Age | Commit message (Collapse) | Author | |
---|---|---|---|
2005-03-29 | Don't close the connection if we're in a known negotiation mode and we won't | Daniel Stenberg | |
send any data anyway. Probably the bug Tom Moers noticed. | |||
2005-03-29 | When doing FTP-SSL, advance to the next state properly when the response to | Daniel Stenberg | |
AUTH has been received successfully. | |||
2005-03-29 | Fixed the FTP response reader function to properly deal with responses split | Daniel Stenberg | |
up in several chunks when read. | |||
2005-03-28 | Based on Augustus Saunders' comments and findings, the HTTP output auth | Daniel Stenberg | |
function was fixed to use the proper proxy authentication when multiple ones were added as accepted. test 239 and test 243 were added to repeat the problems and verify the fixes. | |||
2005-03-22 | Fixed typo. | Dan Fandrich | |
2005-03-21 | Modified the VALID_SOCK() macro to become VERIFY_SOCK() instead. It is slighly | Daniel Stenberg | |
more involved, but should hopefully not generate any compiler warnings on win32 systems (that can't check the socket based on the numeric). | |||
2005-03-20 | removed a (fairly useless) debug output just to compile without warning | Daniel Stenberg | |
2005-03-19 | fix compiler warning | Daniel Stenberg | |
2005-03-18 | fix by Kyrre Kristiansen | Daniel Stenberg | |
2005-03-17 | Use the proper macro to do uClibc detection. | Dan Fandrich | |
2005-03-17 | include inet_pton.h | Daniel Stenberg | |
2005-03-17 | use Curl_inet_pton(), not inet_pton(). | Daniel Stenberg | |
2005-03-16 | Removed references to config-vms.h from the makefiles. | Dan Fandrich | |
2005-03-16 | Removed old VMS config files (on behalf of Marty Kuhrt). The VMS build | Dan Fandrich | |
scripts use the version in packages/vms/ | |||
2005-03-16 | - Tru64 and some IRIX boxes seem to not like test 237 as it is. Their | Daniel Stenberg | |
inet_addr() functions seems to use &255 on all numericals in a ipv4 dotted address which makes a different failure... Now I've modified the ipv4 resolve code to use inet_pton() instead in an attempt to make these systems better detect this as a bad IP address rather than creating a toally bogus address that is then passed on and used. | |||
2005-03-16 | Fixed some compiler warnings I should have noticed before. | Dan Fandrich | |
2005-03-15 | Fixed ftp support with uClibc due to differing inet_ntoa_r() behaviour. | Dan Fandrich | |
2005-03-15 | nonsense change for(;;) => while(1) just to prevent gcc from warning on | Daniel Stenberg | |
never executed code when -Wunreachable-code is used | |||
2005-03-15 | prevent compiler warning | Daniel Stenberg | |
2005-03-14 | hushing up more warnings | Daniel Stenberg | |
2005-03-14 | silence compiler warnings for mingw win32 builds --enable-debug | Daniel Stenberg | |
2005-03-14 | Avoid "unused variable" warnings. | Gisle Vanem | |
2005-03-14 | security.h is removed | Daniel Stenberg | |
2005-03-14 | include security.h with lowercase s to work on cross-compiled mingw | Daniel Stenberg | |
2005-03-14 | Removed security.h since it shadows an include file mingw needs when building | Daniel Stenberg | |
for SSPI support. The contents of the file has been moved into the krb4.h file. | |||
2005-03-12 | Swap <security.h> and <sspi.h> (needed for MingW). | Gisle Vanem | |
2005-03-11 | curl_version_info() returns the feature bit CURL_VERSION_SSPI | Daniel Stenberg | |
2005-03-11 | Fixed some compiler warnings. | Dan Fandrich | |
2005-03-11 | Fixed LDAP library file name bug (KNOWN_BUGS #1). configure now auto-detects | Dan Fandrich | |
the correct dynamic library names by default, and provides override switches --with-ldap-lib, --with-lber-lib and --without-lber-lib. Added CURL_DISABLE_LDAP to platform-specific config files to disable LDAP support on those platforms that probably don't have dynamic OpenLDAP libraries available to avoid compile errors. | |||
2005-03-10 | Christopher R. Palmer made it possible to build libcurl with the | Daniel Stenberg | |
USE_WINDOWS_SSPI on Windows, and then libcurl will be built to use the native way to do NTLM. SSPI also allows libcurl to pass on the current user and its password in the request. | |||
2005-03-09 | As reported by 'nodak sodak' we should check for a NULL pointer before | Daniel Stenberg | |
referencing the proxy name pointer. | |||
2005-03-08 | remove old printf() debug leftover | Daniel Stenberg | |
2005-03-08 | mktime() returns a time_t. time_t is often 32 bits, even on many architectures | Daniel Stenberg | |
that feature 64 bit 'long'. Some systems have 64 bit time_t and deal with years beyond 2038. However, even some of the systems with 64 bit time_t returns -1 for dates beyond 03:14:07 UTC, January 19, 2038. (Such as AIX 5100-06) | |||
2005-03-08 | Dominick Meglio reported that using CURLOPT_FILETIME when transferring a FTP | Daniel Stenberg | |
file got a Last-Modified: header written to the data stream, corrupting the actual data. This was because some conditions from the previous FTP code was not properly brought into the new FTP code. I fixed and I added test case 520 to verify. (This bug was introduced in 7.13.1) | |||
2005-03-04 | Added test case 235 that makes a resumed upload of a file that isn't present | Daniel Stenberg | |
on the remote side. This then converts the operation to an ordinary STOR upload. This was requested/pointed out by Ignacio Vazquez-Abrams. It also proved (and I fixed) a bug in the newly rewritten ftp code (and present in the 7.13.1 release) when trying to resume an upload and the servers returns an error to the SIZE command. libcurl then loops and sends SIZE commands infinitely. | |||
2005-03-04 | Reduced the length of data read from the random entropy file. | Dan Fandrich | |
2005-03-04 | Don't try to read the whole of the random file because when /dev/urandom is | Dan Fandrich | |
used, it slows initialization too much reading an infinitely long file! | |||
2005-03-04 | Dave Dribin made it possible to set CURLOPT_COOKIEFILE to "" to activate | Daniel Stenberg | |
the cookie "engine" without having to provide an empty or non-existing file. | |||
2005-03-04 | killed trailing whitespace | Daniel Stenberg | |
2005-03-04 | killed trailing whitespace | Daniel Stenberg | |
2005-02-28 | Fix for a base64 decode heap buffer overflow vulnerability. | Dan Fandrich | |
2005-02-24 | Fixed some compiler warnings. Fixed a low incidence memory leak in the test ↵ | Dan Fandrich | |
server. | |||
2005-02-22 | krb4 fixed | Daniel Stenberg | |
2005-02-22 | Curl_base64_decode() now returns an allocated buffer | Daniel Stenberg | |
2005-02-22 | Thanks for the notification iDEFENCE. We are the "initial vendor" and we sure | Daniel Stenberg | |
got no notification, no mail, no nothing. You didn't even bother to mail us when you went public with this. Cool. NTLM buffer overflow fix, as reported here: http://www.securityfocus.com/archive/1/391042 | |||
2005-02-18 | Ralph Mitchell reported a flaw when you used a proxy with auth, and you | Daniel Stenberg | |
requested data from a host and then followed a redirect to another host. libcurl then didn't use the proxy-auth properly in the second request, due to the host-only check for original host name wrongly being extended to the proxy auth as well. Added test case 233 to verify the flaw and that the fix removed the problem. | |||
2005-02-17 | close the socket properly when returning error due to failing localbind | Daniel Stenberg | |
Bug report #1124588 by David | |||
2005-02-16 | Christopher R. Palmer reported a problem with HTTP-POSTing using "anyauth" | Daniel Stenberg | |
that picks NTLM. Thanks to David Byron letting me test NTLM against his servers, I could quickly repeat and fix the problem. It turned out to be: When libcurl POSTs without knowing/using an authentication and it gets back a list of types from which it picks NTLM, it needs to either continue sending its data if it keeps the connection alive, or not send the data but close the connection. Then do the first step in the NTLM auth. libcurl didn't send the data nor close the connection but simply read the response-body and then sent the first negotiation step. Which then failed miserably of course. The fixed version forces a connection if there is more than 2000 bytes left to send. | |||
2005-02-14 | Rename Curl_pretransfersec() to *_second_connect() since it does not just | Daniel Stenberg | |
do pretransfer stuff like Curl_pretransfer(). | |||
2005-02-11 | Fixed bad krb4 code. It always tried to use krb4 if built enabled. | Daniel Stenberg | |