Commit Graph

1865 Commits

Author SHA1 Message Date
Kamil Dudka
ef1ac363ee nss: handle client certificate related errors 2010-04-06 13:42:11 +02:00
Kamil Dudka
ff8711135e refactorize interface of Curl_ssl_recv/Curl_ssl_send 2010-04-04 23:37:18 +02:00
Kamil Dudka
64ac64e783 eliminate a race condition in Curl_resolv_timeout() 2010-04-04 23:34:24 +02:00
Daniel Stenberg
49f3160d69 fix SFTP download hang
Matt Wixson found and fixed a bug in the SCP/SFTP area where the
code treated a 0 return code from libssh2 to be the same as
EAGAIN while in reality it isn't. The problem caused a hang in
SFTP transfers from a MessageWay server.
2010-04-01 22:39:15 +02:00
Daniel Stenberg
604a2bdac8 Ben's POP3 change 2010-03-28 23:52:37 +02:00
Ben Greear
0eda142e90 allow user+password in the URL for all protocols
Ben Greear brought a patch that from now on allows all protocols
to specify name and user within the URL, in the same manner HTTP
and FTP have been allowed to in the past - although far from all
of the libcurl supported protocols actually have that feature in
their URL definition spec.
2010-03-27 23:00:51 +01:00
Daniel Stenberg
2b0c2ac49c changelogged: smoother rate limiting 2010-03-26 23:35:24 +01:00
Bob Richmond
05632d5db9 fix: timeout after last data chunk was handled
Bob Richmond: There's an annoying situation where libcurl will
read new HTTP response data from a socket, then check if it's a
timeout if one is set. If the last packet received constitutes
the end of the response body, libcurl still treats it as a
timeout condition and reports a message like:

"Operation timed out after 3000 milliseconds with 876 out of 876
bytes received"

It should only a timeout if the timer lapsed and we DIDN'T
receive the end of the response body yet.
2010-03-24 17:02:17 +01:00
Daniel Stenberg
9828b926ae RTSP GET_PARAMETER fix
Christopher Conroy fixed a problem with RTSP and GET_PARAMETER
reported to us by Massimo Callegari. There's a new test case 572
that verifies this now.
2010-03-24 13:28:02 +01:00
Daniel Stenberg
dd0c31ce38 The 'ares' subtree has been removed from the source repository 2010-03-24 10:47:48 +01:00
Daniel Stenberg
4b351d018e mark connection as connected
Kenny To filed the bug report #2963679 with patch to fix a
problem he experienced with doing multi interface HTTP POST over
a proxy using PROXYTUNNEL. He found a case where it would connect
fine but bits.tcpconnect was not set correct so libcurl didn't
work properly.

(http://curl.haxx.se/bug/view.cgi?id=2963679)
2010-03-23 23:30:39 +01:00
Daniel Stenberg
7fd32ce73d chunked-encoding with Content-Length: header problem
Akos Pasztory filed debian bug report #572276
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572276
mentioning a problem with a resource that returns chunked-encoded
_and_ with a Content-Length and libcurl failed to properly ignore
the latter information.
2010-03-23 15:26:45 +01:00
Daniel Stenberg
2a94293efd delayed easy handle kill caused double Curl_close() call
Hauke Duden provided an example program that made the multi
interface crash.  His example simply used the multi interface and
did first one FTP transfer and after completion it used a second
easy handle and did another FTP transfer on the same FTP server.

This triggered a bug in the "delayed easy handle kill" system
that curl uses: when an FTP connection is left alive it must keep
an easy handle around internally - only for the purpose of having
an easy handle when it later disconnects it. The code assumed
that when the easy handle was removed and an internal reference
was made, that version could be killed later on when a new easy
handle came using the same connection. This was wrong as Hauke's
example showed that the removed handle wasn't killed for real
until later. This caused a double close attempt => segfault.
2010-03-23 13:18:30 +01:00
Daniel Stenberg
d4cd5411a6 Thomas Lopatic fixed the alarm()-based DNS timeout 2010-03-22 22:00:55 +01:00
douglas steinwand
abcea311e3 Fix insufficient initialization in Curl_clone_ssl_config()
which could have caused a double free when reusing curl handle.
2010-03-22 09:25:03 +01:00
Daniel Stenberg
1609685fc2 various changes of CVS to git 2010-03-22 00:34:09 +01:00
Daniel Stenberg
3d3900f032 Ben Greear's two fixes explained 2010-03-21 23:34:29 +01:00
Kamil Dudka
19ca0c0fbe - Improved Curl_read() to not ignore the error returned from Curl_ssl_recv(). 2010-03-19 15:43:11 +00:00
Daniel Stenberg
733f794cb8 - Constantine Sapuntzakis brought a patch:
The problem mentioned on Dec 10 2009
  (http://curl.haxx.se/bug/view.cgi?id=2905220) was only partially fixed.
  Partially because an easy handle can be associated with many connections in
  the cache (e.g. if there is a redirect during the lifetime of the easy
  handle).  The previous patch only cleaned up the first one. The new fix now
  removes the easy handle from all connections, not just the first one.
2010-03-15 22:40:42 +00:00
Daniel Stenberg
e262aaae2b - Ben Greear brought a patch that fixed the rate limiting logic for TFTP when
the easy interface was used.
2010-03-06 18:42:06 +00:00
Daniel Stenberg
f5d8c0befc Daniel Johnson provided fixes for building with the clang compiler 2010-03-05 22:53:30 +00:00
Yang Tse
f4551a9678 Constantine Sapuntzakis detected and fixed a double free in builds done
with threaded resolver enabled (Windows default configuration) that would
get triggered when a curl handle is closed while doing DNS resolution.
2010-03-05 03:15:19 +00:00
Daniel Stenberg
013d5a72d4 - [Daniel Johnson] I've been trying to build libcurl with clang on Darwin and
ran into some issues with the GSSAPI tests in configure.ac. The tests first
  try to determine the include dirs and libs and set CPPFLAGS and LIBS
  accordingly. It then checks for the headers and finally sets LIBS a second
  time, causing the libs to be included twice. The first setting of LIBS seems
  redundant and should be left out, since the first part is otherwise just
  about finding headers.

  My second issue is that 'krb5-config --libs gssapi' on Darwin is less than
  useless and returns junk that, while it happens to work with gcc, causes
  clang to choke. For example, --libs returns $CFLAGS along with the libs,
  which is really retarded. Simply setting 'LIBS="$LIBS -lgssapi_krb5
  -lresolv"' on Darwin is sufficient.
2010-03-02 22:02:56 +00:00
Daniel Stenberg
9b2cce236f - Based on patch provided by Jacob Moshenko, the transfer logic now properly
makes sure that when using sub-second timeouts, there's no final bad 1000ms
  wait. Previously, a sub-second timeout would often make the elapsed time end
  up the time rounded up to the nearest second (e.g. 1s for 200ms timeout)
2010-03-02 21:20:22 +00:00
Daniel Stenberg
6bf071df7e - Andrei Benea filed bug report #2956698 and pointed out that the
CURLOPT_CERTINFO feature leaked memory due to a missing OpenSSL function
  call. He provided the patch to fix it too.

  http://curl.haxx.se/bug/view.cgi?id=2956698
2010-03-02 13:41:18 +00:00
Daniel Stenberg
7c028a8332 - Markus Duft pointed out in bug #2961796 that even though Interix has a
poll() function it doesn't quite work the way we want it so we must disable
  it, and he also provided a patch for it.

  http://curl.haxx.se/bug/view.cgi?id=2961796
2010-03-02 13:34:57 +00:00
Daniel Stenberg
13ac29382f - Made the pingpong timeout code properly deal with the response timeout AND
the global timeout if set. Also, as was reported in the bug report #2956437
  by Ryan Chan, the time stamp to use as basis for the per command timeout was
  not set properly in the DONE phase for FTP (and not for SMTP) so I fixed
  that just now. This was a regression compared to 7.19.7 due to the
  conversion of FTP code over to the generic pingpong concepts.

  http://curl.haxx.se/bug/view.cgi?id=2956437
2010-03-02 13:26:23 +00:00
Daniel Stenberg
53aa6b21fe - Ben Greear provided an update for TFTP that fixes upload. 2010-03-01 22:14:47 +00:00
Daniel Stenberg
496002ea1c - Wesley Miaw reported bug #2958179 which identified a case of looping during
OpenSSL based SSL handshaking even though the multi interface was used and
  there was no good reason for it.

  http://curl.haxx.se/bug/view.cgi?id=2958179
2010-03-01 21:59:07 +00:00
Daniel Stenberg
03a57308b9 - Pat Ray in bug #2958474 pointed out an off-by-one case when receiving a
chunked-encoding trailer.

  http://curl.haxx.se/bug/view.cgi?id=2958474
2010-02-26 22:55:30 +00:00
Dan Fandrich
507d58435a Fixed a couple of out of memory leaks and a segfault in the IMAP code. 2010-02-26 21:24:44 +00:00
Dan Fandrich
cce81a7f45 Fixed a couple of out of memory leaks and a segfault in the SMTP code. 2010-02-25 08:07:06 +00:00
Yang Tse
6a8aa246ff Fixed bug report #2958074 indicating
(http://curl.haxx.se/bug/view.cgi?id=2958074) that curl on Windows with
option --trace-time did not use local time when timestamping trace lines.
This could also happen on other systems depending on time souurce.
2010-02-25 06:59:04 +00:00
Patrick Monnerat
338553eda3 - Proper handling of STARTTLS on SMTP, taking CURLUSESSL_TRY into account.
- SMTP falls back to RFC821 HELO when EHLO fails (and SSL is not required).
- Use of true local host name (i.e.: via gethostname()) when available, as default argument to SMTP HELO/EHLO.
- Test case 804 for HELO fallback.
2010-02-22 12:41:02 +00:00
Daniel Stenberg
a4a60afabb - Fixed the SMTP compliance by making sure RCPT TO addresses are specified
properly in angle brackets. Recipients provided with CURLOPT_MAIL_RCPT now
  get angle bracket wrapping automatically by libcurl unless the recipient
  starts with an angle bracket as then the app is assumed to deal with that
  properly on its own.
2010-02-20 22:29:59 +00:00
Daniel Stenberg
a434cb43e8 - I made the SMTP code expect a 250 response back from the server after the
full DATA has been sent, and I modified the test SMTP server to also send
  that response. As usual, the DONE operation that is made after a completed
  transfer is still not doable in a non-blocking way so this waiting for 250
  is unfortunately made blockingly.
2010-02-20 21:56:48 +00:00
Yang Tse
a07bc79117 removed trailing whitespace 2010-02-14 19:40:18 +00:00
Yang Tse
68d83a8142 Overhauled test suite getpart() function. Fixing potential out of bounds
stack and memory overwrites triggered with huge test case definitions.
2010-02-14 13:14:17 +00:00
Daniel Stenberg
b4ff6d3007 - Martin Hager reported and fixed a problem with a missing quote in libcurl.m4
(http://curl.haxx.se/bug/view.cgi?id=2951319)
2010-02-13 21:30:16 +00:00
Daniel Stenberg
c703d01a23 - Tom Donovan fixed the CURL_FORMAT_* defines when building with cmake. 2010-02-13 17:51:30 +00:00
Daniel Stenberg
975814368a - Jack Zhang reported a problem with SMTP: we wrongly used multiple addresses
in the same RCPT TO line, when they should be sent in separate single
  commands. I updated test case 802 to verify this.

- I also fixed a bad use of my_setopt_str() of CURLOPT_MAIL_RCPT in the curl
  tool which made it try to output it as string for the --libcurl feature
  which could lead to crashes.
2010-02-12 22:23:46 +00:00
Yang Tse
c3b87d1b4f mention last changes 2010-02-11 07:36:34 +00:00
Daniel Stenberg
f2f07dad34 spell and 7.20.0 2010-02-09 10:06:48 +00:00
Daniel Stenberg
06ae8ca5a6 - When downloading compressed content over HTTP and the app as asked libcurl
to automatically uncompress it with the CURLOPT_ENCODING option, libcurl
  could wrongly provide the callback with more data than what the maximum
  documented amount. An application could thus get tricked into badness if the
  maximum limit was trusted to be enforced by libcurl itself (as it is
  documented).

  This is further detailed and explained in the libcurl security advisory
  20100209 at

    http://curl.haxx.se/docs/adv_20100209.html
2010-02-09 09:35:48 +00:00
Dan Fandrich
680434f313 Changed the Watcom makefiles to make them easier to keep in sync with
Makefile.inc since that can't be included directly.
2010-02-03 23:07:11 +00:00
Yang Tse
2dfbd0d050 mention a couple of changes back from November 2010-02-02 15:23:13 +00:00
Yang Tse
49ba75af26 - Symbol CURL_FORMAT_OFF_T now obsoleted, will be removed in a future release,
symbol will not be available when building with CURL_NO_OLDIES defined. Use
  of CURL_FORMAT_CURL_OFF_T is preferred since 7.19.0
2010-02-02 12:58:49 +00:00
Daniel Stenberg
55f1e787f3 We introduce a loop in lib/multi.c around all calls to multi_runsingle() and
simply check for CURLM_CALL_MULTI_PERFORM internally. This has the added
benefit that this goes in line with my long-term wishes to get rid of the
CURLM_CALL_MULTI_PERFORM all together from the public API.
2010-02-01 21:42:44 +00:00
Yang Tse
3cb76e5ebb mention asynchronous DNS lookups enhancements 2010-01-27 18:10:35 +00:00
Daniel Stenberg
c82a1f95eb - Mike Crowe made libcurl return CURLE_COULDNT_RESOLVE_PROXY when it is the
proxy that cannot be resolved when using c-ares. This matches the behaviour
  when not using c-ares.
2010-01-26 22:59:43 +00:00