aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2012-07-11Changed MinGW makefiles to use WINSSL now.Guenter Knauf
2012-07-09Make Curl_schannel_version() return "WinSSL"Yang Tse
Modification based on voting result: http://curl.haxx.se/mail/lib-2012-07/0104.html
2012-07-09cookie: fixed typo in commentDaniel Stenberg
2012-07-09https_getsock: provided for schannel backend as wellChristian Hägele
The function https_getsock was only implemented properly when USE_SSLEAY or USE_GNUTLS is defined, but it is also necessary for USE_SCHANNEL. The problem occurs when Curl_read_plain or Curl_write_plain returns CURLE_AGAIN. In that case CURL_OK is returned to the multi-interface an the used socket is set to state CURL_POLL_REMOVE and the easy-state is set to CURLM_STATE_PROTOCONNECT. This is fine, because later the socket should be set to CURL_POLL_IN or CURL_POLL_OUT via multi_getsock. That's where https_getsock is called and doesn't return any sockets.
2012-07-08darwinssl: don't use arc4random_bufNick Zitzmann
Re-wrote Curl_darwinssl_random() to not use arc4random_buf() because the function is not available prior to iOS 4.3 and OS X 10.7.
2012-07-07darwinssl: output cipher with text, remove SNI warningNick Zitzmann
The code was printing a warning when SNI was set up successfully. Oops. Printing the cipher number in verbose mode was something only TLS/SSL programmers might understand, so I had it print the name of the cipher, just like in the OpenSSL code. That'll be at least a little bit easier to understand. The SecureTransport API doesn't have a method of getting a string from a cipher like OpenSSL does, so I had to generate the strings manually.
2012-07-06code police: narrow source to < 80 columnsDaniel Stenberg
2012-07-05unicode NTLM SSPI: cleanup follow-upYang Tse
2012-07-05unicode NTLM SSPI: cleanupYang Tse
Reduce the number of #ifdef UNICODE directives used in source files.
2012-07-05http-proxy: keep CONNECT connections alive (for NTLM)Daniel Stenberg
When doing CONNECT requests, libcurl must make sure the connection is alive as much as possible. NTLM requires it and it is generally good for other cases as well. NTLM over CONNECT requests has been broken since this regression I introduced in my CONNECT cleanup commits that started with 41b02378342, included since 7.25.0. Bug: http://curl.haxx.se/bug/view.cgi?id=3538625 Reported by: Marcel Raad
2012-07-03Moved some patterns to subfolder's .gitignore.Guenter Knauf
2012-07-03Merge branch 'master' of ssh://github.com/bagder/curlGuenter Knauf
2012-07-03MinGW makefile tweaks for running from sh.Guenter Knauf
Added function macros to make path converting easier. Added CROSSPREFIX to all compile tools.
2012-07-03curl_ntlm_msgs.c: Removed unused variable passwdMarc Hoersken
2012-07-03cookies: change the URL in the cookie jar file headerDaniel Stenberg
2012-07-03curl_ntlm_msgs.c: include <tchar.h> for prototypesYang Tse
2012-07-02unicode NTLM SSPI: heap corruption fixedChristian Hägele
When compiling libcurl with UNICODE defined and using unicode characters in username.
2012-06-28nss.c: #include warnless.h for curlx_uztosi and curlx_uztoui prototypesYang Tse
2012-06-28nss.c: Fixed size_t conversion warningsMarc Hoersken
2012-06-28sslgen.c: cleanup temporary compile-time SSL-backend checkYang Tse
2012-06-28schannel: provide two additional (dummy) API definesDaniel Stenberg
2012-06-27sslgen: avoid compiler error in SSPI buildsDaniel Stenberg
2012-06-27ssluse.c: fix compiler warning: conversion to 'int' from 'size_t'Yang Tse
Reported by Tatsuhiro Tsujikawa http://curl.haxx.se/mail/lib-2012-06/0371.html
2012-06-27sslgen.c: add compile-time check for SSL-backend completenessYang Tse
2012-06-27build: add our standard includes to curl_darwinssl.c and curl_multibyte.cYang Tse
2012-06-27build: add curl_schannel and curl_darwinssl files to other build systemsYang Tse
2012-06-27DarwinSSL: allow using NTLM authenticationNick Zitzmann
Allow NTLM authentication when building using SecureTransport (Darwin) for SSL. This uses CommonCrypto, a cryptography library that ships with all versions of iOS and Mac OS X. It's like OpenSSL's libcrypto, except that it's missing a few less-common cyphers and doesn't have a big number data structure.
2012-06-27curl_darwinssl.h: add newline at end of fileYang Tse
2012-06-26ossl_seed: remove leftover RAND_screen checkDaniel Stenberg
Before commit 2dded8fedba (dec 2010) there was logic that used RAND_screen() at times and now I remove the leftover #ifdef check for it. The seeding code that uses Curl_FormBoundary() in ossl_seed() is dubious to keep since it hardly increases randomness but I fear I'll break something if I remove it now...
2012-06-26DarwinSSL: several adjustmentsNick Zitzmann
- Renamed st_ function prefix to darwinssl_ - Renamed Curl_st_ function prefix to Curl_darwinssl_ - Moved the duplicated ssl_connect_done out of the #ifdef in lib/urldata.h - Fixed a teensy little bug that made non-blocking connection attempts block - Made it so that it builds cleanly against the iOS 5.1 SDK
2012-06-26sockaddr.h: Fixed dereferencing pointer breakin strict-aliasingMarc Hoersken
Fixed warning: dereferencing pointer does break strict-aliasing rules by using a union inside the struct Curl_sockaddr_storage declaration.
2012-06-26SSL cleanup: use crypto functions through the sslgen layerDaniel Stenberg
curl_ntlm_msgs.c would previously use an #ifdef maze and direct SSL-library calls instead of using the SSL layer we have for this purpose.
2012-06-26darwinssl: add support for native Mac OS X/iOS SSLNick Zitzmann
2012-06-25curl_schannel.c: Remove redundant NULL assignments following Curl_safefree()Yang Tse
2012-06-25curl_schannel.c: Replace free() with Curl_safefree()Marc Hoersken
2012-06-24smtp: Corrected result code for MAIL, RCPT and DATA commandsSteve Holme
Bug: http://curl.haxx.se/mail/lib-2012-06/0094.html Reported by: Dan
2012-06-20build: fix RESOURCE bug in lib/Makefile.vc*Yang Tse
Removed two, not intended to exist, RESOURCE declarations. Bug: http://curl.haxx.se/bug/view.cgi?id=3535977 And sorted configuration hunks to reflect same internal order as the one shown in the usage message.
2012-06-20schannel: Implement new buffer size strategyMarc Hoersken
Increase decrypted and encrypted cache buffers using limitted doubling strategy. More information on the mailinglist: http://curl.haxx.se/mail/lib-2012-06/0255.html It updates the two remaining reallocations that have already been there and fixes the other one to use the same "do we need to increase the buffer"-condition as the other two. CURL_SCHANNEL_BUFFER_STEP_SIZE was renamed to CURL_SCHANNEL_BUFFER_FREE_SIZE since that is actually what it is now. Since we don't know how much more data we are going to read during the handshake, CURL_SCHANNEL_BUFFER_FREE_SIZE is used as the minimum free space required in the buffer for the next operation. CURL_SCHANNEL_BUFFER_STEP_SIZE was used for that before, too, but since we don't have a step size now, the define was renamed.
2012-06-20schannel SSL: fix compiler warningYang Tse
2012-06-20schannel SSL: fix for renegotiate problemMark Salisbury
In schannel_connect_step2() doread should be initialized based on connssl->connecting_state.
2012-06-20schannel_connect_step2: checksrc whitespace fixDaniel Stenberg
2012-06-20schannel SSL: changes in schannel_connect_step2Mark Salisbury
Process extra data buffer before returning from schannel_connect_step2. Without this change I've seen WinCE hang when schannel_connect_step2 returns and calls Curl_socket_ready. If the encrypted handshake does not fit in the intial buffer (seen with large certificate chain), increasing the encrypted data buffer is necessary. Fixed warning in curl_schannel.c line 1215.
2012-06-20config-win32ce.h: WinCE config adjustmentMark Salisbury
process.h is not present on WinCE
2012-06-20schannel SSL: Made send method handle unexpected cases betterMark Salisbury
Implemented timeout loop in schannel_send while sending data. This is as close as I think we can get to write buffering; I put a big comment in to explain my thinking. With some committer adjustments
2012-06-19curl_schannel.c: Avoid unnecessary realloc calls to reduce buffer sizeMarc Hoersken
2012-06-19schannel SSL: Use standard Curl read/write methodsMark Salisbury
Replaced calls to swrite with Curl_write_plain and calls to sread with Curl_read_plain. With some committer adjustments
2012-06-19schannel SSL: make wording of some trace messages better reflect realityYang Tse
2012-06-19curl_schannel.h: Use BUFSIZE as the initial buffer size if availableMarc Hoersken
Make the Schannel implementation use libcurl's default buffer size for the initial received encrypted and decrypted data cache buffers. The implementation still needs to handle more data since more data might have already been received or decrypted during the handshake or a read operation which needs to be cached for the next read.
2012-06-19schannel SSL: Implemented SSL shutdownMark Salisbury
curl_schannel.c - implemented graceful SSL shutdown. If we fail to shutdown the connection gracefully, I've seen schannel try to use a session ID for future connects and the server aborts the connection during the handshake.
2012-06-19schannel SSL: certificate validation on WinCEMark Salisbury
curl_schannel.c - auto certificate validation doesn't seem to work right on CE. I added a method to perform the certificate validation which uses CertGetCertificateChain and manually handles the result.