Commit Graph

10228 Commits

Author SHA1 Message Date
Gunter Knauf
9682c2037e Added support for server name indication (RFC 4366).
Patch submitted by Kaspar Brand.
2008-02-26 10:30:13 +00:00
Daniel Stenberg
74241e7d85 - Kaspar Brand made GnuTLS-built libcurl properly acknowledge the option that
forces it to prefer SSLv3.
2008-02-25 07:51:39 +00:00
Daniel Stenberg
3154f04fb9 now builds and runs with GnuTLS-built libcurls too 2008-02-23 23:00:24 +00:00
Daniel Stenberg
6982ed4db7 - Sam Listopad provided a patch in feature-request #1900014
http://curl.haxx.se/bug/feature.cgi?id=1900014 that makes libcurl (built to
  use OpenSSL) support a full chain of certificates in a given PKCS12
  certificate.
2008-02-23 12:27:45 +00:00
Daniel Stenberg
9dd3e4d481 - Georg Lippitsch made the src/Makefile.vc6 makefile use the same memory model
options as the lib/Makefile.vc6 already did.
2008-02-22 22:53:01 +00:00
Yang Tse
1d95109ffa Revert sockfilt.c back to revision 1.42
Changes introduced in revision 1.43 were useless
2008-02-22 09:31:18 +00:00
Daniel Stenberg
e9bb7b7712 - Zmey Petroff found a crash when libcurl accessed a NULL pointer, which
happened if you set the connection cache size to 1 and for example failed to
  login to an FTP site. Bug report #1896698
  (http://curl.haxx.se/bug/view.cgi?id=1896698)
2008-02-21 17:52:16 +00:00
Gunter Knauf
5e9c564883 fixed missing header; changed bail out from exit() to return().
Mentioned on the list by Michal Marek.
2008-02-21 15:02:14 +00:00
Daniel Stenberg
3bb4602227 assert that the *connp is a non-NULL pointer when Curl_done() is called 2008-02-21 12:28:45 +00:00
Yang Tse
064eebeaf1 Avoid timeout restart when signal caught while awaiting socket and stdin events 2008-02-20 17:17:18 +00:00
Gunter Knauf
4ae644e427 reformatted comment. 2008-02-20 12:36:35 +00:00
Gunter Knauf
d208e56b16 added read callback function in order to prevent crashs on Win32 when linked against DLL: 2008-02-20 12:33:45 +00:00
Daniel Stenberg
e6170eb20d - Fixed test case 405 to not fail when libcurl is built with GnuTLS 2008-02-20 12:18:08 +00:00
Daniel Stenberg
2c80bcbc81 made the non-matching error code output nicer since we know it is a number
and the string contains a newline...
2008-02-20 12:14:31 +00:00
Gunter Knauf
b60dbfa9e9 mention removal of SSLv2 by default. 2008-02-20 11:58:20 +00:00
Daniel Stenberg
9019fc5671 oops, fixed to build 2008-02-20 10:01:28 +00:00
Daniel Stenberg
5db0f70491 "118 - Gautam Kachroo's issue with proxies and ssl" is now in CVS 2008-02-20 09:58:42 +00:00
Daniel Stenberg
53a549000c - Based on initial work done by Gautam Kachroo to address a bug, we now keep
better control at the exact state of the connection's SSL status so that we
  know exactly when it has completed the SSL negotiation or not so that there
  won't be accidental re-uses of connections that are wrongly believed to be
  in SSL-completed-negotiate state.
2008-02-20 09:56:26 +00:00
Daniel Stenberg
55700cb01f - We no longer support setting the CURLOPT_URL option from inside a callback
such as the CURLOPT_SSL_CTX_FUNCTION one treat that as if it was a Location:
  following. The patch that introduced this feature was done for 7.11.0, but
  this code and functionality has been broken since about 7.15.4 (March 2006)
  with the introduction of non-blocking OpenSSL "connects".

  It was a hack to begin with and since it doesn't work and hasn't worked
  correctly for a long time and nobody has even noticed, I consider it a very
  suitable subject for plain removal. And so it was done.
2008-02-20 08:28:02 +00:00
Gunter Knauf
f9a6062081 applied patch to disable SSLv2 by default; discussion:
http://sourceforge.net/tracker/index.php?func=detail&aid=1767276&group_id=976&atid=350976
Submitted by Kaspar Brand.
2008-02-19 23:10:07 +00:00
Dan Fandrich
0cae201044 Added test309 to test HTTP redirect to HTTPS URL 2008-02-19 21:57:41 +00:00
Yang Tse
9df37b93df juggle() actually returns bool.
Remove redundant and unreachable log message.
2008-02-19 18:51:08 +00:00
Yang Tse
7b5c86033a fix compiler warnings: 'statement is unreachable' 2008-02-19 17:25:19 +00:00
Gunter Knauf
ade0890746 fix for new codestyle. 2008-02-19 16:23:03 +00:00
Gunter Knauf
7a5596bf02 made changes to work with Win32;
replaced fstat() with stat() call and bail out if local file not found.
2008-02-19 16:13:52 +00:00
Yang Tse
d2125cf501 fix compiler warnings: 'enumerated type mixed with another type' 2008-02-19 15:07:50 +00:00
Yang Tse
c9eb41c056 Reduce to 20 seconds the time allowed to set SO_REUSEADDR option on sockfilt listener socket.
Log some more error descriptions.
2008-02-18 20:13:30 +00:00
Daniel Stenberg
0d722204c3 https_getsock() should be static all over (and did some fixed indenting) 2008-02-18 19:53:31 +00:00
Daniel Stenberg
e829d5643f the ca-bundle is now removed 2008-02-18 16:55:27 +00:00
Gunter Knauf
1093287494 added makefile for MingW32 to build most of the samples. 2008-02-18 15:43:23 +00:00
Gunter Knauf
6398f71cc4 moved sample program defines into separate Makefile.inc so that other makefiles can pick up the defines from there. 2008-02-18 15:32:34 +00:00
Gunter Knauf
e2b50b203d added check symbol for linking with POSIX prelude. 2008-02-18 15:30:11 +00:00
Yang Tse
ab0de23d83 fix compiler warnings:
'enumerated type mixed with another type'

and

  'variable was set but never used'
2008-02-18 13:05:46 +00:00
Daniel Stenberg
ec54fbd9ed just mention in --cacert that curl normally has a default ca cert path built-in 2008-02-18 11:40:52 +00:00
Daniel Stenberg
074bd2a19b the ca-bundle is no longer shipped 2008-02-18 11:39:11 +00:00
Daniel Stenberg
fb23b85770 - We're no longer providing a very old ca-bundle in the curl tarball. You can
get a fresh one downloaded and created with 'make ca-bundle' or you can get
  one from here => http://curl.haxx.se/docs/caextract.html if you want a fresh
  new one extracted from Mozilla's recent list of ca certs.

  The configure option --with-ca-bundle now lets you specify what file to use
  as default ca bundle for your build. If not specified, the configure script
  will check a few known standard places for a global ca cert to use.
2008-02-18 11:35:12 +00:00
Daniel Stenberg
3458ce9ae5 - Jerome Muffat-Meridol helped me fix Curl_done() to close the current
connection by force when it was called before the entire request is
  completed, simply because we can't know if the connection really can be
  re-used safely at that point.
2008-02-17 13:49:58 +00:00
Daniel Stenberg
ba3e7a8656 rephrased comment 2008-02-17 13:49:01 +00:00
Daniel Stenberg
240bae4eb2 In Curl_done() if premature is TRUE, it means this connection was said to be
DONE before the entire request operation is complete and thus we can't know in
what state it is for re-using, so we're forced to close it. In a perfect world
we can add code that keep track of if we really must close it here or not, but
currently we have no such detail knowledge.

Jerome Muffat-Meridol helped us work this out.
2008-02-17 13:43:32 +00:00
Daniel Stenberg
4180ca7638 don't do the GOT_NOTHING error check if the DONE function was called with
premature set TRUE, which means it was done before the request comleted. It
could then very well not have received any data.
2008-02-17 13:40:35 +00:00
Daniel Stenberg
0e73361a06 added a comment about the ignoring of the Curl_done() return code 2008-02-17 13:38:19 +00:00
Yang Tse
23547fa2a0 sockfilt will quit when orphaned 2008-02-17 04:36:08 +00:00
Daniel Stenberg
550d6f74b9 oops, that was debug code not meant to be committed like this... 2008-02-16 13:44:23 +00:00
Daniel Stenberg
f7b71c2abe fix warnings about shadowing 2008-02-16 13:41:55 +00:00
Gunter Knauf
0da90b5d91 seems that curently we dont need the imports from (l)ldapx.imp. 2008-02-16 00:44:14 +00:00
Gunter Knauf
f20c94ced9 fixed linker def file for tools when compiled with gcc/nlmconv. 2008-02-16 00:21:58 +00:00
Gunter Knauf
3e635a2334 re-ordered the module dependency list;
removed unsused ldap module dependency since the module didnt autounload from protected address space.
2008-02-16 00:15:30 +00:00
Daniel Stenberg
e78652d850 - Made the gnutls code path not even try to get the server cert if no peer
verification is requested. Previously it would even return failure if gnutls
  failed to get the server cert even though no verification was asked for.

- Fix my Curl_timeleft() leftover mistake in the gnutls code
2008-02-15 22:37:00 +00:00
Daniel Stenberg
48918c3047 mention that we explicitly ignore the return code 2008-02-15 21:38:54 +00:00
Yang Tse
dc42d6fb8d log SSH public key authentication failure and reason 2008-02-15 17:00:56 +00:00