moparisthebest
/
curl
mirror of https://github.com/moparisthebest/curl
1
0
Fork 0
Code Issues Releases Wiki Activity
19,182 Commits 10 Branches 144 Tags 113 MiB
Commit Graph

19182 Commits

Author SHA1 Message Date
Steve Holme 564b7b6dd0 build: Removed unused Visual Studio bscmake settings 2015-02-02 12:43:00 +00:00
Daniel Stenberg ca51ac4017 CURLOPT_HTTP_VERSION.3: CURL_HTTP_VERSION_2_0 added in 7.33.0 
And modify the text to refer to HTTP 2 as it isn't called "2.0".

Reported-By: Michael Wallner
 2015-02-02 13:17:20 +01:00
Marc Hoersken 4161624e94 TODO: moved WinSSL/SChannel todo items into docs 2015-01-31 12:30:11 +01:00
Michael Kaufmann 04f246f8c7 CURLOPT_SEEKFUNCTION.3: also when server closes a connection 2015-01-29 22:34:21 +01:00
Steve Holme 8ca3b05624 curl_sasl.c: Fixed compilation warning when cryptography is disabled 
curl_sasl.c:1506: warning: unused variable 'chlg'
 2015-01-29 11:48:11 +00:00
Steve Holme 6fdc8651bd curl_sasl.c: Fixed compilation warning when verbose debug output disabled 
curl_sasl.c:1317: warning: unused parameter 'conn'
 2015-01-28 22:48:01 +00:00
Steve Holme 8cc70db2db ntlm_core: Use own odd parity function when crypto engine doesn't have one 2015-01-28 22:34:53 +00:00
Steve Holme c469369b86 ntlm_core: Prefer sizeof(key) rather than hard coded sizes 2015-01-28 22:34:52 +00:00
Steve Holme 58e39b4da5 ntlm_core: Added consistent comments to DES functions 2015-01-28 22:34:51 +00:00
Steve Holme 300876a7a6 des: Added Curl_des_set_odd_parity() 
Added Curl_des_set_odd_parity() for use when cryptography engines
don't include this functionality.
 2015-01-28 22:34:49 +00:00
Steve Holme ef782d726e tests: Grouped SMTP SASL EXTERNAL tests with other SMTP tests 2015-01-28 19:55:06 +00:00
Steve Holme 26d4e0ad4e tests: Grouped POP3 SASL EXTERNAL tests with other POP3 tests 2015-01-28 19:51:15 +00:00
Steve Holme e3558a551b tests: Grouped IMAP SASL EXTERNAL tests with other IMAP tests 2015-01-28 19:50:34 +00:00
Steve Holme 595a66ce0f sasl: Minor code policing and grammar corrections 2015-01-28 19:23:37 +00:00
Gisle Vanem 3cc9e9383b ldap: build with BoringSSL 2015-01-28 14:22:11 +01:00
Daniel Stenberg 9d964e5477 security: avoid compiler warning 
Possible access to uninitialised memory '&nread' at line 140 of
lib/security.c in function 'ftp_send_command'.

Reported-by: Rich Burridge
 2015-01-28 10:10:59 +01:00
Daniel Stenberg 153e9c0278 runtests: identify BoringSSL and libressl 2015-01-28 10:10:59 +01:00
Patrick Monnerat 980ba2202c docs: cite SASL external authentication. 2015-01-27 19:10:18 +01:00
Patrick Monnerat 7b2012f262 sasl: remove XOAUTH2 from default enabled authentication mechanism. 2015-01-27 18:08:18 +01:00
Patrick Monnerat ed9a4b9fc4 test: add test cases for sasl external authentication (imap/pop3/smtp). 2015-01-27 18:03:56 +01:00
Patrick Monnerat fe79f20957 imap: remove automatic password setting: it breaks external sasl authentication 2015-01-27 17:34:40 +01:00
Patrick Monnerat 0d24f64473 sasl: implement EXTERNAL authentication mechanism. 
Its use is only enabled by explicit requirement in URL (;AUTH=EXTERNAL) and
by not setting the password.
 2015-01-27 17:24:55 +01:00
Steve Holme e1bb13c09f openssl: Fixed Curl_ossl_cert_status_request() not returning FALSE 
Modified the Curl_ossl_cert_status_request() function to return FALSE
when built with BoringSSL or when OpenSSL is missing the necessary TLS
extensions.
 2015-01-27 12:53:41 +00:00
Steve Holme a268a804b7 openssl: Fixed compilation errors when OpenSSL built with 'no-tlsext' 
Fixed the build of openssl.c when OpenSSL is built without the necessary
TLS extensions for OCSP stapling.

Reported-by: John E. Malmberg
 2015-01-27 12:47:48 +00:00
Brad Spencer 5691325440 curl_setup: Disable SMB/CIFS support when HTTP only 2015-01-26 18:48:44 +00:00
Steve Holme db6bcbd83f RELEASE-NOTES: Synced with 37824498a3 2015-01-23 07:57:09 +00:00
Daniel Stenberg 37824498a3 configure: remove detection of the old yassl emulation API 
... as that is ancient history and not used.
 2015-01-22 23:53:52 +01:00
Daniel Stenberg 23c6f0a344 OCSP stapling: disabled when build with BoringSSL 2015-01-22 23:34:43 +01:00
Alessandro Ghedini d1cf5d5706 openssl: add support for the Certificate Status Request TLS extension 
Also known as "status_request" or OCSP stapling, defined in RFC6066
section 8.

Thanks-to: Joe Mason
- for the work-around for the OpenSSL bug.
 2015-01-22 23:25:23 +01:00
Daniel Stenberg e888e30476 BoringSSL: fix build for non-configure builds 
HAVE_BORINGSSL gets defined now by configure and should be defined by
other build systems in case a BoringSSL build is desired.
 2015-01-22 23:04:10 +01:00
Daniel Stenberg 3d5648f9ee configure: fix BoringSSL detection and detect libresssl 2015-01-22 22:52:53 +01:00
Steve Holme 12e45b8462 curl_sasl: Reinstate the sasl_ prefix for locally scoped functions 
Commit 7a8b2885e2 made some functions static and removed the public
Curl_ prefix. Unfortunately, it also removed the sasl_ prefix, which
is the naming convention we use in this source file.
 2015-01-22 21:32:41 +00:00
Steve Holme c260c9fad3 curl_sasl: Minor code policing following recent commits 2015-01-22 21:08:18 +00:00
John Malmberg 731e6a6662 openvms: Handle openssl/0.8.9zb version parsing 
packages/vms/gnv_link_curl.com was assuming only a single letter suffix
in the openssl version.  That assumption has been fixed for 7.40.
 2015-01-22 17:00:25 +01:00
Daniel Stenberg eb748f159a BoringSSL: detected by configure, switches off NTLM 2015-01-22 16:39:01 +01:00
Daniel Stenberg d6c4695dcd BoringSSL: no PKCS12 support nor ERR_remove_state 2015-01-22 16:39:01 +01:00
Leith Bade 261208d432 BoringSSL: fix build 2015-01-22 16:39:01 +01:00
Steve Holme 795f013006 curl_sasl.c: chlglen is not used when cryptography is disabled 2015-01-20 19:28:54 +00:00
Steve Holme 71f8fdee81 curl_sasl.c: Fixed compilation warning when cyptography is disabled 
curl_sasl.c:1453: warning C4101: 'serverdata' : unreferenced local
                  variable
 2015-01-20 19:25:43 +00:00
Steve Holme 6005b0d99c curl_sasl.c: Fixed compilation error when USE_WINDOWS_SSPI defined 
curl_sasl.c:1221: error C2065: 'mechtable' : undeclared identifier

This error could also happen for non-SSPI builds when cryptography is
disabled (CURL_DISABLE_CRYPTO_AUTH is defined).
 2015-01-20 19:24:47 +00:00
Patrick Monnerat 7a8b2885e2 SASL: make some procedures local-scoped 2015-01-20 18:17:55 +01:00
Patrick Monnerat 79543caf90 SASL: common state engine for imap/pop3/smtp 2015-01-20 17:33:05 +01:00
Patrick Monnerat e1ea18f90e SASL: common URL option and auth capabilities decoders for all protocols 2015-01-20 15:27:25 +01:00
Patrick Monnerat 5f09cbcdbd IMAP/POP3/SMTP: use a per-connection sub-structure for SASL parameters. 2015-01-20 14:14:26 +01:00
Daniel Stenberg 960b04e137 ipv6: enclose AF_INET6 uses with proper #ifdefs for ipv6 
Reported-by: Chris Young
 2015-01-20 09:03:55 +01:00
Chris Young 089783c838 timeval: typecast for better type (on Amiga) 
There is an issue with conflicting "struct timeval" definitions with
certain AmigaOS releases and C libraries, depending on what gets
included when.  It's a minor difference - the OS one is unsigned,
whereas the common structure has signed elements.  If the OS one ends up
getting defined, this causes a timing calculation error in curl.

It's easy enough to resolve this at the curl end, by casting the
potentially errorneous calculation to a signed long.
 2015-01-20 08:53:14 +01:00
Daniel Stenberg be57f689b0 openssl: do public key pinning check independently 
... of the other cert verification checks so that you can set verifyhost
and verifypeer to FALSE and still check the public key.

Bug: http://curl.haxx.se/bug/view.cgi?id=1471
Reported-by: Kyle J. McKay
 2015-01-19 23:20:13 +01:00
Patrick Monnerat fca58f6212 OS400: CURLOPT_SSL_VERIFYSTATUS for ILE/RPG too. 2015-01-19 13:52:40 +01:00
Steve Holme 2cc571f9e3 ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP 
For consistency with other USE_WIN32_ defines as well as the
USE_OPENLDAP define.
 2015-01-18 20:52:43 +00:00
Steve Holme 1cbc8fd3d1 http_negotiate: Use dynamic buffer for SPN generation 
Use a dynamicly allocated buffer for the temporary SPN variable similar
to how the SASL GSS-API code does, rather than using a fixed buffer of
2048 characters.
 2015-01-18 15:45:12 +00:00