aboutsummaryrefslogtreecommitdiff
path: root/lib/sslgen.c
AgeCommit message (Collapse)Author
2012-12-14setup_once.h: refactor inclusion of <unistd.h> and <sys/socket.h>Yang Tse
Inclusion of top two most included header files now done in setup_once.h
2012-06-28sslgen.c: cleanup temporary compile-time SSL-backend checkYang Tse
2012-06-27sslgen: avoid compiler error in SSPI buildsDaniel Stenberg
2012-06-27sslgen.c: add compile-time check for SSL-backend completenessYang Tse
2012-06-26DarwinSSL: several adjustmentsNick Zitzmann
- Renamed st_ function prefix to darwinssl_ - Renamed Curl_st_ function prefix to Curl_darwinssl_ - Moved the duplicated ssl_connect_done out of the #ifdef in lib/urldata.h - Fixed a teensy little bug that made non-blocking connection attempts block - Made it so that it builds cleanly against the iOS 5.1 SDK
2012-06-26SSL cleanup: use crypto functions through the sslgen layerDaniel Stenberg
curl_ntlm_msgs.c would previously use an #ifdef maze and direct SSL-library calls instead of using the SSL layer we have for this purpose.
2012-06-26darwinssl: add support for native Mac OS X/iOS SSLNick Zitzmann
2012-06-11schannel: Added SSL/TLS support with Microsoft Windows Schannel SSPIMarc Hoersken
2012-06-08ssl: fix duplicated SSL handshake with multi interface and proxyKamil Dudka
Bug: https://bugzilla.redhat.com/788526 Reported by: Enrico Scholz
2012-01-18ssl session caching: fix compiler warningsYang Tse
2011-12-19Use Curl_ssl_connect for non-blocking connect fallbackSven Wegener
This gets the appconnect time right for ssl backends, which don't support non-blocking connects. Signed-off-by: Sven Wegener <sven.wegener@stealer.net>
2011-11-25SSLSESSION_SHARED: new macro to check if session is sharedDaniel Stenberg
Added convenience macro to use to check if a handle is using a shared SSL session, and fixed so that Curl_ssl_close_all() doesn't lock when the session isn't shared.
2011-11-17getsessionid: don't ever return while lockedDaniel Stenberg
Also, check for the session sharing bit instead of comparing pointers
2011-11-17Curl_ssl_getsessionid: increase the value, not the pointerDaniel Stenberg
2011-11-17SSL session share: move the age counter to the share objectAlejandro Alvarez Ayllon
Previously the age counter would be counted individually in each easy handle that shared SSL sessions!
2011-10-07libcurl: some OOM handling fixesYang Tse
2011-09-28SSL session sharing support addedAlejandro Alvarez
With locking, plus test, plus documentation
2011-09-05fix bool variables checking and assignmentYang Tse
2011-07-26stdio.h, stdlib.h, string.h, stdarg.h and ctype.h inclusion done in setup_once.hYang Tse
2011-04-27source cleanup: unify look, style and indent levelsDaniel Stenberg
By the use of a the new lib/checksrc.pl script that checks that our basic source style rules are followed.
2011-04-16Curl_ssl_shutdown: restore send/recv pointersDaniel Stenberg
When going back from SSL, put the send/recv function pointers back to the plain versions. Bug: http://curl.haxx.se/mail/lib-2011-04/0070.html Reported by: Mehmet Bozkurt
2011-03-08SSL: (part 2) Added CyaSSL to SSL abstraction layerTodd A Ouska
This is the modified existing files commit.
2011-01-10SSL: fix memory leakQuinn Slack
In OOM situation. Follow-up fix to commit a9cd4f4ed49e1a0.
2010-12-15Preparing for axTLS. Actual SSL API functions are only stubbed.Eric Hu
Added axTLS to autotool files and glue code to misc other files. axtls.h maps SSL API functions, but may change. axtls.c is just a stub file and will definitely change.
2010-05-07sendrecv: split the I/O handling into private handlerHoward Chu
Howard Chu brought the bulk work of this patch that properly moves out the sending and recving of data to the parts of the code that are properly responsible for the various ways of doing so. Daniel Stenberg assisted with polishing a few bits and fixed some minor flaws in the original patch. Another upside of this patch is that we now abuse CURLcodes less with the "magic" -1 return codes and instead use CURLE_AGAIN more consistently.
2010-05-05PolarSSL: initial support addedHoi-Ho Chan
This is Hoi-Ho Chan's patch with some minor fixes by me. There are some potential issues in this, but none worse than we can sort out on the list and over time.
2010-04-04refactorize interface of Curl_ssl_recv/Curl_ssl_sendKamil Dudka
2010-03-24remove the CVSish $Id$ linesDaniel Stenberg
2010-03-22Fix insufficient initialization in Curl_clone_ssl_config()douglas steinwand
which could have caused a double free when reusing curl handle.
2010-03-19- Improved Curl_read() to not ignore the error returned from Curl_ssl_recv().Kamil Dudka
2009-11-18Make usage of calloc()'s arguments consistent with rest of code baseYang Tse
2009-05-04- Michael Smith posted bug report #2786255Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=2786255) with a patch, identifying how libcurl did not deal with SSL session ids properly if the server rejected a re-use of one. Starting now, it will forget the rejected one and remember the new. This change was for OpenSSL only, it is likely that other SSL lib code needs similar fixes.
2009-04-26- Bug report #2779733 (http://curl.haxx.se/bug/view.cgi?id=2779733) by SvenDaniel Stenberg
Wegener pointed out that CURLINFO_APPCONNECT_TIME didn't work with the multi interface and provided a patch that fixed the problem!
2009-04-21libcurl's memory.h renamed to curl_memory.hYang Tse
2009-02-25corrected and clarified the top commentDaniel Stenberg
2008-10-23moved the Curl_raw_ functions into the new lib/rawstr.c file for easier curlx_Daniel Stenberg
inclusion by the curl tool without colliding with the curl_strequal functions.
2008-10-23Created Curl_raw_nequal() which does a C-locale string case comparison.Dan Fandrich
Changed checkprefix() to use it and those instances of strnequal() that compare host names or other protocol strings that are defined to be independent of case in the C locale. This should fix a few more Turkish locale problems.
2008-09-06remove unnecessary typecasting of calloc()Yang Tse
2008-09-05Only compile Curl_ssl_free_certinfo when SSL is enabledDan Fandrich
2008-09-05- Introducing CURLOPT_CERTINFO and the corresponding CURLINFO_CERTINFO. ByDaniel Stenberg
enabling this feature with CURLOPT_CERTINFO for a request using SSL (HTTPS or FTPS), libcurl will gather lots of server certificate info and that info can then get extracted by a client after the request has completed with curl_easy_getinfo()'s CURLINFO_CERTINFO option. Linus Nielsen Feltzing helped me test and smoothen out this feature. Unfortunately, this feature currently only works with libcurl built to use OpenSSL. This feature was sponsored by networking4all.com - thanks!
2008-07-03Introcuding a new timestamp for curl_easy_getinfo():Daniel Stenberg
CURLINFO_APPCONNECT_TIME. This is set with the "application layer" handshake/connection is completed (typically SSL, TLS or SSH). By using this you can figure out the application layer's own connect time. You can extract the time stamp using curl's -w option and the new variable named 'time_appconnect'. This feature was sponsored by Lenny Rachitsky at NeuStar.
2008-06-11- I did a cleanup of the internal generic SSL layer and how the various SSLDaniel Stenberg
libraries are supported. Starting now, each underlying SSL library support code does a set of defines for the 16 functions the generic layer (sslgen.c) uses (all these new function defines use the prefix "curlssl_"). This greatly simplified the generic layer in readability by involving much less #ifdefs and other preprocessor stuff and should make it easier for people to make libcurl work with new SSL libraries. Hopefully I can later on document these 16 functions somewhat as well. I also made most of the internal SSL-dependent functions (using Curl_ssl_ prefix) #defined to nothing when no SSL support is requested - previously they would unnecessarily call mostly empty functions.
2008-05-09- Make Curl_write and it's callees accept a const pointer, in preparationMichal Marek
of tetetest's patch for curl_easy_send()
2008-02-20- Based on initial work done by Gautam Kachroo to address a bug, we now keepDaniel Stenberg
better control at the exact state of the connection's SSL status so that we know exactly when it has completed the SSL negotiation or not so that there won't be accidental re-uses of connections that are wrongly believed to be in SSL-completed-negotiate state.
2007-12-25added missing semicolon fromn last commit.Gunter Knauf
2007-12-24Gary Maxwell filed bug report #1856628Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=1856628) and provided a fix for the (small) memory leak in the SSL session ID caching code. It happened when a previous entry in the cache was re-used.
2007-12-03Bug report #1842029 (http://curl.haxx.se/bug/view.cgi?id=1842029) identifiedDaniel Stenberg
a problem with SSL session caching that prevent it from working, and the associated fix!
2007-11-19I think this is the right fix for other non-OpenSSL libs, based on the NSS fixDaniel Stenberg
from the other day. It is time to setup the internal SSL libs and treat them with a "handler" struct similar to how we deal with the protocols these days...
2007-11-18Rob Crittenden fixed SSL connections with NSS done with the multi-interfaceDaniel Stenberg
2007-11-07if () => if()Daniel Stenberg
while () => while() and some other minor re-indentings