mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2024-11-21 01:16:58 +08:00
Code Issues Packages Projects Releases Wiki Activity
15,542 Commits 14 Branches 221 Tags 221 MiB
C 74.8%
Perl 8.1%
M4 5%
Python 4.1%
CMake 2.4%
Other 5.6%
e237402c47
Go to file
Gabriel Sjoberg e237402c47 Digst: Add microseconds into nounce calculation 
When using only 1 second precision, curl doesn't create new cnonce
values quickly enough for all uses.

For example, issuing the following command multiple times to a recent
Tomcat causes authentication failures:

curl --digest -utest:test http://tomcat.test.com:8080/manager/list

This is because curl uses the same cnonce for several seconds, but
doesn't increment the nonce counter.  Tomcat correctly interprets
this as a replay attack and rejects the request.

When microsecond-precision is available, this commit causes curl to
change cnonce values much more frequently.

With microsecond resolution, increasing the nounce length used in the
headers to 32 was made to further reduce the risk of duplication.
2012-11-12 11:46:27 +01:00
CMake cmake: use standard findxxx modules for cmake v2.8+ 2012-09-17 23:22:09 +02:00
docs CURLOPT_SSL_VERIFYHOST: stop supporting the 1 value 2012-11-06 19:46:53 +01:00
include version-bump: towards 7.28.1! 2012-10-10 22:35:08 +02:00
lib Digst: Add microseconds into nounce calculation 2012-11-12 11:46:27 +01:00
m4 configure: remove the --enable/disable-nonblocking options 2012-08-16 19:24:33 +02:00
packages Updated Symbian build files 2012-09-03 22:54:58 +02:00
perl removed trailing whitespace 2011-12-30 03:36:18 +01:00
src tool_metalink: allow to use hash algorithms provided by NSS 2012-11-09 10:42:54 +01:00
tests Fix compilation of lib1501 2012-11-08 18:33:47 +01:00
winbuild winbuild: Use machine type of development environment 2012-11-01 22:23:05 +01:00
.gitattributes Tell git to not convert configure-related files. 2012-07-17 20:35:23 +02:00
.gitignore Moved some patterns to subfolder's .gitignore. 2012-07-03 14:31:50 +02:00
acinclude.m4 configure: NATIVE_WINDOWS no longer defined in config files 2012-04-12 13:08:48 +02:00
Android.mk Updated build docs w.r.t. Android and binary sizes 2012-09-03 22:41:03 +02:00
buildconf curl tool: use configuration files from lib directory 2012-04-06 23:37:05 +02:00
buildconf.bat curl tool: use configuration files from lib directory - follow-up II 2012-04-09 21:39:03 +02:00
CHANGES CHANGES: move all contents from CHANGES to CHANGES.0 2010-06-21 22:27:39 +02:00
CHANGES.0 removed trailing whitespace 2011-12-30 03:36:18 +01:00
CMakeLists.txt configure: NATIVE_WINDOWS no longer defined in config files 2012-04-12 13:08:48 +02:00
configure.ac configure: update the copyright years for the output 2012-08-19 00:18:34 +02:00
COPYING Updated copyright year. 2012-04-13 20:35:02 +02:00
CTestConfig.cmake ENH: move dashboard location 2009-07-15 19:40:46 +00:00
curl-config.in curl-config: parentheses fix 2012-08-07 14:13:09 +02:00
curl-style.el remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
GIT-INFO s/CVS/git 2010-03-22 00:41:34 +01:00
install-sh removed trailing whitespace 2010-02-14 19:40:18 +00:00
libcurl.pc.in Fix libcurl.pc and curl-config generation for static MingW* cross builds 2012-05-26 00:01:00 +02:00
log2changes.pl log2changes.pl: fix the Version output 2012-06-07 23:50:00 +02:00
MacOSX-Framework MacOSX-Framework: updates for Snowleopard 2010-09-21 00:07:45 +02:00
Makefile.am make: make distclean work again 2012-07-20 21:56:27 +02:00
Makefile.dist Changed some main makefile targets. 2011-09-25 17:43:50 +02:00
Makefile.msvc.names build: refactoring of msvc makefiles to allow overriding of library filenames. 2010-12-20 21:53:44 +01:00
maketgz curl tool: use configuration files from lib directory 2012-04-06 23:37:05 +02:00
missing renamed generated config.h to curl_config.h in order to avoid clashes when libcurl is used with other projects which also have a config.h. 2009-07-14 13:25:14 +00:00
mkinstalldirs remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
README various changes of CVS to git 2010-03-22 00:34:09 +01:00
RELEASE-NOTES tool_metalink: allow to use hash algorithms provided by NSS 2012-11-09 10:42:54 +01:00
sample.emacs remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
TODO-RELEASE TODO-RELEASE: cleanup for 7.28.0 2012-10-09 00:34:16 +02:00
vc6curl.dsw

README 

                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|

README

  Curl is a command line tool for transferring data specified with URL
  syntax. Find out how to use curl by reading the curl.1 man page or the
  MANUAL document. Find out how to install Curl by reading the INSTALL
  document.

  libcurl is the library curl is using to do its job. It is readily
  available to be used by your software. Read the libcurl.3 man page to
  learn how!

  You find answers to the most frequent questions we get in the FAQ document.

  Study the COPYING file for distribution terms and similar. If you distribute
  curl binaries or other binaries that involve libcurl, you might enjoy the
  LICENSE-MIXING document.

CONTACT

  If you have problems, questions, ideas or suggestions, please contact us
  by posting to a suitable mailing list. See http://curl.haxx.se/mail/

  All contributors to the project are listed in the THANKS document.

WEB SITE

  Visit the curl web site for the latest news and downloads:

        http://curl.haxx.se/

GIT

  To download the very latest source off the GIT server do this:

    git clone git://github.com/bagder/curl.git

  (you'll get a directory named curl created, filled with the source code)

NOTICE

  Curl contains pieces of source code that is Copyright (c) 1998, 1999
  Kungliga Tekniska Högskolan. This notice is included here to comply with the
  distribution terms.