aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2003-08-02When proxy authentication is used in a CONNECT request (as used for all SSLDaniel Stenberg
connects and otherwise enforced tunnel-thru-proxy requests), the same authentication header is also wrongly sent to the remote host. The name and password can then be captured by an evil host and possibly get used for malicious purposes.
2003-07-30Jörg Müller-Tolk updated this to build fine with 7.10.6Daniel Stenberg
2003-07-30Daniel Noguerol made the ftp code output "Accept-Ranges: bytes" in similarDaniel Stenberg
style like other faked HTTP headers when NOBODY and HEADER are used.
2003-07-30Reverted the 'filetime' struct field back to a 'long' as time_t is sometimesDaniel Stenberg
unsigned and we want this to be able to hold -1 for illegal/unset values.
2003-07-28clear http->send_buffer when we have freed the memory it pointed toDaniel Stenberg
2003-07-28François Pons brought a patch that once again made curl deal with ftp andDaniel Stenberg
"double slash" as indicating the root directory. In the RFC1738-fix of April 30, that ability was removed (since it is not the "right" way).
2003-07-25having it in CVS causes us problems *grrr*Daniel Stenberg
2003-07-25Andrés García updated with the added files etcDaniel Stenberg
2003-07-25With an unknown CA path, we undef the variable. To build properly withoutDaniel Stenberg
SSL/CA.
2003-07-25Removed #include <sys/resource.h>, as pointed out by Henry Bland we don'tDaniel Stenberg
need it.
2003-07-23When we re-use an existing connection we must make sure that we don'tDaniel Stenberg
accidentally re-use the connect_addr field, as that might no longer be around. Fix verified by Tracy Boehrer who basicly debugged and tracked down this problem.
2003-07-23minor code style fixDaniel Stenberg
2003-07-23Daniel Kouril's fix to make the GSS-Negotiate work fine.Daniel Stenberg
2003-07-23Juan F. Codagnone's fixes to build properly on Windows againDaniel Stenberg
2003-07-23Plain default version of this file, to allow users to build easier fromDaniel Stenberg
CVS. This will be updated by the configure script, and a default is placed here by the maketgz script.
2003-07-22reversed the check for GSSAPI when request that authDaniel Stenberg
2003-07-22CURLDEBUG, not MALLOCDEBUGDaniel Stenberg
2003-07-22More support for NTLM on proxies, now proxy state and nonce is stored inDaniel Stenberg
a separate struct properly.
2003-07-22The NTLM functions now take a 'proxy' argument as well.Daniel Stenberg
2003-07-22Added a separate struct for the proxyntlm data, as it will/can be differentDaniel Stenberg
than the remote server's. That is, both the server and the proxy can in fact require NTLM auth.
2003-07-21moved the proxyuser and proxypasswd fields from the sessionhandle to theDaniel Stenberg
connectdata to work as expected
2003-07-21adjusted to support NTLM for proxiesDaniel Stenberg
2003-07-21krb4-fixes for the moved user+password fields within the structsDaniel Stenberg
2003-07-20David Gardner pointed out in bug report 770755 that using the FTP command CWDDaniel Stenberg
with a blank argument is a bad idea. Now skip blanks.
2003-07-20If NTLM is requested, only re-use connections that have the exact sameDaniel Stenberg
credentials.
2003-07-19Access the user and passwd fields from the connectdata struct now insteadDaniel Stenberg
of the sessionhandle struct, as that was not good.
2003-07-19No longer stores user+password in the sessionhandle, now doing that in theDaniel Stenberg
connectdata struct instead. Each being an allocated pointer. The passwdgiven field was turned into a local variable in the only function it was being used.
2003-07-15Moved the NTLM credentials to the connectdata struct instead, as NTLMDaniel Stenberg
authenticates connections and not single requests. This should make it work better when we mix requests from multiple hosts. Problem pointed out by Cris Bailiff.
2003-07-15Fix to the endless loop of bad Basic authentication as reported in CrisDaniel Stenberg
Bailiff's bug report 768275.
2003-07-15Dan Winship's patch added that makes use of DOMAIN\USER or DOMAIN/USERDaniel Stenberg
for the user field. I changed it slightly to stay with strchr() only instead of strpbrk() for portability reasons.
2003-07-15Dan Winship's fix to make the new auth stuff such as NTLM to work withDaniel Stenberg
the multi interface
2003-07-05re-use existing variable instead of declaring a new local oneDaniel Stenberg
2003-07-05Some of Doug Kaufman's changes for the DOS portDaniel Stenberg
2003-07-04removedDaniel Stenberg
2003-07-04Dan Grayson pointed out that we set the CURL_CA_BUNDLE variable wrongly inDaniel Stenberg
the configure script. We set it differently now and generate the lib/ca-bundle.h file entirely.
2003-07-04Peter Sylvester's patch was applied that introduces the following:Daniel Stenberg
CURLOPT_SSL_CTX_FUNCTION to set a callback that gets called with the OpenSSL's ssl_ctx pointer passed in and allow a callback to act on it. If anything but CURLE_OK is returned, that will also be returned by libcurl all the way back. If this function changes the CURLOPT_URL, libcurl will detect this and instead go use the new URL. CURLOPT_SSL_CTX_DATA is a pointer you set to get passed to the callback set with CURLOPT_SSL_CTX_FUNCTION.
2003-07-01Gisle Vanem found a lib handle leak in the ldap codeDaniel Stenberg
2003-06-26new httpauth support, changed filetime variable kindDaniel Stenberg
2003-06-26added CURLOPT_HTTPAUTH supportDaniel Stenberg
2003-06-26Adjusted to work properly with the new authentication stuffDaniel Stenberg
Added code to deal with white spaces in relocation headers.
2003-06-26use CURLDEBUG instead of MALLOCDEBUGDaniel Stenberg
2003-06-26use CURLDEBUGDaniel Stenberg
2003-06-26adjusted to use the same API as the OpenSSL version of the MD5 functionsDaniel Stenberg
2003-06-26added ntlm flag bitsDaniel Stenberg
2003-06-26Many fixes, most of them based on comments by Eric GlassDaniel Stenberg
2003-06-26new proto for Curl_input_negotiateDaniel Stenberg
2003-06-26kill warningsDaniel Stenberg
2003-06-26major adjustments to the new authentication supportDaniel Stenberg
2003-06-26include GSS in the debug string if available, support a few new flagDaniel Stenberg
booleans
2003-06-26use CURLDEBUG instead of MALLOCDEBUG for preprocessor conditionsDaniel Stenberg