]>
granicus.if.org Git - curl/log
Steve Holme [Tue, 20 Jan 2015 19:25:43 +0000 (19:25 +0000)]
curl_sasl.c: Fixed compilation warning when cyptography is disabled
curl_sasl.c:1453: warning C4101: 'serverdata' : unreferenced local
variable
Steve Holme [Tue, 20 Jan 2015 19:21:56 +0000 (19:21 +0000)]
curl_sasl.c: Fixed compilation error when USE_WINDOWS_SSPI defined
curl_sasl.c:1221: error C2065: 'mechtable' : undeclared identifier
This error could also happen for non-SSPI builds when cryptography is
disabled (CURL_DISABLE_CRYPTO_AUTH is defined).
Patrick Monnerat [Tue, 20 Jan 2015 17:17:55 +0000 (18:17 +0100)]
SASL: make some procedures local-scoped
Patrick Monnerat [Tue, 20 Jan 2015 16:33:05 +0000 (17:33 +0100)]
SASL: common state engine for imap/pop3/smtp
Patrick Monnerat [Tue, 20 Jan 2015 14:27:25 +0000 (15:27 +0100)]
SASL: common URL option and auth capabilities decoders for all protocols
Patrick Monnerat [Tue, 20 Jan 2015 13:14:26 +0000 (14:14 +0100)]
IMAP/POP3/SMTP: use a per-connection sub-structure for SASL parameters.
Daniel Stenberg [Tue, 20 Jan 2015 08:03:55 +0000 (09:03 +0100)]
ipv6: enclose AF_INET6 uses with proper #ifdefs for ipv6
Reported-by: Chris Young
Chris Young [Tue, 20 Jan 2015 07:53:14 +0000 (08:53 +0100)]
timeval: typecast for better type (on Amiga)
There is an issue with conflicting "struct timeval" definitions with
certain AmigaOS releases and C libraries, depending on what gets
included when. It's a minor difference - the OS one is unsigned,
whereas the common structure has signed elements. If the OS one ends up
getting defined, this causes a timing calculation error in curl.
It's easy enough to resolve this at the curl end, by casting the
potentially errorneous calculation to a signed long.
Daniel Stenberg [Mon, 19 Jan 2015 22:18:58 +0000 (23:18 +0100)]
openssl: do public key pinning check independently
... of the other cert verification checks so that you can set verifyhost
and verifypeer to FALSE and still check the public key.
Bug: http://curl.haxx.se/bug/view.cgi?id=1471
Reported-by: Kyle J. McKay
Patrick Monnerat [Mon, 19 Jan 2015 12:52:40 +0000 (13:52 +0100)]
OS400: CURLOPT_SSL_VERIFYSTATUS for ILE/RPG too.
Steve Holme [Sun, 18 Jan 2015 20:25:37 +0000 (20:25 +0000)]
ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP
For consistency with other USE_WIN32_ defines as well as the
USE_OPENLDAP define.
Steve Holme [Sun, 18 Jan 2015 17:36:59 +0000 (17:36 +0000)]
http_negotiate: Use dynamic buffer for SPN generation
Use a dynamicly allocated buffer for the temporary SPN variable similar
to how the SASL GSS-API code does, rather than using a fixed buffer of
2048 characters.
Steve Holme [Sun, 18 Jan 2015 17:12:28 +0000 (17:12 +0000)]
sasl_gssapi: Make Curl_sasl_build_gssapi_spn() public
Steve Holme [Sun, 18 Jan 2015 17:02:55 +0000 (17:02 +0000)]
sasl_gssapi: Fixed memory leak with local SPN variable
Daniel Stenberg [Sat, 17 Jan 2015 22:14:40 +0000 (23:14 +0100)]
http_negotiate.c: unused variable 'ret'
Steve Holme [Sat, 17 Jan 2015 16:49:39 +0000 (16:49 +0000)]
gskit.h: Code policing of function pointer arguments
Steve Holme [Sat, 17 Jan 2015 16:41:03 +0000 (16:41 +0000)]
vtls: Removed unimplemented overrides of curlssl_close_all()
Carrying on from commit
037cd0d991 , removed the following unimplemented
instances of curlssl_close_all():
Curl_axtls_close_all()
Curl_darwinssl_close_all()
Curl_cyassl_close_all()
Curl_gskit_close_all()
Curl_gtls_close_all()
Curl_nss_close_all()
Curl_polarssl_close_all()
Steve Holme [Sat, 17 Jan 2015 16:03:49 +0000 (16:03 +0000)]
vtls: Separate the SSL backend definition from the API setup
Slight code cleanup as the SSL backend #define is mixed up with the API
function setup.
Steve Holme [Sat, 17 Jan 2015 15:13:29 +0000 (15:13 +0000)]
vtls: Fixed compilation errors when SSL not used
Fixed the following warning and error from commit
3af90a6e19 when SSL
is not being used:
url.c:2004: warning C4013: 'Curl_ssl_cert_status_request' undefined;
assuming extern returning int
error LNK2019: unresolved external symbol Curl_ssl_cert_status_request
referenced in function Curl_setopt
Steve Holme [Sat, 17 Jan 2015 11:59:44 +0000 (11:59 +0000)]
http_negotiate: Added empty decoded challenge message info text
Steve Holme [Sat, 17 Jan 2015 11:56:27 +0000 (11:56 +0000)]
http_negotiate: Return CURLcode in Curl_input_negotiate() instead of int
Steve Holme [Sat, 17 Jan 2015 11:27:36 +0000 (11:27 +0000)]
http_negotiate_sspi: Prefer use of 'attrs' for context attributes
Use the same variable name as other areas of SSPI code.
Steve Holme [Sat, 17 Jan 2015 11:24:06 +0000 (11:24 +0000)]
http_negotiate_sspi: Use correct return type for QuerySecurityPackageInfo()
Use the SECURITY_STATUS typedef rather than a unsigned long for the
QuerySecurityPackageInfo() return and rename the variable as per other
areas of SSPI code.
Steve Holme [Sat, 17 Jan 2015 11:20:35 +0000 (11:20 +0000)]
http_negotiate_sspi: Use 'CURLcode result' for CURL result code
Steve Holme [Fri, 16 Jan 2015 23:01:27 +0000 (23:01 +0000)]
curl_endian: Fixed build when 64-bit integers are not supported (Part 2)
Missed Curl_read64_be() in commit
bb12d44471 :(
Daniel Stenberg [Fri, 16 Jan 2015 22:41:50 +0000 (23:41 +0100)]
CURLOPT_SSL_VERIFYSTATUS.3: mention it is added in version 7.41.0
Daniel Stenberg [Fri, 16 Jan 2015 22:36:50 +0000 (23:36 +0100)]
curlver.h: next release is 7.41.0 due to the changes
Daniel Stenberg [Fri, 16 Jan 2015 22:36:02 +0000 (23:36 +0100)]
RELEASE-NOTES: mention the new OCSP stapling options, bump version
Daniel Stenberg [Fri, 16 Jan 2015 22:34:28 +0000 (23:34 +0100)]
opts: add CURLOPT_SSL_VERIFYSTATUS* to docs/Makefile
Daniel Stenberg [Fri, 16 Jan 2015 22:19:36 +0000 (23:19 +0100)]
help: add --cert-status to --help output
Daniel Stenberg [Fri, 16 Jan 2015 21:33:49 +0000 (22:33 +0100)]
copyright years: after OCSP stapling changes
Alessandro Ghedini [Mon, 16 Jun 2014 18:47:26 +0000 (20:47 +0200)]
curl: add --cert-status option
This enables the CURLOPT_SSL_VERIFYSTATUS functionality.
Alessandro Ghedini [Tue, 24 Jun 2014 21:25:59 +0000 (23:25 +0200)]
nss: add support for the Certificate Status Request TLS extension
Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8.
This requires NSS 3.15 or higher.
Alessandro Ghedini [Mon, 16 Jun 2014 11:21:02 +0000 (13:21 +0200)]
gtls: add support for the Certificate Status Request TLS extension
Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8.
This requires GnuTLS 3.1.3 or higher to build, however it's recommended to use
at least GnuTLS 3.3.11 since previous versions had a bug that caused the OCSP
response verfication to fail even on valid responses.
Alessandro Ghedini [Mon, 16 Jun 2014 11:20:47 +0000 (13:20 +0200)]
url: add CURLOPT_SSL_VERIFYSTATUS option
This option can be used to enable/disable certificate status verification using
the "Certificate Status Request" TLS extension defined in RFC6066 section 8.
This also adds the CURLE_SSL_INVALIDCERTSTATUS error, to be used when the
certificate status verification fails, and the Curl_ssl_cert_status_request()
function, used to check whether the SSL backend supports the status_request
extension.
Daniel Stenberg [Fri, 16 Jan 2015 13:17:16 +0000 (14:17 +0100)]
TheArtOfHttpScripting: skip the date at the top, we have git
Daniel Stenberg [Fri, 16 Jan 2015 13:16:31 +0000 (14:16 +0100)]
TheArtOfHttpScripting: phrase it TLS lib agnostic
Steve Holme [Fri, 16 Jan 2015 21:59:20 +0000 (21:59 +0000)]
TODO: Added some SMB ideas
Steve Holme [Fri, 16 Jan 2015 21:52:21 +0000 (21:52 +0000)]
RELEASE-NOTES: Synced with
5f09947d28
Steve Holme [Fri, 16 Jan 2015 20:57:36 +0000 (20:57 +0000)]
build-openssl.bat: Added check for Perl installation
Steve Holme [Fri, 16 Jan 2015 20:44:32 +0000 (20:44 +0000)]
checksrc.bat: Better detection of Perl installation
Steve Holme [Fri, 16 Jan 2015 12:31:24 +0000 (12:31 +0000)]
curl_endian: Fixed build when 64-bit integers are not supported
Bug: http://curl.haxx.se/mail/lib-2015-01/0094.html
Reported-by: John E. Malmberg
Yun SangHo [Thu, 15 Jan 2015 17:40:47 +0000 (02:40 +0900)]
curl.h: remove extra space
Daniel Stenberg [Wed, 14 Jan 2015 22:31:57 +0000 (23:31 +0100)]
Curl_pretransfer: reset expected transfer sizes
Reported-by: Mohammad AlSaleh
Bug: http://curl.haxx.se/mail/lib-2015-01/0065.html
Marc Hoersken [Sat, 10 Jan 2015 16:46:02 +0000 (17:46 +0100)]
curl_schannel.c: mark session as removed from cache if not freed
If the session is still used by active SSL/TLS connections, it
cannot be closed yet. Thus we mark the session as not being cached
any longer so that the reference counting mechanism in
Curl_schannel_shutdown is used to close and free the session.
Reported-by: Jean-Francois Durand
Steve Holme [Fri, 9 Jan 2015 21:09:23 +0000 (21:09 +0000)]
RELEASE-NOTES: Synced with
d21b66835f
Guenter Knauf [Fri, 9 Jan 2015 21:03:12 +0000 (22:03 +0100)]
Merge pull request #134 from vszakats/mingw-m64
add -m64 CFLAGS when targeting mingw64, add -m32/-m64 to LDFLAGS
Guenter Knauf [Fri, 9 Jan 2015 21:02:23 +0000 (22:02 +0100)]
Merge pull request #136 from vszakats/mingw-allow-custom-cflags
mingw build: allow to pass custom CFLAGS
Daniel Stenberg [Fri, 9 Jan 2015 20:55:31 +0000 (21:55 +0100)]
NSS: fix compiler error when built http2-enabled
Steve Holme [Fri, 9 Jan 2015 20:29:26 +0000 (20:29 +0000)]
gssapi: Remove need for duplicated GSS_C_NT_HOSTBASED_SERVICE definitions
Better code reuse and consistency in calls to gss_import_name().
Viktor Szakats [Fri, 9 Jan 2015 03:36:02 +0000 (04:36 +0100)]
mingw build: allow to pass custom CFLAGS
Daniel Stenberg [Thu, 8 Jan 2015 19:43:32 +0000 (20:43 +0100)]
FTP: if EPSV fails on IPV6 connections, bail out
... instead of trying PASV, since PASV can't work with IPv6.
Reported-by: Vojtěch Král
Daniel Stenberg [Thu, 8 Jan 2015 17:30:01 +0000 (18:30 +0100)]
FTP: fix IPv6 host using link-local address
... and make sure we can connect the data connection to a host name that
is longer than 48 bytes.
Also simplifies the code somewhat by re-using the original host name
more, as it is likely still in the DNS cache.
Original-Patch-by: Vojtěch Král
Bug: http://curl.haxx.se/bug/view.cgi?id=1468
Sam Schanken [Mon, 29 Dec 2014 18:57:21 +0000 (10:57 -0800)]
winbuild: Added option to build with c-ares
Added support for a WITH_CARES option to be used when invoking nmake
via Makefile.vc. This option enables linking against both the DLL and
static versions of the c-ares libraries, as well as the debug and
release varients, depending on the value of DEBUG. The USE_ARES
preprocessor symbol is also defined.
Guenter Knauf [Thu, 8 Jan 2015 20:40:35 +0000 (21:40 +0100)]
NetWare build: added TLS-SRP enabled build.
Steve Holme [Thu, 8 Jan 2015 19:23:53 +0000 (19:23 +0000)]
sasl_gssapi: Fixed build on NetBSD with built-in GSS-API
Bug: http://curl.haxx.se/bug/view.cgi?id=1469
Reported-by: Thomas Klausner
Viktor Szakats [Thu, 8 Jan 2015 17:19:03 +0000 (18:19 +0100)]
add -m64 clags when targeting mingw64, add -m32/-m64 to LDFLAGS
Daniel Stenberg [Thu, 8 Jan 2015 09:00:28 +0000 (10:00 +0100)]
bump: start working towards 7.40.1
Daniel Stenberg [Thu, 8 Jan 2015 08:57:19 +0000 (09:57 +0100)]
THANKS: 14 new contributors from the 7.40.0 release notes
Daniel Stenberg [Wed, 7 Jan 2015 22:08:53 +0000 (23:08 +0100)]
RELEASE-NOTES: version 7.40.0
Daniel Stenberg [Fri, 19 Dec 2014 07:50:00 +0000 (08:50 +0100)]
darwinssl: fix session ID keys to only reuse identical sessions
...to avoid a session ID getting cached without certificate checking and
then after a subsequent _enabling_ of the check libcurl could still
re-use the session done without cert checks.
Bug: http://curl.haxx.se/docs/adv_20150108A.html
Reported-by: Marc Hesse
Daniel Stenberg [Thu, 25 Dec 2014 22:51:43 +0000 (23:51 +0100)]
tests: make sure CRLFs can't be used in URLs passed to proxy
Bug: http://curl.haxx.se/docs/adv_20150108B.html
Daniel Stenberg [Thu, 25 Dec 2014 22:55:03 +0000 (23:55 +0100)]
url-parsing: reject CRLFs within URLs
Bug: http://curl.haxx.se/docs/adv_20150108B.html
Reported-by: Andrey Labunets
Steve Holme [Wed, 7 Jan 2015 19:45:24 +0000 (19:45 +0000)]
ldap: Convert attribute output to UTF-8 when Unicode
Steve Holme [Wed, 7 Jan 2015 19:19:20 +0000 (19:19 +0000)]
ldap: Convert DN output to UTF-8 when Unicode
Daniel Stenberg [Tue, 6 Jan 2015 22:01:43 +0000 (22:01 +0000)]
hostip: remove 'stale' argument from Curl_fetch_addr proto
Also, remove the log output of the resolved name is NOT in the cache in
the spirit of only telling when something is actually happening.
Steve Holme [Wed, 7 Jan 2015 13:50:56 +0000 (13:50 +0000)]
ldap/imap: Fixed spelling mistake in comments and variable names
Reported-by: Michael Osipov
Daniel Stenberg [Wed, 7 Jan 2015 11:41:02 +0000 (12:41 +0100)]
RELEASE-NOTES: updated with ./contributors.sh output
Dan Fandrich [Mon, 5 Jan 2015 09:08:08 +0000 (10:08 +0100)]
curl_multibyte.h: Eliminated some trailing whitespace
Steve Holme [Sun, 4 Jan 2015 22:58:19 +0000 (22:58 +0000)]
RELEASE-NOTES: Synced with
ea93252ef1
Steve Holme [Sat, 3 Jan 2015 21:54:11 +0000 (21:54 +0000)]
ldap: Fixed Unicode usage for all Win32 builds
Otherwise, the fixes in the previous commits would only be applicable
to IDN and SSPI based builds and not others such as OpenSSL with LDAP
enabled.
Steve Holme [Sun, 4 Jan 2015 20:33:58 +0000 (20:33 +0000)]
ldap: Fixed memory leak from commit
efb64fdf80
Steve Holme [Sun, 4 Jan 2015 20:06:04 +0000 (20:06 +0000)]
ldap: Fix memory leak from commit
3a805c5cc1
Steve Holme [Sat, 3 Jan 2015 21:19:11 +0000 (21:19 +0000)]
ldap: Fixed attribute variable warnings when Unicode is enabled
Use 'TCHAR *' for local attribute variable rather than 'char *'.
Steve Holme [Sat, 3 Jan 2015 21:12:56 +0000 (21:12 +0000)]
ldap: Fixed DN variable warnings when Unicode is enabled
Use 'TCHAR *' for local DN variable rather than 'char *'.
Steve Holme [Sat, 3 Jan 2015 21:04:13 +0000 (21:04 +0000)]
ldap: Remove the unescape_elements() function
Due to the recent modifications this function is no longer used.
Steve Holme [Sun, 4 Jan 2015 16:11:08 +0000 (16:11 +0000)]
ldap.c: Fixed compilation warning
ldap.c:98: warning: extra tokens at end of #endif directive
Steve Holme [Sat, 3 Jan 2015 20:58:29 +0000 (20:58 +0000)]
ldap: Fixed support for Unicode filter in Win32 search call
Steve Holme [Sun, 4 Jan 2015 15:16:04 +0000 (15:16 +0000)]
ldap.c: Fixed compilation warning
ldap.c:802: warning: comparison between signed and unsigned integer
expressions
Steve Holme [Sat, 3 Jan 2015 20:49:11 +0000 (20:49 +0000)]
ldap: Fixed support for Unicode attributes in Win32 search call
Steve Holme [Sun, 4 Jan 2015 14:11:02 +0000 (14:11 +0000)]
ldap: Fixed memory leak from commit
efb64fdf80
The unescapped DN was not freed after a successful character conversion.
Steve Holme [Sun, 4 Jan 2015 13:08:12 +0000 (13:08 +0000)]
ldap.c: Fixed compilation error
ldap.c:738: error: macro "LDAP_TRACE" passed 2 arguments, but takes
just 1
Steve Holme [Sun, 4 Jan 2015 13:04:06 +0000 (13:04 +0000)]
ldap.c: Fixed compilation warning
ldap.c:89: warning: extra tokens at end of #endif directive
Steve Holme [Sat, 3 Jan 2015 20:36:10 +0000 (20:36 +0000)]
ldap: Fixed support for Unicode DN in Win32 search call
Steve Holme [Sat, 3 Jan 2015 20:16:26 +0000 (20:16 +0000)]
ldap: Fixed Unicode user and password in Win32 bind calls
Steve Holme [Sat, 3 Jan 2015 19:59:12 +0000 (19:59 +0000)]
ldap: Fixed Unicode host name in Win32 initialisation calls
Steve Holme [Sat, 3 Jan 2015 19:45:30 +0000 (19:45 +0000)]
ldap: Use host.dispname for infof() connection failure messages
As host.name may be encoded use dispname for infof() failure messages.
Steve Holme [Sat, 3 Jan 2015 17:45:51 +0000 (17:45 +0000)]
ldap: Prefer 'CURLcode result' for curl result codes
Steve Holme [Sat, 3 Jan 2015 17:39:23 +0000 (17:39 +0000)]
ldap: Pass write length in all Curl_client_write() calls
As we get the length for the DN and attribute variables, and we know
the length for the line terminator, pass the length values rather than
zero as this will save Curl_client_write() from having to perform an
additional strlen() call.
Steve Holme [Sat, 3 Jan 2015 17:25:11 +0000 (17:25 +0000)]
ldap: Fixed attribute memory leaks on failed client write
Fixed memory leaks from commit
086ad79970 as was noted in the commit
comments.
Steve Holme [Sat, 3 Jan 2015 17:05:50 +0000 (17:05 +0000)]
ldap: Fixed DN memory leaks on failed client write
Fixed memory leaks from commit
086ad79970 as was noted in the commit
comments.
Steve Holme [Fri, 2 Jan 2015 21:09:24 +0000 (21:09 +0000)]
curl_ntlm_core.c: Fixed compilation warning from commit
1cb17b2a5d
curl_ntlm_core.c:146: warning: passing 'DES_cblock' (aka 'unsigned char
[8]') to parameter of type 'char *' converts
between pointers to integer types with different
sign
Steve Holme [Fri, 2 Jan 2015 19:59:41 +0000 (19:59 +0000)]
ntlm: Use extend_key_56_to_64() for all cryptography engines
Rather than duplicate the code in setup_des_key() for OpenSSL and in
extend_key_56_to_64() for non-OpenSSL based crypto engines, as it is
the same, use extend_key_56_to_64() for all engines.
Steve Holme [Fri, 2 Jan 2015 17:19:49 +0000 (17:19 +0000)]
RELEASE-NOTES: Synced with
34f0bd110f
Steve Holme [Fri, 2 Jan 2015 16:28:03 +0000 (16:28 +0000)]
curl_ntlm_core.c: Fixed compilation warning
curl_ntlm_core.c:458: warning: 'ascii_uppercase_to_unicode_le' defined
but not used
Steve Holme [Fri, 2 Jan 2015 15:53:42 +0000 (15:53 +0000)]
endian: Fixed bit-shift in 64-bit integer read functions
From commit
43792592ca and
4bb5a351b2 .
Reported-by: Michael Osipov
Steve Holme [Thu, 1 Jan 2015 20:48:05 +0000 (20:48 +0000)]
smb: Use endian functions for reading NBT and message size values
Steve Holme [Thu, 1 Jan 2015 20:26:17 +0000 (20:26 +0000)]
endian: Added big endian read functions
Steve Holme [Thu, 1 Jan 2015 20:09:50 +0000 (20:09 +0000)]
endian: Added 64-bit integer read function
Steve Holme [Thu, 1 Jan 2015 05:04:14 +0000 (05:04 +0000)]
COPYING: Bumped copyright year to 2015