Commit Graph

17583 Commits

Author SHA1 Message Date
Marc Hoersken
e08d0662b7 RELEASE-NOTES: added note about impact of changes to WinSSL defaults 2014-02-22 16:57:29 +01:00
Marc Hoersken
b5486adc9b stunnel: regenerated self-signed test certificate with SHA1 hash
The previous test certificate contained a MD5 hash which is not
supported using TLSv1.2 with Schannel on Windows 7 or newer.

See the update to this blog post on IEInternals / MSDN:
http://blogs.msdn.com/b/ieinternals/archive/2011/03/25/
misbehaving-https-servers-impair-tls-1.1-and-tls-1.2.aspx

"Update: If the server negotiates a TLS1.2 connection with a
Windows 7 or 8 schannel.dll-using client application, and it
provides a certificate chain which uses the (weak) MD5 hash
algorithm, the client will abort the connection (TCP/IP FIN)
upon receipt of the certificate."
2014-02-22 16:49:09 +01:00
Dan Fandrich
a660c0dbe6 easy: Fixed a memory leak on OOM condition 2014-02-22 15:41:59 +01:00
Steve Holme
3521e4e40d tool_paramhlp: Fixed compilation warnings
declaration of 'index' shadows a global declaration
2014-02-20 23:18:48 +00:00
Steve Holme
873178a657 lib1515.c: Fixed #include path in commit 647f83e809 2014-02-19 20:36:36 +00:00
Maks Naumov
647f83e809 test1515: fix compilation with msvc
... or any other systems lacking a native snprintf
2014-02-19 13:50:17 +01:00
Daniel Stenberg
0d6225ad0d SFTP: skip reading the dir when NOBODY=1
When asking for an SFTP directory with NOBODY set, no directory contents
should be retrieved.

Bug: http://curl.haxx.se/mail/lib-2014-02/0155.html
2014-02-19 10:40:28 +01:00
Dan Fandrich
8749bbe7fd axtls: comment the call ssl_read repeatedly loop 2014-02-18 21:14:09 +01:00
Kamil Dudka
03c288202e curl.1: update the description of --tlsv1
... and mention the --tlsv1.[0-2] options in the --tslv1 entry

Reported-by: Hubert Kario
2014-02-18 10:35:41 +01:00
Daniel Stenberg
938f93549f curl_version.3: recommend using curl_version_info() instead 2014-02-18 08:59:56 +01:00
Daniel Stenberg
911a5c3646 curl_version_info.3: added *HTTP2
... and edited language slightly
2014-02-18 08:59:38 +01:00
Daniel Stenberg
f207f7e427 curl_multi_assign.3: updated language 2014-02-18 08:51:03 +01:00
Daniel Stenberg
b1096d2352 libcurl.3: edited slightly to improve readability 2014-02-18 08:46:46 +01:00
Daniel Stenberg
452a4d90a4 curl_easy_perform.3: extended and clarified 2014-02-18 08:30:59 +01:00
Daniel Stenberg
860424bb06 curl_multi_add_handle.3: clarify multi vs easy use
it is only WHILE added to a multi handle that it can't be used with the
easy interface
2014-02-18 08:29:39 +01:00
Tatsuhiro Tsujikawa
035b91a26c http2: Support HTTP POST/PUT
This patch enables HTTP POST/PUT in HTTP2.
We disabled Expect header field and  chunked transfer encoding
since HTTP2 forbids them.
In HTTP1, Curl sends small upload data with request headers, but
HTTP2 requires upload data must be in DATA frame separately.
So we added some conditionals to achieve this.
2014-02-17 23:45:58 +01:00
Daniel Stenberg
e9dfdef411 RELEASE-NOTES: synced with 854aca5420 2014-02-17 11:16:41 +01:00
Daniel Stenberg
854aca5420 multi: ignore sigpipe internally
When the multi API is used we must also ignore SIGPIPE signals when
caused by things we do, like they can easily be generated by OpenSSL.
2014-02-17 10:35:21 +01:00
Dan Fandrich
4b4e8a5853 tests: Made the crypto test feature usable
This feature specifies the availability of cryptographic
authentication, which can be disabled at compile-time
2014-02-17 09:50:46 +01:00
Dan Fandrich
184c3e2d37 configure: Fix the --disable-crypto-auth option
It now disables NTLM and GSS authentication methods, and produces
compilable code when SSL is enabled.
2014-02-17 09:50:46 +01:00
Daniel Stenberg
b04c158adf curl_multi_setopt.3: clarify CURLMOPT_MAXCONNECTS 2014-02-17 09:29:25 +01:00
Shao Shuchao
2111c2ed07 ConnectionDone: default maxconnects to 4 x number of easy handles
... as documented!
2014-02-17 09:29:25 +01:00
Daniel Stenberg
1f60728f81 examples: remove all use of CURLM_CALL_MULTI_PERFORM
... since it is never returned since a long while back.
2014-02-17 08:25:39 +01:00
Colin Hogben
0d94640c9b curl_easy_setopt.3: Add another non-matching hostname
For the avoidance of doubt, show a domain which contains the no-proxy
pattern but not at the top level.
2014-02-16 23:32:24 +01:00
Daniel Stenberg
575a2b684b axtls: bump copyright year 2014-02-16 23:31:47 +01:00
Fabian Frank
86f266b004 axtls: call ssl_read repeatedly
Perform more work in between sleeps. This is work around the
fact that axtls does not expose any knowledge about when work needs
to be performed. Depending on connection and how often perform is
being called this can save ~25% of time on SSL handshakes (measured
on 20ms latency connection calling perform roughly every 10ms).
2014-02-16 23:30:21 +01:00
Yehezkel Horowitz
79a9f8c942 url_easy_setopt.3: Add undocumented values of curl_infotype
... for debug function
2014-02-16 23:27:16 +01:00
Daniel Stenberg
d765099813 ConnectionExists: re-use connections better
When allowing NTLM, the re-use connection logic was too focused on
finding an existing NTLM connection to use and didn't properly allow
re-use of other ones. This made the logic not re-use perfectly re-usable
connections.

Added test case 1418 and 1419 to verify.

Regression brought in 8ae35102c (curl 7.35.0)

Reported-by: Jeff King
Bug: http://thread.gmane.org/gmane.comp.version-control.git/242213
2014-02-16 14:30:02 +01:00
Steve Holme
f3bae6ed73 tool_paramhlp: Added URL index to password prompt for multiple operations 2014-02-16 11:13:16 +00:00
Marc Hoersken
013e9a11ff sockfilt.c: add undefs which are required after 6239146e 2014-02-16 11:52:48 +01:00
Steve Holme
77a51364a4 warnless: Updated copyright year for recent changes 2014-02-16 10:39:46 +00:00
Marc Hoersken
6239146e93 warnless: add wrapper function for read and write on Windows 2014-02-16 11:03:22 +01:00
Steve Holme
dc0f8c04ec examples: Added IMAP LSUB example 2014-02-16 00:09:22 +00:00
Steve Holme
2de045ff7c tool_operate: Changed the required argument check/get to be upfront
Rather than check for required arguments, and prompt for any host and
proxy passwords, as each operation is performed, changed the code so
all configurations are checked before any operations are performed.

This allows the user to input all the required passwords, for example,
upfront rather than wait for each operation.
2014-02-15 18:59:12 +00:00
Steve Holme
f80ca7a05a tool_operate: Moved required argument getting into separate function 2014-02-15 16:31:32 +00:00
Dan Fandrich
89070d0e68 valgrind: added another test 165 suppression
This one is needed with the gcc options -fstack-protector-all -O2
That brings the number of suppressions for test 165 to four, and I
suspect I could find another two missing without trying very hard. I'm
beginning to think suppressions isn't the best way to handle these
kinds of cases.
2014-02-15 09:27:21 +01:00
Marc Hoersken
779afe3bbf testsuite: more Windows line-endings fixes 2014-02-15 09:19:27 +01:00
Marc Hoersken
f3ce1af9fc test1114: fix line-endings checks on Windows after 75f00de 2014-02-15 09:14:36 +01:00
Marc Hoersken
3c2c1f9876 test1113: fix line-endings checks on Windows after 75f00de5 2014-02-15 09:12:59 +01:00
Marc Hoersken
8451623b45 lib1515.c: Added support for Windows using the Sleep function 2014-02-14 22:17:54 +01:00
Marc Hoersken
0a568867c0 HTTP tests: use CRLF as header seperator according to RFC 2616
Updates the test suite to handle binary-mode header output.
2014-02-14 20:12:28 +01:00
Marc Hoersken
91c13d759a curl: output protocol headers using binary mode
Since protocol headers contain explicit line-endings there should
be no automatic conversion to ASCII text or CRLF line-endings.

This might break third party tools that already depend on this
behaviour. We might need to introduce an option to make this optional.
2014-02-14 20:12:28 +01:00
Marc Hoersken
89c29aa70f HTTP tests: use CRLF as header seperator according to RFC 2616
Changes LF to CRLF and disables automatic output conversion.
2014-02-14 20:12:27 +01:00
Marc Hoersken
75f00de55c testsuite: use binary output mode for custom curl test tools
Do not try to convert line-endings to CRLF on Windows by setting stdout
to binary mode, just like the curl tool does if --ascii is not specified.

This should prevent corrupted stdout line-ending output like CRCRLF.

In order to make the previously naive text-aware tests work with
binary mode on Windows, text-mode is disabled for them if it is not
actually part of the test case and line-endings are corrected.
2014-02-14 20:12:27 +01:00
Marc Hoersken
69745aaa45 testsuite: changed HTTP and RTSP header line-endings to CRLF
According to RFC 2616 and RFC 2326 individual protocol elements, like
headers and except the actual content, are terminated by using CRLF.

Therefore the test data files for these protocols need to contain
mixed line-endings if the actual protocol elements use CRLF while
the file uses LF.
2014-02-14 20:12:26 +01:00
Colin Hogben
01844658df curl_easy_setopt.3: Fix word order of CURLOPT_PROXY section
The word CURLOPT_PROXYPORT became detached from its sentence when the
note about the default was added.
2014-02-14 16:16:46 +01:00
Patrick Monnerat
38a56a9d94 OS400: Add new options to RPG binding. 2014-02-14 11:13:01 +01:00
Dan Fandrich
25600bdf75 valgrind: added suppression on optimized code
gcc 4.7.2 with -O2 will optimize Curl_connect by inlining some
functions two levels deep, which makes the valgrind suppression
fail to match. The underlying reason for these idna suppressions is
a gcc strlen optimization when compiling libidn; compiling it with
-fno-builtin-strlen makes this suppression unnecessary.
2014-02-14 08:48:23 +01:00
Arvid Norberg
1813a77b02 dict: fix memory leak in OOM exit path
Bug: https://github.com/bagder/curl/pull/90
2014-02-14 08:21:41 +01:00
Daniel Stenberg
d3d871cb4f Curl_urldecode: don't allow NULL as receiver
For a function that returns a decoded version of a string, it seems
really strange to allow a NULL pointer to get passed in which then
prevents the decoded data from being returned!

This functionality was not documented anywhere either.

If anyone would use it that way, that memory would've been leaked.

Bug: https://github.com/bagder/curl/pull/90
Reported-by: Arvid Norberg
2014-02-13 23:57:40 +01:00