aboutsummaryrefslogtreecommitdiff
path: root/lib/vtls/darwinssl.c
AgeCommit message (Collapse)Author
2016-06-01vtls: fix ssl session cache race conditionIvan Avdeev
Sessionid cache management is inseparable from managing individual session lifetimes. E.g. for reference-counted sessions (like those in SChannel and OpenSSL engines) every session addition and removal should be accompanied with refcount increment and decrement respectively. Failing to do so synchronously leads to a race condition that causes symptoms like use-after-free and memory corruption. This commit: - makes existing session cache locking explicit, thus allowing individual engines to manage lock's scope. - fixes OpenSSL and SChannel engines by putting refcount management inside this lock's scope in relevant places. - adds these explicit locking calls to other engines that use sessionid cache to accommodate for this change. Note, however, that it is unknown whether any of these engines could also have this race. Bug: https://github.com/curl/curl/issues/815 Fixes #815 Closes #847
2016-05-13darwinssl.c: fix OS X codename typo in commentViktor Szakats
2016-05-12darwinssl: fix certificate verification disable on OS X 10.8Per Malmberg
The new way of disabling certificate verification doesn't work on Mountain Lion (OS X 10.8) so we need to use the old way in that version too. I've tested this solution on versions 10.7.5, 10.8, 10.9, 10.10.2 and 10.11. Closes #802
2016-04-19darwinssl: removed commented out codeDaniel Stenberg
2016-02-03URLs: change all http:// URLs to https://Daniel Stenberg
2015-03-21darwinsssl: add support for TLS False StartNick Zitzmann
TLS False Start support requires iOS 7.0 or later, or OS X 10.9 or later.
2015-03-03vtls: use curl_printf.h all overDaniel Stenberg
No need to use _MPRINTF_REPLACE internally.
2015-02-15By request, change the name of "curl_darwinssl.[ch]" to "darwinssl.[ch]"Nick Zitzmann