- Apr 12, 2013
-
-
Daniel Stenberg authored
Accessing a file with an absolute path in the root dir but with no directory specified was not handled correctly. This fix comes with four new test cases that verify it. Bug: http://curl.haxx.se/mail/lib-2013-04/0142.html Reported by: Sam Deane
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
-
Nick Zitzmann authored
This ought to speed up additional TLS handshakes, at least in theory.
-
Steve Holme authored
-
Steve Holme authored
Moved imap_is_bchar() be with the other utility based functions.
-
Steve Holme authored
Moved imap_parse_url_path() and imap_parse_custom_request() to the end of the file allowing all utility functions to be grouped together.
-
Steve Holme authored
Moved imap_atom() and imap_sendf() to the end of the file allowing all utility functions to be grouped together.
-
Steve Holme authored
-
Kamil Dudka authored
... in case runtests.pl is invoked with non-default -b option Fixes a regression caused by 1e29d275.
-
David Strauss authored
Update sharing interface documentation to provide exhaustive list of what it does and does not share.
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
- Apr 11, 2013
-
-
Daniel Stenberg authored
Most notable the security advisory: http://curl.haxx.se/docs/adv_20130412.html
-
Daniel Stenberg authored
... and make 1216 also verify it with a file input These tests verify commit 3604fde3d3c9b0d, the fix for the "cookie domain tailmatch" vulnerability. See http://curl.haxx.se/docs/adv_20130412.html
-
Yamada Yasuharu authored
Cookies set for 'example.com' could accidentaly also be sent by libcurl to the 'bexample.com' (ie with a prefix to the first domain name). This is a security vulnerabilty, CVE-2013-1944. Bug: http://curl.haxx.se/docs/adv_20130412.html
-
Guenter Knauf authored
-
- Apr 10, 2013
-
-
Yang Tse authored
-
- Apr 09, 2013
-
-
Guenter Knauf authored
The previously applied patch didnt work on Windows; we cant rely on shell commands like 'echo' since they act diffently on each platform and each shell. In order to keep this script platform-independent the code must only use pure Perl.
-
Daniel Stenberg authored
Test 1217 verifies commit e0fb2d86, and without that change this test fails.
-
Bill Middlecamp authored
When doing PWD, there's a 257 response which apparently some servers prefix with a comment before the path instead of after it as is otherwise the norm. Failing to parse this, several otherwise legitimate use cases break. Bug: http://curl.haxx.se/mail/lib-2013-04/0113.html
-
Guenter Knauf authored
-
Guenter Knauf authored
The OpenSSL pipe wrote to the final CA bundle file, but the encoded PEM output wrote to a temporary file. Consequently, the OpenSSL output was lost when the temp file was renamed to the final file at script finish (overwriting the final file written earlier by openssl). Patch posted to the list by Richard Michael (rmichael edgeofthenet org).
-
Daniel Stenberg authored
This test is an attempt to repeat the problem YAMADA Yasuharu reported at http://curl.haxx.se/mail/lib-2013-04/0108.html
-
Daniel Stenberg authored
added "tcpkeepalive on Mac OS X"
-
- Apr 08, 2013
-
-
Nick Zitzmann authored
I noticed that aria2's SecureTransport code disables insecure ciphers such as NULL, anonymous, IDEA, and weak-key ciphers used by SSLv3 and later. That's a good idea, and now we do the same thing in order to prevent curl from accessing a "secure" site that only negotiates insecure ciphersuites.
-
Robert Wruck authored
MacOS X doesn't have TCP_KEEPIDLE/TCP_KEEPINTVL but only a single TCP_KEEPALIVE (see http://developer.apple.com/library/mac/#DOCUMENTATION/Darwin/Reference/ManPages/man4/tcp.4.html). Here is a patch for CURLOPT_TCP_KEEPIDLE on OSX platforms.
-
Daniel Stenberg authored
1 - We don't use the results from the test and we never did. recvfrom() is only used by the TFTP code and it has not caused any problems. 2 - the CURL_CHECK_FUNC_RECVFROM function is extremely slow
-
Steve Holme authored
-
Steve Holme authored
-
Fabian Keil authored
Previously it only compared credentials if the requested needle connection wasn't using a proxy. This caused NTLM authentication failures when using proxies as the authentication code wasn't send on the connection where the challenge arrived. Added test 1215 to verify: NTLM server authentication through a proxy (This is a modified copy of test 67)
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
- Apr 07, 2013
-
-
Marc Hoersken authored
-
Marc Hoersken authored
Since qsort implementations vary with regards to handling the order of similiar elements, this change makes the internal sort function more deterministic by comparing path length first, then domain length and finally the cookie name. Spotted with testcase 62 on Windows.
-
Marc Hoersken authored
-
- Apr 06, 2013
-
-
Marc Hoersken authored
This reverts commit e51b23c9. As discussed on the mailinglist, this was not the correct approach.
-
Marc Hoersken authored
-