aboutsummaryrefslogtreecommitdiff
path: root/lib/vtls/vtls.h
AgeCommit message (Collapse)Author
2015-01-16url: add CURLOPT_SSL_VERIFYSTATUS optionAlessandro Ghedini
This option can be used to enable/disable certificate status verification using the "Certificate Status Request" TLS extension defined in RFC6066 section 8. This also adds the CURLE_SSL_INVALIDCERTSTATUS error, to be used when the certificate status verification fails, and the Curl_ssl_cert_status_request() function, used to check whether the SSL backend supports the status_request extension.
2014-12-26vtls: Use CURLcode for Curl_ssl_init_certinfo() return typeSteve Holme
The return type for this function was 0 on success and 1 on error. This was then examined by the calling functions and, in most cases, used to return CURLE_OUT_OF_MEMORY. Instead use CURLcode for the return type and return the out of memory error directly, propagating it up the call stack.
2014-12-25vtls: Use bool for Curl_ssl_getsessionid() return typeSteve Holme
The return type of this function is a boolean value, and even uses a bool internally, so use bool in the function declaration as well as the variables that store the return value, to avoid any confusion.
2014-11-24SSL: Add PEM format support for public key pinningmoparisthebest
2014-11-09vtls.h: Fixed compiler warning when compiled without SSLSteve Holme
vtls.c:185:46: warning: unused parameter 'data'
2014-10-13Factorize pinned public key code into generic file handling and backend specificPatrick Monnerat
2014-10-13vtls: remove QsoSSLPatrick Monnerat
2014-10-13vtls/*: deprecate have_curlssl_md5sum and set-up default md5sum implementationPatrick Monnerat
2014-10-09vtls: have vtls.h include the backend header filesDaniel Stenberg
It turned out some features were not enabled in the build since for example url.c #ifdefs on features that are defined on a per-backend basis but vtls.h didn't include the backend headers. CURLOPT_CERTINFO was one such feature that was accidentally disabled.
2014-08-03ssl: provide Curl_ssl_backend even if no SSL library is availableDan Fandrich
2014-07-31ssl: generalize how the ssl backend identifier is setDaniel Stenberg
Each backend now defines CURL_SSL_BACKEND accordingly. Added the *AXTLS one which was missing previously.
2014-07-30vtls: repair build without TLS supportDaniel Stenberg
... by defining Curl_ssl_random() properly
2014-07-30vtls: make the random function mandatory in the TLS backendDaniel Stenberg
To force each backend implementation to really attempt to provide proper random. If a proper random function is missing, then we can explicitly make use of the default one we use when TLS support is missing. This commit makes sure it works for darwinssl, gnutls, nss and openssl.
2014-06-11NTLM: set a fake entropy for debug builds with CURL_ENTROPY setDaniel Stenberg
Curl_rand() will return a dummy and repatable random value for this case. Makes it possible to write test cases that verify output. Also, fake timestamp with CURL_FORCETIME set. Only when built debug enabled of course. Curl_ssl_random() was not used anymore so it has been removed. Curl_rand() is enough. create_digest_md5_message: generate base64 instead of hex string curl_sasl: also fix memory leaks in some OOM situations
2014-05-20ALPN: fix typo in http/1.1 identifierFabian Frank
According to https://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-05 it is "http/1.1" and not "http/1.0".
2014-02-04gtls: add ALPN supportFabian Frank
Add ALPN support when using GnuTLS >= 3.2.0. This allows libcurl to negotiate HTTP/2.0 for https connections when built with GnuTLS. See: http://www.gnutls.org/manual/gnutls.html#Application-Layer-Protocol-Negotiation-_0028ALPN_0029 http://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-04
2013-12-20vtls: renamed sslgen.[ch] to vtls.[ch]Daniel Stenberg