Skip to content
  1. Nov 19, 2012
  2. Nov 18, 2012
  3. Nov 17, 2012
    • Daniel Stenberg's avatar
      RELEASE-NOTES: synced with ee588fe0 · dd75cba3
      Daniel Stenberg authored
      4 more bug fixes and 4 more contributors
      dd75cba3
    • Daniel Stenberg's avatar
      mem-include-scan: verify memory #includes · ee588fe0
      Daniel Stenberg authored
      If we use memory functions (malloc, free, strdup etc) in C sources in
      libcurl and we fail to include curl_memory.h or memdebug.h we either
      fail to properly support user-provided memory callbacks or the memory
      leak system of the test suite fails.
      
      After Ajit's report of a failure in the first category in http_proxy.c,
      I spotted a few in the second category as well. These problems are now
      tested for by test 1132 which runs a perl program that scans for and
      attempts to check that we use the correct include files if a memory
      related function is used in the source code.
      
      Reported by: Ajit Dhumale
      Bug: http://curl.haxx.se/mail/lib-2012-11/0125.html
      ee588fe0
  4. Nov 16, 2012
  5. Nov 14, 2012
  6. Nov 13, 2012
  7. Nov 12, 2012
  8. Nov 09, 2012
  9. Nov 08, 2012
    • Daniel Stenberg's avatar
      hostcheck: only build for the actual users · 0af1a9d2
      Daniel Stenberg authored
      and make local function static
      0af1a9d2
    • Oscar Koeroo's avatar
      SSL: Several SSL-backend related fixes · 1394cad3
      Oscar Koeroo authored
      axTLS:
      
      This will make the axTLS backend perform the RFC2818 checks, honoring
      the VERIFYHOST setting similar to the OpenSSL backend.
      
      Generic for OpenSSL and axTLS:
      
      Move the hostcheck and cert_hostcheck functions from the lib/ssluse.c
      files to make them genericly available for both the OpenSSL, axTLS and
      other SSL backends. They are now in the new lib/hostcheck.c file.
      
      CyaSSL:
      
      CyaSSL now also has the RFC2818 checks enabled by default. There is a
      limitation that the verifyhost can not be enabled exclusively on the
      Subject CN field comparison. This SSL backend will thus behave like the
      NSS and the GnuTLS (meaning: RFC2818 ok, or bust). In other words:
      setting verifyhost to 0 or 1 will disable the Subject Alt Names checks
      too.
      
      Schannel:
      
      Updated the schannel information messages: Split the IP address usage
      message from the verifyhost setting and changed the message about
      disabling SNI (Server Name Indication, used in HTTP virtual hosting)
      into a message stating that the Subject Alternative Names checks are
      being disabled when verifyhost is set to 0 or 1. As a side effect of
      switching off the RFC2818 related servername checks with
      SCH_CRED_NO_SERVERNAME_CHECK
      (http://msdn.microsoft.com/en-us/library/aa923430.aspx) the SNI feature
      is being disabled. This effect is not documented in MSDN, but Wireshark
      output clearly shows the effect (details on the libcurl maillist).
      
      PolarSSL:
      
      Fix the prototype change in PolarSSL of ssl_set_session() and the move
      of the peer_cert from the ssl_context to the ssl_session. Found this
      change in the PolarSSL SVN between r1316 and r1317 where the
      POLARSSL_VERSION_NUMBER was at 0x01010100. But to accommodate the Ubuntu
      PolarSSL version 1.1.4 the check is to discriminate between lower then
      PolarSSL version 1.2.0 and 1.2.0 and higher. Note: The PolarSSL SVN
      trunk jumped from version 1.1.1 to 1.2.0.
      
      Generic:
      
      All the SSL backends are fixed and checked to work with the
      ssl.verifyhost as a boolean, which is an internal API change.
      1394cad3
    • Daniel Stenberg's avatar
      libcurl: VERSIONINFO update · 18c0e9bd
      Daniel Stenberg authored
      Since we added the curl_multi_wait function, the VERSIONINFO needed
      updating.
      
      Reported by: Patrick Monnerat
      18c0e9bd
    • Guenter Knauf's avatar
      Added .def file to output. · c70c1a22
      Guenter Knauf authored
      Requested by Johnny Luong on the libcurl list.
      c70c1a22
    • Guenter Knauf's avatar
      5a4f6413
    • Fabian Keil's avatar
      Fix compilation of lib1501 · 6d1b493f
      Fabian Keil authored
      6d1b493f