- Nov 19, 2012
-
-
Fabian Keil authored
They currently only work for 127.0.0.1 which is hardcoded and can't be easily changed.
-
Fabian Keil authored
.. and add a precheck to skip the test otherwise.
-
Fabian Keil authored
This makes it easier to skip it automatically when the test suite is used with external proxies.
-
Fabian Keil authored
-
Fabian Keil authored
-
Fabian Keil authored
Trailing spaces were left unmodifed, assuming they were intentional.
-
Fabian Keil authored
Consistently use CRLF instead. The mixed endings weren't documented so I assume they were unintentional. This change doesn't matter for curl itself but makes using the tests with a proxy between curl and the test server more convenient. Tests that consistently use no carriage returns were left unmodified as one can easily work around this.
-
- Nov 18, 2012
-
-
Daniel Stenberg authored
DNS cache entries populated with CURLOPT_RESOLVE were not properly freed again when done using the multi interface. Test case 1502 added to verify. Bug: http://curl.haxx.se/bug/view.cgi?id=3575448 Reported by: Alex Gruz
-
- Nov 17, 2012
-
-
Daniel Stenberg authored
4 more bug fixes and 4 more contributors
-
Daniel Stenberg authored
If we use memory functions (malloc, free, strdup etc) in C sources in libcurl and we fail to include curl_memory.h or memdebug.h we either fail to properly support user-provided memory callbacks or the memory leak system of the test suite fails. After Ajit's report of a failure in the first category in http_proxy.c, I spotted a few in the second category as well. These problems are now tested for by test 1132 which runs a perl program that scans for and attempts to check that we use the correct include files if a memory related function is used in the source code. Reported by: Ajit Dhumale Bug: http://curl.haxx.se/mail/lib-2012-11/0125.html
-
- Nov 16, 2012
-
-
Daniel Stenberg authored
Fixed checksrc warnings
-
Fabian Keil authored
They broke the NTLM tests from 2023 to 2031.
-
Christian Vogt authored
Re-send ACK for block X in case we receive block X data again while waiting for block X+1. Based on an earlier patch by Marcin Adamski.
-
Daniel Stenberg authored
When nothing is told to configure, we should not enforce switching off debug options with -g0 (or similar). We instead don't use -g at all in that situaion and therefore allow the user's CFLAGS settings possibly dictate what to do.
-
- Nov 14, 2012
-
-
Mark Snelling authored
And fix some newlines to be proper CRLF Bug: http://curl.haxx.se/bug/view.cgi?id=3586741
-
Daniel Stenberg authored
-
- Nov 13, 2012
-
-
Cristian Rodríguez authored
It either causes increased memory usage or exposes users to the "CRIME attack" (CVE-2012-4929)
-
Sebastian Rasmussen authored
-
Kamil Dudka authored
The {MD5,SHA1,SHA256}_Init functions from OpenSSL are called directly without any wrappers and they return 1 for success, 0 otherwise. Hence, we have to use the same approach in all the wrapper functions that are used for the other crypto libraries. This commit fixes a regression introduced in commit dca8ae5f.
-
Daniel Stenberg authored
-
Sergei Nikulov authored
-
- Nov 12, 2012
-
-
Anton Malov authored
Bug: http://curl.haxx.se/bug/view.cgi?id=3586338
-
Patrick Monnerat authored
-
Patrick Monnerat authored
-
Daniel Stenberg authored
-
Gabriel Sjoberg authored
When using only 1 second precision, curl doesn't create new cnonce values quickly enough for all uses. For example, issuing the following command multiple times to a recent Tomcat causes authentication failures: curl --digest -utest:test http://tomcat.test.com:8080/manager/list This is because curl uses the same cnonce for several seconds, but doesn't increment the nonce counter. Tomcat correctly interprets this as a replay attack and rejects the request. When microsecond-precision is available, this commit causes curl to change cnonce values much more frequently. With microsecond resolution, increasing the nounce length used in the headers to 32 was made to further reduce the risk of duplication.
-
Daniel Stenberg authored
Instead of relying on the generic CURLE error for SCP or SFTP send failures, try passing back a more suitable error if possible.
-
Daniel Stenberg authored
-
- Nov 09, 2012
-
-
Kamil Dudka authored
Fixes bug #3578163: http://sourceforge.net/tracker/?func=detail&atid=100976&aid=3578163&group_id=976
-
Kamil Dudka authored
-
Kamil Dudka authored
... to release resources allocated at global scope
-
- Nov 08, 2012
-
-
Daniel Stenberg authored
and make local function static
-
Oscar Koeroo authored
axTLS: This will make the axTLS backend perform the RFC2818 checks, honoring the VERIFYHOST setting similar to the OpenSSL backend. Generic for OpenSSL and axTLS: Move the hostcheck and cert_hostcheck functions from the lib/ssluse.c files to make them genericly available for both the OpenSSL, axTLS and other SSL backends. They are now in the new lib/hostcheck.c file. CyaSSL: CyaSSL now also has the RFC2818 checks enabled by default. There is a limitation that the verifyhost can not be enabled exclusively on the Subject CN field comparison. This SSL backend will thus behave like the NSS and the GnuTLS (meaning: RFC2818 ok, or bust). In other words: setting verifyhost to 0 or 1 will disable the Subject Alt Names checks too. Schannel: Updated the schannel information messages: Split the IP address usage message from the verifyhost setting and changed the message about disabling SNI (Server Name Indication, used in HTTP virtual hosting) into a message stating that the Subject Alternative Names checks are being disabled when verifyhost is set to 0 or 1. As a side effect of switching off the RFC2818 related servername checks with SCH_CRED_NO_SERVERNAME_CHECK (http://msdn.microsoft.com/en-us/library/aa923430.aspx) the SNI feature is being disabled. This effect is not documented in MSDN, but Wireshark output clearly shows the effect (details on the libcurl maillist). PolarSSL: Fix the prototype change in PolarSSL of ssl_set_session() and the move of the peer_cert from the ssl_context to the ssl_session. Found this change in the PolarSSL SVN between r1316 and r1317 where the POLARSSL_VERSION_NUMBER was at 0x01010100. But to accommodate the Ubuntu PolarSSL version 1.1.4 the check is to discriminate between lower then PolarSSL version 1.2.0 and 1.2.0 and higher. Note: The PolarSSL SVN trunk jumped from version 1.1.1 to 1.2.0. Generic: All the SSL backends are fixed and checked to work with the ssl.verifyhost as a boolean, which is an internal API change.
-
Daniel Stenberg authored
Since we added the curl_multi_wait function, the VERSIONINFO needed updating. Reported by: Patrick Monnerat
-
Guenter Knauf authored
Requested by Johnny Luong on the libcurl list.
-
Guenter Knauf authored
-
Fabian Keil authored
-
Daniel Stenberg authored
The text "additional stuff not fine" text was added for debug purposes a while ago, but it isn't really helping anyone and for some reason some Linux distributions provide their libcurls built with debug info still present and thus (far too many) users get to read this info.
-
- Nov 07, 2012
-
-
Daniel Stenberg authored
6 new bugfixes and 3 more contributors...
-
Daniel Stenberg authored
The logic previously checked for a started NTLM negotiation only for host and not also with proxy, leading to problems doing POSTs over a proxy NTLM that are larger than 2000 bytes. Now it includes proxy in the check. Bug: http://curl.haxx.se/bug/view.cgi?id=3582321 Reported by: John Suprock
-