- Jun 16, 2014
-
-
Daniel Stenberg authored
Suggestions-by: Jeff Pohlmeyer
-
Daniel Stenberg authored
-
Daniel Stenberg authored
Inludes all the sections to consider.
-
Daniel Stenberg authored
-
MAN-AT-ARMS authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
- Jun 15, 2014
-
-
Dan Fandrich authored
This caused segfaults on tests 823 869 907.
-
Dan Fandrich authored
-
Dan Fandrich authored
-
- Jun 13, 2014
-
-
Daniel Stenberg authored
-
Lindley French authored
The static connection counter caused a race condition. Moving the connection id counter into conncache solves it, as well as simplifying the related logic.
-
- Jun 12, 2014
-
-
Daniel Stenberg authored
This regression was introduced when *init was split into *init and *setup...
-
- Jun 11, 2014
-
-
Steve Holme authored
-
Daniel Stenberg authored
They were added because of an older code path that used allocations and should not have been left in the code. With this change the logic goes back to how it was.
-
Daniel Stenberg authored
Curl_rand() will return a dummy and repatable random value for this case. Makes it possible to write test cases that verify output. Also, fake timestamp with CURL_FORCETIME set. Only when built debug enabled of course. Curl_ssl_random() was not used anymore so it has been removed. Curl_rand() is enough. create_digest_md5_message: generate base64 instead of hex string curl_sasl: also fix memory leaks in some OOM situations
-
Steve Holme authored
Added required "debug" feature, missed in commit 1c9aaa0b, as NTLMv2 calls Curl_rand() which can only be fixed to a specific entropy in debug builds.
-
Steve Holme authored
-
- Jun 10, 2014
-
-
Marcel Raad authored
httpproxycode is not reset in Curl_initinfo, so a 407 is not reset even if curl_easy_reset is called between transfers. Bug: http://curl.haxx.se/bug/view.cgi?id=1380
-
- Jun 09, 2014
-
-
Alessandro Ghedini authored
The method change is forbidden by the obsolete RFC2616, but libcurl did it anyway for compatibility reasons. The new RFC7231 allows this behaviour so there's no need for the scary "Violate RFC 2616/10.3.x" notice. Also update the comments accordingly.
-
- Jun 06, 2014
-
-
Steve Holme authored
Regression of commit d39bbcfa when compiling against OpenSSL.
-
- Jun 05, 2014
-
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
Bug: http://curl.haxx.se/bug/view.cgi?id=1378 Reported and Patched-by: Marcel Raad
-
- Jun 04, 2014
-
-
Daniel Stenberg authored
-
- Jun 03, 2014
-
-
Daniel Stenberg authored
Bug: http://curl.haxx.se/mail/lib-2014-06/0003.html Reported-by: Дмитрий Фалько
-
Daniel Stenberg authored
The SASL/Digest previously used the current time's seconds + microseconds to add randomness but it is much better to instead get more data from Curl_rand(). It will also allow us to easier "fake" that for debug builds on demand in a future.
-
- Jun 02, 2014
-
-
Steve Holme authored
-
Daniel Stenberg authored
-
- Jun 01, 2014
-
-
Daniel Stenberg authored
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
Rather than use a short 8-byte hex string, extended the cnonce to be 32-bytes long, like Windows SSPI does. Used a combination of random data as well as the current date and time for the generation.
-
Steve Holme authored
-
- May 29, 2014
-
-
Dan Fandrich authored
gcc spit out warning: variable 'x' might be clobbered by 'longjmp' or 'vfork' messages for a few variables. These automatic variables were expected to be changed between a setjmp/longjmp and hold their values, so are now marked volatile.
-