Skip to content
  1. Apr 13, 2012
  2. Feb 09, 2012
  3. Oct 17, 2011
  4. Sep 03, 2011
  5. Aug 15, 2011
  6. Jul 26, 2011
  7. Apr 27, 2011
  8. Apr 19, 2011
  9. Apr 08, 2011
  10. Apr 04, 2011
  11. Mar 15, 2011
    • Kamil Dudka's avatar
      nss: do not ignore value of CURLOPT_SSL_VERIFYPEER · 806dbb02
      Kamil Dudka authored
      When NSS-powered libcurl connected to a SSL server with
      CURLOPT_SSL_VERIFYPEER equal to zero, NSS remembered that the peer
      certificate was accepted by libcurl and did not ask the second time when
      connecting to the same server with CURLOPT_SSL_VERIFYPEER equal to one.
      
      This patch turns off the SSL session cache for the particular SSL socket
      if peer verification is disabled.  In order to avoid any performance
      impact, the peer verification is completely skipped in that case, which
      makes it even faster than before.
      
      Bug: https://bugzilla.redhat.com/678580
      806dbb02
  12. Feb 22, 2011
  13. Feb 17, 2011
  14. Feb 16, 2011
  15. Jan 27, 2011
  16. Jan 18, 2011
  17. Jan 04, 2011
  18. Jan 02, 2011
  19. Jun 30, 2010
    • Kamil Dudka's avatar
      http_ntlm: add support for NSS · f3b77e56
      Kamil Dudka authored
      When configured with '--without-ssl --with-nss', NTLM authentication
      now uses NSS crypto library for MD5 and DES.  For MD4 we have a local
      implementation in that case.  More details are available at
      https://bugzilla.redhat.com/603783
      
      In order to get it working, curl_global_init() must be called with
      CURL_GLOBAL_SSL or CURL_GLOBAL_ALL.  That's necessary because NSS needs
      to be initialized globally and we do so only when the NSS library is
      actually required by protocol.  The mentioned call of curl_global_init()
      is responsible for creating of the initialization mutex.
      
      There was also slightly changed the NSS initialization scenario, in
      particular, loading of the NSS PEM module.  It used to be loaded always
      right after the NSS library was initialized.  Now the library is
      initialized as soon as any SSL or NTLM is required, while the PEM module
      is prevented from being loaded until the SSL is actually required.
      f3b77e56
  20. May 11, 2010
  21. May 07, 2010
    • Howard Chu's avatar
      sendrecv: split the I/O handling into private handler · d64bd82b
      Howard Chu authored
      Howard Chu brought the bulk work of this patch that properly
      moves out the sending and recving of data to the parts of the
      code that are properly responsible for the various ways of doing
      so.
      
      Daniel Stenberg assisted with polishing a few bits and fixed some
      minor flaws in the original patch.
      
      Another upside of this patch is that we now abuse CURLcodes less
      with the "magic" -1 return codes and instead use CURLE_AGAIN more
      consistently.
      d64bd82b
  22. Apr 24, 2010
  23. Apr 06, 2010
  24. Apr 04, 2010
  25. Mar 31, 2010
  26. Mar 24, 2010
  27. Feb 17, 2010
  28. Dec 02, 2009
  29. Nov 12, 2009
  30. Nov 05, 2009
  31. Oct 28, 2009
  32. Oct 18, 2009
  33. Oct 07, 2009