Граф коммитов

823 Коммитов

Автор SHA1 Сообщение Дата
Daniel Stenberg b8fad99f09 start working towards 7.15.4 2006-03-20 09:03:09 +00:00
Daniel Stenberg 5975229919 fixed tftp packet overflow risk 2006-03-20 07:32:50 +00:00
Daniel Stenberg cffebd7fd6 Markus Koetter filed debian bug report #355715 which identified a problem
with the multi interface and multi-part formposts. The fix from February
22nd could make the Curl_done() function get called twice on the same
connection and it was not designed for that and thus tried to call free() on
an already freed memory area!
2006-03-07 23:11:41 +00:00
Daniel Stenberg b8c8e7349f Peter Heuchert made sure the CURLFTPSSL_CONTROL setting for CURLOPT_FTP_SSL
is used properly.
2006-03-07 22:28:08 +00:00
Daniel Stenberg 8bba99ae56 Lots of users on Windows have reported getting the "SSL: couldn't set
callback" error message so I've now made the setting of that callback not be
as critical as before. The function is only used for additional loggging/
trace anyway so a failure just means slightly less data. It should still be
able to proceed and connect fine to the server.
2006-03-06 22:35:51 +00:00
Daniel Stenberg b5c5f57613 build fix for Interix 2006-03-04 22:39:31 +00:00
Daniel Stenberg 7d68101f83 Prevent uploading to a URL that has no file name part. 2006-03-03 13:09:30 +00:00
Daniel Stenberg d7999f9fcb mention Dan F's out-of-file handles fix from the other day 2006-03-02 11:41:23 +00:00
Daniel Stenberg f13eba4c78 check for and use getprotobyname 2006-03-02 11:37:05 +00:00
Daniel Stenberg 097bee681a hehe, wrong year but who reads these lines anyway? ;-) 2006-02-27 16:09:24 +00:00
Daniel Stenberg 8548c2fc61 7.15.2 2006-02-27 16:05:16 +00:00
Daniel Stenberg 6fdbb01194 Lots of work and analysis by "xbx___" in bug #1431750
(http://curl.haxx.se/bug/view.cgi?id=1431750) helped me identify and fix two
different but related bugs:

1) Removing an easy handle from a multi handle before the transfer is done
   could leave a connection in the connection cache for that handle that is
   in a state that isn't suitable for re-use. A subsequent re-use could then
   read from a NULL pointer and segfault.

2) When an easy handle was removed from the multi handle, there could be an
   outstanding c-ares DNS name resolve request. When the response arrived,
   it caused havoc since the connection struct it "belonged" to could've
   been freed already.

Now Curl_done() is called when an easy handle is removed from a multi handle
pre-maturely (that is, before the transfer was complteted). Curl_done() also
makes sure to cancel all (if any) outstanding c-ares requests.
2006-02-23 12:20:48 +00:00
Daniel Stenberg a15d107dde Peter Su added support for SOCKS4 proxies. Enable this by setting the proxy
type to the already provided type CURLPROXY_SOCKS4.
I added a --socks4 option that works like the current --socks5 option but
instead use the socks4 protocol.
2006-02-21 07:46:41 +00:00
Daniel Stenberg 29e446e508 Shmulik Regev fixed an issue with multi-pass authentication and compressed
content when libcurl didn't honor the internal ignorebody flag.
2006-02-19 23:16:48 +00:00
Daniel Stenberg 10beb36b1c Ulf Hrnhammar fixed a format string (printf style) problem in the Negotiate
code. It should however not be the cause of any troubles. He also fixed a
few similar problems in the HTTP test server code.
2006-02-18 22:27:01 +00:00
Daniel Stenberg 92009181af Shmulik Regev provided a fix for the DNS cache when using short life times,
as previously it could be holding on to old cached entries longer than
requested.
2006-02-16 23:42:32 +00:00
Daniel Stenberg 87bcb6f377 Karl M added the CURLOPT_CONNECT_ONLY and CURLINFO_LASTSOCKET options that
an app can use to let libcurl only connect to a remote host and then extract
the socket from libcurl. libcurl will then not attempt to do any transfer at
all after the connect is done.
2006-02-11 22:35:16 +00:00
Daniel Stenberg b0bc2f00d2 Kent Boortz improved the configure check for GnuTLS to properly set LIBS
instead of LDFLAGS.
2006-02-11 12:56:52 +00:00
Daniel Stenberg 12f5c67bf5 Philippe Vaucher provided a brilliant piece of test code that show a problem
with re-used FTP connections. If the second request on the same connection was
set not to fetch a "body", libcurl could get confused and consider it an
attempt to use a dead connection and would go acting mighty strange.
2006-02-07 23:09:04 +00:00
Daniel Stenberg 8cb695a963 fixed --limit-rate 2006-02-01 23:28:22 +00:00
Daniel Stenberg 2fbf94b0f3 Added CURLOPT_LOCALPORT and CURLOPT_LOCALPORTRANGE to libcurl. Set with the
curl tool with --local-port. Plain and simply set the range of ports to bind
the local end of connections to. Implemented on to popular demand.

Not extensively tested. Please let me know how it works.
2006-01-30 08:24:07 +00:00
Daniel Stenberg 32bc30e210 Based on an error report by Philippe Vaucher, we no longer count a retried
connection setup as a follow-redirect. It turns out 1) this fails when a FTP
connection is re-setup and 2) it does make the max-redirs counter behave
wrong. This fix was not verified since the reporter vanished, but I believe
this is the right fix nonetheless.
2006-01-30 08:20:52 +00:00
Daniel Stenberg 67bf4f28ff Michal Marek provided a patch for FTP that makes libcurl continue to try PASV
even after EPSV returned a positive response code, if libcurl failed to
connect to the port number the EPSV response said. Obviously some people are
going through protocol-sensitive firewalls (or similar) that don't understand
EPSV and then they don't allow the second connection unless PASV was
used. This also called for a minor fix of test case 238.
2006-01-24 14:40:43 +00:00
Daniel Stenberg fcfd6d9504 Duane Cathey was one of our friends who reported that curl -P [IP]
(CURLOPT_FTPPORT) didn't work for ipv6-enabed curls if the IP wasn't a
"native" IP while it works fine for ipv6-disabled builds!

In the process of fixing this, I removed the support for LPRT since I can't
think of many reasons to keep doing it and asking on the mailing list didn't
reveal anyone else that could either. The code that sends EPRT and PORT is
now also a lot simpler than before (IMHO).
2006-01-19 23:52:03 +00:00
Daniel Stenberg c31451cf13 Jon Turner pointed out that doing -P [hostname] with curl (built ipv4-only)
didn't work.
2006-01-19 22:02:46 +00:00
Daniel Stenberg a2f3094eb0 reality sync 2006-01-18 12:17:20 +00:00
Daniel Stenberg 65afc576ea configure no longer warns on "missing" if the current path contains a space 2006-01-18 10:00:36 +00:00
Daniel Stenberg 67a83c1b34 David Shaw finally removed all traces of Gopher and we are now officially
not supporting it. It hasn't been functioning for years anyway, so this is
just finally stating what already was true. And a cleanup at the same time.
2006-01-16 22:14:37 +00:00
Daniel Stenberg 4c35a40858 Bryan Henderson turned the 'initialized' variable for curl_global_init()
into a counter, and thus you can now do multiple curl_global_init() and you
are then supposed to do the same amount of calls to curl_global_cleanup().
Bryan also updated the docs accordingly.
2006-01-15 23:55:53 +00:00
Daniel Stenberg bebf70667d Andrew Benham fixed a race condition in the test suite that could cause the
test script to kill all processes in the current process group!
2006-01-13 12:16:16 +00:00
Daniel Stenberg d9bd5de0b1 Fixed FTP_SKIP_PASV_IP and FTP_USE_EPSV to "do right" when used on FTP thru
HTTP proxy.
2006-01-12 22:18:38 +00:00
Daniel Stenberg 31c7aa0ba4 Michael Jahn fixed ftp over CONNECT 2006-01-12 12:40:04 +00:00
Daniel Stenberg fc2388189f mention the "secret" option as I've got no feedback and it is actually present
in 7.15.1
2006-01-10 23:08:38 +00:00
Daniel Stenberg 4431338691 When using a bad path over FTP, as in when libcurl couldn't CWD into all
given subdirs, libcurl would still "remember" the full path as if it is the
current directory libcurl is in so that the next curl_easy_perform() would
get really confused if it tried the same path again - as it would not issue
any CWD commands at all, assuming it is already in the "proper" dir.

Starting now, a failed CWD command sets a flag that prevents the path to be
"remembered" after returning.
2006-01-10 23:03:22 +00:00
Daniel Stenberg f4cc8153ae Mike Jean fixed so that the second CONNECT when doing FTP over a HTTP proxy
actually used a new connection and not sent the second request on the first
socket!
2006-01-07 22:24:16 +00:00
Daniel Stenberg e4d8cb4ee0 buildconf fixes 2006-01-06 22:59:34 +00:00
Daniel Stenberg dd87e4ed39 Andres Garcia made the TFTP test server build with mingw. 2006-01-04 10:07:36 +00:00
Daniel Stenberg 6dbfce1031 Jean Jacques Drouin pointed out that you could only have a user name or
password of 127 bytes or less embedded in a URL, where actually the code
uses a 255 byte buffer for it! Modified now to use the full buffer size.
2005-12-16 14:52:16 +00:00
Daniel Stenberg f49df54a36 7.15.1 with the now to be announced security flaw fixed 2005-12-06 23:05:51 +00:00
Daniel Stenberg 6513303498 Jamie Newton pointed out that libcurl's file:// code would close() a zero
file descriptor if given a non-existing file.
2005-12-01 23:42:03 +00:00
Daniel Stenberg 74e5beab9d Doug Kaufman's set of patches to make curl build fine on DJGPP again using
configure.
2005-11-24 10:22:46 +00:00
Daniel Stenberg 4022a60ea7 I extended a patch from David Shaw to make libcurl _always_ provide an error
string in the given error buffer to address the flaw mention on 21 sep 2005.
2005-11-17 14:29:54 +00:00
Daniel Stenberg 096675824f Applied Albert Chin's patch that makes the libcurl.pc pkgconfig file get
installed on 'make install' time.
2005-11-16 07:20:57 +00:00
Daniel Stenberg 92c0de518e Quagmire reported that he needed to raise a NTLM buffer for SSPI to work
properly for a case, and so we did. We raised it even for non-SSPI builds
but it should not do any harm. http://curl.haxx.se/bug/view.cgi?id=1356715
2005-11-14 22:10:52 +00:00
Daniel Stenberg d52ed3fff2 Jan Kunder's debian bug report
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338680 identified a weird
error message for when you try to upload a file and the requested directory
doesn't exist on the target server.
2005-11-14 00:18:12 +00:00
Daniel Stenberg adf462fe05 Debian bug report 338681 by Jan Kunder: make curl better detect and report bad
limit-rate units: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338681 Now
curl will return error if a bad unit is used.
2005-11-13 11:06:48 +00:00
Daniel Stenberg c2862742ab Thanks to this nice summary of poll() implementations:
http://www.greenend.org.uk/rjk/2001/06/poll.html and further tests by Eugene
Kotlyarov, we now know that cygwin's poll returns only POLLHUP on remote
connection closure so we check for that case (too) and re-enable poll for
cygwin builds.
2005-11-13 09:24:06 +00:00
Daniel Stenberg 8a712eb5af Eugene Kotlyarov found out that cygwin's poll() function isn't doing things
right: http://curl.haxx.se/mail/archive-2005-11/0045.html so we now disable
poll() and use select() on cygwin too (we already do the same choice on Mac OS
X)
2005-11-12 22:49:19 +00:00
Daniel Stenberg 5e3836055f Dima Barsky patched problem #1348930: the GnuTLS code completely ignored
client certificates! (http://curl.haxx.se/bug/view.cgi?id=1348930).
2005-11-11 23:20:07 +00:00
Daniel Stenberg ae9fbe573e David Lang fixed IPv6 support for TFTP! 2005-11-10 22:25:07 +00:00