- Aug 08, 2014
-
-
Steve Holme authored
warning: `orig_opt' might be used uninitialized in this function
-
Steve Holme authored
-
Daniel Stenberg authored
-
Steve Holme authored
Given the SSPI package info query indicates a token size of 2888 bytes, and as with the Winbind code and commit 9008f3d5, use a dynamic buffer for the Type-1 and Type-3 message generation rather than a fixed buffer of 1024 bytes.
-
- Aug 07, 2014
-
-
Steve Holme authored
Just as with the SSPI implementations of Digest and Negotiate added a package info query so that libcurl can a) return a more appropriate error code when the NTLM package is not supported and b) it can be of use later to allocate a dynamic buffer for the Type-1 and Type-3 output tokens rather than use a fixed buffer of 1024 bytes.
-
Daniel Stenberg authored
-
Tatsuhiro Tsujikawa authored
-
Tatsuhiro Tsujikawa authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
OPENSSL_config() is "strongly recommended" to use but unfortunately that function makes an exit() call on wrongly formatted config files which makes it hard to use in some situations. OPENSSL_config() itself calls CONF_modules_load_file() and we use that instead and we ignore its return code! Reported-by: Jan Ehrhardt Bug: http://curl.haxx.se/bug/view.cgi?id=1401
-
Fabian Keil authored
Test case numbers with four digits have been available for a while now.
-
Steve Holme authored
-
- Aug 06, 2014
-
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
Bug: http://curl.haxx.se/mail/lib-2014-06/0224.html Reported-by: Leonardo Rosati
-
Steve Holme authored
If the server rejects our authentication attempt and curl hasn't called CompleteAuthToken() then the status variable will be SEC_I_CONTINUE_NEEDED and not SEC_E_OK. As such the existing detection mechanism for determining whether or not the authentication process has finished is not sufficient. However, the WWW-Authenticate: Negotiate header line will not contain any data when the server has exhausted the negotiation, so we can use that coupled with the already allocated context pointer.
-
- Aug 05, 2014
-
-
Daniel Stenberg authored
-
Dan Fandrich authored
-
Toby Peterson authored
The GetDarwinVersionNumber() function uses strtok, which is not thread-safe.
-
- Aug 04, 2014
-
-
Daniel Stenberg authored
This seems to be the way it should work. Right now we can't build with BoringSSL and try this out properly due to a minor API breakage.
-
Daniel Stenberg authored
LibreSSL is otherwise OpenSSL API compliant (so far)
-
- Aug 03, 2014
-
-
Tatsuhiro Tsujikawa authored
To prevent infinite loop in readwrite_data() function when stream is reset before any response body comes, reset closed flag to false once it is evaluated to true.
-
Dan Fandrich authored
-
Dan Fandrich authored
-
- Aug 02, 2014
-
-
Tatsuhiro Tsujikawa authored
"Expect: 100-continue", which was once deprecated in HTTP/2, is now resurrected in HTTP/2 draft 14. This change adds its support to HTTP/2 code. This change also includes stricter header field checking.
-
Daniel Stenberg authored
-
- Aug 01, 2014
-
-
Daniel Stenberg authored
-
- Jul 31, 2014
-
-
Daniel Stenberg authored
Previously it only returned a CURLcode for errors, which is when it returns a different size than what was passed in to it. The http2 code only checked the curlcode and thus failed.
-
Daniel Stenberg authored
-
Michael Wallner authored
-
Marcel Raad authored
This function is available for every Windows version since Windows 95/NT. reference: http://msdn.microsoft.com/en-us/library/windows/desktop/aa379942.aspx
-
Daniel Stenberg authored
... and has been so since 2005
-
Daniel Stenberg authored
Each backend now defines CURL_SSL_BACKEND accordingly. Added the *AXTLS one which was missing previously.
-
- Jul 30, 2014
-
-
Dan Fandrich authored
-
Dan Fandrich authored
It's an enum so a macro test won't work. The CyaSSL changelog doesn't say exactly when this error code was introduced, but it's likely to be 2.7.0.
-
Dan Fandrich authored
-
Dan Fandrich authored
-
Dan Fandrich authored
Under these circumstances, the connection hasn't been fully established and smtp_connect hasn't been called, yet smtp_done still calls the state machine which dereferences the NULL conn pointer in struct pingpong.
-
Daniel Stenberg authored
... by defining Curl_ssl_random() properly
-
Daniel Stenberg authored
This now provides a weak random function since PolarSSL doesn't have a quick and easy way to provide a good one. It does however provide the framework to make one so it _can_ and _should_ be done...
-