Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-03-25 | cyassl: default to highest possible TLS version | Jay Satiro | |
(cyassl_connect_step1) - Use TLS 1.0-1.2 by default when available. CyaSSL/wolfSSL >= v3.3.0 supports setting a minimum protocol downgrade version. cyassl/cyassl@322f79f | |||
2015-03-25 | cyassl: Check for invalid length parameter in Curl_cyassl_random | Jay Satiro | |
2015-03-25 | cyassl: If wolfSSL then identify as such in version string | Jay Satiro | |
2015-03-24 | symbols-in-versions: added CURLOPT_PATH_AS_IS | Dan Fandrich | |
2015-03-24 | testcurl.pl: add the --notes option to supply more info about a build | Dan Fandrich | |
Support for notes has been in place for a while, but it required being added to the setup file manually. | |||
2015-03-24 | curl_memory: make curl_memory.h the second-last header file loaded | Dan Fandrich | |
This header file must be included after all header files except memdebug.h, as it does similar memory function redefinitions and can be similarly affected by conflicting definitions in system or dependent library headers. | |||
2015-03-24 | openssl: do the OCSP work-around for libressl too | Daniel Stenberg | |
I tested with libressl git master now (v2.1.4-27-g34bf96c) and it seems to still require the work-around for stapling to work. | |||
2015-03-24 | openssl: verifystatus: only use the OCSP work-around <= 1.0.2a | Daniel Stenberg | |
URL: http://curl.haxx.se/mail/lib-2015-03/0205.html Reported-by: Alessandro Ghedini | |||
2015-03-24 | openssl: adapt to ASN1/X509 things gone opaque in 1.1 | Daniel Stenberg | |
2015-03-24 | curl_easy_setopt.3: Fix misspelling in CURLOPT_PATH_AS_IS description | Jay Satiro | |
2015-03-24 | CURLOPT_HTTPHEADER.3: fix typo in recent commit | Viktor Szakáts | |
2015-03-24 | CURLOPT_PATH_AS_IS.3: add type 'long' to prototype | Viktor Szakáts | |
2015-03-24 | vtls: fix compile with --disable-crypto-auth but with SSL | Dan Fandrich | |
This is a strange combination of options, but is allowed. | |||
2015-03-24 | os400: define new options in ILE/RPG binding. | Patrick Monnerat | |
2015-03-24 | RELEASE-NOTES: synced with f6878609361 | Daniel Stenberg | |
2015-03-24 | curl_easy_setopt.3: Add CURLOPT_PATH_AS_IS | Daniel Stenberg | |
2015-03-24 | CURLOPT_PATH_AS_IS: added | Daniel Stenberg | |
--path-as-is is the command line option Added docs in curl.1 and CURLOPT_PATH_AS_IS.3 Added test in test 1241 | |||
2015-03-23 | curl_easy_recv/send: make them work with the multi interface | Yamada Yasuharu | |
By making sure Curl_getconnectinfo() uses the correct connection cache to find the last connection. | |||
2015-03-23 | http2: move the init too for when its actually needed | Daniel Stenberg | |
... it would otherwise lead to memory leakage if we never actually do the switch. | |||
2015-03-23 | dict: rename byte to avoid compiler shadowed declaration warning | Dan Fandrich | |
This conflicted with a WolfSSL typedef. | |||
2015-03-23 | cyassl: include version.h to ensure the version macros are defined | Dan Fandrich | |
2015-03-22 | test1513: eliminated race condition in test run | Dan Fandrich | |
It seems that some systems (e.g. fairly consistently in some recent Solaris autobuilds) would manage to get to the connect phase before the progress callback was called, resulting in a CURLE_COULDNT_CONNECT error. Reworked the test to point at a test server that never returns a full result so the progress callback always gets a chance to be called before the transfer can complete in some other way. | |||
2015-03-21 | darwinsssl: add support for TLS False Start | Nick Zitzmann | |
TLS False Start support requires iOS 7.0 or later, or OS X 10.9 or later. | |||
2015-03-21 | gtls: add check of return code | Daniel Stenberg | |
Coverity CID 1291167 pointed out that 'rc' was received but never used when gnutls_credentials_set() was used. Added return code check now. | |||
2015-03-21 | gtls: dereferencing NULL pointer | Daniel Stenberg | |
Coverity CID 1291165 pointed out 'chainp' could be dereferenced when NULL if gnutls_certificate_get_peers() had previously failed. | |||
2015-03-21 | gtls: avoid uninitialized variable. | Daniel Stenberg | |
Coverity CID 1291166 pointed out that we could read this variable uninitialized. | |||
2015-03-21 | tests/certs: rebuild certificates with modified key usage bits | Dan Fandrich | |
The certificates were missing the digitalSignature and keyAgreement usage types, of which at least digitalSignature was checked by CyaSSL. This caused the test server in test 310 (among others) to fail the startup verification and therefore run (see http://curl.haxx.se/mail/lib-2014-07/0303.html). | |||
2015-03-21 | tests/certs: added make target to rebuild certificates | Dan Fandrich | |
The certificate generation scripts were also updated to better match the format of the certificates currently checked in. | |||
2015-03-21 | x509asn1: add /* fallthrough */ in switch() case | Daniel Stenberg | |
2015-03-21 | x509asn1: minor edit to unconfuse Coverity | Daniel Stenberg | |
CID 1202732 warns on the previous use, although I cannot fine any problems with it. I'm doing this change only to make the code use a more familiar approach to accomplish the same thing. | |||
2015-03-21 | testcurl: Allow '=' in values given on command line | Dagobert Michelsen | |
2015-03-21 | nss: error: unused variable 'connssl' | Daniel Stenberg | |
2015-03-21 | test938: added missing closing tags | Dan Fandrich | |
2015-03-20 | cyassl: use new library version macro when available | Dan Fandrich | |
2015-03-20 | curl: add --false-start option | Alessandro Ghedini | |
2015-03-20 | nss: add support for TLS False Start | Alessandro Ghedini | |
2015-03-20 | url: add CURLOPT_SSL_FALSESTART option | Alessandro Ghedini | |
This option can be used to enable/disable TLS False Start defined in the RFC draft-bmoeller-tls-falsestart. | |||
2015-03-20 | gtls: implement CURLOPT_CERTINFO | Alessandro Ghedini | |
2015-03-20 | openssl: try to avoid accessing OCSP structs when possible | Alessandro Ghedini | |
2015-03-20 | CURLOPT_URL.3: spelling! | Daniel Stenberg | |
Reported-by: Frank Gevaerts | |||
2015-03-20 | CURLOPT_URL.3: Added "SECURITY CONCERNS" | Daniel Stenberg | |
2015-03-20 | CURLOPT_HTTPHEADER.3: add a "SECURITY CONCERNS" section | Daniel Stenberg | |
2015-03-19 | cyassl: detect the library as renamed wolfssl | Dan Fandrich | |
This change was made in CyaSSL/WolfSSL ver. 3.4.0 | |||
2015-03-19 | HTTP: don't switch to HTTP/2 from 1.1 until we get the 101 | Daniel Stenberg | |
We prematurely changed protocol handler to HTTP/2 which made things very slow (and wrong). Reported-by: Stefan Eissing Bug: https://github.com/bagder/curl/issues/169 | |||
2015-03-19 | axtls: version 1.5.2 now requires that config.h be manually included | Dan Fandrich | |
2015-03-19 | metalink: fix resource leak in OOM | Daniel Stenberg | |
Coverity CID 1288826 | |||
2015-03-18 | docs/libcurl: clean up libcurl-symbols.3 | Dan Fandrich | |
2015-03-18 | docs/libcurl: check that all options with man pages are referenced | Dan Fandrich | |
If a man page exists in the opts/ directory, it must also be referenced either in curl_easy_setopt.3 or curl_multi_setopt.3 | |||
2015-03-18 | curl_easy_setopt.3: added a few missing options | Dan Fandrich | |
2015-03-18 | nss: explicitly tell NSS to disable NPN/ALPN | Kamil Dudka | |
... if disabled at libcurl level. Otherwise, we would allow to negotiate NPN despite curl was invoked with the --no-npn option. |