Граф коммитов

6888 Коммитов

Автор SHA1 Сообщение Дата
Daniel Stenberg d221e01406 starting over 2005-03-04 14:09:04 +00:00
Daniel Stenberg 874fc8228a stand clear for release time 2005-03-04 13:41:46 +00:00
Daniel Stenberg 6f752c64bc Dave Dribin made it possible to set CURLOPT_COOKIEFILE to "" to activate
the cookie "engine" without having to provide an empty or non-existing file.
2005-03-04 00:26:50 +00:00
Daniel Stenberg ccb7950c4c killed trailing whitespace 2005-03-04 00:24:52 +00:00
Daniel Stenberg 750e771376 killed trailing whitespace 2005-03-04 00:14:45 +00:00
Daniel Stenberg 7012a4a291 Rene Rebe fixed a -# crash when more data than expected was retrieved. 2005-03-04 00:12:02 +00:00
Daniel Stenberg 40ab20a252 new VB binding 2005-03-03 23:27:09 +00:00
Daniel Stenberg 6af315e50c VB binding, updated the .NET info 2005-03-03 23:25:13 +00:00
Daniel Stenberg 861b5e608b mention buffer overflows fixed 2005-03-03 13:13:21 +00:00
Daniel Stenberg f61917594e fix the distribution files 2005-03-03 06:51:31 +00:00
Dan Fandrich 0ddab51ad8 Fix for a base64 decode heap buffer overflow vulnerability. 2005-02-28 23:54:17 +00:00
Dan Fandrich 9798432f56 Fixed some compiler warnings. Fixed a low incidence memory leak in the test server. 2005-02-24 18:54:23 +00:00
Daniel Stenberg 5faf52619d Updated as suggested by Samuel Daz Garca 2005-02-22 18:39:40 +00:00
Daniel Stenberg f8b4ba80e0 krb4 fixed 2005-02-22 12:20:30 +00:00
Daniel Stenberg 527f70e540 Curl_base64_decode() now returns an allocated buffer 2005-02-22 12:10:30 +00:00
Daniel Stenberg 19f66c7575 Thanks for the notification iDEFENCE. We are the "initial vendor" and we sure
got no notification, no mail, no nothing.

You didn't even bother to mail us when you went public with this. Cool.

NTLM buffer overflow fix, as reported here:

http://www.securityfocus.com/archive/1/391042
2005-02-22 07:44:14 +00:00
Daniel Stenberg b7721deb02 added test case 234 which is like 233 but uses --location-trusted instead so
thus the second request to the new host will use authentication fine
2005-02-19 22:33:06 +00:00
Daniel Stenberg 5ba188ab2d Ralph Mitchell reported a flaw when you used a proxy with auth, and you
requested data from a host and then followed a redirect to another
host. libcurl then didn't use the proxy-auth properly in the second request,
due to the host-only check for original host name wrongly being extended to
the proxy auth as well. Added test case 233 to verify the flaw and that the
fix removed the problem.
2005-02-18 23:53:07 +00:00
Daniel Stenberg eadfd78c2e socket leak, mingw build 2005-02-18 11:54:52 +00:00
Daniel Stenberg 4d815c9990 Based on Mike Dobbs' report, BUILDING_LIBCURL is now defined in here if it
runs to build with mingw.
2005-02-18 08:24:53 +00:00
Daniel Stenberg 176981b529 close the socket properly when returning error due to failing localbind
Bug report #1124588 by David
2005-02-17 14:45:03 +00:00
Daniel Stenberg 85baebd0d4 mention filename= for the -F 2005-02-17 07:47:32 +00:00
Daniel Stenberg ac022b2e30 Christopher R. Palmer reported a problem with HTTP-POSTing using "anyauth"
that picks NTLM. Thanks to David Byron letting me test NTLM against his
servers, I could quickly repeat and fix the problem. It turned out to be:

When libcurl POSTs without knowing/using an authentication and it gets back a
list of types from which it picks NTLM, it needs to either continue sending
its data if it keeps the connection alive, or not send the data but close the
connection. Then do the first step in the NTLM auth. libcurl didn't send the
data nor close the connection but simply read the response-body and then sent
the first negotiation step. Which then failed miserably of course. The fixed
version forces a connection if there is more than 2000 bytes left to send.
2005-02-16 14:31:23 +00:00
Daniel Stenberg f169b750b8 check for ENGINE_load_builtin_engines() as well if engine is around 2005-02-14 23:50:29 +00:00
Marty Kuhrt 86295eef13 changed config-vms info 2005-02-14 22:37:59 +00:00
Marty Kuhrt 32d60b2714 changed curlmsg.* entries to see if CVS would ignore it now 2005-02-14 22:36:21 +00:00
Daniel Stenberg 0a3065a2f2 Rename Curl_pretransfersec() to *_second_connect() since it does not just
do pretransfer stuff like Curl_pretransfer().
2005-02-14 09:30:40 +00:00
Daniel Stenberg b98faaa8c0 Fixed bad krb4 code. It always tried to use krb4 if built enabled. 2005-02-11 22:50:57 +00:00
Marty Kuhrt 73772323c9 rename amigaos.c and nwlib.c if they exist before building 2005-02-11 22:42:16 +00:00
Daniel Stenberg 98389066e2 Removed per Marty's request: The .h_* files aren't needed anymore, I
consolidated them into one file called config-vms.h.  The curlmsg.h and .sdl
files are generated from the curlmsg.msg file and, thus, shouldn't be in the
dist.
2005-02-11 22:05:04 +00:00
Marty Kuhrt fb53ed4c1f re-sync'd with curlmsg.msg 2005-02-11 21:17:23 +00:00
Marty Kuhrt e719eb5b81 ignore curlmsg.h and .sdl as they are generated by curlmsg.msg 2005-02-11 21:07:35 +00:00
Marty Kuhrt 3858063bcd sync'd error codes with include/curl.h 2005-02-11 21:01:52 +00:00
Marty Kuhrt d4f5fea840 Added $Id$ and pre-exisiting logical check 2005-02-11 20:17:21 +00:00
Daniel Stenberg 22c1d48cb2 remove the check for strftime(), we don't need it 2005-02-11 19:34:05 +00:00
Daniel Stenberg e7cefd684b Removed all uses of strftime() since it uses the localised version of the
week day names and month names and servers don't like that.
2005-02-11 00:03:49 +00:00
Daniel Stenberg d2485e4f20 valgrind stuff for test suite, vms build and more 2005-02-10 08:57:23 +00:00
Daniel Stenberg 160d6b26b0 Moved out the valgrind report parser to valgrind.pm, to make it easier to
test it outside the test suite. Now we also disable valgrind usage if libcurl
was built shared, as then valgrind is only testing the wrapper-script running
shell which is pointless.
2005-02-10 08:50:33 +00:00
Daniel Stenberg 17d61e4f29 typecast assign to ftpport from int to prevent warnings 2005-02-10 07:45:26 +00:00
Daniel Stenberg 446b9467da init fix for non-SSL builds 2005-02-10 07:45:08 +00:00
Marty Kuhrt 3970a7056c Reduced the two config-vms.h_* files into this one. 2005-02-10 01:54:11 +00:00
Daniel Stenberg 74068a6d1b David Byron fixed his SSL problems, initially mentioned here:
http://curl.haxx.se/mail/lib-2005-01/0240.html. It turned out we didn't use
SSL_pending() as we should.

This was TODO-RELEASE issue #59.
2005-02-09 23:16:03 +00:00
Daniel Stenberg 8c83422fe2 David Byron identified the lack of SSL_pending() use, and this is my take
at fixing this issue.
2005-02-09 23:09:12 +00:00
Daniel Stenberg 61a1e3cd01 better error checking and SSL init by David Byron 2005-02-09 23:04:51 +00:00
Daniel Stenberg 89cac6f25c prevent a compiler warning 2005-02-09 22:47:57 +00:00
Gisle Vanem 62082293c5 Some functions are static here, but extern in libxml's
SAX.h. gcc doesn't like that. Rename.
2005-02-09 15:15:01 +00:00
Daniel Stenberg 153fd2752c the new ftp code and Gisle's DICT fix 2005-02-09 14:34:46 +00:00
Daniel Stenberg e649a40f5d issue #54 done 2005-02-09 14:29:57 +00:00
Gisle Vanem 32d76a5b57 Set 'bits.close' in case of malloc fail.
Don't free 'lud_dn' twice in case curl_unescape()
fails.
2005-02-09 14:28:35 +00:00
Daniel Stenberg 14aa3fa258 add missing error codes 2005-02-09 14:13:21 +00:00