- Apr 08, 2013
-
-
Nick Zitzmann authored
I noticed that aria2's SecureTransport code disables insecure ciphers such as NULL, anonymous, IDEA, and weak-key ciphers used by SSLv3 and later. That's a good idea, and now we do the same thing in order to prevent curl from accessing a "secure" site that only negotiates insecure ciphersuites.
-
Steve Holme authored
-
Steve Holme authored
-
Daniel Stenberg authored
-
- Apr 05, 2013
-
-
Daniel Stenberg authored
3 more bug fixes, 6 more contributors
-
- Mar 31, 2013
-
-
Daniel Stenberg authored
-
- Mar 27, 2013
-
-
Steve Holme authored
-
Daniel Stenberg authored
-
- Mar 23, 2013
-
-
Daniel Stenberg authored
More changes, bugfixes and contributors!
-
- Mar 19, 2013
-
-
Nick Zitzmann authored
I found out that ECC doesn't work as of OS X 10.8.3, so those ciphers are turned off until the next point release of OS X.
-
- Mar 12, 2013
-
-
Zdenek Pavlas authored
The flag can be used in pycurl-based applications where using the multi interface would not be acceptable because of the performance lost caused by implementing the select() loop in python. Bug: http://curl.haxx.se/bug/view.cgi?id=1168 Downstream Bug: https://bugzilla.redhat.com/919127
-
Kamil Dudka authored
-
- Mar 09, 2013
-
-
Daniel Stenberg authored
8 more bugfixes, one change and a bunch of contributors
-
- Mar 08, 2013
-
-
Daniel Stenberg authored
-
- Mar 07, 2013
-
-
Daniel Stenberg authored
-
Steve Holme authored
With all the recent imap changes it wasn't clear what new features and fixes should be included in the release notes.
-
Nick Zitzmann authored
-
- Mar 06, 2013
-
-
Kamil Dudka authored
The option needs to be set on the SSL socket. Setting it on the model takes no effect. Note that the non-blocking mode is still not enabled for the handshake because the code is not yet ready for that.
-
- Feb 16, 2013
-
-
Daniel Stenberg authored
-
- Feb 10, 2013
-
-
Steve Holme authored
-
Steve Holme authored
-
- Feb 07, 2013
-
-
Steve Holme authored
-
- Feb 06, 2013
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
- Feb 05, 2013
-
-
Daniel Stenberg authored
8 more bug fixes mentioned
-
Steve Holme authored
Added recent additions and fixes following the changes to imap, pop3 and smtp. Additionally added another contributor that helped to test the imap sasl changes.
-
- Jan 28, 2013
-
-
Daniel Stenberg authored
Even though he's a fine dude, once is enough for this time!
-
- Jan 18, 2013
-
-
Daniel Stenberg authored
-
Steve Holme authored
Added missing imap fix as per commit 709b3506.
-
- Jan 17, 2013
-
-
Daniel Stenberg authored
-
- Jan 15, 2013
-
-
Kamil Dudka authored
Do not use the error messages from NSS for errors not occurring in NSS.
-
- Jan 11, 2013
-
-
Kamil Dudka authored
This commit fixes a regression introduced in 052a08ff. NSS caches certs/keys returned by the SSL_GetClientAuthDataHook callback and if we connect second time to the same server, the cached cert/key pair is used. If we use multiple client certificates for different paths on the same server, we need to clear the session cache to force NSS to call the hook again. The commit 052a08ff prevented the session cache from being cleared if a client certificate from file was used. The condition is now fixed to cover both cases: consssl->client_nickname is not NULL if a client certificate from the NSS database is used and connssl->obj_clicert is not NULL if a client certificate from file is used. Review by: Kai Engert
-
- Dec 27, 2012
-
-
Daniel Stenberg authored
-
- Dec 03, 2012
-
-
Kamil Dudka authored
Although it is not explicitly stated in the documentation, NSS uses *pRetCert and *pRetKey even if the client authentication hook returns a failure. Namely, if we destroy *pRetCert without clearing *pRetCert afterwards, NSS destroys the certificate once again, which causes a double free. Reported by: Bob Relyea
-
- Nov 20, 2012
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
- Nov 19, 2012
-
-
Anthony Bryan authored
-
Kamil Dudka authored
Bug: http://curl.haxx.se/mail/lib-2012-11/0095.html
-
- Nov 17, 2012
-
-
Daniel Stenberg authored
4 more bug fixes and 4 more contributors
-
- Nov 14, 2012
-
-
Daniel Stenberg authored
-