1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-05 17:15:04 -05:00
Commit Graph

46 Commits

Author SHA1 Message Date
Patrick Monnerat
d2c5503e0c os400: support CURLOPT_PROXY_PINNEDPUBLICKEY
Also define it in ILE/RPG binding.
2016-11-26 18:52:30 +01:00
Patrick Monnerat
93c04cb14a os400: sync ILE/RPG binding 2016-11-25 03:25:21 +01:00
Alex Rousskov
cb4e2be7c6 proxy: Support HTTPS proxy and SOCKS+HTTP(s)
* HTTPS proxies:

An HTTPS proxy receives all transactions over an SSL/TLS connection.
Once a secure connection with the proxy is established, the user agent
uses the proxy as usual, including sending CONNECT requests to instruct
the proxy to establish a [usually secure] TCP tunnel with an origin
server. HTTPS proxies protect nearly all aspects of user-proxy
communications as opposed to HTTP proxies that receive all requests
(including CONNECT requests) in vulnerable clear text.

With HTTPS proxies, it is possible to have two concurrent _nested_
SSL/TLS sessions: the "outer" one between the user agent and the proxy
and the "inner" one between the user agent and the origin server
(through the proxy). This change adds supports for such nested sessions
as well.

A secure connection with a proxy requires its own set of the usual SSL
options (their actual descriptions differ and need polishing, see TODO):

  --proxy-cacert FILE        CA certificate to verify peer against
  --proxy-capath DIR         CA directory to verify peer against
  --proxy-cert CERT[:PASSWD] Client certificate file and password
  --proxy-cert-type TYPE     Certificate file type (DER/PEM/ENG)
  --proxy-ciphers LIST       SSL ciphers to use
  --proxy-crlfile FILE       Get a CRL list in PEM format from the file
  --proxy-insecure           Allow connections to proxies with bad certs
  --proxy-key KEY            Private key file name
  --proxy-key-type TYPE      Private key file type (DER/PEM/ENG)
  --proxy-pass PASS          Pass phrase for the private key
  --proxy-ssl-allow-beast    Allow security flaw to improve interop
  --proxy-sslv2              Use SSLv2
  --proxy-sslv3              Use SSLv3
  --proxy-tlsv1              Use TLSv1
  --proxy-tlsuser USER       TLS username
  --proxy-tlspassword STRING TLS password
  --proxy-tlsauthtype STRING TLS authentication type (default SRP)

All --proxy-foo options are independent from their --foo counterparts,
except --proxy-crlfile which defaults to --crlfile and --proxy-capath
which defaults to --capath.

Curl now also supports %{proxy_ssl_verify_result} --write-out variable,
similar to the existing %{ssl_verify_result} variable.

Supported backends: OpenSSL, GnuTLS, and NSS.

* A SOCKS proxy + HTTP/HTTPS proxy combination:

If both --socks* and --proxy options are given, Curl first connects to
the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS
proxy.

TODO: Update documentation for the new APIs and --proxy-* options.
Look for "Added in 7.XXX" marks.
2016-11-24 23:41:44 +01:00
Daniel Stenberg
434f8d0389 internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
Jay Satiro
332414a30e getinfo: CURLINFO_TLS_SSL_PTR supersedes CURLINFO_TLS_SESSION
The two options are almost the same, except in the case of OpenSSL:

CURLINFO_TLS_SESSION OpenSSL session internals is SSL_CTX *.

CURLINFO_TLS_SSL_PTR OpenSSL session internals is SSL *.

For backwards compatibility we couldn't modify CURLINFO_TLS_SESSION to
return an SSL pointer for OpenSSL.

Also, add support for the 'internals' member to point to SSL object for
the other backends axTLS, PolarSSL, Secure Channel, Secure Transport and
wolfSSL.

Bug: https://github.com/curl/curl/issues/234
Reported-by: dkjjr89@users.noreply.github.com

Bug: https://curl.haxx.se/mail/lib-2015-09/0127.html
Reported-by: Michael König
2016-02-23 19:03:03 -05:00
Daniel Stenberg
4af40b3646 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
Patrick Monnerat
210fc95c0f os400: adjust specific code to support new options. 2015-11-05 14:41:22 +01:00
Patrick Monnerat
aec249f89f os400: include new options in wrappers and update ILE/RPG binding. 2015-08-24 14:20:34 +02:00
Patrick Monnerat
32d4260c2d os400: ebcdic wrappers for new functions. Upgrade ILE/RPG bindings. 2015-07-21 16:36:34 +02:00
Patrick Monnerat
9fcc297ff3 OS400: Add SPNEGO service name options to ILE/RPG binding. 2015-05-05 14:05:41 +02:00
Linus Nielsen
97c272e5d1 Negotiate: custom service names for SPNEGO.
* Add new options, CURLOPT_PROXY_SERVICE_NAME and CURLOPT_SERVICE_NAME.
* Add new curl options, --proxy-service-name and --service-name.
2015-04-28 08:29:56 +02:00
Markus Elfring
29c655c0a6 Bug #149: Deletion of unnecessary checks before calls of the function "free"
The function "free" is documented in the way that no action shall occur for
a passed null pointer. It is therefore not needed that a function caller
repeats a corresponding check.
http://stackoverflow.com/questions/18775608/free-a-null-pointer-anyway-or-check-first

This issue was fixed by using the software Coccinelle 1.0.0-rc24.

Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
2015-03-16 12:13:56 +01:00
Patrick Monnerat
4ce87e33ee OS400: enable Unix sockets. 2014-12-04 15:34:03 +01:00
Patrick Monnerat
1c05b9359d Adjust OS400-specific support to last release 2014-11-05 12:42:24 +01:00
Patrick Monnerat
e64bc7cde6 OS400: fix bugs in curl_*escape_ccsid() and reduce variables scope 2014-10-14 15:43:25 +02:00
Patrick Monnerat
548811cb19 OS400: upgrade interface for pinned public key (no implementation yet) 2014-10-08 15:47:04 +02:00
Daniel Stenberg
169fedbdce login options: remove the ;[options] support from CURLOPT_USERPWD
To avoid the regression when users pass in passwords containing semi-
colons, we now drop the ability to set the login options with the same
options. Support for login options in CURLOPT_USERPWD was added in
7.31.0.

Test case 83 was modified to verify that colons and semi-colons can be
used as part of the password when using -u (CURLOPT_USERPWD).

Bug: http://curl.haxx.se/bug/view.cgi?id=1311
Reported-by: Petr Bahula
Assisted-by: Steve Holme
Signed-off-by: Daniel Stenberg <daniel@haxx.se>
2013-12-14 22:40:37 +01:00
Patrick Monnerat
f58f843f66 OS400: sync wrappers and RPG binding. 2013-12-02 14:33:51 +01:00
Steve Holme
f2584627c8 curl_easy_setopt: Added the ability to set the login options separately
Rather than set the authentication options as part of the login details
specified in the URL, or via the older CURLOPT_USERPWD option, added a
new libcurl option to allow the login options to be set separately.
2013-11-12 19:08:55 +00:00
Patrick Monnerat
5d415815df OS400: coding style standards 2013-10-28 12:00:22 +01:00
Patrick Monnerat
2cc9246477 OS400: sync RPG wrapper, zlib support, fix header file names, ...
IFS compilation support, SSL GSKit backend by default, TLSv1.[12] support in
  GSKit for OS400 >= V7R1, no more tabs in make scripts.
2013-10-25 18:37:37 +02:00
Patrick Monnerat
464c8693d2 OS400: add slist and certinfo EBCDIC support 2013-07-15 18:48:02 +02:00
Yang Tse
4a5aa6682d Revert changes relative to lib/*.[ch] recent renaming
This reverts renaming and usage of lib/*.h header files done
28-12-2012, reverting 2 commits:

  f871de0... build: make use of 76 lib/*.h renamed files
  ffd8e12... build: rename 76 lib/*.h files

This also reverts removal of redundant include guard (redundant thanks
to changes in above commits) done 2-12-2013, reverting 1 commit:

  c087374... curl_setup.h: remove redundant include guard

This also reverts renaming and usage of lib/*.c source files done
3-12-2013, reverting 3 commits:

  13606bb... build: make use of 93 lib/*.c renamed files
  5b6e792... build: rename 93 lib/*.c files
  7d83dff... build: commit 13606bbfde follow-up 1

Start of related discussion thread:

  http://curl.haxx.se/mail/lib-2013-01/0012.html

Asking for confirmation on pushing this revertion commit:

  http://curl.haxx.se/mail/lib-2013-01/0048.html

Confirmation summary:

  http://curl.haxx.se/mail/lib-2013-01/0079.html

NOTICE: The list of 2 files that have been modified by other
intermixed commits, while renamed, and also by at least one
of the 6 commits this one reverts follows below. These 2 files
will exhibit a hole in history unless git's '--follow' option
is used when viewing logs.

  lib/curl_imap.h
  lib/curl_smtp.h
2013-01-06 18:20:27 +01:00
Yang Tse
f871de0064 build: make use of 76 lib/*.h renamed files
76 private header files renamed to use our standard naming scheme.

This change affects 322 files in libcurl's source tree.
2012-12-28 19:37:11 +01:00
Patrick Monnerat
4b994e14fb OS400: upgrade wrappers for the 7.28.1 release. 2012-11-12 14:26:16 +01:00
Patrick Monnerat
8165e05f29 - Prepare the ILE/RPG binding and OS400 documentation for the upcoming release 2011-10-26 14:48:20 +02:00
Patrick Monnerat
ed8749e308 - Take new char * options into account in OS400 curl_easy_setopt_ccsid().
- Keep RPG binding, STRING_* table end check and OS400 README up to date.
2011-03-14 17:54:57 +01:00
Daniel Stenberg
2309b4e330 remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
Patrick Monnerat
4258e943a1 _ Make it compilable again on OS400.
_ Upgrade OS400 EBCDIC wrappers for new options.
_ Upgrade ILE/RPG bindings to current state.
2010-02-11 18:49:06 +00:00
Patrick Monnerat
57d3488a0d Take new SMTP definitions into account in OS400 wrapper and RPG binding 2009-12-21 12:26:48 +00:00
Patrick Monnerat
eb438719f7 OS400: adjust inclusion paths in include files to avoid "include file not found" in DB2 mode. 2009-08-31 15:22:16 +00:00
Patrick Monnerat
501f9f8309 Fix definition of CURLOPT_SOCKS5_GSSAPI_SERVICE from LONG to OBJECTPOINT
Fix OS400 makefile for tests to use the new Makefile.inc in libtest
Update the OS400 wrappers and RPG binding according to the current CVS source state
2009-08-11 14:07:08 +00:00
Patrick Monnerat
4608d0157e Continue sync work on OS400 specific code and RPG binding. 2009-02-17 16:16:07 +00:00
Patrick Monnerat
1472be4d3e Preparation of imminent release: synchronizing OS400 wrappers + RPG binding to current state. 2009-02-16 15:33:17 +00:00
Patrick Monnerat
f66e1c49b0 Introduce new options CURLOPT_PROXY{USERNAME, PASSWORD} in OS400 code and RPG binding. 2008-10-17 13:17:41 +00:00
Patrick Monnerat
bb1f6e6818 _ Adapt OS400 EBCDIC wrappers to new options.
_ Update RPG binding accordingly.
_ Fix new options comments.
2008-10-10 15:54:07 +00:00
Yang Tse
651dad0cc1 fix compiler warning: external declaration in primary source file 2008-09-13 16:37:16 +00:00
Yang Tse
59e378f48f remove unnecessary typecasting of malloc() 2008-09-06 05:29:05 +00:00
Yang Tse
861b647e7b remove unnecessary typecasting of realloc() 2008-09-06 04:28:43 +00:00
Patrick Monnerat
ddfa4b8896 New options added to OS400 wrapper and ILERPG definitions.
Wrong defines (typos) for QSSL layer fixed.
2008-07-07 10:39:46 +00:00
Patrick Monnerat
a08b6ae813 Adapt OS400 SSL (qssl.h) to V5R4
Fix qssl.c wrong error message
Upgrade OS400 wrappers and makefiles to 7.18.1
2008-04-07 13:09:17 +00:00
Patrick Monnerat
3ee32d7920 OS/400 update:
New declarations in curl.h reported to curl.inc.in.
Copyrights extended to 2008.
SONAME handling introduced in build scripts.
2008-01-16 16:04:47 +00:00
Patrick Monnerat
a005243908 Fix dynamic CURLOPT_POSTFIELDS bug: back to static.
CURLOPT_COPYPOSTFIELDS option added for dynamic.
Fix some OS400 features.
2007-10-15 18:32:01 +00:00
Patrick Monnerat
43b10339ab Upgrade OS400 wrappers and RPG copy file according to latest code updates 2007-10-03 15:09:21 +00:00
Dan Fandrich
9f44a95522 Renamed several libcurl error codes and options to make them more general
and allow reuse by multiple protocols. Several unused error codes were
removed.  In all cases, macros were added to preserve source (and binary)
compatibility with the old names.  These macros are subject to removal at
a future date, but probably not before 2009.  An application can be
tested to see if it is using any obsolete code by compiling it with the
CURL_NO_OLDIES macro defined.

Documented some newer error codes in libcurl-error(3)
2007-08-30 20:34:57 +00:00
Patrick Monnerat
557cc55f6f Porting library to OS/400 2007-08-23 14:30:24 +00:00