- Aug 06, 2014
-
-
Steve Holme authored
If the server rejects our authentication attempt and curl hasn't called CompleteAuthToken() then the status variable will be SEC_I_CONTINUE_NEEDED and not SEC_E_OK. As such the existing detection mechanism for determining whether or not the authentication process has finished is not sufficient. However, the WWW-Authenticate: Negotiate header line will not contain any data when the server has exhausted the negotiation, so we can use that coupled with the already allocated context pointer.
-
- Aug 05, 2014
-
-
Daniel Stenberg authored
-
Dan Fandrich authored
-
Toby Peterson authored
The GetDarwinVersionNumber() function uses strtok, which is not thread-safe.
-
- Aug 04, 2014
-
-
Daniel Stenberg authored
This seems to be the way it should work. Right now we can't build with BoringSSL and try this out properly due to a minor API breakage.
-
Daniel Stenberg authored
LibreSSL is otherwise OpenSSL API compliant (so far)
-
- Aug 03, 2014
-
-
Tatsuhiro Tsujikawa authored
To prevent infinite loop in readwrite_data() function when stream is reset before any response body comes, reset closed flag to false once it is evaluated to true.
-
Dan Fandrich authored
-
Dan Fandrich authored
-
- Aug 02, 2014
-
-
Tatsuhiro Tsujikawa authored
"Expect: 100-continue", which was once deprecated in HTTP/2, is now resurrected in HTTP/2 draft 14. This change adds its support to HTTP/2 code. This change also includes stricter header field checking.
-
Daniel Stenberg authored
-
- Aug 01, 2014
-
-
Daniel Stenberg authored
-
- Jul 31, 2014
-
-
Daniel Stenberg authored
Previously it only returned a CURLcode for errors, which is when it returns a different size than what was passed in to it. The http2 code only checked the curlcode and thus failed.
-
Daniel Stenberg authored
-
Michael Wallner authored
-
Marcel Raad authored
This function is available for every Windows version since Windows 95/NT. reference: http://msdn.microsoft.com/en-us/library/windows/desktop/aa379942.aspx
-
Daniel Stenberg authored
... and has been so since 2005
-
Daniel Stenberg authored
Each backend now defines CURL_SSL_BACKEND accordingly. Added the *AXTLS one which was missing previously.
-
- Jul 30, 2014
-
-
Dan Fandrich authored
-
Dan Fandrich authored
It's an enum so a macro test won't work. The CyaSSL changelog doesn't say exactly when this error code was introduced, but it's likely to be 2.7.0.
-
Dan Fandrich authored
-
Dan Fandrich authored
-
Dan Fandrich authored
Under these circumstances, the connection hasn't been fully established and smtp_connect hasn't been called, yet smtp_done still calls the state machine which dereferences the NULL conn pointer in struct pingpong.
-
Daniel Stenberg authored
... by defining Curl_ssl_random() properly
-
Daniel Stenberg authored
This now provides a weak random function since PolarSSL doesn't have a quick and easy way to provide a good one. It does however provide the framework to make one so it _can_ and _should_ be done...
-
Michael Wallner authored
-
Daniel Stenberg authored
I couldn't find any dedicated function in its API to get a "good" random with.
-
Daniel Stenberg authored
ASN_NO_SIGNER_E didn't exist back then!
-
- Jul 29, 2014
-
-
Daniel Stenberg authored
To force each backend implementation to really attempt to provide proper random. If a proper random function is missing, then we can explicitly make use of the default one we use when TLS support is missing. This commit makes sure it works for darwinssl, gnutls, nss and openssl.
-
- Jul 28, 2014
-
-
Daniel Stenberg authored
... with permission from David Shaw
-
Kamil Dudka authored
The minimal required version of NSS is 3.14.x so it does not make sense to check for NSS 3.12.0+ at run time.
-
Anthon Pang authored
Removing defines, even obsolete ones that haven't been used for a very long time, still break a lot of applications. Bug: https://github.com/bagder/curl/pull/106
-
- Jul 26, 2014
-
-
Fabian Keil authored
-
Fabian Keil authored
-
Fabian Keil authored
If a non-standard $TESTDIR is used the file may not be necessary. Previously a "missing" file resulted in the warning: readline() on closed filehandle D at ./runtests.pl line 4940.
-
Fabian Keil authored
-
- Jul 25, 2014
-
-
Daniel Stenberg authored
Bug: http://curl.haxx.se/mail/lib-2014-07/0337.html Reported-by: Spork Schivago
-
Daniel Stenberg authored
-
Daniel Stenberg authored
This is now used by the http2 code. It has two different symbols at the end of the base64 table to make the output "url safe". Bug: https://github.com/tatsuhiro-t/nghttp2/issues/62
-
- Jul 24, 2014
-
-
Marcel Raad authored
Curl_base64_decode allocates the output string by itself and two other strings were not freed either.
-