Граф коммитов

19020 Коммитов

Автор SHA1 Сообщение Дата
Steve Holme a2f8887b79 curl_endian: Fixed build when 64-bit integers are not supported (Part 2)
Missed Curl_read64_be() in commit bb12d44471 :(
2015-01-16 23:01:27 +00:00
Daniel Stenberg b2c01f02d5 CURLOPT_SSL_VERIFYSTATUS.3: mention it is added in version 7.41.0 2015-01-16 23:41:50 +01:00
Daniel Stenberg c807ce73ed curlver.h: next release is 7.41.0 due to the changes 2015-01-16 23:36:50 +01:00
Daniel Stenberg af8928a23b RELEASE-NOTES: mention the new OCSP stapling options, bump version 2015-01-16 23:36:02 +01:00
Daniel Stenberg 14a6cfaddb opts: add CURLOPT_SSL_VERIFYSTATUS* to docs/Makefile 2015-01-16 23:34:28 +01:00
Daniel Stenberg 0b1f37e77c help: add --cert-status to --help output 2015-01-16 23:23:29 +01:00
Daniel Stenberg a4065ebf1c copyright years: after OCSP stapling changes 2015-01-16 23:23:29 +01:00
Alessandro Ghedini bd0c3b3c66 curl: add --cert-status option
This enables the CURLOPT_SSL_VERIFYSTATUS functionality.
2015-01-16 23:23:29 +01:00
Alessandro Ghedini f46c6fbee0 nss: add support for the Certificate Status Request TLS extension
Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8.

This requires NSS 3.15 or higher.
2015-01-16 23:23:29 +01:00
Alessandro Ghedini f13669a375 gtls: add support for the Certificate Status Request TLS extension
Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8.

This requires GnuTLS 3.1.3 or higher to build, however it's recommended to use
at least GnuTLS 3.3.11 since previous versions had a bug that caused the OCSP
response verfication to fail even on valid responses.
2015-01-16 23:23:29 +01:00
Alessandro Ghedini 3af90a6e19 url: add CURLOPT_SSL_VERIFYSTATUS option
This option can be used to enable/disable certificate status verification using
the "Certificate Status Request" TLS extension defined in RFC6066 section 8.

This also adds the CURLE_SSL_INVALIDCERTSTATUS error, to be used when the
certificate status verification fails, and the Curl_ssl_cert_status_request()
function, used to check whether the SSL backend supports the status_request
extension.
2015-01-16 23:23:29 +01:00
Daniel Stenberg 5e113a18c5 TheArtOfHttpScripting: skip the date at the top, we have git 2015-01-16 23:23:29 +01:00
Daniel Stenberg 5940e06f01 TheArtOfHttpScripting: phrase it TLS lib agnostic 2015-01-16 23:23:29 +01:00
Steve Holme 5c73cdef62 TODO: Added some SMB ideas 2015-01-16 22:22:28 +00:00
Steve Holme 251a349055 RELEASE-NOTES: Synced with 5f09947d28 2015-01-16 21:52:21 +00:00
Steve Holme 5f09947d28 build-openssl.bat: Added check for Perl installation 2015-01-16 21:15:52 +00:00
Steve Holme 224cf1c274 checksrc.bat: Better detection of Perl installation 2015-01-16 21:14:22 +00:00
Steve Holme bb12d44471 curl_endian: Fixed build when 64-bit integers are not supported
Bug: http://curl.haxx.se/mail/lib-2015-01/0094.html
Reported-by: John E. Malmberg
2015-01-16 12:31:24 +00:00
Yun SangHo bcf07f8a4b curl.h: remove extra space 2015-01-15 23:41:32 +01:00
Daniel Stenberg cc28bc472e Curl_pretransfer: reset expected transfer sizes
Reported-by: Mohammad AlSaleh
Bug: http://curl.haxx.se/mail/lib-2015-01/0065.html
2015-01-14 23:31:57 +01:00
Marc Hoersken e9834808e9 curl_schannel.c: mark session as removed from cache if not freed
If the session is still used by active SSL/TLS connections, it
cannot be closed yet. Thus we mark the session as not being cached
any longer so that the reference counting mechanism in
Curl_schannel_shutdown is used to close and free the session.

Reported-by: Jean-Francois Durand
2015-01-12 21:56:05 +01:00
Steve Holme 710c38d7a4 RELEASE-NOTES: Synced with d21b66835f 2015-01-09 22:20:35 +00:00
Guenter Knauf d21b66835f Merge pull request #134 from vszakats/mingw-m64
add -m64 CFLAGS when targeting mingw64, add -m32/-m64 to LDFLAGS
2015-01-09 22:03:12 +01:00
Guenter Knauf 4e58589b0e Merge pull request #136 from vszakats/mingw-allow-custom-cflags
mingw build: allow to pass custom CFLAGS
2015-01-09 22:02:23 +01:00
Daniel Stenberg e6b4b4b66d NSS: fix compiler error when built http2-enabled 2015-01-09 21:55:52 +01:00
Steve Holme 355bf01c82 gssapi: Remove need for duplicated GSS_C_NT_HOSTBASED_SERVICE definitions
Better code reuse and consistency in calls to gss_import_name().
2015-01-09 20:37:47 +00:00
Viktor Szakats b4f13a4952 mingw build: allow to pass custom CFLAGS 2015-01-09 21:03:54 +01:00
Daniel Stenberg 99e71e6a84 FTP: if EPSV fails on IPV6 connections, bail out
... instead of trying PASV, since PASV can't work with IPv6.

Reported-by: Vojtěch Král
2015-01-08 22:32:37 +01:00
Daniel Stenberg 9a452ba3a1 FTP: fix IPv6 host using link-local address
... and make sure we can connect the data connection to a host name that
is longer than 48 bytes.

Also simplifies the code somewhat by re-using the original host name
more, as it is likely still in the DNS cache.

Original-Patch-by: Vojtěch Král
Bug: http://curl.haxx.se/bug/view.cgi?id=1468
2015-01-08 22:32:37 +01:00
Sam Schanken 659d252b6f winbuild: Added option to build with c-ares
Added support for a WITH_CARES option to be used when invoking nmake
via Makefile.vc. This option enables linking against both the DLL and
static versions of the c-ares libraries, as well as the debug and
release varients, depending on the value of DEBUG. The USE_ARES
preprocessor symbol is also defined.
2015-01-08 21:12:43 +00:00
Guenter Knauf c712fe01a9 NetWare build: added TLS-SRP enabled build. 2015-01-08 21:40:35 +01:00
Steve Holme 5c0e66d632 sasl_gssapi: Fixed build on NetBSD with built-in GSS-API
Bug: http://curl.haxx.se/bug/view.cgi?id=1469
Reported-by: Thomas Klausner
2015-01-08 19:36:58 +00:00
Viktor Szakats acc8089bc2 add -m64 clags when targeting mingw64, add -m32/-m64 to LDFLAGS 2015-01-08 18:19:03 +01:00
Daniel Stenberg 34636fa47e bump: start working towards 7.40.1 2015-01-08 10:00:28 +01:00
Daniel Stenberg 003076e17c THANKS: 14 new contributors from the 7.40.0 release notes 2015-01-08 09:57:19 +01:00
Daniel Stenberg 9ce2d70019 RELEASE-NOTES: version 7.40.0 2015-01-07 23:08:53 +01:00
Daniel Stenberg 4ce22c607b darwinssl: fix session ID keys to only reuse identical sessions
...to avoid a session ID getting cached without certificate checking and
then after a subsequent _enabling_ of the check libcurl could still
re-use the session done without cert checks.

Bug: http://curl.haxx.se/docs/adv_20150108A.html
Reported-by: Marc Hesse
2015-01-07 22:55:56 +01:00
Daniel Stenberg 3df8e78860 tests: make sure CRLFs can't be used in URLs passed to proxy
Bug: http://curl.haxx.se/docs/adv_20150108B.html
2015-01-07 22:55:56 +01:00
Daniel Stenberg 178bd7db34 url-parsing: reject CRLFs within URLs
Bug: http://curl.haxx.se/docs/adv_20150108B.html
Reported-by: Andrey Labunets
2015-01-07 22:55:56 +01:00
Steve Holme f7d5ecec9c ldap: Convert attribute output to UTF-8 when Unicode 2015-01-07 20:01:29 +00:00
Steve Holme 4e420600c1 ldap: Convert DN output to UTF-8 when Unicode 2015-01-07 20:01:27 +00:00
Daniel Stenberg 9547954978 hostip: remove 'stale' argument from Curl_fetch_addr proto
Also, remove the log output of the resolved name is NOT in the cache in
the spirit of only telling when something is actually happening.
2015-01-07 14:06:12 +00:00
Steve Holme 4626f31d0e ldap/imap: Fixed spelling mistake in comments and variable names
Reported-by: Michael Osipov
2015-01-07 13:50:56 +00:00
Daniel Stenberg c07857e063 RELEASE-NOTES: updated with ./contributors.sh output 2015-01-07 12:41:02 +01:00
Dan Fandrich 39217edb12 curl_multibyte.h: Eliminated some trailing whitespace 2015-01-05 10:08:08 +01:00
Steve Holme 241a67f73b RELEASE-NOTES: Synced with ea93252ef1 2015-01-04 22:58:19 +00:00
Steve Holme ea93252ef1 ldap: Fixed Unicode usage for all Win32 builds
Otherwise, the fixes in the previous commits would only be applicable
to IDN and SSPI based builds and not others such as OpenSSL with LDAP
enabled.
2015-01-04 22:19:30 +00:00
Steve Holme f6b168de4c ldap: Fixed memory leak from commit efb64fdf80 2015-01-04 20:33:58 +00:00
Steve Holme 4113ad50e4 ldap: Fix memory leak from commit 3a805c5cc1 2015-01-04 20:06:04 +00:00
Steve Holme c37dcf0edb ldap: Fixed attribute variable warnings when Unicode is enabled
Use 'TCHAR *' for local attribute variable rather than 'char *'.
2015-01-04 16:25:17 +00:00