Commits · c0d502785fe160950cb72f8f4da5879cf32666d1 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP curl

24 Apr, 2013 1 commit
- RELEASE-NOTES: synced with a8c92cb6 · c0d50278
  Steve Holme authored Apr 24, 2013
  
  c0d50278
20 Apr, 2013 1 commit
- RELEASE-NOTES: synced with d535c4a2 · 5821d5f1
  Steve Holme authored Apr 20, 2013
  
  5821d5f1
13 Apr, 2013 2 commits
- RELEASE-NOTES: Removed erroneous spaces · 95ba6cdd
  Steve Holme authored Apr 13, 2013
  
  95ba6cdd
- RELEASE-NOTES: synced with 8723cade · 7ce6cb9a
  Steve Holme authored Apr 13, 2013
  
  7ce6cb9a
12 Apr, 2013 1 commit
- bump: start working towards next release · e0cff020
  Daniel Stenberg authored Apr 12, 2013
  
  e0cff020
11 Apr, 2013 1 commit
- RELEASE-NOTES: cleaned up for 7.30 (synced with 5c5e1a1c) · 80d24104
  Daniel Stenberg authored Apr 12, 2013
```
Most notable the security advisory:
http://curl.haxx.se/docs/adv_20130412.html
```
  curl-7_30_0
  
  80d24104
09 Apr, 2013 1 commit
- RELEASe-NOTES: synced with 29fdb270 · 4594ee5e
  Daniel Stenberg authored Apr 08, 2013
```
added "tcpkeepalive on Mac OS X"
```
  4594ee5e
08 Apr, 2013 4 commits
- darwinssl: disable insecure ciphers by default · d7f4c377
  Nick Zitzmann authored Apr 08, 2013
```
I noticed that aria2's SecureTransport code disables insecure ciphers such
as NULL, anonymous, IDEA, and weak-key ciphers used by SSLv3 and later.
That's a good idea, and now we do the same thing in order to prevent curl
from accessing a "secure" site that only negotiates insecure ciphersuites.
```
  d7f4c377
- RELEASE-NOTES: Corrected duplicate NTLM memory leaks · 4990f468
  Steve Holme authored Apr 08, 2013
  
  4990f468
- RELEASE-NOTES: Removed trailing full stop · 5e24db0c
  Steve Holme authored Apr 08, 2013
  
  5e24db0c
- RELEASE-NOTES: sync with 704a5dfc · 9141c75b
  Daniel Stenberg authored Apr 08, 2013
  
  9141c75b
05 Apr, 2013 1 commit
- RELEASE-NOTES: synced with 5e722b2d · bf7a270e
  Daniel Stenberg authored Apr 05, 2013
```
3 more bug fixes, 6 more contributors
```
  bf7a270e
31 Mar, 2013 1 commit
- RELEASE-NOTES: synced with 0614b902 · c7e56db0
  Daniel Stenberg authored Apr 01, 2013
  
  c7e56db0
27 Mar, 2013 2 commits
- RELEASE-NOTES: Corrected typo · 048726a5
  Steve Holme authored Mar 27, 2013
  
  048726a5
- RELEASE-NOTES: add two references · b8c19597
  Daniel Stenberg authored Mar 10, 2013
  
  b8c19597
23 Mar, 2013 1 commit
- RELEASE-NOTES: synced with bc6037ed · 11219b3c
  Daniel Stenberg authored Mar 23, 2013
```
More changes, bugfixes and contributors!
```
  11219b3c
19 Mar, 2013 1 commit

darwinssl: disable ECC ciphers under Mountain Lion by default · 6f1f7e5d

Nick Zitzmann authored Mar 19, 2013

I found out that ECC doesn't work as of OS X 10.8.3, so those ciphers are
turned off until the next point release of OS X.

6f1f7e5d

12 Mar, 2013 2 commits

curl_global_init: accept the CURL_GLOBAL_ACK_EINTR flag · 57ccdfa8

Zdenek Pavlas authored Mar 11, 2013

The flag can be used in pycurl-based applications where using the multi
interface would not be acceptable because of the performance lost caused
by implementing the select() loop in python.

Bug: http://curl.haxx.se/bug/view.cgi?id=1168
Downstream Bug: https://bugzilla.redhat.com/919127

57ccdfa8

easy: do not ignore poll() failures other than EINTR · 491e026c
Kamil Dudka authored Mar 11, 2013

491e026c

09 Mar, 2013 1 commit
- RELEASE-NOTES: synced with ca3c0ed3 · cb07bca6
  Daniel Stenberg authored Mar 09, 2013
```
8 more bugfixes, one change and a bunch of contributors
```
  cb07bca6
08 Mar, 2013 1 commit
- RELEASE-NOTES: mention that krb4 is up for consideration · 6d8d3069
  Daniel Stenberg authored Mar 08, 2013
  
  6d8d3069
07 Mar, 2013 3 commits
- version bump: the next release will be 7.30.0 · 442084cd
  Daniel Stenberg authored Mar 07, 2013
  
  442084cd
- RELEASE-NOTES: Added missing imap fixes and additions · 9ceee69f
  Steve Holme authored Mar 07, 2013
```
With all the recent imap changes it wasn't clear what new features and
fixes should be included in the release notes.
```
  9ceee69f
- RELEASE-NOTES: brought this up-to-date with the latest changes · a9cc5ee0
  Nick Zitzmann authored Mar 06, 2013
  
  a9cc5ee0
06 Mar, 2013 1 commit

nss: fix misplaced code enabling non-blocking socket mode · 9d0af301

Kamil Dudka authored Mar 05, 2013

The option needs to be set on the SSL socket. Setting it on the model
takes no effect. Note that the non-blocking mode is still not enabled
for the handshake because the code is not yet ready for that.

9d0af301

16 Feb, 2013 1 commit
- Guile-curl: a new libcurl binding · d4703fa4
  Daniel Stenberg authored Feb 16, 2013
  
  d4703fa4
10 Feb, 2013 2 commits
- RELEASE-NOTES: Updated following the recent imap/pop3/smtp changes · ff8c5a32
  Steve Holme authored Feb 10, 2013
  
  ff8c5a32
- RELEASE-NOTES: synced with 92f7606f · 8170d1f8
  Steve Holme authored Feb 10, 2013
  
  8170d1f8
07 Feb, 2013 1 commit
- RELEASE-NOTES: Added new imap features · ce4b554e
  Steve Holme authored Feb 07, 2013
  
  ce4b554e
06 Feb, 2013 2 commits
- 7.29.1: onwards! · 2488a013
  Daniel Stenberg authored Feb 06, 2013
  
  2488a013
- RELEASE-NOTES: mention the SASL buffer overflow · 0f1deac7
  Daniel Stenberg authored Feb 06, 2013
  
  0f1deac7
05 Feb, 2013 2 commits
- RELEASE-NOTES: synced with 25f35142 · 25d13822
  Daniel Stenberg authored Feb 05, 2013
```
8 more bug fixes mentioned
```
  25d13822
- RELEASE-NOTES: Updated following recent changes to the email protocols · 03577a35
  Steve Holme authored Feb 05, 2013
```
Added recent additions and fixes following the changes to imap, pop3
and smtp. Additionally added another contributor that helped to test
the imap sasl changes.
```
  03577a35
28 Jan, 2013 1 commit
- RELEASE-NOTES: only list Nick once · 38ec16d6
  Daniel Stenberg authored Jan 28, 2013
```
Even though he's a fine dude, once is enough for this time!
```
  38ec16d6
18 Jan, 2013 2 commits
- RELEASE-NOTES: add references to several bugfixes+changes · 446afec7
  Daniel Stenberg authored Jan 18, 2013
  
  446afec7
- RELEASE-NOTES: Added missing imap fix · e2bfae23
  Steve Holme authored Jan 18, 2013
```
Added missing imap fix as per commit 709b3506.
```
  e2bfae23
17 Jan, 2013 1 commit
- RELEASE-NOTES: synced with c4312741 · 0e1855d9
  Daniel Stenberg authored Jan 18, 2013
  
  0e1855d9
15 Jan, 2013 1 commit
- nss: fix error messages for CURLE_SSL_{CACERT,CRL}_BADFILE · 26613d78
  Kamil Dudka authored Jan 15, 2013
```
Do not use the error messages from NSS for errors not occurring in NSS.
```
  26613d78
11 Jan, 2013 1 commit

nss: clear session cache if a client cert from file is used · b36f1d26

Kamil Dudka authored Jan 11, 2013

This commit fixes a regression introduced in 052a08ff.

NSS caches certs/keys returned by the SSL_GetClientAuthDataHook callback
and if we connect second time to the same server, the cached cert/key
pair is used.  If we use multiple client certificates for different
paths on the same server, we need to clear the session cache to force
NSS to call the hook again.  The commit 052a08ff prevented the session
cache from being cleared if a client certificate from file was used.

The condition is now fixed to cover both cases: consssl->client_nickname
is not NULL if a client certificate from the NSS database is used and
connssl->obj_clicert is not NULL if a client certificate from file is
used.

Review by: Kai Engert

b36f1d26

27 Dec, 2012 1 commit
- RELEASE-NOTES: synced with e3ed2b82 · 431ead1c
  Daniel Stenberg authored Dec 27, 2012
  
  431ead1c