Skip to content
  1. Apr 10, 2012
  2. Apr 09, 2012
  3. Apr 08, 2012
  4. Apr 06, 2012
  5. Apr 05, 2012
  6. Apr 04, 2012
  7. Apr 03, 2012
  8. Apr 02, 2012
    • Steve Holme's avatar
      pop3: Reworked the command sending and handling · 15e1227e
      Steve Holme authored
      Reworked the command sending from two specific LIST and RETR command
      functions into a single command based function as well as the two
      associated response handlers into a generic command handler.
      15e1227e
  9. Apr 01, 2012
    • Dave Reisner's avatar
      curl tool: add filename_effective token for --write-out · ddfe821b
      Dave Reisner authored
      By modifying the parameter list for ourWriteOut() and passing the
      OutStruct that collects data in tool_operate, we get access to the
      remote name that we're writing to. Shell scripters should find this
      useful when used in conjuntion with the --remote-header-name option.
      ddfe821b
    • Steve Holme's avatar
      smtp.c: Code policing and tidy up · 54866b68
      Steve Holme authored
      54866b68
    • Armel Asselin's avatar
      SSH: public key can now be an empty string · 05a443ad
      Armel Asselin authored
      If an empty string is passed to CURLOPT_SSH_PUBLIC_KEYFILE, libcurl will
      pass no public key to libssh2 which then tries to compute it from the
      private key. This is known to work when libssh2 1.4.0+ is linked against
      OpenSSL.
      05a443ad
    • Tatsuhiro Tsujikawa's avatar
      OpenSSL: Made cert hostname check conform to RFC 6125 · ebf315e6
      Tatsuhiro Tsujikawa authored
      This change replaces RFC 2818 based hostname check in OpenSSL build with
      RFC 6125 [1] based one.
      
      The hostname check in RFC 2818 is ambiguous and each project implements
      it in the their own way and they are slightly different. I check curl,
      gnutls, Firefox and Chrome and they are all different.
      
      I don't think there is a bug in current implementation of hostname
      check. But it is not as strict as the modern browsers do. Currently,
      curl allows multiple wildcard character '*' and it matches '.'. (as
      described in the comment in ssluse.c).
      
      Firefox implementation is also based on RFC 2818 but it only allows at
      most one wildcard character and it must be in the left-most label in the
      pattern and the wildcard must not be followed by any character in the
      label.[2] Chromium implementation is based on RFC 6125 as my patch does.
      Firefox and Chromium both require wildcard in the left-most label in the
      presented identifier.
      
      This patch is more strict than the current implementation, so there may
      be some cases where old curl works but new one does not. But at the same
      time I think it is good practice to follow the modern browsers do and
      follow the newer RFC.
      
      [1] http://tools.ietf.org/html/rfc6125#section-6.4.3
      [2] https://bugzilla.mozilla.org/show_bug.cgi?id=159483
      ebf315e6
  10. Mar 31, 2012
  11. Mar 30, 2012
  12. Mar 29, 2012
  13. Mar 28, 2012
  14. Mar 27, 2012