Граф коммитов

71 Коммитов

Автор SHA1 Сообщение Дата
Daniel Stenberg f213e857ab Andy Cedilnik fixed some compiler warnings 2003-05-01 13:37:36 +00:00
Daniel Stenberg 0b839c4f77 return the same error for the sslv2 "certificate verify failed" code 2003-04-14 22:00:36 +00:00
Daniel Stenberg 21873b52e9 Restored the SSL error codes since they was broken in the 7.10.4 release,
also now attempt to detect and return the specific CACERT error code.
2003-04-14 12:53:29 +00:00
Daniel Stenberg 9558f229db Fixup after talks with Richard Bramante. We should now make better
comparisons before re-using SSL connections and re-using SSL connection IDs.
2003-03-31 05:13:26 +00:00
Daniel Stenberg afffce80f0 Philippe Raoult needed this to build on FreeBSD 2003-03-13 21:41:02 +00:00
Daniel Stenberg 8755a6d1ac Richard Gorton improved the random_the_seed() function for systems where
we don't find/know of a good random source. This way, we get a better
randomness which in turn should make SSL connections more secure.
2003-03-11 18:55:34 +00:00
Daniel Stenberg 9121b1f41d the strequal and strnequal should now be called with the proper curl_ prefix 2003-02-28 12:20:08 +00:00
Daniel Stenberg a3d3642a30 spell better 2003-02-27 23:10:38 +00:00
Daniel Stenberg 69ab4cd391 include <sys/socket.h> to compile the fd_set stuff properly on all systems 2003-02-14 09:03:03 +00:00
Daniel Stenberg f56d006f93 Re-arranged the SSL connection code (again). The recent fix was not a very
good one. This should work fine again.
2003-02-05 07:43:05 +00:00
Daniel Stenberg 5d28f3781b Improved error reporting in case of bad SSL_connect()s, and we also no
longer use the SSL functions that store the error message in a static buffer
since that is not very multi-thread friendly.
2003-02-04 12:29:57 +00:00
Daniel Stenberg a7c72b7abf removed the local variables for emacs and vim, use the new sample.emacs
way for emacs, and vim users should provide a similar non-polluting style
2003-01-29 10:14:20 +00:00
Daniel Stenberg f26a338a54 copyright year update in the source header 2003-01-16 21:08:12 +00:00
Daniel Stenberg ca134d5522 Philippe Raoult's fix to handle wildcard certificate name checks 2003-01-07 16:33:11 +00:00
Daniel Stenberg 3aea0d3d68 Evan Jordan's fix for a memory leak. Bug report 650989. 2002-12-13 14:08:49 +00:00
Daniel Stenberg 4bcc866c52 The fread() callback pointer and associated pointer is now stored in the
connectdata struct instead, and is no longer modified within the 'set' struct
as previously (which was a really BAAAD thing).
2002-12-09 15:37:54 +00:00
Daniel Stenberg ba4e69bebc updated source code boilerplate/header 2002-09-03 11:52:59 +00:00
Daniel Stenberg 56c43604d0 if verifypeer is enabled but nether CAfile nor CApath is, then don't try
to load "verify_locations"
2002-08-30 12:07:42 +00:00
Daniel Stenberg 0e0caf7c06 CURLE_SSL_INSECURE is removed again and so is CURLOPT_SSL_INSECURE, we
proceed fine with the already existing options, just having a different
internal library default for capath.
2002-08-30 11:09:49 +00:00
Daniel Stenberg 8b77f40f99 This fix MIGHT make us build nicely with OpenSSL 0.9.7. This fix is based
on a patch from Jacob Meuser, input from Gtz Babin-Ebell and my own
browsing of the latest include files.
2002-06-10 12:38:10 +00:00
Daniel Stenberg 323f195036 ASN1 files don't work for the *chain_file(), make them use the previous
version
2002-05-21 08:15:42 +00:00
Daniel Stenberg fe3ba1dd11 Roland Zimmermann's hint, we use SSL_CTX_use_certificate_chain_file() instead
of the previous one that used SSL_CTX_use_certificate_file()
2002-05-20 14:25:35 +00:00
Daniel Stenberg 974f314f57 copyright string (year) update 2002-03-19 07:54:55 +00:00
Daniel Stenberg 5b58e61f28 now re-seed by force (even if already seeded) if a random file or egd socket
is given
2002-01-30 08:17:23 +00:00
Daniel Stenberg f114caca90 - T. Bharath pointed out that we seed SSL on every connect, which is a time-
consuming operation that should only be needed to do once. We patched
  libcurl to now only seed on the first connect when unseeded. The seeded
  status is global so it'll now only happen once during a program's life time.
2002-01-29 14:11:38 +00:00
Daniel Stenberg eba8035e12 Richard Archer made it compile and build with OpenSSL versions prior to
0.9.5
2002-01-17 10:40:13 +00:00
Daniel Stenberg d84a0c51e0 Cris Bailiff found out that when the SSL session cache was filled, libcurl
would crash. This corrects the problem.
2002-01-09 09:38:37 +00:00
Daniel Stenberg d57e09889a added a missing failf() before returning an error code 2002-01-08 23:23:24 +00:00
Daniel Stenberg d3299beec7 Modified to use non-blocking sockets all the time. 2002-01-07 18:38:01 +00:00
Daniel Stenberg af6c394785 Gtz Babin-Ebell's OpenSSL ENGINE patch 2001-12-17 23:01:39 +00:00
Daniel Stenberg e192261788 failf() calls should not have newlines in the message string! 2001-12-11 13:13:01 +00:00
Daniel Stenberg b8ff21124a Samuel Listopad's fix to allow global_init => global_cleanup => global_init
for ssl
2001-11-14 07:11:39 +00:00
Daniel Stenberg 2f77b0a4c6 we can now tell ssl to use TLSv1 protocol, and we now use defines instead
of real integers for versions, the defines are added to curl.h
2001-11-05 14:06:42 +00:00
Sterling Hughes 8e91d5de8e looks nicer and is better compatible with older vim versions 2001-10-11 09:32:19 +00:00
Daniel Stenberg 645413f5ef Lots of praise and glory to Vojtech Minarik for setting up a test server
and providing me with test-certificates that helped me nail the problem with
curl not discovering with a bad certificate was used.
2001-09-19 21:49:11 +00:00
Daniel Stenberg 1fde1431c9 narrowed some source lines to fit in 80 cols 2001-09-12 08:14:35 +00:00
Daniel Stenberg db7bde1d7a added ability to set prefered list of ciphers 2001-09-11 22:21:02 +00:00
Daniel Stenberg 894b47da9b ouputs the start and expire dates of the server certificate on verbose
output
2001-09-11 10:00:49 +00:00
Daniel Stenberg 46372c04ee made it compile properly when not building with SSL support 2001-09-07 09:40:46 +00:00
Sterling Hughes 6147879837 Added formatting sections for emacs and vim 2001-09-07 04:01:32 +00:00
Daniel Stenberg c3b448dcea moved the session ID cache state variables into the UrlState struct within
the SessionHandle. It was previously wrongly put in UserDefined
2001-09-06 08:32:01 +00:00
Daniel Stenberg 86da31e031 Curl_SSL_Close_All() now checks that we have a session cache before we run
around killing entries in it!
2001-09-06 06:26:24 +00:00
Daniel Stenberg 0ece1b5c34 Major rename and redesign of the internal "backbone" structs. Details will
be posted in a minute to the libcurl list.
2001-08-30 22:48:34 +00:00
Daniel Stenberg 26983053c4 take port numbers into account when finding a previous session from the
cache
2001-08-29 09:36:41 +00:00
Daniel Stenberg 3c52c53ddd Added SSL session ID caching, moved some SSL code from url.c to ssluse.c 2001-08-28 08:37:54 +00:00
Daniel Stenberg df09214c62 strcasecmp() is banned from our code, should be strequal() everywhere!
Tim Costello reported bug report #454858.
2001-08-24 06:20:47 +00:00
Daniel Stenberg bd0afd8db4 removed the use of the global array for the password that was necessary
for OpenSSL versions prior to 0.9.4, this is conditional and should still
work with older versions.
2001-08-14 08:36:30 +00:00
Daniel Stenberg 95837043e2 Patrick Bihan-Faou introduced CURLOPT_SSL_VERIFYHOST and code to deal with
it.
2001-08-08 07:16:47 +00:00
Daniel Stenberg 813d7585c7 Nic Roets brought a fix for the certificate verification when using SSL. 2001-06-29 07:38:11 +00:00
Daniel Stenberg e39e6c537e removed a failf() that would overwrite the previous error message 2001-06-12 18:22:52 +00:00