1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-24 17:18:48 -05:00
curl/docs/libcurl
Dan McNulty 8996300211 schannel: add support for CURLOPT_CAINFO
- Move verify_certificate functionality in schannel.c into a new
  file called schannel_verify.c. Additionally, some structure defintions
  from schannel.c have been moved to schannel.h to allow them to be
  used in schannel_verify.c.

- Make verify_certificate functionality for Schannel available on
  all versions of Windows instead of just Windows CE. verify_certificate
  will be invoked on Windows CE or when the user specifies
  CURLOPT_CAINFO and CURLOPT_SSL_VERIFYPEER.

- In verify_certificate, create a custom certificate chain engine that
  exclusively trusts the certificate store backed by the CURLOPT_CAINFO
  file.

- doc updates of --cacert/CAINFO support for schannel

- Use CERT_NAME_SEARCH_ALL_NAMES_FLAG when invoking CertGetNameString
  when available. This implements a TODO in schannel.c to improve
  handling of multiple SANs in a certificate. In particular, all SANs
  will now be searched instead of just the first name.

- Update tool_operate.c to not search for the curl-ca-bundle.crt file
  when using Schannel to maintain backward compatibility. Previously,
  any curl-ca-bundle.crt file found in that search would have been
  ignored by Schannel. But, with CAINFO support, the file found by
  that search would have been used as the certificate store and
  could cause issues for any users that have curl-ca-bundle.crt in
  the search path.

- Update url.c to not set the build time CURL_CA_BUNDLE if the selected
  SSL backend is Schannel. We allow setting CA location for schannel
  only when explicitly specified by the user via CURLOPT_CAINFO /
  --cacert.

- Add new test cases 3000 and 3001. These test cases check that the first
  and last SAN, respectively, matches the connection hostname. New test
  certificates have been added for these cases. For 3000, the certificate
  prefix is Server-localhost-firstSAN and for 3001, the certificate
  prefix is Server-localhost-secondSAN.

- Remove TODO 15.2 (Add support for custom server certificate
  validation), this commit addresses it.

Closes https://github.com/curl/curl/pull/1325
2018-04-18 03:59:47 -04:00
..
opts schannel: add support for CURLOPT_CAINFO 2018-04-18 03:59:47 -04:00
.gitignore gitignore: Ignore man page dist files 2017-03-07 23:27:31 +01:00
ABI ABI doc: use secure URL 2015-07-30 15:02:44 +02:00
CMakeLists.txt cmake: fix build with cmake 2.8.12.2 2017-03-30 23:43:35 +02:00
curl_easy_cleanup.3 docs: fix typos 2018-04-17 15:32:51 -04:00
curl_easy_duphandle.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_easy_escape.3 docs: fix typo funtion -> function 2017-08-12 14:56:37 +02:00
curl_easy_getinfo.3 time: support > year 2038 time stamps for system with 32bit long 2018-01-30 08:29:59 +01:00
curl_easy_init.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_easy_pause.3 curl_easy_pause.3: fix man page reference 2016-05-01 23:24:09 +02:00
curl_easy_perform.3 docs: unified man page references to use \fI 2016-05-02 09:09:59 +02:00
curl_easy_recv.3 curl_easy_recv: Improve documentation and example program 2016-12-18 12:56:23 +01:00
curl_easy_reset.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_easy_send.3 curl_easy_recv: Improve documentation and example program 2016-12-18 12:56:23 +01:00
curl_easy_setopt.3 docs: fix typos 2018-04-17 15:32:51 -04:00
curl_easy_strerror.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_easy_unescape.3 unescape: avoid integer overflow 2016-10-31 08:46:35 +01:00
curl_escape.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_formadd.3 docs: clarify form/mime usage of non-regular data files. 2017-10-08 16:15:23 +01:00
curl_formfree.3 mime: new MIME API. 2017-09-02 17:47:10 +01:00
curl_formget.3 mime: new MIME API. 2017-09-02 17:47:10 +01:00
curl_free.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_getdate.3 parsedate: fix date parsing for systems with 32 bit long 2018-01-25 22:20:52 +01:00
curl_getenv.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_global_cleanup.3 curl_global_cleanup.3: don't unload the lib with sub threads running 2016-09-20 23:00:52 +02:00
curl_global_init_mem.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_global_init.3 docs: fix typos 2018-04-17 15:32:51 -04:00
curl_global_sslset.3 docs: fix typos 2018-04-17 15:32:51 -04:00
curl_mime_addpart.3 form/mime: field names are not allowed to contain zero-valued bytes. 2017-09-22 01:08:29 +01:00
curl_mime_data_cb.3 docs: fix typos 2018-04-17 15:32:51 -04:00
curl_mime_data.3 form/mime: field names are not allowed to contain zero-valued bytes. 2017-09-22 01:08:29 +01:00
curl_mime_encoder.3 mime: implement encoders. 2017-09-05 17:55:51 +01:00
curl_mime_filedata.3 docs: fix typos 2018-04-17 15:32:51 -04:00
curl_mime_filename.3 form/mime: field names are not allowed to contain zero-valued bytes. 2017-09-22 01:08:29 +01:00
curl_mime_free.3 docs: curl_mime_*.3 man page formatting edits 2017-09-04 09:20:24 +02:00
curl_mime_headers.3 form/mime: field names are not allowed to contain zero-valued bytes. 2017-09-22 01:08:29 +01:00
curl_mime_init.3 form/mime: field names are not allowed to contain zero-valued bytes. 2017-09-22 01:08:29 +01:00
curl_mime_name.3 form/mime: field names are not allowed to contain zero-valued bytes. 2017-09-22 01:08:29 +01:00
curl_mime_subparts.3 docs/curl_mime_*.3: added examples 2017-09-05 11:15:02 +02:00
curl_mime_type.3 docs: fix typos 2018-04-17 15:32:51 -04:00
curl_mprintf.3 curl/mprintf.h: remove support for _MPRINTF_REPLACE 2016-04-01 10:46:36 +02:00
curl_multi_add_handle.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_multi_assign.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_multi_cleanup.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_multi_fdset.3 curl_multi_fdset.3: emphasize curl_multi_timeout 2017-11-09 07:52:19 +01:00
curl_multi_info_read.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_multi_init.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_multi_perform.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_multi_remove_handle.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_multi_setopt.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_multi_socket_action.3 curl_multi_socket_action.3: Fix rewording 2016-06-09 02:10:22 -04:00
curl_multi_socket_all.3 The inital early embryos to describe the curl_multi_socket() API. Committed 2005-12-22 15:11:11 +00:00
curl_multi_socket.3 curl_multi_socket.3: fix typo 2016-12-15 17:26:23 +01:00
curl_multi_strerror.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_multi_timeout.3 docs: unified man page references to use \fI 2016-05-02 09:09:59 +02:00
curl_multi_wait.3 curl_multi_wait.3: add example 2016-03-09 08:35:17 +01:00
curl_share_cleanup.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_share_init.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_share_setopt.3 curl_share_setopt.3: connection cache is shared within multi handles 2018-02-23 12:52:22 +01:00
curl_share_strerror.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_slist_append.3 curl_slist_append.3: clarify a NULL input creates a new list 2017-05-05 13:54:56 +02:00
curl_slist_free_all.3 tests/server: run checksrc by default in debug-builds 2017-05-05 15:51:25 +02:00
curl_strequal.3 curl_strequal.3: fix typo in SYNOPSIS 2017-06-29 01:16:56 +02:00
curl_strnequal.3 prepend the man3 dir to the file name to work better. 2004-04-02 11:04:34 +00:00
curl_unescape.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_version_info.3 curl_version_info.3: fix ssl_version description 2018-03-17 11:18:00 +01:00
curl_version.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
getinfo-times getinfo-times: Typo fixed 2014-08-29 16:41:17 +02:00
index.html libcurl-thread.3: Consolidate thread safety info 2015-07-28 13:57:06 +02:00
libcurl-easy.3 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
libcurl-env.3 docs: fix typos 2018-04-17 15:32:51 -04:00
libcurl-errors.3 TODO fixed: Detect when called from within callbacks 2018-02-15 09:36:03 +01:00
libcurl-multi.3 http-proxy: do the HTTP CONNECT process entirely non-blocking 2017-06-14 23:43:52 +02:00
libcurl-security.3 docs: fix typos 2018-04-17 15:32:51 -04:00
libcurl-share.3 libcurl-share.3: the connection cache is shareable now 2017-11-27 09:42:39 +01:00
libcurl-thread.3 docs/comments: Update to secure URL versions 2017-08-08 21:41:07 +02:00
libcurl-tutorial.3 docs: fix typos 2018-04-17 15:32:51 -04:00
libcurl.3 Add a man page for curl_global_sslset() 2017-08-28 14:56:59 +02:00
libcurl.m4 libcurl.m4: Avoid obsolete warning 2016-05-20 16:05:39 +02:00
Makefile.am cmake: add more missing files to the dist 2017-03-30 08:12:37 +02:00
Makefile.inc libcurl-security.3: split out from libcurl-tutorial.3 2018-02-13 12:02:09 +01:00
mksymbolsmanpage.pl scripts: allow all perl scripts to be run directly 2018-01-07 15:42:11 -05:00
symbols-in-versions resolve: add CURLOPT_DNS_SHUFFLE_ADDRESSES 2018-03-17 20:44:14 +01:00
symbols.pl scripts: allow all perl scripts to be run directly 2018-01-07 15:42:11 -05:00