aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2014-07-17src/Makefile.am: add .DELETE_ON_ERRORDave Reisner
This prevents targets like tool_hugehelp.c from leaving around half-constructed files if the rule fails with GNU make. Reported-by: Rafaël Carré <funman@videolan.org>
2014-07-16Remove all traces of FBOpenSSL SPNEGO supportDavid Woodhouse
This is just fundamentally broken. SPNEGO (RFC4178) is a protocol which allows client and server to negotiate the underlying mechanism which will actually be used to authenticate. This is *often* Kerberos, and can also be NTLM and other things. And to complicate matters, there are various different OIDs which can be used to specify the Kerberos mechanism too. A SPNEGO exchange will identify *which* GSSAPI mechanism is being used, and will exchange GSSAPI tokens which are appropriate for that mechanism. But this SPNEGO implementation just strips the incoming SPNEGO packet and extracts the token, if any. And completely discards the information about *which* mechanism is being used. Then we *assume* it was Kerberos, and feed the token into gss_init_sec_context() with the default mechanism (GSS_S_NO_OID for the mech_type argument). Furthermore... broken as this code is, it was never even *used* for input tokens anyway, because higher layers of curl would just bail out if the server actually said anything *back* to us in the negotiation. We assume that we send a single token to the server, and it accepts it. If the server wants to continue the exchange (as is required for NTLM and for SPNEGO to do anything useful), then curl was broken anyway. So the only bit which actually did anything was the bit in Curl_output_negotiate(), which always generates an *initial* SPNEGO token saying "Hey, I support only the Kerberos mechanism and this is its token". You could have done that by manually just prefixing the Kerberos token with the appropriate bytes, if you weren't going to do any proper SPNEGO handling. There's no need for the FBOpenSSL library at all. The sane way to do SPNEGO is just to *ask* the GSSAPI library to do SPNEGO. That's what the 'mech_type' argument to gss_init_sec_context() is for. And then it should all Just Work™. That 'sane way' will be added in a subsequent patch, as will bug fixes for our failure to handle any exchange other than a single outbound token to the server which results in immediate success.
2014-07-12Fixed some "statement not reached" warningsDan Fandrich
2014-07-03tool: oops, forgot to include <plarenas.h>Kamil Dudka
... that contains the declaration of PL_ArenaFinish()
2014-07-03tool: call PL_ArenaFinish() on exit if NSPR is usedKamil Dudka
This prevents valgrind from reporting still reachable memory allocated by NSPR arenas (mainly the freelist). Reported-by: Hubert Kario
2014-07-02tool: call PR_Cleanup() on exit if NSPR is usedKamil Dudka
This prevents valgrind from reporting possibly lost memory that NSPR uses for file descriptor cache and other globally allocated internal data structures.
2014-06-17tool_metalink: Support polarssl as digest providerMichał Górny
2014-05-22tool_getparam.c: Fixed compilation warningsSteve Holme
There is an implicit conversion from "unsigned long" to "long"
2014-05-22build: Fixed incorrect reference to curl_setup.h in Visual Studio filesSteve Holme
Fixed a copy / paste error from my 2011 project files.
2014-05-21Makefile.inc: Added curlx headers to assist Visual Studio project generationSteve Holme
2014-05-21build: Renamed CURLX_ONES file list definition to CURLX_CFILESSteve Holme
Renamed the CURLX_ONES file list definition in order to a) try and be consistent with other file lists and b) to allow for the addition of the curlx header files, which will assist with Visual Studio project files generation rather than hard coding those files.
2014-05-17Makefile.inc: Added resource file to assist Visual Studio project generationSteve Holme
2014-05-10tool_operate.c: Fixed compilation warningSteve Holme
An enumerated type is mixed with another type.
2014-05-09tool_operate.c: Fixed TAB is white space from commit 5b8ae0a985Steve Holme
2014-05-09tool_urlglob.c: Fixed compilation warningSteve Holme
An enumerated type is mixed with another type.
2014-05-09tool_operate.c: Fixed compilation warningsSteve Holme
An enumerated type is mixed with another type.
2014-05-07tool_help: Fixed missing --login-options optionSteve Holme
...and removed ;OPTIONS from --user as that functionality was removed in 7.34.0.
2014-05-06curl: bail on cookie use when built with disabled cookiesDaniel Stenberg
2014-04-19tool_writeout.c: initialize string pointer variableMarc Hoersken
2014-04-19tool_formparse.c: fix possible use of non-null-terminated stringsMarc Hoersken
2014-04-18tool_urlglob.c: added some comments to clarify for loop conditionsMarc Hoersken
I was tempted to change those to >= 0 until I saw that this is actually a for loop that terminates once i underflows.
2014-04-06Makefile.vc6: Follow up fix to commit 45d3f00803Steve Holme
2014-04-05Makefile.vc6: added warnless.c to fix buildMarc Hoersken
2014-04-04curl: add --proxy-headerMaciej Puzio
2014-03-30curl: stop interpreting IPv6 literals as glob patterns.Paul Marks
This makes it possible to fetch from an IPv6 literal without specifying the -g option. Globbing remains available elsehwere in the URL. For example: curl http://[::1]/file[1-3].txt This creates no ambiguity, because there is no overlap between the syntax of valid globs and valid IPv6 literals. Globs contain hyphens and at most 1 colon, while IPv6 literals have no hyphens, and at least 2 colons. The peek_ipv6() parser simply whitelists a set of characters and counts colons, because the real validation happens later on. The character set includes A-Z, in case someone decides to implement support for scopes like [fe80::1%25eth0] in the future. Signed-off-by: Paul Marks <pmarks@google.com>
2014-03-26mkhelp: generate code for --disable-manual as wellDaniel Stenberg
This allows configure --disable-manual to run and build without having to regenerate the src/tool_hugehelp.c file which otherwise is necessary since we ship tarballs with that file present. Reported-by: Remi Gacogne Bug: http://curl.haxx.se/bug/view.cgi?id=1350
2014-03-23tool_operate: Fixed uninitialised variable under some error situationsSteve Holme
For example when a URL is not specified or the headers file fails to open.
2014-03-22tool_parsecfg: Reworked error handling from commit fc59a9e1Steve Holme
2014-03-22tool_getparam: Removed "dead assignment" code introduced in commit 1a9b58fcSteve Holme
2014-03-03Rework Open Watcom make files to use standard Wmake featuresJiri Malak
Remove slash/backslash problem, now only slashes are used, Wmake automaticaly translate slash/backslash to proper version or tools are not sensitive for it. Enable spaces in path. Use internal rm command for all host platforms Add error message if old Open Watcom version is used. Some old versions exhibit build problems for Curl latest version. Now only versions 1.8, 1.9 and 2.O beta are supported
2014-03-02tool: Do not output libcurl source for the information only parametersSteve Holme
Ensure a source file isn't generated for the following informational command line parameters when --libcurl is specified: --help, --manual, --version and --engine list As the output would only include a fairly empty looking main() function and a call to curl_easy_init() and curl_easy_cleanup() when performed with --engine list.
2014-03-02tool: Fixed libcurl source output for multiple operationsSteve Holme
Correctly output libcurl source code that includes multiply operations as specified by --next. Note that each operation evaluates to a single curl_easy_perform() in source code form. Also note that the output could be optimised a little so global config options are only output once rather than per operation as is presently the case.
2014-03-01tool_metalink.h: Fixed compilation warningSteve Holme
warning: declaration of 'struct GlobalConfig' will not be visible outside of this function
2014-03-01tool: Moved internal variable isatty to the global configSteve Holme
2014-03-01tool_operate.c: Fixed compilation errorSteve Holme
incompatible types - from 'OperationConfig *' to 'GlobalConfig *'
2014-03-01tool: Moved --libcurl to the global configSteve Holme
2014-03-01tool: Moved --progress-bar to the global configSteve Holme
2014-03-01tool: Moved --stderr to the global configSteve Holme
2014-02-28tool_main: Fixed a memory leak on main_init errorDan Fandrich
2014-02-27tool_cfgable: Code policing of structure pointersSteve Holme
2014-02-27tool: Moved --trace and --verbose to the global configSteve Holme
2014-02-27tool_main: Forgot to initialise the first operation's global pointerSteve Holme
2014-02-27tool: Moved --silient to the global configSteve Holme
Other global options such as --libcurl, --trace and --verbose to follow.
2014-02-27tool_cfgable: Added GlobalConfig pointer to OperationConfigSteve Holme
In order to ease the moving of global options such as the error stream, updated the OperationConfig structure to point to the GlobalConfig.
2014-02-26tool: Added support to .curlrc for URL specific optionsSteve Holme
In addition to adding support for URL specific options via the command line with --next it is now possible to specify "next" in .curlrc.
2014-02-26tool: Reworked argument parsing to use --next/-:Steve Holme
Follow up to commit 1a9b58fcb2 to replace the : command line option with --next and -:.
2014-02-26tool_getparam: Added initial support for --next/-:Steve Holme
Added initial support for --next/-: which will be used to replace the rather confusing : command line operation what was used for the URL specific options prototype.
2014-02-25parse_args: fix a too long source code lineDaniel Stenberg
2014-02-25tool_help: Moved --no-alpn and --no-npn to be listed alphabeticallySteve Holme
...and added the HTTP suffix as these options are only used for HTTP2 based connections.
2014-02-25tool: Moved --showerror to the global configSteve Holme
Other global options such as --libcurl, --trace and --verbose to follow.