Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-07-30 | vtls: make the random function mandatory in the TLS backend | Daniel Stenberg | |
To force each backend implementation to really attempt to provide proper random. If a proper random function is missing, then we can explicitly make use of the default one we use when TLS support is missing. This commit makes sure it works for darwinssl, gnutls, nss and openssl. | |||
2014-07-28 | nss: do not check the version of NSS at run time | Kamil Dudka | |
The minimal required version of NSS is 3.14.x so it does not make sense to check for NSS 3.12.0+ at run time. | |||
2014-07-04 | nss: make the list of CRL items global | Kamil Dudka | |
Otherwise NSS could use an already freed item for another connection. | |||
2014-07-04 | nss: fix a memory leak when CURLOPT_CRLFILE is used | Kamil Dudka | |
2014-07-04 | nss: make crl_der allocated on heap | Kamil Dudka | |
... and spell it as crl_der instead of crlDER | |||
2014-07-04 | nss: let nss_{cache,load}_crl return CURLcode | Kamil Dudka | |
2014-07-02 | nss: make the fallback to SSLv3 work again | Kamil Dudka | |
This feature was unintentionally disabled by commit ff92fcfb. | |||
2014-07-02 | nss: do not abort on connection failure | Kamil Dudka | |
... due to calling SSL_VersionRangeGet() with NULL file descriptor reported-by: upstream tests 305 and 404 | |||
2014-04-25 | nss: propagate blocking direction from NSPR I/O | Kamil Dudka | |
... during the non-blocking SSL handshake | |||
2014-04-22 | nss: implement non-blocking SSL handshake | Kamil Dudka | |
2014-04-22 | nss: split Curl_nss_connect() into 4 functions | Kamil Dudka | |
2014-03-31 | http2: remove _DRAFT09 from the NPN_HTTP2 enum | Daniel Stenberg | |
We're progressing throught drafts so there's no point in having a fixed one in a symbol that'll survive. | |||
2014-03-15 | nss: allow to enable/disable new AES GCM cipher-suites | Kamil Dudka | |
... if built against a new enough version of NSS | |||
2014-03-15 | nss: allow to enable/disable new HMAC-SHA256 cipher-suites | Kamil Dudka | |
... if built against a new enough version of NSS | |||
2014-03-15 | nss: do not enable AES cipher-suites by default | Kamil Dudka | |
... but allow them to be enabled/disabled explicitly. The default policy should be maintained at the NSS level. | |||
2014-03-03 | NSS: avoid compiler warnings when built without http2 support | Daniel Stenberg | |
2014-02-10 | NPN/ALPN: allow disabling via command line | Fabian Frank | |
when using --http2 one can now selectively disable NPN or ALPN with --no-alpn and --no-npn. for now honored with NSS only. TODO: honor this option with GnuTLS and OpenSSL | |||
2014-02-10 | nss: use correct preprocessor macro | Fabian Frank | |
SSL_ENABLE_ALPN can be used for preprocessor ALPN feature detection, but not SSL_NEXT_PROTO_SELECTED, since it is an enum value and not a preprocessor macro. | |||
2014-02-07 | nss: support pre-ALPN versions | Daniel Stenberg | |
2014-02-07 | nss: ALPN and NPN support | Fabian Frank | |
Add ALPN and NPN support for NSS. This allows cURL to negotiate HTTP/2.0 connections when built with NSS. | |||
2014-02-06 | nss: Updated copyright year for recent edits | Steve Holme | |
2014-02-06 | nss: prefer highest available TLS version | Fabian Frank | |
Offer TLSv1.0 to 1.2 by default, still fall back to SSLv3 if --tlsv1[.N] was not specified on the command line. | |||
2014-01-29 | nss: do not use the NSS_ENABLE_ECC define | Kamil Dudka | |
It is not provided by NSS public headers. Bug: https://bugzilla.redhat.com/1058776 | |||
2014-01-29 | nss: do not fail if NSS does not implement a cipher | Kamil Dudka | |
... that the user does not ask for | |||
2013-12-26 | vtls: Updated comments referencing sslgen.c and ssluse.c | Steve Holme | |
2013-12-26 | vtls: Fixed up include of vtls.h | Steve Holme | |
2013-12-20 | vtls: moved all TLS/SSL source and header files into subdir | Daniel Stenberg | |