curl - cURL mirror with patches applied

Age	Commit message (Collapse)	Author
2014-10-30	code cleanup: Use 'CURLcode result'	Steve Holme

2014-10-30	build: added Watcom support to build with WinSSL.	Guenter Knauf

2014-10-29	openssl: enable NPN separately from ALPN	Daniel Stenberg
	... and allow building with nghttp2 but completely without NPN and ALPN, as nghttp2 can still be used for plain-text HTTP. Reported-by: Lucas Pardue
2014-10-29	vtls.c: Fixed compilation warning	Steve Holme
	conversion from 'size_t' to 'unsigned int', possible loss of data
2014-10-29	sspi: Return CURLE_LOGIN_DENIED on AcquireCredentialsHandle() failure	Steve Holme
	Return a more appropriate error, rather than CURLE_OUT_OF_MEMORY when acquiring the credentials handle fails. This is then consistent with the code prior to commit f7e24683c4 when log-in credentials were empty.
2014-10-29	sasl_sspi: Allow DIGEST-MD5 to use current windows credentials	Steve Holme
	Fixed the ability to use the current log-in credentials with DIGEST-MD5. I had previously disabled this functionality in commit 607883f13c as I couldn't get this to work under Windows 8, however, from testing HTTP Digest authentication through Windows SSPI and then further testing of this code I have found it works in Windows 7. Some further investigation is required to see what the differences are between Windows 7 and 8, but for now enable this functionality as the code will return an error when AcquireCredentialsHandle() fails.
2014-10-29	transfer: drop the code handling the ssl_connect_retry flag	Kamil Dudka
	Its last use has been removed by the previous commit.
2014-10-29	nss: drop the code for libcurl-level downgrade to SSLv3	Kamil Dudka
	This code was already deactivated by commit ec783dc142129d3860e542b443caaa78a6172d56.
2014-10-29	openssl: fix a line length warning	Kamil Dudka

2014-10-29	Added NetWare support to build with nghttp2.	Guenter Knauf

2014-10-29	Fixed error message since we require ALPN support.	Guenter Knauf

2014-10-29	Check for ALPN via OpenSSL version number.	Guenter Knauf
	This check works also with to non-configure platforms.
2014-10-28	sasl_sspi: Fixed typo in comment	Steve Holme

2014-10-28	code cleanup: We prefer 'CURLcode result'	Steve Holme

2014-10-28	mk-ca-bundle: spell fix "version"	Daniel Stenberg

2014-10-27	HTTP: return larger than 3 digit response codes too	Daniel Stenberg
	HTTP 1.1 is clearly specified to only allow three digit response codes, and libcurl used sscanf("%3d") for that purpose. This made libcurl support smaller numbers but not larger. It does now, but we will not make any specific promises nor document this further since it is going outside of what HTTP is. Bug: http://curl.haxx.se/bug/view.cgi?id=1441 Reported-by: Balaji
2014-10-26	ntlm: We prefer 'CURLcode result'	Steve Holme
	Continuing commit 0eb3d15ccb more return code variable name changes.
2014-10-26	Cosmetics: lowercase non-special subroutine names.	Guenter Knauf

2014-10-26	http_negotiate: We prefer 'CURLcode result'	Steve Holme
	Continuing commit 0eb3d15ccb more return code variable name changes.
2014-10-26	http_negotiate: Fixed missing check for USE_SPNEGO	Steve Holme

2014-10-26	sspi: Synchronization of cleanup code between auth mechanisms	Steve Holme

2014-10-26	sspi: Renamed max token length variables	Steve Holme
	Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms.
2014-10-26	sspi: Renamed expiry time stamp variables	Steve Holme
	Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms.
2014-10-26	sspi: Only call CompleteAuthToken() when complete is needed	Steve Holme
	Don't call CompleteAuthToken() after InitializeSecurityContext() has returned SEC_I_CONTINUE_NEEDED as this return code only indicates the function should be called again after receiving a response back from the server. This only affected the Digest and NTLM authentication code.
2014-10-26	ntlm: Return all errors from Curl_ntlm_core_mk_nt_hash()	Steve Holme
	For consistency with other areas of the NTLM code propagate all errors from Curl_ntlm_core_mk_nt_hash() up the call stack rather than just CURLE_OUT_OF_MEMORY.
2014-10-26	ntlm: Return CURLcode from Curl_ntlm_core_mk_lm_hash()	Steve Holme

2014-10-26	ntlm: Use 'CURLcode result'	Steve Holme
	Continuing commit 0eb3d15ccb more return code variable name changes.
2014-10-25	ntlm: Only define ntlm data structure when USE_NTLM is defined	Steve Holme

2014-10-25	ntlm: Changed handles to be dynamic like other SSPI handles	Steve Holme
	Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms.
2014-10-25	ntlm: Renamed handle variables to match other SSPI structures	Steve Holme
	Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms.
2014-10-25	ntlm: Renamed SSPI based input token variables	Steve Holme
	Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms.
2014-10-25	ntlm: We prefer 'CURLcode result'	Steve Holme
	Continuing commit 0eb3d15ccb more return code variable name changes.
2014-10-24	darwinssl: detect possible future removal of SSLv3 from the framework	Nick Zitzmann
	If Apple ever drops SSLv3 support from the Security framework, we'll fail with an error if the user insists on using SSLv3.
2014-10-24	gskit.c: remove SSLv3 from SSL default.	Patrick Monnerat

2014-10-24	gskit.c: use 'CURLcode result'	Patrick Monnerat

2014-10-24	SSL: Remove SSLv3 from SSL default due to POODLE attack	Jay Satiro
	- Remove SSLv3 from SSL default in darwinssl, schannel, cyassl, nss, openssl effectively making the default TLS 1.x. axTLS is not affected since it supports only TLS, and gnutls is not affected since it already defaults to TLS 1.x. - Update CURLOPT_SSLVERSION doc
2014-10-24	pipelining: only output "is not blacklisted" in debug builds	Daniel Stenberg

2014-10-24	url.c: use 'CURLcode result'	Daniel Stenberg

2014-10-24	code cleanup: we prefer 'CURLcode result'	Daniel Stenberg
	... for the local variable name in functions holding the return code. Using the same name universally makes code easier to read and follow. Also, unify code for checking for CURLcode errors with: if(result) or if(!result) instead of if(result == CURLE_OK), if(CURLE_OK == result) or if(result != CURLE_OK)
2014-10-24	Curl_add_timecondition: skip superfluous varible assignment	Daniel Stenberg
	Detected by cppcheck.
2014-10-24	Curl_pp_flushsend: skip superfluous assignment	Daniel Stenberg
	Detected by cppcheck.
2014-10-24	Curl_pp_readresp: remove superfluous assignment	Daniel Stenberg
	Variable already assigned a few lines up. Detected by cppcheck.
2014-10-24	Curl_proxyCONNECT: remove superfluous statement	Daniel Stenberg
	The variable is already assigned, skip the duplicate assignment. Pointed out by cppcheck.
2014-10-24	Added MinGW support to build with nghttp2.	Guenter Knauf

2014-10-23	Some cosmetics and simplifies.	Guenter Knauf

2014-10-23	Remove dependency on openssl and cut.	Guenter Knauf
	Prefer usage of Perl modules for sha1 calculation since there might be systems where openssl is not installed or not in path. If openssl is used for sha1 calculation then dont rely on cut since it is usually not available on other systems than Linux.
2014-10-23	gnutls: removed dead code	Daniel Stenberg
	Bug: http://curl.haxx.se/bug/view.cgi?id=1437 Reported-by: Julien
2014-10-23	Curl_rand: Uninitialized variable: r	Daniel Stenberg
	This is not actually used uninitialized but we silence warnings. Bug: http://curl.haxx.se/bug/view.cgi?id=1437 Reported-by: Julien
2014-10-20	nss: reset SSL handshake state machine	Kamil Dudka
	... when the handshake succeeds This fixes a connection failure when FTPS handle is reused.
2014-10-16	ntlm: Fixed empty type-2 decoded message info text	Steve Holme
	Updated the info text when the base-64 decode of the type-2 message returns a null buffer to be more specific.