aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-03-25polarssl: called mbedTLS in 1.3.10 and laterDaniel Stenberg
2015-03-25polarssl: remove dead codeDaniel Stenberg
and simplify code by changing if-elses to a switch() CID 1291706: Logically dead code. Execution cannot reach this statement
2015-03-25polarssl: remove superfluous for(;;) loopDaniel Stenberg
"unreachable: Since the loop increment is unreachable, the loop body will never execute more than once." Coverity CID 1291707
2015-03-25Curl_ssl_md5sum: return CURLcodeDaniel Stenberg
... since the funciton can fail on OOM. Check this return code. Coverity CID 1291705.
2015-03-25cyassl: default to highest possible TLS versionJay Satiro
(cyassl_connect_step1) - Use TLS 1.0-1.2 by default when available. CyaSSL/wolfSSL >= v3.3.0 supports setting a minimum protocol downgrade version. cyassl/cyassl@322f79f
2015-03-25cyassl: Check for invalid length parameter in Curl_cyassl_randomJay Satiro
2015-03-25cyassl: If wolfSSL then identify as such in version stringJay Satiro
2015-03-24symbols-in-versions: added CURLOPT_PATH_AS_ISDan Fandrich
2015-03-24testcurl.pl: add the --notes option to supply more info about a buildDan Fandrich
Support for notes has been in place for a while, but it required being added to the setup file manually.
2015-03-24curl_memory: make curl_memory.h the second-last header file loadedDan Fandrich
This header file must be included after all header files except memdebug.h, as it does similar memory function redefinitions and can be similarly affected by conflicting definitions in system or dependent library headers.
2015-03-24openssl: do the OCSP work-around for libressl tooDaniel Stenberg
I tested with libressl git master now (v2.1.4-27-g34bf96c) and it seems to still require the work-around for stapling to work.
2015-03-24openssl: verifystatus: only use the OCSP work-around <= 1.0.2aDaniel Stenberg
URL: http://curl.haxx.se/mail/lib-2015-03/0205.html Reported-by: Alessandro Ghedini
2015-03-24openssl: adapt to ASN1/X509 things gone opaque in 1.1Daniel Stenberg
2015-03-24curl_easy_setopt.3: Fix misspelling in CURLOPT_PATH_AS_IS descriptionJay Satiro
2015-03-24CURLOPT_HTTPHEADER.3: fix typo in recent commitViktor Szakáts
2015-03-24CURLOPT_PATH_AS_IS.3: add type 'long' to prototypeViktor Szakáts
2015-03-24vtls: fix compile with --disable-crypto-auth but with SSLDan Fandrich
This is a strange combination of options, but is allowed.
2015-03-24os400: define new options in ILE/RPG binding.Patrick Monnerat
2015-03-24RELEASE-NOTES: synced with f6878609361Daniel Stenberg
2015-03-24curl_easy_setopt.3: Add CURLOPT_PATH_AS_ISDaniel Stenberg
2015-03-24CURLOPT_PATH_AS_IS: addedDaniel Stenberg
--path-as-is is the command line option Added docs in curl.1 and CURLOPT_PATH_AS_IS.3 Added test in test 1241
2015-03-23curl_easy_recv/send: make them work with the multi interfaceYamada Yasuharu
By making sure Curl_getconnectinfo() uses the correct connection cache to find the last connection.
2015-03-23http2: move the init too for when its actually neededDaniel Stenberg
... it would otherwise lead to memory leakage if we never actually do the switch.
2015-03-23dict: rename byte to avoid compiler shadowed declaration warningDan Fandrich
This conflicted with a WolfSSL typedef.
2015-03-23cyassl: include version.h to ensure the version macros are definedDan Fandrich
2015-03-22test1513: eliminated race condition in test runDan Fandrich
It seems that some systems (e.g. fairly consistently in some recent Solaris autobuilds) would manage to get to the connect phase before the progress callback was called, resulting in a CURLE_COULDNT_CONNECT error. Reworked the test to point at a test server that never returns a full result so the progress callback always gets a chance to be called before the transfer can complete in some other way.
2015-03-21darwinsssl: add support for TLS False StartNick Zitzmann
TLS False Start support requires iOS 7.0 or later, or OS X 10.9 or later.
2015-03-21gtls: add check of return codeDaniel Stenberg
Coverity CID 1291167 pointed out that 'rc' was received but never used when gnutls_credentials_set() was used. Added return code check now.
2015-03-21gtls: dereferencing NULL pointerDaniel Stenberg
Coverity CID 1291165 pointed out 'chainp' could be dereferenced when NULL if gnutls_certificate_get_peers() had previously failed.
2015-03-21gtls: avoid uninitialized variable.Daniel Stenberg
Coverity CID 1291166 pointed out that we could read this variable uninitialized.
2015-03-21tests/certs: rebuild certificates with modified key usage bitsDan Fandrich
The certificates were missing the digitalSignature and keyAgreement usage types, of which at least digitalSignature was checked by CyaSSL. This caused the test server in test 310 (among others) to fail the startup verification and therefore run (see http://curl.haxx.se/mail/lib-2014-07/0303.html).
2015-03-21tests/certs: added make target to rebuild certificatesDan Fandrich
The certificate generation scripts were also updated to better match the format of the certificates currently checked in.
2015-03-21x509asn1: add /* fallthrough */ in switch() caseDaniel Stenberg
2015-03-21x509asn1: minor edit to unconfuse CoverityDaniel Stenberg
CID 1202732 warns on the previous use, although I cannot fine any problems with it. I'm doing this change only to make the code use a more familiar approach to accomplish the same thing.
2015-03-21testcurl: Allow '=' in values given on command lineDagobert Michelsen
2015-03-21nss: error: unused variable 'connssl'Daniel Stenberg
2015-03-21test938: added missing closing tagsDan Fandrich
2015-03-20cyassl: use new library version macro when availableDan Fandrich
2015-03-20curl: add --false-start optionAlessandro Ghedini
2015-03-20nss: add support for TLS False StartAlessandro Ghedini
2015-03-20url: add CURLOPT_SSL_FALSESTART optionAlessandro Ghedini
This option can be used to enable/disable TLS False Start defined in the RFC draft-bmoeller-tls-falsestart.
2015-03-20gtls: implement CURLOPT_CERTINFOAlessandro Ghedini
2015-03-20openssl: try to avoid accessing OCSP structs when possibleAlessandro Ghedini
2015-03-20CURLOPT_URL.3: spelling!Daniel Stenberg
Reported-by: Frank Gevaerts
2015-03-20CURLOPT_URL.3: Added "SECURITY CONCERNS"Daniel Stenberg
2015-03-20CURLOPT_HTTPHEADER.3: add a "SECURITY CONCERNS" sectionDaniel Stenberg
2015-03-19cyassl: detect the library as renamed wolfsslDan Fandrich
This change was made in CyaSSL/WolfSSL ver. 3.4.0
2015-03-19HTTP: don't switch to HTTP/2 from 1.1 until we get the 101Daniel Stenberg
We prematurely changed protocol handler to HTTP/2 which made things very slow (and wrong). Reported-by: Stefan Eissing Bug: https://github.com/bagder/curl/issues/169
2015-03-19axtls: version 1.5.2 now requires that config.h be manually includedDan Fandrich
2015-03-19metalink: fix resource leak in OOMDaniel Stenberg
Coverity CID 1288826