Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-10-29 | Fixed error message since we require ALPN support. | Guenter Knauf | |
2014-10-29 | Check for ALPN via OpenSSL version number. | Guenter Knauf | |
This check works also with to non-configure platforms. | |||
2014-10-28 | sasl_sspi: Fixed typo in comment | Steve Holme | |
2014-10-28 | code cleanup: We prefer 'CURLcode result' | Steve Holme | |
2014-10-28 | mk-ca-bundle: spell fix "version" | Daniel Stenberg | |
2014-10-27 | HTTP: return larger than 3 digit response codes too | Daniel Stenberg | |
HTTP 1.1 is clearly specified to only allow three digit response codes, and libcurl used sscanf("%3d") for that purpose. This made libcurl support smaller numbers but not larger. It does now, but we will not make any specific promises nor document this further since it is going outside of what HTTP is. Bug: http://curl.haxx.se/bug/view.cgi?id=1441 Reported-by: Balaji | |||
2014-10-26 | ntlm: We prefer 'CURLcode result' | Steve Holme | |
Continuing commit 0eb3d15ccb more return code variable name changes. | |||
2014-10-26 | Cosmetics: lowercase non-special subroutine names. | Guenter Knauf | |
2014-10-26 | http_negotiate: We prefer 'CURLcode result' | Steve Holme | |
Continuing commit 0eb3d15ccb more return code variable name changes. | |||
2014-10-26 | http_negotiate: Fixed missing check for USE_SPNEGO | Steve Holme | |
2014-10-26 | sspi: Synchronization of cleanup code between auth mechanisms | Steve Holme | |
2014-10-26 | sspi: Renamed max token length variables | Steve Holme | |
Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms. | |||
2014-10-26 | sspi: Renamed expiry time stamp variables | Steve Holme | |
Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms. | |||
2014-10-26 | sspi: Only call CompleteAuthToken() when complete is needed | Steve Holme | |
Don't call CompleteAuthToken() after InitializeSecurityContext() has returned SEC_I_CONTINUE_NEEDED as this return code only indicates the function should be called again after receiving a response back from the server. This only affected the Digest and NTLM authentication code. | |||
2014-10-26 | ntlm: Return all errors from Curl_ntlm_core_mk_nt_hash() | Steve Holme | |
For consistency with other areas of the NTLM code propagate all errors from Curl_ntlm_core_mk_nt_hash() up the call stack rather than just CURLE_OUT_OF_MEMORY. | |||
2014-10-26 | ntlm: Return CURLcode from Curl_ntlm_core_mk_lm_hash() | Steve Holme | |
2014-10-26 | ntlm: Use 'CURLcode result' | Steve Holme | |
Continuing commit 0eb3d15ccb more return code variable name changes. | |||
2014-10-25 | ntlm: Only define ntlm data structure when USE_NTLM is defined | Steve Holme | |
2014-10-25 | ntlm: Changed handles to be dynamic like other SSPI handles | Steve Holme | |
Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms. | |||
2014-10-25 | ntlm: Renamed handle variables to match other SSPI structures | Steve Holme | |
Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms. | |||
2014-10-25 | ntlm: Renamed SSPI based input token variables | Steve Holme | |
Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms. | |||
2014-10-25 | ntlm: We prefer 'CURLcode result' | Steve Holme | |
Continuing commit 0eb3d15ccb more return code variable name changes. | |||
2014-10-24 | darwinssl: detect possible future removal of SSLv3 from the framework | Nick Zitzmann | |
If Apple ever drops SSLv3 support from the Security framework, we'll fail with an error if the user insists on using SSLv3. | |||
2014-10-24 | gskit.c: remove SSLv3 from SSL default. | Patrick Monnerat | |
2014-10-24 | gskit.c: use 'CURLcode result' | Patrick Monnerat | |
2014-10-24 | SSL: Remove SSLv3 from SSL default due to POODLE attack | Jay Satiro | |
- Remove SSLv3 from SSL default in darwinssl, schannel, cyassl, nss, openssl effectively making the default TLS 1.x. axTLS is not affected since it supports only TLS, and gnutls is not affected since it already defaults to TLS 1.x. - Update CURLOPT_SSLVERSION doc | |||
2014-10-24 | pipelining: only output "is not blacklisted" in debug builds | Daniel Stenberg | |
2014-10-24 | url.c: use 'CURLcode result' | Daniel Stenberg | |
2014-10-24 | code cleanup: we prefer 'CURLcode result' | Daniel Stenberg | |
... for the local variable name in functions holding the return code. Using the same name universally makes code easier to read and follow. Also, unify code for checking for CURLcode errors with: if(result) or if(!result) instead of if(result == CURLE_OK), if(CURLE_OK == result) or if(result != CURLE_OK) | |||
2014-10-24 | Curl_add_timecondition: skip superfluous varible assignment | Daniel Stenberg | |
Detected by cppcheck. | |||
2014-10-24 | Curl_pp_flushsend: skip superfluous assignment | Daniel Stenberg | |
Detected by cppcheck. | |||
2014-10-24 | Curl_pp_readresp: remove superfluous assignment | Daniel Stenberg | |
Variable already assigned a few lines up. Detected by cppcheck. | |||
2014-10-24 | Curl_proxyCONNECT: remove superfluous statement | Daniel Stenberg | |
The variable is already assigned, skip the duplicate assignment. Pointed out by cppcheck. | |||
2014-10-24 | Added MinGW support to build with nghttp2. | Guenter Knauf | |
2014-10-23 | Some cosmetics and simplifies. | Guenter Knauf | |
2014-10-23 | Remove dependency on openssl and cut. | Guenter Knauf | |
Prefer usage of Perl modules for sha1 calculation since there might be systems where openssl is not installed or not in path. If openssl is used for sha1 calculation then dont rely on cut since it is usually not available on other systems than Linux. | |||
2014-10-23 | gnutls: removed dead code | Daniel Stenberg | |
Bug: http://curl.haxx.se/bug/view.cgi?id=1437 Reported-by: Julien | |||
2014-10-23 | Curl_rand: Uninitialized variable: r | Daniel Stenberg | |
This is not actually used uninitialized but we silence warnings. Bug: http://curl.haxx.se/bug/view.cgi?id=1437 Reported-by: Julien | |||
2014-10-20 | nss: reset SSL handshake state machine | Kamil Dudka | |
... when the handshake succeeds This fixes a connection failure when FTPS handle is reused. | |||
2014-10-16 | ntlm: Fixed empty type-2 decoded message info text | Steve Holme | |
Updated the info text when the base-64 decode of the type-2 message returns a null buffer to be more specific. | |||
2014-10-16 | ntlm: Fixed empty/bad base-64 decoded buffer return codes | Steve Holme | |
2014-10-16 | ntlm: Avoid unnecessary buffer allocation for SSPI based type-2 token | Steve Holme | |
2014-10-15 | sasl_sspi: Fixed some typos | Steve Holme | |
2014-10-15 | sasl_sspi: Fixed Kerberos response buffer not being allocated when using SSO | Steve Holme | |
2014-10-15 | mk-ca-bundle: added SHA-384 signature algorithm | Bruno Thomsen | |
Certificates based on SHA-1 are being phased out[1]. So we should expect a rise in certificates based on SHA-2. Adding SHA-384 as a valid signature algorithm. [1] https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/ Signed-off-by: Bruno Thomsen <bth@kamstrup.dk> | |||
2014-10-14 | Implement pinned public key in GSKit backend | Patrick Monnerat | |
2014-10-14 | cleanups: reduce variable scope | Daniel Stenberg | |
cppcheck pointed these out. | |||
2014-10-14 | singleipconnect: remove dead assignment never used | Daniel Stenberg | |
cppcheck pointed this out. | |||
2014-10-13 | pinning: minor code style policing | Daniel Stenberg | |
2014-10-13 | Factorize pinned public key code into generic file handling and backend specific | Patrick Monnerat | |