Age | Commit message (Collapse) | Author | |
---|---|---|---|
2003-11-24 | prevent warning for non-SSL builds | Daniel Stenberg | |
2003-11-24 | FTPS support added as RFC2228 and the murray-ftp-auth-ssl draft describe it | Daniel Stenberg | |
2003-11-15 | Mathias Axelsson found a case where we free()d the server certificate twice! | Daniel Stenberg | |
2003-10-23 | Georg Horn's fixes to do different CA cert verifications. They can now be | Daniel Stenberg | |
done even if the result is ignored, as some sites seem to require that. | |||
2003-10-16 | rewritten alternative name check | Daniel Stenberg | |
2003-10-15 | bad license situation for the altname patch | Daniel Stenberg | |
2003-10-08 | fixed to build fine without ssl | Daniel Stenberg | |
2003-10-07 | Neil Dunbar provided a patch that now makes libcurl check SSL | Daniel Stenberg | |
subjectAltNames when matching certs. This is apparently detailed in RFC2818 as the right thing to do. I had to add configure checks for inet_pton() and our own (strictly speaking, code from BIND written by Paul Vixie) provided code for the function for platforms that miss it. | |||
2003-09-03 | warn if no CN is available if verify is only set to 1 | Daniel Stenberg | |
2003-08-19 | CRYPTO_cleanup_all_ex_data() is not present in all OpenSSL versions so | Daniel Stenberg | |
we need to check for its presence in the configure script | |||
2003-08-19 | Loren Kirkby pointed out that we need to call CRYPTO_cleanup_all_ex_data() | Daniel Stenberg | |
when we cleanup the SSL stuff to not leak any memory. I wish this was documented anywhere. | |||
2003-07-05 | re-use existing variable instead of declaring a new local one | Daniel Stenberg | |
2003-07-04 | Peter Sylvester's patch was applied that introduces the following: | Daniel Stenberg | |
CURLOPT_SSL_CTX_FUNCTION to set a callback that gets called with the OpenSSL's ssl_ctx pointer passed in and allow a callback to act on it. If anything but CURLE_OK is returned, that will also be returned by libcurl all the way back. If this function changes the CURLOPT_URL, libcurl will detect this and instead go use the new URL. CURLOPT_SSL_CTX_DATA is a pointer you set to get passed to the callback set with CURLOPT_SSL_CTX_FUNCTION. | |||
2003-06-26 | use CURLDEBUG instead of MALLOCDEBUG for preprocessor conditions | Daniel Stenberg | |
2003-06-02 | work-around SSL implementation flaws better, pointed out in bug report | Daniel Stenberg | |
#745122. | |||
2003-05-01 | Andy Cedilnik fixed some compiler warnings | Daniel Stenberg | |
2003-04-14 | return the same error for the sslv2 "certificate verify failed" code | Daniel Stenberg | |
2003-04-14 | Restored the SSL error codes since they was broken in the 7.10.4 release, | Daniel Stenberg | |
also now attempt to detect and return the specific CACERT error code. | |||
2003-03-31 | Fixup after talks with Richard Bramante. We should now make better | Daniel Stenberg | |
comparisons before re-using SSL connections and re-using SSL connection IDs. | |||
2003-03-13 | Philippe Raoult needed this to build on FreeBSD | Daniel Stenberg | |
2003-03-11 | Richard Gorton improved the random_the_seed() function for systems where | Daniel Stenberg | |
we don't find/know of a good random source. This way, we get a better randomness which in turn should make SSL connections more secure. | |||
2003-02-28 | the strequal and strnequal should now be called with the proper curl_ prefix | Daniel Stenberg | |
2003-02-27 | spell better | Daniel Stenberg | |
2003-02-14 | include <sys/socket.h> to compile the fd_set stuff properly on all systems | Daniel Stenberg | |
2003-02-05 | Re-arranged the SSL connection code (again). The recent fix was not a very | Daniel Stenberg | |
good one. This should work fine again. | |||
2003-02-04 | Improved error reporting in case of bad SSL_connect()s, and we also no | Daniel Stenberg | |
longer use the SSL functions that store the error message in a static buffer since that is not very multi-thread friendly. | |||
2003-01-29 | removed the local variables for emacs and vim, use the new sample.emacs | Daniel Stenberg | |
way for emacs, and vim users should provide a similar non-polluting style | |||
2003-01-16 | copyright year update in the source header | Daniel Stenberg | |
2003-01-07 | Philippe Raoult's fix to handle wildcard certificate name checks | Daniel Stenberg | |
2002-12-13 | Evan Jordan's fix for a memory leak. Bug report 650989. | Daniel Stenberg | |
2002-12-09 | The fread() callback pointer and associated pointer is now stored in the | Daniel Stenberg | |
connectdata struct instead, and is no longer modified within the 'set' struct as previously (which was a really BAAAD thing). | |||
2002-09-03 | updated source code boilerplate/header | Daniel Stenberg | |
2002-08-30 | if verifypeer is enabled but nether CAfile nor CApath is, then don't try | Daniel Stenberg | |
to load "verify_locations" | |||
2002-08-30 | CURLE_SSL_INSECURE is removed again and so is CURLOPT_SSL_INSECURE, we | Daniel Stenberg | |
proceed fine with the already existing options, just having a different internal library default for capath. | |||
2002-06-10 | This fix MIGHT make us build nicely with OpenSSL 0.9.7. This fix is based | Daniel Stenberg | |
on a patch from Jacob Meuser, input from Götz Babin-Ebell and my own browsing of the latest include files. | |||
2002-05-21 | ASN1 files don't work for the *chain_file(), make them use the previous | Daniel Stenberg | |
version | |||
2002-05-20 | Roland Zimmermann's hint, we use SSL_CTX_use_certificate_chain_file() instead | Daniel Stenberg | |
of the previous one that used SSL_CTX_use_certificate_file() | |||
2002-03-19 | copyright string (year) update | Daniel Stenberg | |
2002-01-30 | now re-seed by force (even if already seeded) if a random file or egd socket | Daniel Stenberg | |
is given | |||
2002-01-29 | - T. Bharath pointed out that we seed SSL on every connect, which is a time- | Daniel Stenberg | |
consuming operation that should only be needed to do once. We patched libcurl to now only seed on the first connect when unseeded. The seeded status is global so it'll now only happen once during a program's life time. | |||
2002-01-17 | Richard Archer made it compile and build with OpenSSL versions prior to | Daniel Stenberg | |
0.9.5 | |||
2002-01-09 | Cris Bailiff found out that when the SSL session cache was filled, libcurl | Daniel Stenberg | |
would crash. This corrects the problem. | |||
2002-01-08 | added a missing failf() before returning an error code | Daniel Stenberg | |
2002-01-07 | Modified to use non-blocking sockets all the time. | Daniel Stenberg | |
2001-12-17 | Götz Babin-Ebell's OpenSSL ENGINE patch | Daniel Stenberg | |
2001-12-11 | failf() calls should not have newlines in the message string! | Daniel Stenberg | |
2001-11-14 | Samuel Listopad's fix to allow global_init => global_cleanup => global_init | Daniel Stenberg | |
for ssl | |||
2001-11-05 | we can now tell ssl to use TLSv1 protocol, and we now use defines instead | Daniel Stenberg | |
of real integers for versions, the defines are added to curl.h | |||
2001-10-11 | looks nicer and is better compatible with older vim versions | Sterling Hughes | |
2001-09-19 | Lots of praise and glory to Vojtech Minarik for setting up a test server | Daniel Stenberg | |
and providing me with test-certificates that helped me nail the problem with curl not discovering with a bad certificate was used. |