aboutsummaryrefslogtreecommitdiff
path: root/lib/Makefile.inc
AgeCommit message (Collapse)Author
2012-11-08SSL: Several SSL-backend related fixesOscar Koeroo
axTLS: This will make the axTLS backend perform the RFC2818 checks, honoring the VERIFYHOST setting similar to the OpenSSL backend. Generic for OpenSSL and axTLS: Move the hostcheck and cert_hostcheck functions from the lib/ssluse.c files to make them genericly available for both the OpenSSL, axTLS and other SSL backends. They are now in the new lib/hostcheck.c file. CyaSSL: CyaSSL now also has the RFC2818 checks enabled by default. There is a limitation that the verifyhost can not be enabled exclusively on the Subject CN field comparison. This SSL backend will thus behave like the NSS and the GnuTLS (meaning: RFC2818 ok, or bust). In other words: setting verifyhost to 0 or 1 will disable the Subject Alt Names checks too. Schannel: Updated the schannel information messages: Split the IP address usage message from the verifyhost setting and changed the message about disabling SNI (Server Name Indication, used in HTTP virtual hosting) into a message stating that the Subject Alternative Names checks are being disabled when verifyhost is set to 0 or 1. As a side effect of switching off the RFC2818 related servername checks with SCH_CRED_NO_SERVERNAME_CHECK (http://msdn.microsoft.com/en-us/library/aa923430.aspx) the SNI feature is being disabled. This effect is not documented in MSDN, but Wireshark output clearly shows the effect (details on the libcurl maillist). PolarSSL: Fix the prototype change in PolarSSL of ssl_set_session() and the move of the peer_cert from the ssl_context to the ssl_session. Found this change in the PolarSSL SVN between r1316 and r1317 where the POLARSSL_VERSION_NUMBER was at 0x01010100. But to accommodate the Ubuntu PolarSSL version 1.1.4 the check is to discriminate between lower then PolarSSL version 1.2.0 and 1.2.0 and higher. Note: The PolarSSL SVN trunk jumped from version 1.1.1 to 1.2.0. Generic: All the SSL backends are fixed and checked to work with the ssl.verifyhost as a boolean, which is an internal API change.
2012-06-26darwinssl: add support for native Mac OS X/iOS SSLNick Zitzmann
2012-06-15build: add curl_multibyte files to build systemsYang Tse
2012-06-11winbuild: Updated winbuild scripts to add schannelMarc Hoersken
2012-06-04Makefile.inc: tab adjustmentYang Tse
2012-05-30sasl: Moved plain text authentication message creation from smtp.cSteve Holme
Moved the plain text message creation from smtp.c into the sasl module to allow for use by other modules such as pop3.
2012-05-25smtp: Moved auth-mechanism constants into a separate header fileSteve Holme
Move the SMTP_AUTH constants into a separate header file in preparation for adding SASL based authentication to POP3 as the two protocols will need to share them.
2012-04-07curl tool: use configuration files from lib directory - follow-up IYang Tse
amigaos.[ch] now integrates nicely with any libcurl build
2011-08-28NTLM: END of refactoring/splitting/movingYang Tse
First: File curl_ntlm.h renamed curl_ntlm_msgs.h File curl_ntlm.c renamed curl_ntlm_msgs.c Afterwards: File http_ntlm.c renamed curl_ntlm.c File http_ntlm.h renamed curl_ntlm.h
2011-08-28NTLM: move NTLM core specifics into curl_ntlm_core.[ch]Yang Tse
2011-08-27NTLM_WB: move NTLM_WB specifics into curl_ntlm_wb.[ch]Yang Tse
2011-08-14http NTLM: split http_ntlm.[ch] between http_ntlm.[ch] and curl_ntlm.[ch]Yang Tse
For modularity purposes, huge chunks of NTLM existing code is transformed into functions to allow future internal code reuse. Resulting three new libcurl private functions: - Curl_ntlm_create_type1_message() - Curl_ntlm_create_type3_message() - Curl_ntlm_decode_type2_message() Changing static ntlm_sspi_cleanup() into non-static Curl_ntlm_sspi_cleanup() This 'refactoring' has been prepared by previous commits to allow that this specific one does not introduce any change to existing code. All existing goodness and badness previous to this commit should remain the same once it is applied, the only difference should be that existing code is moved into functions. Given the quite big portions of code being moved around, and the importance of change traceability, this commit has been done in such a way that it is possible to perform a three-way diff from initial http_ntlm.[ch] to resulting http_ntlm.[ch] and curl_ntlm.[ch] to actually verify that no functional change is introduced here. Notice that Steve Holme has provided several patches, but these included this refactoring along with 'extra' fixes. I really wanted this 'clean' refactoring done first, in order to allow discussion or committing of 'extra' fixes on a case by case basis, so, I had to bite the bullet ;-) Comments, line adjustments, compiler warning fixes, whatever, may follow afterwards.
2011-08-12http NTLM: move portions of http_ntlm.h into new curl_ntlm.hSteve Holme
2011-07-13gssapi: rename our files to avoid conflictsDaniel Stenberg
gssapi.h is used as a header name by Heimdal-style GSSAPI so it would conflict with a private header using that name, and while renaming the header I figured we should name the .c file accordingly as well. Bug: http://curl.haxx.se/mail/lib-2011-07/0071.html Reported by: Ben Greear
2011-07-12Added Curl_gss_init_sec_context.Julien Chaffraix
This function wraps our calls to gss_init_sec_context so that we have a unified way to talk to GSSAPI.
2011-04-25async resolvers: further cleanupsDaniel Stenberg
asyn-ares.c and asyn-thread.c are two separate backends that implement the same (internal) async resolver API for libcurl to use. Backend is specified at build time. The internal resolver API is defined in asyn.h for asynch resolvers.
2011-04-20CURL_DOES_CONVERSIONS: cleanupDaniel Stenberg
Massively reduce #ifdefs all over (23 #ifdef lines less so far) Moved conversion-specific code to non-ascii.c
2011-04-04http-proxy: move proxy code to http_proxy.cDaniel Stenberg
The new http_proxy.* files now host HTTP proxy specific code (500+ lines moved out from http.c), and as a consequence there is a macro introduced for the Curl_proxyCONNECT() function so that code can use it without actually supporting proxy (or HTTP) in builds.
2011-03-08SSL: (part 2) Added CyaSSL to SSL abstraction layerTodd A Ouska
This is the modified existing files commit.
2011-01-07HTTP: HTTP Negotiate authentication using SSPIMarcel Roelofs
Only under Windows
2010-12-28IDN: use win32 API if told toPierre Joye
The functionality is provided in a new source file: lib/idn_win32.c
2010-12-15Preparing for axTLS. Actual SSL API functions are only stubbed.Eric Hu
Added axTLS to autotool files and glue code to misc other files. axtls.h maps SSL API functions, but may change. axtls.c is just a stub file and will definitely change.
2010-08-25Forgot gopher.h in Makefile.incCameron Kaiser
2010-08-25Gopher protocol support (initial release)Cameron Kaiser
2010-07-30NTLM tests: boost coverage by forcing the hostnameKamil Dudka
A shared library tests/libtest/.libs/lihostname.so is preloaded in NTLM test-cases to override the system implementation of gethostname(). It makes it possible to test the NTLM authentication for exact match, and this way test the implementation of MD4 and DES. If LD_PRELOAD doesn't work, a debug build willl also workk as debug builds are now made to prefer a specific environment variable and will then return that content as host name instead of the actual one. Kamil wrote the bulk of this, Daniel Stenberg polished it.
2010-07-29Added a comment with an alternate idea to avoid the backslash line ↵Guenter Knauf
contination character.
2010-07-28some cosmetic changes.Guenter Knauf
2010-06-30http_ntlm: add support for NSSKamil Dudka
When configured with '--without-ssl --with-nss', NTLM authentication now uses NSS crypto library for MD5 and DES. For MD4 we have a local implementation in that case. More details are available at https://bugzilla.redhat.com/603783 In order to get it working, curl_global_init() must be called with CURL_GLOBAL_SSL or CURL_GLOBAL_ALL. That's necessary because NSS needs to be initialized globally and we do so only when the NSS library is actually required by protocol. The mentioned call of curl_global_init() is responsible for creating of the initialization mutex. There was also slightly changed the NSS initialization scenario, in particular, loading of the NSS PEM module. It used to be loaded always right after the NSS library was initialized. Now the library is initialized as soon as any SSL or NTLM is required, while the PEM module is prevented from being loaded until the SSL is actually required.
2010-05-25LDAP: properly implemented as a curl_handlerHoward Chu
makes the LDAP code much cleaner, nicer and in general being a better libcurl citizen. If a new enough OpenLDAP version is detect, the new and shiny lib/openldap.c code is then used instead of the old cruft Code by Howard, minor cleanups by Daniel.
2010-05-12FTP: WILDCARDMATCH/CHUNKING/FNMATCH addedPavel Raiskup
2010-05-12RTMP: initial support added, powered by librtmpHoward Chu
librtmp is found at http://rtmpdump.mplayerhq.hu/
2010-05-05PolarSSL: initial support addedHoi-Ho Chan
This is Hoi-Ho Chan's patch with some minor fixes by me. There are some potential issues in this, but none worse than we can sort out on the list and over time.
2010-04-19Implement SMTP authenticationmonnerat
2010-02-19fix compiler warningYang Tse
2010-01-25Constantine Sapuntzakis provided initial thread abstraction layerYang Tse
2010-01-21Chris Conroy brought support for RTSP transfers, and with it comes 8(!) newDaniel Stenberg
libcurl options for controlling what to get and how to receive posssibly interleaved RTP data. Initial commit.
2009-12-12introducing IMAP, POP3 and SMTP support (still lots of polish left to do)Daniel Stenberg
2009-09-28libcurl private function Curl_memrchr() now in curl_memrchr.c and curl_memrchr.hYang Tse
2009-09-17Moved Curl_rand() and Curl_srand() code from formdata.c and formdata.hYang Tse
into curl_rand.c and curl_rand.h
2009-07-09- Eric Wong introduced curlx_nonblock() that the curl tool now (re-)uses forDaniel Stenberg
setting a file descriptor non-blocking. Used by the functionality Eric himself brough on June 15th.
2009-04-21libcurl's memory.h renamed to curl_memory.hYang Tse
2009-03-09- Frank Hempel found out a bug and provided the fix:Daniel Stenberg
curl_easy_duphandle did not necessarily duplicate the CURLOPT_COOKIEFILE option. It only enabled the cookie engine in the destination handle if data->cookies is not NULL (where data is the source handle). In case of a newly initialized handle which just had the cookie support enabled by a curl_easy_setopt(handle, CURL_COOKIEFILE, "")-call, handle->cookies was still NULL because the setopt-call only appends the value to data->change.cookielist, hence duplicating this handle would not have the cookie engine switched on. We also concluded that the slist-functionality would be suitable for being put in its own module rather than simply hanging out in lib/sendf.c so I created lib/slist.[ch] for them.
2009-01-29Introduced curl_sspi.c and curl_sspi.h for the implementation of functionsYang Tse
Curl_sspi_global_init() and Curl_sspi_global_cleanup() which previously were named Curl_ntlm_global_init() and Curl_ntlm_global_cleanup() in http_ntlm.c Also adjusted socks_sspi.c to remove the link-time dependency on the Windows SSPI library using it now in the same way as it was done in http_ntlm.c.
2009-01-28- Markus Moeller introduced two new options to libcurl:Daniel Stenberg
CURLOPT_SOCKS5_GSSAPI_SERVICE and CURLOPT_SOCKS5_GSSAPI_NEC to allow libcurl to do GSS-style authentication with SOCKS5 proxies. The curl tool got the options called --socks5-gssapi-service and --socks5-gssapi-nec to enable these.
2008-10-30Use our Curl_addrinfo definition even when an addrinfo struct is available.Yang Tse
Use a wrapper function to call system's getaddrinfo().
2008-10-23moved the Curl_raw_ functions into the new lib/rawstr.c file for easier curlx_Daniel Stenberg
inclusion by the curl tool without colliding with the curl_strequal functions.
2008-09-24ntoa() and inet_ntoa_r() no longer usedYang Tse
2008-08-17libcurl internal base64.h header file renamed to curl_base64.hYang Tse
2008-08-17libcurl internal md5.h header file renamed to curl_md5.hYang Tse
2008-03-31Removed the generated ca-bundle.h file. The verbatim value of $ca andMichal Marek
$capath is known to configure, so it can be defined in config.h instead.