the DOS port | Daniel Stenberg | |
2003-07-04 | removed | Daniel Stenberg | |
2003-07-04 | Dan Grayson pointed out that we set the CURL_CA_BUNDLE variable wrongly in | Daniel Stenberg | |
the configure script. We set it differently now and generate the lib/ca-bundle.h file entirely. | |||
2003-07-04 | Peter Sylvester's patch was applied that introduces the following: | Daniel Stenberg | |
CURLOPT_SSL_CTX_FUNCTION to set a callback that gets called with the OpenSSL's ssl_ctx pointer passed in and allow a callback to act on it. If anything but CURLE_OK is returned, that will also be returned by libcurl all the way back. If this function changes the CURLOPT_URL, libcurl will detect this and instead go use the new URL. CURLOPT_SSL_CTX_DATA is a pointer you set to get passed to the callback set with CURLOPT_SSL_CTX_FUNCTION. | |||
2003-07-01 | Gisle Vanem found a lib handle leak in the ldap code | Daniel Stenberg | |
2003-06-26 | new httpauth support, changed filetime variable kind | Daniel Stenberg | |
2003-06-26 | added CURLOPT_HTTPAUTH support | Daniel Stenberg | |
2003-06-26 | Adjusted to work properly with the new authentication stuff | Daniel Stenberg | |
Added code to deal with white spaces in relocation headers. | |||
2003-06-26 | use CURLDEBUG instead of MALLOCDEBUG | Daniel Stenberg | |
2003-06-26 | use CURLDEBUG | Daniel Stenberg | |
2003-06-26 | adjusted to use the same API as the OpenSSL version of the MD5 functions | Daniel Stenberg | |
2003-06-26 | added ntlm flag bits | Daniel Stenberg | |
2003-06-26 | Many fixes, most of them based on comments by Eric Glass | Daniel Stenberg | |
2003-06-26 | new proto for Curl_input_negotiate | Daniel Stenberg | |
2003-06-26 | kill warnings | Daniel Stenberg | |
2003-06-26 | major adjustments to the new authentication support | Daniel Stenberg | |
2003-06-26 | include GSS in the debug string if available, support a few new flag | Daniel Stenberg | |
booleans | |||
2003-06-26 | use CURLDEBUG instead of MALLOCDEBUG for preprocessor conditions | Daniel Stenberg | |