- Apr 05, 2016
-
-
Steve Holme authored
Reported-by: Michael Osipov
-
Jay Satiro authored
Bug: https://github.com/curl/curl/issues/536 Reported-by: <eXeC64@users.noreply.github.com>
-
Daniel Stenberg authored
Due to their age (we don't fully know if they actually remain) and lack of detail - very few people will bother to find out what they're about or work on them. If people truly still suffer from any of these, I assume they will be reported again and then we'll deal with them. 72. "Pausing pipeline problems." https://curl.haxx.se/mail/lib-2009-07/0214.html 70. Problem re-using easy handle after call to curl_multi_remove_handle https://curl.haxx.se/mail/lib-2009-07/0249.html 68. "More questions about ares behavior". https://curl.haxx.se/mail/lib-2009-08/0012.html
-
Daniel Stenberg authored
-
Daniel Stenberg authored
It turns out the google GFE HTTP/2 servers send a PING frame immediately after a stream ends and its last DATA has been received by curl. So if we don't drain that from the socket, it makes the socket readable in subsequent checks and libcurl then (wrongly) assumes the connection is dead when trying to reuse the connection. Reported-by: Joonas Kuorilehto Discussed in #750
-
Daniel Stenberg authored
-
- Apr 04, 2016
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
- Apr 03, 2016
-
-
Daniel Stenberg authored
-
Steve Holme authored
-
Daniel Stenberg authored
... now works correctly when invoke from the root makefile
-
Daniel Stenberg authored
-
Steve Holme authored
Following the recent changes to the source in the tests directory, re-enabled tests for the default scan.
-
Steve Holme authored
In addition to commit 83b174b3 and following the recent changes.
-
Steve Holme authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
... to please the new, slightly picker, checksrc.pl
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
Although this should never happen due to the relationship between the 'mech' and 'resp' variables, and the way they are allocated together, it does cause problems for code analysis tools: V595 The 'mech' pointer was utilized before it was verified against nullptr. Check lines: 376, 381. curl_sasl.c 376 Bug: https://github.com/curl/curl/issues/745 Reported-by: Alexis La Goutte
-
Steve Holme authored
* Prefer dereference of string pointer rather than strlen() * Free challenge pointer in one place * Additional comments
-
Steve Holme authored
* Prefer dereference of string pointer rather than strlen() * Free challenge pointer in one place * Additional comments
-
Steve Holme authored
This wouldn't cause a problem because of the way the function is called, but prior to this change, we were processing the challenge message when the credentials were NULL rather than when the challenge message was populated. This also brings this part of the Kerberos 5 code in line with the Negotiate code.
-
Steve Holme authored
Although mutual authentication is currently turned off and can only be enabled by changing libcurl source code, authentication using Kerberos 5 has been broken since commit 79543caf in this use case.
-
Steve Holme authored
This wouldn't cause a problem because of the way the function is called, but prior to this change, we were processing the challenge message when the credentials were NULL rather than when the challenge message was populated. This also brings this part of the Kerberos 5 code in line with the Negotiate code.
-
Steve Holme authored
Prior to this change, we were generating the output token when the credentials were NULL rather than when the output token was NULL. This also brings this part of the Kerberos 5 code in line with the Negotiate code.
-
Steve Holme authored
Prior to this change, we were generating the SPN in the SSPI code when the credentials were NULL and in the GSS-API code when the context was empty. It is better to decouple the SPN generation from these checks and only generate it when the SPN itself is NULL. This also brings this part of the Kerberos 5 code in line with the Negotiate code.
-