Marcus Sundberg [Sat, 12 Mar 2011 23:21:07 +0000 (00:21 +0100)]
GSS: handle reuse fix
Make GSS authentication work when a curl handle is reused for multiple
authenticated requests, by always setting negdata->state in
output_auth_headers().
Signed-off-by: Marcus Sundberg <marcus.sundberg@aptilo.com>
Daniel Stenberg [Sat, 12 Mar 2011 23:18:04 +0000 (00:18 +0100)]
test583: verify early SSH multi remove handle
This test case is meant to verify that the logic in commit
60172a0446bbe3f8b actually works. This test failed for me before that
change and it works after it.
Daniel Stenberg [Sat, 12 Mar 2011 23:15:59 +0000 (00:15 +0100)]
SFTP: gracefully handle shutdown early
When using the multi interface and a handle using SFTP was removed very
early on, we would get a segfault due to the code assumed data was there
that hadn't yet been setup.
Bug: http://curl.haxx.se/mail/lib-2011-03/0066.html
Reported by: Saqib Ali
Manuel Massing [Sat, 12 Mar 2011 22:38:10 +0000 (23:38 +0100)]
CURL_CHECK_FUNC_RECVFROM: android/bionic fix
recvfrom in bionic (the android libc) deviates from POSIX and uses a
const in the 5th argument ("const struct sockaddr *") so the check now
tests for that as well.
Daniel Stenberg [Sat, 12 Mar 2011 22:10:58 +0000 (23:10 +0100)]
test582: enabled
Daniel Stenberg [Sat, 12 Mar 2011 22:08:10 +0000 (23:08 +0100)]
PROT_CLOSEACTION: added SFTP and SCP
Both SFTP and SCP are protocols that need to shut down stuff properly
when the connection is about to get torned down. The primary effect of
not doing this shows up as memory leaks (when using SCP or SFTP with the
multi interface).
This is one of the problems detected by test 582.
Daniel Stenberg [Sat, 12 Mar 2011 22:05:11 +0000 (23:05 +0100)]
readwrite_upload: stop upload at file size
As we know how much to send, we can and should stop once we've sent that
much data as it avoids having to rely on other mechanisms to detect the
end.
This is one of the problems detected by test 582.
Reported by: Henry Ludemann <misc@hl.id.au>
Daniel Stenberg [Sat, 12 Mar 2011 22:02:04 +0000 (23:02 +0100)]
sftp upload: expire to advance state machine
When using the multi_socket API to do SFTP upload, it is important that
we set a quick expire when leaving the SSH_SFTP_UPLOAD_INIT state as
there's nothing happening on the socket so there's no read or write to
wait for, but the next libssh2 API function needs to be called to get
the ball rolling.
This is one of the problems detected by test 582.
Reported by: Henry Ludemann <misc@hl.id.au>
Daniel Stenberg [Sat, 12 Mar 2011 22:01:16 +0000 (23:01 +0100)]
test582: improved info messages
Daniel Stenberg [Fri, 11 Mar 2011 23:14:32 +0000 (00:14 +0100)]
source header: added to more files
Daniel Stenberg [Thu, 10 Mar 2011 10:48:02 +0000 (11:48 +0100)]
sources: update source headers
All C and H files now (should) feature the proper project curl source
code header, which includes basic info, a copyright statement and some
basic disclaimers.
Daniel Stenberg [Thu, 10 Mar 2011 10:47:40 +0000 (11:47 +0100)]
TODO-RELEASE: add 10 pending issues
Daniel Stenberg [Thu, 10 Mar 2011 10:41:59 +0000 (11:41 +0100)]
TODO-RELEASE: fix the IPv6-working probing
Daniel Stenberg [Wed, 9 Mar 2011 22:04:38 +0000 (23:04 +0100)]
tests: phase out haxx.se
Instead of using haxx.se as a fixed magic host name in lots of tests,
this is a first step to move toward the generic example.com host
instead.
Daniel Stenberg [Wed, 9 Mar 2011 13:10:44 +0000 (14:10 +0100)]
test523: avoid using haxx.se
... since search engines find what they think is a URL in this, they
hammer www.haxx.se on this port!
Daniel Stenberg [Wed, 9 Mar 2011 07:49:40 +0000 (08:49 +0100)]
configure: update the copyright year in the output
Dan Fandrich [Wed, 9 Mar 2011 22:02:42 +0000 (14:02 -0800)]
Force setopt constants written by --libcurl to be long
Daniel Stenberg [Tue, 8 Mar 2011 13:09:20 +0000 (14:09 +0100)]
cyassl: fix compiler warnings
Todd A Ouska [Tue, 8 Mar 2011 12:54:58 +0000 (13:54 +0100)]
SSL: (part 2) Added CyaSSL to SSL abstraction layer
This is the modified existing files commit.
Todd A Ouska [Tue, 1 Mar 2011 02:02:47 +0000 (18:02 -0800)]
SSL: Added CyaSSL to SSL abstraction layer
CyaSSL (available from git@github.com:cyassl/cyassl.git) has been
added to the SSL abstraction layer.
To test:
1) git CyaSSL sources
2) autoreconf -i
3) ./configure --disable-static
4) make
5) sudo make install
6) autoreconf -i
7) git curl sources (and this patch)
8) ./configure --disable-shared --with-cyassl --without-ssl --enable-debug
9) make
10) normal testing
Please send questions or comments to todd@yassl.com .
Daniel Stenberg [Tue, 8 Mar 2011 10:43:42 +0000 (11:43 +0100)]
curl.1: clarify -E
Stress that it is for client certificates and then mention that it also
works for all other SSL-based protocols apart from HTTPS and
FTPS. Namely POP3S, IMAPS and SMTPS for now.
Daniel Stenberg [Tue, 8 Mar 2011 10:15:59 +0000 (11:15 +0100)]
FAQ: Protocol xxx not supported or disabled in libcurl
Daniel Stenberg [Tue, 8 Mar 2011 07:21:03 +0000 (08:21 +0100)]
lib582: used for test 582
Accidentally not included in commit
0e74e1d8d83
Dan Fandrich [Tue, 8 Mar 2011 01:45:33 +0000 (17:45 -0800)]
Fixed libcurl to honour the --disable-ldaps configure option
Henry Ludemann [Mon, 7 Mar 2011 23:19:49 +0000 (00:19 +0100)]
sftp-multi: test 582 added
Add test 582 for uploading a file using sftp and the multi interface.
(Patch and test slightly tweaked by Daniel Stenberg)
Initially marked as disabled until it is fixed in the source.
Daniel Stenberg [Mon, 7 Mar 2011 21:27:26 +0000 (22:27 +0100)]
FAQ: How to SFTP from my user's home directory?
Daniel Stenberg [Sun, 6 Mar 2011 22:00:28 +0000 (23:00 +0100)]
cpp: correct #endif placement
The end-of-file #endif in rawstr.h was not correcly positioned after all
prototypes.
Reported by: Boris
Bug: http://curl.haxx.se/bug/view.cgi?id=
3195205
Dan Fandrich [Fri, 4 Mar 2011 23:56:40 +0000 (15:56 -0800)]
Moved test 577 into the unit test framework as test 1307
Dan Fandrich [Fri, 4 Mar 2011 23:13:12 +0000 (15:13 -0800)]
Added unit test 1306 so tests 558 & 559 are now fully replaced
Dan Fandrich [Fri, 4 Mar 2011 23:11:21 +0000 (15:11 -0800)]
The unit test argument is allowed to be used
Dan Fandrich [Fri, 4 Mar 2011 22:32:58 +0000 (14:32 -0800)]
Converted tests 558 & 559 to use the unit test framework as 1305
Test 558 was just a subset of 559 which is something that can be
easily added later.
Dan Fandrich [Fri, 4 Mar 2011 21:54:04 +0000 (13:54 -0800)]
Fixed test 1300 to pass the torture test
Dan Fandrich [Fri, 4 Mar 2011 21:53:15 +0000 (13:53 -0800)]
Added abort_* unit test macros
These are for when a test failure makes it impossible to continue
running further tests.
Stefan Krause [Wed, 23 Feb 2011 18:58:43 +0000 (19:58 +0100)]
transfer: avoid insane conversion of time_t
Daniel Stenberg [Sat, 26 Feb 2011 09:59:03 +0000 (10:59 +0100)]
ssh_connect: treat libssh2 return code better
libssh2_knownhost_readfile() returns a negative value on error or
otherwise number of parsed known hosts - this was previously not
documented correctly in the libssh2 man page for the function.
Bug: http://curl.haxx.se/mail/lib-2011-02/0327.html
Reported by: murat
Julien Chaffraix [Sat, 26 Feb 2011 04:37:54 +0000 (20:37 -0800)]
http: removed wrong unused comment.
|premature| is used in Curl_http_done.
Julien Chaffraix [Sat, 26 Feb 2011 04:35:16 +0000 (20:35 -0800)]
http: removed code duplication for stubbed https_getsock function.
Daniel Stenberg [Wed, 23 Feb 2011 11:59:06 +0000 (12:59 +0100)]
RELEASE-NOTES: synced with
2345c1dd661c
Daniel Stenberg [Tue, 22 Feb 2011 12:28:27 +0000 (13:28 +0100)]
runtests.pl/stopserver: space separate pids
The stopserver function would append pids to kill and could append them
without separating them with space properly. The result would be a very
large number that by (some implementations of) kill would be interpreted
as a negative number and that process group would be wiped...
Bug: http://curl.haxx.se/bug/view.cgi?id=
3188836
Reported by: Greg Pratt
Kamil Dudka [Tue, 22 Feb 2011 12:13:53 +0000 (13:13 +0100)]
nss: do not ignore failure of SSL handshake
Flaw introduced in
fc77790 and present in curl-7.21.4.
Bug: https://bugzilla.redhat.com/669702#c16
Daniel Stenberg [Mon, 21 Feb 2011 12:51:26 +0000 (13:51 +0100)]
CURLOPT_SSH_KEYFUNCTION: requires *SSH_KNOWNHOSTS
Extend the docs to clarify that CURLOPT_SSH_KEYFUNCTION is only called
if the known hosts option is also correctly set!
Julien Chaffraix [Mon, 21 Feb 2011 05:13:19 +0000 (21:13 -0800)]
curl_easy_setopt.3: Removed wrong reference to CURLOPT_USERPASSWORD.
CURLOPT_HTTPAUTH was mentioning CURLOPT_USERPASSWORD instead of
CURLOPT_PASSWORD.
Reported by: Mike Henshaw
Julien Chaffraix [Mon, 21 Feb 2011 05:10:45 +0000 (21:10 -0800)]
netrc: Removed _NETRC_DEBUG code.
This is not needed anymore as we have unit testing running on it.
Julien Chaffraix [Mon, 21 Feb 2011 05:10:36 +0000 (21:10 -0800)]
tests: Cleaned up netrc testing.
Removed the "netrc_debug" keyword replaced with --netrc-file additions.
Removed the debug code from Curl_parsenetrc as it is superseeded by
--netrc-file.
Julien Chaffraix [Mon, 21 Feb 2011 05:10:03 +0000 (21:10 -0800)]
curl: Added --netrc-file.
This enables people to specify a path to the netrc file to use.
The new option override --netrc if both are present. However it
does follow --netrc-optional if specified.
Mike Crowe [Fri, 18 Feb 2011 22:19:14 +0000 (23:19 +0100)]
multi: close connection on timeout
After a request times out, the connection wasn't properly closed and
prevented to get re-used, so subsequent transfers could still mistakenly
get to use the previously aborted connection.
Daniel Stenberg [Thu, 17 Feb 2011 22:51:43 +0000 (23:51 +0100)]
multi: better failed connect treatment
When failing to connect the protocol during the CURLM_STATE_PROTOCONNECT
state, Curl_done() has to be called with the premature flag set TRUE as
for the pingpong protocols this can be important.
When Curl_done() is called with premature == TRUE, it needs to call
Curl_disconnect() with its 'dead_connection' argument set to TRUE as
well so that any protocol handler's disconnect function won't attempt to
use the (control) connection for anything.
This problem caused the pingpong protocols to fail to disconnect when
STARTTLS failed.
Reported by: Alona Rossen
Bug: http://curl.haxx.se/mail/lib-2011-02/0195.html
Hoi-Ho Chan [Fri, 18 Feb 2011 05:46:59 +0000 (21:46 -0800)]
PolarSSL: Return 0 on receiving TLS CLOSE_NOTIFY alert
Signed-off-by: Hoi-Ho Chan <hoiho.chan@gmail.com>
Daniel Stenberg [Thu, 17 Feb 2011 22:22:11 +0000 (23:22 +0100)]
symbols-in-versions: sorted
I forgot to sort it when I added the CURL_SOCKOPT_* symbols
Daniel Stenberg [Thu, 17 Feb 2011 22:03:34 +0000 (23:03 +0100)]
TODO-RELEASE: refresh
Daniel Stenberg [Thu, 17 Feb 2011 21:34:18 +0000 (22:34 +0100)]
SOCKOPTFUNCTION: documented new return codes
Daniel Stenberg [Wed, 9 Feb 2011 14:46:41 +0000 (15:46 +0100)]
SOCKOPTFUNCTION: callback can say already-connected
Introducing a few CURL_SOCKOPT* defines for conveniance. The new
CURL_SOCKOPT_ALREADY_CONNECTED signals to libcurl that the socket is to
be treated as already connected and thus it will skip the connect()
call.
Kamil Dudka [Thu, 17 Feb 2011 16:37:24 +0000 (17:37 +0100)]
nss: avoid memory leak on SSL connection failure
Daniel Stenberg [Thu, 17 Feb 2011 13:00:25 +0000 (14:00 +0100)]
RELEASE-NOTES: fresh start towards 7.21.5
Daniel Stenberg [Thu, 17 Feb 2011 12:59:27 +0000 (13:59 +0100)]
curlver.h: bump to 7.21.5
Daniel Stenberg [Thu, 17 Feb 2011 12:58:24 +0000 (13:58 +0100)]
THANKS: add contributors from 7.21.4
Guenter Knauf [Thu, 17 Feb 2011 10:46:41 +0000 (11:46 +0100)]
Set -fpcc-struct-return only for gcc compiler.
Daniel Stenberg [Thu, 17 Feb 2011 08:40:53 +0000 (09:40 +0100)]
RELEASE-NOTES: credits since 7.21.3
I went through all the names mentioned as authors and in commit messages
since 7.21.3, and this list inserted now is sorted on first name.
Daniel Stenberg [Wed, 16 Feb 2011 18:33:22 +0000 (19:33 +0100)]
nss_load_key: fix unused variable warning
Daniel Stenberg [Mon, 14 Feb 2011 12:42:01 +0000 (13:42 +0100)]
gmtime: remove define
It turns out some systems rely on the gmtime or gmtime_r to be defined
already in the system headers and thus my "precaution" redefining of
them only caused trouble. They are now removed.
Guenter Knauf [Sun, 13 Feb 2011 13:31:22 +0000 (14:31 +0100)]
Added -m32 to CFLAGS to compile with x86_64 gcc.
Guenter Knauf [Sun, 13 Feb 2011 11:13:21 +0000 (12:13 +0100)]
Updated OpenSSL version, added links to docu.
Daniel Stenberg [Thu, 10 Feb 2011 21:33:12 +0000 (22:33 +0100)]
RELEASE-NOTES: synced with
3bb1291fbd4
Daniel Stenberg [Thu, 10 Feb 2011 21:21:57 +0000 (22:21 +0100)]
--keepalive-time: warn if not supported properly
Since the feature requires support for TCP_KEEPIDLE and TCP_KEEPINTVL to
function as documented, it now warns if that support is missing when the
option is used.
Dan Fandrich [Thu, 10 Feb 2011 20:29:34 +0000 (12:29 -0800)]
Call ERR_peek_error instead of ERR_peek_last_error
The latter isn't available in older OpenSSL versions, and is
less useful since it returns the most recent error instead of
the first one encountered.
Julien Chaffraix [Tue, 8 Feb 2011 16:39:44 +0000 (08:39 -0800)]
netrc: Enable setting up the filename in unit tests.
Unset the environment variable so that we can specify different
filenames in the unit test.
Julien Chaffraix [Tue, 8 Feb 2011 06:12:37 +0000 (22:12 -0800)]
test1304: Added some unit tests for Curl_parsenetrc.
Moved some definitons into the header file so that we can reuse them.
Quinn Slack [Wed, 9 Feb 2011 22:34:30 +0000 (23:34 +0100)]
CURLE_TLSAUTH_FAILED: removed
On second thought, I think CURLE_TLSAUTH_FAILED should be eliminated. It
was only being raised when an internal error occurred while allocating
or setting the GnuTLS SRP client credentials struct. For TLS
authentication failures, the general CURLE_SSL_CONNECT_ERROR seems
appropriate; its error string already includes "passwords" as a possible
cause. Having a separate TLS auth error code might also cause people to
think that a TLS auth failure means the wrong username or password was
entered, when it could also be a sign of a man-in-the-middle attack.
Quinn Slack [Wed, 9 Feb 2011 22:33:06 +0000 (23:33 +0100)]
TLS-SRP: new options documented
Daniel Stenberg [Wed, 9 Feb 2011 14:36:36 +0000 (15:36 +0100)]
CURLOPT_SOCKOPTFUNCTION: return proper error code
When the callback returns an error, this function must make sure to return
CURLE_ABORTED_BY_CALLBACK properly and not CURLE_OK as before to allow the
callback to properly abort the operation.
Daniel Stenberg [Tue, 8 Feb 2011 21:39:04 +0000 (22:39 +0100)]
curl.1: typo in -v description
Reported by: Ian D Allen
Bug: https://bugs.launchpad.net/ubuntu/+source/curl/+bug/714895
Forwarded to us by:
Reported by: Andreas Olsson
Bug: http://curl.haxx.se/bug/view.cgi?id=
3175422
Julien Chaffraix [Fri, 28 Jan 2011 16:34:17 +0000 (08:34 -0800)]
netrc: Removed dead code.
The main has not been updated from some time and is out of sync with
the code. The code is now tested by several test cases so no need for
a seperate code path.
Julien Chaffraix [Fri, 28 Jan 2011 16:20:37 +0000 (08:20 -0800)]
netrc: Tightened up the type checks.
The state should not be anonymous so that we can check if the values
are fine. Added 2 unreachables states to the switch as a result of this
change.
Julien Chaffraix [Thu, 27 Jan 2011 15:48:19 +0000 (07:48 -0800)]
imap: Fixed typo in a comment.
Daniel Stenberg [Mon, 7 Feb 2011 14:09:24 +0000 (15:09 +0100)]
Curl_gmtime: avoid future mistakes
Document Curl_gmtime() and define away the old functions so that they
won't be used internally again by mistake.
Daniel Stenberg [Mon, 7 Feb 2011 14:00:48 +0000 (15:00 +0100)]
Curl_gmtime: added a portable gmtime
Instead of polluting many places with #ifdefs, we create a single place
for this function, and also check return code properly so that a NULL
pointer returned won't cause problems.
Guenter Knauf [Thu, 3 Feb 2011 08:59:00 +0000 (09:59 +0100)]
mk-ca-bundle.vbs: use new cacert url
The official Mozilla page at http://www.mozilla.org/projects/security/certs/
points out a new place as the "proper" place to get Mozilla's CA certs from
so this script is now updated to use that instead.
Reported by: Daniel Mentz
Daniel Stenberg [Wed, 2 Feb 2011 21:22:15 +0000 (22:22 +0100)]
mk-ca-bundle.pl: use new cacert url
The official Mozilla page at
http://www.mozilla.org/projects/security/certs/ points out a new place
as the "proper" place to get Mozilla's CA certs from so this script is
now updated to use that instead.
Reported by: Daniel Mentz
Bjoern Sikora [Wed, 2 Feb 2011 17:25:57 +0000 (18:25 +0100)]
ssluse: improved error message on SSL_CTX_new failures
"SSL: couldn't create a context" really isn't that helpful, now it'll
also extract an explanation from OpenSSL and append to the right.
Nicholas Maniscalco [Wed, 2 Feb 2011 12:41:22 +0000 (13:41 +0100)]
multi: fix CURLM_STATE_TOOFAST for multi_socket
The code in the toofast state needs to first recalculate the values
before it uses them again since it may have been a while since it last
did it when it reaches this point.
Daniel Stenberg [Wed, 2 Feb 2011 12:35:55 +0000 (13:35 +0100)]
unit1300: code style cleanup
Amr Shahin [Sat, 29 Jan 2011 15:33:02 +0000 (17:33 +0200)]
adding unit tests for Curl_llist_remove
Patrick Monnerat [Mon, 31 Jan 2011 16:07:18 +0000 (17:07 +0100)]
Include TLSAUTH options in ILE/RPG binding.
Dave Reisner [Sun, 30 Jan 2011 03:41:07 +0000 (22:41 -0500)]
file: add support for CURLOPT_TIMECONDITION
Dave Reisner [Sun, 30 Jan 2011 03:12:33 +0000 (22:12 -0500)]
transfer: add Curl_meets_timecondition()
This will be used by file_do() and Curl_readwrite() as a unified method
of checking to see if a remote document meets the supplied
CURLOPT_TIMEVAL and CURLOPT_TIMECONDITION.
Signed-off-by: Dave Reisner <d@falconindy.com>
Daniel Stenberg [Sat, 29 Jan 2011 22:52:40 +0000 (23:52 +0100)]
FAQ: clarified/expanded 6.7 a bit
"6.7 What are my obligations when using libcurl in my commercial apps?"
got the piece about what exactly "in all copies" mean to a user of the
code.
This interpretation is based on what other MIT-like licenses have made
more explicit.
Daniel Stenberg [Sat, 29 Jan 2011 22:41:15 +0000 (23:41 +0100)]
COPYING: update the year to 2011
The generic copyright year range now includes 2011
Pierre Joye [Fri, 28 Jan 2011 21:19:44 +0000 (22:19 +0100)]
Windows build: alternative makefile
This is a separate makefile for MSVC builds. It is deliberately put in
another dir than src/ and lib/ to allow a different build experience
than the previous - at least during a period. Eventually we should
unify.
Daniel Stenberg [Thu, 27 Jan 2011 23:23:48 +0000 (00:23 +0100)]
test: add test 580 to the dist
Dan Fandrich [Thu, 27 Jan 2011 22:37:16 +0000 (14:37 -0800)]
Some minor edits including updates to function names
Daniel Stenberg [Thu, 27 Jan 2011 13:37:25 +0000 (14:37 +0100)]
ares: memory leak fix
The double name resolve trick used with c-ares could leave allocated
memory in 'temp_ai' if the operation was aborted in the middle.
Daniel Stenberg [Thu, 27 Jan 2011 12:59:11 +0000 (13:59 +0100)]
ares_query_completed_cb: don't touch invalid data
When this callback is called due to the destruction of the ares handle,
the connection pointer passed in as an argument may no longer pointing
to valid data and this function doesn't need to do anything with it
anyway so we make sure it doesn't.
Bug: http://curl.haxx.se/mail/lib-2011-01/0333.html
Reported by: Vsevolod Novikov
Kamil Dudka [Thu, 27 Jan 2011 09:55:02 +0000 (10:55 +0100)]
nss: avoid memory leaks and failure of NSS shutdown
... in case more than one CA is loaded.
Bug: https://bugzilla.redhat.com/670802
Dan Fandrich [Thu, 27 Jan 2011 01:02:33 +0000 (17:02 -0800)]
Mention that sftp quote commands can be quoted
Daniel Stenberg [Tue, 25 Jan 2011 17:09:54 +0000 (18:09 +0100)]
tests: more multiple headers checks
Daniel Stenberg [Tue, 25 Jan 2011 11:06:50 +0000 (12:06 +0100)]
HTTP: memory leak on multiple Location:
The HTTP parser allocated memory on each received Location: header
without properly freeing old data. Starting now, the code only considers
the first Location: header and will blissfully ignore subsequent ones.
Bug: http://curl.haxx.se/bug/view.cgi?id=
3165129
Reported by: Martin Lemke
Daniel Stenberg [Mon, 24 Jan 2011 21:18:43 +0000 (22:18 +0100)]
FAQ: clarify 5.13 how to stop a transfer
Guenter Knauf [Sat, 22 Jan 2011 08:52:09 +0000 (09:52 +0100)]
Fixed C++ style comment not allowed in ISO C90.
Dan Fandrich [Fri, 21 Jan 2011 22:27:10 +0000 (14:27 -0800)]
Mention axTLS in some more documentation
Daniel Stenberg [Thu, 20 Jan 2011 22:17:22 +0000 (23:17 +0100)]
runtests.pl: make -s not show skipped tests