aboutsummaryrefslogtreecommitdiff
path: root/RELEASE-NOTES
AgeCommit message (Collapse)Author
2013-04-27darwinssl: add TLS crypto authenticationNick Zitzmann
Users using the Secure Transport (darwinssl) back-end can now use a certificate and private key to authenticate with a site using TLS. Because Apple's security system is based around the keychain and does not have any non-public function to create a SecIdentityRef data structure from data loaded outside of the Keychain, the certificate and private key have to be loaded into the Keychain first (using the certtool command line tool or the Security framework's C API) before we can find it and use it.
2013-04-27bump versionDaniel Stenberg
Since we're adding new stuff, the next release will bump the minor version and we're looking forward to 7.31.0
2013-04-27RELEASE-NOTES: synced with f4e6e201b146Steve Holme
2013-04-26url: initialize speed-check data for file:// protocolZdenek Pavlas
... in order to prevent an artificial timeout event based on stale speed-check data from a previous network transfer. This commit fixes a regression caused by 9dd85bced56f6951107f69e581c872c1e7e3e58e. Bug: https://bugzilla.redhat.com/906031
2013-04-24RELEASE-NOTES: synced with a8c92cb60890Steve Holme
2013-04-20RELEASE-NOTES: synced with d535c4a2e1f7Steve Holme
2013-04-13RELEASE-NOTES: Removed erroneous spacesSteve Holme
2013-04-13RELEASE-NOTES: synced with 8723cade21fbSteve Holme
2013-04-12bump: start working towards next releaseDaniel Stenberg
2013-04-12RELEASE-NOTES: cleaned up for 7.30 (synced with 5c5e1a1cd20)Daniel Stenberg
Most notable the security advisory: http://curl.haxx.se/docs/adv_20130412.html
2013-04-09RELEASe-NOTES: synced with 29fdb2700f797Daniel Stenberg
added "tcpkeepalive on Mac OS X"
2013-04-08darwinssl: disable insecure ciphers by defaultNick Zitzmann
I noticed that aria2's SecureTransport code disables insecure ciphers such as NULL, anonymous, IDEA, and weak-key ciphers used by SSLv3 and later. That's a good idea, and now we do the same thing in order to prevent curl from accessing a "secure" site that only negotiates insecure ciphersuites.
2013-04-08RELEASE-NOTES: Corrected duplicate NTLM memory leaksSteve Holme
2013-04-08RELEASE-NOTES: Removed trailing full stopSteve Holme
2013-04-08RELEASE-NOTES: sync with 704a5dfca9Daniel Stenberg
2013-04-05RELEASE-NOTES: synced with 5e722b2d09087Daniel Stenberg
3 more bug fixes, 6 more contributors
2013-04-01RELEASE-NOTES: synced with 0614b902136Daniel Stenberg
2013-03-27RELEASE-NOTES: Corrected typoSteve Holme
2013-03-27RELEASE-NOTES: add two referencesDaniel Stenberg
2013-03-23RELEASE-NOTES: synced with bc6037ed3ec02Daniel Stenberg
More changes, bugfixes and contributors!
2013-03-19darwinssl: disable ECC ciphers under Mountain Lion by defaultNick Zitzmann
I found out that ECC doesn't work as of OS X 10.8.3, so those ciphers are turned off until the next point release of OS X.
2013-03-12curl_global_init: accept the CURL_GLOBAL_ACK_EINTR flagZdenek Pavlas
The flag can be used in pycurl-based applications where using the multi interface would not be acceptable because of the performance lost caused by implementing the select() loop in python. Bug: http://curl.haxx.se/bug/view.cgi?id=1168 Downstream Bug: https://bugzilla.redhat.com/919127
2013-03-12easy: do not ignore poll() failures other than EINTRKamil Dudka
2013-03-09RELEASE-NOTES: synced with ca3c0ed3a9cDaniel Stenberg
8 more bugfixes, one change and a bunch of contributors
2013-03-08RELEASE-NOTES: mention that krb4 is up for considerationDaniel Stenberg
2013-03-07version bump: the next release will be 7.30.0Daniel Stenberg
2013-03-07RELEASE-NOTES: Added missing imap fixes and additionsSteve Holme
With all the recent imap changes it wasn't clear what new features and fixes should be included in the release notes.
2013-03-06RELEASE-NOTES: brought this up-to-date with the latest changesNick Zitzmann
2013-03-06nss: fix misplaced code enabling non-blocking socket modeKamil Dudka
The option needs to be set on the SSL socket. Setting it on the model takes no effect. Note that the non-blocking mode is still not enabled for the handshake because the code is not yet ready for that.
2013-02-16Guile-curl: a new libcurl bindingDaniel Stenberg
2013-02-10RELEASE-NOTES: Updated following the recent imap/pop3/smtp changesSteve Holme
2013-02-10RELEASE-NOTES: synced with 92f7606f29b704Steve Holme
2013-02-07RELEASE-NOTES: Added new imap featuresSteve Holme
2013-02-067.29.1: onwards!Daniel Stenberg
2013-02-06RELEASE-NOTES: mention the SASL buffer overflowDaniel Stenberg
2013-02-05RELEASE-NOTES: synced with 25f351424b3538Daniel Stenberg
8 more bug fixes mentioned
2013-02-05RELEASE-NOTES: Updated following recent changes to the email protocolsSteve Holme
Added recent additions and fixes following the changes to imap, pop3 and smtp. Additionally added another contributor that helped to test the imap sasl changes.
2013-01-28RELEASE-NOTES: only list Nick onceDaniel Stenberg
Even though he's a fine dude, once is enough for this time!
2013-01-18RELEASE-NOTES: add references to several bugfixes+changesDaniel Stenberg
2013-01-18RELEASE-NOTES: Added missing imap fixSteve Holme
Added missing imap fix as per commit 709b3506cd9b.
2013-01-18RELEASE-NOTES: synced with c43127414d89Daniel Stenberg
2013-01-15nss: fix error messages for CURLE_SSL_{CACERT,CRL}_BADFILEKamil Dudka
Do not use the error messages from NSS for errors not occurring in NSS.
2013-01-11nss: clear session cache if a client cert from file is usedKamil Dudka
This commit fixes a regression introduced in 052a08ff. NSS caches certs/keys returned by the SSL_GetClientAuthDataHook callback and if we connect second time to the same server, the cached cert/key pair is used. If we use multiple client certificates for different paths on the same server, we need to clear the session cache to force NSS to call the hook again. The commit 052a08ff prevented the session cache from being cleared if a client certificate from file was used. The condition is now fixed to cover both cases: consssl->client_nickname is not NULL if a client certificate from the NSS database is used and connssl->obj_clicert is not NULL if a client certificate from file is used. Review by: Kai Engert
2012-12-27RELEASE-NOTES: synced with e3ed2b82e6Daniel Stenberg
2012-12-03nss: prevent NSS from crashing on client auth hook failureKamil Dudka
Although it is not explicitly stated in the documentation, NSS uses *pRetCert and *pRetKey even if the client authentication hook returns a failure. Namely, if we destroy *pRetCert without clearing *pRetCert afterwards, NSS destroys the certificate once again, which causes a double free. Reported by: Bob Relyea
2012-11-20bump: start working on 7.28.2Daniel Stenberg
2012-11-20RELEASE-NOTES: synced with 52af6e69f079 / 7.28.1Daniel Stenberg
2012-11-20RELEASE-NOTES: NSS can be used for metalink hashingAnthony Bryan
2012-11-19test2032: spurious failure caused by premature terminationKamil Dudka
Bug: http://curl.haxx.se/mail/lib-2012-11/0095.html
2012-11-17RELEASE-NOTES: synced with ee588fe08807778Daniel Stenberg
4 more bug fixes and 4 more contributors