#
f871de00 |
| 28-Dec-2012 |
Yang Tse |
build: make use of 76 lib/*.h renamed files 76 private header files renamed to use our standard naming scheme. This change affects 322 files in libcurl's source tree.
|
Revision tags: curl-7_28_1 |
|
#
e237402c |
| 09-Nov-2012 |
Gabriel Sjoberg |
Digst: Add microseconds into nounce calculation When using only 1 second precision, curl doesn't create new cnonce values quickly enough for all uses. For example, issuing the f
Digst: Add microseconds into nounce calculation When using only 1 second precision, curl doesn't create new cnonce values quickly enough for all uses. For example, issuing the following command multiple times to a recent Tomcat causes authentication failures: curl --digest -utest:test http://tomcat.test.com:8080/manager/list This is because curl uses the same cnonce for several seconds, but doesn't increment the nonce counter. Tomcat correctly interprets this as a replay attack and rejects the request. When microsecond-precision is available, this commit causes curl to change cnonce values much more frequently. With microsecond resolution, increasing the nounce length used in the headers to 32 was made to further reduce the risk of duplication.
show more ...
|
Revision tags: curl-7_28_0, curl-7_27_0 |
|
#
2c7cfd29 |
| 21-Jul-2012 |
Anton Yabchinskiy |
Client's "qop" value should not be quoted (RFC2617, section 3.2.2).
|
Revision tags: curl-7_26_0, curl-7_25_0 |
|
#
3c80309c |
| 22-Mar-2012 |
Yang Tse |
fix several compiler warnings
|
Revision tags: curl-7_24_0, curl-7_23_1, curl-7_23_0, curl-7_22_0 |
|
#
fd00b382 |
| 24-Aug-2011 |
Yang Tse |
base64: fix Curl_base64_encode and Curl_base64_decode interfaces Previous interfaces for these libcurl internal functions did not allow to tell apart a legitimate zero size result from a
base64: fix Curl_base64_encode and Curl_base64_decode interfaces Previous interfaces for these libcurl internal functions did not allow to tell apart a legitimate zero size result from an error condition. These functions now return a CURLcode indicating function success or otherwise specific error. Output size is returned using a pointer argument. All usage of these two functions, and others closely related, has been adapted to the new interfaces. Relative error and OOM handling adapted or added where missing. Unit test 1302 also adapted.
show more ...
|
#
f1586cb4 |
| 26-Jul-2011 |
Yang Tse |
stdio.h, stdlib.h, string.h, stdarg.h and ctype.h inclusion done in setup_once.h
|
Revision tags: curl-7_21_7 |
|
#
adeac15d |
| 03-Jun-2011 |
Daniel Stenberg |
digest_cleanup_one: made private
|
Revision tags: curl-7_21_6 |
|
#
b903186f |
| 20-Apr-2011 |
Daniel Stenberg |
source cleanup: unify look, style and indent levels By the use of a the new lib/checksrc.pl script that checks that our basic source style rules are followed.
|
#
c828646f |
| 19-Apr-2011 |
Daniel Stenberg |
CURL_DOES_CONVERSIONS: cleanup Massively reduce #ifdefs all over (23 #ifdef lines less so far) Moved conversion-specific code to non-ascii.c
|
Revision tags: curl-7_21_5, curl-7_21_4, curl-7_21_3 |
|
#
dc3e7df1 |
| 08-Nov-2010 |
Yang Tse |
fix compiler warning
|
Revision tags: curl-7_21_2 |
|
#
2c1b4e74 |
| 10-Sep-2010 |
Daniel Stenberg |
digest: make it clear the condition is always true
|
Revision tags: curl-7_21_1, curl-7_21_0, curl-7_20_1 |
|
#
2309b4e3 |
| 24-Mar-2010 |
Daniel Stenberg |
remove the CVSish $Id$ lines
|
Revision tags: curl-7_20_0, curl-7_19_7, curl-7_19_6 |
|
#
85196825 |
| 22-May-2009 |
Dan Fandrich |
Removed some obsolete digest code that caused a valgrind error in test 551.
|
Revision tags: curl-7_19_5 |
|
#
effbd993 |
| 10-May-2009 |
Daniel Stenberg |
- Andre Guibert de Bruet correctly pointed out an over-alloc with one wasted byte in the digest code.
|
#
33a3753c |
| 21-Apr-2009 |
Yang Tse |
libcurl's memory.h renamed to curl_memory.h
|
Revision tags: curl-7_19_4 |
|
#
df07537c |
| 28-Feb-2009 |
Yang Tse |
fix compiler warning
|
#
82ca5271 |
| 26-Jan-2009 |
Daniel Stenberg |
- Alexey Borzov filed bug report #2535504 (http://curl.haxx.se/bug/view.cgi?id=2535504) pointing out that realms with quoted quotation marks in HTTP Digest headers didn't work. I've now a
- Alexey Borzov filed bug report #2535504 (http://curl.haxx.se/bug/view.cgi?id=2535504) pointing out that realms with quoted quotation marks in HTTP Digest headers didn't work. I've now added test case 1095 that verifies my fix.
show more ...
|
Revision tags: curl-7_19_3 |
|
#
6e376532 |
| 10-Dec-2008 |
Daniel Stenberg |
- Internet Explorer had a broken HTTP digest authentication before v7 and there are servers "out there" that relies on the client doing this broken Digest authentication. Apache even come
- Internet Explorer had a broken HTTP digest authentication before v7 and there are servers "out there" that relies on the client doing this broken Digest authentication. Apache even comes with an option to work with such broken clients. The difference is only for URLs that contain a query-part (a '?'-letter and text to the right of it). libcurl now supports this quirk, and you enable it by setting the CURLAUTH_DIGEST_IE bit in the bitmask you pass to the CURLOPT_HTTPAUTH or CURLOPT_PROXYAUTH options. They are thus individually controlled to server and proxy.
show more ...
|
#
baeebb2b |
| 26-Nov-2008 |
Daniel Stenberg |
narrow the comment to < 80 columns
|
Revision tags: curl-7_19_2, curl-7_19_1 |
|
#
b701ea36 |
| 23-Oct-2008 |
Daniel Stenberg |
moved the Curl_raw_ functions into the new lib/rawstr.c file for easier curlx_ inclusion by the curl tool without colliding with the curl_strequal functions.
|
#
9d16b408 |
| 16-Oct-2008 |
Daniel Stenberg |
Renamed Curl_ascii_equal to Curl_raw_equal and bugfixed the my_toupper function used in strequal.c so now all test cases run fine for me again.
|
#
a579d670 |
| 15-Oct-2008 |
Daniel Stenberg |
- Pascal Terjan filed bug #2154627 (http://curl.haxx.se/bug/view.cgi?id=2154627) which pointed out that libcurl uses strcasecmp() in multiple places where it causes failures when the
- Pascal Terjan filed bug #2154627 (http://curl.haxx.se/bug/view.cgi?id=2154627) which pointed out that libcurl uses strcasecmp() in multiple places where it causes failures when the Turkish locale is used. This is because 'i' and 'I' isn't the same letter so strcasecmp() on those letters are different in Turkish than in English (or just about all other languages). I thus introduced a totally new internal function in libcurl (called Curl_ascii_equal) for doing case insentive comparisons for english-(ascii?) style strings that thus will make "file" and "FILE" match even if the Turkish locale is selected.
show more ...
|
#
1b9d311b |
| 25-Sep-2008 |
Daniel Stenberg |
- Fixed the HTTP Digest auth code to not behave badly when getting a blank realm with realm="". http://curl.haxx.se/bug/view.cgi?id=2126435
|
#
59e378f4 |
| 06-Sep-2008 |
Yang Tse |
remove unnecessary typecasting of malloc()
|
#
861b647e |
| 06-Sep-2008 |
Yang Tse |
remove unnecessary typecasting of realloc()
|