summaryrefslogtreecommitdiff
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* NTLM: set a fake entropy for debug builds with CURL_ENTROPY setDaniel Stenberg2014-06-115-69/+50
| | | | | | | | | | | | | | | | Curl_rand() will return a dummy and repatable random value for this case. Makes it possible to write test cases that verify output. Also, fake timestamp with CURL_FORCETIME set. Only when built debug enabled of course. Curl_ssl_random() was not used anymore so it has been removed. Curl_rand() is enough. create_digest_md5_message: generate base64 instead of hex string curl_sasl: also fix memory leaks in some OOM situations
* Curl_rand: Use a fake entropy for debug builds when CURL_ENTROPY setSteve Holme2014-06-111-1/+18
|
* getinfo: HTTP CONNECT code not reset between transfersMarcel Raad2014-06-101-0/+1
| | | | | | | httpproxycode is not reset in Curl_initinfo, so a 407 is not reset even if curl_easy_reset is called between transfers. Bug: http://curl.haxx.se/bug/view.cgi?id=1380
* transfer: fix info messages when switching method on 301 and 302Alessandro Ghedini2014-06-091-31/+27
| | | | | | | The method change is forbidden by the obsolete RFC2616, but libcurl did it anyway for compatibility reasons. The new RFC7231 allows this behaviour so there's no need for the scary "Violate RFC 2616/10.3.x" notice. Also update the comments accordingly.
* config-win32.h: Updated for VC12Steve Holme2014-06-051-1/+17
| | | | | Bug: http://curl.haxx.se/bug/view.cgi?id=1378 Reported and Patched-by: Marcel Raad
* Curl_ossl_init: call OPENSSL_config for initing enginesDaniel Stenberg2014-06-031-0/+2
| | | | | Bug: http://curl.haxx.se/mail/lib-2014-06/0003.html Reported-by: Дмитрий Фалько
* random: use Curl_rand() for proper random dataDaniel Stenberg2014-06-032-11/+4
| | | | | | | | | The SASL/Digest previously used the current time's seconds + microseconds to add randomness but it is much better to instead get more data from Curl_rand(). It will also allow us to easier "fake" that for debug builds on demand in a future.
* curl_sasl: Fixed copy/paste error of now.tv_sec in commit eefeb73af4Steve Holme2014-06-021-1/+1
|
* curl_sasl: Fixed compilation warning under DEBUGBUILDSteve Holme2014-06-011-0/+2
|
* curl_sasl: Extended native DIGEST-MD5 cnonce to be a 32-byte hex stringSteve Holme2014-06-011-7/+17
| | | | | | | | Rather than use a short 8-byte hex string, extended the cnonce to be 32-bytes long, like Windows SSPI does. Used a combination of random data as well as the current date and time for the generation.
* curl_sasl_sspi: Fixed corrupt hostname in DIGEST-MD5 SPN generationSteve Holme2014-06-011-1/+1
|
* gnutls: allow building with nghttp2 but without ALPN supportDaniel Stenberg2014-05-281-2/+0
| | | | It might not be the most useful combo, but...
* gnutls: don't use deprecated type names anymoreAlessandro Ghedini2014-05-282-13/+13
|
* select: with winsock, avoid passing unsupported arguments to select()Brad Spencer2014-05-271-3/+55
| | | | | | | | | | | | | | | | "Any two of the parameters, readfds, writefds, or exceptfds, can be given as null. At least one must be non-null, and any non-null descriptor set must contain at least one handle to a socket." http://msdn.microsoft.com/en-ca/library/windows/desktop/ms740141(v=vs.85).aspx When using select(), cURL doesn't adhere to this (WinSock-specific) rule, and can ask to monitor empty fd_sets, which leads to select() returning WSAEINVAL (i.e. EINVAL) and connections failing in mysterious ways as a result (at least when using the curl_multi_socket_action() interface). Bug: http://curl.haxx.se/mail/lib-2014-05/0278.html
* url-parser: only use if_nametoindex if detected by configureDaniel Stenberg2014-05-261-1/+1
| | | | | | | The previous #ifdef detection wasn't good enough. Bug: http://curl.haxx.se/mail/lib-2014-05/0260.html Reported-by: Chris Young
* polarssl: add ALPN supportFabian Frank2014-05-251-2/+46
| | | | | | | PolarSSL added ALPN support in their 1.3.6 release. See: https://polarssl.org/tech-updates/releases/polarssl-1.3.6-released
* curl_easy_reset: reset the URLDaniel Stenberg2014-05-241-0/+5
| | | | | | | Make sure that the URL is reset and cleared. Bug: http://curl.haxx.se/mail/lib-2014-05/0235.html Reported-by: Jonathan Cardoso Machado
* openssl: Fix uninitialized variable use in NPN callbackTatsuhiro Tsujikawa2014-05-231-1/+5
| | | | | | | | | | | | | OpenSSL passes out and outlen variable uninitialized to select_next_proto_cb callback function. If the callback function returns SSL_TLSEXT_ERR_OK, the caller assumes the callback filled values in out and outlen and processes as such. Previously, if there is no overlap in protocol lists, curl code does not fill any values in these variables and returns SSL_TLSEXT_ERR_OK, which means we are triggering undefined behavior. valgrind warns this. This patch fixes this issue by fallback to HTTP/1.1 if there is no overlap.
* tool_getparam.c: Fixed compilation warningsSteve Holme2014-05-222-0/+21
| | | | There is an implicit conversion from "unsigned long" to "long"
* http: Fix a compiler warning when http2 support is disabledDan Fandrich2014-05-221-1/+2
|
* darwinssl: fix lint & build warnings in the previous commitNick Zitzmann2014-05-211-29/+33
|
* Add support for --cacert in DarwinSSL.Vilmos Nebehaj2014-05-211-1/+231
| | | | | | | | | | | | | Security Framework on OS X makes it possible to supply extra anchor (CA) certificates via the Certificate, Key, and Trust Services API. This commit makes the '--cacert' option work using this API. More information: https://developer.apple.com/library/mac/documentation/security/Reference/certifkeytrustservices/Reference/reference.html The HTTPS tests now pass on OS X except 314, which requires the '--crl' option to work.
* http.c: Fixed compilation warningSteve Holme2014-05-221-1/+1
| | | | warning: suggest braces around empty body in an 'else' statement
* bits.close: Fixed compilation warningSteve Holme2014-05-222-0/+2
| | | | warning: implicit declaration of function 'connclose'
* bits.close: introduce connection close trackingDaniel Stenberg2014-05-2218-48/+85
| | | | | | | Make all code use connclose() and connkeep() when changing the "close state" for a connection. These two macros take a string argument with an explanation, and debug builds of curl will include that in the debug output. Helps tracking connection re-use/close issues.
* http2: make connection re-use workDaniel Stenberg2014-05-203-17/+30
| | | | | | | | Http2 connections would wrongly get closed after each individual request. Co-authored-by: Tatsuhiro Tsujikawa Bug: http://curl.haxx.se/bug/view.cgi?id=1374
* ALPN: fix typo in http/1.1 identifierFabian Frank2014-05-201-1/+1
| | | | | According to https://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-05 it is "http/1.1" and not "http/1.0".
* build: Slight rename of new LIB_* makefile file variablesSteve Holme2014-05-181-7/+7
| | | | | In order to try and be consistent between curl and libcurl renamed the recently introduced LIB_* makefile file variables.
* axtls: Fixed too long source lineDan Fandrich2014-05-171-1/+1
|
* axtls: Add a TODO to a potential blocking call with no timeoutDan Fandrich2014-05-161-0/+1
|
* HTTP: CREDSPERREQUEST is for HTTP tooDaniel Stenberg2014-05-151-1/+1
| | | | | | | | | | | | | Commit 517b06d657ace (in 7.36.0) that brought the CREDSPERREQUEST flag only set it for HTTPS, making HTTP less good at doing connection re-use than it should be. Now set it for HTTP as well. Simple test case "curl -v -u foo:bar localhost --next -u bar:foo localhos" Bug: http://curl.haxx.se/mail/lib-2014-05/0127.html Reported-by: Kamil Dudka
* CURLINFO_SSL_VERIFYRESULT: assign at first connect callDaniel Stenberg2014-05-151-2/+2
| | | | | | | | | The variable wasn't assigned at all until step3 which would lead to a failed connect never assigning the variable and thus returning a bad value. Reported-by: Larry Lin Bug: http://curl.haxx.se/mail/lib-2014-04/0203.html
* timers: fix timer regression involving redirects / reconnectsDaniel Stenberg2014-05-155-6/+18
| | | | | | | | | | | | | | | | | | | | In commit 0b3750b5c23c25f (released in 7.36.0) we fixed a timeout issue but instead broke the timings. To fix this, I introduce a new timestamp to use for the timeouts and restored the previous timestamp and timestamp position so that the old timer functionality is restored. In addition to that, that change also broke connection timeouts for when more than one connect was used (as it would then count the total time from the first connect and not for the most recent one). Now Curl_timeleft() has been modified so that it checks against different start times depending on which timeout it checks. Test 1303 is updated accordingly. Bug: http://curl.haxx.se/mail/lib-2014-05/0147.html Reported-by: Ryan Braud
* darwinssl: Updated copyright following recent changesSteve Holme2014-05-151-2/+2
|
* darwinssl: fix potential crash when attempting to copy an identityNick Zitzmann2014-05-141-2/+4
| | | | | | | from a P12 file This could've happened if SecPKCS12Import() returned noErr _and_ no identity.
* openssl: unbreak PKCS12 supportDaniel Stenberg2014-05-121-0/+1
| | | | | | | Regression introduced in ce362e8eb9c (7.31.0) Bug: http://curl.haxx.se/bug/view.cgi?id=1371 Reported-by: Dmitry
* Makefile.inc: Added resource file to assist Visual Studio project generationSteve Holme2014-05-111-0/+2
|
* sasl: Fixed missing qop in the client's challenge-response messageSteve Holme2014-05-111-2/+4
| | | | | | Whilst the qop directive isn't required to be present in a client's response, as servers should assume a qop of "auth" if it isn't specified, some may return authentication failure if it is missing.
* Makefile.inc: Separated the lib and lib/vtls source file variablesSteve Holme2014-05-091-9/+13
| | | | | | To cater for the automatic generation of the new Visual Studio project files, moved the lib file list into a separated variable so that lib and lib/vtls can be referenced independently.
* Makefile.b32: Fixed for vtls changesSteve Holme2014-05-091-5/+6
| | | | | | | Follow up fix to commits a47c142a88, 11e8066ef9 and 92b9ae5c5d. Bug: http://curl.haxx.se/mail/lib-2014-05/0025.html Reported and assisted by: Jon Torrey
* getinfo.c: Fixed compilation warningSteve Holme2014-05-091-2/+1
| | | | The indicated statement is not reachable.
* http: avoid auth failure on a duplicated headerKamil Dudka2014-05-091-1/+1
| | | | | | | ... 'WWW-Authenticate: Negotiate' received from server Reported by: David Woodhouse Bug: https://bugzilla.redhat.com/1093348
* mk-ca-bundle: added -pPatrick Watson2014-05-081-12/+147
| | | | | | -p takes a list of Mozilla trust purposes and levels for certificates to include in output. Takes the form of a comma separated list of purposes, a colon, and a comma separated list of levels.
* http2: Compile with latest nghttp2Tatsuhiro Tsujikawa2014-05-071-11/+9
| | | | | | Now nghttp2_submit_request returns assigned stream ID, we don't have to check stream ID using before_stream_send_callback. The adjust_priority_callback was removed.
* url.c: Fixed compilation warning/errorSteve Holme2014-05-071-1/+2
| | | | | | | | | Depending on compiler line 3505 could generate the following warning or error: * warning: ISO C90 forbids mixed declarations and code * A declaration cannot appear after an executable statement in a block * error C2275: 'size_t' : illegal use of this type as an expression
* fix_hostname: strip off a single trailing dot from host nameDaniel Stenberg2014-05-061-0/+8
| | | | | | | | | Primarily for SNI, we need the host name without a trailing dot. "https://www.example.com." resolves fine but fails on SNI unless the dot is removed. Reported-by: Leon Winter Bug: http://curl.haxx.se/mail/lib-2014-04/0161.html
* curl_multi_cleanup: ignore SIGPIPE betterJeff King2014-05-051-0/+3
| | | | | | | When looping and closing each individual connection left open, the SIGPIPE ignoring was not done and could thus lead to death by signal 13. Bug: http://thread.gmane.org/gmane.comp.version-control.git/238242
* schannel: don't use the connect-timeout during sendDaniel Stenberg2014-05-051-1/+1
| | | | | | | | | As there's a default connection timeout and this wrongly used the connection timeout during a transfer after the connection is completed, this function would trigger timeouts during transfers erroneously. Bug: http://curl.haxx.se/bug/view.cgi?id=1352 Figured-out-by: Radu Simionescu
* mprintf: allow %.s with data not being zero terminatedDaniel Stenberg2014-05-041-4/+4
| | | | | | | | | | | | If the precision is indeed shorter than the string, don't strlen() to find the end because that's not how the precision operator works. I also added a unit test for curl_msnprintf to make sure this works and that the fix doesn't a few other basic use cases. I found a POSIX compliance problem that I marked TODO in the unit test, and I figure we need to add more tests in the future. Reported-by: Török Edwin
* curl_ntlm_core: Fixed use of long long for VC6 and VC7Steve Holme2014-05-041-1/+16
| | | | | | | | Commit 07b66cbfa4 unfortunately broke native NTLM message support in compilers, such as VC6, VC7 and others, that don't support long long type declarations. This commit fixes VC6 and VC7 as they support the __int64 extension, however, we should consider an additional fix for other compilers that don't support this.
View Lorry Controller Status