github
/
aria2
mirror of https://github.com/aria2/aria2
1
0
Fork 0
Code Issues Releases Wiki Activity
4,741 Commits
9 Branches
152 Tags
63 MiB
Commit Graph

3394 Commits (dda0b62fb9feddc1c82efffd3b87d66f4eecea32)

Author SHA1 Message Date
Tatsuhiro Tsujikawa b324be70ad Run on-bt-download-complete command when -V reports download finished 
See GH-355
 2015-03-22 17:58:13 +09:00
Tatsuhiro Tsujikawa 7f9bb0e2da Use dedicated DiskWriter in MultiDiskFileAllocationIterator 
We have to use dedicated DiskWriter instead of
(*entryItr_)->getDiskWriter().  This is because
SingleFileAllocationIterator cannot reopen file if file is closed by
OpenedFileCounter.
 2015-03-22 01:32:38 +09:00
Nils Maier c248d456d1 Comment getrandom code a bit 2015-03-18 01:46:26 +01:00
Nils Maier ee63dff225 Fix getrandom for system with libc not including errno or systems 
not supporting ENOSYS in the first place.

Fixes GH-347
 2015-03-18 01:46:21 +01:00
Tatsuhiro Tsujikawa c17b98a9fc Don't send back rpc-secret option value in aria2.getGlobalOption RPC method 2015-03-13 01:09:01 +09:00
Tatsuhiro Tsujikawa 762ab15450 Avoid copy 2015-03-13 00:18:14 +09:00
Tatsuhiro Tsujikawa cb5ccf6a7a SocketBuffer: Keep sending until blocked 
See GH-345
 2015-03-08 21:15:12 +09:00
Tatsuhiro Tsujikawa 649c49dcc6 Mingw: Use _wgetenv to get user's home directory 
Fixes GH-342
 2015-02-21 01:49:07 +09:00
Nils Maier ba0e32abae Handle linux getrandom returning EINTR on interrupts/signals 
Also handle ENOTSUP failures where aria2 was build with linux headers
newer than the actual running kernel.

Fixes GH-336
 2015-02-07 17:18:45 +01:00
Tatsuhiro Tsujikawa 9d577b0ad7 Fix adjustAnnounceUri parameter is not passed 2015-02-07 00:39:33 +09:00
Tatsuhiro Tsujikawa 4cf0bb742f Shuffle web-seeding URIs 2015-02-07 00:38:03 +09:00
Tatsuhiro Tsujikawa e1739c8ee7 Fix compile error without SSL/TLS enabled 2015-02-01 21:32:47 +09:00
Tatsuhiro Tsujikawa d5d21d20d7 Support HTTP date ending "+0000" as well as "GMT". 2015-01-26 21:31:47 +09:00
Nils Maier 81bdd5f61a Revise getRandom facilities 
Use one of the following to provide random bytes:
- Windows CryptGenRandom
- Linux getrandom (syscall interface to urandom, without nasty corner
  cases such as file descriptor exhaustion or re-linked /dev/urandom)
- std::device_random (C++ random device, which usually will be urandom)

This also equalizes util::getRandom and SimpleRandomizer (the former
will now use the latter) instead of having essentially two different
PRNG interfaces with potentially different quality.

Closes GH-320
 2015-01-20 22:37:24 +01:00
Tatsuhiro Tsujikawa bec6461262 Merge branch 'comments' of https://github.com/dfandrich/aria2 into dfandrich-comments 2015-01-16 21:36:22 +09:00
Dan Fandrich 0538aa40da Fixed some typos in code comments 2015-01-16 01:17:35 +01:00
Dan Fandrich 8c53e37c21 Added debug log of all Metalink URLs with final priorities 2015-01-16 00:29:17 +01:00
Tatsuhiro Tsujikawa d0c20e158e Fix typo 2015-01-13 23:41:59 +09:00
Tatsuhiro Tsujikawa 9f4e76d1b7 Fix indentation in usage output 2015-01-12 17:49:45 +09:00
Tatsuhiro Tsujikawa c653c72dc8 Add --bt-force-encryption option 
This option requires BitTorrent message payload encryption with
arc4. This is a shorthand of --bt-requre-crypto
--bt-min-crypto-level=arc4.  If true is given, deny legacy BitTorrent
handshake and only use Obfuscation handshake and always encrypt
message payload. This option defaults to false.
 2015-01-12 17:46:20 +09:00
Nils Maier 0895008e5c Fix SSLv3 warnings being issued on connection reuse. 
And also improve tlsHandshake code a bit in the process, mostly by being
more explicit about error conditions.
 2014-12-30 22:36:24 +01:00
Nils Maier 590aa21c68 Add backward-compatible libuv defs 2014-12-30 22:36:24 +01:00
Nils Maier e0812d5ad1 Fix another printf related warning 2014-12-29 03:15:50 +01:00
Tatsuhiro Tsujikawa ff2a630efe GNUTLS: Remove ifdef for GNUTLS_TLS* since they are not macros 
Since they are not macros, we get always TLS_PROTO_NONE (otherwise you
are using SSLv3 and you will get warning nonetheless) and get warning.
 2014-12-26 18:08:41 +09:00
Tatsuhiro Tsujikawa d755df2505 TLS: Fix memory leak with OpenSSL 
Based on the patch submitted by midnight2k
 2014-12-26 18:04:50 +09:00
Tatsuhiro Tsujikawa 701e5df790 Merge branch 'master' into warn-ssl3 2014-12-15 23:44:41 +09:00
Nils Maier 48bcb47a30 Refine messages to include peer info 2014-12-14 10:34:09 +01:00
Nils Maier 3c8704178a Move warn logic into SocketCore 
Also fiddle a bit with the WinTLS implementation, forcing "strong"
crypto only for > SSLv3.
 2014-12-14 10:34:09 +01:00
Nils Maier b0cdbfe9e7 Fix ASYNC_DNS code in LibuvEventPoll 2014-12-13 08:14:07 +01:00
Nils Maier c5c38bf3a4 Warn about insecure SSL connections. 
Fixed GH-313
 2014-12-12 18:24:19 +01:00
Nils Maier 811c0f758d Port poll changes to LibuvEventPoll 2014-12-12 12:21:39 +01:00
Nils Maier 6f9ea555c2 Fix compiler warning 2014-12-12 10:34:53 +01:00
Nils Maier 46aa2f6af3 Fix AppleTLSContext protocol selection 2014-12-12 09:29:33 +01:00
Nils Maier 0e5ed611d1 AppleTLS: Set error state when handshake fails... 
+ some minor formatting issues.
 2014-12-11 12:12:04 +01:00
Tatsuhiro Tsujikawa 73d752fb1c Add --min-tls-version option 
The --min-tls-version option specifies minimum SSL/TLS version to
enable. Possible Values: SSLv3, TLSv1, TLSv1.1, TLSv1.2 Default: TLSv1
 2014-12-06 17:50:35 +09:00
Tatsuhiro Tsujikawa 62fba76666 Compile with old OpenSSL 2014-12-05 22:43:16 +09:00
Tatsuhiro Tsujikawa 6d3bd60905 LibgnuTLSSession: Disable SSLv3 2014-11-29 20:00:46 +09:00
Tatsuhiro Tsujikawa 71d8424318 LibsslTLSContext: Disable SSLv3 and enable ECDHE cipher suites 2014-11-29 19:33:50 +09:00
Tatsuhiro Tsujikawa bb6fae2f00 LibsslTLSSession: Strict clean shutdown detection 2014-11-14 21:46:06 +09:00
Tatsuhiro Tsujikawa 2cec9df2a2 Fix crash when JSON batch response vector is empty 2014-10-16 22:56:23 +09:00
Tatsuhiro Tsujikawa f72a303b8d Add --bt-detach-seed-only option 
This option excludes seed only downloads when counting concurrent
active downloads (-j option).  This means that if -j3 is given and
this option is turned on and 3 downloads are active and one of those
enters seed mode, then it is excluded from active download count (thus
it becomes 2), and the next download waiting in queue gets started.
But be aware that seeding item is still recognized as active download
in RPC method.
 2014-10-14 00:13:29 +09:00
Tatsuhiro Tsujikawa 09d7956537 mingw: Use MoveFileExW for better atomic move 2014-10-10 23:49:53 +09:00
David Macek 784d0e5e51 Work around libintl's vprintf macro messing with OutputFile::vprintf 2014-10-05 11:27:17 +02:00
Tatsuhiro Tsujikawa d8cde1f499 Rewrite auto_deleter_r with defer function template 2014-09-16 23:49:50 +09:00
Tatsuhiro Tsujikawa fa5998ba85 Rewrite expression template to make it a bit easier 2014-09-16 21:53:35 +09:00
Tatsuhiro Tsujikawa b63c1dce08 SessionSerializer: Use std::unique_ptr instead of std::shared_ptr 2014-09-15 16:43:46 +09:00
Tatsuhiro Tsujikawa 306d92a1da Move req 2014-09-15 14:23:00 +09:00
Tatsuhiro Tsujikawa 9a931e7c61 Fix crash on OSX when proxy is used 
See GH-275
 2014-09-15 14:19:59 +09:00
Tatsuhiro Tsujikawa 9b84727324 Use std::make_shared and make_unique where possible, part 2 2014-09-13 18:37:57 +09:00
Tatsuhiro Tsujikawa 596e5c6162 Refactor event poll classes so that we don't have to allocate memory on query 
I left Port and libuv classes, since I don't have them compiled.
So they were updated minimally.
 2014-09-13 17:33:22 +09:00
Tatsuhiro Tsujikawa f55c16c7ed Use std::unique_ptr for DHTBucketTree's left and right pointers 2014-09-13 00:49:08 +09:00
Tatsuhiro Tsujikawa e18e8aeeaa Support Adler32 checksum 
Adler32 checksum is available for --checksum option and hash element
in Metalink files.  Currently, we use Adler32 implementation in Zlib.
 2014-09-13 00:08:07 +09:00
Tatsuhiro Tsujikawa d91f7dc721 Use lambda 2014-09-13 00:08:07 +09:00
Tatsuhiro Tsujikawa 2807258279 Use std::make_shared and make_unique where possible, part 1 2014-09-13 00:07:21 +09:00
Tatsuhiro Tsujikawa bee7a8317c Update doc 2014-09-12 02:02:33 +09:00
Tatsuhiro Tsujikawa c0b8b471ab Fix hash function comparator 2014-09-11 23:54:17 +09:00
Nils Maier e0d6d04fe8 WinTLS: Fix abrupt connection closing and closing in general. 
Fixes GH-277
 2014-09-10 16:26:34 +02:00
Tatsuhiro Tsujikawa 04f875e273 WinTLS: Return 0 if eof_ is true and decBuf_ is empty 2014-09-10 21:45:08 +09:00
Tatsuhiro Tsujikawa 83c78c497b LibsslTLSSession: Treat 0 from readData as EOF 2014-09-10 21:26:06 +09:00
Tatsuhiro Tsujikawa e7e80e5ec6 WinTLS: Fix busy loop on EOF 
Fixes gh#277
 2014-09-10 01:11:57 +09:00
Nils Maier 0f805fb962 Silence some compiler warnings in SessionSerializer. 2014-08-30 02:03:57 +02:00
Nils Maier bd29fd2c30 Always include raw OS version number on Windows 2014-08-30 01:15:40 +02:00
Nils Maier bc5d9e5466 Fix typo in FeatureConfig/OS detection 2014-08-30 01:03:58 +02:00
Tatsuhiro Tsujikawa ae631513f3 Replace A2_ARRAY_LEN with constexpr arraySize 2014-08-29 23:37:31 +09:00
Tatsuhiro Tsujikawa e74b39deaf Fix crash in OpenedFileCounter::ensureMaxOpenFileLimit() 
The crash happens if PieceStorage and/or DiskAdaptor are not
initialized in one of active RequestGroups.
 2014-07-30 22:31:48 +09:00
Tatsuhiro Tsujikawa bd0a3960df mingw32: Fix bug that aria2 does not read piped stdin 2014-07-30 00:38:45 +09:00
Tatsuhiro Tsujikawa c659fe939d Fix std::length_error when no_proxy is used 
This is regression introduced in 8cada497.
 2014-07-26 16:12:10 +09:00
Nils Maier 8732a24433 Try to set sane limits for RLIMIT_NO_FILE 
E.g. on OSX the default is 256, which isn't exactly compatible with
torrent downloads.

Closes GH-257
 2014-07-22 21:58:31 +02:00
Nils Maier 70a80b1455 Remove request pre-authorization again 2014-07-22 21:58:30 +02:00
Nils Maier 8f2af33b6d Delay auth failures instead of PBKDF2 
Closes GH-256
 2014-07-22 21:58:30 +02:00
diadistis 9b1667fe81 Fixed segfault unsupported encodings 2014-07-20 18:06:09 +03:00
Tatsuhiro Tsujikawa d69764879e Fix regression 100% CPU utility when -V is used and download is multi-file BT 
This is regression of a3426821c8
 2014-07-20 18:36:52 +09:00
Tatsuhiro Tsujikawa b611cd2bdc UnknownLengthPieceStorage: Use std::make_shared 2014-07-15 23:48:32 +09:00
Tatsuhiro Tsujikawa a6b7bd0342 Show bitfield for unknown length download in aria2.tellStatus RPC method 
Generally, bitfield is not available for download whose total length
is unknown.  We create bitfield when download is completed (usually
connection EOF) so that we can use it to show additional info in RPC
aria2.tellStatus response.  Specifically, bitfield is now shown.  And
completedLength under files key (or completedLength in
aria2.getFiles() response) is correctly shown.
 2014-07-15 23:36:10 +09:00
Tatsuhiro Tsujikawa 98681552fc Fix compile error on big endian platform 2014-07-14 21:32:48 +09:00
Tatsuhiro Tsujikawa 04caefa406 Fix test failure with --enable-libaria2 2014-07-14 00:06:32 +09:00
Tatsuhiro Tsujikawa 7fbd8a50ef Fix compile error and warning with clang 2014-07-12 17:44:43 +09:00
Tatsuhiro Tsujikawa 3aaa5a7344 Fix file length information in RPC response when length > 2GB is unknown 
This commit fixes the bug that aria2.tellStopped RPC method returns
total length and completedLength as 0 when file size is unknown in
advance and turns out > 2GB in the end.  This commit and addresses the
performance degradation in this case.
 2014-07-12 17:01:46 +09:00
Nils Maier 84bd18b9a1 Merge crypto_* from upstream 
Revert "Fix typo"
This reverts commit 4dfd8b8847.
Revert "MinGW: Fix compiler warning with -Wstrict-aliasing"
This reverts commit 897f0e87f4.
 2014-07-11 04:11:03 +02:00
Tatsuhiro Tsujikawa 897f0e87f4 MinGW: Fix compiler warning with -Wstrict-aliasing 
The error message is:

warning: dereferencing type-punned pointer will break strict-aliasing
rules [-Wstrict-aliasing]
 2014-07-10 00:28:16 +09:00
Tatsuhiro Tsujikawa 4dfd8b8847 Fix typo 2014-07-10 00:28:06 +09:00
Tatsuhiro Tsujikawa 852f2fb99a MinGW: Fix compiler warning about winsock2.h and windows.h 
This commit fixes following compiler warning with mingw compiler:

In file included from common.h:63:0,
                 from util_security.h:42,
                 from util_security.cc:36:
/usr/share/mingw-w64/include/winsock2.h:15:2: warning: #warning
 Please include winsock2.h before windows.h [-Wcpp]
 #warning Please include winsock2.h before windows.h
 2014-07-10 00:04:28 +09:00
Tatsuhiro Tsujikawa a3426821c8 MultiDiskAdaptor: Handle short read 2014-07-02 00:05:44 +09:00
Tatsuhiro Tsujikawa 8750d7be99 Disard cache when checking checksum 
This will slow down checksum checking but does not thrash cache.
 2014-07-02 00:05:43 +09:00
Nils Maier 0b6501043a Compat with libuv 0.11 (Unstable) 
Fixes #241
 2014-07-01 13:48:19 +02:00
Nils Maier 0c8a2659ea Drop WinMessageDigestImpl. 
The algorithms the `CryptProv` on Windows supports does not currently
include SHA-224, so there is a "dark spot" in this implementation. Also
on Win XP < SP3, most of the SHA-2 family is not actually supported.
All other implementation provide support for MD5, SHA-1 and all of the
SHA-2 family, hence drop the incomplete WinMessageDigest implementation
in favor of any other supported implementation (at least the internal
implementation is always available at compile-time).
 2014-06-24 20:45:12 +02:00
Nils Maier 8587669995 Fix big endianess support in InternalMessageDigest and PBKDF2 
- Replace sha1/md5 implementation by ones from https://github.com/nmaier/crypto
- Add endianess functionality fro https://github.com/nmaier/crypto

Closes GH-239
 2014-06-24 20:45:05 +02:00
Tatsuhiro Tsujikawa 06a8bf6e0a Pause download only when RPC is enabled 2014-06-21 00:58:21 +09:00
Tatsuhiro Tsujikawa e2932608fc Add --pause-metadata option 
This option pauses downloads created as a result of metadata
download. There are 3 types of metadata downloads in aria2: (1)
downloading .torrent file. (2) downloading torrent metadata using
magnet link. (3) downloading metalink file.  These metadata downloads
will generate downloads using their metadata. This option pauses these
subsequent downloads.
 2014-06-21 00:58:21 +09:00
Nils Maier 2b02fac2d5 Improve compiler/platform/libs information in logs 
Add and use usedCompilerAndPlatform().  This adds compiler information to
INFO logs and the --version output, and may be helpful when trying to
diagnose/reproduce user-reported problems.

Also make INFO logs include usedLibs() output.

Closes #235
 2014-06-10 11:28:34 +02:00
Tatsuhiro Tsujikawa 570bc24fb9 Fix use-after-free on exit with multi-file torrent download + DHT 
DefaultPieceStorage may be referenced by one of DHT task (e.g.,
DHTPeerLookupTask), after RequestGroup was deleted, and even after
RequestGroupMan was deleted.  DefaultPieceStorage has a reference to
MultiDiskAdaptor which calls RequestGroupMan object on destruction.
So when DHT task is destroyed, DefaultPieceStorage is destroyed, which
in turn destroys MultiDiskAdaptor.  DHT task is destroyed after
RequestGroupMan was destroyed, MultiDiskAdaptor will use now freed
RequestGroupMan object, this is use-after-free.
 2014-06-08 17:03:34 +09:00
Tatsuhiro Tsujikawa 442e460055 Fix bug that zero length file is not opened when flushing cache 
This bug was only seen when MultiDiskAdaptor was used.
 2014-06-08 16:43:22 +09:00
Tatsuhiro Tsujikawa e2ff45f326 AnnounceList, AnnounceTier: Code cleanup using C++11 features 2014-06-06 00:04:37 +09:00
Tatsuhiro Tsujikawa aff92b5115 SocketRecvBuffer: Cleanup with C++11 features 2014-06-05 23:40:19 +09:00
Tatsuhiro Tsujikawa 0ee8104953 Small code cleanup for SocketBuffer 2014-06-05 23:33:58 +09:00
Tatsuhiro Tsujikawa c0e4381780 util::parseIntSegments: Return SegList<int> 2014-06-04 23:21:01 +09:00
Tatsuhiro Tsujikawa 007b890fe4 bittorrent::computeFastSet: Return std::vector 2014-06-04 22:50:39 +09:00
Tatsuhiro Tsujikawa d1d5ea5b21 DownloadContext, FileEntry: Use move semantics to path parameter in ctor 2014-06-04 22:43:29 +09:00
Tatsuhiro Tsujikawa 9b54272190 FileEntry::getUris: Return std::vector<std::string> 2014-06-04 22:33:46 +09:00
Tatsuhiro Tsujikawa 4f3c526dcd Support PREF_DIR change for Metalink files 
Reworked previous commit adeead6f03, and
now support changing PREF_DIR for Metalink downloads.
 2014-06-04 21:45:12 +09:00
Tatsuhiro Tsujikawa adeead6f03 Revert to existing "proper" coding style 
The rule is simple: don't try to change the coding style of the
existing codebase.
 2014-06-03 23:41:30 +09:00
Tatsuhiro Tsujikawa 83f4bced07 Fix assertion failure when dir option of paused HTTP/FTP download is changed 
When the directory is changed via aria2.changeOption RPC method, we
directly change first FileEntry's path using FileEntry::setPath().  If
there is no PREF_OUT option is given, basically file name is unknown,
so we just set empty string and let the next run determine the correct
file name and new directory is applied there.  But previous code does
not reset length property of FileEntry, so the unexpected code path is
taken when unpaused and its path expects path is not empty string.
This commit fixes this issue by setting length to 0 using
FileEntry::setLength().
 2014-06-03 23:09:28 +09:00
Tatsuhiro Tsujikawa 631f37433a Save session only when there is change since the last serialization 
This is a slight optimization not to cause useless disk access.  This
only applies to saving session automatically (see
--save-session-interval).  aria2.saveSession and serialization at the
end of the session are always performed as before.

When serialization, we first check that whether there is any change
since the last serialization.  To do this, we first calculate hash
value of serialized content without writing into file.  Then compare
this value to the value of last serialization.  If they do not match,
perform serialization.
 2014-05-31 16:19:57 +09:00
Tatsuhiro Tsujikawa 998fba3264 Revert "Save session only when there is change since the last serialization" 
This reverts commit 1944d8db58.
 2014-05-31 15:28:26 +09:00
Tatsuhiro Tsujikawa 1944d8db58 Save session only when there is change since the last serialization 
This is a slight optimization not to cause useless disk access.  This
only applies to saving session automatically (see
--save-session-interval).  aria2.saveSession and serialization at the
end of the session are always performed as before.
 2014-05-30 23:20:13 +09:00
Nils Maier d2e38aab36 Use _setmode to set binary mode in mingw 
The _CRT_fmode stuff was never working correctly anyway, and is entirely
unsupported in mingw-w64 these days, it seems.
 2014-05-29 19:38:34 +02:00
Nils Maier 3c55400d23 Silence deprecation warning about daemon() on OSX 2014-05-29 19:38:34 +02:00
Nils Maier b9fe4119c0 New round of clang-modernize 2014-05-29 19:38:34 +02:00
Nils Maier c8ccb43428 Consistent style in util_security 2014-05-29 19:38:34 +02:00
Nils Maier 77f0f1395c Consistent style in the platform TLS implementations 2014-05-29 19:38:33 +02:00
Nils Maier 8cada49765 Cleanup AbstractCommand take 2 
Decided to keep the 'if(' -> 'if (' stuff, as I formatted the whole file
and so it is internally consistent within the file. Also, too much
hassle.
 2014-05-29 18:39:53 +02:00
Nils Maier e57d330111 Cleanup HttpHeaderProcessor take 2 
Decided to keep the 'if(' -> 'if (' stuff, as I formatted the whole file
and so it is internally consistent within the file. Also, too much
hassle.
 2014-05-29 18:29:37 +02:00
Nils Maier 48ec56a64d Revert "Cleanup HttpHeaderProcessor::parse" 
This reverts commit 047b49b7a0.
 2014-05-29 18:29:37 +02:00
Nils Maier 6240345fd5 Revert "Cleanup AbstractCommand" 
This reverts commit 0465aa5455.
 2014-05-29 18:29:37 +02:00
Nils Maier 0465aa5455 Cleanup AbstractCommand 
In my quest to explore the code and understand it, why not clean it up
in the progress. Most formatting provided by clang-format. ;)
Aside from formatting, also extracted some method and unnested some
control structs.
 2014-05-27 21:37:15 +02:00
Nils Maier 6e546245e4 Sort and cleanup src/Makefile.am 2014-05-27 21:35:42 +02:00
Nils Maier 047b49b7a0 Cleanup HttpHeaderProcessor::parse 2014-05-27 19:46:54 +02:00
Nils Maier d72df551ba Document setUri() in FileEntry does not need to check the return value. 2014-05-27 19:10:14 +02:00
Nils Maier 15cb9e12b2 Remove unused variable in LibgcryptMessageDigestImpl 2014-05-27 19:10:14 +02:00
Nils Maier fd8dc921fe Initialize DownloadEngine::tokenAverageDuration_ to something. 2014-05-27 19:10:14 +02:00
Nils Maier f8db60e54e OSX: Use F_NOCACHE instead of F_GLOBAL_NOCACHE 
The latter persists for the lifetime of the file, while the former
affects only the current descriptor.
 2014-05-26 21:34:49 +02:00
Nils Maier dd8e4b0ad0 Remove spurious CXX11_OVERRIDE to make cov-build happy. 2014-05-26 01:34:26 +02:00
Nils Maier a82f08765e Fix (unknown length) downloads larger than 2GiB 
Closes #215
 2014-05-25 14:49:29 +02:00
Nils Maier 64b1fefb78 Add missing include in util_security.h 
Fixes #231
 2014-05-23 18:44:10 +02:00
Nils Maier f7cc24d6cf Internally use HMAC in http auth 
To at least get constant time compare.
Also fix incorrect parsing of the creds (were incorrectly stripped).
Also add unit tests.
 2014-05-22 15:24:20 +02:00
Nils Maier d02ee723bd Improve aria2.rst and usage texts a bit. 
(Keep in mind that I'm not a native speaker either)
- Fix some typos.
- Fix some grammar stuff.
- Clarify some things.
- Add a new paragraph or two...
 2014-05-20 18:02:47 +02:00
Nils Maier 855dfa0e2f Authorize RPC multicalls only once. 
Cache the auth status afterwards and just assume the token still matches
(within the same request, of course).
 2014-05-20 12:53:39 +02:00
Nils Maier 88b61f2eb9 Adjust RPC token processing time 
Make it consume a bit less time.
 2014-05-20 12:53:38 +02:00
Nils Maier bb50de1336 Improve write cache failures error reporting 2014-05-20 12:52:26 +02:00
Nils Maier 5c07f0109e Fix F_PREALLOC based allocation on some OSX versions 2014-05-08 16:40:09 +02:00
Nils Maier 1dd7409c4e Fix unused function warning about generateRandomDataUrandom in mingw-w64 2014-05-08 16:38:32 +02:00
Nils Maier a0f275a9f1 Remove unused function getWin32Handle 2014-05-08 16:38:32 +02:00
Tatsuhiro Tsujikawa f60e55cece Use index.html as filename for conditional-get when file is missing in URI 
Previously we disabled conditional-get if file part is missing in URI.
But we use constant string "index.html" in this case, so we can do the
same to determine the modification time.  In this patch, if we have
file part in URI, we are not going to set absolute file path in
FileEntry, since it prevents content-disposition from working.
 2014-05-08 21:49:04 +09:00
Tatsuhiro Tsujikawa 84f1a15e10 Check negative number from Integer::i() where it is not allowed 2014-05-01 11:34:27 +09:00
Tatsuhiro Tsujikawa 4c2ad69a75 Ignore negative metadata size in extended handshake 2014-04-30 23:46:27 +09:00
Nils Maier 82dad90ff3 Validate token using PBKDF2-HMAC-SHA1. 
This change should make token validation more resilient to:
 - timing attacks (constant time array compare)
 - brute-force/dictionary attacks (PBKDF2)

 Closes #220
 2014-04-19 19:10:06 +02:00
Nils Maier 98ba096951 Add util::security (compare, HMAC, PBKDF2) 
See #220
 2014-04-19 19:07:38 +02:00
Nils Maier 010131161e Remove ENABLE_MESSAGE_DIGEST, since we got the internal md, always 2014-04-17 18:02:42 +02:00
Nils Maier aa02545fba Use mpz_pown_sec where available 2014-04-13 18:51:06 +02:00
Nils Maier c694a05797 Fix some warnings 2014-04-13 18:51:05 +02:00
Nils Maier 18c35f56b8 AppleTLS: Enable BEAST mitigations in ST 
Only available in 10.9+, but since we might be building on a previous
version but running on 10.9+, always try to set the option.
 2014-04-13 18:51:05 +02:00
Nils Maier e195dc5f00 AppleTLS: Update cipher suites 
Also make the suite selection more sane.
 2014-04-13 18:51:05 +02:00
Nils Maier 39d66bd560 WinTLS: Improve error reporting 2014-04-13 18:51:05 +02:00
Nils Maier 51beb4bfa7 WinTLS: Move some defines out of the header 2014-04-13 18:51:04 +02:00
Nils Maier 219fd5b4b7 WinTLS: Make ca-file rejection a warning 2014-04-13 18:51:04 +02:00
Nils Maier 8d55e30561 WinTLS: Use SCH_USE_STRONG_CRYPTO 
See: #217
 2014-04-13 18:50:54 +02:00
Nils Maier 0a51b8d172 WinTLS: Accept chains with no revocation information. 
This is kind what browser do anyway (IE, Firefox, Chrome tested), what
AppleTLS does, what GnuTLS does and what OpenSSL does. Actually, most
browsers will also be OK with the CRL/OCSP provider being offline.
WinTLS will still fail in that case.

Should revocation information be available in the trust chain (CRL or
OCSP) the certificate still will be checked!

"Real" CAs, aka. those provided by the OS or system CA bundle, usually
provide revocation information and are thus still checked.
It should be mostly (only?) custom (organization) CAs that lack
revocation information, but those users might want to use aria2 in their
intranets and VPNs anyway ;)

See #217
 2014-04-13 18:50:38 +02:00
Nils Maier 13a202df07 Fix GnuTLS 2.x compatiblity 
Closes GH-216
 2014-04-12 02:55:31 +02:00
Nils Maier 2d9bf0f374 AppleTLS: Use newer, non-deprecated API in 10.8+ 2014-04-12 02:55:31 +02:00
Nils Maier 7600886d3d Implement falloc equivalent in OSX 2014-04-12 02:55:31 +02:00