Re: [PATCH] schannel: Add support for optional client certificates

On 6/5/2015 4:53 PM, Joel DePooter wrote: I've made the attached patch, which allows curl with schannel to connect to servers which request a client certificate, but do not require it. With this change, when a server requests a client certificate, curl will now continue the handshake without one.

Re: the new site layout went live

On 6/10/2015 5:26 AM, Daniel Stenberg wrote: I expect to have landed a couple of mistakes in the process so if you find problems after a day or two, please let me know since then it is probably something I haven't seen myself. As someone who often uses 1920x1080 I must admit I liked the old

Re: multi_perform blocks and never returns when built with schannel WinIDN

On 6/9/2015 12:39 PM, Pär Björklund wrote: I noticed it was a bad url for testing as it went dead. You can use this one instead https://onedrive.live.com/download.aspx?cid=491E52A9EC6AD04B&resid=491E52A9EC6AD04B%21131883&authkey=%21AGbswDZOr_MwcZI&canary=yq1Qq0zCs7zlXSHyMeLQaLOJIYs%2BSY100MZgDDB

Re: multi_perform blocks and never returns when built with schannel WinIDN

On 6/8/2015 12:40 PM, Pär Björklund wrote: I have a new draft of schannel_recv up, can you try https://github.com/jay/curl/commit/bdc2166 Sorry about the radio silence, been a busy week. I've only tested with curl command line but issue remains, nothing other than CURLE_OK is returned. Thanks

Re: multi_perform blocks and never returns when built with schannel WinIDN

On 6/1/2015 12:10 PM, Pär Björklund wrote: Can you dig a little deeper and make sure schannel_recv() returns CURLE_AGAIN in the 'err' field when there's nothing more to read? Testing with a 100mb download it never returned anything else than CURLE_OK from schannel_recv or Curl_read There is s

Re: multi_perform blocks and never returns when built with schannel WinIDN

On 5/31/2015 6:13 PM, Daniel Stenberg wrote: On Sun, 31 May 2015, Pär Björklund wrote: I don't run any machine with schannel myself so I can't help much to debug this for real, but I can chime in with some observations. I've narrowed it down to the loop in in readwrite_data, data_pending is

Re: Support for openssl trusted_first flag

On 5/29/2015 12:58 AM, Ray Satiro wrote: On 5/28/2015 5:28 AM, Daniel Stenberg wrote: On Tue, 26 May 2015, Ryan Schmidt wrote: Some time ago the idea was brought up to use openssl's new -trusted_first / X509_V_FLAG_TRUSTED_FIRST mode; a patch was provided: http://curl.haxx.se/mail/lib

Re: Adding CURL handles to running CURLM

On 5/25/2015 11:52 AM, vincas.ra...@bentley.com wrote: I don't know. Can you show us a recipe on how to reproduce this problem? Your description hasn't been detailed enough for me to understand. I tried reproducing this problem with pure CURL and our server. What I found is that returning exac

Re: Support for openssl trusted_first flag

On 5/28/2015 5:28 AM, Daniel Stenberg wrote: On Tue, 26 May 2015, Ryan Schmidt wrote: Some time ago the idea was brought up to use openssl's new -trusted_first / X509_V_FLAG_TRUSTED_FIRST mode; a patch was provided: http://curl.haxx.se/mail/lib-2011-12/0223.html I basically only have one qu

Re: Happy eyeballs and custom DNS

On 5/27/2015 6:51 PM, Anders Bakken via curl-library wrote: How much work do you think it would be? (and could you point me in the general right direction for it?) I worked on it a while ago. Stefan had some changes to add address remove capability that I thought pre-empted mine so his were a

Re: Question regarding multiple IMAP operations

On 5/27/2015 3:09 PM, Adam wrote: Ray, I've actually written C89 code to parse IMAP responses. libcurl IMAP is indeed garbage, because the only thing it does for you that a straight socket doesn't is encryption (which is well documented w/tons of code samples anyway). So as soon as I remove the

Re: Question regarding multiple IMAP operations

On 5/26/2015 9:31 AM, Adam wrote: What is the proper way to send multiple IMAP commands? For example, first I'd like to get a listing of all the folder names, then I want to list the unread files in the folder names. I've tried using the same CURL* curl handle, sometimes it crashes on curl_ea

Re: libcurl does not update cookie

On 5/24/2015 2:07 PM, Daniel Stenberg wrote: On Sun, 24 May 2015, Alexander Dyagilev wrote: Cookie: test_cookie_2=value2; test_cookie_2=base_value2 Ah, I suspect this happens because... curl_easy_setopt (m_curl, CURLOPT_COOKIELIST, "Set-Cookie: test_cookie_2=base_value2"); Doesn't specify

Re: Login with cURL and Token don't work

On 5/19/2015 6:48 AM, avr...@fantasymail.de wrote: Can somebody help me please, to realise a cURL-Login to the WebRadio-Site "www.Phonostar.de" ? At first i create a cookie and get the token: $token = curl -s -k -c cookie.txt https://www.phonostar.de/radio/radioaufnehmen/radiocloud/login | grep

Re: version number helper macros?

On 5/14/2015 5:37 PM, Daniel Stenberg wrote: It would make it possible to check version at run-time like this: curl_version_info_data *d = curl_version_info(CURLVERSION_NOW); if(d->version_num >= CURL_VERSION_BITS(7,33,0) ) { /* this is libcurl 7.33.0 or later */ printf("Succcess\n"

Re: DL curl 7.35 mingw32

On 5/8/2015 8:46 AM, Adam wrote: Disagree or not, IMAP is on 7.40, 7.33, 7.27 (mingw32 builds) is *NOT* working. In fact, I can't find a single build on windows where IMAP *IS* working, and after asking this exact question on stackoverflow yesterday (http://stackoverflow.com/questions/30110396

Re: Curl ES 60: Invalid certificate chain on MacOS 10.10.3 (Yosemite)

On 5/8/2015 11:28 AM, Volker Schmid wrote: Hello, not sure if this answer is correctly assigned. Sorry. Hi, This snippet from CURLOPT_CAPATH doc might be relevant: "If libcurl is built against OpenSSL, the certificate directory must be prepared using the openssl c_rehash utility. " HTH, -Va

Re: DL curl 7.35 mingw32

On 5/7/2015 8:29 PM, Adam wrote: Can someone please give me a download link to curl-7.35.0-devel-mingw32 (or any other version with confirmed IMAP working) ? Adam go to the download page http://curl.haxx.se/download.html#Win32 You probably want the curl-7.x.x-devel-mingw32.zip in 'Win32 Gener

Re: how to use http/2 server push?

On 5/4/2015 8:11 AM, Daniel Stenberg wrote: Anyone around who has been thinking about using HTTP/2 and server push in an application? Server push means that a new stream is initiated from the server without the client specifically asking for it. Typically it would be resource B that the server

Re: schannel SEC_E_BUFFER_TOO_SMALL

On 4/29/2015 9:02 PM, Brian Chrisman wrote: Thanks Marc. Please disregard if you've fixed this in a later commit but in c6337c688a71 I'm seeing that the allocation of outbuf needs to be bumped up as well: SecBuffer outbuf[3]; Thanks for your report. I can't find that commit but I found chan

Re: docs/libcurl/libcurl-symbols.3 not in .gitignore

On 4/29/2015 3:47 AM, Michael Osipov wrote: Unversionierte Dateien: (benutzen Sie "git add ...", um die Änderungen zum Commit vorzumerken) docs/libcurl/libcurl-symbols.3 = I assume that libcurl-symbols.3 should be in docs/libcurl/.gitignore?

Re: CURLINFO_TLS_SESSION

On 4/26/2015 10:52 AM, Daniel Stenberg wrote: Hey all (and perhaps mostly Christian), We added CURLINFO_TLS_SESSION back in commit 2c04e8d80 (November 2013). First of all, we don't document what kind of internal pointers you get for the various backends so they ought to be fairly useless. We s

Re: A case for a branch and follow-up release?

On 4/23/2015 9:10 AM, Daniel Stenberg wrote: On Thu, 23 Apr 2015, Daniel Stenberg wrote: I'm leaning towards the first ever branched release of curl/libcurl: to branch off from the 7.42.0 point and only cherry-pick the fixes for the two build problems and this pending security fix, and then do

Need advice on handling CyaSSL/wolfSSL's build configurations

Recently I made some changes to lib/vtls/cyassl.c to include the CyaSSL build options [1] and support SNI [2]. The latter change is dependent on the former. CyaSSL's includes do not themselves include its build options (file cyassl/options.h) but the defines in that file are needed by the othe

Re: Poor HTTP POST upload performance

On 4/15/2015 2:17 AM, Ray Satiro wrote: Check out the send buffer complaint at [1], which is for Windows but still. Also it may be helpful for others to see the user reports you are referring to. [1]: http://sourceforge.net/p/curl/bugs/1188/ Oops, what a poor choice of words. I mean

Re: Poor HTTP POST upload performance

On 4/14/2015 10:14 PM, Bryan Christ wrote: Thanks for the reply. It would be quite difficult to create an isolated test case due the inherit cost of setting up a RESTful POST to the server. The problem is very much reproducible. Several users have reported this issue. It's not hard to see t

Re: Poor HTTP POST upload performance

On 4/13/2015 10:01 PM, Bryan Christ wrote: I've been trying to figure out why http POST uploads are so slow with libcurl. Upload speeds continually perform at about 1/10th of the expected performance (or less). Many users have reported this behavior on our forum. I suspect it has a lot to do

Re: VS2013 Solution problems

On 3/31/2015 3:24 AM, Gisle Vanem wrote: I need some help from an VisualStudio expert here. Steve? I've just installed the new, free "Microsoft Visual Studio Community 2013" and tried it by loading 'projects\Windows\VC12\curl-all.sln' and 'projects\Windows\VC12\lib\libcurl.sln' in it. I.e. "de

Re: curl problem on ldap with tls

On 4/1/2015 5:52 AM, Michael Wood wrote: On 31 Mar 2015 7:47 PM, "Ray Satiro via curl-library" mailto:curl-library@cool.haxx.se>> wrote: > > On 3/31/2015 4:50 AM, 林聖艦 wrote: >> >> I want to use curl ldap api with tls protocol. >> Now I know I can use fol

Re: curl problem on ldap with tls

On 3/31/2015 4:50 AM, 林聖艦 wrote: I want to use curl ldap api with tls protocol. Now I know I can use following setting: curl_easy_setopt(curl, CURLOPT_URL, "ldap://xxx.xxx";); or curl_easy_setopt(curl, CURLOPT_URL, "ldap://xxx.xxx";); if ssl protocol. Here is my question: How to use ldap with tl

Re: WolfSSL version problems

On 3/26/2015 1:49 PM, Gisle Vanem wrote: But there are more problems. With: curl -v https://www.ssllabs.com/ssltest/viewMyClient.html I get: * subject alt name(s) or common name do not match "www.ssllabs.com" I see no problem with the CERT from a trace to www.ssllabs.com. Or in Google Chrom

Re: about to free easy handle

On 3/29/2015 8:54 AM, 兰天 wrote: hi everyone, we all know that we use curl_multi_remove_handle to remove an easy handle from a multi handle,and then we use curl_easy_cleanup(easy) to remove an easy handle! if after I call curl_easy_cleanup function,and I write this code: easy =NULL; Is

Re: [PATCH] cyassl: remove undefined reference to CyaSSL_no_filesystem_verify & add support for CURLOPT_SSL_CTX_FUNCTION

On 3/27/2015 7:41 AM, Kyle L. Huff wrote: On Thu, Mar 26, 2015 at 9:18 PM, Ray Satiro via curl-library wrote: On 3/26/2015 8:16 PM, Kyle L. Huff wrote: On Thu, Mar 26, 2015 at 2:46 PM, Ray Satiro via curl-library wrote: Nope it's just that, a refactor. The result should be the same.

Re: [PATCH] cyassl: remove undefined reference to CyaSSL_no_filesystem_verify & add support for CURLOPT_SSL_CTX_FUNCTION

On 3/27/2015 6:35 PM, Daniel Stenberg wrote: On Fri, 27 Mar 2015, Kyle L. Huff wrote: Good catch. Fixed in the attached patches. Thanks a lot, merged! (I did change the real name part of your patches so that it appears properly in git.) I made a few cosmetic changes (docs, checksrc comp

Re: WolfSSL version problems

On 3/26/2015 4:30 PM, Gisle Vanem wrote: Ray Satiro via curl-library wrote: There's supposed to be backwards compatibility with CyaSSL. Seems I had some problem with the generated ''; it didn't include ''. I don't know what's happening there. I

Re: [PATCH] cyassl: remove undefined reference to CyaSSL_no_filesystem_verify & add support for CURLOPT_SSL_CTX_FUNCTION

On 3/26/2015 8:16 PM, Kyle L. Huff wrote: On Thu, Mar 26, 2015 at 2:46 PM, Ray Satiro via curl-library wrote: I was basically suggesting you refactor. Look at [1] to see what I mean. I'm not opposed to re-factoring as you have suggested, but other than adding a `failf` statement to my

Re: WolfSSL version problems

On 3/26/2015 1:49 PM, Gisle Vanem wrote: CyaSSL was renamed to WolfSSL some time ago. Libcurl and vtls/cyassl.c seems to suffer from this. I got the message: * CyaSSL <3.3.0 cannot be configured to use TLS 1.0-1.2, TLS 1.0 is used exclusively because of this: #if (LIBCYASSL_VERSION_HEX >=

Re: [PATCH] cyassl: remove undefined reference to CyaSSL_no_filesystem_verify & add support for CURLOPT_SSL_CTX_FUNCTION

On 3/26/2015 6:50 AM, Kyle L. Huff wrote: If a NO_FILESYSTEM really does require a CTX function (just my guess) then I would do it differently. What I would do is combine your two patches into one and redo it so you get rid of the CyaSSL_no_filesystem_verify in the #else block and replace it with

Re: [PATCH] cyassl: remove undefined reference to CyaSSL_no_filesystem_verify & add support for CURLOPT_SSL_CTX_FUNCTION

On 3/25/2015 12:10 PM, Kyle L. Huff wrote: On Sun, Feb 22, 2015 at 3:05 PM, Kyle L. Huff wrote: The attached patches remove the reference to "CyaSSL_no_filesystem_verify", and enables CURLOPT_SSL_CTX_FUNCTION when using CyaSSL. I would like to gauge if there is any interest in implementing the

Re: dns cache doesn't refresh entries while they are in use

On 3/17/2015 7:14 AM, Stefan Bühler wrote: the dns cache doesn't refresh entries while they are in use, which can lead to really bad behavior: your requests time out because the service isn't available anymore, and you try them again (too fast or too many requests), and there is always at leas

Re: Fixing CURLOPT_RESOLVE

On 3/14/2015 1:37 PM, Daniel Stenberg wrote: On Sun, 8 Mar 2015, Ray Satiro via curl-library wrote: I've started some work on fixing CURLOPT_RESOLVE. I have fixed it so that multiple addresses can be stored for each host:port. You can see a branch comparison at [1]. I didn'

Re: Failed writing body (-1 != 16384)

On 3/11/2015 12:35 PM, 兰天 wrote: My write callback function is follow: int Writer(char *data, size_t size, size_t nmemb, void *stream) { CURL_DATA_INFO *out = (CURL_DATA_INFO *) stream; unsigned int uiSizes = size * nmemb; unsigned int uiLoadC

Re: Failed writing body (-1 != 16384)

On 3/10/2015 11:41 PM, 兰天 wrote: Thanks for answering,I use libcurl 7.36, in the callback function , size_t write_callback(char *ptr, size_t size, size_t nmemb, void *userdata); all the type I use is unsigned int,does that lead to the Failed writing body (-1 != 16384) ? Please do not top-po

Re: Can't resolve host

On 3/5/2015 7:52 PM, Mathieu Fregeau wrote: library version: curl 7.41.0 compiler: c++, mingw32 (gcc 4.8) I can't resolve my request when at the office computer, while it works well at home. I suspect something about firewall, but I can browse on the same url via a browser (firefox and ie). Is

Re: Fixing CURLOPT_RESOLVE

On 3/2/2015 2:28 AM, Ray Satiro wrote: I've started some work on fixing CURLOPT_RESOLVE. I have fixed it so that multiple addresses can be stored for each host:port. You can see a branch comparison at [1]. I'm exploring the removal of cache entries now. Currently it is documented tha

Re: cant resolve host on visual studio 2013

On 3/4/2015 2:25 PM, Azat Manukyan wrote: Turns out that the problem was in curl_global_init(CURL_GLOBAL_SSL). I don't no why but when i canged the CURL_GLOBAL_SSL parameter to CURL_GLOBAL_ALL the lib starts work on windows. Oops I missed that. I should've ran your example. That is the right

Re: possible bug when using socket close callback?

On 2/24/2015 5:53 AM, Frank Meier wrote: I just stumbled over some libcurl code, that seems strange to me: in function Curl_closesocket() in connect.c the call to Curl_multi_closed() is omitted if a socket close function (CURLOPT_CLOSESOCKETFUNCTION) is registered. My understanding is that the

Re: cant resolve host on visual studio 2013

On 3/3/2015 11:06 AM, Azat Manukyan wrote: in both cases I haven't configured libcurl to any resolver.I supposed that didn't need to configure any resolver.firewall is turned of on windows. DNS resolver is working on windows environment because i can ping to given host, and system log viewer do

Minor doc changes

Two minor doc changes attached: curl_multi_setopt.3: Link to CURLMOPT_MAXCONNECTS opts: Fix pipelining examples From 6d1ad49a72e31256ee239aa8ff72b53ca2a8afb3 Mon Sep 17 00:00:00 2001 From: Jay Satiro Date: Fri, 27 Feb 2015 23:58:01 -0500 Subject: [PATCH] curl_multi_setopt.3: Link to CURLMOPT_MAXC

Fixing CURLOPT_RESOLVE

I've started some work on fixing CURLOPT_RESOLVE. I have fixed it so that multiple addresses can be stored for each host:port. You can see a branch comparison at [1]. I'm exploring the removal of cache entries now. Currently it is documented that an entry can be removed by -host:port but it is n

anyone using curl for telnet in windows?

I've tried a few sites but it doesn't seem to work too well for me. I've tried a bunch of recent versions of the curl tool. The responses from the server doesn't always appear. I think the responses are in the buffer because if I hit CTRL+C I can often see the text that should have appeared. I'v

Re: Bug in libcurl for rev 7.40.0

On 2/22/2015 1:10 AM, Tom Martin wrote: The bug I found earlier doesn't appear to be in libcurl, but might be due to older systems/kernels. The bug appears while using curl 7.40.0 (and the latest Feb28-2015 build of 7.41.x) on an older Centos 5 system and a older Fedora 14 system, but NOT on

Re: Bug in libcurl for rev 7.40.0

On 2/21/2015 5:58 PM, Tom Martin wrote: I found a bug in libcurl, one that can be demonstrated with the docs/examples/smtp-tls.c code. [...] I compiled and ran it, and got the following received email: 'The body of the message starts here\r\n .\r\n It could be a lot of lines, could be MIME

Re: CURL_EASY_PERFORM error but data transfer works

On 2/19/2015 8:30 PM, Jon wrote: Thanks Ray for looking into this. I commented out all of the backend PHP stuff just to see if anything changed but still received the same error msg. (and things keep on working). I’ll turn on VERBOSE and see what occurs there. Note that I’m using build 7.39

Re: CURL_EASY_PERFORM error but data transfer works

On 2/18/2015 10:43 PM, Jon wrote: I have tested this on multiple occasions with the same error but yet things continue to work. Is this a documented benign error and/or can I ignore it? Or does it signal something more serious? Am I missing a setup call? Also it occurs to me you're calli

Re: CURL_EASY_PERFORM error but data transfer works

On 2/18/2015 10:43 PM, Jon wrote: In the following simple code below, I get a CURLE_WRITE_ERROR (23) on the return of the CURL_EASY_PERFORM function. This looks like a serious error (error text = failed writing received data to disk/application) however the data successfully was sent and rece

Re: issue with root CA in certificates chain from server

On 2/4/2015 9:03 AM, Bruno BARRUCAND wrote: I am using libcurl (curl-7.34.0) with openssl (1.0.1h) in https. It works well. Thank you. But I have an issue in one case. When server sends root CA in certificates chain, libcurl/openssl returns an error “SSL certificate problem: self signed cer

Re: Fwd: [PATCH] opts: CURLOPT_CAINFO availability depends on SSL engine

On 2/3/2015 2:45 AM, Daniel Stenberg wrote: On Tue, 3 Feb 2015, Ray Satiro via curl-library wrote: Also I have some other patches from [2] I didn't hear back about. Can you please send them again if they're still relevant? gskit and polarssl patches are bug fixes sslv3 or later

Fwd: [PATCH] opts: CURLOPT_CAINFO availability depends on SSL engine

bump Forwarded Message Subject:[PATCH] opts: CURLOPT_CAINFO availability depends on SSL engine Date: Sun, 11 Jan 2015 00:18:50 -0500 From: Ray Satiro To: curl-library@cool.haxx.se It isn't documented in the CURLOPT_CAINFO option [1] that its availab

Re: libcURL multi interface - Restrict to One TCP connection

On 1/29/2015 11:29 PM, RaJ M wrote: I am using curl_multi_wait() + curl_multi_perform() to perform continuous HTTP transfers. (All transfers to a single HOST:PORT) That creates multiple TCP connections. (as it should/can) Does libcURL multi interface allow user to configure it to restrict to str

Re: How to check Server Connection Status using curl_easy_getinfo

On 1/29/2015 11:08 PM, Praveen Pvs wrote: On Thu, Jan 29, 2015 at 9:57 PM, Ray Satiro via curl-library mailto:curl-library@cool.haxx.se>> wrote: On 1/29/2015 4:32 AM, Praveen Pvs wrote: Is there way to just check the connection status of server? I need to kn

Re: How to check Server Connection Status using curl_easy_getinfo

On 1/29/2015 4:32 AM, Praveen Pvs wrote: Is there way to just check the connection status of server? I need to know the connection status of the server before posting the actual data. If connection with server is available, then post the data to the server otherwise dont post. I have written

Re: how to enable SSLv3 in libcurl 7.39

On 1/2/2015 12:42 PM, Ray Satiro wrote: On 1/2/2015 3:46 AM, Dan Fandrich wrote: Also, a big no-no: this patch seems to enable SSLv2 for the Cyassl back-end when the new option is used. Well, no, it shouldn't do that. CyaSSL has logic very similar to OpenSSL in that the protocol version

[PATCH] opts: CURLOPT_CAINFO availability depends on SSL engine

It isn't documented in the CURLOPT_CAINFO option [1] that its availability depends on the SSL engine. Also I have some other patches from [2] I didn't hear back about. gskit: Fix exclusive SSLv3 option polarssl: Fix exclusive SSL protocol version options SSL: Legacy support for SSLv3 or later

Re: how do i post json to a https ?

On 1/9/2015 11:25 PM, redmond wrote: with all your recommandation,i have modified my code,please take a look at my code,is it correct?i reference the code from https://github.com/polyu/Cloud_Game/blob/master/ClientGUI/GUI/httpclient.cpp Before you do anything else please review the libcurl doc

Re: how do i post json to a https ?

On 1/9/2015 11:03 AM, redmond wrote: though im unfamilar with C/C++,i have wrote the following code with libcurl docs,how do i post the json on https(the ssl website has no cert,just like https://www.google.com,it don't need the cert)?i search google for this,however there is no answer.i tried

Re: how to enable SSLv3 in libcurl 7.39

On 1/2/2015 3:46 AM, Dan Fandrich wrote: On Fri, Jan 02, 2015 at 02:45:32AM -0500, Ray Satiro wrote: CURL_SSLVERSION_SSLv3 is exclusively SSLv3 [1]. There is no longer a define for SSLv3 or later. The default is now TLS 1.0 or later. I have attached a patch that adds legacy support for

Re: how to enable SSLv3 in libcurl 7.39

On 1/1/2015 3:44 AM, Peng "Terry" Wang wrote: Happy new year! Since sslv3 disable by default in 7.39, Could you please point out how to explicit enable sslv3? The method below doesn't work. /* ask libcurl to use SSLv3 or later */ curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_S

Re: disable sslv3 on compile of older version of curl (or OpenSSL)

On 12/31/2014 12:46 PM, Rob Sharkey wrote: Is there a way to disable SSLv3 and force tls during ./configure of curl 7.19.4 ? [UPDATE; or in ./Config for OpenSSL 0.9.8k] or any other ideas for ensuring TLS is used. The current setup fails connections when it tries to use SSLv3, which is most

Re: long timeout after a lost connection (curl 7.39, windows)

On 12/15/2014 5:58 AM, чи дер wrote: So hasn't anyone come across this issue or was the info I provide too obscure to make any conclusions? Could you post a self contained example? Something simple that is pared down and will demonstrate the problem. I did: easy_perform to google.com slee

Re: Not able to build curl on Windows using VS2008.

On 12/10/2014 1:41 AM, Arif Ali wrote: On Tue, Dec 9, 2014 at 4:53 PM, Guenter > wrote: Hi Arif, here's a quick way without fancy GUI which works: 1) open a "Visual Studio 2008 command prompt" 2) change dir to the root of your extracted curl-7.39.0 source

Re: embedded linux libcurl upload data inactivity timeout not working

On 12/8/2014 12:33 PM, John Coffey wrote: FYI I found the bug um... can you tell us please? :) --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html

Re: Cannot get curllib to work with Visual C++ 11

On 11/25/2014 11:34 AM, Jon wrote: I’m new to curllib and cannot get the libraries to work with Visual C++ v11.0. I downloaded v7.36 (32-bit) a couple of months ago and compiled it to a .lib file (note I wasn’t able to create a .dll). When I put the .lib file into my library path and called

[PATCH] examples: Get pedantic about initialization and cleanup

These changes make the examples reflect what is API documented regarding initialization and cleanup. All examples will now: - Call curl_global_init immediately after the program starts. - Call curl_global_cleanup immediately before the program exits. - Call curl_easy_cleanup for each easy handl

Re: Select returns -1 on all the multi examples in win32

On 11/19/2014 7:45 AM, Daniel Stenberg wrote: On Mon, 17 Nov 2014, Ray Satiro wrote: The multi examples other than multi-single don't follow the documented cleanup order [1]. It would of course be nice to get them to use the proper order as well. The order is more a SHOULD than MUST t

Re: curl_multi_perform and write_callback

On 11/17/2014 11:15 PM, Jeroen Ooms wrote: An additional question: in the getinmemory.c example [1], why does realloc allocate 1 byte more than needed and than sets it to 0 at the end of the callback? The help page for CURLOPT_WRITEFUNCTION says "The data passed to this function will not be zero

Re: Select returns -1 on all the multi examples in win32

On 11/16/2014 5:57 AM, Daniel Stenberg wrote: On Sat, 15 Nov 2014, Ray Satiro wrote: Ok. To state the obvious the timeout behavior is different depending on platform now. In the case of platforms other than Windows if there are no fds select() will still sleep whatever is in timeout, which

Re: Select returns -1 on all the multi examples in win32

On 11/15/2014 3:33 PM, Daniel Stenberg wrote: On Fri, 14 Nov 2014, Ray Satiro wrote: I have attached a patch which fixes the multi examples for use on Windows by sleeping 100ms whenever curl_multi_fdset() doesn't set any file descriptors. I also added a check on its return value because

Re: Select returns -1 on all the multi examples in win32

On 11/13/2014 1:59 PM, Daniel Stenberg wrote: On Thu, 13 Nov 2014, JOHAN LANTZ wrote: However moving to the multi examples, I do not manage to download anything. There are no errors for the api calls setting things up but I always end up at this print: printf("select() returns error, this is

Re: How to force usage TLS instead of SSL

On 11/12/2014 11:46 PM, Praveen Pvs wrote: Due to SSL3 POODLE vulnerability (http://security.stackexchange.com/questions/70719/ssl3-poodle-vulnerability), i was asked to use TLS instead of SSL. I was wondering how to set these options, could any one help me with which options i need to set to

Re: Protecting against inner library security bugs

On 11/11/2014 4:03 PM, myriac...@cox.net wrote: Does libcurl have a policy on having code to protect against bugs being exploited in lower-level libraries? For example, this Windows SChannel bug: https://technet.microsoft.com/library/security/MS14-066 It's an interesting question that I suppo

Re: [PATCH] openssl: make it possible to build without SSLv3

On 11/10/2014 7:17 AM, Alessandro Ghedini wrote: On lun, nov 10, 2014 at 03:13:21 -0500, Ray Satiro wrote: I just tried OpenSSL 1.0.1j no-ssl3 and if I pass -3 to curl I still get a SSLv3 client hello and connection. Yeah. The thing about no-ssl3 is that AFAICT, it only disables SSLv3 when

Re: LibCurl Unicode conversion

On 11/10/2014 8:41 AM, Test Dev wrote: I am using imap of libcurl and getting unicode response from SSL_READ function. What is the best way to convert the response in wchar_t to get correct unicode string? Is Any option available inside the libcurl to do conversion inside the library? Can you

Re: [PATCH] openssl: make it possible to build without SSLv3

On 11/9/2014 4:36 PM, Guenter wrote: Hi Ray, On 08.11.2014 20:43, Ray Satiro wrote: I'm under the impression it's possible regardless. Following the changes to disable SSLv3 by default at one point I had tested against OpenSSL built with no-ssl3 and when I tried SSLv3 in curl I r

Re: [PATCH] openssl: make it possible to build without SSLv3

On 11/8/2014 9:23 AM, Alessandro Ghedini wrote: Just like it's possible for SSLv2. I'm under the impression it's possible regardless. Following the changes to disable SSLv3 by default at one point I had tested against OpenSSL built with no-ssl3 and when I tried SSLv3 in curl I received an un

Re: SSLv3 fallback attack POODLE

On 11/4/2014 4:51 PM, Todd A Ouska wrote: On Nov 4, 2014, at 10:58 AM, Ray Satiro wrote: On 11/4/2014 5:42 AM, Daniel Stenberg wrote: Thanks a lot, merged and pushed just now! I took a look and AFAICT all changes to disable SSLv3 by default in all SSL backends are now in the central repo

Re: SSLv3 fallback attack POODLE

On 11/4/2014 5:42 AM, Daniel Stenberg wrote: Thanks a lot, merged and pushed just now! I took a look and AFAICT all changes to disable SSLv3 by default in all SSL backends are now in the central repo. One nagging thing though from my original post, I still don't understand why CyaSSL cannot b

Re: SSLv3 fallback attack POODLE

On 11/4/2014 9:26 AM, moparisthebest wrote: On 11/04/2014 05:42 AM, Daniel Stenberg wrote: we should do something about test 2035 which now fails when run on any TLS backend without certificate pinning support, like PolarSSL... The tests have a 'dependency' type of setup as far as requiring SSL

Re: SSLv3 fallback attack POODLE

On 11/3/2014 3:07 AM, Daniel Stenberg wrote: On Mon, 3 Nov 2014, Ray Satiro wrote: I can't find that I got any feedback on this PolarSSL change and it doesn't look as though it ever made it to the central repo. I know the next curl release is a few days away. If there's a prob

Re: SSLv3 fallback attack POODLE

On 10/24/2014 2:57 PM, Ray Satiro wrote: PolarSSL has SSLv3 support by default unless it's changed at compile time. It is the minimum version: #define SSL_MIN_MAJOR_VERSION SSL_MAJOR_VERSION_3 #define SSL_MIN_MINOR_VERSION SSL_MINOR_VERSION_0 According to the PolarSSL advisory that c

Re: Avoiding creation of multiple connections to an http capable server before CURLMOPT_MAX_PIPELINE_LENGTH is reached.

On 10/30/2014 9:32 PM, Carlo Wood wrote: Note that English is not my first language. If the text below sounds awkward at times, then that is the reason. I assure you that I'm a very capable coder with decades of networking experience, despite that fact and hope you are willing to over look this,

Re: SFTP problems

On 10/24/2014 3:59 PM, Ray Satiro wrote: On 10/24/2014 6:30 AM, Daniel Karunairatnam wrote: I am able to build libssh2, but the instructions at [2] above refer to the librarian node when compiling libcurl. there is a linker node but not a librarian node when I open the 2010 libcurl.vcxproj

Re: SFTP problems

On 10/24/2014 6:30 AM, Daniel Karunairatnam wrote: I am able to build libssh2, but the instructions at [2] above refer to the librarian node when compiling libcurl. there is a linker node but not a librarian node when I open the 2010 libcurl.vcxproj file? There is no longer a lib/libcurl.vcpro

Re: SSLv3 fallback attack POODLE

On 10/24/2014 7:44 AM, Daniel Stenberg wrote: On Fri, 24 Oct 2014, Kamil Dudka wrote: Should I unimplement the fallback to SSL 3.0 in the NSS backend now, or wait till Ray's patch appears upstream? I'm digging up Ray's patch just now and I've pushed it! Two more to look at, GSKit and PolarSS

Re: SFTP problems

On 10/22/2014 10:32 AM, Gisle Vanem wrote: "Daniel Karunairatnam" wrote: okay, so i opened one of those. but the librarian node isn't there. Which configuration do i need to change it to to access the librarian node? The instructions in the link you posted before require some changes there.

Re: SFTP problems

On 10/21/2014 8:55 AM, Guenter wrote: Hi Daniel, On 21.10.2014 13:35, Daniel Karunairatnam wrote: is it the 3.34MB file under win32-generic on this page? http://curl.haxx.se/download.html are you running windows 8? and if it is that file. how do I compile the example code? there is

Re: SFTP problems

On 10/19/2014 4:43 AM, Daniel Karunairatnam wrote: Hi guys, I'm trying to use libcurl in Visual Studio Express C++ 2010 (Windows 8) to upload and append files to an sftp server. I am using the following code (taken from http://curl.haxx.se/libcurl/c/sftpget.html, with a few changes). ...

Re: SSLv3 fallback attack POODLE

On 10/15/2014 12:26 PM, Mark Adams wrote: My understanding is that SSL_MODE_SEND_FALLBACK_SCSV should be set if and only if the TLS/SSL session being established is itself an attempt to establish a connection with a fallback TLS/SSL version following a previous handshake failure. It should not

Re: SSLv3 fallback attack POODLE

On 10/15/2014 2:58 AM, Ray Satiro wrote: I read today of a new method to decrypt SSL called POODLE. If you haven't read of it you should. It works by using SSL fallback behavior to get SSLv3 which can now be decrypted [1][2]. To be more correct on this POODLE "allows a network a

SSLv3 fallback attack POODLE

I read today of a new method to decrypt SSL called POODLE. If you haven't read of it you should. It works by using SSL fallback behavior to get SSLv3 which can now be decrypted [1][2]. I'm looking into different libcurl SSL backends and this attack. Immediately one can use CURLOPT_SSLVERSION w

<    1   2   3   4   5   6   7   >