Mike Crowe
6b56901b56
gnutls: Support CURLOPT_KEYPASSWD
...
The gnutls vtls back-end was previously ignoring any password set via
CURLOPT_KEYPASSWD. Presumably this was because
gnutls_certificate_set_x509_key_file did not support encrypted keys.
gnutls now has a gnutls_certificate_set_x509_key_file2 function that
does support encrypted keys. Let's determine at compile time whether the
available gnutls supports this new function. If it does then use it to
pass the password. If it does not then emit a helpful diagnostic if a
password is set. This is preferable to the previous behaviour of just
failing to read the certificate without giving a reason in that case.
Signed-off-by: Mike Crowe <mac@mcrowe.com>
2015-09-22 17:30:33 +02:00
Daniel Stenberg
7362008c1c
CURLINFO_TLS_SESSION: always return backend info
...
... even for those that don't support providing anything in the
'internals' struct member since it offers a convenient way for
applications to figure this out.
2015-09-22 17:21:37 +02:00
Daniel Hwang
1467dec147
tool: remove redundant libcurl check
...
The easysrc generation is run only when --libcurl is initialized.
Ref: https://github.com/bagder/curl/issues/429
Closes #448
2015-09-22 17:06:28 +02:00
Richard van den Berg
0583ed3e48
CURLOPT_PROXY.3: A proxy given as env variable gets no special treatment
...
Closes #449
2015-09-22 16:54:28 +02:00
Daniel Stenberg
67ae07c2e0
TODO: 5.7 More compressions
...
Like for example brotli, as being implemented in Firefox now.
2015-09-22 10:53:55 +02:00
Jay Satiro
3f8d4e264d
tool_operate: Don't call easysrc cleanup unless --libcurl
...
- Review of 4d95491
.
The author changed it so easysrc only initializes when --libcurl but did
not do the same for the call to easysrc cleanup.
Ref: https://github.com/bagder/curl/issues/429
2015-09-21 02:21:38 -04:00
Viktor Szakats
bb72b9453d
CURLOPT_PINNEDPUBLICKEY.3: replace test.com with example.com
...
closes #443
2015-09-20 18:41:23 +02:00
Daniel Stenberg
5fde69cdc3
KNOWN_BUGS: 91 "curl_easy_perform hangs with imap and PolarSSL"
...
Closes #334
2015-09-20 13:34:16 +02:00
Daniel Stenberg
443014e905
KNOWN_BUGS: add link to #85
2015-09-20 13:31:22 +02:00
Daniel Stenberg
37af1766e9
tests: disable 1801 until fixed
...
It is unreliable and causes CI problems on github
Closes #380
2015-09-20 13:12:44 +02:00
Daniel Stenberg
67dbf8aa9c
RELEASE-NOTES: synced with 4d95491636
2015-09-20 13:00:19 +02:00
Daniel Lee Hwang
4d95491636
tool: generate easysrc only on --libcurl
...
Code should only be generated when --libcurl is used.
Bug: https://github.com/bagder/curl/issues/429
Reported-by: @greafhe, Jay Satiro
Closes #429
Closes #442
2015-09-20 12:54:18 +02:00
Jay Satiro
47b7d658b4
vtls: Change designator name for server's pubkey hash
...
- Change the designator name we use to show the base64 encoded sha256
hash of the server's public key from 'pinnedpubkey' to
'public key hash'.
Though the server's public key hash is only shown when comparing pinned
public key hashes, the server's hash may not match one of the pinned.
2015-09-19 22:40:40 -04:00
Isaac Boukris
f65e07ca59
NTLM: Reset auth-done when using a fresh connection
...
With NTLM a new connection will always require authentication.
Fixes #435
2015-09-19 23:21:05 +02:00
Daniel Hwang
30c131f51f
ssl: add server cert's "sha256//" hash to verbose
...
Add a "pinnedpubkey" section to the "Server Certificate" verbose
Bug: https://github.com/bagder/curl/issues/410
Reported-by: W. Mark Kubacki
Closes #430
Closes #410
2015-09-19 23:17:39 +02:00
Jakub Zakrzewski
c979a3d0c4
openldap: only part of LDAP query results received
...
Introduced with commit 65d141e6da
Closes #440
2015-09-19 23:06:03 +02:00
Alessandro Ghedini
c184a5c6bc
openssl: don't output certinfo data
2015-09-19 22:53:31 +02:00
Alessandro Ghedini
c00cec9864
openssl: refactor certificate parsing to use OpenSSL memory BIO
...
Fixes #427
2015-09-19 22:53:31 +02:00
Kamil Dudka
958d2ffb19
nss: prevent NSS from incorrectly re-using a session
...
Without this workaround, NSS re-uses a session cache entry despite the
server name does not match. This causes SNI host name to differ from
the actual host name. Consequently, certain servers (e.g. github.com)
respond by 400 to such requests.
Bug: https://bugzilla.mozilla.org/1202264
2015-09-18 17:38:51 +02:00
Kamil Dudka
a9fd53887b
nss: check return values of NSS functions
2015-09-18 17:07:22 +02:00
Daniel Stenberg
65ca3b083c
CURLOPT_PINNEDPUBLICKEY.3: mention error code
2015-09-17 08:54:32 +02:00
Daniel Stenberg
82e3e8e31f
openssl: build with < 0.9.8
...
... without sha256 support and no define saying so.
Reported-by: Rajkumar Mandal
2015-09-17 08:54:04 +02:00
Daniel Stenberg
887a4a19aa
libcurl-errors.3: add two missing error codes
...
CURLE_SSL_PINNEDPUBKEYNOTMATCH and CURLE_SSL_INVALIDCERTSTATUS
2015-09-17 08:49:06 +02:00
Jay Satiro
b550a1c067
CURLOPT_PINNEDPUBLICKEY.3: Improve pubkey extraction example
...
- Show how a certificate can be obtained using OpenSSL.
Bug: https://github.com/bagder/curl/pull/430
Reported-by: Daniel Hwang
2015-09-14 03:16:04 -04:00
Daniel Stenberg
202162daeb
http2: removed unused function
2015-09-13 16:33:51 +02:00
Daniel Stenberg
a7cb6a28e2
CURLINFO_ACTIVESOCKET.3: mention it replaces *LASTSOCKET
2015-09-12 23:37:52 +02:00
Daniel Stenberg
3d4ffa71f7
opts: add CURLINFO_* man pages to dist
2015-09-12 23:22:33 +02:00
Daniel Stenberg
cdba82e1c2
opts: 19 more CURLINFO_* options made into stand-alone man pages
2015-09-12 23:13:47 +02:00
Daniel Stenberg
68c620fdc7
RELEASE-NOTES: synced with fad9604613
2015-09-12 12:54:58 +02:00
Daniel Stenberg
fad9604613
curl: customrequest_helper: deal with NULL custom method
2015-09-11 18:49:28 +02:00
Svyatoslav Mishyn
0e17369f5b
CURLOPT_FNMATCH_FUNCTION.3: fix typo
...
s => is
Closes #428
2015-09-11 18:43:54 +02:00
Daniel Stenberg
481e0de00a
curl: point out unnecessary uses of -X in verbose mode
...
It uses 'Note:' as a prefix as opposed to the common 'Warning:' to take
down the tone a bit.
It adds a warning for using -XHEAD on other methods becasue that may
lead to a hanging connection.
2015-09-11 08:53:53 +02:00
Jay Satiro
df6a4d3519
curl_sspi: fix possibly undefined CRYPT_E_REVOKED
...
Bug: https://github.com/bagder/curl/pull/411
Reported-by: Viktor Szakats
2015-09-10 02:17:33 -04:00
Jay Satiro
e30763c72e
buildconf.bat: fix syntax error
2015-09-09 02:46:48 -04:00
Benjamin Kircher
6a0bd6ce8b
winbuild: run buildconf.bat if necessary
2015-09-09 02:37:57 -04:00
Svyatoslav Mishyn
4e6f7aee64
docs: fix argument type for CURLINFO_SPEED_*, CURLINFO_SIZE_*
...
long => double
2015-09-08 21:19:34 -04:00
Sergei Nikulov
1b8a5afe78
cmake: IPv6 : disable Unix header check on Windows platform
...
Closes #409
2015-09-08 15:49:15 +02:00
Daniel Stenberg
87e533ace0
parse_proxy: reject illegal port numbers
...
If the port number in the proxy string ended weirdly or the number is
too large, skip it. Mostly as a means to bail out early if a "bare" IPv6
numerical address is used without enclosing brackets.
Also mention the bracket requirement for IPv6 numerical addresses to the
man page for CURLOPT_PROXY.
Closes #415
Reported-by: Marcel Raad
2015-09-08 15:17:00 +02:00
Daniel Stenberg
27620171ff
FTP: do_more: add check for wait_data_conn in upload case
...
In some timing-dependnt cases when a 4xx response immediately followed
after a 150 when a STOR was issued, this function would wrongly return
'complete == true' while 'wait_data_conn' was still set.
Closes #405
Reported-by: Patricia Muscalu
2015-09-08 09:29:03 +02:00
Svyatoslav Mishyn
664398e43b
CURLOPT_TLSAUTH_TYPE.3: update description
...
Closes #414
Closes #413
2015-09-06 23:12:17 +02:00
Svyatoslav Mishyn
3a4f42dd0c
CURLOPT_PATH_AS_IS.3: fix typo
...
leavit => leaveit
closes #412
2015-09-05 23:19:49 +02:00
Svyatoslav Mishyn
5ea0004438
CURLINFO_SSL_VERIFYRESULT.3: add short description
2015-09-05 23:19:33 +02:00
Svyatoslav Mishyn
f1ccf68e8c
CURLINFO_SSL_ENGINES.3: add short description
2015-09-05 23:19:33 +02:00
Svyatoslav Mishyn
d36d83ba4b
CURLINFO_CONTENT_LENGTH_UPLOAD.3: replace "receive" with "get" for consistency
2015-09-05 23:19:33 +02:00
Svyatoslav Mishyn
5dc556031b
CURLINFO_REDIRECT_TIME.3: remove redundant '!'
2015-09-05 23:19:33 +02:00
Kamil Dudka
0e91737615
Revert "has: generate the curl/has.h header"
...
This reverts commit a60bde79f9
I have
pushed by mistake. Apologies for my incompetent use of the git repo!
2015-09-04 16:12:26 +02:00
Kamil Dudka
7380433d6a
nss: do not directly access SSL_ImplementedCiphers[]
...
It causes dynamic linking issues at run-time after an update of NSS.
Bug: https://lists.fedoraproject.org/pipermail/devel/2015-September/214117.html
2015-09-04 14:35:36 +02:00
Daniel Stenberg
a60bde79f9
has: generate the curl/has.h header
...
changed macro name, moved and renamed script to become docs/libcurl/has.pl,
generate code that is checksrc compliant
2015-09-04 10:41:43 +02:00
Daniel Stenberg
82db076d9f
gitignore: ignore more generated VC Makefiles
2015-09-03 23:35:41 +02:00
Daniel Stenberg
25a2e8ebaf
projects/Windows/.gitignore: ignore generated files for release
2015-09-03 23:34:53 +02:00