Skip to content
  1. Oct 20, 2015
  2. Aug 24, 2015
  3. Aug 23, 2015
    • Nathaniel Waisbrot's avatar
      CURLOPT_DEFAULT_PROTOCOL: added · 9756d1da
      Nathaniel Waisbrot authored
      - Add new option CURLOPT_DEFAULT_PROTOCOL to allow specifying a default
      protocol for schemeless URLs.
      
      - Add new tool option --proto-default to expose
      CURLOPT_DEFAULT_PROTOCOL.
      
      In the case of schemeless URLs libcurl will behave in this way:
      
      When the option is used libcurl will use the supplied default.
      
      When the option is not used, libcurl will follow its usual plan of
      guessing from the hostname and falling back to 'http'.
      9756d1da
  4. Jul 17, 2015
  5. Jun 05, 2015
  6. May 18, 2015
    • Daniel Stenberg's avatar
      CURLOPT_PIPEWAIT: added · 81144375
      Daniel Stenberg authored
      By setting this option to 1 libcurl will wait for a connection to reveal
      if it is possible to pipeline/multiplex on before it continues.
      81144375
  7. Apr 28, 2015
  8. Mar 24, 2015
  9. Mar 20, 2015
  10. Jan 16, 2015
    • Alessandro Ghedini's avatar
      url: add CURLOPT_SSL_VERIFYSTATUS option · 3af90a6e
      Alessandro Ghedini authored
      This option can be used to enable/disable certificate status verification using
      the "Certificate Status Request" TLS extension defined in RFC6066 section 8.
      
      This also adds the CURLE_SSL_INVALIDCERTSTATUS error, to be used when the
      certificate status verification fails, and the Curl_ssl_cert_status_request()
      function, used to check whether the SSL backend supports the status_request
      extension.
      3af90a6e
  11. Jan 15, 2015
  12. Dec 27, 2014
  13. Dec 26, 2014
  14. Dec 04, 2014
  15. Nov 29, 2014
  16. Nov 07, 2014
  17. Nov 02, 2014
  18. Oct 13, 2014
  19. Oct 07, 2014
    • Travis Burtrum's avatar
      SSL: implement public key pinning · 93e45079
      Travis Burtrum authored
      Option --pinnedpubkey takes a path to a public key in DER format and
      only connect if it matches (currently only implemented with OpenSSL).
      
      Provides CURLOPT_PINNEDPUBLICKEY for curl_easy_setopt().
      
      Extract a public RSA key from a website like so:
      openssl s_client -connect google.com:443 2>&1 < /dev/null | \
      sed -n '/-----BEGIN/,/-----END/p' | openssl x509 -noout -pubkey \
      | openssl rsa -pubin -outform DER > google.com.der
      93e45079
  20. Jul 31, 2014
  21. Jul 28, 2014
  22. Jul 23, 2014
    • Daniel Stenberg's avatar
      http2: more and better error checking · 81cd24ad
      Daniel Stenberg authored
      1 - fixes the warnings when built without http2 support
      
      2 - adds CURLE_HTTP2, a new error code for errors detected by nghttp2
      basically when they are about http2 specific things.
      81cd24ad
  23. Jul 22, 2014
  24. Jun 18, 2014
  25. Jun 17, 2014
  26. Apr 04, 2014
  27. Feb 13, 2014
  28. Feb 10, 2014
  29. Dec 14, 2013
  30. Dec 06, 2013
    • Christian Weisgerber's avatar
      curl.h: <sys/select.h> for OpenBSD · 92e607ab
      Christian Weisgerber authored
      curl.h should also include <sys/select.h> on OpenBSD to reliably
      pull in select().  Typically, including <sys/time.h> will be enough,
      but not if strict standards-compliance is requested (e.g. by defining
      _XOPEN_SOURCE).
      92e607ab
  31. Nov 30, 2013
    • Steve Holme's avatar
      curl_easy_getinfo: Post CURLINFO_TLS_SESSION tidy up · dc68120e
      Steve Holme authored
      1) Renamed curl_tlsinfo to curl_tlssessioninfo as discussed on the
      mailing list.
      2) Renamed curl_ssl_backend to curl_sslbackend so it doesn't follow our
      function naming convention.
      3) Updated sessioninfo.c example accordingly.
      dc68120e
  32. Nov 21, 2013
  33. Nov 12, 2013
  34. Oct 15, 2013
    • Gergely Nagy's avatar
      SSL: protocol version can be specified more precisely · ad34a2d5
      Gergely Nagy authored
      CURL_SSLVERSION_TLSv1_0, CURL_SSLVERSION_TLSv1_1,
      CURL_SSLVERSION_TLSv1_2 enum values are added to force exact TLS version
      (CURL_SSLVERSION_TLSv1 means TLS 1.x).
      
      axTLS:
      axTLS only supports TLS 1.0 and 1.1 but it cannot be set that only one
      of these should be used, so we don't allow the new enum values.
      
      darwinssl:
      Added support for the new enum values.
      
      SChannel:
      Added support for the new enum values.
      
      CyaSSL:
      Added support for the new enum values.
      Bug: The original CURL_SSLVERSION_TLSv1 value enables only TLS 1.0 (it
      did the same before this commit), because CyaSSL cannot be configured to
      use TLS 1.0-1.2.
      
      GSKit:
      GSKit doesn't seem to support TLS 1.1 and TLS 1.2, so we do not allow
      those values.
      Bugfix: There was a typo that caused wrong SSL versions to be passed to
      GSKit.
      
      NSS:
      TLS minor version cannot be set, so we don't allow the new enum values.
      
      QsoSSL:
      TLS minor version cannot be set, so we don't allow the new enum values.
      
      OpenSSL:
      Added support for the new enum values.
      Bugfix: The original CURL_SSLVERSION_TLSv1 value enabled only TLS 1.0,
      now it enables 1.0-1.2.
      
      Command-line tool:
      Added command line options for the new values.
      ad34a2d5
  35. Sep 12, 2013