Daniel Stenberg
446b9467da
init fix for non-SSL builds
2005-02-10 07:45:08 +00:00
Daniel Stenberg
61a1e3cd01
better error checking and SSL init by David Byron
2005-02-09 23:04:51 +00:00
Daniel Stenberg
83bab78bda
Hzhijun reported a memory leak in the SSL certificate code, that leaked the
...
remote certificate name when it didn't match the used host name.
2005-01-10 09:48:39 +00:00
Gisle Vanem
754d6c3abd
Remove 'data' initialiser.
2004-12-19 11:39:34 +00:00
Daniel Stenberg
3d647b9a98
if the pkcs12.h header exists, include it already in urldata.h to work around
...
a precedence problem with the zlib header. See CHANGES for details.
2004-12-19 09:37:32 +00:00
Daniel Stenberg
8ad47a13e5
Samuel Listopad added support for PKCS12 formatted certificates.
2004-12-18 10:42:48 +00:00
Daniel Stenberg
553082e24a
prevent compiler warning when built without engine support
2004-12-14 22:06:25 +00:00
Dan Fandrich
10d6d8b2ae
Header files are in openssl/ only if USE_OPENSSL is set.
2004-12-14 20:25:23 +00:00
Gisle Vanem
7d3f5d7ac1
urldata.h: Removed engine_list.
...
ssluse.*: Added SSL_strerror(). Curl_SSL_engines_list() now returns a slist
which must be freed by caller.
2004-12-14 14:20:21 +00:00
Daniel Stenberg
07f107ae20
Moved the engine stuff from the root-level of the SessionHandle struct to the
...
UrlState sub-struct. Also made the engine_list exist for non-ssl builds to
make curl build.
2004-12-14 09:36:22 +00:00
Gisle Vanem
bdb0620529
Added handling of CURLINFO_SSL_ENGINES;
...
Added Curl_SSL_engines_list(), cleanup SSL in url.c
(no HAVE_OPENSSL_x etc.).
2004-12-13 16:43:00 +00:00
Daniel Stenberg
8e34e75100
Curl_select's timeout arg is an int
2004-11-22 13:28:44 +00:00
Daniel Stenberg
1a05a90f1c
David Phillips' FD_SETSIZE fix
2004-11-19 08:52:33 +00:00
Daniel Stenberg
5931d43a36
clean up start time and t_startsingle use so that redirect_time works properly
2004-11-15 11:27:03 +00:00
Daniel Stenberg
39af394a1c
removed tabs and trailing whitespace from source
2004-10-06 07:50:18 +00:00
Daniel Stenberg
6fa624cf8c
improved error message when client cert return failure
2004-09-02 21:03:41 +00:00
Daniel Stenberg
4934e6471b
In OpenSSL 0.9.7d and earlier, ASN1_STRING_to_UTF8 fails if the input is
...
already UTF-8 encoded. We check for this case and copy the raw string manually
to avoid the problem. This code can be made conditional in the future when
OpenSSL has been fixed. Work-around brought by Alexis S. L. Carvalho.
2004-08-10 08:06:43 +00:00
Daniel Stenberg
ae2f002b44
added typecast in an attempt to fix a mingw32 warning
2004-07-29 07:34:17 +00:00
Daniel Stenberg
4511f7ac50
SSL_get_verify_result() returns a long, so we receive the result in a long
...
and not an int.
2004-07-04 21:42:32 +00:00
Daniel Stenberg
090b89cc76
Variable type cleanups to please the picky MIPSPro compiler.
2004-07-01 08:10:21 +00:00
Daniel Stenberg
85bd4621db
Prevent a very long password to buffer overflow the global variable we
...
use when built with a very old OpenSSL version.
2004-06-30 11:53:34 +00:00
Daniel Stenberg
ba40eccc90
make the SSL connect use the same default connect timeout define as the
...
generic connect uses
2004-06-30 09:22:48 +00:00
Daniel Stenberg
feb2dd2835
Replaced all uses of sprintf() with the safer snprintf(). It is just a
...
precaution to prevent mistakes to lead to buffer overflows.
2004-06-24 11:54:11 +00:00
Daniel Stenberg
76920413d9
Gisle fixed the wildcard checks for certificates.
2004-06-22 08:51:22 +00:00
Daniel Stenberg
cf3f1ef284
prevent compiler warning
2004-06-19 09:38:08 +00:00
Daniel Stenberg
bd3d5a17b4
Gisle's "SSL patch" from June 16th 2004, modified by me as discussed on the
...
mailing list.
2004-06-18 06:20:43 +00:00
Daniel Stenberg
be72eaa327
use Curl_strcasestr() when checking wildcard cert names
2004-06-13 08:33:26 +00:00
Daniel Stenberg
2511d1193a
* seed_enough() was converted to a macro to avoid the IRIX compiler warning
...
about that passed-in argument not being used.
* killed trailing whitespace
2004-05-18 07:25:13 +00:00
Daniel Stenberg
a9893ca79a
Peter Sylvester's patch that addresses two flaws in the peer certificate name
...
verification:
- when multiple common names are used (as in the curl tests), the last name
needs to be selected.
- allow comparing with encoded values, at least with BMP and ISO latin1
encoded T61strings.
2004-05-17 22:01:16 +00:00
Daniel Stenberg
b5f85ba77d
memory cleanup and check fix
2004-05-13 15:19:02 +00:00
Daniel Stenberg
bbafb2eb27
curl_global_init_mem() allows the memory functions to be replaced.
...
memory.h is included everywhere for this.
2004-05-11 11:30:23 +00:00
Daniel Stenberg
699ebe2f0b
Gisle made the code use ERR_error_string_n()
2004-04-29 07:36:40 +00:00
Daniel Stenberg
4b9f8e766d
Made host name and proxy name get stored in a 'struct hostname' and set
...
all things up to work with encoded host names internally, as well as keeping
'display names' to show in debug messages. IDN resolves work for me now using
ipv6, ipv4 and ares resolving. Even cookies on IDN sites seem to do right.
2004-04-27 13:56:23 +00:00
Daniel Stenberg
fb1039f2ab
Tor Arntsen fixed a 'Statement not reachable'-warning
2004-04-26 11:52:43 +00:00
Daniel Stenberg
b7a7600465
Cleaned up hostname/name/gname and path/ppath confusion. Removed the fixed-
...
length limit of the hostname part of the URL.
2004-04-20 07:53:24 +00:00
Daniel Stenberg
0c791d1e76
variable type usage cleanup to please picky compilers
2004-03-23 15:20:57 +00:00
Daniel Stenberg
326e8b9fc1
don't let the EINTR stuff build on windows
2004-03-11 12:57:04 +00:00
Daniel Stenberg
40e892bb36
Jeff Lawson fixed the SSL connection to deal with received signals during the
...
connect.
2004-03-10 08:43:01 +00:00
Daniel Stenberg
ce5805a955
Use curl_socket_t instead of int for holding sockets. The typedefs and
...
defines are in setup.h.
2004-03-09 22:52:50 +00:00
Daniel Stenberg
4d17d6876e
Dan Fandrich's cleanup patch to make pedantic compiler options cause less
...
warnings. Minor edits by me.
2004-01-29 13:56:45 +00:00
Daniel Stenberg
61e3d75def
Gisle Vanem's patch for variables that "might be used uninitialized"
2004-01-16 09:17:04 +00:00
Daniel Stenberg
053f6c85ef
updated year in the copyright string
2004-01-07 09:19:33 +00:00
Daniel Stenberg
d8cf2d42c0
prevent warning for non-SSL builds
2003-11-24 11:44:04 +00:00
Daniel Stenberg
1e98727c55
FTPS support added as RFC2228 and the murray-ftp-auth-ssl draft describe it
2003-11-24 07:15:37 +00:00
Daniel Stenberg
dfe0118033
Mathias Axelsson found a case where we free()d the server certificate twice!
2003-11-15 10:00:20 +00:00
Daniel Stenberg
14f795816d
Georg Horn's fixes to do different CA cert verifications. They can now be
...
done even if the result is ignored, as some sites seem to require that.
2003-10-23 07:44:55 +00:00
Daniel Stenberg
597c1fe6bc
rewritten alternative name check
2003-10-16 13:44:34 +00:00
Daniel Stenberg
c6a0bb99af
bad license situation for the altname patch
2003-10-15 14:42:11 +00:00
Daniel Stenberg
ff5b6ff528
fixed to build fine without ssl
2003-10-08 13:06:50 +00:00
Daniel Stenberg
6494889e3b
Neil Dunbar provided a patch that now makes libcurl check SSL
...
subjectAltNames when matching certs. This is apparently detailed in RFC2818
as the right thing to do. I had to add configure checks for inet_pton() and
our own (strictly speaking, code from BIND written by Paul Vixie) provided
code for the function for platforms that miss it.
2003-10-07 21:46:47 +00:00