1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 16:18:48 -05:00
Go to file
Daniel Stenberg c0e8bed5bf - Scott Cantor posted the bug report #2829955
(http://curl.haxx.se/bug/view.cgi?id=2829955) mentioning the recent SSL cert
  verification flaw found and exploited by Moxie Marlinspike. The presentation
  he did at Black Hat is available here:
  https://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html#Marlinspike

  Apparently at least one CA allowed a subjectAltName or CN that contain a
  zero byte, and thus clients that assumed they would never have zero bytes
  were exploited to OK a certificate that didn't actually match the site. Like
  if the name in the cert was "example.com\0theatualsite.com", libcurl would
  happily verify that cert for example.com.

  libcurl now better use the length of the extracted name, not assuming it is
  zero terminated.
2009-08-01 21:56:59 +00:00
ares test if adding ../lib to includes can fix the current break ... 2009-07-16 12:20:16 +00:00
CMake BUG: curl did not build with cmake with VS 2005 for two reasons, ws2tcpip.h requires winsock2.h to be included before it with that compiler, and wldap32 is not available with the default install of the compiler, so disable ldap support if that is not found 2009-07-15 19:25:22 +00:00
docs 67. When creating multipart formposts. The file name part can be encoded with 2009-07-31 11:16:04 +00:00
include - Added CURLOPT_SSH_KNOWNHOSTS, CURLOPT_SSH_KEYFUNCTION, CURLOPT_SSH_KEYDATA. 2009-07-22 22:49:01 +00:00
lib - Scott Cantor posted the bug report #2829955 2009-08-01 21:56:59 +00:00
m4 renamed generated config.h to curl_config.h in order to avoid clashes when libcurl is used with other projects which also have a config.h. 2009-07-14 13:25:14 +00:00
packages Added nonblock.c to the non-automake makefiles (note that the dependencies 2009-07-15 21:49:47 +00:00
perl David Shaw finally removed all traces of Gopher and we are now officially 2006-01-16 22:14:37 +00:00
src properly free data returned by aprintf(), and bring back the code to be 2009-07-25 18:09:57 +00:00
tests use --insecure for the SFTP and SCP tests 2009-07-28 17:55:00 +00:00
.cvsignore renamed generated config.h to curl_config.h in order to avoid clashes when libcurl is used with other projects which also have a config.h. 2009-07-14 13:30:24 +00:00
acinclude.m4 Refactor how libraries are checked for connect() function, follow-up. 2009-06-21 02:42:34 +00:00
Android.mk Copy the libcurl header files into the right location for Android. 2009-07-31 00:10:38 +00:00
buildconf renamed generated config.h to curl_config.h in order to avoid clashes when libcurl is used with other projects which also have a config.h. 2009-07-14 13:25:14 +00:00
buildconf.bat Ensure that buildconf.bat does nothing unless it is used with a CVS checkout. 2009-06-08 14:27:36 +00:00
CHANGES - Scott Cantor posted the bug report #2829955 2009-08-01 21:56:59 +00:00
CHANGES.0 Moved 7.19.2 and older entries from CHANGES to CHANGES.0 (the latter is not 2009-03-10 10:00:06 +00:00
CMakeLists.txt ENH: fix build with ssl 2009-07-15 21:30:46 +00:00
configure.ac renamed generated config.h to curl_config.h in order to avoid clashes when libcurl is used with other projects which also have a config.h. 2009-07-14 13:25:14 +00:00
COPYING bump year 2009-01-11 23:48:20 +00:00
CTestConfig.cmake ENH: move dashboard location 2009-07-15 19:40:46 +00:00
curl-config.in removed useless comment 2009-03-20 12:42:29 +00:00
curl-style.el Use build-time configured curl_socklen_t instead of socklen_t 2009-05-02 02:37:32 +00:00
CVS-INFO Updated some out-of-date information. 2008-02-13 23:06:21 +00:00
diff-exclude renamed generated config.h to curl_config.h in order to avoid clashes when libcurl is used with other projects which also have a config.h. 2009-07-14 13:25:14 +00:00
install-sh Initial revision 1999-12-29 14:20:26 +00:00
libcurl.pc.in - Keith Mok added supported_protocols and supported_features to the pkg-config 2008-09-02 12:07:08 +00:00
MacOSX-Framework Daniel Johnson improved the MacOSX-Framework shell script to now perform all 2009-04-10 02:50:21 +00:00
Makefile.am Remove buildconf.bat from release and daily snapshot archives. 2009-06-08 14:31:35 +00:00
Makefile.dist Karl Moerder removed wsock32.lib from the vc9 makefiles 2009-01-13 23:29:56 +00:00
maketgz renamed generated config.h to curl_config.h in order to avoid clashes when libcurl is used with other projects which also have a config.h. 2009-07-14 13:25:14 +00:00
missing renamed generated config.h to curl_config.h in order to avoid clashes when libcurl is used with other projects which also have a config.h. 2009-07-14 13:25:14 +00:00
mkinstalldirs Make mkinstalldirs ignore umask, for consistency with the rest of the 2008-02-01 20:34:27 +00:00
README don't use the mirrors anymore 2008-08-28 11:40:37 +00:00
RELEASE-NOTES - Scott Cantor posted the bug report #2829955 2009-08-01 21:56:59 +00:00
sample.emacs Remove empty line used to force CVS to update the $Id date string format 2009-05-19 12:12:22 +00:00
TODO-RELEASE - Tanguy Fautre pointed out that OpenSSL's function RAND_screen() (present 2009-08-01 11:09:02 +00:00
vc6curl.dsw Renamed vc6 workspace and project files to avoid filename clash when used for conversion to later VS versions. 2009-05-08 17:51:44 +00:00

                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|

README

  Curl is a command line tool for transferring data specified with URL
  syntax. Find out how to use curl by reading the curl.1 man page or the
  MANUAL document. Find out how to install Curl by reading the INSTALL
  document.

  libcurl is the library curl is using to do its job. It is readily
  available to be used by your software. Read the libcurl.3 man page to
  learn how!

  You find answers to the most frequent questions we get in the FAQ document.

  Study the COPYING file for distribution terms and similar. If you distribute
  curl binaries or other binaries that involve libcurl, you might enjoy the
  LICENSE-MIXING document.

CONTACT

  If you have problems, questions, ideas or suggestions, please contact us
  by posting to a suitable mailing list. See http://curl.haxx.se/mail/

  All contributors to the project are listed in the THANKS document.

WEB SITE

  Visit the curl web site for the latest news and downloads:

        http://curl.haxx.se/

CVS

  To download the very latest source off the CVS server do this:

   cvs -d :pserver:anonymous@cool.haxx.se:/cvsroot/curl login

  (just press enter when asked for password)

   cvs -d :pserver:anonymous@cool.haxx.se:/cvsroot/curl co curl

  (you'll get a directory named curl created, filled with the source code)

NOTICE

  Curl contains pieces of source code that is Copyright (c) 1998, 1999
  Kungliga Tekniska Högskolan. This notice is included here to comply with the
  distribution terms.