Commits · b37b5233cab96b5b1f2ab7f6e0b9c3df77320bba · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP curl

Apr 26, 2013

url: initialize speed-check data for file:// protocol · b37b5233

Zdenek Pavlas authored Apr 26, 2013

... in order to prevent an artificial timeout event based on stale
speed-check data from a previous network transfer.  This commit fixes
a regression caused by 9dd85bce.

Bug: https://bugzilla.redhat.com/906031

b37b5233

Apr 24, 2013
- RELEASE-NOTES: synced with a8c92cb6 · c0d50278
  Steve Holme authored Apr 24, 2013
  
  c0d50278
Apr 20, 2013
- RELEASE-NOTES: synced with d535c4a2 · 5821d5f1
  Steve Holme authored Apr 20, 2013
  
  5821d5f1
Apr 13, 2013
- RELEASE-NOTES: Removed erroneous spaces · 95ba6cdd
  Steve Holme authored Apr 13, 2013
  
  95ba6cdd
- RELEASE-NOTES: synced with 8723cade · 7ce6cb9a
  Steve Holme authored Apr 13, 2013
  
  7ce6cb9a
Apr 12, 2013
- bump: start working towards next release · e0cff020
  Daniel Stenberg authored Apr 12, 2013
  
  e0cff020
Apr 11, 2013
- RELEASE-NOTES: cleaned up for 7.30 (synced with 5c5e1a1c) · 80d24104
  Daniel Stenberg authored Apr 12, 2013
```
Most notable the security advisory:
http://curl.haxx.se/docs/adv_20130412.html
```
  curl-7_30_0
  
  80d24104
Apr 09, 2013
- RELEASe-NOTES: synced with 29fdb270 · 4594ee5e
  Daniel Stenberg authored Apr 08, 2013
```
added "tcpkeepalive on Mac OS X"
```
  4594ee5e
Apr 08, 2013
- darwinssl: disable insecure ciphers by default · d7f4c377
  Nick Zitzmann authored Apr 08, 2013
```
I noticed that aria2's SecureTransport code disables insecure ciphers such
as NULL, anonymous, IDEA, and weak-key ciphers used by SSLv3 and later.
That's a good idea, and now we do the same thing in order to prevent curl
from accessing a "secure" site that only negotiates insecure ciphersuites.
```
  d7f4c377
- RELEASE-NOTES: Corrected duplicate NTLM memory leaks · 4990f468
  Steve Holme authored Apr 08, 2013
  
  4990f468
- RELEASE-NOTES: Removed trailing full stop · 5e24db0c
  Steve Holme authored Apr 08, 2013
  
  5e24db0c
- RELEASE-NOTES: sync with 704a5dfc · 9141c75b
  Daniel Stenberg authored Apr 08, 2013
  
  9141c75b
Apr 05, 2013
- RELEASE-NOTES: synced with 5e722b2d · bf7a270e
  Daniel Stenberg authored Apr 05, 2013
```
3 more bug fixes, 6 more contributors
```
  bf7a270e
Mar 31, 2013
- RELEASE-NOTES: synced with 0614b902 · c7e56db0
  Daniel Stenberg authored Apr 01, 2013
  
  c7e56db0
Mar 27, 2013
- RELEASE-NOTES: Corrected typo · 048726a5
  Steve Holme authored Mar 27, 2013
  
  048726a5
- RELEASE-NOTES: add two references · b8c19597
  Daniel Stenberg authored Mar 10, 2013
  
  b8c19597
Mar 23, 2013
- RELEASE-NOTES: synced with bc6037ed · 11219b3c
  Daniel Stenberg authored Mar 23, 2013
```
More changes, bugfixes and contributors!
```
  11219b3c
Mar 19, 2013

darwinssl: disable ECC ciphers under Mountain Lion by default · 6f1f7e5d

Nick Zitzmann authored Mar 19, 2013

I found out that ECC doesn't work as of OS X 10.8.3, so those ciphers are
turned off until the next point release of OS X.

6f1f7e5d

Mar 12, 2013

curl_global_init: accept the CURL_GLOBAL_ACK_EINTR flag · 57ccdfa8

Zdenek Pavlas authored Mar 11, 2013

The flag can be used in pycurl-based applications where using the multi
interface would not be acceptable because of the performance lost caused
by implementing the select() loop in python.

Bug: http://curl.haxx.se/bug/view.cgi?id=1168
Downstream Bug: https://bugzilla.redhat.com/919127

57ccdfa8

easy: do not ignore poll() failures other than EINTR · 491e026c
Kamil Dudka authored Mar 11, 2013

491e026c

Mar 09, 2013
- RELEASE-NOTES: synced with ca3c0ed3 · cb07bca6
  Daniel Stenberg authored Mar 09, 2013
```
8 more bugfixes, one change and a bunch of contributors
```
  cb07bca6
Mar 08, 2013
- RELEASE-NOTES: mention that krb4 is up for consideration · 6d8d3069
  Daniel Stenberg authored Mar 08, 2013
  
  6d8d3069
Mar 07, 2013
- version bump: the next release will be 7.30.0 · 442084cd
  Daniel Stenberg authored Mar 07, 2013
  
  442084cd
- RELEASE-NOTES: Added missing imap fixes and additions · 9ceee69f
  Steve Holme authored Mar 07, 2013
```
With all the recent imap changes it wasn't clear what new features and
fixes should be included in the release notes.
```
  9ceee69f
- RELEASE-NOTES: brought this up-to-date with the latest changes · a9cc5ee0
  Nick Zitzmann authored Mar 06, 2013
  
  a9cc5ee0
Mar 06, 2013

nss: fix misplaced code enabling non-blocking socket mode · 9d0af301

Kamil Dudka authored Mar 05, 2013

The option needs to be set on the SSL socket. Setting it on the model
takes no effect. Note that the non-blocking mode is still not enabled
for the handshake because the code is not yet ready for that.

9d0af301

Feb 16, 2013
- Guile-curl: a new libcurl binding · d4703fa4
  Daniel Stenberg authored Feb 16, 2013
  
  d4703fa4
Feb 10, 2013
- RELEASE-NOTES: Updated following the recent imap/pop3/smtp changes · ff8c5a32
  Steve Holme authored Feb 10, 2013
  
  ff8c5a32
- RELEASE-NOTES: synced with 92f7606f · 8170d1f8
  Steve Holme authored Feb 10, 2013
  
  8170d1f8
Feb 07, 2013
- RELEASE-NOTES: Added new imap features · ce4b554e
  Steve Holme authored Feb 07, 2013
  
  ce4b554e
Feb 06, 2013
- 7.29.1: onwards! · 2488a013
  Daniel Stenberg authored Feb 06, 2013
  
  2488a013
- RELEASE-NOTES: mention the SASL buffer overflow · 0f1deac7
  Daniel Stenberg authored Feb 06, 2013
  
  0f1deac7
Feb 05, 2013
- RELEASE-NOTES: synced with 25f35142 · 25d13822
  Daniel Stenberg authored Feb 05, 2013
```
8 more bug fixes mentioned
```
  25d13822
- RELEASE-NOTES: Updated following recent changes to the email protocols · 03577a35
  Steve Holme authored Feb 05, 2013
```
Added recent additions and fixes following the changes to imap, pop3
and smtp. Additionally added another contributor that helped to test
the imap sasl changes.
```
  03577a35
Jan 28, 2013
- RELEASE-NOTES: only list Nick once · 38ec16d6
  Daniel Stenberg authored Jan 28, 2013
```
Even though he's a fine dude, once is enough for this time!
```
  38ec16d6
Jan 18, 2013
- RELEASE-NOTES: add references to several bugfixes+changes · 446afec7
  Daniel Stenberg authored Jan 18, 2013
  
  446afec7
- RELEASE-NOTES: Added missing imap fix · e2bfae23
  Steve Holme authored Jan 18, 2013
```
Added missing imap fix as per commit 709b3506.
```
  e2bfae23
Jan 17, 2013
- RELEASE-NOTES: synced with c4312741 · 0e1855d9
  Daniel Stenberg authored Jan 18, 2013
  
  0e1855d9
Jan 15, 2013
- nss: fix error messages for CURLE_SSL_{CACERT,CRL}_BADFILE · 26613d78
  Kamil Dudka authored Jan 15, 2013
```
Do not use the error messages from NSS for errors not occurring in NSS.
```
  26613d78
Jan 11, 2013

nss: clear session cache if a client cert from file is used · b36f1d26

Kamil Dudka authored Jan 11, 2013

This commit fixes a regression introduced in 052a08ff.

NSS caches certs/keys returned by the SSL_GetClientAuthDataHook callback
and if we connect second time to the same server, the cached cert/key
pair is used.  If we use multiple client certificates for different
paths on the same server, we need to clear the session cache to force
NSS to call the hook again.  The commit 052a08ff prevented the session
cache from being cleared if a client certificate from file was used.

The condition is now fixed to cover both cases: consssl->client_nickname
is not NULL if a client certificate from the NSS database is used and
connssl->obj_clicert is not NULL if a client certificate from file is
used.

Review by: Kai Engert

b36f1d26