- Oct 30, 2013
-
-
Daniel Stenberg authored
The code rejected 0 as a valid timeout while in fact the function could indeed legitimately return that and it should be respected. Reported-by: Bjorn Stenberg
-
Steve Holme authored
-
Steve Holme authored
Updated following the recent changes to support graceful failures during the authentication phrase.
-
Steve Holme authored
-
Kamil Dudka authored
-
Patrick Monnerat authored
-
Daniel Stenberg authored
and updated copyright year
-
Steve Holme authored
A base64 string should be a multiple of 4 characters in length, not contain any more than 2 padding characters and only contain padding characters at the end of string. For example: Y3VybA== Strings such as the following are considered invalid: Y= - Invalid length Y== - Invalid length Y=== - More than two padding characters Y=x= - Padding character contained within string
-
- Oct 29, 2013
-
-
Daniel Stenberg authored
-
Björn Stenberg authored
This patch fixes a bug in Happy Eyeballs where curl would wait for a connect response from socket1 before checking socket2. Also, it updates error messages for failed connections, showing the ip addresses that failed rather than just the host name repeatedly. Bug: http://curl.haxx.se/mail/lib-2013-10/0236.html Reported-by: Paul Marks
-
- Oct 28, 2013
-
-
Steve Holme authored
-
Daniel Stenberg authored
Describes our security process from a project and curl developer's perspective.
-
Patrick Monnerat authored
-
- Oct 27, 2013
-
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
-
Gisle Vanem authored
"Dan Fandrich" <dan@coneharvesters.com> wrote: >> But I'm not sure <unistd.h> is needed at all. > > It's needed for close(2). But the only reason that's needed is because fstat > is used instead of stat(2); if you fix that, then you could remove that > include altogether. Okay. I've tested the following with MSVC and MingW. htttput.c now simply uses stat():
-
Steve Holme authored
-
Björn Stenberg authored
-
Daniel Stenberg authored
... as it was just merged in commit 7d7df
-
Björn Stenberg authored
This patch invokes two socket connect()s nearly simultaneously, and the socket that is first connected "wins" and is subsequently used for the connection. The other is terminated. There is a very slight IPv4 preference, in that if both sockets connect simultaneously IPv4 is checked first and thus will win.
-
Steve Holme authored
Should a client application fail to decode an authentication message received from a server, or not support any of the parameters given by the server in the message, then the authentication phrase should be cancelled gracefully by the client rather than simply terminating the connection. The authentication phrase should be cancelled by simply sending a '*' to the server, in response to erroneous data being received, as per RFC-3501, RFC-4954 and RFC-5034. This patch adds the necessary state machine constants and appropriate response handlers in order to add this functionality for the CRAM-MD5, DIGEST-MD5 and NTLM authentication mechanisms.
-
Steve Holme authored
...in preparation for upcoming modifications.
-
- Oct 26, 2013
-
-
Steve Holme authored
warning: 'result' may be used uninitialized in this function
-
Daniel Stenberg authored
This is a regression since the switch to always-multi internally c4312741. Test 1316 was modified since we now clearly call the Curl_client_write() function when doing the LIST transfer part and then the handler->protocol says FTP and ftpc.transfertype is 'A' which implies text converting even though that the response is initially a HTTP CONNECT response in this case.
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
Corrected line endings, RFC references and standardised on user names and passwords used in the tests.
-
Steve Holme authored
...as XOAUTH2 is the extended (or non-standard) SASL identifier and OAuth 2 is the protocol name (and version).
-
Steve Holme authored
This workaround had been previously been implemented for IMAP and POP3 but not SMTP. Some of the recent test case additions implemented this behaviour to emulate a bad server and the SMTP code didn't cope with it.
-
- Oct 25, 2013
-
-
Steve Holme authored
Corrected 80 character line length error and pointer declarations (some of which were previously incorrect)
-
Steve Holme authored
As the URI, which is contained within the DIGEST-MD5 response, is constructed from the service and realm, the encoded message differs from that generated under POP3.
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
-
Patrick Monnerat authored
IFS compilation support, SSL GSKit backend by default, TLSv1.[12] support in GSKit for OS400 >= V7R1, no more tabs in make scripts.
-