Граф коммитов

18276 Коммитов

Автор SHA1 Сообщение Дата
Daniel Stenberg 921a0c22a6 polarassl: avoid memset() when clearing the first byte is enough 2014-09-08 10:11:34 +02:00
Catalin Patulea af45542cfe polarssl: support CURLOPT_CAPATH / --capath
Signed-off-by: Catalin Patulea <cat@vv.carleton.ca>
2014-09-08 10:09:54 +02:00
Daniel Stenberg 55f8b03948 SECURITY: eh, make more sense! 2014-09-08 10:00:18 +02:00
Daniel Stenberg 55d6cba5e1 SECURITY: how to join the curl-security list 2014-09-08 09:39:14 +02:00
Daniel Stenberg 3963adca3d RELEASE-NOTES: fix the required nghttp2 version typo 2014-09-08 00:12:18 +02:00
Brandon Casey 6beb0eeea1 Ensure progress.size_dl/progress.size_ul are always >= 0
Historically the default "unknown" value for progress.size_dl and
progress.size_ul has been zero, since these values are initialized
implicitly by the calloc that allocates the curl handle that these
variables are a part of.  Users of curl that install progress
callbacks may expect these values to always be >= 0.

Currently it is possible for progress.size_dl and progress.size_ul
to by set to a value of -1, if Curl_pgrsSetDownloadSize() or
Curl_pgrsSetUploadSize() are passed a "size" of -1 (which a few
places currently do, and a following patch will add more).  So
lets update Curl_pgrsSetDownloadSize() and Curl_pgrsSetUploadSize()
so they make sure that these variables always contain a value that
is >= 0.

Updates test579 and test599.

Signed-off-by: Brandon Casey <drafnel@gmail.com>
2014-09-07 23:23:12 +02:00
Steve Holme 8acbb074f8 tests: Added test1420 to the makefile 2014-09-07 12:13:34 +01:00
Steve Holme be83356e5e test1420: Removed unnecessary CURLOPT setting 2014-09-07 12:09:29 +01:00
Steve Holme 797d56cbd8 tests: Added more "Clear Text" authentication keywords 2014-09-07 11:37:10 +01:00
Steve Holme 9ee502ac6b tests: Updated "based on" text due to email test renumbering 2014-09-07 11:19:10 +01:00
Steve Holme ed285ae5c9 tests: For consistency added --libcurl to test name 2014-09-07 11:19:08 +01:00
Steve Holme 436a841354 tests: Added --libcurl for IMAP test case 2014-09-07 11:19:05 +01:00
Steve Holme 4a6fa4c204 multi.c: Avoid invalid memory read after free() from commit 3c8c873252
As the current element in the list is free()d by Curl_llist_remove(),
when the associated connection is pending, reworked the loop to avoid
accessing the next element through e->next afterward.
2014-09-07 07:11:14 +01:00
Steve Holme c25cd9094b multi.c: Fixed compilation warning from commit 3c8c873252
warning: implicit conversion from enumeration type 'CURLMcode' to
different enumeration type 'CURLcode'
2014-09-07 00:21:36 +01:00
Steve Holme 21db158722 url.c: Use CURLAUTH_NONE constant rather than 0
Small follow up to commit 898808fa8c to use auth constants rather than
hard code value when clearing picked authentication mechanism.
2014-09-06 22:23:54 +01:00
Steve Holme e40197315d RELEASE-NOTES: Synced with fd1ce3856a 2014-09-06 21:48:40 +01:00
Vilmos Nebehaj fd1ce3856a darwinssl: Use CopyCertSubject() to check CA cert.
SecCertificateCopyPublicKey() is not available on iPhone. Use
CopyCertSubject() instead to see if the certificate returned by
SecCertificateCreateWithData() is valid.

Reported-by: Toby Peterson
2014-09-04 19:00:02 -05:00
Steve Holme c6ee182bd4 RELEASE-NOTES: Clarify email Kerberos support is currently via Windows SSPI 2014-09-04 22:04:50 +01:00
Daniel Stenberg 4989695ec3 MAIL-ETIQUETTE: "1.8 I posted, now what?" 2014-09-04 08:57:28 +02:00
Daniel Stenberg 0b48d1c821 CURLOPT_CA*: better refering between *CAINFO and *CAPATH
... and a minor wording edit
2014-09-03 23:04:52 +02:00
Daniel Stenberg 9e50d8f8bc THANKS: added Dennis Clarke
Dennis Clarke from Blastwave.org for ensuring that nightly builds run
smooth on Solaris!
2014-09-03 22:08:25 +02:00
Daniel Stenberg a6c48c8be7 curl_multi_cleanup: remove superfluous NULL assigns
... as the struct is free()d in the end anyway. It was first pointed out
to me that one of the ->msglist assignments were supposed to have been
->pending but was a copy and paste mistake when I realized none of the
clearing of pointers had to be there.
2014-09-02 23:44:42 +02:00
Daniel Stenberg 3c8c873252 multi: convert CURLM_STATE_CONNECT_PEND handling to a list
... instead of scanning through all handles, stash only the actual
handles that are in that state in the new ->pending list and scan that
list only. It should be mostly empty or very short. And only used for
pipelining.

This avoids a rather hefty slow-down especially notable if you add many
handles to the same multi handle. Regression introduced in commit
0f147887 (version 7.30.0).

Bug: http://curl.haxx.se/mail/lib-2014-07/0206.html
Reported-by: David Meyer
2014-09-02 10:17:47 +02:00
Daniel Stenberg 4901ec2324 RELEASE-NOTES: synced with e608324f9f 2014-09-01 22:54:52 +02:00
Andre Heinecke e608324f9f polarssl: implement CURLOPT_SSLVERSION
Forwards the setting as minimum ssl version (if set) to polarssl.  If
the server does not support the requested version the SSL Handshake will
fail.

Bug: http://curl.haxx.se/bug/view.cgi?id=1419
2014-09-01 22:42:58 +02:00
nickzman 0c14b31df4 Merge pull request #115 from ldx/darwinsslfixpr
darwinssl: now accepts cacert bundles in PEM format in addition to single certs
2014-09-01 15:33:43 -05:00
Vilmos Nebehaj 0426670f0a Check CA certificate in curl_darwinssl.c.
SecCertificateCreateWithData() returns a non-NULL SecCertificateRef even
if the buffer holds an invalid or corrupt certificate. Call
SecCertificateCopyPublicKey() to make sure cacert is a valid
certificate.
2014-09-01 00:34:37 +02:00
Daniel Stenberg cacdc27f52 low-speed-limit: avoid timeout flood
Introducing Curl_expire_latest(). To be used when we the code flow only
wants to get called at a later time that is "no later than X" so that
something can be checked (and another timeout be added).

The low-speed logic for example could easily be made to set very many
expire timeouts if it would be called faster or sooner than what it had
set its own timer and this goes for a few other timers too that aren't
explictiy checked for timer expiration in the code.

If there's no condition the code that says if(time-passed >= TIME), then
Curl_expire_latest() is preferred to Curl_expire().

If there exists such a condition, it is on the other hand important that
Curl_expire() is used and not the other.

Bug: http://curl.haxx.se/mail/lib-2014-06/0235.html
Reported-by: Florian Weimer
2014-08-31 23:50:01 +02:00
Michael Wallner 09b5a99816 resolve: cache lookup for async resolvers
While waiting for a host resolve, check if the host cache may have
gotten the name already (by someone else), for when the same name is
resolved by several simultanoues requests.

The resolver thread occasionally gets stuck in getaddrinfo() when the
DNS or anything else is crappy or slow, so when a host is found in the
DNS cache, leave the thread alone and let itself cleanup the mess.
2014-08-31 10:49:40 +02:00
Vilmos Nebehaj 4c134bcfce Fix CA certificate bundle handling in darwinssl.
If the --cacert option is used with a CA certificate bundle that
contains multiple CA certificates, iterate through it, adding each
certificate as a trusted root CA.
2014-08-30 20:10:07 +02:00
Askar Safin 2434a4e88d getinfo-times: Typo fixed 2014-08-29 16:41:17 +02:00
Askar Safin c9a981778d libcurl.3: Typo fixed 2014-08-29 16:41:11 +02:00
Daniel Stenberg 367b784738 curl_formadd.3: setting CURLFORM_CONTENTSLENGTH 0 zero means strlen 2014-08-29 08:10:38 +02:00
Daniel Stenberg 7bff23b166 curl.1: add an example for -H 2014-08-29 08:07:47 +02:00
Daniel Stenberg accbbd7dc3 FAQ: mention -w in the 4.20 answer as well 2014-08-28 11:42:00 +02:00
Daniel Stenberg 889de6b285 FAQ: 4.20 curl doesn't return error for HTTP non-200 responses 2014-08-28 11:39:39 +02:00
Daniel Stenberg 1d30f40950 CURLOPT_NOBODY.3: clarify this option is for downloads
When enabling CURLOPT_NOBODY, libcurl effectively switches off upload
mode and will do a download (without a body). This is now better
explained in this man page.

Bug: http://curl.haxx.se/mail/lib-2014-08/0236.html
Reported-by: John Coffey
2014-08-28 00:11:09 +02:00
Daniel Stenberg 1cd5008bba INTERNALS: nghttp2 must be 0.6.0 or later 2014-08-26 23:05:26 +02:00
Tatsuhiro Tsujikawa da933ee29d Compile with latest nghttp2 2014-08-26 23:02:50 +02:00
Dan Fandrich d4a4a42cb3 THANKS: removed a few more duplicates 2014-08-26 00:38:17 +02:00
Daniel Stenberg 11bb05ba48 RELEASE-NOTES: synced with 0072422576
... and bumped the contributor amount after recount
2014-08-26 00:02:52 +02:00
Daniel Stenberg 0072422576 THANKS: added 52 missing contributors
I re-ran contributors.sh on all changes since 7.10 and I found these
contributors who are mentioned in the commits but never were added to
THANKS before!

I also removed a couple of duplicates (mostly due to different
spellings).
2014-08-25 23:22:40 +02:00
Daniel Stenberg dfd821c738 contributors: grep and sort case insensitively 2014-08-25 23:09:23 +02:00
Michael Osipov ee40b6882d configure.ac: Add support for recent GSS-API implementations for HP-UX
By default, configure script assumes that libcurl will use the
HP-supplied GSS-API implementation which does not have krb5-config.
If a dev needs a more recent version which has that config script,
the change will allow to pass an appropriate GSSAPI_ROOT.
2014-08-25 15:09:26 +02:00
Daniel Stenberg 36a7638073 CONNECT: close proxy connections that fail to CONNECT
This is usually due to failed auth. There's no point in us keeping such
a connection alive since it shouldn't be re-used anyway.

Bug: http://curl.haxx.se/bug/view.cgi?id=1381
Reported-by: Marcel Raad
2014-08-25 13:33:34 +02:00
Daniel Stenberg 2603618831 RELEASE-NOTES: added two missing HTTP/2 bug fixes
And renamed all http2 references to HTTP/2 in this file
2014-08-25 12:59:28 +02:00
Daniel Stenberg b17b4b4a4a RELEASE-NOTES: synced with f646e9075f 2014-08-25 12:53:08 +02:00
Jakub Zakrzewski f646e9075f Cmake: Possibility to use OpenLDAP, OpenSSL, LibSSH2 on windows
At this point I can build libcurl on windows. It provides at least the same
list of protocols as for linux build and works with our software.
2014-08-25 12:44:24 +02:00
Jakub Zakrzewski ba8795083f Cmake: Removed repeated content from ending blocks
They are unnecesary in modern CMake and removing them improves readability.
2014-08-25 12:44:24 +02:00
Jakub Zakrzewski 06de7d6936 Cmake: Removed some useless empty SET statements.
Undefined variables resolve to empty strings and we do not ever test if
the variable is defined thus those SETs are superfluous.
2014-08-25 12:44:24 +02:00