aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-03-25test1397: unit test for certificate name wildcard handlingRichard J. Moore
2014-03-25Curl_cert_hostcheck: strip trailing dots in host name and wildcardDaniel Stenberg
Reported-by: Richard Moore
2014-03-25Curl_cert_hostcheck: reject IP address wildcard matchesDaniel Stenberg
There are server certificates used with IP address in the CN field, but we MUST not allow wild cart certs for hostnames given as IP addresses only. Therefore we must make Curl_cert_hostcheck() fail such attempts. Bug: http://curl.haxx.se/docs/adv_20140326B.html Reported-by: Richard Moore
2014-03-25url: Fixed connection re-use when using different log-in credentialsSteve Holme
In addition to FTP, other connection based protocols such as IMAP, POP3, SMTP, SCP, SFTP and LDAP require a new connection when different log-in credentials are specified. Fixed the detection logic to include these other protocols. Bug: http://curl.haxx.se/docs/adv_20140326A.html
2014-03-25THANKS: 14 new friends from the 7.36.0 announcementDaniel Stenberg
2014-03-25RELEASE-NOTES: synced with 3ebfaf6a0399b6aDaniel Stenberg
2014-03-23tool_operate: Fixed uninitialised variable under some error situationsSteve Holme
For example when a URL is not specified or the headers file fails to open.
2014-03-22tool_parsecfg: Reworked error handling from commit fc59a9e1Steve Holme
2014-03-22tool_getparam: Removed "dead assignment" code introduced in commit 1a9b58fcSteve Holme
2014-03-22polarssl: avoid extra newlines in debug messagesGisle Vanem
The debug messages printed inside PolarSSL always seems to end with a newline. So 'infof()' should not add one. Besides the trace 'line' should be 'const'.
2014-03-20rtsp: parse "Session:" header properlyDaniel Stenberg
The parser skipped the initial letter, which presumably often is whitespace but doesn't have to be. Reported-by: Mike Hasselberg Bug: http://curl.haxx.se/mail/lib-2014-03/0134.html
2014-03-19runtests.pl: verify specified test casesDaniel Stenberg
To better allow arguments like "1 to 9999" without flooding the terminal with error messages, the given test cases range is now checked and only test numbers with existing files are actually run.
2014-03-19RELEASE-NOTES: fixed typoDan Fandrich
2014-03-19trynextip: don't store 'ai' on failed connects...Daniel Stenberg
It leads to the "next family" tries starting from the wrong point and thus fails! Bug: http://curl.haxx.se/bug/view.cgi?id=1337 Reported-by: ricker
2014-03-19RELEASE-NOTES: synced with 47f8e99e78cDaniel Stenberg
2014-03-19polarssl: fix possible handshake timeout issue in multi.Gaël PORTAY
Because of the socket is unblocking, PolarSSL does need call to getsock to get the action to perform in multi environment. In some cases, it might happen we have not received yet all data to perform the handshake. ssh_handshake returns POLARSSL_ERR_NET_WANT_READ, the state is updated but because of the getsock has not the proper #define macro to, the library never prevents to select socket for input thus the socket will never be awaken when last data is available. Thus it leads to timeout.
2014-03-18polarssl: break compatibility with version older than 1.3.Gaël PORTAY
Remove all #ifdef/else/endif macros that ensure compatibility with polarssl version previous than 1.3.
2014-03-18polarssl: drop use of 1.2 compatibility header.Gaël PORTAY
API has changed since version 1.3. A compatibility header has been created to ensure forward compatibility for code using old API: * x509 certificate structure has been renamed to from x509_cert to x509_crt * new dedicated setter for RSA certificates ssl_set_own_cert_rsa, ssl_set_own_cert is for generic keys * ssl_default_ciphersuites has been replaced by function ssl_list_ciphersuites() This patch drops the use of the compatibly header.
2014-03-18polarssl: added missing end-of-comment from previous commitDaniel Stenberg
2014-03-17polarssl: now require 1.3.0+Daniel Stenberg
Also fixed a function name change in the version requirement bump
2014-03-17polarssl: fix compilationhasufell
Rename x509_cert to x509_crt and add "compat-1.2.h" include. This would still need some more thorough conversion in order to drop "compat-1.2.h" include.
2014-03-15nss: allow to enable/disable new AES GCM cipher-suitesKamil Dudka
... if built against a new enough version of NSS
2014-03-15nss: allow to enable/disable new HMAC-SHA256 cipher-suitesKamil Dudka
... if built against a new enough version of NSS
2014-03-15nss: do not enable AES cipher-suites by defaultKamil Dudka
... but allow them to be enabled/disabled explicitly. The default policy should be maintained at the NSS level.
2014-03-15tests: made the SASL modes separate keywordsDan Fandrich
2014-03-15tests: added missing HTTP NTLM auth keywordsDan Fandrich
Also, removed an unneeded strippart
2014-03-15tests: disable valgrind on the remaining scp/sftp testsDan Fandrich
2014-03-15valgrind.supp: added another test 165 suppressionDan Fandrich
This one seems to come and go as the optimizer decides how best to inline some functions.
2014-03-15ssh: prevent a logic error that could result in an infinite loopDan Fandrich
2014-03-14docs: fixed a bunch of typosDan Fandrich
2014-03-14test640/1: add tests for --head with sftp and scpDan Fandrich
This option is currently rather useless with these protocols when no quote command is given, but it is valid.
2014-03-14ssh: removed a redundant close state transitionDan Fandrich
2014-03-14ssh: abort immediately on a header callback errorDan Fandrich
2014-03-14chunked-encoding: provide a readable error string for chunked errorsDaniel Stenberg
2014-03-11TODO: remove http2, we now have itDaniel Stenberg
2014-03-10http2: free resources on disconnectTatsuhiro Tsujikawa
... and use Curl_safefree() instead of free()
2014-03-10openssl: info massage with SSL version usedDaniel Stenberg
Patch-by: byte_bucket
2014-03-09RELEASE-NOTES: Synced with 8ddda0e999Steve Holme
2014-03-09README.http2: clarify the build prerequisitesDaniel Stenberg
2014-03-09SSL-PROBLEMS: add "missing intermediate certificates" pieceDaniel Stenberg
2014-03-08SSL-PROBLEMS: describes common curl+SSL problemsDaniel Stenberg
2014-03-08docs: remove documentation on setting up krb4 supportNick Zitzmann
The information about building with Kerberos4 support was half a year out of date. We dropped support for that.
2014-03-06ssh: fix compiler warning converting ssize_t to intDaniel Stenberg
2014-03-06ssh: Fixed a style warningDan Fandrich
Also, combined a couple of #ifdef sections
2014-03-06ssh: Pass errors from libssh2_sftp_read up the stackDan Fandrich
2014-03-06parse_remote_port: error out on illegal port numbers betterDaniel Stenberg
2014-03-05remote_port: allow connect to port 0Daniel Stenberg
Port number zero is perfectly allowed to connect to. I moved to storing the remote port number in an int so that -1 means undefined and 0-65535 can be used for legitimate port numbers.
2014-03-03multi_runsingle: move timestamp into INITDaniel Stenberg
Setting the TIMER_STARTSINGLE timestamp first in CONNECT has the drawback that for actions that go back to the CONNECT state, the time stamp is reset and for the multi_socket API there's no corresponding Curl_expire() then so the timeout logic gets wrong! Reported-by: Brad Spencer Bug: http://curl.haxx.se/mail/lib-2014-02/0036.html
2014-03-03hostcheck: update comment after previous changeDaniel Stenberg
2014-03-03hostcheck: Curl_cert_hostcheck is not used by NSS buildsDaniel Stenberg