aboutsummaryrefslogtreecommitdiff
path: root/lib/ssluse.c
AgeCommit message (Collapse)Author
2006-05-09Robson Braga Araujo fixed two problems in the recently added non-blocking SSLDaniel Stenberg
connects. The state machine was not reset properly so that subsequent connects using the same handle would fail, and there were two memory leaks.
2006-05-05additional renames of Curl_ourerrno => Curl_sockerrnoDaniel Stenberg
2006-05-04Roland Blom filed bug report #1481217Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=1481217), with follow-ups by Michele Bini and David Byron. libcurl previously wrongly used GetLastError() on windows to get error details after socket-related function calls, when it really should use WSAGetLastError() instead. When changing to this, the former function Curl_ourerrno() is now instead called Curl_sockerrno() as it is necessary to only use it to get errno from socket-related functions as otherwise it won't work as intended on Windows.
2006-04-18corrected the SSL timeout, as Ates Goral's patch did it and that works (opposedDaniel Stenberg
to my previous brain-damaged version)
2006-04-10Ates Goral found out that if you specified both CURLOPT_CONNECTTIMEOUT andDaniel Stenberg
CURLOPT_TIMEOUT, the _longer_ time would wrongly be used for the SSL connection time-out!
2006-04-07First commit of David McCreedy's EBCDIC and TPF changes.Daniel Stenberg
2006-03-21Xavier Bouchoux made the SSL connection non-blocking for the multi interfaceDaniel Stenberg
(when using OpenSSL).
2006-03-13David McCreedy found a use of the wrong variable when display the errorDaniel Stenberg
text from OpenSSL.
2006-03-06Lots of users on Windows have reported getting the "SSL: couldn't setDaniel Stenberg
callback" error message so I've now made the setting of that callback not be as critical as before. The function is only used for additional loggging/ trace anyway so a failure just means slightly less data. It should still be able to proceed and connect fine to the server.
2005-12-19Fixed lcc compiler warnings.Dan Fandrich
2005-12-13Fixed some compiler warnings on lcc.Dan Fandrich
2005-12-05Yang Tse fixed: Openssl 0.9.9 makes 'const' the SSL_METHOD parameter inDaniel Stenberg
SSL_CTX_new and others, and also makes functions SSLv23_client_method, TLSv1_client_method, etc return a 'const' SSL_METHOD pointer. Previous versions do not use the 'const' qualifier.
2005-12-04Recent OpenSSL returns a 'const' in '*_client_method()'. So avoidGisle Vanem
'assignment discards qualifiers from pointer target type' warning.
2005-11-13Yang Tse fixed compiler warningsDaniel Stenberg
2005-08-10the debug callback was called with CURLINFO_TEXT with the data size oneDaniel Stenberg
too big
2005-04-13fix compiler warningDaniel Stenberg
2005-04-07GnuTLS support added. There's now a "generic" SSL layer that we use all overDaniel Stenberg
internally, with code provided by sslgen.c. All SSL-layer-specific code is then written in ssluse.c (for OpenSSL) and gtls.c (for GnuTLS). As far as possible, internals should not need to know what SSL layer that is in use. Building with GnuTLS currently makes two test cases fail. TODO.gnutls contains a few known outstanding issues for the GnuTLS support. GnuTLS support is enabled with configure --with-gnutls
2005-03-31Updated the copyright year since changes have been this year.Daniel Stenberg
2005-03-04Reduced the length of data read from the random entropy file.Dan Fandrich
2005-03-04Don't try to read the whole of the random file because when /dev/urandom isDan Fandrich
used, it slows initialization too much reading an infinitely long file!
2005-02-10init fix for non-SSL buildsDaniel Stenberg
2005-02-09better error checking and SSL init by David ByronDaniel Stenberg
2005-01-10Hzhijun reported a memory leak in the SSL certificate code, that leaked theDaniel Stenberg
remote certificate name when it didn't match the used host name.
2004-12-19Remove 'data' initialiser.Gisle Vanem
2004-12-19if the pkcs12.h header exists, include it already in urldata.h to work aroundDaniel Stenberg
a precedence problem with the zlib header. See CHANGES for details.
2004-12-18Samuel Listopad added support for PKCS12 formatted certificates.Daniel Stenberg
2004-12-14prevent compiler warning when built without engine supportDaniel Stenberg
2004-12-14Header files are in openssl/ only if USE_OPENSSL is set.Dan Fandrich
2004-12-14urldata.h: Removed engine_list.Gisle Vanem
ssluse.*: Added SSL_strerror(). Curl_SSL_engines_list() now returns a slist which must be freed by caller.
2004-12-14Moved the engine stuff from the root-level of the SessionHandle struct to theDaniel Stenberg
UrlState sub-struct. Also made the engine_list exist for non-ssl builds to make curl build.
2004-12-13Added handling of CURLINFO_SSL_ENGINES;Gisle Vanem
Added Curl_SSL_engines_list(), cleanup SSL in url.c (no HAVE_OPENSSL_x etc.).
2004-11-22Curl_select's timeout arg is an intDaniel Stenberg
2004-11-19David Phillips' FD_SETSIZE fixDaniel Stenberg
2004-11-15clean up start time and t_startsingle use so that redirect_time works properlyDaniel Stenberg
2004-10-06removed tabs and trailing whitespace from sourceDaniel Stenberg
2004-09-02improved error message when client cert return failureDaniel Stenberg
2004-08-10In OpenSSL 0.9.7d and earlier, ASN1_STRING_to_UTF8 fails if the input isDaniel Stenberg
already UTF-8 encoded. We check for this case and copy the raw string manually to avoid the problem. This code can be made conditional in the future when OpenSSL has been fixed. Work-around brought by Alexis S. L. Carvalho.
2004-07-29added typecast in an attempt to fix a mingw32 warningDaniel Stenberg
2004-07-04SSL_get_verify_result() returns a long, so we receive the result in a longDaniel Stenberg
and not an int.
2004-07-01Variable type cleanups to please the picky MIPSPro compiler.Daniel Stenberg
2004-06-30Prevent a very long password to buffer overflow the global variable weDaniel Stenberg
use when built with a very old OpenSSL version.
2004-06-30make the SSL connect use the same default connect timeout define as theDaniel Stenberg
generic connect uses
2004-06-24Replaced all uses of sprintf() with the safer snprintf(). It is just aDaniel Stenberg
precaution to prevent mistakes to lead to buffer overflows.
2004-06-22Gisle fixed the wildcard checks for certificates.Daniel Stenberg
2004-06-19prevent compiler warningDaniel Stenberg
2004-06-18Gisle's "SSL patch" from June 16th 2004, modified by me as discussed on theDaniel Stenberg
mailing list.
2004-06-13use Curl_strcasestr() when checking wildcard cert namesDaniel Stenberg
2004-05-18* seed_enough() was converted to a macro to avoid the IRIX compiler warningDaniel Stenberg
about that passed-in argument not being used. * killed trailing whitespace
2004-05-17Peter Sylvester's patch that addresses two flaws in the peer certificate nameDaniel Stenberg
verification: - when multiple common names are used (as in the curl tests), the last name needs to be selected. - allow comparing with encoded values, at least with BMP and ISO latin1 encoded T61strings.
2004-05-13memory cleanup and check fixDaniel Stenberg