Skip to content
  1. Aug 06, 2014
    • Steve Holme's avatar
      http_negotiate_sspi: Fixed endless unauthorized loop in commit 6bc76194 · f8af8606
      Steve Holme authored
      If the server rejects our authentication attempt and curl hasn't
      called CompleteAuthToken() then the status variable will be
      SEC_I_CONTINUE_NEEDED and not SEC_E_OK.
      
      As such the existing detection mechanism for determining whether or not
      the authentication process has finished is not sufficient.
      
      However, the WWW-Authenticate: Negotiate header line will not contain
      any data when the server has exhausted the negotiation, so we can use
      that coupled with the already allocated context pointer.
      f8af8606
  2. Aug 05, 2014
  3. Aug 04, 2014
  4. Aug 03, 2014
  5. Aug 02, 2014
  6. Aug 01, 2014
  7. Jul 31, 2014
  8. Jul 30, 2014
  9. Jul 29, 2014
    • Daniel Stenberg's avatar
      vtls: make the random function mandatory in the TLS backend · 8dfd2208
      Daniel Stenberg authored
      To force each backend implementation to really attempt to provide proper
      random. If a proper random function is missing, then we can explicitly
      make use of the default one we use when TLS support is missing.
      
      This commit makes sure it works for darwinssl, gnutls, nss and openssl.
      8dfd2208
  10. Jul 28, 2014
  11. Jul 26, 2014
  12. Jul 25, 2014
  13. Jul 24, 2014