Yang Tse [Fri, 14 Dec 2012 18:39:22 +0000 (19:39 +0100)]
setup_once.h: HP-UX <sys/socket.h> issue workaround
Issue: When building a 32bit target with large file support HP-UX
<sys/socket.h> header file may simultaneously provide two different
sets of declarations for sendfile and sendpath functions, one with
static and another with external linkage. Given that we do not use
mentioned functions we really don't care which linkage is the
appropriate one, but on the other hand, the double declaration emmits
warnings when using the HP-UX compiler and errors when using modern
gcc versions resulting in fatal compilation errors.
Mentioned issue is now fixed as long as we don't use sendfile nor
sendpath functions.
Yang Tse [Fri, 14 Dec 2012 16:38:18 +0000 (17:38 +0100)]
setup_once.h: refactor inclusion of <unistd.h> and <sys/socket.h>
Inclusion of top two most included header files now done in setup_once.h
Yang Tse [Wed, 12 Dec 2012 15:13:16 +0000 (16:13 +0100)]
setup_once.h: HP-UX specific TRUE and FALSE definitions
Some HP-UX system headers require TRUE defined to 1 and FALSE to 0.
Daniel Stenberg [Wed, 12 Dec 2012 10:07:30 +0000 (11:07 +0100)]
gopher: #include cleanup
Remove all system file includes from this file as they're not needed
Reported by: Dan Fandrich
Yang Tse [Tue, 11 Dec 2012 14:03:17 +0000 (15:03 +0100)]
examples/simplessl.c: fix compiler warning
Yang Tse [Mon, 10 Dec 2012 17:06:35 +0000 (18:06 +0100)]
examples/externalsocket.c: fix SunPro compilation issue
Yang Tse [Mon, 10 Dec 2012 16:55:18 +0000 (17:55 +0100)]
examples/simplessl.c: fix compiler warning
Yang Tse [Mon, 10 Dec 2012 16:32:35 +0000 (17:32 +0100)]
build: add bundles and conncache files to other build systems
Yang Tse [Mon, 10 Dec 2012 16:04:13 +0000 (17:04 +0100)]
conncache: fix enumerated type mixed with another type
Yang Tse [Mon, 10 Dec 2012 14:42:12 +0000 (15:42 +0100)]
examples/anyauthput.c: fix Tru64 compilation issue
Colin Watson [Fri, 7 Dec 2012 11:07:54 +0000 (12:07 +0100)]
configure: fix cross pkg-config detection
When cross-compiling, CURL_CHECK_PKGCONFIG was checking for the cross
pkg-config using ${host}-pkg-config.
The gold standard for doing this correctly is pkg-config's own macro,
PKG_PROG_PKG_CONFIG. However, on the assumption that you have a good
reason not to use that directly (reduced dependencies for maintainer
builds?), the behaviour of cURL's version should at least match.
PKG_PROG_PKG_CONFIG uses AC_PATH_TOOL, which ultimately ends up trying
${host_alias}-pkg-config; this is not quite the same as what cURL does,
and may differ because ${host} has been run through config.sub. For
instance, when cross-building to the armhf architecture on Ubuntu,
${host_alias} is arm-linux-gnueabihf while ${host} is
arm-unknown-linux-gnueabihf. This may also have been the cause of the
problem reported at http://curl.haxx.se/mail/lib-2012-04/0224.html.
AC_PATH_TOOL is significantly simpler than cURL's current code, and
dates back to well before the current minimum of Autoconf 2.57, so let's
use it instead.
Linus Nielsen Feltzing [Thu, 6 Dec 2012 11:12:04 +0000 (12:12 +0100)]
Introducing a new persistent connection caching system using "bundles".
A bundle is a list of all persistent connections to the same host.
The connection cache consists of a hash of bundles, with the
hostname as the key.
The benefits may not be obvious, but they are two:
1) Faster search for connections to reuse, since the hash
lookup only finds connections to the host in question.
2) It lays out the groundworks for an upcoming patch,
which will introduce multiple HTTP pipelines.
This patch also removes the awkward list of "closure handles",
which were needed to send QUIT commands to the FTP server
when closing a connection.
Now we allocate a separate closure handle and use that
one to close all connections.
This has been tested in a live system for a few weeks, and of
course passes the test suite.
Fabian Keil [Wed, 14 Nov 2012 10:40:31 +0000 (11:40 +0100)]
runtests and friends: Do not add undefined values to @INC
On FreeBSD this fixes the warning:
Use of uninitialized value $p in string eq at /usr/local/lib/perl5/5.14.2/BSDPAN/BSDPAN.pm line 36.
Steve Holme [Wed, 5 Dec 2012 19:46:00 +0000 (11:46 -0800)]
Merge pull request #52 from isn-/master
small compilation fix
Stanislav Ivochkin [Wed, 5 Dec 2012 18:31:40 +0000 (22:31 +0400)]
build: fix compilation with CURL_DISABLE_CRYPTO_AUTH flag
Yang Tse [Wed, 5 Dec 2012 16:28:32 +0000 (17:28 +0100)]
libtest: fix some compiler warnings
Yang Tse [Wed, 5 Dec 2012 11:59:14 +0000 (12:59 +0100)]
examples: fix compilation issues - commit
7332a7cafb follow-up
Yang Tse [Wed, 5 Dec 2012 10:43:40 +0000 (11:43 +0100)]
examples: fix compilation issues - commit
23f8dca6fb follow-up
Yang Tse [Tue, 4 Dec 2012 23:37:57 +0000 (00:37 +0100)]
examples: fix compilation issues
Yang Tse [Tue, 4 Dec 2012 22:30:05 +0000 (23:30 +0100)]
build: explain current role of LIBS in our Makefile.am files
BLANK_AT_MAKETIME may be used in our Makefile.am files to blank
LIBS variable used in generated makefile at makefile processing
time. Doing this functionally prevents LIBS from being used for
all link targets in given makefile.
Daniel Stenberg [Fri, 30 Nov 2012 13:52:38 +0000 (14:52 +0100)]
multi: fix re-sending request on early connection close
This handling already works with the easy-interface code. When a request
is sent on a re-used connection that gets closed by the server at the
same time as the request is sent, the situation may occur so that we can
send the request and we discover the broken connection as a RECV_ERROR
in the PERFORM state and then the request needs to be retried on a fresh
connection. Test 64 broke with 'multi-always-internally'.
Yang Tse [Tue, 4 Dec 2012 20:00:32 +0000 (21:00 +0100)]
configure: add minimal sanity check on user provided LIBS and LDFLAGS
Yang Tse [Mon, 3 Dec 2012 21:40:26 +0000 (22:40 +0100)]
build: prevent global LIBS from influencing src and lib build targets
Currently, LIBS is already used through other macros.
Kamil Dudka [Mon, 3 Dec 2012 12:17:50 +0000 (13:17 +0100)]
nss: prevent NSS from crashing on client auth hook failure
Although it is not explicitly stated in the documentation, NSS uses
*pRetCert and *pRetKey even if the client authentication hook returns
a failure. Namely, if we destroy *pRetCert without clearing *pRetCert
afterwards, NSS destroys the certificate once again, which causes a
double free.
Reported by: Bob Relyea
Yang Tse [Fri, 30 Nov 2012 18:13:50 +0000 (19:13 +0100)]
testcurl.pl: build example programs for several autobuilds
Affected autobuilds: IRIX, AIX, Tru64 and AIX.
Yang Tse [Fri, 30 Nov 2012 18:12:18 +0000 (19:12 +0100)]
build: prevent global LIBS from influencing examples build targets
Yang Tse [Fri, 30 Nov 2012 13:34:48 +0000 (14:34 +0100)]
build: prevent global LIBS from influencing libtest build targets
Yang Tse [Thu, 29 Nov 2012 20:56:48 +0000 (21:56 +0100)]
build: prevent global LIBS from influencing test server build targets
Yang Tse [Wed, 28 Nov 2012 19:51:13 +0000 (20:51 +0100)]
build: fix Windows build targets damaged since commit
550e403f00
Yang Tse [Wed, 28 Nov 2012 17:31:23 +0000 (18:31 +0100)]
build: avoid linkage of directly unused libraries
Yang Tse [Tue, 27 Nov 2012 17:01:55 +0000 (18:01 +0100)]
dd missing NTLM feature for tests 2025, and 2028 to 2032
Yang Tse [Mon, 26 Nov 2012 15:23:02 +0000 (16:23 +0100)]
avoid mixing of enumerated type with another type
Yang Tse [Mon, 26 Nov 2012 15:20:53 +0000 (16:20 +0100)]
multi.c: disambiguate precedence of bitwise and relational operation
Fabian Keil [Sun, 25 Nov 2012 17:34:01 +0000 (18:34 +0100)]
Remove stray CRLF in chunk-encoded content-free request bodies
.. that are sent when auth-negotiating before a chunked
upload or when setting the 'Transfer-Encoding: chunked'
header and intentionally sending no content.
Adjust test565 and test1333 accordingly.
Daniel Stenberg [Sun, 25 Nov 2012 18:44:49 +0000 (19:44 +0100)]
FAQ: clarify the 3.4 section
You can do custom commands to FTP without sending anything by using the
CURLOPT_NOBODY, which -I sets.
Lijo Antony [Sun, 25 Nov 2012 06:00:58 +0000 (10:00 +0400)]
examples: Updated asiohiper.cpp to remove connect from opensocket
Blocking connect on the socket has been removed from opensocket
callback. opensocket just opens a new socket and gives it back to
libcurl and libcurl will take care of the connect. sockopt_callback has
also been removed, as it is no longer required.
Yang Tse [Fri, 23 Nov 2012 16:57:00 +0000 (17:57 +0100)]
build: fix AIX compilation and usage
AIX sys/poll.h header file defines 'events' and 'revents' as C
preprocessor macros. Usage of these literals in libcurl's external
API was introduced in commit
de24d7bd4c causing AIX build failures.
Appropriate inclusion of sys/poll.h by libcurl's external interface
fixes AIX build and usage issues while avoiding a SONAME bump.
Steve Holme [Fri, 23 Nov 2012 13:43:53 +0000 (13:43 +0000)]
DOCS: Updated CURLOPT_CONNECT_ONLY to reflect usage in other protocols
Daniel Stenberg [Fri, 23 Nov 2012 10:56:26 +0000 (11:56 +0100)]
test: offer "automake" output and check for perl better
runtests.pl -am now uses the "PASS/FAIL: [desc]" output for each
executed test. You can run 'make test-am' in the root build directory to
invoke that. The reason for this output style is to better allow generic
test suite parsers to also grok our test output.
The test Makefile now also tests that perl was indeed found and that the
PERL variable points to an executable before it tries to run the main
test perl script runtests.pl,
Fabian Keil [Wed, 21 Nov 2012 15:01:59 +0000 (16:01 +0100)]
Test 206: Use a Content-Length header for the 407 response
Otherwise curl would have to guess where the body ends.
Fabian Keil [Wed, 21 Nov 2012 14:42:00 +0000 (15:42 +0100)]
Test 206: Don't respond to a succesful CONNECT request with a body
It's against the spec and caused test failures when header
and response were read from the network separately in which
case bug #39 wasn't triggered.
Daniel Stenberg [Wed, 21 Nov 2012 17:26:42 +0000 (18:26 +0100)]
htmltitle: use .cpp extension for C++ examples
Lijo Antony [Wed, 21 Nov 2012 10:19:45 +0000 (14:19 +0400)]
examples: Added a c++ example of using multi with boost::asio
Added an example for demonstrating the usage of curl multi interface
with boost::asio in c++
Daniel Stenberg [Wed, 21 Nov 2012 15:17:45 +0000 (16:17 +0100)]
VC Makefiles: add missing hostcheck
the newly introduced hostcheck.h/c is missing in the Visual Studio
Makefiles as obj file.
Bug: http://curl.haxx.se/mail/lib-2012-11/0176.html
Daniel Stenberg [Tue, 20 Nov 2012 19:57:18 +0000 (20:57 +0100)]
compiler warning fixes
The conversions from ssize_t to int need to be typecasted.
Daniel Stenberg [Tue, 20 Nov 2012 09:27:36 +0000 (10:27 +0100)]
bump: start working on 7.28.2
Daniel Stenberg [Tue, 20 Nov 2012 09:25:25 +0000 (10:25 +0100)]
THANKS: added 14 contributors from the 7.28.1 release
Daniel Stenberg [Mon, 19 Nov 2012 21:58:05 +0000 (22:58 +0100)]
RELEASE-NOTES: synced with
52af6e69f079 / 7.28.1
Anthony Bryan [Mon, 19 Nov 2012 23:13:21 +0000 (00:13 +0100)]
RELEASE-NOTES: NSS can be used for metalink hashing
Fabian Keil [Sun, 18 Nov 2012 21:42:04 +0000 (22:42 +0100)]
Get test 2032 working when using valgrind
If curl_multi_fdset() sets maxfd to -1, the socket detection
loop is skipped and thus !found_new_socket is no cause for alarm.
Kamil Dudka [Mon, 15 Oct 2012 19:42:33 +0000 (21:42 +0200)]
test2032: spurious failure caused by premature termination
Bug: http://curl.haxx.se/mail/lib-2012-11/0095.html
Fabian Keil [Wed, 14 Nov 2012 11:53:47 +0000 (12:53 +0100)]
Fix comment typos in test 517
Fabian Keil [Tue, 13 Nov 2012 12:58:14 +0000 (13:58 +0100)]
Test 92 and 194: normalize spaces in the Server headers
It makes no difference from curl's point of view but
makes it more convenient to use the tests with a
lws-normalizing proxy between curl and the test server.
Fabian Keil [Sun, 18 Nov 2012 13:55:29 +0000 (14:55 +0100)]
Add a HOSTIP precheck for tests 31 and 1105
They currently only work for 127.0.0.1 which
is hardcoded and can't be easily changed.
Fabian Keil [Thu, 15 Nov 2012 13:02:21 +0000 (14:02 +0100)]
Let test 8 work as long as %HOSTIP ends with ".0.0.1"
.. and add a precheck to skip the test otherwise.
Fabian Keil [Wed, 14 Nov 2012 18:44:11 +0000 (19:44 +0100)]
Add --resolve to the keywords and name of test 1318
This makes it easier to skip it automatically when
the test suite is used with external proxies.
Fabian Keil [Fri, 16 Nov 2012 11:42:51 +0000 (12:42 +0100)]
Add FTP keywords for a couple of currently keyword-less FTP tests
Fabian Keil [Tue, 13 Nov 2012 13:02:42 +0000 (14:02 +0100)]
Add keywords for a couple of currently keyword-less HTTP tests
Fabian Keil [Fri, 16 Nov 2012 12:54:59 +0000 (13:54 +0100)]
Use carriage returns in all headers in test 31
Trailing spaces were left unmodifed, assuming they were intentional.
Fabian Keil [Wed, 14 Nov 2012 18:49:12 +0000 (19:49 +0100)]
Do not mix CRLF and LF header endings in a couple of HTTP tests
Consistently use CRLF instead. The mixed endings weren't
documented so I assume they were unintentional.
This change doesn't matter for curl itself but makes using
the tests with a proxy between curl and the test server
more convenient.
Tests that consistently use no carriage returns were
left unmodified as one can easily work around this.
Daniel Stenberg [Sun, 18 Nov 2012 15:17:37 +0000 (16:17 +0100)]
fixed memory leak: CURLOPT_RESOLVE with multi interface
DNS cache entries populated with CURLOPT_RESOLVE were not properly freed
again when done using the multi interface.
Test case 1502 added to verify.
Bug: http://curl.haxx.se/bug/view.cgi?id=3575448
Reported by: Alex Gruz
Daniel Stenberg [Sat, 17 Nov 2012 13:23:41 +0000 (14:23 +0100)]
RELEASE-NOTES: synced with
ee588fe08807778
4 more bug fixes and 4 more contributors
Daniel Stenberg [Fri, 16 Nov 2012 23:59:42 +0000 (00:59 +0100)]
mem-include-scan: verify memory #includes
If we use memory functions (malloc, free, strdup etc) in C sources in
libcurl and we fail to include curl_memory.h or memdebug.h we either
fail to properly support user-provided memory callbacks or the memory
leak system of the test suite fails.
After Ajit's report of a failure in the first category in http_proxy.c,
I spotted a few in the second category as well. These problems are now
tested for by test 1132 which runs a perl program that scans for and
attempts to check that we use the correct include files if a memory
related function is used in the source code.
Reported by: Ajit Dhumale
Bug: http://curl.haxx.se/mail/lib-2012-11/0125.html
Daniel Stenberg [Fri, 16 Nov 2012 21:00:17 +0000 (22:00 +0100)]
tftp_rx: code style cleanup
Fixed checksrc warnings
Fabian Keil [Fri, 16 Nov 2012 18:22:12 +0000 (19:22 +0100)]
Fix the libauthretry changes from
7c0cbcf2f61
They broke the NTLM tests from 2023 to 2031.
Christian Vogt [Fri, 16 Nov 2012 14:30:52 +0000 (15:30 +0100)]
tftp_rx: handle resends
Re-send ACK for block X in case we receive block X data again while
waiting for block X+1.
Based on an earlier patch by Marcin Adamski.
Daniel Stenberg [Fri, 16 Nov 2012 12:06:49 +0000 (13:06 +0100)]
autoconf: don't force-disable compiler debug option
When nothing is told to configure, we should not enforce switching off
debug options with -g0 (or similar). We instead don't use -g at all in
that situaion and therefore allow the user's CFLAGS settings possibly
dictate what to do.
Mark Snelling [Wed, 14 Nov 2012 22:19:32 +0000 (23:19 +0100)]
winbuild: Fix PDB file output
And fix some newlines to be proper CRLF
Bug: http://curl.haxx.se/bug/view.cgi?id=3586741
Daniel Stenberg [Wed, 14 Nov 2012 21:32:19 +0000 (22:32 +0100)]
RELEASE-NOTES: synced with
fa1ae0abcde
Cristian Rodríguez [Mon, 12 Nov 2012 15:41:58 +0000 (16:41 +0100)]
OpenSSL: Disable SSL/TLS compression
It either causes increased memory usage or exposes users
to the "CRIME attack" (CVE-2012-4929)
Sebastian Rasmussen [Mon, 8 Oct 2012 09:49:47 +0000 (11:49 +0200)]
FILE: Make upload-writes unbuffered by not using FILE streams
Kamil Dudka [Tue, 13 Nov 2012 12:09:43 +0000 (13:09 +0100)]
tool_metalink: fix error detection of hash alg initialization
The {MD5,SHA1,SHA256}_Init functions from OpenSSL are called directly
without any wrappers and they return 1 for success, 0 otherwise. Hence,
we have to use the same approach in all the wrapper functions that are
used for the other crypto libraries.
This commit fixes a regression introduced in commit
dca8ae5f.
Daniel Stenberg [Tue, 13 Nov 2012 12:03:38 +0000 (13:03 +0100)]
RELEASE-NOTES: synced with
7c0cbcf2f617b
Sergei Nikulov [Fri, 9 Nov 2012 13:29:02 +0000 (17:29 +0400)]
fixed Visual Studio 2010 compilation
Anton Malov [Mon, 12 Nov 2012 12:06:31 +0000 (16:06 +0400)]
ftp: EPSV-disable fix over SOCKS
Bug: http://curl.haxx.se/bug/view.cgi?id=3586338
Patrick Monnerat [Mon, 12 Nov 2012 13:27:43 +0000 (14:27 +0100)]
Merge branch 'master' of github.com:bagder/curl
Patrick Monnerat [Mon, 12 Nov 2012 13:26:16 +0000 (14:26 +0100)]
OS400: upgrade wrappers for the 7.28.1 release.
Daniel Stenberg [Mon, 12 Nov 2012 12:50:00 +0000 (13:50 +0100)]
runtests: limit execessive logging/output
Gabriel Sjoberg [Fri, 9 Nov 2012 23:19:46 +0000 (17:19 -0600)]
Digst: Add microseconds into nounce calculation
When using only 1 second precision, curl doesn't create new cnonce
values quickly enough for all uses.
For example, issuing the following command multiple times to a recent
Tomcat causes authentication failures:
curl --digest -utest:test http://tomcat.test.com:8080/manager/list
This is because curl uses the same cnonce for several seconds, but
doesn't increment the nonce counter. Tomcat correctly interprets
this as a replay attack and rejects the request.
When microsecond-precision is available, this commit causes curl to
change cnonce values much more frequently.
With microsecond resolution, increasing the nounce length used in the
headers to 32 was made to further reduce the risk of duplication.
Daniel Stenberg [Mon, 12 Nov 2012 09:04:44 +0000 (10:04 +0100)]
SCP/SFTP: improve error code used for send failures
Instead of relying on the generic CURLE error for SCP or SFTP send
failures, try passing back a more suitable error if possible.
Daniel Stenberg [Mon, 12 Nov 2012 09:04:19 +0000 (10:04 +0100)]
Curl_write: remove unneeded typecast
Kamil Dudka [Tue, 30 Oct 2012 13:59:48 +0000 (14:59 +0100)]
tool_metalink: allow to use hash algorithms provided by NSS
Fixes bug #3578163:
http://sourceforge.net/tracker/?func=detail&atid=100976&aid=3578163&group_id=976
Kamil Dudka [Tue, 30 Oct 2012 13:21:54 +0000 (14:21 +0100)]
tool_metalink: allow to handle failure of hash alg initialization
Kamil Dudka [Wed, 31 Oct 2012 09:43:36 +0000 (10:43 +0100)]
tool_metalink: introduce metalink_cleanup() in the internal API
... to release resources allocated at global scope
Daniel Stenberg [Thu, 8 Nov 2012 21:37:53 +0000 (22:37 +0100)]
hostcheck: only build for the actual users
and make local function static
Oscar Koeroo [Sat, 3 Nov 2012 01:06:51 +0000 (02:06 +0100)]
SSL: Several SSL-backend related fixes
axTLS:
This will make the axTLS backend perform the RFC2818 checks, honoring
the VERIFYHOST setting similar to the OpenSSL backend.
Generic for OpenSSL and axTLS:
Move the hostcheck and cert_hostcheck functions from the lib/ssluse.c
files to make them genericly available for both the OpenSSL, axTLS and
other SSL backends. They are now in the new lib/hostcheck.c file.
CyaSSL:
CyaSSL now also has the RFC2818 checks enabled by default. There is a
limitation that the verifyhost can not be enabled exclusively on the
Subject CN field comparison. This SSL backend will thus behave like the
NSS and the GnuTLS (meaning: RFC2818 ok, or bust). In other words:
setting verifyhost to 0 or 1 will disable the Subject Alt Names checks
too.
Schannel:
Updated the schannel information messages: Split the IP address usage
message from the verifyhost setting and changed the message about
disabling SNI (Server Name Indication, used in HTTP virtual hosting)
into a message stating that the Subject Alternative Names checks are
being disabled when verifyhost is set to 0 or 1. As a side effect of
switching off the RFC2818 related servername checks with
SCH_CRED_NO_SERVERNAME_CHECK
(http://msdn.microsoft.com/en-us/library/
aa923430.aspx) the SNI feature
is being disabled. This effect is not documented in MSDN, but Wireshark
output clearly shows the effect (details on the libcurl maillist).
PolarSSL:
Fix the prototype change in PolarSSL of ssl_set_session() and the move
of the peer_cert from the ssl_context to the ssl_session. Found this
change in the PolarSSL SVN between r1316 and r1317 where the
POLARSSL_VERSION_NUMBER was at 0x01010100. But to accommodate the Ubuntu
PolarSSL version 1.1.4 the check is to discriminate between lower then
PolarSSL version 1.2.0 and 1.2.0 and higher. Note: The PolarSSL SVN
trunk jumped from version 1.1.1 to 1.2.0.
Generic:
All the SSL backends are fixed and checked to work with the
ssl.verifyhost as a boolean, which is an internal API change.
Daniel Stenberg [Thu, 8 Nov 2012 19:25:08 +0000 (20:25 +0100)]
libcurl: VERSIONINFO update
Since we added the curl_multi_wait function, the VERSIONINFO needed
updating.
Reported by: Patrick Monnerat
Guenter Knauf [Thu, 8 Nov 2012 17:50:48 +0000 (18:50 +0100)]
Added .def file to output.
Requested by Johnny Luong on the libcurl list.
Guenter Knauf [Thu, 8 Nov 2012 17:41:59 +0000 (18:41 +0100)]
Added deps for static metalink-aware MinGW builds.
Fabian Keil [Thu, 8 Nov 2012 15:36:55 +0000 (16:36 +0100)]
Fix compilation of lib1501
Daniel Stenberg [Thu, 8 Nov 2012 09:47:11 +0000 (10:47 +0100)]
Curl_readwrite: remove debug output
The text "additional stuff not fine" text was added for debug purposes a
while ago, but it isn't really helping anyone and for some reason some
Linux distributions provide their libcurls built with debug info still
present and thus (far too many) users get to read this info.
Daniel Stenberg [Wed, 7 Nov 2012 22:21:55 +0000 (23:21 +0100)]
RELEASE-NOTES: synced with
487538e87a3d5e
6 new bugfixes and 3 more contributors...
Daniel Stenberg [Wed, 7 Nov 2012 22:08:29 +0000 (23:08 +0100)]
http_perhapsrewind: consider NTLM over proxy too
The logic previously checked for a started NTLM negotiation only for
host and not also with proxy, leading to problems doing POSTs over a
proxy NTLM that are larger than 2000 bytes. Now it includes proxy in the
check.
Bug: http://curl.haxx.se/bug/view.cgi?id=3582321
Reported by: John Suprock
Lars Buitinck [Wed, 31 Oct 2012 15:58:53 +0000 (16:58 +0100)]
Curl_connecthost: friendlier "couldn't connect" message
Daniel Stenberg [Tue, 6 Nov 2012 22:25:52 +0000 (23:25 +0100)]
test1413: verify redirects to URLs with fragments
The bug report claimed it didn't work. This problem was probably fixed
in
473003fbdf.
Bug: http://curl.haxx.se/bug/view.cgi?id=3581898
Daniel Stenberg [Tue, 6 Nov 2012 22:17:57 +0000 (23:17 +0100)]
URL parser: cut off '#' fragments from URLs (better)
The existing logic only cut off the fragment from the separate 'path'
buffer which is used when sending HTTP to hosts. The buffer that held
the full URL used for proxies were not dealt with. It is now.
Test case 5 was updated to use a fragment on a URL over a proxy.
Bug: http://curl.haxx.se/bug/view.cgi?id=3579813
Daniel Stenberg [Tue, 6 Nov 2012 21:55:22 +0000 (22:55 +0100)]
OpenSSL/servercert: use correct buffer size, not size of pointer
Bug: http://curl.haxx.se/bug/view.cgi?id=3579286
Daniel Stenberg [Tue, 6 Nov 2012 21:27:25 +0000 (22:27 +0100)]
curl: set CURLOPT_SSL_VERIFYHOST to 0 to disable
Daniel Stenberg [Mon, 5 Nov 2012 22:58:31 +0000 (23:58 +0100)]
test 2027/2030: take duplicate Digest requests into account
With the reversion of
ce8311c7e49eca and the new clear logic, this flaw
is present and we allow it.
Daniel Stenberg [Mon, 5 Nov 2012 22:31:24 +0000 (23:31 +0100)]
Curl_pretransfer: clear out unwanted auth methods
As a handle can be re-used after having done HTTP auth in a previous
request, it must make sure to clear out the HTTP types that aren't
wanted in this new request.