aboutsummaryrefslogtreecommitdiff
path: root/lib/Makefile.inc
AgeCommit message (Collapse)Author
2018-04-18schannel: add support for CURLOPT_CAINFODan McNulty
- Move verify_certificate functionality in schannel.c into a new file called schannel_verify.c. Additionally, some structure defintions from schannel.c have been moved to schannel.h to allow them to be used in schannel_verify.c. - Make verify_certificate functionality for Schannel available on all versions of Windows instead of just Windows CE. verify_certificate will be invoked on Windows CE or when the user specifies CURLOPT_CAINFO and CURLOPT_SSL_VERIFYPEER. - In verify_certificate, create a custom certificate chain engine that exclusively trusts the certificate store backed by the CURLOPT_CAINFO file. - doc updates of --cacert/CAINFO support for schannel - Use CERT_NAME_SEARCH_ALL_NAMES_FLAG when invoking CertGetNameString when available. This implements a TODO in schannel.c to improve handling of multiple SANs in a certificate. In particular, all SANs will now be searched instead of just the first name. - Update tool_operate.c to not search for the curl-ca-bundle.crt file when using Schannel to maintain backward compatibility. Previously, any curl-ca-bundle.crt file found in that search would have been ignored by Schannel. But, with CAINFO support, the file found by that search would have been used as the certificate store and could cause issues for any users that have curl-ca-bundle.crt in the search path. - Update url.c to not set the build time CURL_CA_BUNDLE if the selected SSL backend is Schannel. We allow setting CA location for schannel only when explicitly specified by the user via CURLOPT_CAINFO / --cacert. - Add new test cases 3000 and 3001. These test cases check that the first and last SAN, respectively, matches the connection hostname. New test certificates have been added for these cases. For 3000, the certificate prefix is Server-localhost-firstSAN and for 3001, the certificate prefix is Server-localhost-secondSAN. - Remove TODO 15.2 (Add support for custom server certificate validation), this commit addresses it. Closes https://github.com/curl/curl/pull/1325
2018-01-30Curl_range: commonize FTP and FILE range handlingMax Dymond
Closes #2205
2018-01-29curl_ctype: private is*() type macros and functionsDaniel Stenberg
... since the libc provided one are locale dependent in a way we don't want. Also, the "native" isalnum() (for example) works differently on different platforms which caused test 1307 failures on macos only. Closes #2269
2017-12-01Added support for libssh SSH SCP back-endNikos Mavrogiannopoulos
libssh is an alternative library to libssh2. https://www.libssh.org/ That patch set also introduces support for ECDSA ed25519 keys, as well as gssapi authentication. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
2017-11-10setopt: split out curl_easy_setopt() to its own fileDaniel Stenberg
... to make url.c smaller. Closes #1944
2017-10-28auth: add support for RFC7616 - HTTP Digest access authenticationFlorin
Signed-off-by: Florin <petriuc.florin@gmail.com>
2017-09-02mime: new MIME API.Patrick Monnerat
Available in HTTP, SMTP and IMAP. Deprecates the FORM API. See CURLOPT_MIMEPOST. Lib code and associated documentation.
2016-11-14Curl_rand: fixed and moved to rand.cDaniel Stenberg
Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-10-31strcasecompare: all case insensitive string compares ignore locale nowDaniel Stenberg
We had some confusions on when each function was used. We should not act differently on different locales anyway.
2016-10-31strcasecompare: is the new name for strequal()Daniel Stenberg
... to make it less likely that we forget that the function actually does case insentive compares. Also replaced several invokes of the function with a plain strcmp when case sensitivity is not an issue (like comparing with "-").
2016-05-30loadlibrary: Only load system DLLs from the system directorySteve Holme
Inspiration provided by: Daniel Stenberg and Ray Satiro Bug: https://curl.haxx.se/docs/adv_20160530.html Ref: Windows DLL hijacking with curl, CVE-2016-4802
2016-03-27http_ntlm: Renamed from curl_ntlm.[c|h]Steve Holme
Renamed the header and source files for this module as they are HTTP specific and as such, they should use the naming convention as other HTTP authentication source files do - this revert commit 260ee6b7bf. Note: We could also rename curl_ntlm_wb.[c|h], however, the Winbind code needs separating from the HTTP protocol and migrating into the vauth directory, thus adding support for Winbind to the SASL based protocols such as IMAP, POP3 and SMTP.
2016-03-26http_negotiate: Combine GSS-API and SSPI source filesSteve Holme
As the GSS-API and SSPI based source files are no longer library/API specific, following the extraction of that authentication code to the vauth directory, combine these files rather than maintain two separate versions.
2016-03-26vauth: Moved the Negotiate authentication code to the new vauth directorySteve Holme
Part 2 of 2 - Moved the GSS-API based Negotiate authentication code.
2016-03-26vauth: Moved the Negotiate authentication code to the new vauth directorySteve Holme
Part 1 of 2 - Moved the SSPI based Negotiate authentication code.
2016-03-25vauth: Updated the copyright year after recent changesSteve Holme
As most of this work was performed in 2015 but not pushed until 2016 updated the copyright year to reflect the public facing changes.
2016-03-25vauth: Moved the OAuth 2.0 authentication code to the new vauth directorySteve Holme
2016-03-25vauth: Moved the NTLM authentication code to the new vauth directorySteve Holme
2016-03-25vauth: Moved the Kerberos V5 authentication code to the new vauth directorySteve Holme
2016-03-25vauth: Moved the DIGEST authentication code to the new vauth directorySteve Holme
2016-03-25vauth: Moved the CRAM-MD5 authentication code to the new vauth directorySteve Holme
2016-03-25vauth: Moved the ClearText authentication code to the new vauth directorySteve Holme
2016-03-25vauth: Moved Curl_sasl_build_spn() to create the initial vauth source filesSteve Holme
2016-02-03URLs: change all http:// URLs to https://Daniel Stenberg
2015-10-20vtls: added support for mbedTLSJonas Minnberg
closes #496
2015-05-12bundles: merged into conncache.cDaniel Stenberg
All the existing Curl_bundle* functions were only ever used from within the conncache.c file, so I moved them over and made them static (and removed the Curl_ prefix).
2015-03-03mprintf.h: remove #ifdef CURLDEBUGDaniel Stenberg
... and as a consequence, introduce curl_printf.h with that re-define magic instead and make all libcurl code use that instead.
2015-02-15By request, change the name of "curl_darwinssl.[ch]" to "darwinssl.[ch]"Nick Zitzmann
2015-02-07schannel: Removed curl_ prefix from source filesSteve Holme
Removed the curl_ prefix from the schannel source files as discussed with Marc and Daniel at FOSDEM.
2015-01-28des: Added Curl_des_set_odd_parity()Steve Holme
Added Curl_des_set_odd_parity() for use when cryptography engines don't include this functionality.
2014-12-31endian: Fixed Linux compilation issuesSteve Holme
Having files named endian.[c|h] seemed to cause issues under Linux so renamed them both to have the curl_ prefix in the filenames.
2014-12-31endian: Introduced endian moduleSteve Holme
To allow the little endian functions, currently used in two of the NTLM source files, to be used by other modules such as the SMB module.
2014-12-06Makefile.inc: Updated file formattingSteve Holme
Aligned continuation character and used space as the separator character as per other makefile files.
2014-12-02sasl_gssapi: Introduced GSS-API based SASL moduleSteve Holme
Added the initial version of curl_sasl_gssapi.c and updated the project files in preparation for adding GSS-API based Kerberos V5 support.
2014-11-29smb: Added initial source files for SMBBill Nagel
Added the initial source files and updated the relevant project files in order to support SMB/CIFS.
2014-10-13vtls: remove QsoSSLPatrick Monnerat
2014-05-18build: Slight rename of new LIB_* makefile file variablesSteve Holme
In order to try and be consistent between curl and libcurl renamed the recently introduced LIB_* makefile file variables.
2014-05-11Makefile.inc: Added resource file to assist Visual Studio project generationSteve Holme
2014-05-09Makefile.inc: Separated the lib and lib/vtls source file variablesSteve Holme
To cater for the automatic generation of the new Visual Studio project files, moved the lib file list into a separated variable so that lib and lib/vtls can be referenced independently.
2014-04-06sasl: Renamed SSPI module following short name clashSteve Holme
2014-04-05sasl: Added initial stub functions for SSPI DIGEST-MD supportSteve Holme
2013-12-20Makefile.inc: use standard source headerDaniel Stenberg
2013-12-20Makefile.inc: specify the vtls sources+headers separatelyDaniel Stenberg
2013-12-20vtls: renamed sslgen.[ch] to vtls.[ch]Daniel Stenberg
2013-12-20openssl: renamed backend files to openssl.[ch]Daniel Stenberg
2013-12-20vtls: moved all TLS/SSL source and header files into subdirDaniel Stenberg
2013-12-20vtls: created subdir, moved sslgen.[ch] there, updated all include linesDaniel Stenberg
2013-11-27sigpipe: factor out sigpipe_reset from easy.cJeff King
Commit 7d80ed64e43515 introduced some helpers to handle sigpipe in easy.c. However, that fix was incomplete, and we need to add more callers in other files. The first step is making the helpers globally accessible. Since the functions are small and should generally end up inlined anyway, we simply define them in the header as static functions. Signed-off-by: Jeff King <peff@peff.net>
2013-10-12Fixed typo in Makefile.inc that left http2.h out of the tar ballDan Fandrich
2013-09-04http2: add http2.[ch] and add nghttp2 version outputDaniel Stenberg