- Mar 12, 2009
-
-
Yang Tse authored
-
- Mar 11, 2009
-
-
Daniel Stenberg authored
catch them all. The memory debug stuff is not in the public API anyway.
-
Daniel Stenberg authored
other libcurl function.
-
Daniel Stenberg authored
-
Yang Tse authored
-
Yang Tse authored
-
Yang Tse authored
-
- Mar 10, 2009
-
-
Daniel Stenberg authored
shipped in release archives but is only in CVS)
-
- Mar 09, 2009
-
-
Daniel Stenberg authored
curl_easy_duphandle did not necessarily duplicate the CURLOPT_COOKIEFILE option. It only enabled the cookie engine in the destination handle if data->cookies is not NULL (where data is the source handle). In case of a newly initialized handle which just had the cookie support enabled by a curl_easy_setopt(handle, CURL_COOKIEFILE, "")-call, handle->cookies was still NULL because the setopt-call only appends the value to data->change.cookielist, hence duplicating this handle would not have the cookie engine switched on. We also concluded that the slist-functionality would be suitable for being put in its own module rather than simply hanging out in lib/sendf.c so I created lib/slist.[ch] for them.
-
Daniel Stenberg authored
scripts to make it detect a bad checkout earlier. People with older checkouts who don't do cvs update with the -d option won't get the new dirs and then will get funny outputs that can be a bit hard to understand and fix.
-
Dan Fandrich authored
-
- Mar 08, 2009
-
-
Daniel Stenberg authored
allocation of the memory BIO was not being properly checked.
-
Daniel Stenberg authored
in the gnutls code where we were checking for negative values for errors, when the man pages state that GNUTLS_E_SUCCESS is returned on success and other values indicate error conditions.
-
Daniel Stenberg authored
-
http://curl.haxx.se/bug/view.cgi?id=2671602Daniel Stenberg authored
curl didn't use sprintf() in a way that is documented to work in POSIX but since we use our own printf() code (from libcurl) that shouldn't be a problem. Nonetheless I modified the code to not rely on such particular features and to not cause further raised eyebrowse with no good reason.
-
- Mar 05, 2009
-
-
Dan Fandrich authored
more issues for authors to consider when writing robust libcurl-using applications.
-
Yang Tse authored
-
- Mar 04, 2009
-
-
Dan Fandrich authored
by Daniel Johnson.
-
- Mar 03, 2009
-
-
Daniel Stenberg authored
on curl-users, it is also added to DISABLED since I don't have time to work on it further right now.
-
Daniel Stenberg authored
whenever you attempt to open a new connection.
-
Daniel Stenberg authored
-
Daniel Stenberg authored
binary it also removes the include/curl subdir!
-
Patrick Monnerat authored
Options CURLOPT_REDIR_PROTOCOLS and CURLOPT_PROTOCOLS, and associated definitions added to RPG binding
-
- Mar 02, 2009
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
(http://curl.haxx.se/docs/adv_20090303.html also known as CVE-2009-0037) in which previous libcurl versions (by design) can be tricked to access an arbitrary local/different file instead of a remote one when CURLOPT_FOLLOWLOCATION is enabled. This flaw is now fixed in this release together this the addition of two new setopt options for controlling this new behavior: o CURLOPT_REDIR_PROTOCOLS controls what protocols libcurl is allowed to follow to when CURLOPT_FOLLOWLOCATION is enabled. By default, this option excludes the FILE and SCP protocols and thus you nee to explicitly allow them in your app if you really want that behavior. o CURLOPT_PROTOCOLS controls what protocol(s) libcurl is allowed to fetch using the primary URL option. This is useful if you want to allow a user or other outsiders control what URL to pass to libcurl and yet not allow all protocols libcurl may have been built to support.
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
- Mar 01, 2009
-
-
Daniel Stenberg authored
too close to release now
-
- Feb 28, 2009
- Feb 27, 2009
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
218 - Senthil Raja Velu's "CURLOPT_LOCALPORT option broken", patch by Markus Koetter Both are now committed
-
Daniel Stenberg authored
CURLOPT_LOCALPORT were used together (the local port bind failed), and Markus Koetter provided the fix!
-
Daniel Stenberg authored
-
- Feb 25, 2009
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
curl_global_init() function to properly maintain the performing functions thread-safe. We've previously (28 April 2007) moved the init to a later time just to avoid it to fail very early when libgcrypt dislikes the situation, but that move was bad and the fix should rather be in libgcrypt or elsewhere.
-
- Feb 24, 2009
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
without involving CVS: diff -X diff-exclude -ru curl-old curl-patched
-
Daniel Stenberg authored
It happened because the code used the struct for server-based auth all the time for both proxy and server auth which of course was wrong.
-
- Feb 23, 2009
-
-
Daniel Stenberg authored
-