Commit Graph

10163 Commits

Author SHA1 Message Date
Daniel Stenberg
9019fc5671 oops, fixed to build 2008-02-20 10:01:28 +00:00
Daniel Stenberg
5db0f70491 "118 - Gautam Kachroo's issue with proxies and ssl" is now in CVS 2008-02-20 09:58:42 +00:00
Daniel Stenberg
53a549000c - Based on initial work done by Gautam Kachroo to address a bug, we now keep
better control at the exact state of the connection's SSL status so that we
  know exactly when it has completed the SSL negotiation or not so that there
  won't be accidental re-uses of connections that are wrongly believed to be
  in SSL-completed-negotiate state.
2008-02-20 09:56:26 +00:00
Daniel Stenberg
55700cb01f - We no longer support setting the CURLOPT_URL option from inside a callback
such as the CURLOPT_SSL_CTX_FUNCTION one treat that as if it was a Location:
  following. The patch that introduced this feature was done for 7.11.0, but
  this code and functionality has been broken since about 7.15.4 (March 2006)
  with the introduction of non-blocking OpenSSL "connects".

  It was a hack to begin with and since it doesn't work and hasn't worked
  correctly for a long time and nobody has even noticed, I consider it a very
  suitable subject for plain removal. And so it was done.
2008-02-20 08:28:02 +00:00
Gunter Knauf
f9a6062081 applied patch to disable SSLv2 by default; discussion:
http://sourceforge.net/tracker/index.php?func=detail&aid=1767276&group_id=976&atid=350976
Submitted by Kaspar Brand.
2008-02-19 23:10:07 +00:00
Dan Fandrich
0cae201044 Added test309 to test HTTP redirect to HTTPS URL 2008-02-19 21:57:41 +00:00
Yang Tse
9df37b93df juggle() actually returns bool.
Remove redundant and unreachable log message.
2008-02-19 18:51:08 +00:00
Yang Tse
7b5c86033a fix compiler warnings: 'statement is unreachable' 2008-02-19 17:25:19 +00:00
Gunter Knauf
ade0890746 fix for new codestyle. 2008-02-19 16:23:03 +00:00
Gunter Knauf
7a5596bf02 made changes to work with Win32;
replaced fstat() with stat() call and bail out if local file not found.
2008-02-19 16:13:52 +00:00
Yang Tse
d2125cf501 fix compiler warnings: 'enumerated type mixed with another type' 2008-02-19 15:07:50 +00:00
Yang Tse
c9eb41c056 Reduce to 20 seconds the time allowed to set SO_REUSEADDR option on sockfilt listener socket.
Log some more error descriptions.
2008-02-18 20:13:30 +00:00
Daniel Stenberg
0d722204c3 https_getsock() should be static all over (and did some fixed indenting) 2008-02-18 19:53:31 +00:00
Daniel Stenberg
e829d5643f the ca-bundle is now removed 2008-02-18 16:55:27 +00:00
Gunter Knauf
1093287494 added makefile for MingW32 to build most of the samples. 2008-02-18 15:43:23 +00:00
Gunter Knauf
6398f71cc4 moved sample program defines into separate Makefile.inc so that other makefiles can pick up the defines from there. 2008-02-18 15:32:34 +00:00
Gunter Knauf
e2b50b203d added check symbol for linking with POSIX prelude. 2008-02-18 15:30:11 +00:00
Yang Tse
ab0de23d83 fix compiler warnings:
'enumerated type mixed with another type'

and

  'variable was set but never used'
2008-02-18 13:05:46 +00:00
Daniel Stenberg
ec54fbd9ed just mention in --cacert that curl normally has a default ca cert path built-in 2008-02-18 11:40:52 +00:00
Daniel Stenberg
074bd2a19b the ca-bundle is no longer shipped 2008-02-18 11:39:11 +00:00
Daniel Stenberg
fb23b85770 - We're no longer providing a very old ca-bundle in the curl tarball. You can
get a fresh one downloaded and created with 'make ca-bundle' or you can get
  one from here => http://curl.haxx.se/docs/caextract.html if you want a fresh
  new one extracted from Mozilla's recent list of ca certs.

  The configure option --with-ca-bundle now lets you specify what file to use
  as default ca bundle for your build. If not specified, the configure script
  will check a few known standard places for a global ca cert to use.
2008-02-18 11:35:12 +00:00
Daniel Stenberg
3458ce9ae5 - Jerome Muffat-Meridol helped me fix Curl_done() to close the current
connection by force when it was called before the entire request is
  completed, simply because we can't know if the connection really can be
  re-used safely at that point.
2008-02-17 13:49:58 +00:00
Daniel Stenberg
ba3e7a8656 rephrased comment 2008-02-17 13:49:01 +00:00
Daniel Stenberg
240bae4eb2 In Curl_done() if premature is TRUE, it means this connection was said to be
DONE before the entire request operation is complete and thus we can't know in
what state it is for re-using, so we're forced to close it. In a perfect world
we can add code that keep track of if we really must close it here or not, but
currently we have no such detail knowledge.

Jerome Muffat-Meridol helped us work this out.
2008-02-17 13:43:32 +00:00
Daniel Stenberg
4180ca7638 don't do the GOT_NOTHING error check if the DONE function was called with
premature set TRUE, which means it was done before the request comleted. It
could then very well not have received any data.
2008-02-17 13:40:35 +00:00
Daniel Stenberg
0e73361a06 added a comment about the ignoring of the Curl_done() return code 2008-02-17 13:38:19 +00:00
Yang Tse
23547fa2a0 sockfilt will quit when orphaned 2008-02-17 04:36:08 +00:00
Daniel Stenberg
550d6f74b9 oops, that was debug code not meant to be committed like this... 2008-02-16 13:44:23 +00:00
Daniel Stenberg
f7b71c2abe fix warnings about shadowing 2008-02-16 13:41:55 +00:00
Gunter Knauf
0da90b5d91 seems that curently we dont need the imports from (l)ldapx.imp. 2008-02-16 00:44:14 +00:00
Gunter Knauf
f20c94ced9 fixed linker def file for tools when compiled with gcc/nlmconv. 2008-02-16 00:21:58 +00:00
Gunter Knauf
3e635a2334 re-ordered the module dependency list;
removed unsused ldap module dependency since the module didnt autounload from protected address space.
2008-02-16 00:15:30 +00:00
Daniel Stenberg
e78652d850 - Made the gnutls code path not even try to get the server cert if no peer
verification is requested. Previously it would even return failure if gnutls
  failed to get the server cert even though no verification was asked for.

- Fix my Curl_timeleft() leftover mistake in the gnutls code
2008-02-15 22:37:00 +00:00
Daniel Stenberg
48918c3047 mention that we explicitly ignore the return code 2008-02-15 21:38:54 +00:00
Yang Tse
dc42d6fb8d log SSH public key authentication failure and reason 2008-02-15 17:00:56 +00:00
Daniel Stenberg
d2ad98d8c5 new mirror and mirror recount after cleansing 2008-02-15 09:29:57 +00:00
Daniel Stenberg
d25aab2704 - Pooyan McSporran found and fixed a flaw where you first would do a normal
http request and then you'd reuse the handle and replace the Accept: header,
  as then libcurl would send two Accept: headers!
2008-02-15 08:56:06 +00:00
Gunter Knauf
cfaf88aab4 fixed version var. 2008-02-15 00:41:54 +00:00
Gunter Knauf
ecc75be6f3 moved info block up before help block so that it can also be displayed before help option; trial to add a version number. 2008-02-15 00:26:26 +00:00
Gunter Knauf
13ebf61850 added some files which were missing in release tarballs. 2008-02-14 21:24:59 +00:00
Daniel Stenberg
b3fafe9b3a five current issues we should deal with somehow before the next release 2008-02-14 10:14:23 +00:00
Dan Fandrich
c66943bd89 Updated some out-of-date information. 2008-02-13 23:06:21 +00:00
Daniel Stenberg
11fae450fa make this test disabled properly when built with yassl 2008-02-13 21:36:24 +00:00
Yang Tse
cf9259dd92 verifyserver() actually returns the pid of the unsecure http and ftp servers
when verifying the https and ftps servers
2008-02-13 06:06:57 +00:00
Yang Tse
6634e3c3a3 On heavily loaded systems any test server start up can take longer than the
timeout passed to startnew, when this happens startnew completes without being
able to read the pidfile and consequently returns a zero pid2.

To fix the above posibility the server pid is recovered from the verification
stage which will actually return the server pid when verification is valid.
2008-02-12 13:47:56 +00:00
Yang Tse
533ae704a1 fix grammatical issues 2008-02-12 01:11:55 +00:00
Daniel Stenberg
fcc320ee40 Yang Tse pointed out a few remaining quirks from my timeout refactoring from
Feb 7 that didn't abort properly on timeouts. These are actually old
problems but now they should be fixed.
2008-02-11 22:03:31 +00:00
Yang Tse
dc9fe9c361 shell startup scripts and possible influence in scp/sftp/socks tests 2008-02-11 20:21:06 +00:00
Dan Fandrich
75c369dcca Disable test due to keyword before disabling due to bad server. 2008-02-11 20:10:36 +00:00
Gunter Knauf
019f6a1926 open pipe to openssl commandline instead of writing into temp file. 2008-02-11 18:52:45 +00:00