aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-01-19openssl: do public key pinning check independentlyDaniel Stenberg
... of the other cert verification checks so that you can set verifyhost and verifypeer to FALSE and still check the public key. Bug: http://curl.haxx.se/bug/view.cgi?id=1471 Reported-by: Kyle J. McKay
2015-01-19OS400: CURLOPT_SSL_VERIFYSTATUS for ILE/RPG too.Patrick Monnerat
2015-01-18ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAPSteve Holme
For consistency with other USE_WIN32_ defines as well as the USE_OPENLDAP define.
2015-01-18http_negotiate: Use dynamic buffer for SPN generationSteve Holme
Use a dynamicly allocated buffer for the temporary SPN variable similar to how the SASL GSS-API code does, rather than using a fixed buffer of 2048 characters.
2015-01-18sasl_gssapi: Make Curl_sasl_build_gssapi_spn() publicSteve Holme
2015-01-18sasl_gssapi: Fixed memory leak with local SPN variableSteve Holme
2015-01-17http_negotiate.c: unused variable 'ret'Daniel Stenberg
2015-01-17gskit.h: Code policing of function pointer argumentsSteve Holme
2015-01-17vtls: Removed unimplemented overrides of curlssl_close_all()Steve Holme
Carrying on from commit 037cd0d991, removed the following unimplemented instances of curlssl_close_all(): Curl_axtls_close_all() Curl_darwinssl_close_all() Curl_cyassl_close_all() Curl_gskit_close_all() Curl_gtls_close_all() Curl_nss_close_all() Curl_polarssl_close_all()
2015-01-17vtls: Separate the SSL backend definition from the API setupSteve Holme
Slight code cleanup as the SSL backend #define is mixed up with the API function setup.
2015-01-17vtls: Fixed compilation errors when SSL not usedSteve Holme
Fixed the following warning and error from commit 3af90a6e19 when SSL is not being used: url.c:2004: warning C4013: 'Curl_ssl_cert_status_request' undefined; assuming extern returning int error LNK2019: unresolved external symbol Curl_ssl_cert_status_request referenced in function Curl_setopt
2015-01-17http_negotiate: Added empty decoded challenge message info textSteve Holme
2015-01-17http_negotiate: Return CURLcode in Curl_input_negotiate() instead of intSteve Holme
2015-01-17http_negotiate_sspi: Prefer use of 'attrs' for context attributesSteve Holme
Use the same variable name as other areas of SSPI code.
2015-01-17http_negotiate_sspi: Use correct return type for QuerySecurityPackageInfo()Steve Holme
Use the SECURITY_STATUS typedef rather than a unsigned long for the QuerySecurityPackageInfo() return and rename the variable as per other areas of SSPI code.
2015-01-17http_negotiate_sspi: Use 'CURLcode result' for CURL result codeSteve Holme
2015-01-16curl_endian: Fixed build when 64-bit integers are not supported (Part 2)Steve Holme
Missed Curl_read64_be() in commit bb12d44471 :(
2015-01-16CURLOPT_SSL_VERIFYSTATUS.3: mention it is added in version 7.41.0Daniel Stenberg
2015-01-16curlver.h: next release is 7.41.0 due to the changesDaniel Stenberg
2015-01-16RELEASE-NOTES: mention the new OCSP stapling options, bump versionDaniel Stenberg
2015-01-16opts: add CURLOPT_SSL_VERIFYSTATUS* to docs/MakefileDaniel Stenberg
2015-01-16help: add --cert-status to --help outputDaniel Stenberg
2015-01-16copyright years: after OCSP stapling changesDaniel Stenberg
2015-01-16curl: add --cert-status optionAlessandro Ghedini
This enables the CURLOPT_SSL_VERIFYSTATUS functionality.
2015-01-16nss: add support for the Certificate Status Request TLS extensionAlessandro Ghedini
Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8. This requires NSS 3.15 or higher.
2015-01-16gtls: add support for the Certificate Status Request TLS extensionAlessandro Ghedini
Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8. This requires GnuTLS 3.1.3 or higher to build, however it's recommended to use at least GnuTLS 3.3.11 since previous versions had a bug that caused the OCSP response verfication to fail even on valid responses.
2015-01-16url: add CURLOPT_SSL_VERIFYSTATUS optionAlessandro Ghedini
This option can be used to enable/disable certificate status verification using the "Certificate Status Request" TLS extension defined in RFC6066 section 8. This also adds the CURLE_SSL_INVALIDCERTSTATUS error, to be used when the certificate status verification fails, and the Curl_ssl_cert_status_request() function, used to check whether the SSL backend supports the status_request extension.
2015-01-16TheArtOfHttpScripting: skip the date at the top, we have gitDaniel Stenberg
2015-01-16TheArtOfHttpScripting: phrase it TLS lib agnosticDaniel Stenberg
2015-01-16TODO: Added some SMB ideasSteve Holme
2015-01-16RELEASE-NOTES: Synced with 5f09947d28Steve Holme
2015-01-16build-openssl.bat: Added check for Perl installationSteve Holme
2015-01-16checksrc.bat: Better detection of Perl installationSteve Holme
2015-01-16curl_endian: Fixed build when 64-bit integers are not supportedSteve Holme
Bug: http://curl.haxx.se/mail/lib-2015-01/0094.html Reported-by: John E. Malmberg
2015-01-15curl.h: remove extra spaceYun SangHo
2015-01-14Curl_pretransfer: reset expected transfer sizesDaniel Stenberg
Reported-by: Mohammad AlSaleh Bug: http://curl.haxx.se/mail/lib-2015-01/0065.html
2015-01-12curl_schannel.c: mark session as removed from cache if not freedMarc Hoersken
If the session is still used by active SSL/TLS connections, it cannot be closed yet. Thus we mark the session as not being cached any longer so that the reference counting mechanism in Curl_schannel_shutdown is used to close and free the session. Reported-by: Jean-Francois Durand
2015-01-09RELEASE-NOTES: Synced with d21b66835fSteve Holme
2015-01-09Merge pull request #134 from vszakats/mingw-m64Guenter Knauf
add -m64 CFLAGS when targeting mingw64, add -m32/-m64 to LDFLAGS
2015-01-09Merge pull request #136 from vszakats/mingw-allow-custom-cflagsGuenter Knauf
mingw build: allow to pass custom CFLAGS
2015-01-09NSS: fix compiler error when built http2-enabledDaniel Stenberg
2015-01-09gssapi: Remove need for duplicated GSS_C_NT_HOSTBASED_SERVICE definitionsSteve Holme
Better code reuse and consistency in calls to gss_import_name().
2015-01-09mingw build: allow to pass custom CFLAGSViktor Szakats
2015-01-08FTP: if EPSV fails on IPV6 connections, bail outDaniel Stenberg
... instead of trying PASV, since PASV can't work with IPv6. Reported-by: Vojtěch Král
2015-01-08FTP: fix IPv6 host using link-local addressDaniel Stenberg
... and make sure we can connect the data connection to a host name that is longer than 48 bytes. Also simplifies the code somewhat by re-using the original host name more, as it is likely still in the DNS cache. Original-Patch-by: Vojtěch Král Bug: http://curl.haxx.se/bug/view.cgi?id=1468
2015-01-08winbuild: Added option to build with c-aresSam Schanken
Added support for a WITH_CARES option to be used when invoking nmake via Makefile.vc. This option enables linking against both the DLL and static versions of the c-ares libraries, as well as the debug and release varients, depending on the value of DEBUG. The USE_ARES preprocessor symbol is also defined.
2015-01-08NetWare build: added TLS-SRP enabled build.Guenter Knauf
2015-01-08sasl_gssapi: Fixed build on NetBSD with built-in GSS-APISteve Holme
Bug: http://curl.haxx.se/bug/view.cgi?id=1469 Reported-by: Thomas Klausner
2015-01-08add -m64 clags when targeting mingw64, add -m32/-m64 to LDFLAGSViktor Szakats
2015-01-08bump: start working towards 7.40.1Daniel Stenberg