aboutsummaryrefslogtreecommitdiff
path: root/lib/ssluse.c
AgeCommit message (Collapse)Author
2006-03-06Lots of users on Windows have reported getting the "SSL: couldn't setDaniel Stenberg
callback" error message so I've now made the setting of that callback not be as critical as before. The function is only used for additional loggging/ trace anyway so a failure just means slightly less data. It should still be able to proceed and connect fine to the server.
2005-12-19Fixed lcc compiler warnings.Dan Fandrich
2005-12-13Fixed some compiler warnings on lcc.Dan Fandrich
2005-12-05Yang Tse fixed: Openssl 0.9.9 makes 'const' the SSL_METHOD parameter inDaniel Stenberg
SSL_CTX_new and others, and also makes functions SSLv23_client_method, TLSv1_client_method, etc return a 'const' SSL_METHOD pointer. Previous versions do not use the 'const' qualifier.
2005-12-04Recent OpenSSL returns a 'const' in '*_client_method()'. So avoidGisle Vanem
'assignment discards qualifiers from pointer target type' warning.
2005-11-13Yang Tse fixed compiler warningsDaniel Stenberg
2005-08-10the debug callback was called with CURLINFO_TEXT with the data size oneDaniel Stenberg
too big
2005-04-13fix compiler warningDaniel Stenberg
2005-04-07GnuTLS support added. There's now a "generic" SSL layer that we use all overDaniel Stenberg
internally, with code provided by sslgen.c. All SSL-layer-specific code is then written in ssluse.c (for OpenSSL) and gtls.c (for GnuTLS). As far as possible, internals should not need to know what SSL layer that is in use. Building with GnuTLS currently makes two test cases fail. TODO.gnutls contains a few known outstanding issues for the GnuTLS support. GnuTLS support is enabled with configure --with-gnutls
2005-03-31Updated the copyright year since changes have been this year.Daniel Stenberg
2005-03-04Reduced the length of data read from the random entropy file.Dan Fandrich
2005-03-04Don't try to read the whole of the random file because when /dev/urandom isDan Fandrich
used, it slows initialization too much reading an infinitely long file!
2005-02-10init fix for non-SSL buildsDaniel Stenberg
2005-02-09better error checking and SSL init by David ByronDaniel Stenberg
2005-01-10Hzhijun reported a memory leak in the SSL certificate code, that leaked theDaniel Stenberg
remote certificate name when it didn't match the used host name.
2004-12-19Remove 'data' initialiser.Gisle Vanem
2004-12-19if the pkcs12.h header exists, include it already in urldata.h to work aroundDaniel Stenberg
a precedence problem with the zlib header. See CHANGES for details.
2004-12-18Samuel Listopad added support for PKCS12 formatted certificates.Daniel Stenberg
2004-12-14prevent compiler warning when built without engine supportDaniel Stenberg
2004-12-14Header files are in openssl/ only if USE_OPENSSL is set.Dan Fandrich
2004-12-14urldata.h: Removed engine_list.Gisle Vanem
ssluse.*: Added SSL_strerror(). Curl_SSL_engines_list() now returns a slist which must be freed by caller.
2004-12-14Moved the engine stuff from the root-level of the SessionHandle struct to theDaniel Stenberg
UrlState sub-struct. Also made the engine_list exist for non-ssl builds to make curl build.
2004-12-13Added handling of CURLINFO_SSL_ENGINES;Gisle Vanem
Added Curl_SSL_engines_list(), cleanup SSL in url.c (no HAVE_OPENSSL_x etc.).
2004-11-22Curl_select's timeout arg is an intDaniel Stenberg
2004-11-19David Phillips' FD_SETSIZE fixDaniel Stenberg
2004-11-15clean up start time and t_startsingle use so that redirect_time works properlyDaniel Stenberg
2004-10-06removed tabs and trailing whitespace from sourceDaniel Stenberg
2004-09-02improved error message when client cert return failureDaniel Stenberg
2004-08-10In OpenSSL 0.9.7d and earlier, ASN1_STRING_to_UTF8 fails if the input isDaniel Stenberg
already UTF-8 encoded. We check for this case and copy the raw string manually to avoid the problem. This code can be made conditional in the future when OpenSSL has been fixed. Work-around brought by Alexis S. L. Carvalho.
2004-07-29added typecast in an attempt to fix a mingw32 warningDaniel Stenberg
2004-07-04SSL_get_verify_result() returns a long, so we receive the result in a longDaniel Stenberg
and not an int.
2004-07-01Variable type cleanups to please the picky MIPSPro compiler.Daniel Stenberg
2004-06-30Prevent a very long password to buffer overflow the global variable weDaniel Stenberg
use when built with a very old OpenSSL version.
2004-06-30make the SSL connect use the same default connect timeout define as theDaniel Stenberg
generic connect uses
2004-06-24Replaced all uses of sprintf() with the safer snprintf(). It is just aDaniel Stenberg
precaution to prevent mistakes to lead to buffer overflows.
2004-06-22Gisle fixed the wildcard checks for certificates.Daniel Stenberg
2004-06-19prevent compiler warningDaniel Stenberg
2004-06-18Gisle's "SSL patch" from June 16th 2004, modified by me as discussed on theDaniel Stenberg
mailing list.
2004-06-13use Curl_strcasestr() when checking wildcard cert namesDaniel Stenberg
2004-05-18* seed_enough() was converted to a macro to avoid the IRIX compiler warningDaniel Stenberg
about that passed-in argument not being used. * killed trailing whitespace
2004-05-17Peter Sylvester's patch that addresses two flaws in the peer certificate nameDaniel Stenberg
verification: - when multiple common names are used (as in the curl tests), the last name needs to be selected. - allow comparing with encoded values, at least with BMP and ISO latin1 encoded T61strings.
2004-05-13memory cleanup and check fixDaniel Stenberg
2004-05-11curl_global_init_mem() allows the memory functions to be replaced.Daniel Stenberg
memory.h is included everywhere for this.
2004-04-29Gisle made the code use ERR_error_string_n()Daniel Stenberg
2004-04-27Made host name and proxy name get stored in a 'struct hostname' and setDaniel Stenberg
all things up to work with encoded host names internally, as well as keeping 'display names' to show in debug messages. IDN resolves work for me now using ipv6, ipv4 and ares resolving. Even cookies on IDN sites seem to do right.
2004-04-26Tor Arntsen fixed a 'Statement not reachable'-warningDaniel Stenberg
2004-04-20Cleaned up hostname/name/gname and path/ppath confusion. Removed the fixed-Daniel Stenberg
length limit of the hostname part of the URL.
2004-03-23variable type usage cleanup to please picky compilersDaniel Stenberg
2004-03-11don't let the EINTR stuff build on windowsDaniel Stenberg
2004-03-10Jeff Lawson fixed the SSL connection to deal with received signals during theDaniel Stenberg
connect.