- Aug 11, 2010
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
- Aug 10, 2010
-
-
Daniel Stenberg authored
-
- Aug 06, 2010
-
-
Daniel Stenberg authored
-
- Aug 02, 2010
-
-
Daniel Stenberg authored
-
- Jul 14, 2010
-
-
Daniel Stenberg authored
When getting multiple URLs, curl didn't properly reset the byte counter after a successful transfer so if the subsequent transfer failed it would wrongly use the previous byte counter and behave badly (segfault) because of that. The code assumes that the byte counter and the 'stream' pointer is well in synch. Reported by: Jon Sargeant Bug: http://curl.haxx.se/bug/view.cgi?id=3028241
-
- Jul 13, 2010
-
-
Daniel Stenberg authored
-
- Jun 30, 2010
-
-
Kamil Dudka authored
When configured with '--without-ssl --with-nss', NTLM authentication now uses NSS crypto library for MD5 and DES. For MD4 we have a local implementation in that case. More details are available at https://bugzilla.redhat.com/603783 In order to get it working, curl_global_init() must be called with CURL_GLOBAL_SSL or CURL_GLOBAL_ALL. That's necessary because NSS needs to be initialized globally and we do so only when the NSS library is actually required by protocol. The mentioned call of curl_global_init() is responsible for creating of the initialization mutex. There was also slightly changed the NSS initialization scenario, in particular, loading of the NSS PEM module. It used to be loaded always right after the NSS library was initialized. Now the library is initialized as soon as any SSL or NTLM is required, while the PEM module is prevented from being loaded until the SSL is actually required.
-
- Jun 28, 2010
-
-
Daniel Stenberg authored
curl didn't properly handle escaping characters in a URL with the use of backslash. It did an attempt, but that failed as reported in bug 3022551. The described example was using the URL "http://example.com?{AB,C\,D}". I've now removed the special-handling of letters following the backslash and I also removed the bad extra check that triggered this particular bug. Bug: http://curl.haxx.se/bug/view.cgi?id=3022551 Reported by: Jon Sargeant
-
Daniel Stenberg authored
-
- Jun 16, 2010
-
-
Daniel Stenberg authored
-
- Jun 05, 2010
-
-
Constantine Sapuntzakis authored
Was seeing spurious SSL connection aborts using libcurl and OpenSSL. I tracked it down to uncleared error state on the OpenSSL error stack - patch attached deals with that. Rough idea of problem: Code that uses libcurl calls some library that uses OpenSSL but don't clear the OpenSSL error stack after an error. ssluse.c calls SSL_read which eventually gets an EWOULDBLOCK from the OS. Returns -1 to indicate an error ssluse.c calls SSL_get_error. First thing, SSL_get_error calls ERR_get_error to check the OpenSSL error stack, finds an old error and returns SSL_ERROR_SSL instead of SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE. ssluse.c returns an error and aborts the connection Solution: Clear the openssl error stack before calling SSL_* operation if we're going to call SSL_get_error afterwards. Notes: This is much more likely to happen with multi because it's easier to intersperse other calls to the OpenSSL library in the same thread.
-
- Jun 04, 2010
-
-
Frank Meier authored
-
Daniel Stenberg authored
-
Yang Tse authored
Enable OpenLDAP support for cygwin builds. This support was disabled back in 2008 due to incompatibilities between OpenSSL and OpenLDAP headers. cygwin's OpenSSL 0.9.8l and OpenLDAP 2.3.43 versions on cygwin 1.5.25 allow building an OpenLDAP enabled libcurl supporting back to Windows 95. Remove non-functional CURL_LDAP_HYBRID code and references.
-
- Jun 02, 2010
-
-
Daniel Stenberg authored
Jason McDonald posted bug report #3006786 when he found that the SFTP code didn't timeout properly in several places in the code even if a timeout was set properly. Based on his suggested patch, I wrote a different implementation that I think addressed the issue better and also uses the connect timeout for the initial part of the SSH/SFTP done during the "protocol connect" phase. (http://curl.haxx.se/bug/view.cgi?id=3006786)
-
- Jun 01, 2010
-
-
Daniel Stenberg authored
Igor Novoseltsev reported a problem with the multi socket API and using timeouts and timers. It boiled down to a problem with libcurl's use of GetTickCount() interally to figure out the current time, while Igor's own application code used another function call. It made his app call the socket API timeout function a bit _before_ libcurl would consider the timeout to trigger, and that could easily lead to timeouts or stalls in the app. It seems GetTickCount() in general often has no better resolution than 16ms and switching to the alternative function QueryPerformanceCounter has its share of problems: http://www.virtualdub.org/blog/pivot/entry.php?id=106 We address this problem by simply having libcurl treat timers that already has occured or will occur within 40ms subject for treatment. I'm confident that there are other implementations and operating systems with similarly in accurate timer functions so it makes sense to have applied generically and I don't believe we sacrifice much by adding a 40ms inaccuracy on these timeouts.
-
- May 24, 2010
-
-
Howard Chu authored
makes the LDAP code much cleaner, nicer and in general being a better libcurl citizen. If a new enough OpenLDAP version is detect, the new and shiny lib/openldap.c code is then used instead of the old cruft Code by Howard, minor cleanups by Daniel.
-
- May 21, 2010
-
-
Daniel Stenberg authored
In a normal expression, doing [unsigned short] + 1 will not wrap at 16 bits so the comparisons and outputs were done wrong. I added a macro do make sure it gets done right. Douglas Kilpatrick filed bug report #3004787 about it: http://curl.haxx.se/bug/view.cgi?id=3004787
-
- May 19, 2010
-
-
Tor Arntsen authored
-
- May 18, 2010
-
-
Daniel Stenberg authored
Eric Mertens posted bug report #3003005 pointing out that the libcurl TFTP code was not sending the timeout option properly to the server, and suggested a fix. (http://curl.haxx.se/bug/view.cgi?id=3003005)
-
- May 16, 2010
-
-
Kamil Dudka authored
-
- May 14, 2010
-
-
Daniel Stenberg authored
John-Mark Bell filed bug #3000052 that identified a problem (with an associated patch) with the OpenSSL handshake state machine when the multi interface is used: Performing an https request using a curl multi handle and using select or epoll to wait for events results in a hang. It appears that the cause is the fix for bug #2958179, which makes ossl_connect_common unconditionally return from the step 2 loop when fetching from a multi handle. When ossl_connect_step2 has completed, it updates connssl->connecting_state to ssl_connect_3. ossl_connect_common will then return to the caller, as a multi handle is in use. Eventually, the client code will call curl_multi_fdset to obtain an updated fdset to select or epoll on. For https requests, curl_multi_fdset will cause https_getsock to be called. https_getsock will only return a socket handle if the connecting_state is ssl_connect_2_reading or ssl_connect_2_writing. Therefore, the client will never obtain a valid fdset, and thus not drive the multi handle, resulting in a hang. (http://curl.haxx.se/bug/view.cgi?id=3000052)
-
Daniel Stenberg authored
Sebastian V reported bug #3000056 identifying a problem with redirect following. It showed that when curl followed redirects it didn't properly ignore the response body of the 30X response if that response was using compressed Content-Encoding! (http://curl.haxx.se/bug/view.cgi?id=3000056)
-
- May 12, 2010
-
-
Daniel Stenberg authored
-
- May 11, 2010
-
-
Kamil Dudka authored
-
- May 07, 2010
-
-
Daniel Stenberg authored
Dirk Manske reported a regression. When connecting with the multi interface, there were situations where libcurl wouldn't store connect time correctly as it used to (and is documented to) do. Using his fine sample program we could repeat it, and I wrote up test case 573 using that code. The problem does not easily show itself using the local test suite though. The fix, also as suggested by Dirk, is a bit on the ugly side as it adds yet another call to Curl_verboseconnect() and setting the TIMER_CONNECT time. That situation is subject for some closer inspection in the future.
-
Daniel Stenberg authored
-
- May 05, 2010
-
-
Daniel Stenberg authored
-
- Apr 29, 2010
-
-
Daniel Stenberg authored
-
- Apr 25, 2010
-
-
Daniel Stenberg authored
-
- Apr 24, 2010
-
-
Kamil Dudka authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
- Apr 21, 2010
-
-
Daniel Stenberg authored
The -O option caused curl to crash on windows and DOS due to the tool writing out of boundary memory.
-
- Apr 20, 2010
-
-
Ruslan Gazizov authored
-
- Apr 19, 2010
-
-
Daniel Stenberg authored
-
- Apr 16, 2010
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
- Apr 15, 2010
-
-
Daniel Stenberg authored
-