mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2024-11-21 01:16:58 +08:00
Code Issues Packages Projects Releases Wiki Activity
19,454 Commits 14 Branches 221 Tags 221 MiB
77f1029ecd
Commit Graph

8252 Commits

Author SHA1 Message Date
Daniel Stenberg
77f1029ecd http: a stream hash for h2 multiplexing 2015-05-18 08:57:17 +02:00
Daniel Stenberg
7957d2eb92 http: a stream hash for h2 multiplexing 2015-05-18 08:57:17 +02:00
Daniel Stenberg
47caff7bdf http2: debug log when receiving unexpected stream_id 2015-05-18 08:54:54 +02:00
Daniel Stenberg
d6440d7366 http2: move stream_id to the HTTP struct (per-stream) 2015-05-18 08:54:54 +02:00
Daniel Stenberg
f858624052 Curl_http2_setup: only do it once and enable multiplex on the server 
Once we know we are HTTP/2 enabled we know the server can multiplex.
 2015-05-18 08:54:54 +02:00
Daniel Stenberg
6e6b02f398 http: switch on "pipelining" (multiplexing) for HTTP/2 servers 
... and do not blacklist any.
 2015-05-18 08:54:54 +02:00
Daniel Stenberg
5fa82ca56f README.pipelining: removed 
All the details mentioned here are better documented in man pages
 2015-05-15 22:34:12 +02:00
Dan Fandrich
1c01cee601 build: removed bundles.c from make files 
This file was removed in commit fd137786
 2015-05-14 14:55:48 +02:00
Daniel Stenberg
750d678c0e Curl_conncache_add_conn: fix memory leak on OOM 2015-05-14 14:06:44 +02:00
Daniel Stenberg
2a746f6c28 conncache: keep bundles on host+port bases, not only host names 
Previously we counted all connections to a specific host name and that
would be used for the CURLMOPT_MAX_HOST_CONNECTIONS check for example,
while servers on different port numbers are normally considered
different "origins" on the web and should thus be considered different
hosts.
 2015-05-12 23:40:10 +02:00
Daniel Stenberg
fd137786e5 bundles: merged into conncache.c 
All the existing Curl_bundle* functions were only ever used from within
the conncache.c file, so I moved them over and made them static (and
removed the Curl_ prefix).
 2015-05-12 23:21:33 +02:00
Daniel Stenberg
b419e7ae0c hostcache: made all host caches use structs, not pointers 
This avoids unnecessary dynamic allocs and as this also removed the last
users of *hash_alloc() and *hash_destroy(), those two functions are now
removed.
 2015-05-12 09:46:53 +02:00
Daniel Stenberg
d37e0160c2 multi: converted socket hash into non-allocated struct 
avoids extra dynamic allocation
 2015-05-12 09:28:37 +02:00
Daniel Stenberg
640296c95d connection cache: avoid Curl_hash_alloc() 
... by using plain structs instead of pointers for the connection cache,
we can avoid several dynamic allocations that weren't necessary.
 2015-05-12 09:15:02 +02:00
Daniel Stenberg
c4d6f9163a proxy: add newline to info message 2015-05-08 15:56:25 +02:00
Patrick Monnerat
c720cd6356 FTP: fix dangling conn->ip_addr dereference on verbose EPSV. 2015-05-08 15:28:48 +02:00
Patrick Monnerat
3377e692ee FTP: Make EPSV use the control IP address rather than the original host. 
This ensures an alternate address is not used.
Does not apply to proxy tunnel.
 2015-05-08 15:28:48 +02:00
Orgad Shaneh
33058a1dc3 netrc: Read in text mode when cygwin 
Use text mode when cygwin to eliminate trailing carriage returns.

Bug: https://github.com/bagder/curl/pull/258
 2015-05-06 02:34:31 -04:00
Alessandro Ghedini
a5e09e9eea gtls: properly retrieve certificate status 
Also print the revocation reason if appropriate.
 2015-05-04 13:42:45 +02:00
Daniel Stenberg
86bc654532 OpenSSL: conditional check for SSL3_RT_HEADER 
The symbol is fairly new.

Reported-by: Kamil Dudka
 2015-05-04 13:29:34 +02:00
Daniel Stenberg
690317aae2 openssl: skip trace outputs for ssl_ver == 0 
The OpenSSL trace callback is wonderfully undocumented but given a
journey in the source code, it seems the cases were ssl_ver is zero
doesn't follow the same pattern and thus turned out confusing and
misleading. For now, we skip doing any CURLINFO_TEXT logging on those
but keep sending them as CURLINFO_SSL_DATA_OUT/IN.

Also, I added direction to the text info and I edited some functions
slightly.

Bug: https://github.com/bagder/curl/issues/219
Reported-by: Jay Satiro, Ashish Shukla
 2015-05-04 12:27:59 +02:00
Marc Hoersken
3c104448d6 schannel.c: Small changes 2015-05-02 22:21:25 +02:00
Marc Hoersken
ae8387b91c schannel.c: Improve code path and readability 2015-05-02 20:14:53 +02:00
Marc Hoersken
d93619ca5d schannel.c: Improve error and return code handling upon aa99a63f03 2015-05-02 20:05:22 +02:00
Chris Araman
aa99a63f03 schannel: fix regression in schannel_recv 
https://github.com/bagder/curl/issues/244

Commit 145c263 changed the behavior when Curl_read_plain returns
CURLE_AGAIN. We now handle CURLE_AGAIN and SEC_I_CONTEXT_EXPIRED
correctly.
 2015-05-02 18:54:13 +02:00
Marc Hoersken
4bb8bad964 Bug born in changes made several days ago 9a91e80. 
Commit: https://github.com/bagder/curl/commit/926cb9f
Reported-by: Ray Satiro
 2015-05-01 09:39:34 +02:00
Dan Fandrich
32606e4f0b http_negotiate_sspi: added missing data variable 2015-04-30 12:13:49 +02:00
Viktor Szakats
6a61285909 build: update depedency versions, urls, example makefiles 
- update default versions of dependencies (except for rare/old platforms)
- update urls
- sync examples makefiles with main ones
- remove line ending space
 2015-04-30 08:29:00 +02:00
Anders Bakken
b23fda76c1 curl_multi_add_handle: next is already NULL 2015-04-30 08:21:34 +02:00
Jay Satiro
926cb9ff65 schannel: Fix out of bounds array 
Bug born in changes made several days ago 9a91e80.

Bug: http://curl.haxx.se/mail/lib-2015-04/0199.html
Reported-by: Brian Chrisman
 2015-04-30 01:44:45 -04:00
Viktor Szakats
790d1a4816 lib/makefile.m32: add arch -m32/-m64 to LDFLAGS 
This fixes using a multi-target mingw distro to build curl .dll for the
non-default target.
(mirroring the same patch present in src/makefile.m32)
 2015-04-29 13:18:17 -04:00
Daniel Stenberg
6ba2e88a64 CURLOPT_HEADEROPT: default to separate 
Make the HTTP headers separated by default for improved security and
reduced risk for information leakage.

Bug: http://curl.haxx.se/docs/adv_20150429.html
Reported-by: Yehezkel Horowitz, Oren Souroujon
 2015-04-28 21:02:37 +02:00
Daniel Stenberg
b2ea1bfcd6 hash: simplify Curl_str_key_compare() 2015-04-28 13:10:53 +02:00
Linus Nielsen
97c272e5d1 Negotiate: custom service names for SPNEGO. 
* Add new options, CURLOPT_PROXY_SERVICE_NAME and CURLOPT_SERVICE_NAME.
* Add new curl options, --proxy-service-name and --service-name.
 2015-04-28 08:29:56 +02:00
Daniel Stenberg
54c394699d http2: unify http_conn variable names to 'c' 2015-04-27 22:54:34 +02:00
Daniel Stenberg
09a31fabe4 ConnectionExists: call it multi-use instead of pipelining 
So that it fits HTTP/2 as well
 2015-04-27 22:54:34 +02:00
Paul Howarth
d4f62f6c5d nss: fix compilation failure with old versions of NSS 
Bug: http://curl.haxx.se/mail/lib-2015-04/0095.html
 2015-04-27 15:37:16 +02:00
Marc Hoersken
92e754de78 schannel.c: Fix typo introduced with 3447c973d0 2015-04-26 19:57:05 +02:00
Marc Hoersken
9a91e8059b schannel.c: Fix possible SEC_E_BUFFER_TOO_SMALL error 
Reported-by: Brian Chrisman
 2015-04-26 17:59:01 +02:00
Daniel Stenberg
3447c973d0 schannel: re-indented file to follow curl style better 
white space changes only
 2015-04-26 17:40:40 +02:00
Daniel Stenberg
cae43a10cb Curl_ossl_init: load builtin modules 
To have engine modules work, we must tell openssl to load builtin
modules first.

Bug: https://github.com/bagder/curl/pull/206
 2015-04-26 17:26:31 +02:00
Daniel Stenberg
aff153f83a openssl: fix serial number output 
The code extracting the cert serial number was broken and didn't display
it properly.

Bug: https://github.com/bagder/curl/issues/235
Reported-by: dkjjr89
 2015-04-26 16:36:19 +02:00
Grant Pannell
59f3f92ba6 sasl_sspi: Populate domain from the realm in the challenge 
Without this, SSPI based digest auth was broken.

Bug: https://github.com/bagder/curl/pull/141.patch
 2015-04-26 16:12:23 +02:00
Viktor Szakats
48be87e5f0 netrc: support 'default' token 
The 'default' token has no argument and means to match _any_ domain.
It must be placed last if there are 'machine <name>' tokens in the same file.

See full description here:
https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-File.html
 2015-04-24 23:57:37 +02:00
Jay Satiro
0675abbc75 cyassl: Implement public key pinning 
Also add public key extraction example to CURLOPT_PINNEDPUBLICKEY doc.
 2015-04-22 17:07:19 -04:00
Daniel Stenberg
85c45d153b connectionexists: follow-up to fd9d3a1ef1 
PROTOPT_CREDSPERREQUEST still needs to be checked even when NTLM is not
enabled.

Mistake-caught-by: Kamil Dudka
 2015-04-22 13:59:04 +02:00
Daniel Stenberg
fd9d3a1ef1 connectionexists: fix build without NTLM 
Do not access NTLM-specific struct fields when built without NTLM
enabled!

bug: http://curl.haxx.se/?i=231
Reported-by: Patrick Rapin
 2015-04-22 13:32:45 +02:00
Kamil Dudka
b47c17d67c nss: implement public key pinning for NSS backend 
Bug: https://bugzilla.redhat.com/1195771
 2015-04-22 13:21:31 +02:00
Daniel Stenberg
1fd33e3ec8 dist: include {src,lib}/checksrc.whitelist 2015-04-22 13:16:04 +02:00
Daniel Stenberg
79b9d5f1a4 http_done: close Negotiate connections when done 
When doing HTTP requests Negotiate authenticated, the entire connnection
may become authenticated and not just the specific HTTP request which is
otherwise how HTTP works, as Negotiate can basically use NTLM under the
hood. curl was not adhering to this fact but would assume that such
requests would also be authenticated per request.

CVE-2015-3148

Bug: http://curl.haxx.se/docs/adv_20150422B.html
Reported-by: Isaac Boukris
 2015-04-21 23:20:37 +02:00