- Apr 01, 2012
-
-
Steve Holme authored
-
Armel Asselin authored
If an empty string is passed to CURLOPT_SSH_PUBLIC_KEYFILE, libcurl will pass no public key to libssh2 which then tries to compute it from the private key. This is known to work when libssh2 1.4.0+ is linked against OpenSSL.
-
Tatsuhiro Tsujikawa authored
This change replaces RFC 2818 based hostname check in OpenSSL build with RFC 6125 [1] based one. The hostname check in RFC 2818 is ambiguous and each project implements it in the their own way and they are slightly different. I check curl, gnutls, Firefox and Chrome and they are all different. I don't think there is a bug in current implementation of hostname check. But it is not as strict as the modern browsers do. Currently, curl allows multiple wildcard character '*' and it matches '.'. (as described in the comment in ssluse.c). Firefox implementation is also based on RFC 2818 but it only allows at most one wildcard character and it must be in the left-most label in the pattern and the wildcard must not be followed by any character in the label.[2] Chromium implementation is based on RFC 6125 as my patch does. Firefox and Chromium both require wildcard in the left-most label in the presented identifier. This patch is more strict than the current implementation, so there may be some cases where old curl works but new one does not. But at the same time I think it is good practice to follow the modern browsers do and follow the newer RFC. [1] http://tools.ietf.org/html/rfc6125#section-6.4.3 [2] https://bugzilla.mozilla.org/show_bug.cgi?id=159483
-
- Mar 31, 2012
-
-
Daniel Stenberg authored
With FOLLOWLOCATION enabled. When a 3xx page is downloaded and the download size was known (like with a Content-Length header), but the subsequent URL (transfered after the 3xx page) was chunked encoded, then the previous "known download size" would linger and cause the progress meter to get incorrect information, ie the former value would remain being sent in. This could easily result in downloads that were WAY larger than "expected" and would cause >100% outputs with the curl command line tool. Test case 599 was created and it was used to repeat the bug and then verify the fix. Bug: http://curl.haxx.se/bug/view.cgi?id=3510057 Reported by: Michael Wallner
-
Gökhan Şengün authored
-
Gökhan Şengün authored
Replaced the hard coded md5 digest length (16) with a preprocessor constant
-
Gökhan Şengün authored
It is now possible to calculate the md5 sum as the stream of buffers becomes known where as previously it was only possible to calculate the md5 sum of a pre-prepared buffer.
-
Daniel Stenberg authored
This reverts commit 9f0e1689. It turned out that "improvement" instead made the fetching of the certificates unreliable Bug: http://curl.haxx.se/mail/lib-2012-03/0238.html Reported by: Tim Heckman
-
Steve Holme authored
-
Steve Holme authored
This feature allows the user to specify and use additional POP3 commands such as UIDL and DELE via libcurl's CURLOPT_CUSTOMREQUEST or curl's -X command line option.
-
- Mar 30, 2012
-
-
- Mar 29, 2012
-
-
- Mar 28, 2012
-
-
Steve Holme authored
-
Yang Tse authored
Take in account that h_errno might be a modifiable lvalue not defined as a C preprocessor macro
-
- Mar 27, 2012
-
-
Steve Holme authored
-
Olaf Flebbe authored
curl segfault in debug callback triggered with CURLINFO_HEADER_OUT and size 0 bug: http://curl.haxx.se/bug/view.cgi?id=3511794
-
- Mar 26, 2012
-
-
Yang Tse authored
-
Steve Holme authored
-
- Mar 25, 2012
-
-
Yang Tse authored
-
Yang Tse authored
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
Simplified the code to remove the need for a separate "LIST <msg id>" command handler and state machine and instead use the LIST command handler for both operations.
-
- Mar 24, 2012
-
-
Steve Holme authored
Corrected character and line spacing and re-ordered list and retr functions based on the order of their state machines.
-
Steve Holme authored
Moved the server greeting response handling code from the statemach_act functions to separate response functions. This makes the code simpler to follow and provides consistency with the other responses that are handled here.
-
Steve Holme authored
Body data would be forwarded to the client application in both the RETR and LIST commands even if CURLOPT_NOBODY was specified.
-
- Mar 23, 2012
-
-
Rodrigo Silva (MestreLion) authored
Original wording could lead users in thinking it tries to somehow parse the filename for a date expression (like news_2012_03_05.html). It never mentions that it actually reads the mtime of the file in filesystem.
-
Yang Tse authored
-
Yang Tse authored
-
Yang Tse authored
-
- Mar 22, 2012
-
-
Benjamin Johnson authored
This allows building of libcurl on DOS using DJGPP 2.04 and Watt-32 sockets. I know there's already Makefile.djgpp, but I find this more convenient since I'm used to using the ./configure script from other platforms
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Yang Tse authored
-
Yang Tse authored
-
Yang Tse authored
-
Andrei Cipu authored
The commit e650dbde that stripped off [brackets] from ipv6-only host headers for the sake of cookie parsing wrongly incremented the host pointer which would cause a bad free() call later on.
-
Yang Tse authored
-
Yang Tse authored
-
Yang Tse authored
-