- Oct 18, 2013
-
-
Kamil Dudka authored
-
- Oct 17, 2013
-
-
Steve Holme authored
Changed the failure code when TLS v1.1 and v1.2 is requested but not supported by older OpenSSL versions, following review from libcurl peers, and reduced the number of required preprocessor if statements.
-
- Oct 16, 2013
-
-
Steve Holme authored
...with the use of CURL_SSLVERSION_TLSv1_1 and CURL_SSLVERSION_TLSv1_2 being conditional on OpenSSL v1.0.1 as the appropriate flags are not supported under earlier versions.
-
Steve Holme authored
-
Steve Holme authored
-
- Oct 15, 2013
-
-
Steve Holme authored
-
Steve Holme authored
Commit ad34a2d5 relies on definitions that are only present in OpenSSL v1.0.1 and up. This quick fix allows the builds that use older versions of OpenSSL to continue building.
-
Steve Holme authored
Bug: http://sourceforge.net/p/curl/bugs/1291 Reported-by: David Walser
-
Paul Donohue authored
-
Tyler Hall authored
According to the documentation for libssh2_userauth_list(), a NULL return value is not necessarily an error. You must call libssh2_userauth_authenticated() to determine if the SSH_USERAUTH_NONE request was successful. This fixes a segv when using sftp on a server that allows logins with an empty password. When NULL was interpreted as an error, it would free the session but not flag an error since the libssh2 errno would be clear. This resulted in dereferencing a NULL session pointer. Signed-off-by: Tyler Hall <tylerwhall@gmail.com>
-
Ishan SinghLevett authored
-
Dave Reisner authored
-
Dave Reisner authored
-
Alessandro Ghedini authored
-
Daniel Stenberg authored
-
Gergely Nagy authored
CURL_SSLVERSION_TLSv1_0, CURL_SSLVERSION_TLSv1_1, CURL_SSLVERSION_TLSv1_2 enum values are added to force exact TLS version (CURL_SSLVERSION_TLSv1 means TLS 1.x). axTLS: axTLS only supports TLS 1.0 and 1.1 but it cannot be set that only one of these should be used, so we don't allow the new enum values. darwinssl: Added support for the new enum values. SChannel: Added support for the new enum values. CyaSSL: Added support for the new enum values. Bug: The original CURL_SSLVERSION_TLSv1 value enables only TLS 1.0 (it did the same before this commit), because CyaSSL cannot be configured to use TLS 1.0-1.2. GSKit: GSKit doesn't seem to support TLS 1.1 and TLS 1.2, so we do not allow those values. Bugfix: There was a typo that caused wrong SSL versions to be passed to GSKit. NSS: TLS minor version cannot be set, so we don't allow the new enum values. QsoSSL: TLS minor version cannot be set, so we don't allow the new enum values. OpenSSL: Added support for the new enum values. Bugfix: The original CURL_SSLVERSION_TLSv1 value enabled only TLS 1.0, now it enables 1.0-1.2. Command-line tool: Added command line options for the new values.
-
- Oct 14, 2013
-
-
Nick Zitzmann authored
SecPKCS12Import() returns a few errors that are enumerated in OS X's headers but not in iOS' headers for some reason.
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
- Oct 13, 2013
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
After the option rename in 5df04bfa
-
Daniel Stenberg authored
Reported-by: Petr Pisar
-
Andrej E Baranov authored
Write to CURLOPT_ERRORBUFFER information about mismatch alternative certificate subject names. Signed-off-by: Andrej E Baranov <admin@andrej-andb.ru>
-
- Oct 12, 2013
-
-
Daniel Stenberg authored
The option '--bearer' might be slightly ambiguous in name. It doesn't create any conflict that I am aware of at the moment, however, OAUTH v2 is not the only authentication mechanism which uses "bearer" tokens. Reported-by: Kyle L. Huff URL: http://curl.haxx.se/mail/lib-2013-10/0064.html
-
Kamil Dudka authored
This fixes a regression introduced by commit 0feeab78 limiting the speed of SCP upload to 16384 B/s on a fast connection (such as localhost).
-
Dan Fandrich authored
-
- Oct 11, 2013
-
-
Heinrich Schaefer authored
-
- Oct 09, 2013
-
-
Gisle Vanem authored
lib/curl_setup_once.h assumed lwIP on Windows uses 'SetLastError()' to set network errors. It doesn't; it uses 'errno'.
-
- Oct 07, 2013
-
-
Daniel Stenberg authored
-
Derek Higgins authored
When using the -w '%{http_code}' flag and simulating a Not Modified then 304 should be output.
-
Daniel Stenberg authored
-
- Oct 06, 2013
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
- Oct 03, 2013
-
-
Nick Zitzmann authored
Credit (for catching a cipher I forgot to add to the blocked ciphers list): https://www.ssllabs.com/ssltest/viewMyClient.html
-
- Oct 02, 2013
-
-
Daniel Stenberg authored
Setting only CURLOPT_SSL_VERIFYHOST without CURLOPT_SSL_VERIFYPEER set should still verify that the host name fields in the server certificate is fine or return failure. Bug: http://curl.haxx.se/mail/lib-2013-10/0002.html Reported-by: Ishan SinghLevett
-
Daniel Stenberg authored
CURLINFO_SSL_VERIFYRESULT is only implemented for the OpenSSL and NSS backends and not for any other!
-
- Oct 01, 2013
-
-
François Charlier authored
-
- Sep 30, 2013
-
-
Daniel Stenberg authored
-
- Sep 29, 2013
-
-
Steve Holme authored
-
Steve Holme authored
-