Skip to content
  1. Jun 30, 2010
    • Kamil Dudka's avatar
      http_ntlm: add support for NSS · f3b77e56
      Kamil Dudka authored 
      When configured with '--without-ssl --with-nss', NTLM authentication
now uses NSS crypto library for MD5 and DES.  For MD4 we have a local
implementation in that case.  More details are available at
https://bugzilla.redhat.com/603783

In order to get it working, curl_global_init() must be called with
CURL_GLOBAL_SSL or CURL_GLOBAL_ALL.  That's necessary because NSS needs
to be initialized globally and we do so only when the NSS library is
actually required by protocol.  The mentioned call of curl_global_init()
is responsible for creating of the initialization mutex.

There was also slightly changed the NSS initialization scenario, in
particular, loading of the NSS PEM module.  It used to be loaded always
right after the NSS library was initialized.  Now the library is
initialized as soon as any SSL or NTLM is required, while the PEM module
is prevented from being loaded until the SSL is actually required.
      f3b77e56
  3. May 11, 2010
  5. May 07, 2010
    • Howard Chu's avatar
      sendrecv: split the I/O handling into private handler · d64bd82b
      Howard Chu authored 
      Howard Chu brought the bulk work of this patch that properly
moves out the sending and recving of data to the parts of the
code that are properly responsible for the various ways of doing
so.

Daniel Stenberg assisted with polishing a few bits and fixed some
minor flaws in the original patch.

Another upside of this patch is that we now abuse CURLcodes less
with the "magic" -1 return codes and instead use CURLE_AGAIN more
consistently.
      d64bd82b
  7. Apr 24, 2010
  9. Apr 06, 2010
  11. Apr 04, 2010
  13. Mar 31, 2010
  15. Mar 24, 2010
  17. Feb 17, 2010
  19. Dec 02, 2009
  21. Nov 12, 2009
  23. Nov 05, 2009
  25. Oct 28, 2009
  27. Oct 18, 2009
  29. Oct 07, 2009
  31. Sep 21, 2009
  33. Sep 08, 2009
  35. Sep 06, 2009
  37. Aug 28, 2009
  39. Aug 13, 2009
  41. Jul 20, 2009
    • Kamil Dudka's avatar
      - Claes Jakobsson improved the support for client certificates handling · 5f0cae80
      Kamil Dudka authored 
        in NSS-powered libcurl. Now the client certificates can be selected
  automatically by a NSS built-in hook. Additionally pre-login to all PKCS11
  slots is no more performed. It used to cause problems with HW tokens.

- Fixed reference counting for NSS client certificates. Now the PEM reader
  module should be always properly unloaded on Curl_nss_cleanup(). If the unload
  fails though, libcurl will try to reuse the already loaded instance.
      5f0cae80
  43. Jun 08, 2009
  45. May 28, 2009
  47. May 27, 2009
  49. May 11, 2009
  51. Apr 24, 2009
  53. Apr 21, 2009
  55. Apr 14, 2009
  57. Apr 13, 2009
  59. Mar 18, 2009
  61. Feb 27, 2009
  63. Feb 17, 2009
  65. Jan 07, 2009
    • Daniel Stenberg's avatar
      fix compiler warnings · dd058b8d
      Daniel Stenberg authored
      dd058b8d
    • Daniel Stenberg's avatar
      - Rob Crittenden did once again provide an NSS update: · 3c2ad402
      Daniel Stenberg authored 
        I have to jump through a few hoops now with the NSS library initialization
  since another part of an application may have already initialized NSS by the
  time Curl gets invoked. This patch is more careful to only shutdown the NSS
  library if Curl did the initialization.

  It also adds in a bit of code to set the default ciphers if the app that
  call NSS_Init* did not call NSS_SetDomesticPolicy() or set specific
  ciphers. One might argue that this lets other application developers get
  lazy and/or they aren't using the NSS API correctly, and you'd be right.
  But still, this will avoid terribly difficult-to-trace crashes and is
  generally helpful.
      3c2ad402