- Jan 28, 2015
-
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
Added Curl_des_set_odd_parity() for use when cryptography engines don't include this functionality.
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
-
Gisle Vanem authored
-
Daniel Stenberg authored
Possible access to uninitialised memory '&nread' at line 140 of lib/security.c in function 'ftp_send_command'. Reported-by: Rich Burridge
-
Daniel Stenberg authored
-
- Jan 27, 2015
-
-
Patrick Monnerat authored
-
Patrick Monnerat authored
-
Patrick Monnerat authored
-
Patrick Monnerat authored
-
Patrick Monnerat authored
Its use is only enabled by explicit requirement in URL (;AUTH=EXTERNAL) and by not setting the password.
-
Steve Holme authored
Modified the Curl_ossl_cert_status_request() function to return FALSE when built with BoringSSL or when OpenSSL is missing the necessary TLS extensions.
-
Steve Holme authored
Fixed the build of openssl.c when OpenSSL is built without the necessary TLS extensions for OCSP stapling. Reported-by: John E. Malmberg
-
- Jan 26, 2015
-
-
Brad Spencer authored
-
- Jan 23, 2015
-
-
Steve Holme authored
-
- Jan 22, 2015
-
-
Daniel Stenberg authored
... as that is ancient history and not used.
-
Daniel Stenberg authored
-
Alessandro Ghedini authored
Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8. Thanks-to: Joe Mason - for the work-around for the OpenSSL bug.
-
Daniel Stenberg authored
HAVE_BORINGSSL gets defined now by configure and should be defined by other build systems in case a BoringSSL build is desired.
-
Daniel Stenberg authored
-
Steve Holme authored
Commit 7a8b2885 made some functions static and removed the public Curl_ prefix. Unfortunately, it also removed the sasl_ prefix, which is the naming convention we use in this source file.
-
Steve Holme authored
-
John Malmberg authored
packages/vms/gnv_link_curl.com was assuming only a single letter suffix in the openssl version. That assumption has been fixed for 7.40.
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Leith Bade authored
-
- Jan 20, 2015
-
-
Steve Holme authored
-
Steve Holme authored
curl_sasl.c:1453: warning C4101: 'serverdata' : unreferenced local variable
-
Steve Holme authored
curl_sasl.c:1221: error C2065: 'mechtable' : undeclared identifier This error could also happen for non-SSPI builds when cryptography is disabled (CURL_DISABLE_CRYPTO_AUTH is defined).
-
Patrick Monnerat authored
-
Patrick Monnerat authored
-
Patrick Monnerat authored
-
Patrick Monnerat authored
-
Daniel Stenberg authored
Reported-by: Chris Young
-
Chris Young authored
There is an issue with conflicting "struct timeval" definitions with certain AmigaOS releases and C libraries, depending on what gets included when. It's a minor difference - the OS one is unsigned, whereas the common structure has signed elements. If the OS one ends up getting defined, this causes a timing calculation error in curl. It's easy enough to resolve this at the curl end, by casting the potentially errorneous calculation to a signed long.
-
- Jan 19, 2015
-
-
Daniel Stenberg authored
... of the other cert verification checks so that you can set verifyhost and verifypeer to FALSE and still check the public key. Bug: http://curl.haxx.se/bug/view.cgi?id=1471 Reported-by: Kyle J. McKay
-