Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-01-19 | openssl: do public key pinning check independently | Daniel Stenberg | |
... of the other cert verification checks so that you can set verifyhost and verifypeer to FALSE and still check the public key. Bug: http://curl.haxx.se/bug/view.cgi?id=1471 Reported-by: Kyle J. McKay | |||
2015-01-19 | OS400: CURLOPT_SSL_VERIFYSTATUS for ILE/RPG too. | Patrick Monnerat | |
2015-01-18 | ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP | Steve Holme | |
For consistency with other USE_WIN32_ defines as well as the USE_OPENLDAP define. | |||
2015-01-18 | http_negotiate: Use dynamic buffer for SPN generation | Steve Holme | |
Use a dynamicly allocated buffer for the temporary SPN variable similar to how the SASL GSS-API code does, rather than using a fixed buffer of 2048 characters. | |||
2015-01-18 | sasl_gssapi: Make Curl_sasl_build_gssapi_spn() public | Steve Holme | |
2015-01-18 | sasl_gssapi: Fixed memory leak with local SPN variable | Steve Holme | |
2015-01-17 | http_negotiate.c: unused variable 'ret' | Daniel Stenberg | |
2015-01-17 | gskit.h: Code policing of function pointer arguments | Steve Holme | |
2015-01-17 | vtls: Removed unimplemented overrides of curlssl_close_all() | Steve Holme | |
Carrying on from commit 037cd0d991, removed the following unimplemented instances of curlssl_close_all(): Curl_axtls_close_all() Curl_darwinssl_close_all() Curl_cyassl_close_all() Curl_gskit_close_all() Curl_gtls_close_all() Curl_nss_close_all() Curl_polarssl_close_all() | |||
2015-01-17 | vtls: Separate the SSL backend definition from the API setup | Steve Holme | |
Slight code cleanup as the SSL backend #define is mixed up with the API function setup. | |||
2015-01-17 | vtls: Fixed compilation errors when SSL not used | Steve Holme | |
Fixed the following warning and error from commit 3af90a6e19 when SSL is not being used: url.c:2004: warning C4013: 'Curl_ssl_cert_status_request' undefined; assuming extern returning int error LNK2019: unresolved external symbol Curl_ssl_cert_status_request referenced in function Curl_setopt | |||
2015-01-17 | http_negotiate: Added empty decoded challenge message info text | Steve Holme | |
2015-01-17 | http_negotiate: Return CURLcode in Curl_input_negotiate() instead of int | Steve Holme | |
2015-01-17 | http_negotiate_sspi: Prefer use of 'attrs' for context attributes | Steve Holme | |
Use the same variable name as other areas of SSPI code. | |||
2015-01-17 | http_negotiate_sspi: Use correct return type for QuerySecurityPackageInfo() | Steve Holme | |
Use the SECURITY_STATUS typedef rather than a unsigned long for the QuerySecurityPackageInfo() return and rename the variable as per other areas of SSPI code. | |||
2015-01-17 | http_negotiate_sspi: Use 'CURLcode result' for CURL result code | Steve Holme | |
2015-01-16 | curl_endian: Fixed build when 64-bit integers are not supported (Part 2) | Steve Holme | |
Missed Curl_read64_be() in commit bb12d44471 :( | |||
2015-01-16 | CURLOPT_SSL_VERIFYSTATUS.3: mention it is added in version 7.41.0 | Daniel Stenberg | |
2015-01-16 | curlver.h: next release is 7.41.0 due to the changes | Daniel Stenberg | |
2015-01-16 | RELEASE-NOTES: mention the new OCSP stapling options, bump version | Daniel Stenberg | |
2015-01-16 | opts: add CURLOPT_SSL_VERIFYSTATUS* to docs/Makefile | Daniel Stenberg | |
2015-01-16 | help: add --cert-status to --help output | Daniel Stenberg | |
2015-01-16 | copyright years: after OCSP stapling changes | Daniel Stenberg | |
2015-01-16 | curl: add --cert-status option | Alessandro Ghedini | |
This enables the CURLOPT_SSL_VERIFYSTATUS functionality. | |||
2015-01-16 | nss: add support for the Certificate Status Request TLS extension | Alessandro Ghedini | |
Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8. This requires NSS 3.15 or higher. | |||
2015-01-16 | gtls: add support for the Certificate Status Request TLS extension | Alessandro Ghedini | |
Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8. This requires GnuTLS 3.1.3 or higher to build, however it's recommended to use at least GnuTLS 3.3.11 since previous versions had a bug that caused the OCSP response verfication to fail even on valid responses. | |||
2015-01-16 | url: add CURLOPT_SSL_VERIFYSTATUS option | Alessandro Ghedini | |
This option can be used to enable/disable certificate status verification using the "Certificate Status Request" TLS extension defined in RFC6066 section 8. This also adds the CURLE_SSL_INVALIDCERTSTATUS error, to be used when the certificate status verification fails, and the Curl_ssl_cert_status_request() function, used to check whether the SSL backend supports the status_request extension. | |||
2015-01-16 | TheArtOfHttpScripting: skip the date at the top, we have git | Daniel Stenberg | |
2015-01-16 | TheArtOfHttpScripting: phrase it TLS lib agnostic | Daniel Stenberg | |
2015-01-16 | TODO: Added some SMB ideas | Steve Holme | |
2015-01-16 | RELEASE-NOTES: Synced with 5f09947d28 | Steve Holme | |
2015-01-16 | build-openssl.bat: Added check for Perl installation | Steve Holme | |
2015-01-16 | checksrc.bat: Better detection of Perl installation | Steve Holme | |
2015-01-16 | curl_endian: Fixed build when 64-bit integers are not supported | Steve Holme | |
Bug: http://curl.haxx.se/mail/lib-2015-01/0094.html Reported-by: John E. Malmberg | |||
2015-01-15 | curl.h: remove extra space | Yun SangHo | |
2015-01-14 | Curl_pretransfer: reset expected transfer sizes | Daniel Stenberg | |
Reported-by: Mohammad AlSaleh Bug: http://curl.haxx.se/mail/lib-2015-01/0065.html | |||
2015-01-12 | curl_schannel.c: mark session as removed from cache if not freed | Marc Hoersken | |
If the session is still used by active SSL/TLS connections, it cannot be closed yet. Thus we mark the session as not being cached any longer so that the reference counting mechanism in Curl_schannel_shutdown is used to close and free the session. Reported-by: Jean-Francois Durand | |||
2015-01-09 | RELEASE-NOTES: Synced with d21b66835f | Steve Holme | |
2015-01-09 | Merge pull request #134 from vszakats/mingw-m64 | Guenter Knauf | |
add -m64 CFLAGS when targeting mingw64, add -m32/-m64 to LDFLAGS | |||
2015-01-09 | Merge pull request #136 from vszakats/mingw-allow-custom-cflags | Guenter Knauf | |
mingw build: allow to pass custom CFLAGS | |||
2015-01-09 | NSS: fix compiler error when built http2-enabled | Daniel Stenberg | |
2015-01-09 | gssapi: Remove need for duplicated GSS_C_NT_HOSTBASED_SERVICE definitions | Steve Holme | |
Better code reuse and consistency in calls to gss_import_name(). | |||
2015-01-09 | mingw build: allow to pass custom CFLAGS | Viktor Szakats | |
2015-01-08 | FTP: if EPSV fails on IPV6 connections, bail out | Daniel Stenberg | |
... instead of trying PASV, since PASV can't work with IPv6. Reported-by: Vojtěch Král | |||
2015-01-08 | FTP: fix IPv6 host using link-local address | Daniel Stenberg | |
... and make sure we can connect the data connection to a host name that is longer than 48 bytes. Also simplifies the code somewhat by re-using the original host name more, as it is likely still in the DNS cache. Original-Patch-by: Vojtěch Král Bug: http://curl.haxx.se/bug/view.cgi?id=1468 | |||
2015-01-08 | winbuild: Added option to build with c-ares | Sam Schanken | |
Added support for a WITH_CARES option to be used when invoking nmake via Makefile.vc. This option enables linking against both the DLL and static versions of the c-ares libraries, as well as the debug and release varients, depending on the value of DEBUG. The USE_ARES preprocessor symbol is also defined. | |||
2015-01-08 | NetWare build: added TLS-SRP enabled build. | Guenter Knauf | |
2015-01-08 | sasl_gssapi: Fixed build on NetBSD with built-in GSS-API | Steve Holme | |
Bug: http://curl.haxx.se/bug/view.cgi?id=1469 Reported-by: Thomas Klausner | |||
2015-01-08 | add -m64 clags when targeting mingw64, add -m32/-m64 to LDFLAGS | Viktor Szakats | |
2015-01-08 | bump: start working towards 7.40.1 | Daniel Stenberg | |