Commit Graph

467 Commits

Author SHA1 Message Date
Daniel Stenberg
bec9692a77 PROT_CLOSEACTION: added SFTP and SCP
Both SFTP and SCP are protocols that need to shut down stuff properly
when the connection is about to get torned down. The primary effect of
not doing this shows up as memory leaks (when using SCP or SFTP with the
multi interface).

This is one of the problems detected by test 582.
2011-03-12 23:08:10 +01:00
Todd A Ouska
9e60d8fd9e SSL: (part 2) Added CyaSSL to SSL abstraction layer
This is the modified existing files commit.
2011-03-08 13:54:58 +01:00
Kamil Dudka
dc0a7161f8 nss: avoid memory leaks and failure of NSS shutdown
... in case more than one CA is loaded.

Bug: https://bugzilla.redhat.com/670802
2011-01-27 11:14:18 +01:00
Quinn Slack
59cf93ccdb TLS-SRP: support added when using GnuTLS 2011-01-19 20:35:02 +01:00
Marcel Roelofs
1d28efb9d1 HTTP: HTTP Negotiate authentication using SSPI
Only under Windows
2011-01-07 23:48:40 +01:00
Daniel Stenberg
5825aa149d multi: connect fail => use next IP address
When using the multi interface and connecting to a host name that
resolves to multiple IP addresses, there was no logic that made it
continue to the next IP if connecting to the first address times
out. This is now corrected.
2010-12-23 22:21:24 +01:00
Tommie Gannert
8ab137b2bc ares: ask for both IPv4 and IPv6 addresses
Make the c-ares resolver code ask for both IPv4 and IPv6 addresses when
IPv6 is enabled.

This is a workaround for the missing ares_getaddrinfo() and is a lot
easier to implement.

Note that as long as c-ares returns IPv4 addresses when IPv6 addresses
were requested but missing, this will cause a host's IPv4 addresses to
occur twice in the DNS cache.

URL: http://curl.haxx.se/mail/lib-2010-12/0041.html
2010-12-18 22:33:27 +01:00
Daniel Stenberg
b998b04c02 urldate: undef hideous memory defines
The public axTLS header (at least as of 1.2.7) redefines the memory
functions. We #undef those again immediately after the public header to
limit the damage. This should be fixed in axTLS.
2010-12-15 16:05:17 +01:00
Eric Hu
108d7693a4 Preparing for axTLS. Actual SSL API functions are only stubbed.
Added axTLS to autotool files and glue code to misc other files.
axtls.h maps SSL API functions, but may change.
axtls.c is just a stub file and will definitely change.
2010-12-15 16:05:17 +01:00
Kamil Dudka
5c7c9a768d url: provide dead_connection flag in Curl_handler::disconnect
It helps to prevent a hangup with some FTP servers in case idle session
timeout has exceeded.  But it may be useful also for other protocols
that send any quit message on disconnect.  Currently used by FTP, POP3,
IMAP and SMTP.
2010-12-06 14:35:42 +01:00
Yang Tse
11cddb68e0 fix getinfo CURLINFO_LOCAL* for reused connections (take 2) 2010-11-30 22:14:37 +01:00
Yang Tse
f6f5d7874f fix getinfo CURLINFO_LOCAL* for reused connections 2010-11-30 06:20:54 +01:00
Julien Chaffraix
add5766dd4 urldata: Capitalize enum protect_level values.
This makes it easier to spot the enum values from the variables.
Removed some unneeded DEBUGASSERT added in the previous commit.
2010-11-13 14:42:34 -08:00
Julien Chaffraix
8d59d69449 security: tighten enum protection_level usage.
While changing Curl_sec_read_msg to accept an enum protection_level
instead of an int, I went ahead and fixed the usage of the associated
fields.

Some code was assuming that prot_clear == 0. Fixed those to use the
proper value. Added assertions prior to any code that would set the
protection level.
2010-11-13 14:12:43 -08:00
Daniel Stenberg
a1f32ffee5 ip_version: moved to connection struct
The IP version choice was previously only in the UserDefined struct
within the SessionHandle, but since we sometimes alter that option
during a request we need to have it on a per-connection basis.

I also moved more "init conn" code into the allocate_conn() function
which is designed for that purpose more or less.
2010-11-11 15:16:21 +01:00
Daniel Stenberg
1b24b89cca CURLOPT_RESOLVE: added
CURLOPT_RESOLVE is a new option that sends along a curl_slist with
name:port:address sets that will populate the DNS cache with entries so
that request can be "fooled" to use another host than what otherwise
would've been used. Previously we've encouraged the use of Host: for
that when dealing with HTTP, but this new feature has the added bonus
that it allows the name from the URL to be used for TLS SNI and server
certificate name checks as well.

This is a first change. Surely more will follow to make it decent.
2010-11-08 08:56:21 +01:00
Daniel Stenberg
87374a47c9 Revert: use Host: name for SNI and cert name checks
This reverts commit b0fd03f5b8,
4b2fbe1e97, afecd1aa13, 68cde058f6
2010-11-05 10:25:58 +01:00
Daniel Stenberg
afecd1aa13 host: get the custom Host: name more genericly
When given a custom host name in a Host: header, we can use it for
several different purposes other than just cookies, so we rename it and
use it for SSL SNI etc.
2010-11-04 14:58:15 +01:00
Julien Chaffraix
512a82d395 security.c: Remove out_buffer as it was never written into. 2010-09-22 23:34:36 +02:00
Cameron Kaiser
201637d468 Gopher protocol support (initial release) 2010-08-25 14:19:58 +02:00
Daniel Stenberg
6b6a3bcb61 http: handle trailer headers in all chunked responses
HTTP allows that a server sends trailing headers after all the chunks
have been sent WITHOUT signalling their presence in the first response
headers. The "Trailer:" header is only a SHOULD there and as we need to
handle the situation even without that header I made libcurl ignore
Trailer: completely.

Test case 1116 was added to verify this and to make sure we handle more
than one trailer header properly.

Reported by: Patrick McManus
Bug: http://curl.haxx.se/bug/view.cgi?id=3052450
2010-08-25 13:42:14 +02:00
Daniel Stenberg
232ad6549a multi: support timeouts
Curl_expire() is now expanded to hold a list of timeouts for each easy
handle. Only the closest in time will be the one used as the primary
timeout for the handle and will be used for the splay tree (which sorts
and lists all handles within the multi handle).

When the main timeout has triggered/expired, the next timeout in time
that is kept in the list will be moved to the main timeout position and
used as the key to splay with. This way, all timeouts that are set with
Curl_expire() internally will end up as a proper timeout. Previously any
Curl_expire() that set a _later_ timeout than what was already set was
just silently ignored and thus missed.

Setting Curl_expire() with timeout 0 (zero) will cancel all previously
added timeouts.

Corrects known bug #62.
2010-08-15 13:16:39 +02:00
Daniel Stenberg
dc2157a087 parse_remote_port: fix ;type= URL suffix over HTTP proxy
Test 563 is enabled now and verifies that the combo FTP type=A URL,
CURLOPT_PORT set and proxy work fine. As a bonus I managed to remove the
somewhat odd FTP check in parse_remote_port() and instead converted it
to a better and more generic 'slash_removed' struct field. Checking the
->protocol field isn't right since when an FTP:// URL is sent over a
HTTP proxy, the protocol is HTTP but the URL was handled by the FTP code
and thus slash_removed is set TRUE for this case.
2010-08-10 00:56:45 +02:00
Frank Meier
8098d9417c getinfo: added *_PRIMARY_PORT, *_LOCAL_IP and *_LOCAL_PORT 2010-06-05 00:31:36 +02:00
Kamil Dudka
2ffe834bff ftp wildcard: a new option CURLOPT_FNMATCH_DATA 2010-05-16 02:52:33 +02:00
Hoi-Ho Chan
83305cbf9f Remove support for BSD version of PolarSSL
"The BSD version of PolarSSL was made for migratory purposes only and is not
maintained. The GPL version of PolarSSL is actually the only actively
developed version, so I would be very reluctant to use the BSD version." /
Paul Bakker, PolarSSL hacker.

Signed-off-by: Hoi-Ho Chan <hoiho.chan@gmail.com>
2010-05-13 21:50:52 +02:00
Pavel Raiskup
0825cd80a6 FTP: WILDCARDMATCH/CHUNKING/FNMATCH added 2010-05-12 23:17:51 +02:00
Howard Chu
04cb15ae9d RTMP: initial support added, powered by librtmp
librtmp is found at http://rtmpdump.mplayerhq.hu/
2010-05-12 23:07:20 +02:00
Howard Chu
bc8fc9803f sendrecv: make them two pairs of send/recv to properly deal with FTPS
FTP(S) use two connections that can be set to different recv and
send functions independently, so by introducing recv+send pairs
in the same manner we already have sockets/connections we can
work with FTPS fine.

This commit fixes the FTPS regression introduced in change d64bd82.
2010-05-11 22:48:38 +02:00
Howard Chu
d64bd82bdc sendrecv: split the I/O handling into private handler
Howard Chu brought the bulk work of this patch that properly
moves out the sending and recving of data to the parts of the
code that are properly responsible for the various ways of doing
so.

Daniel Stenberg assisted with polishing a few bits and fixed some
minor flaws in the original patch.

Another upside of this patch is that we now abuse CURLcodes less
with the "magic" -1 return codes and instead use CURLE_AGAIN more
consistently.
2010-05-07 15:05:34 +02:00
Hoi-Ho Chan
51427e1947 PolarSSL: initial support added
This is Hoi-Ho Chan's patch with some minor fixes by me. There
are some potential issues in this, but none worse than we can
sort out on the list and over time.
2010-05-05 22:30:46 +02:00
Ben Greear
38d2afcefb telnet: Allow programatic use of telnet.
The main change is to allow input from user-specified methods,
when they are specified with CURLOPT_READFUNCTION.
All calls to fflush(stdout) in telnet.c were removed, which makes
using 'curl telnet://foo.com' painful since prompts and other data
are not always returned to the user promptly.  Use
'curl --no-buffer telnet://foo.com' instead.  In general,
the user should have their CURLOPT_WRITEFUNCTION do a fflush
for interactive use.

Also fix assumption that reading from stdin never returns < 0.
Old code could crash in that case.

Call progress functions in telnet main loop.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-04-29 08:55:11 +02:00
Jerome Vouillon
c2888604d7 GnuTLS: make the connection phase non-blocking
When multi interface is used, the SSL handshake is no longer
blocking when GnuTLS is used.
2010-04-16 22:43:01 +02:00
Daniel Stenberg
93e6b1cb7c PROT_CLOSEACTION should not include TFTP
TFTP is not a protocol that uses close actions so it should
not be set in that bitmask!
2010-03-25 19:56:50 +01:00
Daniel Stenberg
2309b4e330 remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
Yang Tse
1435864030 Definitions of resolver specialty compile-time defines CURLRES_* moved
from hostip.h to setup.h in order to allow proper inclusion in any file.

This represents no functional change at all in which resolver is used,
everything still works as usual, internally and externally there is no
difference in behavior.
2010-01-22 20:27:48 +00:00
Daniel Stenberg
bc4582b68a Chris Conroy brought support for RTSP transfers, and with it comes 8(!) new
libcurl options for controlling what to get and how to receive posssibly
interleaved RTP data. Initial commit.
2010-01-21 13:58:30 +00:00
Daniel Stenberg
a62f32d3c2 update copyright year since we are in 2010 now 2010-01-01 14:52:50 +00:00
Daniel Stenberg
605bbfc4c0 - Ingmar Runge enhanced libcurl's FTP engine to support the PRET command. This
command is a special "hack" used by the drftpd server, but even though it is
  a custom extension I've deemed it fine to add to libcurl since this server
  seems to survive and people keep using it and want libcurl to support
  it. The new libcurl option is named CURLOPT_FTP_USE_PRET, and it is also
  usable from the curl tool with --ftp-pret. Using this option on a server
  that doesn't support this command will make libcurl fail.
2010-01-01 14:44:44 +00:00
Daniel Stenberg
3f3f6be825 turned CURLOPT_MAIL_RCPT into a curl_slist list instead to support multiple
receivers, and made the command line tool thus support the option specified
many times
2009-12-31 21:52:01 +00:00
Daniel Stenberg
54c60d0067 Stop overloading the conn->protocol field with the PROT_MISSING bit. It
really didn't belong there and had no real point.
2009-12-17 16:03:39 +00:00
Daniel Stenberg
91d05903b4 Remove pointless storing of the protocol as a string within the connectdata
struct, and instead use the already stored string in the handler struct.
2009-12-17 15:45:04 +00:00
Daniel Stenberg
83a6b34803 split out more protocol-specific structs from urldata.h into their own
protocol-specific header files
2009-12-12 22:17:51 +00:00
Daniel Stenberg
ec3bb8f727 introducing IMAP, POP3 and SMTP support (still lots of polish left to do) 2009-12-12 21:54:01 +00:00
Daniel Stenberg
6e38cc9048 - Markus Koetter provided a polished and updated version of Chad Monroe's TFTP
rework patch that now integrates TFTP properly into libcurl so that it can
  be used non-blocking with the multi interface and more. BLKSIZE also works.

  The --tftp-blksize option was added to allow setting the TFTP BLKSIZE from
  the command line.
2009-11-27 23:46:29 +00:00
Yang Tse
90bc6ee8f3 - Constantine Sapuntzakis provided the fix that ensures that an SSL connection
won't be reused unless protection level for peer and host verification match.
2009-11-14 02:30:30 +00:00
Kamil Dudka
571309dc3e - libcurl-NSS now tries to reconnect with TLS disabled in case it detects
a broken TLS server. However it does not happen if SSL version is selected
  manually. The approach was originally taken from PSM. Kaspar Brand helped me
  to complete the patch. Original bug reports:
  https://bugzilla.redhat.com/525496
  https://bugzilla.redhat.com/527771
2009-11-12 11:16:31 +00:00
Yang Tse
b205525d34 Take in account c-ares 1.6.1 will use __declspec function decoration
for Win32 and Symbian unless CARES_STATICLIB is defined to use static
library linkage.
2009-10-29 03:48:00 +00:00
Kamil Dudka
66fcebdc9e - Implemented a protocol independent way to specify blocking direction, used by
transfer.c for blocking. It is currently used only by SCP and SFTP protocols.
  This enhancement resolves an issue with 100% CPU usage during SFTP upload,
  reported by Vourhey.
2009-09-26 08:31:48 +00:00
Patrick Monnerat
b0b2824b58 - Introduced a SYST-based test to properly set-up name format when dealing with the OS/400 FTP server.
- Fixed an ftp_readresp() bug preventing detection of failing control socket  and causing FTP client to loop forever.
2009-08-24 12:57:25 +00:00