Age | Commit message (Collapse) | Author |
|
Reported by: Andre Guibert de Bruet
|
|
When NSS-powered libcurl connected to a SSL server with
CURLOPT_SSL_VERIFYPEER equal to zero, NSS remembered that the peer
certificate was accepted by libcurl and did not ask the second time when
connecting to the same server with CURLOPT_SSL_VERIFYPEER equal to one.
This patch turns off the SSL session cache for the particular SSL socket
if peer verification is disabled. In order to avoid any performance
impact, the peer verification is completely skipped in that case, which
makes it even faster than before.
Bug: https://bugzilla.redhat.com/678580
|
|
Lines that are indented with at least 5 spaces get special treatment by
the script that converts it to HTML on the site.
|
|
|
|
All C and H files now (should) feature the proper project curl source
code header, which includes basic info, a copyright statement and some
basic disclaimers.
|
|
Stress that it is for client certificates and then mention that it also
works for all other SSL-based protocols apart from HTTPS and
FTPS. Namely POP3S, IMAPS and SMTPS for now.
|
|
|
|
|
|
Extend the docs to clarify that CURLOPT_SSH_KEYFUNCTION is only called
if the known hosts option is also correctly set!
|
|
CURLOPT_HTTPAUTH was mentioning CURLOPT_USERPASSWORD instead of
CURLOPT_PASSWORD.
Reported by: Mike Henshaw
|
|
This enables people to specify a path to the netrc file to use.
The new option override --netrc if both are present. However it
does follow --netrc-optional if specified.
|
|
I forgot to sort it when I added the CURL_SOCKOPT_* symbols
|
|
|
|
|
|
|
|
On second thought, I think CURLE_TLSAUTH_FAILED should be eliminated. It
was only being raised when an internal error occurred while allocating
or setting the GnuTLS SRP client credentials struct. For TLS
authentication failures, the general CURLE_SSL_CONNECT_ERROR seems
appropriate; its error string already includes "passwords" as a possible
cause. Having a separate TLS auth error code might also cause people to
think that a TLS auth failure means the wrong username or password was
entered, when it could also be a sign of a man-in-the-middle attack.
|
|
|
|
Reported by: Ian D Allen
Bug: https://bugs.launchpad.net/ubuntu/+source/curl/+bug/714895
Forwarded to us by:
Reported by: Andreas Olsson
Bug: http://curl.haxx.se/bug/view.cgi?id=3175422
|
|
|
|
"6.7 What are my obligations when using libcurl in my commercial apps?"
got the piece about what exactly "in all copies" mean to a user of the
code.
This interpretation is based on what other MIT-like licenses have made
more explicit.
|
|
|
|
|
|
|
|
|
|
|
|
The default value is 1.
curl _uses_ a default CA bundle, it doesn't install one.
Drop the references to 7.10 as that is now >8 years old!
|
|
Extended the intial HTTP protcol part and added a mention of --trace and
--trace-ascii.
Replaced most URLs in the text to use example.com instead of all the
made up strange names.
Shortened a bunch of lines.
|
|
Extended the descriptions somewhat and made the options get listed next
to each other.
|
|
... and update the curl.1 and curl_easy_setopt.3 man pages such that
they do not suggest to use an OpenSSL utility if curl is not built
against OpenSSL.
Bug: https://bugzilla.redhat.com/669702
|
|
Bug: http://curl.haxx.se/bug/view.cgi?id=3157232
Reported by: John Bradshaw
|
|
|
|
Bug: https://bugzilla.redhat.com/623663
|
|
|
|
|
|
|
|
Also spelling fix for RECIPIENT #define.
|
|
example.
|
|
Even if libcurl might to do it for us, it is more correct.
|
|
|
|
Without this you won't get the next (Subject) line.
|
|
|
|
|
|
|
|
|
|
|
|
This example shows how to send SMTP with TLS
|
|
Add a simple SMTP example program, patterned after some of the existing
examples, and the curl application.
This version addresses issues raised by David Woodhouse on comments in
the simplesmtp.c example.
|
|
|
|
Bug: http://curl.haxx.se/mail/lib-2010-12/0192.html
|
|
|