moparisthebest
/
curl
mirror of https://github.com/moparisthebest/curl
1
0
Fork 0
Code Issues Releases Wiki Activity
curl/src
History
Jay Satiro 54e7475016 schannel: Disable auto credentials; add an option to enable it 
- Disable auto credentials by default. This is a breaking change
  for clients that are using it, wittingly or not.

- New libcurl ssl option value CURLSSLOPT_AUTO_CLIENT_CERT tells libcurl
  to automatically locate and use a client certificate for
  authentication, when requested by the server.

- New curl tool options --ssl-auto-client-cert and
  --proxy-ssl-auto-client-cert map to CURLSSLOPT_AUTO_CLIENT_CERT.

This option is only supported for Schannel (the native Windows SSL
library). Prior to this change Schannel would, with no notification to
the client, attempt to locate a client certificate and send it to the
server, when requested by the server. Since the server can request any
certificate that supports client authentication in the OS certificate
store it could be a privacy violation and unexpected.

Fixes https://github.com/curl/curl/issues/2262
Reported-by: Jeroen Ooms
Assisted-by: Wes Hinsley
Assisted-by: Rich FitzJohn

Ref: https://curl.se/mail/lib-2021-02/0066.html
Reported-by: Morten Minde Neergaard

Closes https://github.com/curl/curl/pull/6673
 		2021-04-22 16:53:37 -04:00
..
macos copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
.gitignore VC: remove the makefile.vc6 build infra 2017-01-23 14:27:32 +01:00
CMakeLists.txt Revert "cmake: make libcurl library output name configurable" 2021-04-21 15:03:26 +02:00
Makefile.am curl.se: new home 2020-11-04 23:59:47 +01:00
Makefile.inc curl.se: new home 2020-11-04 23:59:47 +01:00
Makefile.m32 copyright: update copyright year ranges to 2021 2021-03-27 23:00:14 +01:00
Makefile.netware copyright: fix year ranges 2020-11-05 08:22:10 +01:00
curl.rc copyright: fix year ranges 2020-11-05 08:22:10 +01:00
makefile.amiga curl.se: new home 2020-11-04 23:59:47 +01:00
makefile.dj copyright: fix missing year (range) updates 2021-01-29 14:35:13 +01:00
mkhelp.pl copyright: fix year ranges 2020-11-05 08:22:10 +01:00
slist_wc.c copyright: fix year ranges 2020-11-05 08:22:10 +01:00
slist_wc.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_binmode.c copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_binmode.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_bname.c copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_bname.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_cb_dbg.c curl.se: new home 2020-11-04 23:59:47 +01:00
tool_cb_dbg.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_cb_hdr.c curl.se: new home 2020-11-04 23:59:47 +01:00
tool_cb_hdr.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_cb_prg.c config: remove CURL_SIZEOF_CURL_OFF_T use only SIZEOF_CURL_OFF_T 2021-03-11 10:11:56 +01:00
tool_cb_prg.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_cb_rea.c docs/examples: adjust prototypes for CURLOPT_READFUNCTION 2020-12-30 22:20:24 +01:00
tool_cb_rea.h docs/examples: adjust prototypes for CURLOPT_READFUNCTION 2020-12-30 22:20:24 +01:00
tool_cb_see.c config: remove CURL_SIZEOF_CURL_OFF_T use only SIZEOF_CURL_OFF_T 2021-03-11 10:11:56 +01:00
tool_cb_see.h curl.se: new home 2020-11-04 23:59:47 +01:00
tool_cb_wrt.c curl.se: new home 2020-11-04 23:59:47 +01:00
tool_cb_wrt.h curl.se: new home 2020-11-04 23:59:47 +01:00
tool_cfgable.c cookies: Support multiple -b parameters 2021-02-25 18:12:28 +01:00
tool_cfgable.h schannel: Disable auto credentials; add an option to enable it 2021-04-22 16:53:37 -04:00
tool_convert.c tidy-up: make conditional checks more consistent 2021-04-22 09:10:17 +02:00
tool_convert.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_dirhie.c curl.se: new home 2020-11-04 23:59:47 +01:00
tool_dirhie.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_doswin.c copyright: fix missing year (range) updates 2021-01-29 14:35:13 +01:00
tool_doswin.h curl.se: new home 2020-11-04 23:59:47 +01:00
tool_easysrc.c curl.se: new home 2020-11-04 23:59:47 +01:00
tool_easysrc.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_filetime.c curl: include the file name in --xattr/--remote-time error msgs 2021-01-27 08:45:11 +01:00
tool_filetime.h curl: move fprintf outputs to warnf 2021-01-27 08:45:02 +01:00
tool_formparse.c misc: fix "warning: empty expression statement has no effect" 2020-12-26 23:44:17 +01:00
tool_formparse.h curl.se: new home 2020-11-04 23:59:47 +01:00
tool_getparam.c schannel: Disable auto credentials; add an option to enable it 2021-04-22 16:53:37 -04:00
tool_getparam.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_getpass.c curl.se: new home 2020-11-04 23:59:47 +01:00
tool_getpass.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_help.c schannel: Disable auto credentials; add an option to enable it 2021-04-22 16:53:37 -04:00
tool_help.h curl.se: new home 2020-11-04 23:59:47 +01:00
tool_helpers.c copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_helpers.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_homedir.c curl: add compatibility for Amiga and GCC 6.5 2020-11-20 23:36:51 +01:00
tool_homedir.h curl.se: new home 2020-11-04 23:59:47 +01:00
tool_hugehelp.c.cvs curl.se: new home 2020-11-04 23:59:47 +01:00
tool_hugehelp.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_libinfo.c curl.h: add CURLPROTO_GOPHERS as own protocol identifier 2021-01-06 15:23:41 +01:00
tool_libinfo.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_main.c copyright: fix missing year (range) updates 2021-01-29 14:35:13 +01:00
tool_main.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_metalink.c tidy-up: make conditional checks more consistent 2021-04-22 09:10:17 +02:00
tool_metalink.h curl.se: new home 2020-11-04 23:59:47 +01:00
tool_msgs.c copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_msgs.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_operate.c schannel: Disable auto credentials; add an option to enable it 2021-04-22 16:53:37 -04:00
tool_operate.h curl: add variables to --write-out 2020-12-21 16:38:48 +01:00
tool_operhlp.c curl.se: new home 2020-11-04 23:59:47 +01:00
tool_operhlp.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_panykey.c curl.se: new home 2020-11-04 23:59:47 +01:00
tool_panykey.h curl.se: new home 2020-11-04 23:59:47 +01:00
tool_paramhlp.c copyright: update copyright year ranges to 2021 2021-03-27 23:00:14 +01:00
tool_paramhlp.h curl: add --create-file-mode [mode] 2020-12-21 10:52:41 +01:00
tool_parsecfg.c curl.se: new home 2020-11-04 23:59:47 +01:00
tool_parsecfg.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_progress.c tool_progress: Fix progress meter in parallel mode 2021-04-05 23:43:26 -04:00
tool_progress.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_sdecls.h curl: add variables to --write-out 2020-12-21 16:38:48 +01:00
tool_setopt.c schannel: Disable auto credentials; add an option to enable it 2021-04-22 16:53:37 -04:00
tool_setopt.h schannel: Disable auto credentials; add an option to enable it 2021-04-22 16:53:37 -04:00
tool_setup.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_sleep.c curl.se: new home 2020-11-04 23:59:47 +01:00
tool_sleep.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_strdup.c curl.se: new home 2020-11-04 23:59:47 +01:00
tool_strdup.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_urlglob.c curl.se: new home 2020-11-04 23:59:47 +01:00
tool_urlglob.h curl.se: new home 2020-11-04 23:59:47 +01:00
tool_util.c curl.se: new home 2020-11-04 23:59:47 +01:00
tool_util.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_version.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_vms.c tidy-up: make conditional checks more consistent 2021-04-22 09:10:17 +02:00
tool_vms.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
tool_writeout.c tool_writeout: fix the HTTP_CODE json output 2021-04-17 11:03:30 +02:00
tool_writeout.h http: add support to read and store the referrer header 2021-02-19 13:57:19 +00:00
tool_writeout_json.c copyright: update copyright year ranges to 2021 2021-03-27 23:00:14 +01:00
tool_writeout_json.h copyright: update copyright year ranges to 2021 2021-03-27 23:00:14 +01:00
tool_xattr.c http: add support to read and store the referrer header 2021-02-19 13:57:19 +00:00
tool_xattr.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00