- Feb 25, 2014
-
-
Nick Zitzmann authored
darwinssl: don't omit CN verification when an IP address is used
-
Daniel Stenberg authored
-
naota authored
Change "==" to "=" to honor POSIX test construction.
-
Steve Holme authored
...and added the HTTP suffix as these options are only used for HTTP2 based connections.
-
Steve Holme authored
Other global options such as --libcurl, --trace and --verbose to follow.
-
Steve Holme authored
In preparation for parsing global options added the GlobalConfig structure to the getparameter() function.
-
Steve Holme authored
warning: declaration of 'struct GlobalConfig' will not be visible outside of this function
-
- Feb 24, 2014
-
-
Marc Hoersken authored
-
Steve Holme authored
-
Marc Hoersken authored
-
David Ryskalczyk authored
Original commit message was: Don't omit CN verification in SChannel when an IP address is used. Side-effect of this change: SChannel and CryptoAPI do not support the iPAddress subjectAltName according to RFC 2818. If present, SChannel will first compare the IP address to the dNSName subjectAltNames and then fallback to the most specific Common Name in the Subject field of the certificate. This means that after this change curl will not connect to SSL/TLS hosts as long as the IP address is not specified in the SAN or CN of the server certificate or the verifyhost option is disabled.
-
Steve Holme authored
-
Marc Hoersken authored
Compilation was not possible if manuel is disabled due this error: error: macro "hugehelp" passed 1 arguments, but takes just 0 void hugehelp(void) {}
-
Steve Holme authored
-
- Feb 23, 2014
-
-
David Ryskalczyk authored
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
To allow for the addition of a global config structure and prevent confusion between the two.
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
-
Steve Holme authored
-
- Feb 22, 2014
-
-
Steve Holme authored
In preparation for separating the global config options from the per operation config options, reworked the list engines code to not use a member variable in the Configurable structure.
-
Steve Holme authored
To help assist with the detection of incorrect return codes, as per commits ee23d13a, 33b8960d and aba98991, updated the operate based functions to return CURLcode error codes.
-
Steve Holme authored
During initialisation SetHTTPrequest() may fail and cURL would return PARAM_BAD_USE, which is equivalent to CURLE_NOT_BUILT_IN in cURL error terms. Instead, return CURLE_FAILED_INIT as we do for other functions that may fail during initialisation.
-
Steve Holme authored
-
Steve Holme authored
warning: 'struct Configurable' declared inside parameter list
-
Steve Holme authored
-
Steve Holme authored
-
Marc Hoersken authored
-
Marc Hoersken authored
The previous test certificate contained a MD5 hash which is not supported using TLSv1.2 with Schannel on Windows 7 or newer. See the update to this blog post on IEInternals / MSDN: http://blogs.msdn.com/b/ieinternals/archive/2011/03/25/ misbehaving-https-servers-impair-tls-1.1-and-tls-1.2.aspx "Update: If the server negotiates a TLS1.2 connection with a Windows 7 or 8 schannel.dll-using client application, and it provides a certificate chain which uses the (weak) MD5 hash algorithm, the client will abort the connection (TCP/IP FIN) upon receipt of the certificate."
-
Dan Fandrich authored
-
- Feb 20, 2014
-
-
Steve Holme authored
declaration of 'index' shadows a global declaration
-
- Feb 19, 2014
-
-
Steve Holme authored
-
Maks Naumov authored
... or any other systems lacking a native snprintf
-
Daniel Stenberg authored
When asking for an SFTP directory with NOBODY set, no directory contents should be retrieved. Bug: http://curl.haxx.se/mail/lib-2014-02/0155.html
-