- Jun 05, 2014
-
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
Bug: http://curl.haxx.se/bug/view.cgi?id=1378 Reported and Patched-by: Marcel Raad
-
- Jun 04, 2014
-
-
Daniel Stenberg authored
-
- Jun 03, 2014
-
-
Daniel Stenberg authored
Bug: http://curl.haxx.se/mail/lib-2014-06/0003.html Reported-by: Дмитрий Фалько
-
Daniel Stenberg authored
The SASL/Digest previously used the current time's seconds + microseconds to add randomness but it is much better to instead get more data from Curl_rand(). It will also allow us to easier "fake" that for debug builds on demand in a future.
-
- Jun 02, 2014
-
-
Steve Holme authored
-
Daniel Stenberg authored
-
- Jun 01, 2014
-
-
Daniel Stenberg authored
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
Rather than use a short 8-byte hex string, extended the cnonce to be 32-bytes long, like Windows SSPI does. Used a combination of random data as well as the current date and time for the generation.
-
Steve Holme authored
-
- May 29, 2014
-
-
Dan Fandrich authored
gcc spit out warning: variable 'x' might be clobbered by 'longjmp' or 'vfork' messages for a few variables. These automatic variables were expected to be changed between a setjmp/longjmp and hold their values, so are now marked volatile.
-
- May 28, 2014
-
-
Steve Holme authored
-
Steve Holme authored
As with commit 11397eb6, use $(TargetDir) and $(TargetName) for the Import Library output rather than $(OutDir)\$(ProjectName)d.lib and $(OutDir)\$(ProjectName).lib.
-
Steve Holme authored
Like with the curl tool project files use $(TargetDir)$(TargetName).pdb rather than $(OutDir)$(ProjectName)d.pdb for the Program Database File output.
-
- May 27, 2014
-
-
Daniel Stenberg authored
It might not be the most useful combo, but...
-
Alessandro Ghedini authored
-
Brad Spencer authored
"Any two of the parameters, readfds, writefds, or exceptfds, can be given as null. At least one must be non-null, and any non-null descriptor set must contain at least one handle to a socket." http://msdn.microsoft.com/en-ca/library/windows/desktop/ms740141(v=vs.85).aspx When using select(), cURL doesn't adhere to this (WinSock-specific) rule, and can ask to monitor empty fd_sets, which leads to select() returning WSAEINVAL (i.e. EINVAL) and connections failing in mysterious ways as a result (at least when using the curl_multi_socket_action() interface). Bug: http://curl.haxx.se/mail/lib-2014-05/0278.html
-
- May 26, 2014
-
-
Daniel Stenberg authored
The previous #ifdef detection wasn't good enough. Bug: http://curl.haxx.se/mail/lib-2014-05/0260.html Reported-by: Chris Young
-
Daniel Stenberg authored
And clarify that age 3 means 7.16.1 or later.
-
- May 25, 2014
-
-
Fabian Frank authored
PolarSSL added ALPN support in their 1.3.6 release. See: https://polarssl.org/tech-updates/releases/polarssl-1.3.6-released
-
- May 24, 2014
-
-
Daniel Stenberg authored
Make sure that the URL is reset and cleared. Bug: http://curl.haxx.se/mail/lib-2014-05/0235.html Reported-by: Jonathan Cardoso Machado
-
Daniel Stenberg authored
-
- May 23, 2014
-
-
Daniel Stenberg authored
-
Tatsuhiro Tsujikawa authored
OpenSSL passes out and outlen variable uninitialized to select_next_proto_cb callback function. If the callback function returns SSL_TLSEXT_ERR_OK, the caller assumes the callback filled values in out and outlen and processes as such. Previously, if there is no overlap in protocol lists, curl code does not fill any values in these variables and returns SSL_TLSEXT_ERR_OK, which means we are triggering undefined behavior. valgrind warns this. This patch fixes this issue by fallback to HTTP/1.1 if there is no overlap.
-
Daniel Stenberg authored
-
- May 22, 2014
-
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
There is an implicit conversion from "unsigned long" to "long"
-
Steve Holme authored
-
Dan Fandrich authored
-
Steve Holme authored
Fixed a copy / paste error from my 2011 project files.
-
Nick Zitzmann authored
-
- May 21, 2014
-
-
Vilmos Nebehaj authored
Security Framework on OS X makes it possible to supply extra anchor (CA) certificates via the Certificate, Key, and Trust Services API. This commit makes the '--cacert' option work using this API. More information: https://developer.apple.com/library/mac/documentation/security/Reference/certifkeytrustservices/Reference/reference.html The HTTPS tests now pass on OS X except 314, which requires the '--crl' option to work.
-
Steve Holme authored
warning: suggest braces around empty body in an 'else' statement
-
Steve Holme authored
warning: implicit declaration of function 'connclose'
-
Daniel Stenberg authored
Make all code use connclose() and connkeep() when changing the "close state" for a connection. These two macros take a string argument with an explanation, and debug builds of curl will include that in the debug output. Helps tracking connection re-use/close issues.
-
Steve Holme authored
-