Loading CHANGES +3 −0 Original line number Diff line number Diff line Loading @@ -8,6 +8,9 @@ Daniel Stenberg (6 Jun 2008) - Axel Tillequin and Arnaud Ebalard added support for CURLOPT_ISSUERCERT, for OpenSSL, NSS and GnuTLS-built libcurls. - Axel Tillequin and Arnaud Ebalard added support for CURLOPT_CRLFILE, for OpenSSL, NSS and GnuTLS-built libcurls. Loading RELEASE-NOTES +3 −2 Original line number Diff line number Diff line Loading @@ -2,7 +2,7 @@ Curl and libcurl 7.18.3 Public curl releases: 106 Command line options: 126 curl_easy_setopt() options: 151 curl_easy_setopt() options: 152 Public functions in libcurl: 58 Public web site mirrors: 37 Known libcurl bindings: 36 Loading @@ -11,7 +11,8 @@ Curl and libcurl 7.18.3 This release includes the following changes: o Added CURLINFO_PRIMARY_IP o Added CURLOPT_CRLFILE o Added CURLOPT_CRLFILE and CURLE_SSL_CRL_BADFILE o Added CURLOPT_ISSUERCERT and CURLE_SSL_ISSUER_ERROR This release includes the following bugfixes: Loading TODO-RELEASE +0 −2 Original line number Diff line number Diff line Loading @@ -3,8 +3,6 @@ To be addressed before 7.18.3 (planned release: August 2008) 139 - Christopher Palow's CURLM_EASY_HANDLE_EXISTS patch 140 - Arnaud Ebalard and Axel Tillequin's CRL support and issuer check patches 144 - Help apps use 64bit/LFS libcurl! 145 - Loading docs/libcurl/curl_easy_setopt.3 +16 −0 Original line number Diff line number Diff line Loading @@ -1443,6 +1443,22 @@ bundle is assumed to be stored, as established at build time. When built against NSS this is the directory that the NSS certificate database resides in. .IP CURLOPT_ISSUERCERT Pass a char * to a zero terminated string naming a file holding a CA certificate in PEM format. If the option is set, an additional check against the peer certificate is performed to verify the issuer is indeed the one associated with the certificate provided by the option. This additional check is useful in multi-level PKI where one need to enforce the peer certificate is from a specific branch of the tree. This option makes sense only when used in combination with the \fICURLOPT_SSL_VERIFYPEER\fP option. Otherwise, the result of the check is not considered as failure. A specific error code (CURLE_SSL_ISSUER_ERROR) is defined with the option, which is returned if the setup of the SSL/TLS session has failed due to a mismatch with the issuer of peer certificate (\fICURLOPT_SSL_VERIFYPEER\fP has to be set too for the check to fail). (Added in 7.18.3) .IP CURLOPT_CAPATH Pass a char * to a zero terminated string naming a directory holding multiple CA certificates to verify the peer with. The certificate directory must be Loading docs/libcurl/libcurl-errors.3 +2 −0 Original line number Diff line number Diff line Loading @@ -214,6 +214,8 @@ return code is only returned from \fIcurl_easy_recv(3)\fP and \fIcurl_easy_send(3)\fP (Added in 7.18.2) .IP "CURLE_SSL_CRL_BADFILE (82)" Failed to load CRL file (Added in 7.18.3) .IP "CURLE_SSL_ISSUER_ERROR (83)" Issuer check failed (Added in 7.18.3) .IP "CURLE_OBSOLETE*" These error codes will never be returned. They used to be used in an old libcurl version and are currently unused. Loading Loading
CHANGES +3 −0 Original line number Diff line number Diff line Loading @@ -8,6 +8,9 @@ Daniel Stenberg (6 Jun 2008) - Axel Tillequin and Arnaud Ebalard added support for CURLOPT_ISSUERCERT, for OpenSSL, NSS and GnuTLS-built libcurls. - Axel Tillequin and Arnaud Ebalard added support for CURLOPT_CRLFILE, for OpenSSL, NSS and GnuTLS-built libcurls. Loading
RELEASE-NOTES +3 −2 Original line number Diff line number Diff line Loading @@ -2,7 +2,7 @@ Curl and libcurl 7.18.3 Public curl releases: 106 Command line options: 126 curl_easy_setopt() options: 151 curl_easy_setopt() options: 152 Public functions in libcurl: 58 Public web site mirrors: 37 Known libcurl bindings: 36 Loading @@ -11,7 +11,8 @@ Curl and libcurl 7.18.3 This release includes the following changes: o Added CURLINFO_PRIMARY_IP o Added CURLOPT_CRLFILE o Added CURLOPT_CRLFILE and CURLE_SSL_CRL_BADFILE o Added CURLOPT_ISSUERCERT and CURLE_SSL_ISSUER_ERROR This release includes the following bugfixes: Loading
TODO-RELEASE +0 −2 Original line number Diff line number Diff line Loading @@ -3,8 +3,6 @@ To be addressed before 7.18.3 (planned release: August 2008) 139 - Christopher Palow's CURLM_EASY_HANDLE_EXISTS patch 140 - Arnaud Ebalard and Axel Tillequin's CRL support and issuer check patches 144 - Help apps use 64bit/LFS libcurl! 145 - Loading
docs/libcurl/curl_easy_setopt.3 +16 −0 Original line number Diff line number Diff line Loading @@ -1443,6 +1443,22 @@ bundle is assumed to be stored, as established at build time. When built against NSS this is the directory that the NSS certificate database resides in. .IP CURLOPT_ISSUERCERT Pass a char * to a zero terminated string naming a file holding a CA certificate in PEM format. If the option is set, an additional check against the peer certificate is performed to verify the issuer is indeed the one associated with the certificate provided by the option. This additional check is useful in multi-level PKI where one need to enforce the peer certificate is from a specific branch of the tree. This option makes sense only when used in combination with the \fICURLOPT_SSL_VERIFYPEER\fP option. Otherwise, the result of the check is not considered as failure. A specific error code (CURLE_SSL_ISSUER_ERROR) is defined with the option, which is returned if the setup of the SSL/TLS session has failed due to a mismatch with the issuer of peer certificate (\fICURLOPT_SSL_VERIFYPEER\fP has to be set too for the check to fail). (Added in 7.18.3) .IP CURLOPT_CAPATH Pass a char * to a zero terminated string naming a directory holding multiple CA certificates to verify the peer with. The certificate directory must be Loading
docs/libcurl/libcurl-errors.3 +2 −0 Original line number Diff line number Diff line Loading @@ -214,6 +214,8 @@ return code is only returned from \fIcurl_easy_recv(3)\fP and \fIcurl_easy_send(3)\fP (Added in 7.18.2) .IP "CURLE_SSL_CRL_BADFILE (82)" Failed to load CRL file (Added in 7.18.3) .IP "CURLE_SSL_ISSUER_ERROR (83)" Issuer check failed (Added in 7.18.3) .IP "CURLE_OBSOLETE*" These error codes will never be returned. They used to be used in an old libcurl version and are currently unused. Loading
