Dan Fandrich [Wed, 30 Jul 2014 22:31:36 +0000 (00:31 +0200)]
cyassl: fix the test for ASN_NO_SIGNER_E
It's an enum so a macro test won't work. The CyaSSL changelog doesn't
say exactly when this error code was introduced, but it's likely
to be 2.7.0.
Dan Fandrich [Wed, 30 Jul 2014 22:09:13 +0000 (00:09 +0200)]
cyassl: use RNG_GenerateBlock to generate a good random number
Dan Fandrich [Wed, 30 Jul 2014 21:36:18 +0000 (23:36 +0200)]
opts: fixed some typos
Dan Fandrich [Wed, 30 Jul 2014 21:18:47 +0000 (23:18 +0200)]
smtp: fixed a segfault during test 1320 torture test
Under these circumstances, the connection hasn't been fully established
and smtp_connect hasn't been called, yet smtp_done still calls the state
machine which dereferences the NULL conn pointer in struct pingpong.
Daniel Stenberg [Wed, 30 Jul 2014 21:17:41 +0000 (23:17 +0200)]
vtls: repair build without TLS support
... by defining Curl_ssl_random() properly
Daniel Stenberg [Wed, 30 Jul 2014 18:59:16 +0000 (20:59 +0200)]
polarssl: provide a (weak) random function
This now provides a weak random function since PolarSSL doesn't have a
quick and easy way to provide a good one. It does however provide the
framework to make one so it _can_ and _should_ be done...
Michael Wallner [Wed, 30 Jul 2014 09:00:47 +0000 (11:00 +0200)]
curl_tlsinfo -> curl_tlssessioninfo
Daniel Stenberg [Wed, 30 Jul 2014 08:08:27 +0000 (10:08 +0200)]
cyassl: use the default (weeker) random
I couldn't find any dedicated function in its API to get a "good" random
with.
Daniel Stenberg [Wed, 30 Jul 2014 08:07:42 +0000 (10:07 +0200)]
cyassl: made it compile with version 2.0.6 again
ASN_NO_SIGNER_E didn't exist back then!
Daniel Stenberg [Tue, 3 Jun 2014 18:04:46 +0000 (20:04 +0200)]
vtls: make the random function mandatory in the TLS backend
To force each backend implementation to really attempt to provide proper
random. If a proper random function is missing, then we can explicitly
make use of the default one we use when TLS support is missing.
This commit makes sure it works for darwinssl, gnutls, nss and openssl.
Daniel Stenberg [Mon, 28 Jul 2014 22:06:03 +0000 (00:06 +0200)]
libcurl.m4: include the standard source header
... with permission from David Shaw
Kamil Dudka [Mon, 28 Jul 2014 14:27:04 +0000 (16:27 +0200)]
nss: do not check the version of NSS at run time
The minimal required version of NSS is 3.14.x so it does not make sense
to check for NSS 3.12.0+ at run time.
Anthon Pang [Sun, 27 Jul 2014 19:39:12 +0000 (19:39 +0000)]
curl.h: bring back CURLE_OBSOLETE16
Removing defines, even obsolete ones that haven't been used for a very
long time, still break a lot of applications.
Bug: https://github.com/bagder/curl/pull/106
Fabian Keil [Tue, 8 Jul 2014 10:47:58 +0000 (12:47 +0200)]
tests: Fix a couple of incomplete response lines
Fabian Keil [Thu, 19 Jun 2014 15:31:35 +0000 (17:31 +0200)]
runtests.pl: Remove filteroff() which hasn't been used since 2001
Fabian Keil [Thu, 19 Jun 2014 14:40:06 +0000 (16:40 +0200)]
runtests.pl: Don't expect $TESTDIR/DISABLED to exist
If a non-standard $TESTDIR is used the file may not be necessary.
Previously a "missing" file resulted in the warning:
readline() on closed filehandle D at ./runtests.pl line 4940.
Fabian Keil [Sun, 15 Jun 2014 15:21:14 +0000 (17:21 +0200)]
getpart.pm: Fix a comment typo
Daniel Stenberg [Fri, 25 Jul 2014 07:25:16 +0000 (09:25 +0200)]
c-ares: fix build without IPv6 support
Bug: http://curl.haxx.se/mail/lib-2014-07/0337.html
Reported-by: Spork Schivago
Daniel Stenberg [Fri, 25 Jul 2014 06:38:16 +0000 (08:38 +0200)]
Curl_base64url_encode: unit-tested in 1302
Daniel Stenberg [Fri, 25 Jul 2014 06:24:03 +0000 (08:24 +0200)]
base64: added Curl_base64url_encode()
This is now used by the http2 code. It has two different symbols at the
end of the base64 table to make the output "url safe".
Bug: https://github.com/tatsuhiro-t/nghttp2/issues/62
Marcel Raad [Thu, 24 Jul 2014 16:55:12 +0000 (18:55 +0200)]
SSPI Negotiate: Fix 3 memory leaks
Curl_base64_decode allocates the output string by itself and two other
strings were not freed either.
Daniel Stenberg [Thu, 24 Jul 2014 21:47:32 +0000 (23:47 +0200)]
symbols: CURL_VERSION_GSSNEGOTIATE is deprecated
Daniel Stenberg [Thu, 24 Jul 2014 21:46:11 +0000 (23:46 +0200)]
test1013.pl: GSS-Negotiate doesn't exist as a feature anymore
Sergey Nikulov [Thu, 24 Jul 2014 10:26:42 +0000 (14:26 +0400)]
libtest: fixed duplicated line in Makefile
Bug: https://github.com/bagder/curl/pull/105
Patrick Monnerat [Wed, 23 Jul 2014 16:56:19 +0000 (18:56 +0200)]
GSSAPI: remove useless *_MECHANISM defines.
Daniel Stenberg [Wed, 23 Jul 2014 16:16:38 +0000 (18:16 +0200)]
findprotocol: show unsupported protocol within quotes
... to aid when for example prefixed with a space or other weird
character.
Patrick Monnerat [Wed, 23 Jul 2014 14:15:01 +0000 (16:15 +0200)]
GSSAPI: private export mechanisms OIDs. OS400: Make RPG binding up to date.
Marcel Raad [Wed, 23 Jul 2014 10:05:47 +0000 (12:05 +0200)]
conncache: fix compiler warning
warning C4267: '=' : conversion from 'size_t' to 'long', possible loss
of data
The member connection_id of struct connectdata is a long (always a
32-bit signed integer on Visual C++) and the member next_connection_id
of struct conncache is a size_t, so one of them should be changed to
match the other.
This patch the size_t in struct conncache to long (the less invasive
change as that variable is only ever used in a single code line).
Bug: http://curl.haxx.se/bug/view.cgi?id=1399
Daniel Stenberg [Wed, 23 Jul 2014 07:52:06 +0000 (09:52 +0200)]
RELEASE-NOTES: synced with
81cd24adb8b
Daniel Stenberg [Wed, 23 Jul 2014 07:23:56 +0000 (09:23 +0200)]
http2: more and better error checking
1 - fixes the warnings when built without http2 support
2 - adds CURLE_HTTP2, a new error code for errors detected by nghttp2
basically when they are about http2 specific things.
Dan Fandrich [Tue, 22 Jul 2014 22:43:47 +0000 (00:43 +0200)]
cyassl.c: return the correct error code on no CA cert
CyaSSL 3.0.0 returns a unique error code if no CA cert is available,
so translate that into CURLE_SSL_CACERT_BADFILE when peer verification
is requested.
Daniel Stenberg [Tue, 22 Jul 2014 09:01:43 +0000 (11:01 +0200)]
symbols-in-versions: new SPNEGO/GSS-API symbols in 7.38.0
Daniel Stenberg [Tue, 22 Jul 2014 09:01:04 +0000 (11:01 +0200)]
test1013.pl: remove SPNEGO/GSS-API tweaks
No longer necessary after Michael Osipov's rework
Daniel Stenberg [Tue, 22 Jul 2014 09:00:43 +0000 (11:00 +0200)]
http_negotiate: remove unused variable
Michael Osipov [Mon, 21 Jul 2014 07:53:47 +0000 (09:53 +0200)]
docs: Improve inline GSS-API naming in code documentation
Michael Osipov [Mon, 21 Jul 2014 07:53:46 +0000 (09:53 +0200)]
curl.h/features: Deprecate GSS-Negotiate macros due to bad naming
- Replace CURLAUTH_GSSNEGOTIATE with CURLAUTH_NEGOTIATE
- CURL_VERSION_GSSNEGOTIATE is deprecated which
is served by CURL_VERSION_SSPI, CURL_VERSION_GSSAPI and
CURUL_VERSION_SPNEGO now.
- Remove display of feature 'GSS-Negotiate'
Michael Osipov [Mon, 21 Jul 2014 07:53:45 +0000 (09:53 +0200)]
configure/features: Add feature and version info for GSS-API and SPNEGO
Michael Osipov [Mon, 21 Jul 2014 07:53:44 +0000 (09:53 +0200)]
HTTP: Remove checkprefix("GSS-Negotiate")
That auth mech has never existed neither on MS nor on Unix side.
There is only Negotiate over SPNEGO.
Michael Osipov [Mon, 21 Jul 2014 07:53:43 +0000 (09:53 +0200)]
curl_gssapi: Add macros for common mechs and pass them appropriately
Macros defined: KRB5_MECHANISM and SPNEGO_MECHANISM called from
HTTP, FTP and SOCKS on Unix
Daniel Stenberg [Sat, 19 Jul 2014 21:58:58 +0000 (23:58 +0200)]
CONNECT: Revert Curl_proxyCONNECT back to 7.29.0 design
This reverts commit
cb3e6dfa3511 and instead fixes the problem
differently.
The reverted commit addressed a test failure in test 1021 by simplifying
and generalizing the code flow in a way that damaged the
performance. Now we modify the flow so that Curl_proxyCONNECT() again
does as much as possible in one go, yet still do test 1021 with and
without valgrind. It failed due to mistakes in the multi state machine.
Bug: http://curl.haxx.se/bug/view.cgi?id=1397
Reported-by: Paul Saab
Marcel Raad [Tue, 22 Jul 2014 09:26:16 +0000 (11:26 +0200)]
url.c: use the preferred symbol name: *READDATA
with CURL_NO_OLDIES defined, it doesn't compile because this deprecated
symbol (*INFILE) is used
Bug: http://curl.haxx.se/bug/view.cgi?id=1398
Alessandro Ghedini [Fri, 18 Jul 2014 09:18:56 +0000 (11:18 +0200)]
CURLOPT_CHUNK_BGN_FUNCTION: fix typo
Alessandro Ghedini [Thu, 17 Jul 2014 12:37:28 +0000 (14:37 +0200)]
build: link curl to NSS libraries when NSS support is enabled
This fixes a build failure on Debian caused by commit
24c3cdce88f39731506c287cb276e8bf4a1ce393.
Bug: http://curl.haxx.se/mail/lib-2014-07/0209.html
Steve Holme [Sat, 28 Jun 2014 12:55:31 +0000 (13:55 +0100)]
build: Removed unnecessary XML Documentation file directive from VC8 to VC12
The curl tool project files for VC8 to VC12 would set this setting to
$(IntDir) which is the Visual Studio default value. To avoid confusion
when viewing settings from within Visual Studio and for consistency
with the libcurl project files removed this setting.
Conflicts:
projects/Windows/VC10/src/curlsrc.tmpl
projects/Windows/VC11/src/curlsrc.tmpl
projects/Windows/VC12/src/curlsrc.tmpl
projects/Windows/VC8/src/curlsrc.tmpl
projects/Windows/VC9/src/curlsrc.tmpl
Steve Holme [Sat, 28 Jun 2014 12:41:05 +0000 (13:41 +0100)]
build: Removed unnecessary Precompiled Header file directive in VC7 to VC12
The curl tool project files for VC7 to VC12 would set this settings to
$(IntDir)$(TargetName).pch which is the Visual Studio default value. To
avoid confusion when viewing settings from within Visual Studio and for
consistency with the libcurl project files removed this setting.
Conflicts:
projects/Windows/VC10/src/curlsrc.tmpl
projects/Windows/VC11/src/curlsrc.tmpl
projects/Windows/VC12/src/curlsrc.tmpl
projects/Windows/VC8/src/curlsrc.tmpl
projects/Windows/VC9/src/curlsrc.tmpl
Steve Holme [Sat, 28 Jun 2014 12:25:19 +0000 (13:25 +0100)]
build: Removed unnecessary ASM and Object file directives in VC7 to VC12
The curl tool project files for VC7 to VC12 would set these settings to
$(IntDir) which is the Visual Studio default value. To avoid confusion
when viewing settings from within Visual Studio and for consistency
with the libcurl project files removed these two settings.
Dave Reisner [Tue, 8 Jul 2014 15:33:05 +0000 (17:33 +0200)]
src/Makefile.am: add .DELETE_ON_ERROR
This prevents targets like tool_hugehelp.c from leaving around
half-constructed files if the rule fails with GNU make.
Reported-by: Rafaël Carré <funman@videolan.org>
Daniel Stenberg [Thu, 17 Jul 2014 11:18:19 +0000 (13:18 +0200)]
THANKS: added new contributors from 7.37.1 announcement
Dan Fandrich [Wed, 16 Jul 2014 22:00:23 +0000 (00:00 +0200)]
testcurl.pl: log the value of --runtestopts in the test header
Daniel Stenberg [Wed, 16 Jul 2014 15:25:41 +0000 (17:25 +0200)]
RELEASE-NOTES: cleared, working towards next release
Daniel Stenberg [Wed, 16 Jul 2014 15:17:43 +0000 (17:17 +0200)]
curl_gssapi.c: make line shorter than 80 columns
David Woodhouse [Fri, 11 Jul 2014 11:11:14 +0000 (12:11 +0100)]
Fix negotiate auth to proxies to track correct state
David Woodhouse [Fri, 11 Jul 2014 09:59:37 +0000 (10:59 +0100)]
Don't abort Negotiate auth when the server has a response for us
It's wrong to assume that we can send a single SPNEGO packet which will
complete the authentication. It's a *negotiation* — the clue is in the
name. So make sure we handle responses from the server.
Curl_input_negotiate() will already handle bailing out if it thinks the
state is GSS_S_COMPLETE (or SEC_E_OK on Windows) and the server keeps
talking to us, so we should avoid endless loops that way.
David Woodhouse [Fri, 11 Jul 2014 10:09:34 +0000 (11:09 +0100)]
Don't clear GSSAPI state between each exchange in the negotiation
GSSAPI doesn't work very well if we forget everything ever time.
XX: Is Curl_http_done() the right place to do the final cleanup?
David Woodhouse [Fri, 11 Jul 2014 09:55:07 +0000 (10:55 +0100)]
Use SPNEGO for HTTP Negotiate
This is the correct way to do SPNEGO. Just ask for it
Now I correctly see it trying NTLMSSP authentication when a Kerberos ticket
isn't available. Of course, we bail out when the server responds with the
challenge packet, since we don't expect that. But I'll fix that bug next...
David Woodhouse [Fri, 11 Jul 2014 08:37:18 +0000 (09:37 +0100)]
Remove all traces of FBOpenSSL SPNEGO support
This is just fundamentally broken. SPNEGO (RFC4178) is a protocol which
allows client and server to negotiate the underlying mechanism which will
actually be used to authenticate. This is *often* Kerberos, and can also
be NTLM and other things. And to complicate matters, there are various
different OIDs which can be used to specify the Kerberos mechanism too.
A SPNEGO exchange will identify *which* GSSAPI mechanism is being used,
and will exchange GSSAPI tokens which are appropriate for that mechanism.
But this SPNEGO implementation just strips the incoming SPNEGO packet
and extracts the token, if any. And completely discards the information
about *which* mechanism is being used. Then we *assume* it was Kerberos,
and feed the token into gss_init_sec_context() with the default
mechanism (GSS_S_NO_OID for the mech_type argument).
Furthermore... broken as this code is, it was never even *used* for input
tokens anyway, because higher layers of curl would just bail out if the
server actually said anything *back* to us in the negotiation. We assume
that we send a single token to the server, and it accepts it. If the server
wants to continue the exchange (as is required for NTLM and for SPNEGO
to do anything useful), then curl was broken anyway.
So the only bit which actually did anything was the bit in
Curl_output_negotiate(), which always generates an *initial* SPNEGO
token saying "Hey, I support only the Kerberos mechanism and this is its
token".
You could have done that by manually just prefixing the Kerberos token
with the appropriate bytes, if you weren't going to do any proper SPNEGO
handling. There's no need for the FBOpenSSL library at all.
The sane way to do SPNEGO is just to *ask* the GSSAPI library to do
SPNEGO. That's what the 'mech_type' argument to gss_init_sec_context()
is for. And then it should all Just Work™.
That 'sane way' will be added in a subsequent patch, as will bug fixes
for our failure to handle any exchange other than a single outbound
token to the server which results in immediate success.
David Woodhouse [Fri, 11 Jul 2014 10:31:40 +0000 (11:31 +0100)]
ntlm_wb: Avoid invoking ntlm_auth helper with empty username
David Woodhouse [Fri, 11 Jul 2014 09:27:18 +0000 (10:27 +0100)]
ntlm_wb: Fix hard-coded limit on NTLM auth packet size
Bumping it to 1KiB in commit
aaaf9e50ec is all very well, but having hit
a hard limit once let's just make it cope by reallocating as necessary.
Daniel Stenberg [Wed, 16 Jul 2014 14:29:02 +0000 (16:29 +0200)]
RELEASE-NOTES: synced with
4cb2521595
Daniel Stenberg [Tue, 15 Jul 2014 22:09:58 +0000 (00:09 +0200)]
test506: verify
aa6884845168
After the fixed cookie lock deadlock, this test now passes and it
detects double-locking and double-unlocking of mutexes.
Yousuke Kimoto [Mon, 14 Jul 2014 18:38:18 +0000 (20:38 +0200)]
cookie: avoid mutex deadlock
... by removing the extra mutex locks around th call to
Curl_flush_cookies() which takes care of the locking itself already.
Bug: http://curl.haxx.se/mail/lib-2014-02/0184.html
Daniel Stenberg [Tue, 15 Jul 2014 19:28:10 +0000 (21:28 +0200)]
gnutls: fix compiler warning
conversion to 'int' from 'long int' may alter its value
Dan Fandrich [Mon, 14 Jul 2014 23:01:39 +0000 (01:01 +0200)]
test320: strip off the actual negotiated cipher width
It's irrelevant to the test, and will change depending on which SSL
library is being used by libcurl.
Dan Fandrich [Mon, 14 Jul 2014 20:27:03 +0000 (22:27 +0200)]
gnutls: detect lack of SRP support in GnuTLS at run-time and try without
Reported-by: David Woodhouse
Michał Górny [Sun, 15 Jun 2014 10:42:30 +0000 (12:42 +0200)]
configure: respect host tool prefix for krb5-config
Use ${host_alias}-krb5-config if available. This improves cross-
compilation support and fixes multilib on Gentoo (at least).
David Woodhouse [Mon, 14 Jul 2014 18:04:55 +0000 (20:04 +0200)]
gnutls: handle IP address in cert name check
Before GnuTLS 3.3.6, the gnutls_x509_crt_check_hostname() function
didn't actually check IP addresses in SubjectAltName, even though it was
explicitly documented as doing so. So do it ourselves...
Dan Fandrich [Mon, 14 Jul 2014 08:40:33 +0000 (10:40 +0200)]
build: set _POSIX_PTHREAD_SEMANTICS on Solaris to get proper getpwuid_r
Daniel Stenberg [Mon, 14 Jul 2014 17:30:50 +0000 (19:30 +0200)]
RELEASE-NOTES: next one is called 7.37.1
Dan Fandrich [Sat, 12 Jul 2014 23:30:52 +0000 (01:30 +0200)]
gnutls: improved error message if setting cipher list fails
Reported-by: David Woodhouse
Dan Fandrich [Sat, 12 Jul 2014 22:18:40 +0000 (00:18 +0200)]
netrc: fixed thread safety problem by using getpwuid_r if available
The old way using getpwuid could cause problems in programs that enable
reading from netrc files simultaneously in multiple threads.
Reported-by: David Woodhouse
Dan Fandrich [Sat, 12 Jul 2014 21:39:22 +0000 (23:39 +0200)]
RELEASE-NOTES: add the reporter of the previous bug fix
Dan Fandrich [Sat, 12 Jul 2014 18:19:34 +0000 (20:19 +0200)]
netrc: treat failure to find home dir same as missing netrc file
This previously caused a fatal error (with a confusing error code, at
that).
Reported by: Glen A Johnson Jr.
Steve Holme [Sat, 12 Jul 2014 14:23:39 +0000 (15:23 +0100)]
RELEASE-NOTES: Synced with
aaaf9e50ec
Steve Holme [Sat, 12 Jul 2014 13:56:47 +0000 (14:56 +0100)]
ntlm_wb: Fixed buffer size not being large enough for NTLMv2 sessions
Bug: http://curl.haxx.se/mail/lib-2014-07/0103.html
Reported-by: David Woodhouse
Steve Holme [Sat, 28 Jun 2014 12:02:03 +0000 (13:02 +0100)]
build: Fixed overridden compiler PDB settings in VC7 to VC12
The curl tool project files for VC7 to VC12 would override the default
setting with the output filename being the same as the linker PDB file.
As such the compiler file would be overwritten with the linker file
for all debug builds.
To avoid this overwrite and for consistency with the libcurl project
files, removed the setting to force the default filename to be used.
Dan Fandrich [Fri, 11 Jul 2014 23:49:35 +0000 (01:49 +0200)]
tests: added globbing keyword to URL globbing tests
Dan Fandrich [Fri, 11 Jul 2014 23:39:56 +0000 (01:39 +0200)]
Fixed some "statement not reached" warnings
Dan Fandrich [Fri, 11 Jul 2014 23:31:12 +0000 (01:31 +0200)]
gnutls: fixed a couple of uninitialized variable references
Dan Fandrich [Fri, 11 Jul 2014 22:33:16 +0000 (00:33 +0200)]
gnutls: fixed compilation against versions < 2.12.0
The AES-GCM ciphers were added to GnuTLS as late as ver. 3.0.1 but
the code path in which they're referenced here is only ever used for
somewhat older GnuTLS versions. This caused undeclared identifier errors
when compiling against those.
Dan Fandrich [Fri, 11 Jul 2014 21:55:53 +0000 (23:55 +0200)]
gnutls: explicitly added SRP to the priority string
This seems to have become necessary for SRP support to work starting
with GnuTLS ver. 2.99.0. Since support for SRP was added to GnuTLS
before the function that takes this priority string, there should be no
issue with backward compatibility.
Dan Fandrich [Fri, 11 Jul 2014 21:43:13 +0000 (23:43 +0200)]
tests: adjust for capitalization differences in newer gnutls-serv
Dan Fandrich [Fri, 11 Jul 2014 21:40:01 +0000 (23:40 +0200)]
test320/1/2/4: fix the port number substitution variables
These tests have been broken since commit
1958fe57 in Oct. 2011
Dan Fandrich [Fri, 11 Jul 2014 21:33:55 +0000 (23:33 +0200)]
tests: document more test identifiers and variables
Dan Fandrich [Fri, 11 Jul 2014 21:21:31 +0000 (23:21 +0200)]
gnutls: ignore invalid certificate dates with VERIFYPEER disabled
This makes the behaviour consistent with what happens if a date can
be extracted from the certificate but is expired.
Steve Holme [Thu, 10 Jul 2014 21:30:30 +0000 (22:30 +0100)]
CURLOPT_UPLOAD: Corrected argument type
Daniel Stenberg [Thu, 10 Jul 2014 03:06:34 +0000 (22:06 -0500)]
FAQ: expand the thread-safe section
... with a mention of *NOSIGNAL, based on talk in bug #1386
Dan Fandrich [Mon, 7 Jul 2014 21:12:22 +0000 (23:12 +0200)]
url.c: Fixed memory leak on OOM
This showed itself on some systems with torture failures
in tests 1060 and 1061
Dan Fandrich [Sat, 5 Jul 2014 14:59:12 +0000 (16:59 +0200)]
Update instances of some obsolete CURLOPTs to their new names
Marcel Raad [Fri, 4 Jul 2014 16:26:57 +0000 (18:26 +0200)]
compiler warnings: potentially uninitialized variables
... pointed out by MSVC2013
Bug: http://curl.haxx.se/bug/view.cgi?id=1391
Kamil Dudka [Fri, 4 Jul 2014 10:41:53 +0000 (12:41 +0200)]
nss: make the list of CRL items global
Otherwise NSS could use an already freed item for another connection.
Kamil Dudka [Thu, 3 Jul 2014 22:39:23 +0000 (00:39 +0200)]
nss: fix a memory leak when CURLOPT_CRLFILE is used
Kamil Dudka [Thu, 3 Jul 2014 22:36:21 +0000 (00:36 +0200)]
nss: make crl_der allocated on heap
... and spell it as crl_der instead of crlDER
Kamil Dudka [Thu, 3 Jul 2014 21:53:44 +0000 (23:53 +0200)]
nss: let nss_{cache,load}_crl return CURLcode
Kamil Dudka [Thu, 3 Jul 2014 18:19:35 +0000 (20:19 +0200)]
tool: oops, forgot to include <plarenas.h>
... that contains the declaration of PL_ArenaFinish()
Kamil Dudka [Thu, 3 Jul 2014 18:19:35 +0000 (20:19 +0200)]
tool: call PL_ArenaFinish() on exit if NSPR is used
This prevents valgrind from reporting still reachable memory allocated
by NSPR arenas (mainly the freelist).
Reported-by: Hubert Kario
Dimitrios Siganos [Wed, 2 Jul 2014 09:49:08 +0000 (11:49 +0200)]
example: use correct type (long) for CURLOPT_FOLLOWLOCATION
Dimitrios Siganos [Wed, 2 Jul 2014 09:41:40 +0000 (11:41 +0200)]
Document type of argument for CURLOPT_FOLLOWLOCATION.
Dimitrios Siganos [Wed, 2 Jul 2014 09:41:39 +0000 (11:41 +0200)]
Document type of argument for CURLOPT_ERRORBUFFER.
Dimitrios Siganos [Wed, 2 Jul 2014 09:41:38 +0000 (11:41 +0200)]
Document type of argument for CURLOPT_COPYPOSTFIELDS.
Dimitrios Siganos [Wed, 2 Jul 2014 09:41:37 +0000 (11:41 +0200)]
Document type of argument for CURLOPT_ADDRESS_SCOPE.