Age | Commit message (Collapse) | Author | |
---|---|---|---|
2009-08-01 | - Scott Cantor posted the bug report #2829955 | Daniel Stenberg | |
(http://curl.haxx.se/bug/view.cgi?id=2829955) mentioning the recent SSL cert verification flaw found and exploited by Moxie Marlinspike. The presentation he did at Black Hat is available here: https://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html#Marlinspike Apparently at least one CA allowed a subjectAltName or CN that contain a zero byte, and thus clients that assumed they would never have zero bytes were exploited to OK a certificate that didn't actually match the site. Like if the name in the cert was "example.com\0theatualsite.com", libcurl would happily verify that cert for example.com. libcurl now better use the length of the extracted name, not assuming it is zero terminated. | |||
2009-08-01 | - Tanguy Fautre pointed out that OpenSSL's function RAND_screen() (present | Daniel Stenberg | |
only in some OpenSSL installs - like on Windows) isn't thread-safe and we agreed that moving it to the global_init() function is a decent way to deal with this situation. | |||
2009-08-01 | - Alexander Beedie provided the patch for a noproxy problem: If I have set | Daniel Stenberg | |
CURLOPT_NOPROXY to "*", or to a host that should not use a proxy, I actually could still end up using a proxy if a proxy environment variable was set. | |||
2009-08-01 | updated with recent issues | Daniel Stenberg | |
2009-07-31 | 67. When creating multipart formposts. The file name part can be encoded with | Daniel Stenberg | |
something beyond ascii but currently libcurl will only pass in the verbatim string the app provides. There are several browsers that already do this encoding. The key seems to be the updated draft to RFC2231: http://tools.ietf.org/html/draft-reschke-rfc2231-in-http-02 | |||
2009-07-31 | Copy the libcurl header files into the right location for Android. | Dan Fandrich | |
2009-07-28 | use --insecure for the SFTP and SCP tests | Daniel Stenberg | |
2009-07-27 | moved the changes that aren't strictly bugfixes until after 7.19.6 since I | Daniel Stenberg | |
can't seem to catch up 243 - ftp QUOTE commands that are allowed to fail but not close the connection is done | |||
2009-07-27 | - All the quote options (CURLOPT_QUOTE, CURLOPT_POSTQUOTE and | Daniel Stenberg | |
CURLOPT_PREQUOTE) now accept a preceeding asterisk before the command to send when using FTP, as a sign that libcurl shall simply ignore the response from the server instead of treating it as an error. Not treating a 400+ FTP response code as an error means that failed commands will not abort the chain of commands, nor will they cause the connection to get disconnected. | |||
2009-07-27 | From: Johan van Selst | Daniel Stenberg | |
"you replaced the old SSLeay_add_ssl_algorithms() call with OpenSSL_add_all_algorithms(), however unlike the name suggests, the second function is not a superset of the first. When using SSL both these functions will need to be called in order to offer complete functionality" | |||
2009-07-26 | - Bug report #2825989 (http://curl.haxx.se/bug/view.cgi?id=2825989) pointed | Daniel Stenberg | |
out that OpenSSL-powered libcurl didn't support the SHA-2 digest algorithm, and provided the solution too: to use OpenSSL_add_all_algorithms() instead of the older SSLeay_* alternative. OpenSSL_add_all_algorithms was added in OpenSSL 0.9.5 | |||
2009-07-25 | properly free data returned by aprintf(), and bring back the code to be | Daniel Stenberg | |
independent of libssh2 version as the client code isn't really meant to adapt to such build-time constraints. | |||
2009-07-25 | blocked new stuff with HAVE_LIBSSH2_KNOWNHOST_API to check if this is our ↵ | Gunter Knauf | |
current memory leak. | |||
2009-07-24 | changes to silent compiler warnings with 64bit systems. | Gunter Knauf | |
2009-07-24 | changes to silent compiler warnings with 64bit systems. | Gunter Knauf | |
2009-07-23 | changes to silent compiler warnings with 64bit systems. | Gunter Knauf | |
2009-07-23 | fixed brace error. | Gunter Knauf | |
2009-07-23 | changes to silent compiler warnings with 64bit systems. | Gunter Knauf | |
2009-07-23 | blocked sshkeycallback() with HAVE_LIBSSH2_KNOWNHOST_API to avoid compiler ↵ | Gunter Knauf | |
warnings. | |||
2009-07-22 | 242 - SSH knownhost support (powered by libssh2 1.2) | Daniel Stenberg | |
Committed now. Not yet thoroughly degbugged etc, but at least the funtionality is now present. | |||
2009-07-22 | - Added CURLOPT_SSH_KNOWNHOSTS, CURLOPT_SSH_KEYFUNCTION, CURLOPT_SSH_KEYDATA. | Daniel Stenberg | |
They introduce known_host support for SSH keys to libcurl. See docs for details. | |||
2009-07-22 | don't set READDATA since it isn't used and only confuses readers | Daniel Stenberg | |
2009-07-22 | - David Binderman found a memory and fd leak in lib/gtls.c:load_file() | Michal Marek | |
(https://bugzilla.novell.com/523919). When looking at the code, I found that also the ptr pointer can leak. | |||
2009-07-21 | 66. When using telnet, the time limitation options don't work. | Daniel Stenberg | |
http://curl.haxx.se/bug/view.cgi?id=2818950 | |||
2009-07-20 | - Claes Jakobsson improved the support for client certificates handling | Kamil Dudka | |
in NSS-powered libcurl. Now the client certificates can be selected automatically by a NSS built-in hook. Additionally pre-login to all PKCS11 slots is no more performed. It used to cause problems with HW tokens. - Fixed reference counting for NSS client certificates. Now the PEM reader module should be always properly unloaded on Curl_nss_cleanup(). If the unload fails though, libcurl will try to reuse the already loaded instance. | |||
2009-07-17 | trial to fix a win64 compiler warning. | Gunter Knauf | |
2009-07-16 | added a cast to silent compiler warning with 64bit systems. | Gunter Knauf | |
2009-07-16 | test if adding ../lib to includes can fix the current break ... | Gunter Knauf | |
2009-07-15 | Added nonblock.c to the non-automake makefiles (note that the dependencies | Dan Fandrich | |
in the Watcom makefiles aren't quite correct). | |||
2009-07-15 | ENH: fix build with ssl | Bill Hoffman | |
2009-07-15 | ENH: move dashboard location | Bill Hoffman | |
2009-07-15 | BUG: curl did not build with cmake with VS 2005 for two reasons, ws2tcpip.h ↵ | Bill Hoffman | |
requires winsock2.h to be included before it with that compiler, and wldap32 is not available with the default install of the compiler, so disable ldap support if that is not found | |||
2009-07-15 | - Changed the description of CURLINFO_OS_ERRNO to make it clear that the | Michal Marek | |
errno is not reset on success. | |||
2009-07-15 | fixed typo. | Gunter Knauf | |
2009-07-14 | ENH: add optional support for c-ares | Bill Hoffman | |
2009-07-14 | renamed generated config.h to curl_config.h in order to avoid clashes when ↵ | Gunter Knauf | |
libcurl is used with other projects which also have a config.h (missing bits) | |||
2009-07-14 | updated openssl version to latest; removed obsolete link to openssl patch ↵ | Gunter Knauf | |
since its now in the openssl releases. | |||
2009-07-14 | ENH: move config.h.cmake to curl_config.h.cmake so it builds again | Bill Hoffman | |
2009-07-14 | renamed generated config.h to ares_config.h in order to avoid clashes when ↵ | Gunter Knauf | |
libcurl is used with other projects which also have a config.h. | |||
2009-07-14 | ENH: add nonblock.c to build for CMake | Bill Hoffman | |
2009-07-14 | ENH: do not report if zlib is not found as it still works | Bill Hoffman | |
2009-07-14 | renamed generated config.h to curl_config.h in order to avoid clashes when ↵ | Gunter Knauf | |
libcurl is used with other projects which also have a config.h. | |||
2009-07-14 | renamed generated config.h to curl_config.h in order to avoid clashes when ↵ | Gunter Knauf | |
libcurl is used with other projects which also have a config.h. | |||
2009-07-13 | added PKG_CONFIG_PATH to output to better verify if it gets properly set ↵ | Gunter Knauf | |
with cross compiles. | |||
2009-07-11 | silence a compiler warning | Daniel Stenberg | |
2009-07-09 | add these new files to CVS as well | Daniel Stenberg | |
2009-07-09 | 241 - expose Curl_nonblock as curlx_nonblock | Daniel Stenberg | |
done | |||
2009-07-09 | - Eric Wong introduced curlx_nonblock() that the curl tool now (re-)uses for | Daniel Stenberg | |
setting a file descriptor non-blocking. Used by the functionality Eric himself brough on June 15th. | |||
2009-07-09 | 240 - GnuTLS configure fix to find older installations | Daniel Stenberg | |
done | |||
2009-07-09 | bring back the libgnutls-config use for checking for GnuTLS if pkg-config | Daniel Stenberg | |
doesn't work, to better fine older gnutls installs |