aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2013-08-04formadd: wrong pointer for file name when CURLFORM_BUFFERPTR usedDaniel Stenberg
The internal function that's used to detect known file extensions for the default Content-Type got the the wrong pointer passed in when CURLFORM_BUFFER + CURLFORM_BUFFERPTR were used. This had the effect that strlen() would be used which could lead to an out-of-bounds read (and thus segfault). In most cases it would only lead to it not finding or using the correct default content-type. It also showed that test 554 and test 587 were testing for the previous/wrong behavior and now they're updated as well. Bug: http://curl.haxx.se/bug/view.cgi?id=1262 Reported-by: Konstantin Isakov
2013-08-04Skip more untrusted certificates.Guenter Knauf
Christian Heimes brought to our attention that the certdata.txt format has recently changed [1], causing ca-bundle.crt created with mk-ca-bundle.[pl|vbs] to include untrusted certs. [1] http://lists.debian.org/debian-release/2012/11/msg00411.html
2013-08-03multi: remove data->state.current_conn struct fieldDaniel Stenberg
Not needed
2013-08-03multi: remove the one_easy struct fieldDaniel Stenberg
Since the merge of SessionHandle with Curl_one_easy, this indirection isn't used anymore.
2013-08-03multi: rename all Curl_one_easy to SessionHandleDaniel Stenberg
2013-08-03multi: remove the multi_pos struct fieldDaniel Stenberg
Since Curl_one_easy is really a SessionHandle now, this indirection doesn't exist anymore.
2013-08-03multi: remove easy_handle struct fieldDaniel Stenberg
It isn't needed anymore
2013-08-03multi: remove 'Curl_one_easy' struct, phase 1Daniel Stenberg
The motivation for having a separate struct that keep track of an easy handle when using the multi handle was removed when we switched to always using the multi interface internally. Now they were just two separate struct that was always allocated for each easy handle. This first step just moves the Curl_one_easy struct members into the SessionHandle struct and hides this somehow (== keeps the source code changes to a minimum) by defining Curl_one_easy to SessionHandle The biggest changes in this commit are: 1 - the linked list of easy handles had to be changed somewhat due to the new struct layout. This made the main linked list pointer get renamed to 'easyp' and there's also a new pointer to the last node, called easylp. It is no longer circular but ends with ->next pointing to NULL. New nodes are still added last. 2 - easy->state is now called easy->mstate to avoid name collision
2013-07-30darwinssl: added LFs to some strings passed into infof()Nick Zitzmann
(This doesn't need to appear in the release notes.) I noticed a few places where infof() was called, and there should've been an LF at the end of the string, but there wasn't.
2013-07-30darwinssl: fix build error in crypto authentication under Snow LeopardNick Zitzmann
It turns out Snow Leopard not only has SecItemCopyMatching() defined in a header not included by the omnibus header, but it won't work for our purposes, because searching for SecIdentityRef objects wasn't added to that API until Lion. So we now use the old SecKeychainSearch API instead if the user is building under, or running under, Snow Leopard. Bug: http://sourceforge.net/p/curl/bugs/1255/ Reported by: Edward Rudd
2013-07-30md5 & metalink: use better build macros on Apple operating systemsNick Zitzmann
Previously we used __MAC_10_X and __IPHONE_X to mark digest-generating code that was specific to OS X and iOS. Now we use __MAC_OS_X_VERSION_MAX_ALLOWED and __IPHONE_OS_VERSION_MAX_ALLOWED instead of those macros. Bug: http://sourceforge.net/p/curl/bugs/1255/ Reported by: Edward Rudd
2013-07-29curl_easy_pause: on unpause, trigger mulit-socket handlingDaniel Stenberg
When the multi-socket API is used, we need the handle to be checked again when it gets unpaused. Bug: http://curl.haxx.se/mail/lib-2013-07/0239.html Reported-by: Justin Karneges
2013-07-29curl_formadd: fix file upload on VMSJohn E. Malmberg
For the standard VMS text file formats, VMS needs to read the file to get the actual file size. For the standard VMS binary file formats, VMS needs a special format of fopen() call so that it stops reading at the logical end of file instead of at the end of the blocks allocated to the file. I structured the patch this way as I was not sure about changing the structures or parameters to the routines, but would prefer to only call the stat() function once and pass the information to where the fopen() call is made. Bug: https://sourceforge.net/p/curl/bugs/758/
2013-07-26formadd: CURLFORM_FILECONTENT wrongly rejected some option combosDaniel Stenberg
The code for CURLFORM_FILECONTENT had its check for duplicate options wrong so that it would reject CURLFORM_PTRNAME if used in combination with it (but not CURLFORM_COPYNAME)! The flags field used for this purpose cannot be interpreted that broadly. Bug: http://curl.haxx.se/mail/lib-2013-07/0258.html Reported-by: Byrial Jensen
2013-07-24string formatting: fix too many arguments for formatYang Tse
2013-07-24string formatting: fix zero-length printf format stringYang Tse
2013-07-24easy.c: curl_easy_getinfo() fix va_start/va_end matchingYang Tse
2013-07-24imap.c: imap_sendf() fix va_start/va_end matchingYang Tse
2013-07-24string formatting: fix 15+ printf-style format stringsYang Tse
2013-07-24string formatting: fix 25+ printf-style format stringsYang Tse
2013-07-23Makefile.am: use LDFLAGS as well when linking libcurlDaniel Stenberg
Linking on Solaris 10 x86 with Sun Studio 12 failed when we upgraded automake for the release builds. Bug: http://curl.haxx.se/bug/view.cgi?id=1217 Reported-by: Dagobert Michelsen
2013-07-23url.c: Fix dot file path cleanup when using an HTTP proxyFabian Keil
Previously the path was cleaned, but the URL wasn't properly updated.
2013-07-23dotdot.c: Fix a RFC section number in a comment for Curl_dedotdotify()Fabian Keil
2013-07-21curl_multi_wait: fix reventsDaniel Stenberg
Commit 6d30f8ebed34e7276 didn't work properly. First, it used the wrong array index, but this fix also: 1 - only does the copying if indeed there was any activity 2 - makes sure to properly translate between internal and external bitfields, which are not guaranteed to match Reported-by: Evgeny Turnaev
2013-07-19curl_easy_perform: gradually increase the delay timeDaniel Stenberg
Instead of going 50,100,150 etc millisecond delay time when nothing has been found to do or wait for, we now start lower and double each loop as in 4,8,16,32 etc. This lowers the minimum wait without sacrifizing the longer wait too much with unnecessary CPU cycles burnt. Bug: http://curl.haxx.se/mail/lib-2013-07/0103.html Reported-by: Andreas Malzahn
2013-07-19ftp_do_more: consider DO_MORE complete when server connects backDaniel Stenberg
In the case of an active connection when ftp_do_more() detects that the server has connected back, it must make sure to mark it as complete so that the multi_runsingle() function will detect this and move on to the next state. Bug: http://curl.haxx.se/mail/lib-2013-07/0115.html Reported-by: Clemens Gruber
2013-07-19Makefile.b32: Borland makefile adjustments. Tested with BCC 5.5.1Yang Tse
2013-07-19WIN32 MemoryTracking: require UNICODE for wide strdup code supportYang Tse
2013-07-18CURLOPT_XFERINFOFUNCTION: introducing a new progress callbackDaniel Stenberg
CURLOPT_XFERINFOFUNCTION is now the preferred progress callback function and CURLOPT_PROGRESSFUNCTION is considered deprecated. This new callback uses pure 'curl_off_t' arguments to pass on full resolution sizes. It otherwise retains the same characteristics: the same call rate, the same meanings for the arguments and the return code is used the same way. The progressfunc.c example is updated to show how to use the new callback for newer libcurls while supporting the older one if built with an older libcurl or even built with a newer libcurl while running with an older.
2013-07-18Reinstate "WIN32 MemoryTracking: track wcsdup() _wcsdup() and _tcsdup() usage".Yang Tse
This reverts commit 7ed25cc, reinstating commit 8ec2cb5. As of 18-jul-2013 we still do have code in libcurl that makes use of these memory functions. Commit 8ec2cb5 comment still applies and is yet valid. These memory functions are solely used in Windows builds, so all related code is protected with '#ifdef WIN32' preprocessor conditional compilation directives. Specifically, wcsdup() _wcsdup() are used when building a Windows target with UNICODE and USE_WINDOWS_SSPI preprocessor symbols defined. This is the case when building a Windows UNICODE target with Windows native SSL/TLS support enabled. Realizing that wcsdup() _wcsdup() are used is a bit tricky given that usage of these is hidden behind _tcsdup() which is MS way of dealing with code that must tolerate UNICODE and non-UNICODE compilation. Additionally, MS header files and those compatible from other compilers use this preprocessor conditional compilation directive in order to select at compilation time whether 'wide' or 'ansi' MS API functions are used. Without this code, Windows build targets with Windows native SSL/TLS support enabled and MemoryTracking support enabled misbehave in tracking memory usage, regardless of being a UNICODE enabled build or not.
2013-07-18curl_multi_wait: set revents for extra fdsEvgeny Turnaev
Pass back the revents that happened for the user-provided file descriptors.
2013-07-17asyn-ares: Don't blank ares servers if none configured.Ben Greear
Best to just let c-ares use it's defaults if none are configured in (lib)curl. Signed-off-by: Ben Greear <greearb@candelatech.com>
2013-07-17cmake: Fix for MSVC2010 project generationSergei Nikulov
Fixed issue with static build for MSVC2010. After some investigation I've discovered known issue http://public.kitware.com/Bug/view.php?id=11240 When .rc file is linked to static lib it fails with following linker error LINK : warning LNK4068: /MACHINE not specified; defaulting to X86 file.obj : fatal error LNK1112: module machine type 'x64' conflicts with target machine type 'X86' Fix add target property /MACHINE: for MSVC generation. Also removed old workarounds - it caused errors during msvc build. Bug: http://curl.haxx.se/mail/lib-2013-07/0046.html
2013-07-16slist.c: Curl_slist_append_nodup() OOM handling fixYang Tse
2013-07-15curl_slist_append(): fix error detectionPatrick Monnerat
2013-07-15slist.c: fix indentationPatrick Monnerat
2013-07-15OS400: new SSL backend GSKitPatrick Monnerat
2013-07-15config-os400.h: enable system strdup(), strcmpi(), etc.Patrick Monnerat
2013-07-15x509asn1.c,x509asn1.h: new module to support ASN.1/X509 parsing & info extractPatrick Monnerat
Use from qssl backend
2013-07-15ssluse.c,sslgen.c,sslgen.h: move certinfo support to generic SSLPatrick Monnerat
2013-07-15Merge branch 'master' of github.com:bagder/curlPatrick Monnerat
Merge for resync
2013-07-15slist.c, slist.h, cookie.c: new internal procedure Curl_slist_append_nodup()Patrick Monnerat
2013-07-15sslgen.c: fix Curl_rand() compiler warningYang Tse
Use simple seeding method upon RANDOM_FILE seeding method failure.
2013-07-15sslgen.c: fix unreleased Curl_rand() infinite recursionYang Tse
2013-07-14url.c: fix parse_url_login() OOM handlingYang Tse
2013-07-12http_digest.c: SIGSEGV and OOM handling fixesYang Tse
2013-07-12url.c: fix parse_login_details() OOM handlingYang Tse
2013-07-12setup-vms.h: sk_pop symbol tweakJohn E. Malmberg
Newer versions of curl are referencing a sk_pop symbol while the HP OpenSSL library has the symbol in uppercase only.
2013-07-11getinfo.c: fix enumerated type mixed with another typeYang Tse
2013-07-11url.c: fix SIGSEGVYang Tse